1/* 2 * TCP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * $Id: tcp_ipv6.c,v 1.1.1.1 2008/10/15 03:27:34 james26_jang Exp $ 9 * 10 * Based on: 11 * linux/net/ipv4/tcp.c 12 * linux/net/ipv4/tcp_input.c 13 * linux/net/ipv4/tcp_output.c 14 * 15 * Fixes: 16 * Hideaki YOSHIFUJI : sin6_scope_id support 17 * 18 * This program is free software; you can redistribute it and/or 19 * modify it under the terms of the GNU General Public License 20 * as published by the Free Software Foundation; either version 21 * 2 of the License, or (at your option) any later version. 22 */ 23 24#define __NO_VERSION__ 25#include <linux/module.h> 26#include <linux/config.h> 27#include <linux/errno.h> 28#include <linux/types.h> 29#include <linux/socket.h> 30#include <linux/sockios.h> 31#include <linux/net.h> 32#include <linux/sched.h> 33#include <linux/in.h> 34#include <linux/in6.h> 35#include <linux/netdevice.h> 36#include <linux/init.h> 37#include <linux/ipsec.h> 38 39#include <linux/ipv6.h> 40#include <linux/icmpv6.h> 41#include <linux/random.h> 42 43#include <net/tcp.h> 44#include <net/ndisc.h> 45#include <net/ipv6.h> 46#include <net/transp_v6.h> 47#include <net/addrconf.h> 48#include <net/ip6_route.h> 49#include <net/inet_ecn.h> 50 51#include <asm/uaccess.h> 52 53static void tcp_v6_send_reset(struct sk_buff *skb); 54static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req); 55static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len, 56 struct sk_buff *skb); 57 58static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb); 59static int tcp_v6_xmit(struct sk_buff *skb); 60 61static struct tcp_func ipv6_mapped; 62static struct tcp_func ipv6_specific; 63 64/* I have no idea if this is a good hash for v6 or not. -DaveM */ 65static __inline__ int tcp_v6_hashfn(struct in6_addr *laddr, u16 lport, 66 struct in6_addr *faddr, u16 fport) 67{ 68 int hashent = (lport ^ fport); 69 70 hashent ^= (laddr->s6_addr32[3] ^ faddr->s6_addr32[3]); 71 hashent ^= hashent>>16; 72 hashent ^= hashent>>8; 73 return (hashent & (tcp_ehash_size - 1)); 74} 75 76static __inline__ int tcp_v6_sk_hashfn(struct sock *sk) 77{ 78 struct in6_addr *laddr = &sk->net_pinfo.af_inet6.rcv_saddr; 79 struct in6_addr *faddr = &sk->net_pinfo.af_inet6.daddr; 80 __u16 lport = sk->num; 81 __u16 fport = sk->dport; 82 return tcp_v6_hashfn(laddr, lport, faddr, fport); 83} 84 85/* Grrr, addr_type already calculated by caller, but I don't want 86 * to add some silly "cookie" argument to this method just for that. 87 * But it doesn't matter, the recalculation is in the rarest path 88 * this function ever takes. 89 */ 90static int tcp_v6_get_port(struct sock *sk, unsigned short snum) 91{ 92 struct tcp_bind_hashbucket *head; 93 struct tcp_bind_bucket *tb; 94 int ret; 95 96 local_bh_disable(); 97 if (snum == 0) { 98 int low = sysctl_local_port_range[0]; 99 int high = sysctl_local_port_range[1]; 100 int remaining = (high - low) + 1; 101 int rover; 102 103 spin_lock(&tcp_portalloc_lock); 104 rover = tcp_port_rover; 105 do { rover++; 106 if ((rover < low) || (rover > high)) 107 rover = low; 108 head = &tcp_bhash[tcp_bhashfn(rover)]; 109 spin_lock(&head->lock); 110 for (tb = head->chain; tb; tb = tb->next) 111 if (tb->port == rover) 112 goto next; 113 break; 114 next: 115 spin_unlock(&head->lock); 116 } while (--remaining > 0); 117 tcp_port_rover = rover; 118 spin_unlock(&tcp_portalloc_lock); 119 120 /* Exhausted local port range during search? */ 121 ret = 1; 122 if (remaining <= 0) 123 goto fail; 124 125 /* OK, here is the one we will use. */ 126 snum = rover; 127 tb = NULL; 128 } else { 129 head = &tcp_bhash[tcp_bhashfn(snum)]; 130 spin_lock(&head->lock); 131 for (tb = head->chain; tb != NULL; tb = tb->next) 132 if (tb->port == snum) 133 break; 134 } 135 if (tb != NULL && tb->owners != NULL) { 136 if (tb->fastreuse > 0 && sk->reuse != 0 && sk->state != TCP_LISTEN) { 137 goto success; 138 } else { 139 struct sock *sk2 = tb->owners; 140 int sk_reuse = sk->reuse; 141 int addr_type = ipv6_addr_type(&sk->net_pinfo.af_inet6.rcv_saddr); 142 143 /* We must walk the whole port owner list in this case. -DaveM */ 144 for( ; sk2 != NULL; sk2 = sk2->bind_next) { 145 if (sk != sk2 && 146 sk->bound_dev_if == sk2->bound_dev_if) { 147 if (!sk_reuse || 148 !sk2->reuse || 149 sk2->state == TCP_LISTEN) { 150 /* NOTE: IPv6 tw bucket have different format */ 151 if (!sk2->rcv_saddr || 152 addr_type == IPV6_ADDR_ANY || 153 !ipv6_addr_cmp(&sk->net_pinfo.af_inet6.rcv_saddr, 154 sk2->state != TCP_TIME_WAIT ? 155 &sk2->net_pinfo.af_inet6.rcv_saddr : 156 &((struct tcp_tw_bucket*)sk)->v6_rcv_saddr) || 157 (addr_type==IPV6_ADDR_MAPPED && sk2->family==AF_INET && 158 sk->rcv_saddr==sk2->rcv_saddr)) 159 break; 160 } 161 } 162 } 163 /* If we found a conflict, fail. */ 164 ret = 1; 165 if (sk2 != NULL) 166 goto fail_unlock; 167 } 168 } 169 ret = 1; 170 if (tb == NULL && 171 (tb = tcp_bucket_create(head, snum)) == NULL) 172 goto fail_unlock; 173 if (tb->owners == NULL) { 174 if (sk->reuse && sk->state != TCP_LISTEN) 175 tb->fastreuse = 1; 176 else 177 tb->fastreuse = 0; 178 } else if (tb->fastreuse && 179 ((sk->reuse == 0) || (sk->state == TCP_LISTEN))) 180 tb->fastreuse = 0; 181 182success: 183 sk->num = snum; 184 if (sk->prev == NULL) { 185 if ((sk->bind_next = tb->owners) != NULL) 186 tb->owners->bind_pprev = &sk->bind_next; 187 tb->owners = sk; 188 sk->bind_pprev = &tb->owners; 189 sk->prev = (struct sock *) tb; 190 } else { 191 BUG_TRAP(sk->prev == (struct sock *) tb); 192 } 193 ret = 0; 194 195fail_unlock: 196 spin_unlock(&head->lock); 197fail: 198 local_bh_enable(); 199 return ret; 200} 201 202static __inline__ void __tcp_v6_hash(struct sock *sk) 203{ 204 struct sock **skp; 205 rwlock_t *lock; 206 207 BUG_TRAP(sk->pprev==NULL); 208 209 if(sk->state == TCP_LISTEN) { 210 skp = &tcp_listening_hash[tcp_sk_listen_hashfn(sk)]; 211 lock = &tcp_lhash_lock; 212 tcp_listen_wlock(); 213 } else { 214 skp = &tcp_ehash[(sk->hashent = tcp_v6_sk_hashfn(sk))].chain; 215 lock = &tcp_ehash[sk->hashent].lock; 216 write_lock(lock); 217 } 218 219 if((sk->next = *skp) != NULL) 220 (*skp)->pprev = &sk->next; 221 *skp = sk; 222 sk->pprev = skp; 223 sock_prot_inc_use(sk->prot); 224 write_unlock(lock); 225} 226 227 228static void tcp_v6_hash(struct sock *sk) 229{ 230 if(sk->state != TCP_CLOSE) { 231 if (sk->tp_pinfo.af_tcp.af_specific == &ipv6_mapped) { 232 tcp_prot.hash(sk); 233 return; 234 } 235 local_bh_disable(); 236 __tcp_v6_hash(sk); 237 local_bh_enable(); 238 } 239} 240 241static struct sock *tcp_v6_lookup_listener(struct in6_addr *daddr, unsigned short hnum, int dif) 242{ 243 struct sock *sk; 244 struct sock *result = NULL; 245 int score, hiscore; 246 247 hiscore=0; 248 read_lock(&tcp_lhash_lock); 249 sk = tcp_listening_hash[tcp_lhashfn(hnum)]; 250 for(; sk; sk = sk->next) { 251 if((sk->num == hnum) && (sk->family == PF_INET6)) { 252 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6; 253 254 score = 1; 255 if(!ipv6_addr_any(&np->rcv_saddr)) { 256 if(ipv6_addr_cmp(&np->rcv_saddr, daddr)) 257 continue; 258 score++; 259 } 260 if (sk->bound_dev_if) { 261 if (sk->bound_dev_if != dif) 262 continue; 263 score++; 264 } 265 if (score == 3) { 266 result = sk; 267 break; 268 } 269 if (score > hiscore) { 270 hiscore = score; 271 result = sk; 272 } 273 } 274 } 275 if (result) 276 sock_hold(result); 277 read_unlock(&tcp_lhash_lock); 278 return result; 279} 280 281/* Sockets in TCP_CLOSE state are _always_ taken out of the hash, so 282 * we need not check it for TCP lookups anymore, thanks Alexey. -DaveM 283 * 284 * The sockhash lock must be held as a reader here. 285 */ 286 287static inline struct sock *__tcp_v6_lookup_established(struct in6_addr *saddr, u16 sport, 288 struct in6_addr *daddr, u16 hnum, 289 int dif) 290{ 291 struct tcp_ehash_bucket *head; 292 struct sock *sk; 293 __u32 ports = TCP_COMBINED_PORTS(sport, hnum); 294 int hash; 295 296 /* Optimize here for direct hit, only listening connections can 297 * have wildcards anyways. 