9cc5c789d9
* origin/tmp-da9a92f:
arm64: kaslr: increase randomization granularity
arm64: relocatable: deal with physically misaligned kernel images
arm64: don't map TEXT_OFFSET bytes below the kernel if we can avoid it
arm64: kernel: replace early 64-bit literal loads with move-immediates
arm64: introduce mov_q macro to move a constant into a 64-bit register
arm64: kernel: perform relocation processing from ID map
arm64: kernel: use literal for relocated address of __secondary_switched
arm64: kernel: don't export local symbols from head.S
arm64: simplify kernel segment mapping granularity
arm64: cover the .head.text section in the .text segment mapping
arm64: move early boot code to the .init segment
arm64: use 'segment' rather than 'chunk' to describe mapped kernel regions
arm64: mm: Mark .rodata as RO
Linux 4.4.16
ovl: verify upper dentry before unlink and rename
drm/i915: Revert DisplayPort fast link training feature
tmpfs: fix regression hang in fallocate undo
tmpfs: don't undo fallocate past its last page
crypto: qat - make qat_asym_algs.o depend on asn1 headers
xen/acpi: allow xen-acpi-processor driver to load on Xen 4.7
File names with trailing period or space need special case conversion
cifs: dynamic allocation of ntlmssp blob
Fix reconnect to not defer smb3 session reconnect long after socket reconnect
53c700: fix BUG on untagged commands
s390: fix test_fp_ctl inline assembly contraints
scsi: fix race between simultaneous decrements of ->host_failed
ovl: verify upper dentry in ovl_remove_and_whiteout()
ovl: Copy up underlying inode's ->i_mode to overlay inode
ARM: mvebu: fix HW I/O coherency related deadlocks
ARM: dts: armada-38x: fix MBUS_ID for crypto SRAM on Armada 385 Linksys
ARM: sunxi/dt: make the CHIP inherit from allwinner,sun5i-a13
ALSA: hda: add AMD Stoney PCI ID with proper driver caps
ALSA: hda - fix use-after-free after module unload
ALSA: ctl: Stop notification after disconnection
ALSA: pcm: Free chmap at PCM free callback, too
ALSA: hda/realtek - add new pin definition in alc225 pin quirk table
ALSA: hda - fix read before array start
ALSA: hda - Add PCI ID for Kabylake-H
ALSA: hda/realtek: Add Lenovo L460 to docking unit fixup
ALSA: timer: Fix negative queue usage by racy accesses
ALSA: echoaudio: Fix memory allocation
ALSA: au88x0: Fix calculation in vortex_wtdma_bufshift()
ALSA: hda / realtek - add two more Thinkpad IDs (5050,5053) for tpt460 fixup
ALSA: hda - Fix the headset mic jack detection on Dell machine
ALSA: dummy: Fix a use-after-free at closing
hwmon: (dell-smm) Cache fan_type() calls and change fan detection
hwmon: (dell-smm) Disallow fan_type() calls on broken machines
hwmon: (dell-smm) Restrict fan control and serial number to CAP_SYS_ADMIN by default
tty/vt/keyboard: fix OOB access in do_compute_shiftstate()
tty: vt: Fix soft lockup in fbcon cursor blink timer.
iio:ad7266: Fix probe deferral for vref
iio:ad7266: Fix support for optional regulators
iio:ad7266: Fix broken regulator error handling
iio: accel: kxsd9: fix the usage of spi_w8r8()
staging: iio: accel: fix error check
iio: hudmidity: hdc100x: fix incorrect shifting and scaling
iio: humidity: hdc100x: fix IIO_TEMP channel reporting
iio: humidity: hdc100x: correct humidity integration time mask
iio: proximity: as3935: fix buffer stack trashing
iio: proximity: as3935: remove triggered buffer processing
iio: proximity: as3935: correct IIO_CHAN_INFO_RAW output
iio: light apds9960: Add the missing dev.parent
iio:st_pressure: fix sampling gains (bring inline with ABI)
iio: Fix error handling in iio_trigger_attach_poll_func
xen/balloon: Fix declared-but-not-defined warning
perf/x86: Fix undefined shift on 32-bit kernels
memory: omap-gpmc: Fix omap gpmc EXTRADELAY timing
drm/vmwgfx: Fix error paths when mapping framebuffer
drm/vmwgfx: Delay pinning fbdev framebuffer until after mode set
drm/vmwgfx: Check pin count before attempting to move a buffer
drm/vmwgfx: Work around mode set failure in 2D VMs
drm/vmwgfx: Add an option to change assumed FB bpp
drm/ttm: Make ttm_bo_mem_compat available
drm: atmel-hlcdc: actually disable scaling when no scaling is required
drm: make drm_atomic_set_mode_prop_for_crtc() more reliable
drm: add missing drm_mode_set_crtcinfo call
drm/i915: Update CDCLK_FREQ register on BDW after changing cdclk frequency
drm/i915: Update ifdeffery for mutex->owner
drm/i915: Refresh cached DP port register value on resume
drm/i915/ilk: Don't disable SSC source if it's in use
drm/nouveau/disp/sor/gf119: select correct sor when poking training pattern
drm/nouveau: fix for disabled fbdev emulation
drm/nouveau/fbcon: fix out-of-bounds memory accesses
drm/nouveau/gr/gf100-: update sm error decoding from gk20a nvgpu headers
drm/nouveau/disp/sor/gf119: both links use the same training register
virtio_balloon: fix PFN format for virtio-1
drm/dp/mst: Always clear proposed vcpi table for port.
drm/amdkfd: destroy dbgmgr in notifier release
drm/amdkfd: unbind only existing processes
ubi: Make recover_peb power cut aware
drm/amdgpu/gfx7: fix broken condition check
drm/radeon: fix asic initialization for virtualized environments
btrfs: account for non-CoW'd blocks in btrfs_abort_transaction
percpu: fix synchronization between synchronous map extension and chunk destruction
percpu: fix synchronization between chunk->map_extend_work and chunk destruction
af_unix: fix hard linked sockets on overlay
vfs: add d_real_inode() helper
arm64: Rework valid_user_regs
ipmi: Remove smi_msg from waiting_rcv_msgs list before handle_one_recv_msg()
drm/mgag200: Black screen fix for G200e rev 4
iommu/amd: Fix unity mapping initialization race
iommu/vt-d: Enable QI on all IOMMUs before setting root entry
iommu/arm-smmu: Wire up map_sg for arm-smmu-v3
base: make module_create_drivers_dir race-free
tracing: Handle NULL formats in hold_module_trace_bprintk_format()
HID: multitouch: enable palm rejection for Windows Precision Touchpad
HID: hiddev: validate num_values for HIDIOCGUSAGES, HIDIOCSUSAGES commands
HID: elo: kill not flush the work
KVM: nVMX: VMX instructions: fix segment checks when L1 is in long mode.
kvm: Fix irq route entries exceeding KVM_MAX_IRQ_ROUTES
KEYS: potential uninitialized variable
ARCv2: LLSC: software backoff is NOT needed starting HS2.1c
ARCv2: Check for LL-SC livelock only if LLSC is enabled
ipv6: Fix mem leak in rt6i_pcpu
cdc_ncm: workaround for EM7455 "silent" data interface
net_sched: fix mirrored packets checksum
packet: Use symmetric hash for PACKET_FANOUT_HASH.
sched/fair: Fix cfs_rq avg tracking underflow
UBIFS: Implement ->migratepage()
mm: Export migrate_page_move_mapping and migrate_page_copy
MIPS: KVM: Fix modular KVM under QEMU
ARM: 8579/1: mm: Fix definition of pmd_mknotpresent
ARM: 8578/1: mm: ensure pmd_present only checks the valid bit
ARM: imx6ul: Fix Micrel PHY mask
NFS: Fix another OPEN_DOWNGRADE bug
make nfs_atomic_open() call d_drop() on all ->open_context() errors.
