1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Linux INET6 implementation
7 * Pedro Roque <roque@di.fc.ul.pt>
10 * linux/net/ipv4/tcp.c
11 * linux/net/ipv4/tcp_input.c
12 * linux/net/ipv4/tcp_output.c
15 * Hideaki YOSHIFUJI : sin6_scope_id support
16 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
17 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
18 * a single port at the same time.
19 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
22 #include <linux/bottom_half.h>
23 #include <linux/module.h>
24 #include <linux/errno.h>
25 #include <linux/types.h>
26 #include <linux/socket.h>
27 #include <linux/sockios.h>
28 #include <linux/net.h>
29 #include <linux/jiffies.h>
31 #include <linux/in6.h>
32 #include <linux/netdevice.h>
33 #include <linux/init.h>
34 #include <linux/jhash.h>
35 #include <linux/ipsec.h>
36 #include <linux/times.h>
37 #include <linux/slab.h>
38 #include <linux/uaccess.h>
39 #include <linux/ipv6.h>
40 #include <linux/icmpv6.h>
41 #include <linux/random.h>
42 #include <linux/indirect_call_wrapper.h>
45 #include <net/ndisc.h>
46 #include <net/inet6_hashtables.h>
47 #include <net/inet6_connection_sock.h>
49 #include <net/transp_v6.h>
50 #include <net/addrconf.h>
51 #include <net/ip6_route.h>
52 #include <net/ip6_checksum.h>
53 #include <net/inet_ecn.h>
54 #include <net/protocol.h>
57 #include <net/dsfield.h>
58 #include <net/timewait_sock.h>
59 #include <net/inet_common.h>
60 #include <net/secure_seq.h>
61 #include <net/busy_poll.h>
63 #include <linux/proc_fs.h>
64 #include <linux/seq_file.h>
66 #include <crypto/hash.h>
67 #include <linux/scatterlist.h>
69 #include <trace/events/tcp.h>
71 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
72 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
73 struct request_sock *req);
75 INDIRECT_CALLABLE_SCOPE int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
77 static const struct inet_connection_sock_af_ops ipv6_mapped;
78 const struct inet_connection_sock_af_ops ipv6_specific;
79 #ifdef CONFIG_TCP_MD5SIG
80 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
81 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
83 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
84 const struct in6_addr *addr,
91 /* Helper returning the inet6 address from a given tcp socket.
92 * It can be used in TCP stack instead of inet6_sk(sk).
93 * This avoids a dereference and allow compiler optimizations.
94 * It is a specialized version of inet6_sk_generic().
96 static struct ipv6_pinfo *tcp_inet6_sk(const struct sock *sk)
98 unsigned int offset = sizeof(struct tcp6_sock) - sizeof(struct ipv6_pinfo);
100 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
103 static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
105 struct dst_entry *dst = skb_dst(skb);
107 if (dst && dst_hold_safe(dst)) {
108 const struct rt6_info *rt = (const struct rt6_info *)dst;
110 rcu_assign_pointer(sk->sk_rx_dst, dst);
111 sk->sk_rx_dst_ifindex = skb->skb_iif;
112 sk->sk_rx_dst_cookie = rt6_get_cookie(rt);
116 static u32 tcp_v6_init_seq(const struct sk_buff *skb)
118 return secure_tcpv6_seq(ipv6_hdr(skb)->daddr.s6_addr32,
119 ipv6_hdr(skb)->saddr.s6_addr32,
121 tcp_hdr(skb)->source);
124 static u32 tcp_v6_init_ts_off(const struct net *net, const struct sk_buff *skb)
126 return secure_tcpv6_ts_off(net, ipv6_hdr(skb)->daddr.s6_addr32,
127 ipv6_hdr(skb)->saddr.s6_addr32);
130 static int tcp_v6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
133 /* This check is replicated from tcp_v6_connect() and intended to
134 * prevent BPF program called below from accessing bytes that are out
135 * of the bound specified by user in addr_len.
137 if (addr_len < SIN6_LEN_RFC2133)
140 sock_owned_by_me(sk);
142 return BPF_CGROUP_RUN_PROG_INET6_CONNECT(sk, uaddr);
145 static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
148 struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
149 struct inet_connection_sock *icsk = inet_csk(sk);
150 struct in6_addr *saddr = NULL, *final_p, final;
151 struct inet_timewait_death_row *tcp_death_row;
152 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
153 struct inet_sock *inet = inet_sk(sk);
154 struct tcp_sock *tp = tcp_sk(sk);
155 struct net *net = sock_net(sk);
156 struct ipv6_txoptions *opt;
157 struct dst_entry *dst;
162 if (addr_len < SIN6_LEN_RFC2133)
165 if (usin->sin6_family != AF_INET6)
166 return -EAFNOSUPPORT;
168 memset(&fl6, 0, sizeof(fl6));
171 fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
172 IP6_ECN_flow_init(fl6.flowlabel);
173 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
174 struct ip6_flowlabel *flowlabel;
175 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
176 if (IS_ERR(flowlabel))
178 fl6_sock_release(flowlabel);
183 * connect() to INADDR_ANY means loopback (BSD'ism).
186 if (ipv6_addr_any(&usin->sin6_addr)) {
187 if (ipv6_addr_v4mapped(&sk->sk_v6_rcv_saddr))
188 ipv6_addr_set_v4mapped(htonl(INADDR_LOOPBACK),
191 usin->sin6_addr = in6addr_loopback;
194 addr_type = ipv6_addr_type(&usin->sin6_addr);
196 if (addr_type & IPV6_ADDR_MULTICAST)
199 if (addr_type&IPV6_ADDR_LINKLOCAL) {
200 if (addr_len >= sizeof(struct sockaddr_in6) &&
201 usin->sin6_scope_id) {
202 /* If interface is set while binding, indices
205 if (!sk_dev_equal_l3scope(sk, usin->sin6_scope_id))
208 sk->sk_bound_dev_if = usin->sin6_scope_id;
211 /* Connect to link-local address requires an interface */
212 if (!sk->sk_bound_dev_if)
216 if (tp->rx_opt.ts_recent_stamp &&
217 !ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
218 tp->rx_opt.ts_recent = 0;
219 tp->rx_opt.ts_recent_stamp = 0;
220 WRITE_ONCE(tp->write_seq, 0);
223 sk->sk_v6_daddr = usin->sin6_addr;
224 np->flow_label = fl6.flowlabel;
230 if (addr_type & IPV6_ADDR_MAPPED) {
231 u32 exthdrlen = icsk->icsk_ext_hdr_len;
232 struct sockaddr_in sin;
234 if (ipv6_only_sock(sk))
237 sin.sin_family = AF_INET;
238 sin.sin_port = usin->sin6_port;
239 sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
241 icsk->icsk_af_ops = &ipv6_mapped;
243 mptcpv6_handle_mapped(sk, true);
244 sk->sk_backlog_rcv = tcp_v4_do_rcv;
245 #ifdef CONFIG_TCP_MD5SIG
246 tp->af_specific = &tcp_sock_ipv6_mapped_specific;
249 err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
252 icsk->icsk_ext_hdr_len = exthdrlen;
253 icsk->icsk_af_ops = &ipv6_specific;
255 mptcpv6_handle_mapped(sk, false);