298 */ 299 hash = tcp_v6_hashfn(daddr, hnum, saddr, sport); 300 head = &tcp_ehash[hash]; 301 read_lock(&head->lock); 302 for(sk = head->chain; sk; sk = sk->next) { 303 /* For IPV6 do the cheaper port and family tests first. */ 304 if(TCP_IPV6_MATCH(sk, saddr, daddr, ports, dif)) 305 goto hit; /* You sunk my battleship! */ 306 } 307 /* Must check for a TIME_WAIT'er before going to listener hash. */ 308 for(sk = (head + tcp_ehash_size)->chain; sk; sk = sk->next) { 309 if(*((__u32 *)&(sk->dport)) == ports && 310 sk->family == PF_INET6) { 311 struct tcp_tw_bucket *tw = (struct tcp_tw_bucket *)sk; 312 if(!ipv6_addr_cmp(&tw->v6_daddr, saddr) && 313 !ipv6_addr_cmp(&tw->v6_rcv_saddr, daddr) && 314 (!sk->bound_dev_if || sk->bound_dev_if == dif)) 315 goto hit; 316 } 317 } 318 read_unlock(&head->lock); 319 return NULL; 320 321hit: 322 sock_hold(sk); 323 read_unlock(&head->lock); 324 return sk; 325} 326 327 328static inline struct sock *__tcp_v6_lookup(struct in6_addr *saddr, u16 sport, 329 struct in6_addr *daddr, u16 hnum, 330 int dif) 331{ 332 struct sock *sk; 333 334 sk = __tcp_v6_lookup_established(saddr, sport, daddr, hnum, dif); 335 336 if (sk) 337 return sk; 338 339 return tcp_v6_lookup_listener(daddr, hnum, dif); 340} 341 342__inline__ struct sock *tcp_v6_lookup(struct in6_addr *saddr, u16 sport, 343 struct in6_addr *daddr, u16 dport, 344 int dif) 345{ 346 struct sock *sk; 347 348 local_bh_disable(); 349 sk = __tcp_v6_lookup(saddr, sport, daddr, ntohs(dport), dif); 350 local_bh_enable(); 351 352 return sk; 353} 354 355 356/* 357 * Open request hash tables. 358 */ 359 360static __inline__ unsigned tcp_v6_synq_hash(struct in6_addr *raddr, u16 rport) 361{ 362 unsigned h = raddr->s6_addr32[3] ^ rport; 363 h ^= h>>16; 364 h ^= h>>8; 365 return h&(TCP_SYNQ_HSIZE-1); 366} 367 368static struct open_request *tcp_v6_search_req(struct tcp_opt *tp, 369 struct open_request ***prevp, 370 __u16 rport, 371 struct in6_addr *raddr, 372 struct in6_addr *laddr, 373 int iif) 374{ 375 struct tcp_listen_opt *lopt = tp->listen_opt; 376 struct open_request *req, **prev; 377 378 for (prev = &lopt->syn_table[tcp_v6_synq_hash(raddr, rport)]; 379 (req = *prev) != NULL; 380 prev = &req->dl_next) { 381 if (req->rmt_port == rport && 382 req->class->family == AF_INET6 && 383 !ipv6_addr_cmp(&req->af.v6_req.rmt_addr, raddr) && 384 !ipv6_addr_cmp(&req->af.v6_req.loc_addr, laddr) && 385 (!req->af.v6_req.iif || req->af.v6_req.iif == iif)) { 386 BUG_TRAP(req->sk == NULL); 387 *prevp = prev; 388 return req; 389 } 390 } 391 392 return NULL; 393} 394 395static __inline__ u16 tcp_v6_check(struct tcphdr *th, int len, 396 struct in6_addr *saddr, 397 struct in6_addr *daddr, 398 unsigned long base) 399{ 400 return csum_ipv6_magic(saddr, daddr, len, IPPROTO_TCP, base); 401} 402 403static __u32 tcp_v6_init_sequence(struct sock *sk, struct sk_buff *skb) 404{ 405 if (skb->protocol == htons(ETH_P_IPV6)) { 406 return secure_tcpv6_sequence_number(skb->nh.ipv6h->daddr.s6_addr32, 407 skb->nh.ipv6h->saddr.s6_addr32, 408 skb->h.th->dest, 409 skb->h.th->source); 410 } else { 411 return secure_tcp_sequence_number(skb->nh.iph->daddr, 412 skb->nh.iph->saddr, 413 skb->h.th->dest, 414 skb->h.th->source); 415 } 416} 417 418static int tcp_v6_check_established(struct sock *sk) 419{ 420 struct in6_addr *daddr = &sk->net_pinfo.af_inet6.rcv_saddr; 421 struct in6_addr *saddr = &sk->net_pinfo.af_inet6.daddr; 422 int dif = sk->bound_dev_if; 423 u32 ports = TCP_COMBINED_PORTS(sk->dport, sk->num); 424 int hash = tcp_v6_hashfn(daddr, sk->num, saddr, sk->dport); 425 struct tcp_ehash_bucket *head = &tcp_ehash[hash]; 426 struct sock *sk2, **skp; 427 struct tcp_tw_bucket *tw; 428 429 write_lock_bh(&head->lock); 430 431 for(skp = &(head + tcp_ehash_size)->chain; (sk2=*skp)!=NULL; skp = &sk2->next) { 432 tw = (struct tcp_tw_bucket*)sk2; 433 434 if(*((__u32 *)&(sk2->dport)) == ports && 435 sk2->family == PF_INET6 && 436 !ipv6_addr_cmp(&tw->v6_daddr, saddr) && 437 !ipv6_addr_cmp(&tw->v6_rcv_saddr, daddr) && 438 sk2->bound_dev_if == sk->bound_dev_if) { 439 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp); 440 441 if (tw->ts_recent_stamp) { 442 /* See comment in tcp_ipv4.c */ 443 if ((tp->write_seq = tw->snd_nxt+65535+2) == 0) 444 tp->write_seq = 1; 445 tp->ts_recent = tw->ts_recent; 446 tp->ts_recent_stamp = tw->ts_recent_stamp; 447 sock_hold(sk2); 448 skp = &head->chain; 449 goto unique; 450 } else 451 goto not_unique; 452 } 453 } 454 tw = NULL; 455 456 for(skp = &head->chain; (sk2=*skp)!=NULL; skp = &sk2->next) { 457 if(TCP_IPV6_MATCH(sk, saddr, daddr, ports, dif)) 458 goto not_unique; 459 } 460 461unique: 462 BUG_TRAP(sk->pprev==NULL); 463 if ((sk->next = *skp) != NULL) 464 (*skp)->pprev = &sk->next; 465 466 *skp = sk; 467 sk->pprev = skp; 468 sk->hashent = hash; 469 sock_prot_inc_use(sk->prot); 470 write_unlock_bh(&head->lock); 471 472 if (tw) { 473 /* Silly. Should hash-dance instead... */ 474 local_bh_disable(); 475 tcp_tw_deschedule(tw); 476 tcp_timewait_kill(tw); 477 NET_INC_STATS_BH(TimeWaitRecycled); 478 local_bh_enable(); 479 480 tcp_tw_put(tw); 481 } 482 return 0; 483 484not_unique: 485 write_unlock_bh(&head->lock); 486 return -EADDRNOTAVAIL; 487} 488 489static int tcp_v6_hash_connect(struct sock *sk) 490{ 491 struct tcp_bind_hashbucket *head; 492 struct tcp_bind_bucket *tb; 493 494 if (sk->num == 0) { 495 int err = tcp_v6_get_port(sk, sk->num); 496 if (err) 497 return err; 498 sk->sport = htons(sk->num); 499 } 500 501 head = &tcp_bhash[tcp_bhashfn(sk->num)]; 502 tb = head->chain; 503 504 spin_lock_bh(&head->lock); 505 506 if (tb->owners == sk && sk->bind_next == NULL) { 507 __tcp_v6_hash(sk); 508 spin_unlock_bh(&head->lock); 509 return 0; 510 } else { 511 spin_unlock_bh(&head->lock); 512 return tcp_v6_check_established(sk); 513 } 514} 515 516static __inline__ int tcp_v6_iif(struct sk_buff *skb) 517{ 518 struct inet6_skb_parm *opt = (struct inet6_skb_parm *) skb->cb; 519 return opt->iif; 520} 521 522static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr, 523 int addr_len) 524{ 525 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr; 526 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6; 527 struct tcp_opt *tp = &sk->tp_pinfo.af_tcp; 528 struct in6_addr *saddr = NULL; 529 struct in6_addr saddr_buf; 530 struct flowi fl; 531 struct dst_entry *dst; 532 int addr_type; 533 int err; 534 535 if (addr_len < SIN6_LEN_RFC2133) 536 return -EINVAL; 537 538 if (usin->sin6_family != AF_INET6) 539 return(-EAFNOSUPPORT); 540 541 fl.fl6_flowlabel = 0; 542 if (np->sndflow) { 543 fl.fl6_flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK; 544 IP6_ECN_flow_init(fl.fl6_flowlabel); 545 if (fl.fl6_flowlabel&IPV6_FLOWLABEL_MASK) { 546 struct ip6_flowlabel *flowlabel; 547 flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel); 548 if (flowlabel == NULL) 549 return -EINVAL; 550 ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst); 551 fl6_sock_release(flowlabel); 552 } 553 } 554 555 /* 556 * connect() to INADDR_ANY means loopback (BSD'ism). 