nfsd: check permissions when setting ACLs
posix_acl: Add set_posix_acl
nfsd: Extend the mutex holding region around in nfsd4_process_open2()
nfsd: Always lock state exclusively.
nfsd4/rpc: move backchannel create logic into rpc code
writeback: use higher precision calculation in domain_dirty_limits()
thermal: cpu_cooling: fix improper order during initialization
uvc: Forward compat ioctls to their handlers directly
Revert "gpiolib: Split GPIO flags parsing and GPIO configuration"
x86/amd_nb: Fix boot crash on non-AMD systems
kprobes/x86: Clear TF bit in fault on single-stepping
x86, build: copy ldlinux.c32 to image.iso
locking/static_key: Fix concurrent static_key_slow_inc()
locking/qspinlock: Fix spin_unlock_wait() some more
locking/ww_mutex: Report recursive ww_mutex locking early
of: irq: fix of_irq_get[_byname]() kernel-doc
of: fix autoloading due to broken modalias with no 'compatible'
mnt: If fs_fully_visible fails call put_filesystem.
mnt: Account for MS_RDONLY in fs_fully_visible
mnt: fs_fully_visible test the proper mount for MNT_LOCKED
usb: common: otg-fsm: add license to usb-otg-fsm
USB: EHCI: declare hostpc register as zero-length array
usb: dwc2: fix regression on big-endian PowerPC/ARM systems
powerpc/tm: Always reclaim in start_thread() for exec() class syscalls
powerpc/pseries: Fix IBM_ARCH_VEC_NRCORES_OFFSET since POWER8NVL was added
powerpc/pseries: Fix PCI config address for DDW
powerpc/iommu: Remove the dependency on EEH struct in DDW mechanism
IB/mlx4: Properly initialize GRH TClass and FlowLabel in AHs
IB/cm: Fix a recently introduced locking bug
EDAC, sb_edac: Fix rank lookup on Broadwell
mac80211: Fix mesh estab_plinks counting in STA removal case
mac80211_hwsim: Add missing check for HWSIM_ATTR_SIGNAL
mac80211: mesh: flush mesh paths unconditionally
mac80211: fix fast_tx header alignment
Linux 4.4.15
usb: dwc3: exynos: Fix deferred probing storm.
usb: host: ehci-tegra: Grab the correct UTMI pads reset
usb: gadget: fix spinlock dead lock in gadgetfs
USB: mos7720: delete parport
xhci: Fix handling timeouted commands on hosts in weird states.
USB: xhci: Add broken streams quirk for Frescologic device id 1009
usb: xhci-plat: properly handle probe deferral for devm_clk_get()
xhci: Cleanup only when releasing primary hcd
usb: musb: host: correct cppi dma channel for isoch transfer
usb: musb: Ensure rx reinit occurs for shared_fifo endpoints
usb: musb: Stop bulk endpoint while queue is rotated
usb: musb: only restore devctl when session was set in backup
usb: quirks: Add no-lpm quirk for Acer C120 LED Projector
usb: quirks: Fix sorting
USB: uas: Fix slave queue_depth not being set
crypto: user - re-add size check for CRYPTO_MSG_GETALG
crypto: ux500 - memmove the right size
crypto: vmx - Increase priority of aes-cbc cipher
AX.25: Close socket connection on session completion
bpf: try harder on clones when writing into skb
net: alx: Work around the DMA RX overflow issue
net: macb: fix default configuration for GMAC on AT91
neigh: Explicitly declare RCU-bh read side critical section in neigh_xmit()
bpf, perf: delay release of BPF prog after grace period
sock_diag: do not broadcast raw socket destruction
Bridge: Fix ipv6 mc snooping if bridge has no ipv6 address
ipmr/ip6mr: Initialize the last assert time of mfc entries.
netem: fix a use after free
esp: Fix ESN generation under UDP encapsulation
sit: correct IP protocol used in ipip6_err
net: Don't forget pr_fmt on net_dbg_ratelimited for CONFIG_DYNAMIC_DEBUG
net_sched: fix pfifo_head_drop behavior vs backlog
sdcardfs: Truncate packages_gid.list on overflow
UPSTREAM: cdc_ncm: do not call usbnet_link_change from cdc_ncm_bind
BACKPORT: proc: add /proc/<pid>/timerslack_ns interface
BACKPORT: timer: convert timer_slack_ns from unsigned long to u64
netfilter: xt_quota2: make quota2_log work well
Revert "usb: gadget: prevent change of Host MAC address of 'usb0' interface"
BACKPORT: PM / sleep: Go direct_complete if driver has no callbacks
ANDROID: base-cfg: enable UID_CPUTIME
UPSTREAM: USB: usbfs: fix potential infoleak in devio
UPSTREAM: ALSA: timer: Fix leak in events via snd_timer_user_ccallback
UPSTREAM: ALSA: timer: Fix leak in events via snd_timer_user_tinterrupt
UPSTREAM: ALSA: timer: Fix leak in SNDRV_TIMER_IOCTL_PARAMS
ANDROID: configs: remove unused configs
ANDROID: cpu: send KOBJ_ONLINE event when enabling cpus
ANDROID: dm verity fec: initialize recursion level
ANDROID: dm verity fec: fix RS block calculation
Linux 4.4.14
netfilter: x_tables: introduce and use xt_copy_counters_from_user
netfilter: x_tables: do compat validation via translate_table
netfilter: x_tables: xt_compat_match_from_user doesn't need a retval
netfilter: ip6_tables: simplify translate_compat_table args
netfilter: ip_tables: simplify translate_compat_table args
netfilter: arp_tables: simplify translate_compat_table args
netfilter: x_tables: don't reject valid target size on some architectures
netfilter: x_tables: validate all offsets and sizes in a rule
netfilter: x_tables: check for bogus target offset
netfilter: x_tables: check standard target size too
netfilter: x_tables: add compat version of xt_check_entry_offsets
netfilter: x_tables: assert minimum target size
netfilter: x_tables: kill check_entry helper
netfilter: x_tables: add and use xt_check_entry_offsets
netfilter: x_tables: validate targets of jumps
netfilter: x_tables: don't move to non-existent next rule
drm/core: Do not preserve framebuffer on rmfb, v4.
crypto: qat - fix adf_ctl_drv.c:undefined reference to adf_init_pf_wq
netfilter: x_tables: fix unconditional helper
netfilter: x_tables: make sure e->next_offset covers remaining blob size
netfilter: x_tables: validate e->target_offset early
MIPS: Fix 64k page support for 32 bit kernels.
sparc64: Fix return from trap window fill crashes.
sparc: Harden signal return frame checks.
sparc64: Take ctx_alloc_lock properly in hugetlb_setup().
sparc64: Reduce TLB flushes during hugepte changes
sparc/PCI: Fix for panic while enabling SR-IOV
sparc64: Fix sparc64_set_context stack handling.
sparc64: Fix numa node distance initialization
sparc64: Fix bootup regressions on some Kconfig combinations.
sparc: Fix system call tracing register handling.