256 sk->sk_backlog_rcv = tcp_v6_do_rcv;
257 #ifdef CONFIG_TCP_MD5SIG
258 tp->af_specific = &tcp_sock_ipv6_specific;
262 np->saddr = sk->sk_v6_rcv_saddr;
267 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
268 saddr = &sk->sk_v6_rcv_saddr;
270 fl6.flowi6_proto = IPPROTO_TCP;
271 fl6.daddr = sk->sk_v6_daddr;
272 fl6.saddr = saddr ? *saddr : np->saddr;
273 fl6.flowi6_oif = sk->sk_bound_dev_if;
274 fl6.flowi6_mark = sk->sk_mark;
275 fl6.fl6_dport = usin->sin6_port;
276 fl6.fl6_sport = inet->inet_sport;
277 fl6.flowi6_uid = sk->sk_uid;
279 opt = rcu_dereference_protected(np->opt, lockdep_sock_is_held(sk));
280 final_p = fl6_update_dst(&fl6, opt, &final);
282 security_sk_classify_flow(sk, flowi6_to_flowi_common(&fl6));
284 dst = ip6_dst_lookup_flow(net, sk, &fl6, final_p);
291 struct inet_bind_hashbucket *prev_addr_hashbucket = NULL;
292 struct in6_addr prev_v6_rcv_saddr;
294 if (icsk->icsk_bind2_hash) {
295 prev_addr_hashbucket = inet_bhashfn_portaddr(&tcp_hashinfo,
296 sk, net, inet->inet_num);
297 prev_v6_rcv_saddr = sk->sk_v6_rcv_saddr;
300 sk->sk_v6_rcv_saddr = *saddr;
302 if (prev_addr_hashbucket) {
303 err = inet_bhash2_update_saddr(prev_addr_hashbucket, sk);
305 sk->sk_v6_rcv_saddr = prev_v6_rcv_saddr;
311 /* set the source address */
313 inet->inet_rcv_saddr = LOOPBACK4_IPV6;
315 sk->sk_gso_type = SKB_GSO_TCPV6;
316 ip6_dst_store(sk, dst, NULL, NULL);
318 icsk->icsk_ext_hdr_len = 0;
320 icsk->icsk_ext_hdr_len = opt->opt_flen +
323 tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
325 inet->inet_dport = usin->sin6_port;
327 tcp_set_state(sk, TCP_SYN_SENT);
328 tcp_death_row = net->ipv4.tcp_death_row;
329 err = inet6_hash_connect(tcp_death_row, sk);
335 if (likely(!tp->repair)) {
337 WRITE_ONCE(tp->write_seq,
338 secure_tcpv6_seq(np->saddr.s6_addr32,
339 sk->sk_v6_daddr.s6_addr32,
342 tp->tsoffset = secure_tcpv6_ts_off(net, np->saddr.s6_addr32,
343 sk->sk_v6_daddr.s6_addr32);
346 if (tcp_fastopen_defer_connect(sk, &err))
351 err = tcp_connect(sk);
358 tcp_set_state(sk, TCP_CLOSE);
360 inet->inet_dport = 0;
361 sk->sk_route_caps = 0;
365 static void tcp_v6_mtu_reduced(struct sock *sk)
367 struct dst_entry *dst;
370 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
373 mtu = READ_ONCE(tcp_sk(sk)->mtu_info);
375 /* Drop requests trying to increase our current mss.
376 * Check done in __ip6_rt_update_pmtu() is too late.
378 if (tcp_mtu_to_mss(sk, mtu) >= tcp_sk(sk)->mss_cache)
381 dst = inet6_csk_update_pmtu(sk, mtu);
385 if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
386 tcp_sync_mss(sk, dst_mtu(dst));
387 tcp_simple_retransmit(sk);
391 static int tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
392 u8 type, u8 code, int offset, __be32 info)
394 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
395 const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
396 struct net *net = dev_net(skb->dev);
397 struct request_sock *fastopen;
398 struct ipv6_pinfo *np;
405 sk = __inet6_lookup_established(net, &tcp_hashinfo,
406 &hdr->daddr, th->dest,
407 &hdr->saddr, ntohs(th->source),
408 skb->dev->ifindex, inet6_sdif(skb));
411 __ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
416 if (sk->sk_state == TCP_TIME_WAIT) {
417 inet_twsk_put(inet_twsk(sk));
420 seq = ntohl(th->seq);
421 fatal = icmpv6_err_convert(type, code, &err);
422 if (sk->sk_state == TCP_NEW_SYN_RECV) {
423 tcp_req_err(sk, seq, fatal);
428 if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
429 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
431 if (sk->sk_state == TCP_CLOSE)
434 if (static_branch_unlikely(&ip6_min_hopcount)) {
435 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
436 if (ipv6_hdr(skb)->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount)) {
437 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
443 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
444 fastopen = rcu_dereference(tp->fastopen_rsk);
445 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
446 if (sk->sk_state != TCP_LISTEN &&
447 !between(seq, snd_una, tp->snd_nxt)) {
448 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
452 np = tcp_inet6_sk(sk);
454 if (type == NDISC_REDIRECT) {
455 if (!sock_owned_by_user(sk)) {
456 struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
459 dst->ops->redirect(dst, sk, skb);
464 if (type == ICMPV6_PKT_TOOBIG) {
465 u32 mtu = ntohl(info);
467 /* We are not interested in TCP_LISTEN and open_requests
468 * (SYN-ACKs send out by Linux are always <576bytes so
469 * they should go through unfragmented).
471 if (sk->sk_state == TCP_LISTEN)
474 if (!ip6_sk_accept_pmtu(sk))
477 if (mtu < IPV6_MIN_MTU)
480 WRITE_ONCE(tp->mtu_info, mtu);
482 if (!sock_owned_by_user(sk))
483 tcp_v6_mtu_reduced(sk);
484 else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
491 /* Might be for an request_sock */
492 switch (sk->sk_state) {
495 /* Only in fast or simultaneous open. If a fast open socket is
496 * already accepted it is treated as a connected one below.
498 if (fastopen && !fastopen->sk)
501 ipv6_icmp_error(sk, skb, err, th->dest, ntohl(info), (u8 *)th);
503 if (!sock_owned_by_user(sk)) {
505 sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
509 sk->sk_err_soft = err;
514 /* check if this ICMP message allows revert of backoff.
517 if (!fastopen && type == ICMPV6_DEST_UNREACH &&
518 code == ICMPV6_NOROUTE)
519 tcp_ld_RTO_revert(sk, seq);
522 if (!sock_owned_by_user(sk) && np->recverr) {
526 sk->sk_err_soft = err;
535 static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
537 struct request_sock *req,
538 struct tcp_fastopen_cookie *foc,
539 enum tcp_synack_type synack_type,
540 struct sk_buff *syn_skb)
542 struct inet_request_sock *ireq = inet_rsk(req);
543 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
544 struct ipv6_txoptions *opt;
545 struct flowi6 *fl6 = &fl->u.ip6;
550 /* First, grab a route. */
551 if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
552 IPPROTO_TCP)) == NULL)
555 skb = tcp_make_synack(sk, dst, req, foc, synack_type, syn_skb);
558 __tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
559 &ireq->ir_v6_rmt_addr);
561 fl6->daddr = ireq->ir_v6_rmt_addr;
562 if (np->repflow && ireq->pktopts)
563 fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
565 tclass = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_reflect_tos) ?