557 */ 558 559 if(ipv6_addr_any(&usin->sin6_addr)) 560 usin->sin6_addr.s6_addr[15] = 0x1; 561 562 addr_type = ipv6_addr_type(&usin->sin6_addr); 563 564 if(addr_type & IPV6_ADDR_MULTICAST) 565 return -ENETUNREACH; 566 567 if (addr_type&IPV6_ADDR_LINKLOCAL) { 568 if (addr_len >= sizeof(struct sockaddr_in6) && 569 usin->sin6_scope_id) { 570 /* If interface is set while binding, indices 571 * must coincide. 572 */ 573 if (sk->bound_dev_if && 574 sk->bound_dev_if != usin->sin6_scope_id) 575 return -EINVAL; 576 577 sk->bound_dev_if = usin->sin6_scope_id; 578 } 579 580 /* Connect to link-local address requires an interface */ 581 if (sk->bound_dev_if == 0) 582 return -EINVAL; 583 } 584 585 if (tp->ts_recent_stamp && ipv6_addr_cmp(&np->daddr, &usin->sin6_addr)) { 586 tp->ts_recent = 0; 587 tp->ts_recent_stamp = 0; 588 tp->write_seq = 0; 589 } 590 591 ipv6_addr_copy(&np->daddr, &usin->sin6_addr); 592 np->flow_label = fl.fl6_flowlabel; 593 594 /* 595 * TCP over IPv4 596 */ 597 598 if (addr_type == IPV6_ADDR_MAPPED) { 599 u32 exthdrlen = tp->ext_header_len; 600 struct sockaddr_in sin; 601 602 SOCK_DEBUG(sk, "connect: ipv4 mapped\n"); 603 604 sin.sin_family = AF_INET; 605 sin.sin_port = usin->sin6_port; 606 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3]; 607 608 sk->tp_pinfo.af_tcp.af_specific = &ipv6_mapped; 609 sk->backlog_rcv = tcp_v4_do_rcv; 610 611 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin)); 612 613 if (err) { 614 tp->ext_header_len = exthdrlen; 615 sk->tp_pinfo.af_tcp.af_specific = &ipv6_specific; 616 sk->backlog_rcv = tcp_v6_do_rcv; 617 goto failure; 618 } else { 619 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 620 sk->saddr); 621 ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF), 622 sk->rcv_saddr); 623 } 624 625 return err; 626 } 627 628 if (!ipv6_addr_any(&np->rcv_saddr)) 629 saddr = &np->rcv_saddr; 630 631 fl.proto = IPPROTO_TCP; 632 fl.fl6_dst = &np->daddr; 633 fl.fl6_src = saddr; 634 fl.oif = sk->bound_dev_if; 635 fl.uli_u.ports.dport = usin->sin6_port; 636 fl.uli_u.ports.sport = sk->sport; 637 638 if (np->opt && np->opt->srcrt) { 639 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt; 640 fl.nl_u.ip6_u.daddr = rt0->addr; 641 } 642 643 dst = ip6_route_output(sk, &fl); 644 645 if ((err = dst->error) != 0) { 646 dst_release(dst); 647 goto failure; 648 } 649 650 ip6_dst_store(sk, dst, NULL); 651 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM; 652 653 if (saddr == NULL) { 654 err = ipv6_get_saddr(dst, &np->daddr, &saddr_buf); 655 if (err) 656 goto failure; 657 658 saddr = &saddr_buf; 659 } 660 661 /* set the source address */ 662 ipv6_addr_copy(&np->rcv_saddr, saddr); 663 ipv6_addr_copy(&np->saddr, saddr); 664 sk->rcv_saddr= LOOPBACK4_IPV6; 665 666 tp->ext_header_len = 0; 667 if (np->opt) 668 tp->ext_header_len = np->opt->opt_flen+np->opt->opt_nflen; 669 tp->mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 670 671 sk->dport = usin->sin6_port; 672 673 tcp_set_state(sk, TCP_SYN_SENT); 674 err = tcp_v6_hash_connect(sk); 675 if (err) 676 goto late_failure; 677 678 if (!tp->write_seq) 679 tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32, 680 np->daddr.s6_addr32, 681 sk->sport, sk->dport); 682 err = tcp_connect(sk); 683 if (err) 684 goto late_failure; 685 686 return 0; 687 688late_failure: 689 tcp_set_state(sk, TCP_CLOSE); 690failure: 691 __sk_dst_reset(sk); 692 sk->dport = 0; 693 sk->route_caps = 0; 694 return err; 695} 696 697void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 698 int type, int code, int offset, __u32 info) 699{ 700 struct ipv6hdr *hdr = (struct ipv6hdr*)skb->data; 701 struct tcphdr *th = (struct tcphdr *)(skb->data+offset); 702 struct ipv6_pinfo *np; 703 struct sock *sk; 704 int err; 705 struct tcp_opt *tp; 706 __u32 seq; 707 708 sk = tcp_v6_lookup(&hdr->daddr, th->dest, &hdr->saddr, th->source, skb->dev->ifindex); 709 710 if (sk == NULL) { 711 ICMP6_INC_STATS_BH(Icmp6InErrors); 712 return; 713 } 714 715 if (sk->state == TCP_TIME_WAIT) { 716 tcp_tw_put((struct tcp_tw_bucket*)sk); 717 return; 718 } 719 720 bh_lock_sock(sk); 721 if (sk->lock.users) 722 NET_INC_STATS_BH(LockDroppedIcmps); 723 724 if (sk->state == TCP_CLOSE) 725 goto out; 726 727 tp = &sk->tp_pinfo.af_tcp; 728 seq = ntohl(th->seq); 729 if (sk->state != TCP_LISTEN && !between(seq, tp->snd_una, tp->snd_nxt)) { 730 NET_INC_STATS_BH(OutOfWindowIcmps); 731 goto out; 732 } 733 734 np = &sk->net_pinfo.af_inet6; 735 736 if (type == ICMPV6_PKT_TOOBIG) { 737 struct dst_entry *dst = NULL; 738 739 if (sk->lock.users) 740 goto out; 741 if ((1<<sk->state)&(TCPF_LISTEN|TCPF_CLOSE)) 742 goto out; 743 744 /* icmp should have updated the destination cache entry */ 745 dst = __sk_dst_check(sk, np->dst_cookie); 746 747 if (dst == NULL) { 748 struct flowi fl; 749 750 /* BUGGG_FUTURE: Again, it is not clear how 751 to handle rthdr case. Ignore this complexity 752 for now. 753 */ 754 fl.proto = IPPROTO_TCP; 755 fl.nl_u.ip6_u.daddr = &np->daddr; 756 fl.nl_u.ip6_u.saddr = &np->saddr; 757 fl.oif = sk->bound_dev_if; 758 fl.uli_u.ports.dport = sk->dport; 759 fl.uli_u.ports.sport = sk->sport; 760 761 dst = ip6_route_output(sk, &fl); 762 } else 763 dst_clone(dst); 764 765 if (dst->error) { 766 sk->err_soft = -dst->error; 767 } else if (tp->pmtu_cookie > dst->pmtu) { 768 tcp_sync_mss(sk, dst->pmtu); 769 tcp_simple_retransmit(sk); 770 } /* else let the usual retransmit timer handle it */ 771 dst_release(dst); 772 goto out; 773 } 774 775 icmpv6_err_convert(type, code, &err); 776 777 /* Might be for an open_request */ 778 switch (sk->state) { 779 struct open_request *req, **prev; 780 case TCP_LISTEN: 781 if (sk->lock.users) 782 goto out; 783 784 req = tcp_v6_search_req(tp, &prev, th->dest, &hdr->daddr, 785 &hdr->saddr, tcp_v6_iif(skb)); 786 if (!req) 787 goto out; 788 789 /* ICMPs are not backlogged, hence we cannot get 790 * an established socket here. 791 */ 792 BUG_TRAP(req->sk == NULL); 793 794 if (seq != req->snt_isn) { 795 NET_INC_STATS_BH(OutOfWindowIcmps); 796 goto out; 797 } 798 799 tcp_synq_drop(sk, req, prev); 800 goto out; 801 802 case TCP_SYN_SENT: 803 case TCP_SYN_RECV: /* Cannot happen. 