fix d_walk()/non-delayed __d_free() race
sched: panic on corrupted stack end
proc: prevent stacking filesystems on top
x86/entry/traps: Don't force in_interrupt() to return true in IST handlers
wext: Fix 32 bit iwpriv compatibility issue with 64 bit Kernel
ecryptfs: forbid opening files without mmap handler
memcg: add RCU locking around css_for_each_descendant_pre() in memcg_offline_kmem()
parisc: Fix pagefault crash in unaligned __get_user() call
pinctrl: mediatek: fix dual-edge code defect
powerpc/pseries: Add POWER8NVL support to ibm,client-architecture-support call
powerpc: Use privileged SPR number for MMCR2
powerpc: Fix definition of SIAR and SDAR registers
powerpc/pseries/eeh: Handle RTAS delay requests in configure_bridge
arm64: mm: always take dirty state from new pte in ptep_set_access_flags
arm64: Provide "model name" in /proc/cpuinfo for PER_LINUX32 tasks
crypto: ccp - Fix AES XTS error for request sizes above 4096
crypto: public_key: select CRYPTO_AKCIPHER
irqchip/gic-v3: Fix ICC_SGI1R_EL1.INTID decoding mask
s390/bpf: reduce maximum program size to 64 KB
s390/bpf: fix recache skb->data/hlen for skb_vlan_push/pop
gpio: bcm-kona: fix bcm_kona_gpio_reset() warnings
ARM: fix PTRACE_SETVFPREGS on SMP systems
ALSA: hda/realtek: Add T560 docking unit fixup
ALSA: hda/realtek - Add support for new codecs ALC700/ALC701/ALC703
ALSA: hda/realtek - ALC256 speaker noise issue
ALSA: hda - Fix headset mic detection problem for Dell machine
ALSA: hda - Add PCI ID for Kabylake
KVM: irqfd: fix NULL pointer dereference in kvm_irq_map_gsi
KVM: x86: fix OOPS after invalid KVM_SET_DEBUGREGS
vxlan, gre, geneve: Set a large MTU on ovs-created tunnel devices
geneve: Relax MTU constraints
vxlan: Relax MTU constraints
ipv6: Skip XFRM lookup if dst_entry in socket cache is valid
l2tp: fix configuration passed to setup_udp_tunnel_sock()
bridge: Don't insert unnecessary local fdb entry on changing mac address
tcp: record TLP and ER timer stats in v6 stats
vxlan: Accept user specified MTU value when create new vxlan link
team: don't call netdev_change_features under team->lock
sfc: on MC reset, clear PIO buffer linkage in TXQs
bpf, inode: disallow userns mounts
uapi glibc compat: fix compilation when !__USE_MISC in glibc
udp: prevent skbs lingering in tunnel socket queues
bpf: Use mount_nodev not mount_ns to mount the bpf filesystem
tuntap: correctly wake up process during uninit
switchdev: pass pointer to fib_info instead of copy
tipc: fix nametable publication field in nl compat
netlink: Fix dump skb leak/double free
tipc: check nl sock before parsing nested attributes
scsi: Add QEMU CD-ROM to VPD Inquiry Blacklist
scsi_lib: correctly retry failed zero length REQ_TYPE_FS commands
cs-etm: associating output packet with CPU they executed on
cs-etm: removing unecessary structure field
cs-etm: account for each trace buffer in the queue
cs-etm: avoid casting variable
perf tools: fixing Makefile problems
perf tools: new naming convention for openCSD
perf scripts: Add python scripts for CoreSight traces
perf tools: decoding capailitity for CoreSight traces
perf symbols: Check before overwriting build_id
perf tools: pushing driver configuration down to the kernel
perf tools: add infrastructure for PMU specific configuration
coresight: etm-perf: incorporating sink definition from the cmd line
coresight: adding sink parameter to function coresight_build_path()
perf: passing struct perf_event to function setup_aux()
perf/core: adding PMU driver specific configuration
perf tools: adding coresight etm PMU record capabilities
perf tools: making coresight PMU listable
coresight: tmc: implementing TMC-ETR AUX space API
coresight: Add support for Juno platform
coresight: Handle build path error
coresight: Fix erroneous memset in tmc_read_unprepare_etr
coresight: Fix tmc_read_unprepare_etr
coresight: Fix NULL pointer dereference in _coresight_build_path
ANDROID: dm verity fec: add missing release from fec_ktype
ANDROID: dm verity fec: limit error correction recursion
ANDROID: restrict access to perf events
FROMLIST: security,perf: Allow further restriction of perf_event_open
BACKPORT: perf tools: Document the perf sysctls
Revert "armv6 dcc tty driver"
Revert "arm: dcc_tty: fix armv6 dcc tty build failure"
ARM64: Ignore Image-dtb from git point of view
arm64: add option to build Image-dtb
ANDROID: usb: gadget: f_midi: set fi->f to NULL when free f_midi function
Linux 4.4.13
xfs: handle dquot buffer readahead in log recovery correctly
xfs: print name of verifier if it fails
xfs: skip stale inodes in xfs_iflush_cluster
xfs: fix inode validity check in xfs_iflush_cluster
xfs: xfs_iflush_cluster fails to abort on error
xfs: Don't wrap growfs AGFL indexes
xfs: disallow rw remount on fs with unknown ro-compat features
gcov: disable tree-loop-im to reduce stack usage
scripts/package/Makefile: rpmbuild add support of RPMOPTS
dma-debug: avoid spinlock recursion when disabling dma-debug
PM / sleep: Handle failures in device_suspend_late() consistently
ext4: silence UBSAN in ext4_mb_init()
ext4: address UBSAN warning in mb_find_order_for_block()
ext4: fix oops on corrupted filesystem
ext4: clean up error handling when orphan list is corrupted
ext4: fix hang when processing corrupted orphaned inode list
drm/imx: Match imx-ipuv3-crtc components using device node in platform data
drm/i915: Don't leave old junk in ilk active watermarks on readout
drm/atomic: Verify connector->funcs != NULL when clearing states
drm/fb_helper: Fix references to dev->mode_config.num_connector
drm/i915/fbdev: Fix num_connector references in intel_fb_initial_config()
drm/amdgpu: Fix hdmi deep color support.
drm/amdgpu: use drm_mode_vrefresh() rather than mode->vrefresh
drm/vmwgfx: Fix order of operation
drm/vmwgfx: use vmw_cmd_dx_cid_check for query commands.
drm/vmwgfx: Enable SVGA_3D_CMD_DX_SET_PREDICATION
drm/gma500: Fix possible out of bounds read
sunrpc: fix stripping of padded MIC tokens
xen: use same main loop for counting and remapping pages
xen/events: Don't move disabled irqs
powerpc/eeh: Restore initial state in eeh_pe_reset_and_recover()
Revert "powerpc/eeh: Fix crash in eeh_add_device_early() on Cell"
powerpc/eeh: Don't report error in eeh_pe_reset_and_recover()
powerpc/book3s64: Fix branching to OOL handlers in relocatable kernel
pipe: limit the per-user amount of pages allocated in pipes
QE-UART: add "fsl,t1040-ucc-uart" to of_device_id
wait/ptrace: assume __WALL if the child is traced
mm: use phys_addr_t for reserve_bootmem_region() arguments
media: v4l2-compat-ioctl32: fix missing reserved field copy in put_v4l2_create32
PCI: Disable all BAR sizing for devices with non-compliant BARs
pinctrl: exynos5440: Use off-stack memory for pinctrl_gpio_range
clk: bcm2835: divider value has to be 1 or more
clk: bcm2835: pll_off should only update CM_PLL_ANARST
clk: at91: fix check of clk_register() returned value
clk: bcm2835: Fix PLL poweron
cpuidle: Fix cpuidle_state_is_coupled() argument in cpuidle_enter()
cpuidle: Indicate when a device has been unregistered
PM / Runtime: Fix error path in pm_runtime_force_resume()
mfd: intel_soc_pmic_core: Terminate panel control GPIO lookup table correctly
mfd: intel-lpss: Save register context on suspend
hwmon: (ads7828) Enable internal reference
aacraid: Fix for KDUMP driver hang
aacraid: Fix for aac_command_thread hang
aacraid: Relinquish CPU during timeout wait
rtlwifi: pci: use dev_kfree_skb_irq instead of kfree_skb in rtl_pci_reset_trx_ring
rtlwifi: Fix logic error in enter/exit power-save mode
rtlwifi: btcoexist: Implement antenna selection
rtlwifi: rtl8723be: Add antenna select module parameter
hwrng: exynos - Fix unbalanced PM runtime put on timeout error path
ath5k: Change led pin configuration for compaq c700 laptop
ath10k: fix kernel panic, move arvifs list head init before htt init
ath10k: fix rx_channel during hw reconfigure
ath10k: fix firmware assert in monitor mode
ath10k: fix debugfs pktlog_filter write
ath9k: Fix LED polarity for some Mini PCI AR9220 MB92 cards.
ath9k: Add a module parameter to invert LED polarity.