566 (tcp_rsk(req)->syn_tos & ~INET_ECN_MASK) |
567 (np->tclass & INET_ECN_MASK) :
570 if (!INET_ECN_is_capable(tclass) &&
571 tcp_bpf_ca_needs_ecn((struct sock *)req))
572 tclass |= INET_ECN_ECT_0;
575 opt = ireq->ipv6_opt;
577 opt = rcu_dereference(np->opt);
578 err = ip6_xmit(sk, skb, fl6, skb->mark ? : sk->sk_mark, opt,
579 tclass, sk->sk_priority);
581 err = net_xmit_eval(err);
589 static void tcp_v6_reqsk_destructor(struct request_sock *req)
591 kfree(inet_rsk(req)->ipv6_opt);
592 consume_skb(inet_rsk(req)->pktopts);
595 #ifdef CONFIG_TCP_MD5SIG
596 static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
597 const struct in6_addr *addr,
600 return tcp_md5_do_lookup(sk, l3index,
601 (union tcp_md5_addr *)addr, AF_INET6);
604 static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
605 const struct sock *addr_sk)
609 l3index = l3mdev_master_ifindex_by_index(sock_net(sk),
610 addr_sk->sk_bound_dev_if);
611 return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr,
615 static int tcp_v6_parse_md5_keys(struct sock *sk, int optname,
616 sockptr_t optval, int optlen)
618 struct tcp_md5sig cmd;
619 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
624 if (optlen < sizeof(cmd))
627 if (copy_from_sockptr(&cmd, optval, sizeof(cmd)))
630 if (sin6->sin6_family != AF_INET6)
633 flags = cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX;
635 if (optname == TCP_MD5SIG_EXT &&
636 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
637 prefixlen = cmd.tcpm_prefixlen;
638 if (prefixlen > 128 || (ipv6_addr_v4mapped(&sin6->sin6_addr) &&
642 prefixlen = ipv6_addr_v4mapped(&sin6->sin6_addr) ? 32 : 128;
645 if (optname == TCP_MD5SIG_EXT && cmd.tcpm_ifindex &&
646 cmd.tcpm_flags & TCP_MD5SIG_FLAG_IFINDEX) {
647 struct net_device *dev;
650 dev = dev_get_by_index_rcu(sock_net(sk), cmd.tcpm_ifindex);
651 if (dev && netif_is_l3_master(dev))
652 l3index = dev->ifindex;
655 /* ok to reference set/not set outside of rcu;
656 * right now device MUST be an L3 master
658 if (!dev || !l3index)
662 if (!cmd.tcpm_keylen) {
663 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
664 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
667 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
668 AF_INET6, prefixlen, l3index, flags);
671 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
674 if (ipv6_addr_v4mapped(&sin6->sin6_addr))
675 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
676 AF_INET, prefixlen, l3index, flags,
677 cmd.tcpm_key, cmd.tcpm_keylen,
680 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
681 AF_INET6, prefixlen, l3index, flags,
682 cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
685 static int tcp_v6_md5_hash_headers(struct tcp_md5sig_pool *hp,
686 const struct in6_addr *daddr,
687 const struct in6_addr *saddr,
688 const struct tcphdr *th, int nbytes)
690 struct tcp6_pseudohdr *bp;
691 struct scatterlist sg;
695 /* 1. TCP pseudo-header (RFC2460) */
698 bp->protocol = cpu_to_be32(IPPROTO_TCP);
699 bp->len = cpu_to_be32(nbytes);
701 _th = (struct tcphdr *)(bp + 1);
702 memcpy(_th, th, sizeof(*th));
705 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
706 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
707 sizeof(*bp) + sizeof(*th));
708 return crypto_ahash_update(hp->md5_req);
711 static int tcp_v6_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
712 const struct in6_addr *daddr, struct in6_addr *saddr,
713 const struct tcphdr *th)
715 struct tcp_md5sig_pool *hp;
716 struct ahash_request *req;
718 hp = tcp_get_md5sig_pool();
720 goto clear_hash_noput;
723 if (crypto_ahash_init(req))
725 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
727 if (tcp_md5_hash_key(hp, key))
729 ahash_request_set_crypt(req, NULL, md5_hash, 0);
730 if (crypto_ahash_final(req))
733 tcp_put_md5sig_pool();
737 tcp_put_md5sig_pool();
739 memset(md5_hash, 0, 16);
743 static int tcp_v6_md5_hash_skb(char *md5_hash,
744 const struct tcp_md5sig_key *key,
745 const struct sock *sk,
746 const struct sk_buff *skb)
748 const struct in6_addr *saddr, *daddr;
749 struct tcp_md5sig_pool *hp;
750 struct ahash_request *req;
751 const struct tcphdr *th = tcp_hdr(skb);
753 if (sk) { /* valid for establish/request sockets */
754 saddr = &sk->sk_v6_rcv_saddr;
755 daddr = &sk->sk_v6_daddr;
757 const struct ipv6hdr *ip6h = ipv6_hdr(skb);
758 saddr = &ip6h->saddr;
759 daddr = &ip6h->daddr;
762 hp = tcp_get_md5sig_pool();
764 goto clear_hash_noput;
767 if (crypto_ahash_init(req))
770 if (tcp_v6_md5_hash_headers(hp, daddr, saddr, th, skb->len))
772 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
774 if (tcp_md5_hash_key(hp, key))
776 ahash_request_set_crypt(req, NULL, md5_hash, 0);
777 if (crypto_ahash_final(req))
780 tcp_put_md5sig_pool();
784 tcp_put_md5sig_pool();
786 memset(md5_hash, 0, 16);
792 static void tcp_v6_init_req(struct request_sock *req,
793 const struct sock *sk_listener,
796 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
797 struct inet_request_sock *ireq = inet_rsk(req);
798 const struct ipv6_pinfo *np = tcp_inet6_sk(sk_listener);
800 ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
801 ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
803 /* So that link locals have meaning */
804 if ((!sk_listener->sk_bound_dev_if || l3_slave) &&
805 ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
806 ireq->ir_iif = tcp_v6_iif(skb);
808 if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
809 (ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
810 np->rxopt.bits.rxinfo ||
811 np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
812 np->rxopt.bits.rxohlim || np->repflow)) {
813 refcount_inc(&skb->users);
818 static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
821 struct request_sock *req)
823 tcp_v6_init_req(req, sk, skb);
825 if (security_inet_conn_request(sk, skb, req))
828 return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
831 struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
833 .obj_size = sizeof(struct tcp6_request_sock),
834 .rtx_syn_ack = tcp_rtx_synack,
835 .send_ack = tcp_v6_reqsk_send_ack,
836 .destructor = tcp_v6_reqsk_destructor,
837 .send_reset = tcp_v6_send_reset,
838 .syn_ack_timeout = tcp_syn_ack_timeout,
841 const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
842 .mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
843 sizeof(struct ipv6hdr),
844 #ifdef CONFIG_TCP_MD5SIG
845 .req_md5_lookup = tcp_v6_md5_lookup,
846 .calc_md5_hash = tcp_v6_md5_hash_skb,
848 #ifdef CONFIG_SYN_COOKIES
849 .cookie_init_seq = cookie_v6_init_sequence,
851 .route_req = tcp_v6_route_req,
852 .init_seq = tcp_v6_init_seq,
853 .init_ts_off = tcp_v6_init_ts_off,
854 .send_synack = tcp_v6_send_synack,
857 static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
858 u32 ack, u32 win, u32 tsval, u32 tsecr,
859 int oif, struct tcp_md5sig_key *key, int rst,
860 u8 tclass, __be32 label, u32 priority, u32 txhash)
862 const struct tcphdr *th = tcp_hdr(skb);
864 struct sk_buff *buff;
866 struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
867 struct sock *ctl_sk = net->ipv6.tcp_sk;
868 unsigned int tot_len = sizeof(struct tcphdr);
869 __be32 mrst = 0, *topt;
870 struct dst_entry *dst;
874 tot_len += TCPOLEN_TSTAMP_ALIGNED;
875 #ifdef CONFIG_TCP_MD5SIG
877 tot_len += TCPOLEN_MD5SIG_ALIGNED;
882 mrst = mptcp_reset_option(skb);
885 tot_len += sizeof(__be32);
889 buff = alloc_skb(MAX_TCP_HEADER, GFP_ATOMIC);
893 skb_reserve(buff, MAX_TCP_HEADER);
895 t1 = skb_push(buff, tot_len);
896 skb_reset_transport_header(buff);
898 /* Swap the send and the receive. */