804 It can, it SYNs are crossed. --ANK */ 805 if (sk->lock.users == 0) { 806 TCP_INC_STATS_BH(TcpAttemptFails); 807 sk->err = err; 808 sk->error_report(sk); /* Wake people up to see the error (see connect in sock.c) */ 809 810 tcp_done(sk); 811 } else { 812 sk->err_soft = err; 813 } 814 goto out; 815 } 816 817 if (sk->lock.users == 0 && np->recverr) { 818 sk->err = err; 819 sk->error_report(sk); 820 } else { 821 sk->err_soft = err; 822 } 823 824out: 825 bh_unlock_sock(sk); 826 sock_put(sk); 827} 828 829 830static int tcp_v6_send_synack(struct sock *sk, struct open_request *req, 831 struct dst_entry *dst) 832{ 833 struct sk_buff * skb; 834 struct ipv6_txoptions *opt = NULL; 835 struct flowi fl; 836 int err = -1; 837 838 fl.proto = IPPROTO_TCP; 839 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr; 840 fl.nl_u.ip6_u.saddr = &req->af.v6_req.loc_addr; 841 fl.fl6_flowlabel = 0; 842 fl.oif = req->af.v6_req.iif; 843 fl.uli_u.ports.dport = req->rmt_port; 844 fl.uli_u.ports.sport = sk->sport; 845 846 if (dst == NULL) { 847 opt = sk->net_pinfo.af_inet6.opt; 848 if (opt == NULL && 849 sk->net_pinfo.af_inet6.rxopt.bits.srcrt == 2 && 850 req->af.v6_req.pktopts) { 851 struct sk_buff *pktopts = req->af.v6_req.pktopts; 852 struct inet6_skb_parm *rxopt = (struct inet6_skb_parm *)pktopts->cb; 853 if (rxopt->srcrt) 854 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(pktopts->nh.raw + rxopt->srcrt)); 855 } 856 857 if (opt && opt->srcrt) { 858 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 859 fl.nl_u.ip6_u.daddr = rt0->addr; 860 } 861 862 dst = ip6_route_output(sk, &fl); 863 if (dst->error) 864 goto done; 865 } 866 867 skb = tcp_make_synack(sk, dst, req); 868 if (skb) { 869 struct tcphdr *th = skb->h.th; 870 871 th->check = tcp_v6_check(th, skb->len, 872 &req->af.v6_req.loc_addr, &req->af.v6_req.rmt_addr, 873 csum_partial((char *)th, skb->len, skb->csum)); 874 875 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr; 876 err = ip6_xmit(sk, skb, &fl, opt); 877 if (err == NET_XMIT_CN) 878 err = 0; 879 } 880 881done: 882 dst_release(dst); 883 if (opt && opt != sk->net_pinfo.af_inet6.opt) 884 sock_kfree_s(sk, opt, opt->tot_len); 885 return err; 886} 887 888static void tcp_v6_or_free(struct open_request *req) 889{ 890 if (req->af.v6_req.pktopts) 891 kfree_skb(req->af.v6_req.pktopts); 892} 893 894static struct or_calltable or_ipv6 = { 895 AF_INET6, 896 tcp_v6_send_synack, 897 tcp_v6_or_send_ack, 898 tcp_v6_or_free, 899 tcp_v6_send_reset 900}; 901 902static int ipv6_opt_accepted(struct sock *sk, struct sk_buff *skb) 903{ 904 struct inet6_skb_parm *opt = (struct inet6_skb_parm *)skb->cb; 905 906 if (sk->net_pinfo.af_inet6.rxopt.all) { 907 if ((opt->hop && sk->net_pinfo.af_inet6.rxopt.bits.hopopts) || 908 ((IPV6_FLOWINFO_MASK&*(u32*)skb->nh.raw) && 909 sk->net_pinfo.af_inet6.rxopt.bits.rxflow) || 910 (opt->srcrt && sk->net_pinfo.af_inet6.rxopt.bits.srcrt) || 911 ((opt->dst1 || opt->dst0) && sk->net_pinfo.af_inet6.rxopt.bits.dstopts)) 912 return 1; 913 } 914 return 0; 915} 916 917 918static void tcp_v6_send_check(struct sock *sk, struct tcphdr *th, int len, 919 struct sk_buff *skb) 920{ 921 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6; 922 923 if (skb->ip_summed == CHECKSUM_HW) { 924 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 0); 925 skb->csum = offsetof(struct tcphdr, check); 926 } else { 927 th->check = csum_ipv6_magic(&np->saddr, &np->daddr, len, IPPROTO_TCP, 928 csum_partial((char *)th, th->doff<<2, 929 skb->csum)); 930 } 931} 932 933 934static void tcp_v6_send_reset(struct sk_buff *skb) 935{ 936 struct tcphdr *th = skb->h.th, *t1; 937 struct sk_buff *buff; 938 struct flowi fl; 939 940 if (th->rst) 941 return; 942 943 if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr)) 944 return; 945 946 /* 947 * We need to grab some memory, and put together an RST, 948 * and then put it into the queue to be sent. 949 */ 950 951 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr), GFP_ATOMIC); 952 if (buff == NULL) 953 return; 954 955 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr)); 956 957 t1 = (struct tcphdr *) skb_push(buff,sizeof(struct tcphdr)); 958 959 /* Swap the send and the receive. */ 960 memset(t1, 0, sizeof(*t1)); 961 t1->dest = th->source; 962 t1->source = th->dest; 963 t1->doff = sizeof(*t1)/4; 964 t1->rst = 1; 965 966 if(th->ack) { 967 t1->seq = th->ack_seq; 968 } else { 969 t1->ack = 1; 970 t1->ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin 971 + skb->len - (th->doff<<2)); 972 } 973 974 buff->csum = csum_partial((char *)t1, sizeof(*t1), 0); 975 976 fl.nl_u.ip6_u.daddr = &skb->nh.ipv6h->saddr; 977 fl.nl_u.ip6_u.saddr = &skb->nh.ipv6h->daddr; 978 fl.fl6_flowlabel = 0; 979 980 t1->check = csum_ipv6_magic(fl.nl_u.ip6_u.saddr, 981 fl.nl_u.ip6_u.daddr, 982 sizeof(*t1), IPPROTO_TCP, 983 buff->csum); 984 985 fl.proto = IPPROTO_TCP; 986 fl.oif = tcp_v6_iif(skb); 987 fl.uli_u.ports.dport = t1->dest; 988 fl.uli_u.ports.sport = t1->source; 989 990 /* sk = NULL, but it is safe for now. RST socket required. */ 991 buff->dst = ip6_route_output(NULL, &fl); 992 993 if (buff->dst->error == 0) { 994 ip6_xmit(NULL, buff, &fl, NULL); 995 TCP_INC_STATS_BH(TcpOutSegs); 996 TCP_INC_STATS_BH(TcpOutRsts); 997 return; 998 } 999 1000 kfree_skb(buff); 1001} 1002 1003static void tcp_v6_send_ack(struct sk_buff *skb, u32 seq, u32 ack, u32 win, u32 ts) 1004{ 1005 struct tcphdr *th = skb->h.th, *t1; 1006 struct sk_buff *buff; 1007 struct flowi fl; 1008 int tot_len = sizeof(struct tcphdr); 1009 1010 buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr), GFP_ATOMIC); 1011 if (buff == NULL) 1012 return; 1013 1014 skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr)); 1015 1016 if (ts) 1017 tot_len += 3*4; 1018 1019 t1 = (struct tcphdr *) skb_push(buff,tot_len); 1020 1021 /* Swap the send and the receive. */ 1022 memset(t1, 0, sizeof(*t1)); 1023 t1->dest = th->source; 1024 t1->source = th->dest; 1025 t1->doff = tot_len/4; 1026 t1->seq = htonl(seq); 1027 t1->ack_seq = htonl(ack); 1028 t1->ack = 1; 1029 t1->window = htons(win); 1030 1031 if (ts) { 1032 u32 *ptr = (u32*)(t1 + 1); 1033 *ptr++ = htonl((TCPOPT_NOP << 24) | 1034 (TCPOPT_NOP << 16) | 1035 (TCPOPT_TIMESTAMP << 8) | 1036 TCPOLEN_TIMESTAMP); 1037 *ptr++ = htonl(tcp_time_stamp); 1038 *ptr = htonl(ts); 1039 } 1040 1041 buff->csum = csum_partial((char *)t1, tot_len, 0); 1042 1043 fl.nl_u.ip6_u.daddr = &skb->nh.ipv6h->saddr; 1044 fl.nl_u.ip6_u.saddr = &skb->nh.ipv6h->daddr; 1045 fl.fl6_flowlabel = 0; 1046 1047 t1->check = csum_ipv6_magic(fl.nl_u.ip6_u.saddr, 1048 fl.nl_u.ip6_u.daddr, 1049 tot_len, IPPROTO_TCP, 1050 buff->csum); 1051 1052 fl.proto = IPPROTO_TCP; 1053 fl.oif = tcp_v6_iif(skb); 1054 fl.uli_u.ports.dport = t1->dest; 1055 fl.uli_u.ports.sport = t1->source; 1056 1057 buff->dst = ip6_route_output(NULL, &fl); 1058 1059 if (buff->dst->error == 0) { 1060 ip6_xmit(NULL, buff, &fl, NULL); 1061 TCP_INC_STATS_BH(TcpOutSegs); 1062 return; 1063 } 1064 1065 kfree_skb(buff); 1066} 1067 1068static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb) 1069{ 1070 struct tcp_tw_bucket *tw = (struct tcp_tw_bucket *)sk; 1071 1072 tcp_v6_send_ack(skb, tw->snd_nxt, tw->rcv_nxt, 1073 tw->rcv_wnd>>tw->rcv_wscale, tw->ts_recent); 1074 1075 tcp_tw_put(tw); 1076} 1077 1078static void tcp_v6_or_send_ack(struct sk_buff *skb, struct open_request *req) 1079{ 1080 tcp_v6_send_ack(skb, req->snt_isn+1, req->rcv_isn+1, req->rcv_wnd, req->ts_recent); 1081} 1082 1083 1084static struct sock *tcp_v6_hnd_req(struct sock *sk,struct sk_buff *skb) 1085{ 1086 struct open_request *req, **prev; 1087 struct tcphdr *th = skb->h.th; 1088 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp); 1089 struct sock *nsk; 1090 1091 /* Find possible connection requests. */ 1092 req = tcp_v6_search_req(tp, &prev, th->source, &skb->nh.ipv6h->saddr, 1093 &skb->nh.ipv6h->daddr, tcp_v6_iif(skb)); 1094 if (req) 1095 return tcp_check_req(sk, skb, req, prev); 1096 1097 nsk = __tcp_v6_lookup_established(&skb->nh.ipv6h->saddr, 1098 th->source, 1099 &skb->nh.ipv6h->daddr, 1100 ntohs(th->dest), 1101 tcp_v6_iif(skb)); 1102 1103 if (nsk) { 1104 if (nsk->state != TCP_TIME_WAIT) { 1105 bh_lock_sock(nsk); 1106 return nsk; 1107 } 1108 tcp_tw_put((struct tcp_tw_bucket*)nsk); 1109 return NULL; 1110 } 1111 1112 return sk; 1113} 1114 1115static void tcp_v6_synq_add(struct sock *sk, struct open_request *req) 1116{ 1117 struct tcp_opt *tp = &sk->tp_pinfo.af_tcp; 1118 struct tcp_listen_opt *lopt = tp->listen_opt; 1119 unsigned h = tcp_v6_synq_hash(&req->af.v6_req.rmt_addr, req->rmt_port); 1120 1121 req->sk = NULL; 1122 req->expires = jiffies + TCP_TIMEOUT_INIT; 1123 req->retrans = 0; 1124 req->dl_next = lopt->syn_table[h]; 1125 1126 write_lock(&tp->syn_wait_lock); 1127 lopt->syn_table[h] = req; 1128 write_unlock(&tp->syn_wait_lock); 1129 1130 tcp_synq_added(sk); 1131} 1132 1133 1134static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) 1135{ 1136 struct tcp_opt tp; 1137 struct open_request *req = NULL; 1138 __u32 isn = TCP_SKB_CB(skb)->when; 1139 1140 if (skb->protocol == htons(ETH_P_IP)) 1141 return tcp_v4_conn_request(sk, skb); 1142 1143 if (ipv6_addr_is_multicast(&skb->nh.ipv6h->daddr)) 1144 goto drop; 1145 1146 /* 1147 * There are no SYN attacks on IPv6, yet... 1148 */ 1149 if (tcp_synq_is_full(sk) && !isn) { 1150 if (net_ratelimit()) 1151 printk(KERN_INFO "TCPv6: dropping request, synflood is possible\n"); 1152 goto drop; 1153 } 1154 1155 if (tcp_acceptq_is_full(sk) && tcp_synq_young(sk) > 1) 1156 goto drop; 1157 1158 req = tcp_openreq_alloc(); 1159 if (req == NULL) 1160 goto drop; 1161 1162 tcp_clear_options(&tp); 1163 tp.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); 1164 tp.user_mss = sk->tp_pinfo.af_tcp.user_mss; 1165 1166 tcp_parse_options(skb, &tp, 0); 1167 1168 tp.tstamp_ok = tp.saw_tstamp; 1169 tcp_openreq_init(req, &tp, skb); 1170 1171 req->class = &or_ipv6; 1172 ipv6_addr_copy(&req->af.v6_req.rmt_addr, &skb->nh.ipv6h->saddr); 1173 ipv6_addr_copy(&req->af.v6_req.loc_addr, &skb->nh.ipv6h->daddr); 1174 TCP_ECN_create_request(req, skb->h.th); 1175 req->af.v6_req.pktopts = NULL; 1176 if (ipv6_opt_accepted(sk, skb) || 1177 sk->net_pinfo.af_inet6.rxopt.bits.rxinfo || 1178 sk->net_pinfo.af_inet6.rxopt.bits.rxhlim) { 1179 atomic_inc(&skb->users); 1180 req->af.v6_req.pktopts = skb; 1181 } 1182 req->af.v6_req.iif = sk->bound_dev_if; 1183 1184 /* So that link locals have meaning */ 1185 if (!sk->bound_dev_if && ipv6_addr_type(&req->af.v6_req.rmt_addr)&IPV6_ADDR_LINKLOCAL) 1186 req->af.v6_req.iif = tcp_v6_iif(skb); 1187 1188 if (isn == 0) 1189 isn = tcp_v6_init_sequence(sk,skb); 1190 1191 req->snt_isn = isn; 1192 1193 if (tcp_v6_send_synack(sk, req, NULL)) 1194 goto drop; 1195 1196 tcp_v6_synq_add(sk, req); 1197 1198 return 0; 1199 1200drop: 1201 if (req) 1202 tcp_openreq_free(req); 1203 1204 TCP_INC_STATS_BH(TcpAttemptFails); 1205 return 0; /* don't send reset */ 1206} 1207 1208static struct sock * tcp_v6_syn_recv_sock(struct sock *sk, struct sk_buff *skb, 1209 struct open_request *req, 1210 struct dst_entry *dst) 1211{ 1212 struct ipv6_pinfo *np; 1213 struct flowi fl; 1214 struct tcp_opt *newtp; 1215 struct sock *newsk; 1216 struct ipv6_txoptions *opt; 1217 1218 if (skb->protocol == htons(ETH_P_IP)) { 1219 /* 1220 * v6 mapped 1221 */ 1222 1223 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst); 1224 1225 if (newsk == NULL) 1226 return NULL; 1227 1228 np = &newsk->net_pinfo.af_inet6; 1229 1230 ipv6_addr_set(&np->daddr, 0, 0, htonl(0x0000FFFF), 1231 newsk->daddr); 1232 1233 ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF), 1234 newsk->saddr); 1235 1236 ipv6_addr_copy(&np->rcv_saddr, &np->saddr); 1237 1238 newsk->tp_pinfo.af_tcp.af_specific = &ipv6_mapped; 1239 newsk->backlog_rcv = tcp_v4_do_rcv; 1240 newsk->net_pinfo.af_inet6.pktoptions = NULL; 1241 newsk->net_pinfo.af_inet6.opt = NULL; 1242 newsk->net_pinfo.af_inet6.mcast_oif = tcp_v6_iif(skb); 1243 newsk->net_pinfo.af_inet6.mcast_hops = skb->nh.ipv6h->hop_limit; 1244 1245 /* Charge newly allocated IPv6 socket. Though it is mapped, 1246 * it is IPv6 yet. 1247 */ 1248#ifdef INET_REFCNT_DEBUG 1249 atomic_inc(&inet6_sock_nr); 1250#endif 1251 MOD_INC_USE_COUNT; 1252 1253 /* It is tricky place. Until this moment IPv4 tcp 1254 worked with IPv6 af_tcp.af_specific. 1255 Sync it now. 1256 */ 1257 tcp_sync_mss(newsk, newsk->tp_pinfo.af_tcp.pmtu_cookie); 1258 1259 return newsk; 1260 } 1261 1262 opt = sk->net_pinfo.af_inet6.opt; 1263 1264 if (tcp_acceptq_is_full(sk)) 1265 goto out_overflow; 1266 1267 if (sk->net_pinfo.af_inet6.rxopt.bits.srcrt == 2 && 1268 opt == NULL && req->af.v6_req.pktopts) { 1269 struct inet6_skb_parm *rxopt = (struct inet6_skb_parm *)req->af.v6_req.pktopts->cb; 1270 if (rxopt->srcrt) 1271 opt = ipv6_invert_rthdr(sk, (struct ipv6_rt_hdr*)(req->af.v6_req.pktopts->nh.raw+rxopt->srcrt)); 1272 } 1273 1274 if (dst == NULL) { 1275 fl.proto = IPPROTO_TCP; 1276 fl.nl_u.ip6_u.daddr = &req->af.v6_req.rmt_addr; 1277 if (opt && opt->srcrt) { 1278 struct rt0_hdr *rt0 = (struct rt0_hdr *) opt->srcrt; 1279 fl.nl_u.ip6_u.daddr = rt0->addr; 1280 } 1281 fl.nl_u.ip6_u.saddr = &req->af.v6_req.loc_addr; 1282 fl.fl6_flowlabel = 0; 1283 fl.oif = sk->bound_dev_if; 1284 fl.uli_u.ports.dport = req->rmt_port; 1285 fl.uli_u.ports.sport = sk->sport; 1286 1287 dst = ip6_route_output(sk, &fl); 1288 } 1289 1290 if (dst->error) 1291 goto out; 1292 1293 newsk = tcp_create_openreq_child(sk, req, skb); 1294 if (newsk == NULL) 1295 goto out; 1296 1297 /* Charge newly allocated IPv6 socket */ 1298#ifdef INET_REFCNT_DEBUG 1299 atomic_inc(&inet6_sock_nr); 1300#endif 1301 MOD_INC_USE_COUNT; 1302 1303 ip6_dst_store(newsk, dst, NULL); 1304 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM; 1305 1306 newtp = &(newsk->tp_pinfo.af_tcp); 1307 1308 np = &newsk->net_pinfo.af_inet6; 1309 ipv6_addr_copy(&np->daddr, &req->af.v6_req.rmt_addr); 1310 ipv6_addr_copy(&np->saddr, &req->af.v6_req.loc_addr); 1311 ipv6_addr_copy(&np->rcv_saddr, &req->af.v6_req.loc_addr); 1312 newsk->bound_dev_if = req->af.v6_req.iif; 1313 1314 /* Now IPv6 options... 1315 1316 First: no IPv4 options. 1317 */ 1318 newsk->protinfo.af_inet.opt = NULL; 1319 1320 /* Clone RX bits */ 1321 np->rxopt.all = sk->net_pinfo.af_inet6.rxopt.all; 1322 1323 /* Clone pktoptions received with SYN */ 1324 np->pktoptions = NULL; 1325 if (req->af.v6_req.pktopts) { 1326 np->pktoptions = skb_clone(req->af.v6_req.pktopts, GFP_ATOMIC); 1327 kfree_skb(req->af.v6_req.pktopts); 1328 req->af.v6_req.pktopts = NULL; 1329 if (np->pktoptions) 1330 skb_set_owner_r(np->pktoptions, newsk); 1331 } 1332 np->opt = NULL; 1333 np->mcast_oif = tcp_v6_iif(skb); 1334 np->mcast_hops = skb->nh.ipv6h->hop_limit; 1335 1336 /* Clone native IPv6 options from listening socket (if any) 1337 1338 Yes, keeping reference count would be much more clever, 1339 but we make one more one thing there: reattach optmem 1340 to newsk. 