ARM: dts: imx35: restore existing used clock enumeration
ARM: dts: exynos: Add interrupt line to MAX8997 PMIC on exynos4210-trats
ARM: dts: at91: fix typo in sama5d2 PIN_PD24 description
ARM: mvebu: fix GPIO config on the Linksys boards
Input: uinput - handle compat ioctl for UI_SET_PHYS
ASoC: ak4642: Enable cache usage to fix crashes on resume
affs: fix remount failure when there are no options changed
MIPS: VDSO: Build with `-fno-strict-aliasing'
MIPS: lib: Mark intrinsics notrace
MIPS: Build microMIPS VDSO for microMIPS kernels
MIPS: Fix sigreturn via VDSO on microMIPS kernel
MIPS: ptrace: Prevent writes to read-only FCSR bits
MIPS: ptrace: Fix FP context restoration FCSR regression
MIPS: Disable preemption during prctl(PR_SET_FP_MODE, ...)
MIPS: Prevent "restoration" of MSA context in non-MSA kernels
MIPS: Fix MSA ld_*/st_* asm macros to use PTR_ADDU
MIPS: Use copy_s.fmt rather than copy_u.fmt
MIPS: Loongson-3: Reserve 32MB for RS780E integrated GPU
MIPS: Reserve nosave data for hibernation
MIPS: ath79: make bootconsole wait for both THRE and TEMT
MIPS: Sync icache & dcache in set_pte_at
MIPS: Handle highmem pages in __update_cache
MIPS: Flush highmem pages in __flush_dcache_page
MIPS: Fix watchpoint restoration
MIPS: Fix uapi include in exported asm/siginfo.h
MIPS: Fix siginfo.h to use strict posix types
MIPS: Avoid using unwind_stack() with usermode
MIPS: Don't unwind to user mode with EVA
MIPS: MSA: Fix a link error on `_init_msa_upper' with older GCC
MIPS: math-emu: Fix jalr emulation when rd == $0
MIPS64: R6: R2 emulation bugfix
coresight: etb10: adjust read pointer only when needed
coresight: configuring ETF in FIFO mode when acting as link
coresight: tmc: implementing TMC-ETF AUX space API
coresight: moving struct cs_buffers to header file
coresight: tmc: keep track of memory width
coresight: tmc: make sysFS and Perf mode mutually exclusive
coresight: tmc: dump system memory content only when needed
coresight: tmc: adding mode of operation for link/sinks
coresight: tmc: getting rid of multiple read access
coresight: tmc: allocating memory when needed
coresight: tmc: making prepare/unprepare functions generic
coresight: tmc: splitting driver in ETB/ETF and ETR components
coresight: tmc: cleaning up header file
coresight: tmc: introducing new header file
coresight: tmc: clearly define number of transfers per burst
coresight: tmc: re-implementing tmc_read_prepare/unprepare() functions
coresight: tmc: waiting for TMCReady bit before programming
coresight: tmc: modifying naming convention
coresight: tmc: adding sysFS management entries
coresight: etm4x: add tracer ID for A72 Maia processor.
coresight: etb10: fixing the right amount of words to read
coresight: stm: adding driver for CoreSight STM component
coresight: adding path for STM device
coresight: etm4x: modify q_support type
coresight: no need to do the forced type conversion
coresight: removing gratuitous boot time log messages
coresight: etb10: splitting sysFS "status" entry
coresight: moving coresight_simple_func() to header file
coresight: etm4x: implementing the perf PMU API
coresight: etm4x: implementing user/kernel mode tracing
coresight: etm4x: moving etm_drvdata::enable to atomic field
coresight: etm4x: unlocking tracers in default arch init
coresight: etm4x: splitting etmv4 default configuration
coresight: etm4x: splitting struct etmv4_drvdata
coresight: etm4x: adding config and traceid registers
coresight: etm4x: moving sysFS entries to a dedicated file
stm class: Support devices that override software assigned masters
stm class: Remove unnecessary pointer increment
stm class: Fix stm device initialization order
stm class: Do not leak the chrdev in error path
stm class: Remove a pointless line
stm class: stm_heartbeat: Make nr_devs parameter read-only
stm class: dummy_stm: Make nr_dummies parameter read-only
MAINTAINERS: Add a git tree for the stm class
perf/ring_buffer: Document AUX API usage
perf/core: Free AUX pages in unmap path
perf/ring_buffer: Refuse to begin AUX transaction after rb->aux_mmap_count drops
perf auxtrace: Add perf_evlist pointer to *info_priv_size()
perf session: Simplify tool stubs
perf inject: Hit all DSOs for AUX data in JIT and other cases
perf tools: tracepoint_error() can receive e=NULL, robustify it
perf evlist: Make perf_evlist__open() open evsels with their cpus and threads (like perf record does)
perf evsel: Introduce disable() method
perf cpumap: Auto initialize cpu__max_{node,cpu}
drivers/hwtracing: make coresight-etm-perf.c explicitly non-modular
drivers/hwtracing: make coresight-* explicitly non-modular
coresight: introducing a global trace ID function
coresight: etm-perf: new PMU driver for ETM tracers
coresight: etb10: implementing AUX API
coresight: etb10: adding operation mode for sink->enable()
coresight: etb10: moving to local atomic operations
coresight: etm3x: implementing perf_enable/disable() API
coresight: etm3x: implementing user/kernel mode tracing
coresight: etm3x: consolidating initial config
coresight: etm3x: changing default trace configuration
coresight: etm3x: set progbit to stop trace collection
coresight: etm3x: adding operation mode for etm_enable()
coresight: etm3x: splitting struct etm_drvdata
coresight: etm3x: unlocking tracers in default arch init
coresight: etm3x: moving sysFS entries to dedicated file
coresight: etm3x: moving etm_readl/writel to header file
coresight: moving PM runtime operations to core framework
coresight: add API to get sink from path
coresight: associating path with session rather than tracer
coresight: etm4x: Check every parameter used by dma_xx_coherent.
coresight: "DEVICE_ATTR_RO" should defined as static.