899 memset(t1, 0, sizeof(*t1));
900 t1->dest = th->source;
901 t1->source = th->dest;
902 t1->doff = tot_len / 4;
903 t1->seq = htonl(seq);
904 t1->ack_seq = htonl(ack);
905 t1->ack = !rst || !th->ack;
907 t1->window = htons(win);
909 topt = (__be32 *)(t1 + 1);
912 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
913 (TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
914 *topt++ = htonl(tsval);
915 *topt++ = htonl(tsecr);
921 #ifdef CONFIG_TCP_MD5SIG
923 *topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
924 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
925 tcp_v6_md5_hash_hdr((__u8 *)topt, key,
926 &ipv6_hdr(skb)->saddr,
927 &ipv6_hdr(skb)->daddr, t1);
931 memset(&fl6, 0, sizeof(fl6));
932 fl6.daddr = ipv6_hdr(skb)->saddr;
933 fl6.saddr = ipv6_hdr(skb)->daddr;
934 fl6.flowlabel = label;
936 buff->ip_summed = CHECKSUM_PARTIAL;
938 __tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
940 fl6.flowi6_proto = IPPROTO_TCP;
941 if (rt6_need_strict(&fl6.daddr) && !oif)
942 fl6.flowi6_oif = tcp_v6_iif(skb);
944 if (!oif && netif_index_is_l3_master(net, skb->skb_iif))
947 fl6.flowi6_oif = oif;
951 if (sk->sk_state == TCP_TIME_WAIT)
952 mark = inet_twsk(sk)->tw_mark;
955 skb_set_delivery_time(buff, tcp_transmit_time(sk), true);
958 /* autoflowlabel/skb_get_hash_flowi6 rely on buff->hash */
959 skb_set_hash(buff, txhash, PKT_HASH_TYPE_L4);
961 fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark) ?: mark;
962 fl6.fl6_dport = t1->dest;
963 fl6.fl6_sport = t1->source;
964 fl6.flowi6_uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
965 security_skb_classify_flow(skb, flowi6_to_flowi_common(&fl6));
967 /* Pass a socket to ip6_dst_lookup either it is for RST
968 * Underlying function will use this to retrieve the network
971 if (sk && sk->sk_state != TCP_TIME_WAIT)
972 dst = ip6_dst_lookup_flow(net, sk, &fl6, NULL); /*sk's xfrm_policy can be referred*/
974 dst = ip6_dst_lookup_flow(net, ctl_sk, &fl6, NULL);
976 skb_dst_set(buff, dst);
977 ip6_xmit(ctl_sk, buff, &fl6, fl6.flowi6_mark, NULL,
978 tclass & ~INET_ECN_MASK, priority);
979 TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
981 TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
988 static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
990 const struct tcphdr *th = tcp_hdr(skb);
991 struct ipv6hdr *ipv6h = ipv6_hdr(skb);
992 u32 seq = 0, ack_seq = 0;
993 struct tcp_md5sig_key *key = NULL;
994 #ifdef CONFIG_TCP_MD5SIG
995 const __u8 *hash_location = NULL;
996 unsigned char newhash[16];
998 struct sock *sk1 = NULL;
1008 /* If sk not NULL, it means we did a successful lookup and incoming
1009 * route had to be correct. prequeue might have dropped our dst.
1011 if (!sk && !ipv6_unicast_destination(skb))
1014 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
1015 #ifdef CONFIG_TCP_MD5SIG
1017 hash_location = tcp_parse_md5sig_option(th);
1018 if (sk && sk_fullsock(sk)) {
1021 /* sdif set, means packet ingressed via a device
1022 * in an L3 domain and inet_iif is set to it.
1024 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
1025 key = tcp_v6_md5_do_lookup(sk, &ipv6h->saddr, l3index);
1026 } else if (hash_location) {
1027 int dif = tcp_v6_iif_l3_slave(skb);
1028 int sdif = tcp_v6_sdif(skb);
1032 * active side is lost. Try to find listening socket through
1033 * source port, and then find md5 key through listening socket.
1034 * we are not loose security here:
1035 * Incoming packet is checked with md5 hash with finding key,
1036 * no RST generated if md5 hash doesn't match.
1038 sk1 = inet6_lookup_listener(net,
1039 &tcp_hashinfo, NULL, 0,
1041 th->source, &ipv6h->daddr,
1042 ntohs(th->source), dif, sdif);
1046 /* sdif set, means packet ingressed via a device
1047 * in an L3 domain and dif is set to it.
1049 l3index = tcp_v6_sdif(skb) ? dif : 0;
1051 key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr, l3index);
1055 genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
1056 if (genhash || memcmp(hash_location, newhash, 16) != 0)
1062 seq = ntohl(th->ack_seq);
1064 ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
1068 oif = sk->sk_bound_dev_if;
1069 if (sk_fullsock(sk)) {
1070 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1072 trace_tcp_send_reset(sk, skb);
1074 label = ip6_flowlabel(ipv6h);
1075 priority = sk->sk_priority;
1077 if (sk->sk_state == TCP_TIME_WAIT) {
1078 label = cpu_to_be32(inet_twsk(sk)->tw_flowlabel);
1079 priority = inet_twsk(sk)->tw_priority;
1082 if (net->ipv6.sysctl.flowlabel_reflect & FLOWLABEL_REFLECT_TCP_RESET)
1083 label = ip6_flowlabel(ipv6h);
1086 tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1,
1087 ipv6_get_dsfield(ipv6h), label, priority, 0);
1089 #ifdef CONFIG_TCP_MD5SIG
1095 static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
1096 u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
1097 struct tcp_md5sig_key *key, u8 tclass,
1098 __be32 label, u32 priority, u32 txhash)
1100 tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
1101 tclass, label, priority, txhash);
1104 static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
1106 struct inet_timewait_sock *tw = inet_twsk(sk);
1107 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
1109 tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
1110 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
1111 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
1112 tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
1113 tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel), tw->tw_priority,
1119 static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
1120 struct request_sock *req)
1124 l3index = tcp_v6_sdif(skb) ? tcp_v6_iif_l3_slave(skb) : 0;
1126 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
1127 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
1130 * The window field (SEG.WND) of every outgoing segment, with the
1131 * exception of <SYN> segments, MUST be right-shifted by
1132 * Rcv.Wind.Shift bits:
1134 tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
1135 tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
1136 tcp_rsk(req)->rcv_nxt,
1137 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
1138 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
1139 req->ts_recent, sk->sk_bound_dev_if,
1140 tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->saddr, l3index),
1141 ipv6_get_dsfield(ipv6_hdr(skb)), 0, sk->sk_priority,
1142 tcp_rsk(req)->txhash);
1146 static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
1148 #ifdef CONFIG_SYN_COOKIES
1149 const struct tcphdr *th = tcp_hdr(skb);
1152 sk = cookie_v6_check(sk, skb);
1157 u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
1158 struct tcphdr *th, u32 *cookie)
1161 #ifdef CONFIG_SYN_COOKIES
1162 mss = tcp_get_syncookie_mss(&tcp6_request_sock_ops,
1163 &tcp_request_sock_ipv6_ops, sk, th);
1165 *cookie = __cookie_v6_init_sequence(iph, th, &mss);
1166 tcp_synq_overflow(sk);
1172 static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
1174 if (skb->protocol == htons(ETH_P_IP))
1175 return tcp_v4_conn_request(sk, skb);
1177 if (!ipv6_unicast_destination(skb))
1180 if (ipv6_addr_v4mapped(&ipv6_hdr(skb)->saddr)) {
1181 __IP6_INC_STATS(sock_net(sk), NULL, IPSTATS_MIB_INHDRERRORS);
1185 return tcp_conn_request(&tcp6_request_sock_ops,
1186 &tcp_request_sock_ipv6_ops, sk, skb);
1190 return 0; /* don't send reset */
1193 static void tcp_v6_restore_cb(struct sk_buff *skb)
1195 /* We need to move header back to the beginning if xfrm6_policy_check()
1196 * and tcp_v6_fill_cb() are going to be called again.