1341 */ 1342 if (opt) { 1343 np->opt = ipv6_dup_options(newsk, opt); 1344 if (opt != sk->net_pinfo.af_inet6.opt) 1345 sock_kfree_s(sk, opt, opt->tot_len); 1346 } 1347 1348 newtp->ext_header_len = 0; 1349 if (np->opt) 1350 newtp->ext_header_len = np->opt->opt_nflen + np->opt->opt_flen; 1351 1352 tcp_sync_mss(newsk, dst->pmtu); 1353 newtp->advmss = dst->advmss; 1354 tcp_initialize_rcv_mss(newsk); 1355 1356 newsk->daddr = LOOPBACK4_IPV6; 1357 newsk->saddr = LOOPBACK4_IPV6; 1358 newsk->rcv_saddr= LOOPBACK4_IPV6; 1359 1360 __tcp_v6_hash(newsk); 1361 tcp_inherit_port(sk, newsk); 1362 1363 return newsk; 1364 1365out_overflow: 1366 NET_INC_STATS_BH(ListenOverflows); 1367out: 1368 NET_INC_STATS_BH(ListenDrops); 1369 if (opt && opt != sk->net_pinfo.af_inet6.opt) 1370 sock_kfree_s(sk, opt, opt->tot_len); 1371 dst_release(dst); 1372 return NULL; 1373} 1374 1375static int tcp_v6_checksum_init(struct sk_buff *skb) 1376{ 1377 if (skb->ip_summed == CHECKSUM_HW) { 1378 skb->ip_summed = CHECKSUM_UNNECESSARY; 1379 if (!tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1380 &skb->nh.ipv6h->daddr,skb->csum)) 1381 return 0; 1382 NETDEBUG(if (net_ratelimit()) printk(KERN_DEBUG "hw tcp v6 csum failed\n")); 1383 } 1384 if (skb->len <= 76) { 1385 if (tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1386 &skb->nh.ipv6h->daddr,skb_checksum(skb, 0, skb->len, 0))) 1387 return -1; 1388 skb->ip_summed = CHECKSUM_UNNECESSARY; 1389 } else { 1390 skb->csum = ~tcp_v6_check(skb->h.th,skb->len,&skb->nh.ipv6h->saddr, 1391 &skb->nh.ipv6h->daddr,0); 1392 } 1393 return 0; 1394} 1395 1396/* The socket must have it's spinlock held when we get 1397 * here. 1398 * 1399 * We have a potential double-lock case here, so even when 1400 * doing backlog processing we use the BH locking scheme. 1401 * This is because we cannot sleep with the original spinlock 1402 * held. 1403 */ 1404static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb) 1405{ 1406#ifdef CONFIG_FILTER 1407 struct sk_filter *filter; 1408#endif 1409 struct sk_buff *opt_skb = NULL; 1410 1411 /* Imagine: socket is IPv6. IPv4 packet arrives, 1412 goes to IPv4 receive handler and backlogged. 1413 From backlog it always goes here. Kerboom... 1414 Fortunately, tcp_rcv_established and rcv_established 1415 handle them correctly, but it is not case with 1416 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK 1417 */ 1418 1419 if (skb->protocol == htons(ETH_P_IP)) 1420 return tcp_v4_do_rcv(sk, skb); 1421 1422#ifdef CONFIG_FILTER 1423 filter = sk->filter; 1424 if (filter && sk_filter(skb, filter)) 1425 goto discard; 1426#endif /* CONFIG_FILTER */ 1427 1428 /* 1429 * socket locking is here for SMP purposes as backlog rcv 1430 * is currently called with bh processing disabled. 1431 */ 1432 1433 IP6_INC_STATS_BH(Ip6InDelivers); 1434 1435 /* Do Stevens' IPV6_PKTOPTIONS. 1436 1437 Yes, guys, it is the only place in our code, where we 1438 may make it not affecting IPv4. 1439 The rest of code is protocol independent, 1440 and I do not like idea to uglify IPv4. 1441 1442 Actually, all the idea behind IPV6_PKTOPTIONS 1443 looks not very well thought. For now we latch 1444 options, received in the last packet, enqueued 1445 by tcp. Feel free to propose better solution. 1446 --ANK (980728) 1447 */ 1448 if (sk->net_pinfo.af_inet6.rxopt.all) 1449 opt_skb = skb_clone(skb, GFP_ATOMIC); 1450 1451 if (sk->state == TCP_ESTABLISHED) { /* Fast path */ 1452 TCP_CHECK_TIMER(sk); 1453 if (tcp_rcv_established(sk, skb, skb->h.th, skb->len)) 1454 goto reset; 1455 TCP_CHECK_TIMER(sk); 1456 if (opt_skb) 1457 goto ipv6_pktoptions; 1458 return 0; 1459 } 1460 1461 if (skb->len < (skb->h.th->doff<<2) || tcp_checksum_complete(skb)) 1462 goto csum_err; 1463 1464 if (sk->state == TCP_LISTEN) { 1465 struct sock *nsk = tcp_v6_hnd_req(sk, skb); 1466 if (!nsk) 1467 goto discard; 1468 1469 /* 1470 * Queue it on the new socket if the new socket is active, 1471 * otherwise we just shortcircuit this and continue with 1472 * the new socket.. 1473 */ 1474 if(nsk != sk) { 1475 if (tcp_child_process(sk, nsk, skb)) 1476 goto reset; 1477 if (opt_skb) 1478 __kfree_skb(opt_skb); 1479 return 0; 1480 } 1481 } 1482 1483 TCP_CHECK_TIMER(sk); 1484 if (tcp_rcv_state_process(sk, skb, skb->h.th, skb->len)) 1485 goto reset; 1486 TCP_CHECK_TIMER(sk); 1487 if (opt_skb) 1488 goto ipv6_pktoptions; 1489 return 0; 1490 1491reset: 1492 tcp_v6_send_reset(skb); 1493discard: 1494 if (opt_skb) 1495 __kfree_skb(opt_skb); 1496 kfree_skb(skb); 1497 return 0; 1498csum_err: 1499 TCP_INC_STATS_BH(TcpInErrs); 1500 goto discard; 1501 1502 1503ipv6_pktoptions: 1504 /* Do you ask, what is it? 1505 1506 1. skb was enqueued by tcp. 1507 2. skb is added to tail of read queue, rather than out of order. 1508 3. socket is not in passive state. 1509 4. Finally, it really contains options, which user wants to receive. 1510 */ 1511 if (TCP_SKB_CB(opt_skb)->end_seq == sk->tp_pinfo.af_tcp.rcv_nxt && 1512 !((1<<sk->state)&(TCPF_CLOSE|TCPF_LISTEN))) { 1513 if (sk->net_pinfo.af_inet6.rxopt.bits.rxinfo) 1514 sk->net_pinfo.af_inet6.mcast_oif = tcp_v6_iif(opt_skb); 1515 if (sk->net_pinfo.af_inet6.rxopt.bits.rxhlim) 1516 sk->net_pinfo.af_inet6.mcast_hops = opt_skb->nh.ipv6h->hop_limit; 1517 if (ipv6_opt_accepted(sk, opt_skb)) { 1518 skb_set_owner_r(opt_skb, sk); 1519 opt_skb = xchg(&sk->net_pinfo.af_inet6.pktoptions, opt_skb); 1520 } else { 1521 __kfree_skb(opt_skb); 1522 opt_skb = xchg(&sk->net_pinfo.af_inet6.pktoptions, NULL); 1523 } 1524 } 1525 1526 if (opt_skb) 1527 kfree_skb(opt_skb); 1528 return 0; 1529} 1530 1531int tcp_v6_rcv(struct sk_buff *skb) 1532{ 1533 struct tcphdr *th; 1534 struct sock *sk; 1535 int ret; 1536 1537 if (skb->pkt_type != PACKET_HOST) 1538 goto discard_it; 1539 1540 /* 1541 * Count it even if it's bad. 1542 */ 1543 TCP_INC_STATS_BH(TcpInSegs); 1544 1545 if (!pskb_may_pull(skb, sizeof(struct tcphdr))) 1546 goto discard_it; 1547 1548 th = skb->h.th; 1549 1550 if (th->doff < sizeof(struct tcphdr)/4) 1551 goto bad_packet; 1552 if (!pskb_may_pull(skb, th->doff*4)) 1553 goto discard_it; 1554 1555 if ((skb->ip_summed != CHECKSUM_UNNECESSARY && 1556 tcp_v6_checksum_init(skb) < 0)) 1557 goto bad_packet; 1558 1559 th = skb->h.th; 1560 TCP_SKB_CB(skb)->seq = ntohl(th->seq); 1561 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin + 1562 skb->len - th->doff*4); 1563 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq); 1564 TCP_SKB_CB(skb)->when = 0; 1565 TCP_SKB_CB(skb)->flags = ip6_get_dsfield(skb->nh.ipv6h); 1566 TCP_SKB_CB(skb)->sacked = 0; 1567 1568 sk = __tcp_v6_lookup(&skb->nh.ipv6h->saddr, th->source, 1569 &skb->nh.ipv6h->daddr, ntohs(th->dest), tcp_v6_iif(skb)); 1570 1571 if (!sk) 1572 goto no_tcp_socket; 1573 1574process: 1575 if(!ipsec_sk_policy(sk,skb)) 1576 goto discard_and_relse; 1577 if(sk->state == TCP_TIME_WAIT) 1578 goto do_time_wait; 1579 1580 skb->dev = NULL; 1581 1582 bh_lock_sock(sk); 1583 ret = 0; 1584 if (!sk->lock.users) { 1585 if (!tcp_prequeue(sk, skb)) 1586 ret = tcp_v6_do_rcv(sk, skb); 1587 } else 1588 sk_add_backlog(sk, skb); 1589 bh_unlock_sock(sk); 1590 1591 sock_put(sk); 1592 return ret; 1593 1594no_tcp_socket: 1595 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1596bad_packet: 1597 TCP_INC_STATS_BH(TcpInErrs); 1598 } else { 1599 tcp_v6_send_reset(skb); 1600 } 1601 1602discard_it: 1603 1604 /* 1605 * Discard frame 1606 */ 1607 1608 kfree_skb(skb); 1609 return 0; 1610 1611discard_and_relse: 1612 sock_put(sk); 1613 goto discard_it; 1614 1615do_time_wait: 1616 if (skb->len < (th->doff<<2) || tcp_checksum_complete(skb)) { 1617 TCP_INC_STATS_BH(TcpInErrs); 1618 sock_put(sk); 1619 goto discard_it; 1620 } 1621 1622 switch(tcp_timewait_state_process((struct tcp_tw_bucket *)sk, 1623 skb, th, skb->len)) { 1624 case TCP_TW_SYN: 1625 { 1626 struct sock *sk2; 1627 1628 sk2 = tcp_v6_lookup_listener(&skb->nh.ipv6h->daddr, ntohs(th->dest), tcp_v6_iif(skb)); 1629 if (sk2 != NULL) { 1630 tcp_tw_deschedule((struct tcp_tw_bucket *)sk); 1631 tcp_timewait_kill((struct tcp_tw_bucket *)sk); 1632 tcp_tw_put((struct tcp_tw_bucket *)sk); 1633 sk = sk2; 1634 goto process; 1635 } 1636 /* Fall through to ACK */ 1637 } 1638 case TCP_TW_ACK: 1639 tcp_v6_timewait_ack(sk, skb); 1640 break; 1641 case TCP_TW_RST: 1642 goto no_tcp_socket; 1643 case TCP_TW_SUCCESS:; 1644 } 1645 goto discard_it; 1646} 1647 1648static int tcp_v6_rebuild_header(struct sock *sk) 1649{ 1650 int err; 1651 struct dst_entry *dst; 1652 struct ipv6_pinfo *np = &sk->net_pinfo.af_inet6; 1653 1654 dst = __sk_dst_check(sk, np->dst_cookie); 1655 1656 if (dst == NULL) { 1657 struct flowi fl; 1658 1659 fl.proto = IPPROTO_TCP; 1660 fl.nl_u.ip6_u.daddr = &np->daddr; 1661 fl.nl_u.ip6_u.saddr = &np->saddr; 1662 fl.fl6_flowlabel = np->flow_label; 1663 fl.oif = sk->bound_dev_if; 1664 fl.uli_u.ports.dport = sk->dport; 1665 fl.uli_u.ports.sport = sk->sport; 1666 1667 if (np->opt && np->opt->srcrt) { 1668 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt; 1669 fl.nl_u.ip6_u.daddr = rt0->addr; 1670 } 1671 1672 dst = ip6_route_output(sk, &fl); 1673 1674 if (dst->error) { 1675 err = dst->error; 1676 dst_release(dst); 1677 sk->route_caps = 0; 1678 return err; 1679 } 1680 1681 ip6_dst_store(sk, dst, NULL); 1682 sk->route_caps = dst->dev->features&~NETIF_F_IP_CSUM; 1683 } 1684 1685 return 0; 1686} 1687 1688static int tcp_v6_xmit(struct sk_buff *skb) 1689{ 1690 struct sock *sk = skb->sk; 1691 struct ipv6_pinfo * np = &sk->net_pinfo.af_inet6; 1692 struct flowi fl; 1693 struct dst_entry *dst; 1694 1695 fl.proto = IPPROTO_TCP; 1696 fl.fl6_dst = &np->daddr; 1697 fl.fl6_src = &np->saddr; 1698 fl.fl6_flowlabel = np->flow_label; 1699 IP6_ECN_flow_xmit(sk, fl.fl6_flowlabel); 1700 fl.oif = sk->bound_dev_if; 1701 fl.uli_u.ports.sport = sk->sport; 1702 fl.uli_u.ports.dport = sk->dport; 1703 1704 if (np->opt && np->opt->srcrt) { 1705 struct rt0_hdr *rt0 = (struct rt0_hdr *) np->opt->srcrt; 1706 fl.nl_u.ip6_u.daddr = rt0->addr; 1707 } 1708 1709 dst = __sk_dst_check(sk, np->dst_cookie); 1710 1711 if (dst == NULL) { 1712 dst = ip6_route_output(sk, &fl); 1713 1714 if (dst->error) { 1715 sk->err_soft = -dst->error; 1716 dst_release(dst); 1717 return -sk->err_soft; 1718 } 1719 1720 ip6_dst_store(sk, dst, NULL); 1721 } 1722 1723 skb->dst = dst_clone(dst); 1724 1725 /* Restore final destination back after routing done */ 1726 fl.nl_u.ip6_u.daddr = &np->daddr; 1727 1728 return ip6_xmit(sk, skb, &fl, np->opt); 1729} 1730 1731static void v6_addr2sockaddr(struct sock *sk, struct sockaddr * uaddr) 1732{ 1733 struct ipv6_pinfo * np = &sk->net_pinfo.af_inet6; 1734 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *) uaddr; 1735 1736 sin6->sin6_family = AF_INET6; 1737 memcpy(&sin6->sin6_addr, &np->daddr, sizeof(struct in6_addr)); 1738 sin6->sin6_port = sk->dport; 1739 /* We do not store received flowlabel for TCP */ 1740 sin6->sin6_flowinfo = 0; 1741 sin6->sin6_scope_id = 0; 1742 if (sk->bound_dev_if && ipv6_addr_type(&sin6->sin6_addr)&IPV6_ADDR_LINKLOCAL) 1743 sin6->sin6_scope_id = sk->bound_dev_if; 1744} 1745 1746static int tcp_v6_remember_stamp(struct sock *sk) 1747{ 1748 /* Alas, not yet... */ 1749 return 0; 1750} 1751 1752static struct tcp_func ipv6_specific = { 1753 tcp_v6_xmit, 1754 tcp_v6_send_check, 1755 tcp_v6_rebuild_header, 1756 tcp_v6_conn_request, 1757 tcp_v6_syn_recv_sock, 1758 tcp_v6_remember_stamp, 1759 sizeof(struct ipv6hdr), 1760 1761 ipv6_setsockopt, 1762 ipv6_getsockopt, 1763 v6_addr2sockaddr, 1764 sizeof(struct sockaddr_in6) 1765}; 1766 1767/* 1768 * TCP over IPv4 via INET6 API 1769 */ 1770 1771static struct tcp_func ipv6_mapped = { 1772 ip_queue_xmit, 1773 tcp_v4_send_check, 1774 tcp_v4_rebuild_header, 1775 tcp_v6_conn_request, 1776 tcp_v6_syn_recv_sock, 1777 tcp_v4_remember_stamp, 1778 sizeof(struct iphdr), 1779 1780 ipv6_setsockopt, 1781 ipv6_getsockopt, 1782 v6_addr2sockaddr, 1783 sizeof(struct sockaddr_in6) 1784}; 1785 1786 1787 1788/* NOTE: A lot of things set to zero explicitly by call to 1789 * sk_alloc() so need not be done here. 1790 */ 1791static int tcp_v6_init_sock(struct sock *sk) 1792{ 1793 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp); 1794 1795 skb_queue_head_init(&tp->out_of_order_queue); 1796 tcp_init_xmit_timers(sk); 1797 tcp_prequeue_init(tp); 1798 1799 tp->rto = TCP_TIMEOUT_INIT; 1800 tp->mdev = TCP_TIMEOUT_INIT; 1801 1802 /* So many TCP implementations out there (incorrectly) count the 1803 * initial SYN frame in their delayed-ACK and congestion control 1804 * algorithms that we must have the following bandaid to talk 1805 * efficiently to them. -DaveM 1806 */ 1807 tp->snd_cwnd = 2; 1808 1809 /* See draft-stevens-tcpca-spec-01 for discussion of the 1810 * initialization of these values. 1811 */ 1812 tp->snd_ssthresh = 0x7fffffff; 1813 tp->snd_cwnd_clamp = ~0; 1814 tp->mss_cache = 536; 1815 1816 tp->reordering = sysctl_tcp_reordering; 1817 1818 sk->state = TCP_CLOSE; 1819 1820 sk->tp_pinfo.af_tcp.af_specific = &ipv6_specific; 1821 1822 sk->write_space = tcp_write_space; 1823 sk->use_write_queue = 1; 1824 1825 sk->sndbuf = sysctl_tcp_wmem[1]; 1826 sk->rcvbuf = sysctl_tcp_rmem[1]; 1827 1828 atomic_inc(&tcp_sockets_allocated); 1829 1830 return 0; 1831} 1832 1833static int tcp_v6_destroy_sock(struct sock *sk) 1834{ 1835 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp); 1836 1837 tcp_clear_xmit_timers(sk); 1838 1839 /* Cleanup up the write buffer. */ 1840 tcp_writequeue_purge(sk); 1841 1842 /* Cleans up our, hopefully empty, out_of_order_queue. */ 1843 __skb_queue_purge(&tp->out_of_order_queue); 1844 1845 /* Clean prequeue, it must be empty really */ 1846 __skb_queue_purge(&tp->ucopy.prequeue); 1847 1848 /* Clean up a referenced TCP bind bucket. */ 1849 if(sk->prev != NULL) 1850 tcp_put_port(sk); 1851 1852 /* If sendmsg cached page exists, toss it. */ 1853 if (tp->sndmsg_page != NULL) 1854 __free_page(tp->sndmsg_page); 1855 1856 atomic_dec(&tcp_sockets_allocated); 1857 1858 return inet6_destroy_sock(sk); 1859} 1860 1861/* Proc filesystem TCPv6 sock list dumping. */ 1862static void get_openreq6(struct sock *sk, struct open_request *req, char *tmpbuf, int i, int uid) 1863{ 1864 struct in6_addr *dest, *src; 1865 int ttd = req->expires - jiffies; 1866 1867 if (ttd < 0) 1868 ttd = 0; 1869 1870 src = &req->af.v6_req.loc_addr; 1871 dest = &req->af.v6_req.rmt_addr; 1872 sprintf(tmpbuf, 1873 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1874 "%02X %08X:%08X %02X:%08X %08X %5d %8d %d %d %p", 1875 i, 1876 src->s6_addr32[0], src->s6_addr32[1], 1877 src->s6_addr32[2], src->s6_addr32[3], 1878 ntohs(sk->sport), 1879 dest->s6_addr32[0], dest->s6_addr32[1], 