coresight: implementing 'cpu_id()' API
coresight: removing bind/unbind options from sysfs
coresight: remove csdev's link from topology
coresight: release reference taken by 'bus_find_device()'
coresight: coresight_unregister() function cleanup
coresight: fixing lockdep error
coresight: fixing indentation problem
coresight: Fix a typo in Kconfig
coresight: checking for NULL string in coresight_name_match()
perf/core: Disable the event on a truncated AUX record
perf/core: Don't leak event in the syscall error path
perf/core: Fix perf_sched_count derailment
stm class: dummy_stm: Add link callback for fault injection
stm class: Plug stm device's unlink callback
stm class: Fix a race in unlinking
stm class: Fix unbalanced module/device refcounting
stm class: Guard output assignment against concurrency
stm class: Fix unlocking braino in the error path
stm class: Add heartbeat stm source device
stm class: dummy_stm: Create multiple devices
stm class: Support devices with multiple instances
stm class: Use driver's packet callback return value
stm class: Prevent user-controllable allocations
stm class: Fix link list locking
stm class: Fix locking in unbinding policy path
stm class: Select CONFIG_SRCU
stm class: Hide STM-specific options if STM is disabled
perf: Synchronously free aux pages in case of allocation failure
Linux 4.4.12
kbuild: move -Wunused-const-variable to W=1 warning level
Revert "scsi: fix soft lockup in scsi_remove_target() on module removal"
scsi: Add intermediate STARGET_REMOVE state to scsi_target_state
hpfs: implement the show_options method
hpfs: fix remount failure when there are no options changed
UBI: Fix static volume checks when Fastmap is used
SIGNAL: Move generic copy_siginfo() to signal.h
thunderbolt: Fix double free of drom buffer
IB/srp: Fix a debug kernel crash
ALSA: hda - Fix headset mic detection problem for one Dell machine
ALSA: hda/realtek - Add support for ALC295/ALC3254
ALSA: hda - Fix headphone noise on Dell XPS 13 9360
ALSA: hda/realtek - New codecs support for ALC234/ALC274/ALC294
mcb: Fixed bar number assignment for the gdd
clk: bcm2835: add locking to pll*_on/off methods
locking,qspinlock: Fix spin_is_locked() and spin_unlock_wait()
serial: samsung: Reorder the sequence of clock control when call s3c24xx_serial_set_termios()
serial: 8250_mid: recognize interrupt source in handler
serial: 8250_mid: use proper bar for DNV platform
serial: 8250_pci: fix divide error bug if baud rate is 0
Fix OpenSSH pty regression on close
tty/serial: atmel: fix hardware handshake selection
TTY: n_gsm, fix false positive WARN_ON
tty: vt, return error when con_startup fails
xen/x86: actually allocate legacy interrupts on PV guests
KVM: x86: mask CPUID(0xD,0x1).EAX against host value
MIPS: KVM: Fix timer IRQ race when writing CP0_Compare
MIPS: KVM: Fix timer IRQ race when freezing timer
KVM: x86: fix ordering of cr0 initialization code in vmx_cpu_reset
KVM: MTRR: remove MSR 0x2f8
staging: comedi: das1800: fix possible NULL dereference
usb: gadget: udc: core: Fix argument of dev_err() in usb_gadget_map_request()
USB: leave LPM alone if possible when binding/unbinding interface drivers
usb: misc: usbtest: fix pattern tests for scatterlists.
usb: f_mass_storage: test whether thread is running before starting another
usb: gadget: f_fs: Fix EFAULT generation for async read operations
USB: serial: option: add even more ZTE device ids
USB: serial: option: add more ZTE device ids
USB: serial: option: add support for Cinterion PH8 and AHxx
USB: serial: io_edgeport: fix memory leaks in probe error path
USB: serial: io_edgeport: fix memory leaks in attach error path
USB: serial: quatech2: fix use-after-free in probe error path
USB: serial: keyspan: fix use-after-free in probe error path
USB: serial: mxuport: fix use-after-free in probe error path
mei: bus: call mei_cl_read_start under device lock
mei: amthif: discard not read messages
mei: fix NULL dereferencing during FW initiated disconnection
Bluetooth: vhci: Fix race at creating hci device
Bluetooth: vhci: purge unhandled skbs
Bluetooth: vhci: fix open_timeout vs. hdev race
mmc: sdhci-pci: Remove MMC_CAP_BUS_WIDTH_TEST for Intel controllers
mmc: longer timeout for long read time quirk
dell-rbtn: Ignore ACPI notifications if device is suspended
ACPI / osi: Fix an issue that acpi_osi=!* cannot disable ACPICA internal strings
mmc: sdhci-acpi: Remove MMC_CAP_BUS_WIDTH_TEST for Intel controllers
mmc: mmc: Fix partition switch timeout for some eMMCs
can: fix handling of unmodifiable configuration options
irqchip/gic-v3: Configure all interrupts as non-secure Group-1
irqchip/gic: Ensure ordering between read of INTACK and shared data
Input: pwm-beeper - fix - scheduling while atomic
mfd: omap-usb-tll: Fix scheduling while atomic BUG
sched/loadavg: Fix loadavg artifacts on fully idle and on fully loaded systems
clk: qcom: msm8916: Fix crypto clock flags
crypto: sun4i-ss - Replace spinlock_bh by spin_lock_irq{save|restore}
crypto: talitos - fix ahash algorithms registration
crypto: caam - fix caam_jr_alloc() ret code
ring-buffer: Prevent overflow of size in ring_buffer_resize()
ring-buffer: Use long for nr_pages to avoid overflow failures
asix: Fix offset calculation in asix_rx_fixup() causing slow transmissions
fs/cifs: correctly to anonymous authentication for the NTLM(v2) authentication
fs/cifs: correctly to anonymous authentication for the NTLM(v1) authentication
fs/cifs: correctly to anonymous authentication for the LANMAN authentication
fs/cifs: correctly to anonymous authentication via NTLMSSP
remove directory incorrectly tries to set delete on close on non-empty directories
kvm: arm64: Fix EC field in inject_abt64
arm/arm64: KVM: Enforce Break-Before-Make on Stage-2 page tables
arm64: cpuinfo: Missing NULL terminator in compat_hwcap_str
arm64: Implement pmdp_set_access_flags() for hardware AF/DBM
arm64: Implement ptep_set_access_flags() for hardware AF/DBM
arm64: Ensure pmd_present() returns false after pmd_mknotpresent()
arm64: Fix typo in the pmdp_huge_get_and_clear() definition
ext4: iterate over buffer heads correctly in move_extent_per_page()
perf test: Fix build of BPF and LLVM on older glibc libraries
perf/core: Fix perf_event_open() vs. execve() race
perf/x86/intel/pt: Generate PMI in the STOP region as well
Btrfs: don't use src fd for printk
UPSTREAM: mac80211: fix "warning: ‘target_metric’ may be used uninitialized"
Revert "drivers: power: use 'current' instead of 'get_current()'"
cpufreq: interactive: drop cpufreq_{get,put}_global_kobject func calls
Revert "cpufreq: interactive: build fixes for 4.4"
xt_qtaguid: Fix panic caused by processing non-full socket.
fiq_debugger: Add fiq_debugger.disable option
UPSTREAM: procfs: fixes pthread cross-thread naming if !PR_DUMPABLE
FROMLIST: wlcore: Disable filtering in AP role
Revert "drivers: power: Add watchdog timer to catch drivers which lockup during suspend."
fiq_debugger: Add option to apply uart overlay by FIQ_DEBUGGER_UART_OVERLAY
Revert "Recreate asm/mach/mmc.h include file"
Revert "ARM: Add 'card_present' state to mmc_platfrom_data"
usb: dual-role: make stub functions inline
Revert "mmc: Add status IRQ and status callback function to mmc platform data"
quick selinux support for tracefs
Revert "hid-multitouch: Filter collections by application usage."
Revert "HID: steelseries: validate output report details"
xt_qtaguid: Fix panic caused by synack processing
Revert "mm: vmscan: Add a debug file for shrinkers"
Revert "SELinux: Enable setting security contexts on rootfs inodes."