1197 * ip6_datagram_recv_specific_ctl() also expects IP6CB to be there.
1199 memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
1200 sizeof(struct inet6_skb_parm));
1203 static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1204 struct request_sock *req,
1205 struct dst_entry *dst,
1206 struct request_sock *req_unhash,
1209 struct inet_request_sock *ireq;
1210 struct ipv6_pinfo *newnp;
1211 const struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1212 struct ipv6_txoptions *opt;
1213 struct inet_sock *newinet;
1214 bool found_dup_sk = false;
1215 struct tcp_sock *newtp;
1217 #ifdef CONFIG_TCP_MD5SIG
1218 struct tcp_md5sig_key *key;
1223 if (skb->protocol == htons(ETH_P_IP)) {
1228 newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
1229 req_unhash, own_req);
1234 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1236 newnp = tcp_inet6_sk(newsk);
1237 newtp = tcp_sk(newsk);
1239 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1241 newnp->saddr = newsk->sk_v6_rcv_saddr;
1243 inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
1244 if (sk_is_mptcp(newsk))
1245 mptcpv6_handle_mapped(newsk, true);
1246 newsk->sk_backlog_rcv = tcp_v4_do_rcv;
1247 #ifdef CONFIG_TCP_MD5SIG
1248 newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
1251 newnp->ipv6_mc_list = NULL;
1252 newnp->ipv6_ac_list = NULL;
1253 newnp->ipv6_fl_list = NULL;
1254 newnp->pktoptions = NULL;
1256 newnp->mcast_oif = inet_iif(skb);
1257 newnp->mcast_hops = ip_hdr(skb)->ttl;
1258 newnp->rcv_flowinfo = 0;
1260 newnp->flow_label = 0;
1263 * No need to charge this sock to the relevant IPv6 refcnt debug socks count
1264 * here, tcp_create_openreq_child now does this for us, see the comment in
1265 * that function for the gory details. -acme
1268 /* It is tricky place. Until this moment IPv4 tcp
1269 worked with IPv6 icsk.icsk_af_ops.
1272 tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
1277 ireq = inet_rsk(req);
1279 if (sk_acceptq_is_full(sk))
1283 dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
1288 newsk = tcp_create_openreq_child(sk, req, skb);
1293 * No need to charge this sock to the relevant IPv6 refcnt debug socks
1294 * count here, tcp_create_openreq_child now does this for us, see the
1295 * comment in that function for the gory details. -acme
1298 newsk->sk_gso_type = SKB_GSO_TCPV6;
1299 ip6_dst_store(newsk, dst, NULL, NULL);
1300 inet6_sk_rx_dst_set(newsk, skb);
1302 inet_sk(newsk)->pinet6 = tcp_inet6_sk(newsk);
1304 newtp = tcp_sk(newsk);
1305 newinet = inet_sk(newsk);
1306 newnp = tcp_inet6_sk(newsk);
1308 memcpy(newnp, np, sizeof(struct ipv6_pinfo));
1310 newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
1311 newnp->saddr = ireq->ir_v6_loc_addr;
1312 newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
1313 newsk->sk_bound_dev_if = ireq->ir_iif;
1315 /* Now IPv6 options...
1317 First: no IPv4 options.
1319 newinet->inet_opt = NULL;
1320 newnp->ipv6_mc_list = NULL;
1321 newnp->ipv6_ac_list = NULL;
1322 newnp->ipv6_fl_list = NULL;
1325 newnp->rxopt.all = np->rxopt.all;
1327 newnp->pktoptions = NULL;
1329 newnp->mcast_oif = tcp_v6_iif(skb);
1330 newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
1331 newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
1333 newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
1335 /* Set ToS of the new socket based upon the value of incoming SYN.
1336 * ECT bits are set later in tcp_init_transfer().
1338 if (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_reflect_tos))
1339 newnp->tclass = tcp_rsk(req)->syn_tos & ~INET_ECN_MASK;
1341 /* Clone native IPv6 options from listening socket (if any)
1343 Yes, keeping reference count would be much more clever,
1344 but we make one more one thing there: reattach optmem
1347 opt = ireq->ipv6_opt;
1349 opt = rcu_dereference(np->opt);
1351 opt = ipv6_dup_options(newsk, opt);
1352 RCU_INIT_POINTER(newnp->opt, opt);
1354 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1356 inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
1359 tcp_ca_openreq_child(newsk, dst);
1361 tcp_sync_mss(newsk, dst_mtu(dst));
1362 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1364 tcp_initialize_rcv_mss(newsk);
1366 newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
1367 newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
1369 #ifdef CONFIG_TCP_MD5SIG
1370 l3index = l3mdev_master_ifindex_by_index(sock_net(sk), ireq->ir_iif);
1372 /* Copy over the MD5 key from the original socket */
1373 key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr, l3index);
1375 /* We're using one, so create a matching key
1376 * on the newsk structure. If we fail to get
1377 * memory, then we end up not copying the key
1380 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
1381 AF_INET6, 128, l3index, key->flags, key->key, key->keylen,
1382 sk_gfp_mask(sk, GFP_ATOMIC));
1386 if (__inet_inherit_port(sk, newsk) < 0) {
1387 inet_csk_prepare_forced_close(newsk);
1391 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash),
1394 tcp_move_syn(newtp, req);
1396 /* Clone pktoptions received with SYN, if we own the req */
1397 if (ireq->pktopts) {
1398 newnp->pktoptions = skb_clone(ireq->pktopts,
1399 sk_gfp_mask(sk, GFP_ATOMIC));
1400 consume_skb(ireq->pktopts);
1401 ireq->pktopts = NULL;
1402 if (newnp->pktoptions) {
1403 tcp_v6_restore_cb(newnp->pktoptions);
1404 skb_set_owner_r(newnp->pktoptions, newsk);
1408 if (!req_unhash && found_dup_sk) {
1409 /* This code path should only be executed in the
1410 * syncookie case only
1412 bh_unlock_sock(newsk);
1421 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1429 INDIRECT_CALLABLE_DECLARE(struct dst_entry *ipv4_dst_check(struct dst_entry *,
1431 /* The socket must have it's spinlock held when we get
1432 * here, unless it is a TCP_LISTEN socket.
1434 * We have a potential double-lock case here, so even when
1435 * doing backlog processing we use the BH locking scheme.
1436 * This is because we cannot sleep with the original spinlock
1439 INDIRECT_CALLABLE_SCOPE
1440 int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
1442 struct ipv6_pinfo *np = tcp_inet6_sk(sk);
1443 struct sk_buff *opt_skb = NULL;
1444 enum skb_drop_reason reason;
1445 struct tcp_sock *tp;
1447 /* Imagine: socket is IPv6. IPv4 packet arrives,
1448 goes to IPv4 receive handler and backlogged.
1449 From backlog it always goes here. Kerboom...
1450 Fortunately, tcp_rcv_established and rcv_established
1451 handle them correctly, but it is not case with
1452 tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
1455 if (skb->protocol == htons(ETH_P_IP))
1456 return tcp_v4_do_rcv(sk, skb);
1459 * socket locking is here for SMP purposes as backlog rcv
1460 * is currently called with bh processing disabled.
1463 /* Do Stevens' IPV6_PKTOPTIONS.