1880 dest->s6_addr32[2], dest->s6_addr32[3], 1881 ntohs(req->rmt_port), 1882 TCP_SYN_RECV, 1883 0,0, /* could print option size, but that is af dependent. */ 1884 1, /* timers active (only the expire timer) */ 1885 ttd, 1886 req->retrans, 1887 uid, 1888 0, /* non standard timer */ 1889 0, /* open_requests have no inode */ 1890 0, req); 1891} 1892 1893static void get_tcp6_sock(struct sock *sp, char *tmpbuf, int i) 1894{ 1895 struct in6_addr *dest, *src; 1896 __u16 destp, srcp; 1897 int timer_active; 1898 unsigned long timer_expires; 1899 struct tcp_opt *tp = &sp->tp_pinfo.af_tcp; 1900 1901 dest = &sp->net_pinfo.af_inet6.daddr; 1902 src = &sp->net_pinfo.af_inet6.rcv_saddr; 1903 destp = ntohs(sp->dport); 1904 srcp = ntohs(sp->sport); 1905 if (tp->pending == TCP_TIME_RETRANS) { 1906 timer_active = 1; 1907 timer_expires = tp->timeout; 1908 } else if (tp->pending == TCP_TIME_PROBE0) { 1909 timer_active = 4; 1910 timer_expires = tp->timeout; 1911 } else if (timer_pending(&sp->timer)) { 1912 timer_active = 2; 1913 timer_expires = sp->timer.expires; 1914 } else { 1915 timer_active = 0; 1916 timer_expires = jiffies; 1917 } 1918 1919 sprintf(tmpbuf, 1920 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1921 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %lu %d %p %u %u %u %u %d", 1922 i, 1923 src->s6_addr32[0], src->s6_addr32[1], 1924 src->s6_addr32[2], src->s6_addr32[3], srcp, 1925 dest->s6_addr32[0], dest->s6_addr32[1], 1926 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1927 sp->state, 1928 tp->write_seq-tp->snd_una, tp->rcv_nxt-tp->copied_seq, 1929 timer_active, timer_expires-jiffies, 1930 tp->retransmits, 1931 sock_i_uid(sp), 1932 tp->probes_out, 1933 sock_i_ino(sp), 1934 atomic_read(&sp->refcnt), sp, 1935 tp->rto, tp->ack.ato, (tp->ack.quick<<1)|tp->ack.pingpong, 1936 tp->snd_cwnd, tp->snd_ssthresh>=0xFFFF?-1:tp->snd_ssthresh 1937 ); 1938} 1939 1940static void get_timewait6_sock(struct tcp_tw_bucket *tw, char *tmpbuf, int i) 1941{ 1942 struct in6_addr *dest, *src; 1943 __u16 destp, srcp; 1944 int ttd = tw->ttd - jiffies; 1945 1946 if (ttd < 0) 1947 ttd = 0; 1948 1949 dest = &tw->v6_daddr; 1950 src = &tw->v6_rcv_saddr; 1951 destp = ntohs(tw->dport); 1952 srcp = ntohs(tw->sport); 1953 1954 sprintf(tmpbuf, 1955 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X " 1956 "%02X %08X:%08X %02X:%08X %08X %5d %8d %d %d %p", 1957 i, 1958 src->s6_addr32[0], src->s6_addr32[1], 1959 src->s6_addr32[2], src->s6_addr32[3], srcp, 1960 dest->s6_addr32[0], dest->s6_addr32[1], 1961 dest->s6_addr32[2], dest->s6_addr32[3], destp, 1962 tw->substate, 0, 0, 1963 3, ttd, 0, 0, 0, 0, 1964 atomic_read(&tw->refcnt), tw); 1965} 1966 1967#define LINE_LEN 190 1968#define LINE_FMT "%-190s\n" 1969 1970int tcp6_get_info(char *buffer, char **start, off_t offset, int length) 1971{ 1972 int len = 0, num = 0, i; 1973 off_t begin, pos = 0; 1974 char tmpbuf[LINE_LEN+2]; 1975 1976 if (offset < LINE_LEN+1) 1977 len += sprintf(buffer, LINE_FMT, 1978 " sl " /* 6 */ 1979 "local_address " /* 38 */ 1980 "remote_address " /* 38 */ 1981 "st tx_queue rx_queue tr tm->when retrnsmt" /* 41 */ 1982 " uid timeout inode"); /* 21 */ 1983 /*----*/ 1984 /*144 */ 1985 1986 pos = LINE_LEN+1; 1987 1988 /* First, walk listening socket table. */ 1989 tcp_listen_lock(); 1990 for(i = 0; i < TCP_LHTABLE_SIZE; i++) { 1991 struct sock *sk = tcp_listening_hash[i]; 1992 struct tcp_listen_opt *lopt; 1993 int k; 1994 1995 for (sk = tcp_listening_hash[i]; sk; sk = sk->next, num++) { 1996 struct open_request *req; 1997 int uid; 1998 struct tcp_opt *tp = &(sk->tp_pinfo.af_tcp); 1999 2000 if (sk->family != PF_INET6) 2001 continue; 2002 pos += LINE_LEN+1; 2003 if (pos >= offset) { 2004 get_tcp6_sock(sk, tmpbuf, num); 2005 len += sprintf(buffer+len, LINE_FMT, tmpbuf); 2006 if (pos >= offset + length) { 2007 tcp_listen_unlock(); 2008 goto out_no_bh; 2009 } 2010 } 2011 2012 uid = sock_i_uid(sk); 2013 read_lock_bh(&tp->syn_wait_lock); 2014 lopt = tp->listen_opt; 2015 if (lopt && lopt->qlen != 0) { 2016 for (k=0; k<TCP_SYNQ_HSIZE; k++) { 2017 for (req = lopt->syn_table[k]; req; req = req->dl_next, num++) { 2018 if (req->class->family != PF_INET6) 2019 continue; 2020 pos += LINE_LEN+1; 2021 if (pos <= offset) 2022 continue; 2023 get_openreq6(sk, req, tmpbuf, num, uid); 2024 len += sprintf(buffer+len, LINE_FMT, tmpbuf); 2025 if (pos >= offset + length) { 2026 read_unlock_bh(&tp->syn_wait_lock); 2027 tcp_listen_unlock(); 2028 goto out_no_bh; 2029 } 2030 } 2031 } 2032 } 2033 read_unlock_bh(&tp->syn_wait_lock); 2034 2035 /* Completed requests are in normal socket hash table */ 2036 } 2037 } 2038 tcp_listen_unlock(); 2039 2040 local_bh_disable(); 2041 2042 /* Next, walk established hash chain. */ 2043 for (i = 0; i < tcp_ehash_size; i++) { 2044 struct tcp_ehash_bucket *head = &tcp_ehash[i]; 2045 struct sock *sk; 2046 struct tcp_tw_bucket *tw; 2047 2048 read_lock(&head->lock); 2049 for(sk = head->chain; sk; sk = sk->next, num++) { 2050 if (sk->family != PF_INET6) 2051 continue; 2052 pos += LINE_LEN+1; 2053 if (pos <= offset) 2054 continue; 2055 get_tcp6_sock(sk, tmpbuf, num); 2056 len += sprintf(buffer+len, LINE_FMT, tmpbuf); 2057 if (pos >= offset + length) { 2058 read_unlock(&head->lock); 2059 goto out; 2060 } 2061 } 2062 for (tw = (struct tcp_tw_bucket *)tcp_ehash[i+tcp_ehash_size].chain; 2063 tw != NULL; 2064 tw = (struct tcp_tw_bucket *)tw->next, num++) { 2065 if (tw->family != PF_INET6) 2066 continue; 2067 pos += LINE_LEN+1; 2068 if (pos <= offset) 2069 continue; 2070 get_timewait6_sock(tw, tmpbuf, num); 2071 len += sprintf(buffer+len, LINE_FMT, tmpbuf); 2072 if (pos >= offset + length) { 2073 read_unlock(&head->lock); 2074 goto out; 2075 } 2076 } 2077 read_unlock(&head->lock); 2078 } 2079 2080out: 2081 local_bh_enable(); 2082out_no_bh: 2083 2084 begin = len - (pos - offset); 2085 *start = buffer + begin; 2086 len -= begin; 2087 if (len > length) 2088 len = length; 2089 if (len < 0) 2090 len = 0; 2091 return len; 2092} 2093 2094struct proto tcpv6_prot = { 2095 name: "TCPv6", 2096 close: tcp_close, 2097 connect: tcp_v6_connect, 2098 disconnect: tcp_disconnect, 2099 accept: tcp_accept, 2100 ioctl: tcp_ioctl, 2101 init: tcp_v6_init_sock, 2102 destroy: tcp_v6_destroy_sock, 2103 shutdown: tcp_shutdown, 2104 setsockopt: tcp_setsockopt, 2105 getsockopt: tcp_getsockopt, 2106 sendmsg: tcp_sendmsg, 2107 recvmsg: tcp_recvmsg, 2108 backlog_rcv: tcp_v6_do_rcv, 2109 hash: tcp_v6_hash, 2110 unhash: tcp_unhash, 2111 get_port: tcp_v6_get_port, 2112}; 2113 2114static struct inet6_protocol tcpv6_protocol = 2115{ 2116 tcp_v6_rcv, /* TCP handler */ 2117 tcp_v6_err, /* TCP error control */ 2118 NULL, /* next */ 2119 IPPROTO_TCP, /* protocol ID */ 2120 0, /* copy */ 2121 NULL, /* data */ 2122 "TCPv6" /* name */ 2123}; 2124 2125extern struct proto_ops inet6_stream_ops; 2126 2127static struct inet_protosw tcpv6_protosw = { 2128 type: SOCK_STREAM, 2129 protocol: IPPROTO_TCP, 2130 prot: &tcpv6_prot, 2131 ops: &inet6_stream_ops, 2132 capability: -1, 2133 no_check: 0, 2134 flags: INET_PROTOSW_PERMANENT, 2135}; 2136 2137void __init tcpv6_init(void) 2138{ 2139 /* register inet6 protocol */ 2140 inet6_add_protocol(&tcpv6_protocol); 2141 inet6_register_protosw(&tcpv6_protosw); 2142} 2143