Revert "SELinux: build fix for 4.1"
fuse: Add support for d_canonical_path
vfs: change d_canonical_path to take two paths
android: recommended.cfg: remove CONFIG_UID_STAT
netfilter: xt_qtaguid: seq_printf fixes
Revert "misc: uidstat: Adding uid stat driver to collect network statistics."
Revert "net: activity_stats: Add statistics for network transmission activity"
Revert "net: activity_stats: Stop using obsolete create_proc_read_entry api"
Revert "misc: uidstat: avoid create_stat() race and blockage."
Revert "misc: uidstat: Remove use of obsolete create_proc_read_entry api"
Revert "misc seq_printf fixes for 4.4"
Revert "misc: uid_stat: Include linux/atomic.h instead of asm/atomic.h"
Revert "net: socket ioctl to reset connections matching local address"
Revert "net: fix iterating over hashtable in tcp_nuke_addr()"
Revert "net: fix crash in tcp_nuke_addr()"
Revert "Don't kill IPv4 sockets when killing IPv6 sockets was requested."
Revert "tcp: Fix IPV6 module build errors"
android: base-cfg: remove CONFIG_SWITCH
Revert "switch: switch class and GPIO drivers."
Revert "drivers: switch: remove S_IWUSR from dev_attr"
ANDROID: base-cfg: enable CONFIG_IP_NF_NAT
BACKPORT: selinux: restrict kernel module loading
android: base-cfg: enable CONFIG_QUOTA
Conflicts:
Documentation/sysctl/kernel.txt
drivers/cpufreq/cpufreq_interactive.c
drivers/hwtracing/coresight/Kconfig
drivers/hwtracing/coresight/Makefile
drivers/hwtracing/coresight/coresight-etm4x.c
drivers/hwtracing/coresight/coresight-etm4x.h
drivers/hwtracing/coresight/coresight-priv.h
drivers/hwtracing/coresight/coresight-stm.c
drivers/hwtracing/coresight/coresight-tmc.c
drivers/mmc/core/core.c
include/linux/coresight-stm.h
include/linux/coresight.h
include/linux/msm_mdp.h
include/uapi/linux/coresight-stm.h
kernel/events/core.c
kernel/sched/fair.c
net/Makefile
net/ipv4/netfilter/arp_tables.c
net/ipv4/netfilter/ip_tables.c
net/ipv4/tcp.c
net/ipv6/netfilter/ip6_tables.c
net/netfilter/xt_quota2.c
sound/core/pcm.c
Change-Id: I17aa0002815014e9bddc47e67769a53c15768a99
Signed-off-by: Runmin Wang <runminw@codeaurora.org>
1974 lines
50 KiB
C
1974 lines
50 KiB
C
/*
|
|
* TCP over IPv6
|
|
* Linux INET6 implementation
|
|
*
|
|
* Authors:
|
|
* Pedro Roque <roque@di.fc.ul.pt>
|
|
*
|
|
* Based on:
|
|
* linux/net/ipv4/tcp.c
|
|
* linux/net/ipv4/tcp_input.c
|
|
* linux/net/ipv4/tcp_output.c
|
|
*
|
|
* Fixes:
|
|
* Hideaki YOSHIFUJI : sin6_scope_id support
|
|
* YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
|
|
* Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
|
|
* a single port at the same time.
|
|
* YOSHIFUJI Hideaki @USAGI: convert /proc/net/tcp6 to seq_file.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License
|
|
* as published by the Free Software Foundation; either version
|
|
* 2 of the License, or (at your option) any later version.
|
|
*/
|
|
|
|
#include <linux/bottom_half.h>
|
|
#include <linux/module.h>
|
|
#include <linux/errno.h>
|
|
#include <linux/types.h>
|
|
#include <linux/socket.h>
|
|
#include <linux/sockios.h>
|
|
#include <linux/net.h>
|
|
#include <linux/jiffies.h>
|
|
#include <linux/in.h>
|
|
#include <linux/in6.h>
|
|
#include <linux/netdevice.h>
|
|
#include <linux/init.h>
|
|
#include <linux/jhash.h>
|
|
#include <linux/ipsec.h>
|
|
#include <linux/times.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/uaccess.h>
|
|
#include <linux/ipv6.h>
|
|
#include <linux/icmpv6.h>
|
|
#include <linux/random.h>
|
|
|
|
#include <net/tcp.h>
|
|
#include <net/ndisc.h>
|
|
#include <net/inet6_hashtables.h>
|
|
#include <net/inet6_connection_sock.h>
|
|
#include <net/ipv6.h>
|
|
#include <net/transp_v6.h>
|
|
#include <net/addrconf.h>
|
|
#include <net/ip6_route.h>
|
|
#include <net/ip6_checksum.h>
|
|
#include <net/inet_ecn.h>
|
|
#include <net/protocol.h>
|
|
#include <net/xfrm.h>
|
|
#include <net/snmp.h>
|
|
#include <net/dsfield.h>
|
|
#include <net/timewait_sock.h>
|
|
#include <net/inet_common.h>
|
|
#include <net/secure_seq.h>
|
|
#include <net/tcp_memcontrol.h>
|
|
#include <net/busy_poll.h>
|
|
|
|
#include <linux/proc_fs.h>
|
|
#include <linux/seq_file.h>
|
|
|
|
#include <linux/crypto.h>
|
|
#include <linux/scatterlist.h>
|
|
|
|
static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb);
|
|
static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
|
|
struct request_sock *req);
|
|
|
|
static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb);
|
|
|
|
static const struct inet_connection_sock_af_ops ipv6_mapped;
|
|
static const struct inet_connection_sock_af_ops ipv6_specific;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
static const struct tcp_sock_af_ops tcp_sock_ipv6_specific;
|
|
static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific;
|
|
#else
|
|
static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
|
|
const struct in6_addr *addr)
|
|
{
|
|
return NULL;
|
|
}
|
|
#endif
|
|
|
|
static void inet6_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
|
|
{
|
|
struct dst_entry *dst = skb_dst(skb);
|
|
|
|
if (dst && dst_hold_safe(dst)) {
|
|
const struct rt6_info *rt = (const struct rt6_info *)dst;
|
|
|
|
sk->sk_rx_dst = dst;
|
|
inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
|
|
inet6_sk(sk)->rx_dst_cookie = rt6_get_cookie(rt);
|
|
}
|
|
}
|
|
|
|
static __u32 tcp_v6_init_sequence(const struct sk_buff *skb)
|
|
{
|
|
return secure_tcpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
|
|
ipv6_hdr(skb)->saddr.s6_addr32,
|
|
tcp_hdr(skb)->dest,
|
|
tcp_hdr(skb)->source);
|
|
}
|
|
|
|
static int tcp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
|
|
int addr_len)
|
|
{
|
|
struct sockaddr_in6 *usin = (struct sockaddr_in6 *) uaddr;
|
|
struct inet_sock *inet = inet_sk(sk);
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
struct tcp_sock *tp = tcp_sk(sk);
|
|
struct in6_addr *saddr = NULL, *final_p, final;
|
|
struct ipv6_txoptions *opt;
|
|
struct flowi6 fl6;
|
|
struct dst_entry *dst;
|
|
int addr_type;
|
|
int err;
|
|
|
|
if (addr_len < SIN6_LEN_RFC2133)
|
|
return -EINVAL;
|
|
|
|
if (usin->sin6_family != AF_INET6)
|
|
return -EAFNOSUPPORT;
|
|
|
|
memset(&fl6, 0, sizeof(fl6));
|
|
|
|
if (np->sndflow) {
|
|
fl6.flowlabel = usin->sin6_flowinfo&IPV6_FLOWINFO_MASK;
|
|
IP6_ECN_flow_init(fl6.flowlabel);
|
|
if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
|
|
struct ip6_flowlabel *flowlabel;
|
|
flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
|
|
if (!flowlabel)
|
|
return -EINVAL;
|
|
fl6_sock_release(flowlabel);
|
|
}
|
|
}
|
|
|
|
/*
|
|
* connect() to INADDR_ANY means loopback (BSD'ism).