1465 Yes, guys, it is the only place in our code, where we
1466 may make it not affecting IPv4.
1467 The rest of code is protocol independent,
1468 and I do not like idea to uglify IPv4.
1470 Actually, all the idea behind IPV6_PKTOPTIONS
1471 looks not very well thought. For now we latch
1472 options, received in the last packet, enqueued
1473 by tcp. Feel free to propose better solution.
1477 opt_skb = skb_clone(skb, sk_gfp_mask(sk, GFP_ATOMIC));
1479 reason = SKB_DROP_REASON_NOT_SPECIFIED;
1480 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1481 struct dst_entry *dst;
1483 dst = rcu_dereference_protected(sk->sk_rx_dst,
1484 lockdep_sock_is_held(sk));
1486 sock_rps_save_rxhash(sk, skb);
1487 sk_mark_napi_id(sk, skb);
1489 if (sk->sk_rx_dst_ifindex != skb->skb_iif ||
1490 INDIRECT_CALL_1(dst->ops->check, ip6_dst_check,
1491 dst, sk->sk_rx_dst_cookie) == NULL) {
1492 RCU_INIT_POINTER(sk->sk_rx_dst, NULL);
1497 tcp_rcv_established(sk, skb);
1499 goto ipv6_pktoptions;
1503 if (tcp_checksum_complete(skb))
1506 if (sk->sk_state == TCP_LISTEN) {
1507 struct sock *nsk = tcp_v6_cookie_check(sk, skb);
1513 if (tcp_child_process(sk, nsk, skb))
1516 __kfree_skb(opt_skb);
1520 sock_rps_save_rxhash(sk, skb);
1522 if (tcp_rcv_state_process(sk, skb))
1525 goto ipv6_pktoptions;
1529 tcp_v6_send_reset(sk, skb);
1532 __kfree_skb(opt_skb);
1533 kfree_skb_reason(skb, reason);
1536 reason = SKB_DROP_REASON_TCP_CSUM;
1537 trace_tcp_bad_csum(skb);
1538 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1539 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1544 /* Do you ask, what is it?
1546 1. skb was enqueued by tcp.
1547 2. skb is added to tail of read queue, rather than out of order.
1548 3. socket is not in passive state.
1549 4. Finally, it really contains options, which user wants to receive.
1552 if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
1553 !((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
1554 if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
1555 np->mcast_oif = tcp_v6_iif(opt_skb);
1556 if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
1557 np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
1558 if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
1559 np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
1561 np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
1562 if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
1563 skb_set_owner_r(opt_skb, sk);
1564 tcp_v6_restore_cb(opt_skb);
1565 opt_skb = xchg(&np->pktoptions, opt_skb);
1567 __kfree_skb(opt_skb);
1568 opt_skb = xchg(&np->pktoptions, NULL);
1572 consume_skb(opt_skb);
1576 static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
1577 const struct tcphdr *th)
1579 /* This is tricky: we move IP6CB at its correct location into
1580 * TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
1581 * _decode_session6() uses IP6CB().
1582 * barrier() makes sure compiler won't play aliasing games.
1584 memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
1585 sizeof(struct inet6_skb_parm));
1588 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1589 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1590 skb->len - th->doff*4);
1591 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1592 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1593 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1594 TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
1595 TCP_SKB_CB(skb)->sacked = 0;
1596 TCP_SKB_CB(skb)->has_rxtstamp =
1597 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1600 INDIRECT_CALLABLE_SCOPE int tcp_v6_rcv(struct sk_buff *skb)
1602 enum skb_drop_reason drop_reason;
1603 int sdif = inet6_sdif(skb);
1604 int dif = inet6_iif(skb);
1605 const struct tcphdr *th;
1606 const struct ipv6hdr *hdr;
1610 struct net *net = dev_net(skb->dev);
1612 drop_reason = SKB_DROP_REASON_NOT_SPECIFIED;
1613 if (skb->pkt_type != PACKET_HOST)
1617 * Count it even if it's bad.
1619 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1621 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1624 th = (const struct tcphdr *)skb->data;
1626 if (unlikely(th->doff < sizeof(struct tcphdr) / 4)) {
1627 drop_reason = SKB_DROP_REASON_PKT_TOO_SMALL;
1630 if (!pskb_may_pull(skb, th->doff*4))
1633 if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
1636 th = (const struct tcphdr *)skb->data;
1637 hdr = ipv6_hdr(skb);
1640 sk = __inet6_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th),
1641 th->source, th->dest, inet6_iif(skb), sdif,
1647 if (sk->sk_state == TCP_TIME_WAIT)
1650 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1651 struct request_sock *req = inet_reqsk(sk);
1652 bool req_stolen = false;
1655 sk = req->rsk_listener;
1656 drop_reason = tcp_inbound_md5_hash(sk, skb,
1657 &hdr->saddr, &hdr->daddr,
1658 AF_INET6, dif, sdif);
1660 sk_drops_add(sk, skb);
1664 if (tcp_checksum_complete(skb)) {
1668 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1669 nsk = reuseport_migrate_sock(sk, req_to_sk(req), skb);
1671 inet_csk_reqsk_queue_drop_and_put(sk, req);
1675 /* reuseport_migrate_sock() has already held one sk_refcnt
1683 if (!tcp_filter(sk, skb)) {
1684 th = (const struct tcphdr *)skb->data;
1685 hdr = ipv6_hdr(skb);
1686 tcp_v6_fill_cb(skb, hdr, th);
1687 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1689 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
1694 /* Another cpu got exclusive access to req
1695 * and created a full blown socket.
1696 * Try to feed this packet to this socket
1697 * instead of discarding it.