|
|
*/
|
|
|
|
if (ipv6_addr_any(&usin->sin6_addr))
|
|
usin->sin6_addr.s6_addr[15] = 0x1;
|
|
|
|
addr_type = ipv6_addr_type(&usin->sin6_addr);
|
|
|
|
if (addr_type & IPV6_ADDR_MULTICAST)
|
|
return -ENETUNREACH;
|
|
|
|
if (addr_type&IPV6_ADDR_LINKLOCAL) {
|
|
if (addr_len >= sizeof(struct sockaddr_in6) &&
|
|
usin->sin6_scope_id) {
|
|
/* If interface is set while binding, indices
|
|
* must coincide.
|
|
*/
|
|
if (sk->sk_bound_dev_if &&
|
|
sk->sk_bound_dev_if != usin->sin6_scope_id)
|
|
return -EINVAL;
|
|
|
|
sk->sk_bound_dev_if = usin->sin6_scope_id;
|
|
}
|
|
|
|
/* Connect to link-local address requires an interface */
|
|
if (!sk->sk_bound_dev_if)
|
|
return -EINVAL;
|
|
}
|
|
|
|
if (tp->rx_opt.ts_recent_stamp &&
|
|
!ipv6_addr_equal(&sk->sk_v6_daddr, &usin->sin6_addr)) {
|
|
tp->rx_opt.ts_recent = 0;
|
|
tp->rx_opt.ts_recent_stamp = 0;
|
|
tp->write_seq = 0;
|
|
}
|
|
|
|
sk->sk_v6_daddr = usin->sin6_addr;
|
|
np->flow_label = fl6.flowlabel;
|
|
|
|
/*
|
|
* TCP over IPv4
|
|
*/
|
|
|
|
if (addr_type == IPV6_ADDR_MAPPED) {
|
|
u32 exthdrlen = icsk->icsk_ext_hdr_len;
|
|
struct sockaddr_in sin;
|
|
|
|
SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
|
|
|
|
if (__ipv6_only_sock(sk))
|
|
return -ENETUNREACH;
|
|
|
|
sin.sin_family = AF_INET;
|
|
sin.sin_port = usin->sin6_port;
|
|
sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
|
|
|
|
icsk->icsk_af_ops = &ipv6_mapped;
|
|
sk->sk_backlog_rcv = tcp_v4_do_rcv;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
tp->af_specific = &tcp_sock_ipv6_mapped_specific;
|
|
#endif
|
|
|
|
err = tcp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
|
|
|
|
if (err) {
|
|
icsk->icsk_ext_hdr_len = exthdrlen;
|
|
icsk->icsk_af_ops = &ipv6_specific;
|
|
sk->sk_backlog_rcv = tcp_v6_do_rcv;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
tp->af_specific = &tcp_sock_ipv6_specific;
|
|
#endif
|
|
goto failure;
|
|
}
|
|
np->saddr = sk->sk_v6_rcv_saddr;
|
|
|
|
return err;
|
|
}
|
|
|
|
if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr))
|
|
saddr = &sk->sk_v6_rcv_saddr;
|
|
|
|
fl6.flowi6_proto = IPPROTO_TCP;
|
|
fl6.daddr = sk->sk_v6_daddr;
|
|
fl6.saddr = saddr ? *saddr : np->saddr;
|
|
fl6.flowi6_oif = sk->sk_bound_dev_if;
|
|
fl6.flowi6_mark = sk->sk_mark;
|
|
fl6.fl6_dport = usin->sin6_port;
|
|
fl6.fl6_sport = inet->inet_sport;
|
|
fl6.flowi6_uid = sock_i_uid(sk);
|
|
|
|
opt = rcu_dereference_protected(np->opt, sock_owned_by_user(sk));
|
|
final_p = fl6_update_dst(&fl6, opt, &final);
|
|
|
|
security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
|
|
|
|
dst = ip6_dst_lookup_flow(sk, &fl6, final_p);
|
|
if (IS_ERR(dst)) {
|
|
err = PTR_ERR(dst);
|
|
goto failure;
|
|
}
|
|
|
|
if (!saddr) {
|
|
saddr = &fl6.saddr;
|
|
sk->sk_v6_rcv_saddr = *saddr;
|
|
}
|
|
|
|
/* set the source address */
|
|
np->saddr = *saddr;
|
|
inet->inet_rcv_saddr = LOOPBACK4_IPV6;
|
|
|
|
sk->sk_gso_type = SKB_GSO_TCPV6;
|
|
ip6_dst_store(sk, dst, NULL, NULL);
|
|
|
|
if (tcp_death_row.sysctl_tw_recycle &&
|
|
!tp->rx_opt.ts_recent_stamp &&
|
|
ipv6_addr_equal(&fl6.daddr, &sk->sk_v6_daddr))
|
|
tcp_fetch_timewait_stamp(sk, dst);
|
|
|
|
icsk->icsk_ext_hdr_len = 0;
|
|
if (opt)
|
|
icsk->icsk_ext_hdr_len = opt->opt_flen +
|
|
opt->opt_nflen;
|
|
|
|
tp->rx_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr);
|
|
|
|
inet->inet_dport = usin->sin6_port;
|
|
|
|
tcp_set_state(sk, TCP_SYN_SENT);
|
|
err = inet6_hash_connect(&tcp_death_row, sk);
|
|
if (err)
|
|
goto late_failure;
|
|
|
|
sk_set_txhash(sk);
|
|
|
|
if (!tp->write_seq && likely(!tp->repair))
|
|
tp->write_seq = secure_tcpv6_sequence_number(np->saddr.s6_addr32,
|
|
sk->sk_v6_daddr.s6_addr32,
|
|
inet->inet_sport,
|
|
inet->inet_dport);
|
|
|
|
err = tcp_connect(sk);
|
|
if (err)
|
|
goto late_failure;
|
|
|
|
return 0;
|
|
|
|
late_failure:
|
|
tcp_set_state(sk, TCP_CLOSE);
|
|
__sk_dst_reset(sk);
|
|
failure:
|
|
inet->inet_dport = 0;
|
|
sk->sk_route_caps = 0;
|
|
return err;
|
|
}
|
|
|
|
static void tcp_v6_mtu_reduced(struct sock *sk)
|
|
{
|
|
struct dst_entry *dst;
|
|
|
|
if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
|
|
return;
|
|
|
|
dst = inet6_csk_update_pmtu(sk, tcp_sk(sk)->mtu_info);
|
|
if (!dst)
|
|
return;
|
|
|
|
if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
|
|
tcp_sync_mss(sk, dst_mtu(dst));
|
|
tcp_simple_retransmit(sk);
|
|
}
|
|
}
|
|
|
|
static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
|
|
u8 type, u8 code, int offset, __be32 info)
|
|
{
|
|
const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
|
|
const struct tcphdr *th = (struct tcphdr *)(skb->data+offset);
|
|
struct net *net = dev_net(skb->dev);
|
|
struct request_sock *fastopen;
|
|
struct ipv6_pinfo *np;
|
|
struct tcp_sock *tp;
|
|
__u32 seq, snd_una;
|
|
struct sock *sk;
|
|
bool fatal;
|
|
int err;
|
|
|
|
sk = __inet6_lookup_established(net, &tcp_hashinfo,
|
|
&hdr->daddr, th->dest,
|
|
&hdr->saddr, ntohs(th->source),
|
|
skb->dev->ifindex);
|
|
|
|
if (!sk) {
|
|
ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev),
|
|
ICMP6_MIB_INERRORS);
|
|
return;
|
|
}
|
|
|
|
if (sk->sk_state == TCP_TIME_WAIT) {
|
|
inet_twsk_put(inet_twsk(sk));
|
|
return;
|
|
}
|
|
seq = ntohl(th->seq);
|
|
fatal = icmpv6_err_convert(type, code, &err);
|
|
if (sk->sk_state == TCP_NEW_SYN_RECV)
|
|
return tcp_req_err(sk, seq, fatal);
|
|
|
|
bh_lock_sock(sk);
|
|
if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG)
|
|
NET_INC_STATS_BH(net, LINUX_MIB_LOCKDROPPEDICMPS);
|
|
|
|
if (sk->sk_state == TCP_CLOSE)
|
|
goto out;
|
|
|
|
if (ipv6_hdr(skb)->hop_limit < inet6_sk(sk)->min_hopcount) {
|
|
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
|
|
goto out;
|
|
}
|
|
|
|
tp = tcp_sk(sk);
|
|
/* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
|
|
fastopen = tp->fastopen_rsk;
|
|
snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
|
|
if (sk->sk_state != TCP_LISTEN &&
|
|
!between(seq, snd_una, tp->snd_nxt)) {
|
|
NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS);
|
|
goto out;
|
|
}
|
|
|
|
np = inet6_sk(sk);
|
|
|
|
if (type == NDISC_REDIRECT) {
|
|
struct dst_entry *dst = __sk_dst_check(sk, np->dst_cookie);
|
|
|
|
if (dst)
|
|
dst->ops->redirect(dst, sk, skb);
|
|
goto out;
|
|
}
|
|
|
|
if (type == ICMPV6_PKT_TOOBIG) {
|
|
/* We are not interested in TCP_LISTEN and open_requests
|
|
* (SYN-ACKs send out by Linux are always <576bytes so
|
|
* they should go through unfragmented).