1699 tcp_v6_restore_cb(skb);
1703 goto discard_and_relse;
1707 tcp_v6_restore_cb(skb);
1708 } else if (tcp_child_process(sk, nsk, skb)) {
1709 tcp_v6_send_reset(nsk, skb);
1710 goto discard_and_relse;
1717 if (static_branch_unlikely(&ip6_min_hopcount)) {
1718 /* min_hopcount can be changed concurrently from do_ipv6_setsockopt() */
1719 if (hdr->hop_limit < READ_ONCE(tcp_inet6_sk(sk)->min_hopcount)) {
1720 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1721 goto discard_and_relse;
1725 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) {
1726 drop_reason = SKB_DROP_REASON_XFRM_POLICY;
1727 goto discard_and_relse;
1730 drop_reason = tcp_inbound_md5_hash(sk, skb, &hdr->saddr, &hdr->daddr,
1731 AF_INET6, dif, sdif);
1733 goto discard_and_relse;
1735 if (tcp_filter(sk, skb)) {
1736 drop_reason = SKB_DROP_REASON_SOCKET_FILTER;
1737 goto discard_and_relse;
1739 th = (const struct tcphdr *)skb->data;
1740 hdr = ipv6_hdr(skb);
1741 tcp_v6_fill_cb(skb, hdr, th);
1745 if (sk->sk_state == TCP_LISTEN) {
1746 ret = tcp_v6_do_rcv(sk, skb);
1747 goto put_and_return;
1750 sk_incoming_cpu_update(sk);
1752 bh_lock_sock_nested(sk);
1753 tcp_segs_in(tcp_sk(sk), skb);
1755 if (!sock_owned_by_user(sk)) {
1756 ret = tcp_v6_do_rcv(sk, skb);
1758 if (tcp_add_backlog(sk, skb, &drop_reason))
1759 goto discard_and_relse;
1765 return ret ? -1 : 0;
1768 drop_reason = SKB_DROP_REASON_NO_SOCKET;
1769 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
1772 tcp_v6_fill_cb(skb, hdr, th);
1774 if (tcp_checksum_complete(skb)) {
1776 drop_reason = SKB_DROP_REASON_TCP_CSUM;
1777 trace_tcp_bad_csum(skb);
1778 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1780 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1782 tcp_v6_send_reset(NULL, skb);
1786 SKB_DR_OR(drop_reason, NOT_SPECIFIED);
1787 kfree_skb_reason(skb, drop_reason);
1791 sk_drops_add(sk, skb);
1797 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1798 drop_reason = SKB_DROP_REASON_XFRM_POLICY;
1799 inet_twsk_put(inet_twsk(sk));
1803 tcp_v6_fill_cb(skb, hdr, th);
1805 if (tcp_checksum_complete(skb)) {
1806 inet_twsk_put(inet_twsk(sk));
1810 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1815 sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
1816 skb, __tcp_hdrlen(th),
1817 &ipv6_hdr(skb)->saddr, th->source,
1818 &ipv6_hdr(skb)->daddr,
1820 tcp_v6_iif_l3_slave(skb),
1823 struct inet_timewait_sock *tw = inet_twsk(sk);
1824 inet_twsk_deschedule_put(tw);
1826 tcp_v6_restore_cb(skb);
1834 tcp_v6_timewait_ack(sk, skb);
1837 tcp_v6_send_reset(sk, skb);
1838 inet_twsk_deschedule_put(inet_twsk(sk));
1840 case TCP_TW_SUCCESS:
1846 void tcp_v6_early_demux(struct sk_buff *skb)
1848 const struct ipv6hdr *hdr;
1849 const struct tcphdr *th;
1852 if (skb->pkt_type != PACKET_HOST)
1855 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1858 hdr = ipv6_hdr(skb);
1861 if (th->doff < sizeof(struct tcphdr) / 4)
1864 /* Note : We use inet6_iif() here, not tcp_v6_iif() */
1865 sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1866 &hdr->saddr, th->source,
1867 &hdr->daddr, ntohs(th->dest),
1868 inet6_iif(skb), inet6_sdif(skb));
1871 skb->destructor = sock_edemux;
1872 if (sk_fullsock(sk)) {
1873 struct dst_entry *dst = rcu_dereference(sk->sk_rx_dst);
1876 dst = dst_check(dst, sk->sk_rx_dst_cookie);
1878 sk->sk_rx_dst_ifindex == skb->skb_iif)
1879 skb_dst_set_noref(skb, dst);
1884 static struct timewait_sock_ops tcp6_timewait_sock_ops = {
1885 .twsk_obj_size = sizeof(struct tcp6_timewait_sock),
1886 .twsk_unique = tcp_twsk_unique,
1887 .twsk_destructor = tcp_twsk_destructor,
1890 INDIRECT_CALLABLE_SCOPE void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb)
1892 __tcp_v6_send_check(skb, &sk->sk_v6_rcv_saddr, &sk->sk_v6_daddr);
1895 const struct inet_connection_sock_af_ops ipv6_specific = {
1896 .queue_xmit = inet6_csk_xmit,
1897 .send_check = tcp_v6_send_check,
1898 .rebuild_header = inet6_sk_rebuild_header,
1899 .sk_rx_dst_set = inet6_sk_rx_dst_set,
1900 .conn_request = tcp_v6_conn_request,
1901 .syn_recv_sock = tcp_v6_syn_recv_sock,
1902 .net_header_len = sizeof(struct ipv6hdr),
1903 .net_frag_header_len = sizeof(struct frag_hdr),
1904 .setsockopt = ipv6_setsockopt,
1905 .getsockopt = ipv6_getsockopt,
1906 .addr2sockaddr = inet6_csk_addr2sockaddr,
1907 .sockaddr_len = sizeof(struct sockaddr_in6),
1908 .mtu_reduced = tcp_v6_mtu_reduced,
1911 #ifdef CONFIG_TCP_MD5SIG
1912 static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
1913 .md5_lookup = tcp_v6_md5_lookup,
1914 .calc_md5_hash = tcp_v6_md5_hash_skb,
1915 .md5_parse = tcp_v6_parse_md5_keys,
1920 * TCP over IPv4 via INET6 API
1922 static const struct inet_connection_sock_af_ops ipv6_mapped = {
1923 .queue_xmit = ip_queue_xmit,
1924 .send_check = tcp_v4_send_check,
1925 .rebuild_header = inet_sk_rebuild_header,
1926 .sk_rx_dst_set = inet_sk_rx_dst_set,
1927 .conn_request = tcp_v6_conn_request,
1928 .syn_recv_sock = tcp_v6_syn_recv_sock,
1929 .net_header_len = sizeof(struct iphdr),
1930 .setsockopt = ipv6_setsockopt,
1931 .getsockopt = ipv6_getsockopt,
1932 .addr2sockaddr = inet6_csk_addr2sockaddr,
1933 .sockaddr_len = sizeof(struct sockaddr_in6),
1934 .mtu_reduced = tcp_v4_mtu_reduced,
1937 #ifdef CONFIG_TCP_MD5SIG
1938 static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
1939 .md5_lookup = tcp_v4_md5_lookup,
1940 .calc_md5_hash = tcp_v4_md5_hash_skb,
1941 .md5_parse = tcp_v6_parse_md5_keys,
1945 /* NOTE: A lot of things set to zero explicitly by call to
1946 * sk_alloc() so need not be done here.
1948 static int tcp_v6_init_sock(struct sock *sk)
1950 struct inet_connection_sock *icsk = inet_csk(sk);
1954 icsk->icsk_af_ops = &ipv6_specific;
1956 #ifdef CONFIG_TCP_MD5SIG
1957 tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
1963 static void tcp_v6_destroy_sock(struct sock *sk)
1965 tcp_v4_destroy_sock(sk);
1966 inet6_destroy_sock(sk);
1969 #ifdef CONFIG_PROC_FS
1970 /* Proc filesystem TCPv6 sock list dumping. */
1971 static void get_openreq6(struct seq_file *seq,
1972 const struct request_sock *req, int i)
1974 long ttd = req->rsk_timer.expires - jiffies;
1975 const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
1976 const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
1982 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
1983 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
1985 src->s6_addr32[0], src->s6_addr32[1],
1986 src->s6_addr32[2], src->s6_addr32[3],
1987 inet_rsk(req)->ir_num,
1988 dest->s6_addr32[0], dest->s6_addr32[1],
1989 dest->s6_addr32[2], dest->s6_addr32[3],
1990 ntohs(inet_rsk(req)->ir_rmt_port),
1992 0, 0, /* could print option size, but that is af dependent. */
1993 1, /* timers active (only the expire timer) */
1994 jiffies_to_clock_t(ttd),
1996 from_kuid_munged(seq_user_ns(seq),
1997 sock_i_uid(req->rsk_listener)),
1998 0, /* non standard timer */
1999 0, /* open_requests have no inode */
2003 static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
2005 const struct in6_addr *dest, *src;
2008 unsigned long timer_expires;
2009 const struct inet_sock *inet = inet_sk(sp);
2010 const struct tcp_sock *tp = tcp_sk(sp);
2011 const struct inet_connection_sock *icsk = inet_csk(sp);
2012 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
2016 dest = &sp->sk_v6_daddr;
2017 src = &sp->sk_v6_rcv_saddr;
2018 destp = ntohs(inet->inet_dport);
2019 srcp = ntohs(inet->inet_sport);
2021 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
2022 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
2023 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
2025 timer_expires = icsk->icsk_timeout;
2026 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2028 timer_expires = icsk->icsk_timeout;
2029 } else if (timer_pending(&sp->sk_timer)) {
2031 timer_expires = sp->sk_timer.expires;
2034 timer_expires = jiffies;
2037 state = inet_sk_state_load(sp);
2038 if (state == TCP_LISTEN)
2039 rx_queue = READ_ONCE(sp->sk_ack_backlog);
2041 /* Because we don't lock the socket,
2042 * we might find a transient negative value.
2044 rx_queue = max_t(int, READ_ONCE(tp->rcv_nxt) -
2045 READ_ONCE(tp->copied_seq), 0);
2048 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2049 "%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
2051 src->s6_addr32[0], src->s6_addr32[1],
2052 src->s6_addr32[2], src->s6_addr32[3], srcp,
2053 dest->s6_addr32[0], dest->s6_addr32[1],
2054 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2056 READ_ONCE(tp->write_seq) - tp->snd_una,
2059 jiffies_delta_to_clock_t(timer_expires - jiffies),
2060 icsk->icsk_retransmits,
2061 from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
2062 icsk->icsk_probes_out,
2064 refcount_read(&sp->sk_refcnt), sp,
2065 jiffies_to_clock_t(icsk->icsk_rto),
2066 jiffies_to_clock_t(icsk->icsk_ack.ato),
2067 (icsk->icsk_ack.quick << 1) | inet_csk_in_pingpong_mode(sp),
2069 state == TCP_LISTEN ?
2070 fastopenq->max_qlen :
2071 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
2075 static void get_timewait6_sock(struct seq_file *seq,
2076 struct inet_timewait_sock *tw, int i)
2078 long delta = tw->tw_timer.expires - jiffies;
2079 const struct in6_addr *dest, *src;
2082 dest = &tw->tw_v6_daddr;
2083 src = &tw->tw_v6_rcv_saddr;
2084 destp = ntohs(tw->tw_dport);
2085 srcp = ntohs(tw->tw_sport);
2088 "%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
2089 "%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
2091 src->s6_addr32[0], src->s6_addr32[1],
2092 src->s6_addr32[2], src->s6_addr32[3], srcp,
2093 dest->s6_addr32[0], dest->s6_addr32[1],
2094 dest->s6_addr32[2], dest->s6_addr32[3], destp,
2095 tw->tw_substate, 0, 0,
2096 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
2097 refcount_read(&tw->tw_refcnt), tw);
2100 static int tcp6_seq_show(struct seq_file *seq, void *v)
2102 struct tcp_iter_state *st;
2103 struct sock *sk = v;
2105 if (v == SEQ_START_TOKEN) {
2110 "st tx_queue rx_queue tr tm->when retrnsmt"
2111 " uid timeout inode\n");
2116 if (sk->sk_state == TCP_TIME_WAIT)
2117 get_timewait6_sock(seq, v, st->num);
2118 else if (sk->sk_state == TCP_NEW_SYN_RECV)
2119 get_openreq6(seq, v, st->num);
2121 get_tcp6_sock(seq, v, st->num);
2126 static const struct seq_operations tcp6_seq_ops = {
2127 .show = tcp6_seq_show,
2128 .start = tcp_seq_start,
2129 .next = tcp_seq_next,
2130 .stop = tcp_seq_stop,
2133 static struct tcp_seq_afinfo tcp6_seq_afinfo = {
2137 int __net_init tcp6_proc_init(struct net *net)
2139 if (!proc_create_net_data("tcp6", 0444, net->proc_net, &tcp6_seq_ops,
2140 sizeof(struct tcp_iter_state), &tcp6_seq_afinfo))
2145 void tcp6_proc_exit(struct net *net)
2147 remove_proc_entry("tcp6", net->proc_net);
2151 struct proto tcpv6_prot = {
2153 .owner = THIS_MODULE,
2155 .pre_connect = tcp_v6_pre_connect,
2156 .connect = tcp_v6_connect,
2157 .disconnect = tcp_disconnect,
2158 .accept = inet_csk_accept,
2160 .init = tcp_v6_init_sock,
2161 .destroy = tcp_v6_destroy_sock,
2162 .shutdown = tcp_shutdown,
2163 .setsockopt = tcp_setsockopt,
2164 .getsockopt = tcp_getsockopt,
2165 .bpf_bypass_getsockopt = tcp_bpf_bypass_getsockopt,
2166 .keepalive = tcp_set_keepalive,
2167 .recvmsg = tcp_recvmsg,
2168 .sendmsg = tcp_sendmsg,
2169 .sendpage = tcp_sendpage,
2170 .backlog_rcv = tcp_v6_do_rcv,
2171 .release_cb = tcp_release_cb,
2173 .unhash = inet_unhash,
2174 .get_port = inet_csk_get_port,
2175 .put_port = inet_put_port,
2176 #ifdef CONFIG_BPF_SYSCALL
2177 .psock_update_sk_prot = tcp_bpf_update_proto,
2179 .enter_memory_pressure = tcp_enter_memory_pressure,
2180 .leave_memory_pressure = tcp_leave_memory_pressure,
2181 .stream_memory_free = tcp_stream_memory_free,
2182 .sockets_allocated = &tcp_sockets_allocated,
2184 .memory_allocated = &tcp_memory_allocated,
2185 .per_cpu_fw_alloc = &tcp_memory_per_cpu_fw_alloc,
2187 .memory_pressure = &tcp_memory_pressure,
2188 .orphan_count = &tcp_orphan_count,
2189 .sysctl_mem = sysctl_tcp_mem,
2190 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2191 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
2192 .max_header = MAX_TCP_HEADER,
2193 .obj_size = sizeof(struct tcp6_sock),
2194 .slab_flags = SLAB_TYPESAFE_BY_RCU,
2195 .twsk_prot = &tcp6_timewait_sock_ops,
2196 .rsk_prot = &tcp6_request_sock_ops,
2197 .h.hashinfo = &tcp_hashinfo,
2198 .no_autobind = true,
2199 .diag_destroy = tcp_abort,
2201 EXPORT_SYMBOL_GPL(tcpv6_prot);
2203 static const struct inet6_protocol tcpv6_protocol = {
2204 .handler = tcp_v6_rcv,
2205 .err_handler = tcp_v6_err,
2206 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
2209 static struct inet_protosw tcpv6_protosw = {
2210 .type = SOCK_STREAM,
2211 .protocol = IPPROTO_TCP,
2212 .prot = &tcpv6_prot,
2213 .ops = &inet6_stream_ops,
2214 .flags = INET_PROTOSW_PERMANENT |
2218 static int __net_init tcpv6_net_init(struct net *net)
2220 return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
2221 SOCK_RAW, IPPROTO_TCP, net);
2224 static void __net_exit tcpv6_net_exit(struct net *net)
2226 inet_ctl_sock_destroy(net->ipv6.tcp_sk);
2229 static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
2231 inet_twsk_purge(&tcp_hashinfo, AF_INET6);
2234 static struct pernet_operations tcpv6_net_ops = {
2235 .init = tcpv6_net_init,
2236 .exit = tcpv6_net_exit,
2237 .exit_batch = tcpv6_net_exit_batch,
2240 int __init tcpv6_init(void)
2244 ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
2248 /* register inet6 protocol */
2249 ret = inet6_register_protosw(&tcpv6_protosw);
2251 goto out_tcpv6_protocol;
2253 ret = register_pernet_subsys(&tcpv6_net_ops);
2255 goto out_tcpv6_protosw;
2257 ret = mptcpv6_init();
2259 goto out_tcpv6_pernet_subsys;
2264 out_tcpv6_pernet_subsys:
2265 unregister_pernet_subsys(&tcpv6_net_ops);
2267 inet6_unregister_protosw(&tcpv6_protosw);
2269 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
2273 void tcpv6_exit(void)
2275 unregister_pernet_subsys(&tcpv6_net_ops);
2276 inet6_unregister_protosw(&tcpv6_protosw);
2277 inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);