|
|
*/
|
|
if (sk->sk_state == TCP_LISTEN)
|
|
goto out;
|
|
|
|
if (!ip6_sk_accept_pmtu(sk))
|
|
goto out;
|
|
|
|
tp->mtu_info = ntohl(info);
|
|
if (!sock_owned_by_user(sk))
|
|
tcp_v6_mtu_reduced(sk);
|
|
else if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED,
|
|
&tp->tsq_flags))
|
|
sock_hold(sk);
|
|
goto out;
|
|
}
|
|
|
|
|
|
/* Might be for an request_sock */
|
|
switch (sk->sk_state) {
|
|
case TCP_SYN_SENT:
|
|
case TCP_SYN_RECV:
|
|
/* Only in fast or simultaneous open. If a fast open socket is
|
|
* is already accepted it is treated as a connected one below.
|
|
*/
|
|
if (fastopen && !fastopen->sk)
|
|
break;
|
|
|
|
if (!sock_owned_by_user(sk)) {
|
|
sk->sk_err = err;
|
|
sk->sk_error_report(sk); /* Wake people up to see the error (see connect in sock.c) */
|
|
|
|
tcp_done(sk);
|
|
} else
|
|
sk->sk_err_soft = err;
|
|
goto out;
|
|
}
|
|
|
|
if (!sock_owned_by_user(sk) && np->recverr) {
|
|
sk->sk_err = err;
|
|
sk->sk_error_report(sk);
|
|
} else
|
|
sk->sk_err_soft = err;
|
|
|
|
out:
|
|
bh_unlock_sock(sk);
|
|
sock_put(sk);
|
|
}
|
|
|
|
|
|
static int tcp_v6_send_synack(const struct sock *sk, struct dst_entry *dst,
|
|
struct flowi *fl,
|
|
struct request_sock *req,
|
|
struct tcp_fastopen_cookie *foc,
|
|
bool attach_req)
|
|
{
|
|
struct inet_request_sock *ireq = inet_rsk(req);
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
struct flowi6 *fl6 = &fl->u.ip6;
|
|
struct sk_buff *skb;
|
|
int err = -ENOMEM;
|
|
|
|
/* First, grab a route. */
|
|
if (!dst && (dst = inet6_csk_route_req(sk, fl6, req,
|
|
IPPROTO_TCP)) == NULL)
|
|
goto done;
|
|
|
|
skb = tcp_make_synack(sk, dst, req, foc, attach_req);
|
|
|
|
if (skb) {
|
|
__tcp_v6_send_check(skb, &ireq->ir_v6_loc_addr,
|
|
&ireq->ir_v6_rmt_addr);
|
|
|
|
fl6->daddr = ireq->ir_v6_rmt_addr;
|
|
if (np->repflow && ireq->pktopts)
|
|
fl6->flowlabel = ip6_flowlabel(ipv6_hdr(ireq->pktopts));
|
|
|
|
rcu_read_lock();
|
|
err = ip6_xmit(sk, skb, fl6, rcu_dereference(np->opt),
|
|
np->tclass);
|
|
rcu_read_unlock();
|
|
err = net_xmit_eval(err);
|
|
}
|
|
|
|
done:
|
|
return err;
|
|
}
|
|
|
|
|
|
static void tcp_v6_reqsk_destructor(struct request_sock *req)
|
|
{
|
|
kfree_skb(inet_rsk(req)->pktopts);
|
|
}
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
static struct tcp_md5sig_key *tcp_v6_md5_do_lookup(const struct sock *sk,
|
|
const struct in6_addr *addr)
|
|
{
|
|
return tcp_md5_do_lookup(sk, (union tcp_md5_addr *)addr, AF_INET6);
|
|
}
|
|
|
|
static struct tcp_md5sig_key *tcp_v6_md5_lookup(const struct sock *sk,
|
|
const struct sock *addr_sk)
|
|
{
|
|
return tcp_v6_md5_do_lookup(sk, &addr_sk->sk_v6_daddr);
|
|
}
|
|
|
|
static int tcp_v6_parse_md5_keys(struct sock *sk, char __user *optval,
|
|
int optlen)
|
|
{
|
|
struct tcp_md5sig cmd;
|
|
struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&cmd.tcpm_addr;
|
|
|
|
if (optlen < sizeof(cmd))
|
|
return -EINVAL;
|
|
|
|
if (copy_from_user(&cmd, optval, sizeof(cmd)))
|
|
return -EFAULT;
|
|
|
|
if (sin6->sin6_family != AF_INET6)
|
|
return -EINVAL;
|
|
|
|
if (!cmd.tcpm_keylen) {
|
|
if (ipv6_addr_v4mapped(&sin6->sin6_addr))
|
|
return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
|
|
AF_INET);
|
|
return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
|
|
AF_INET6);
|
|
}
|
|
|
|
if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
|
|
return -EINVAL;
|
|
|
|
if (ipv6_addr_v4mapped(&sin6->sin6_addr))
|
|
return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr.s6_addr32[3],
|
|
AF_INET, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
|
|
|
|
return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin6->sin6_addr,
|
|
AF_INET6, cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
|
|
}
|
|
|
|
static int tcp_v6_md5_hash_pseudoheader(struct tcp_md5sig_pool *hp,
|
|
const struct in6_addr *daddr,
|
|
const struct in6_addr *saddr, int nbytes)
|
|
{
|
|
struct tcp6_pseudohdr *bp;
|
|
struct scatterlist sg;
|
|
|
|
bp = &hp->md5_blk.ip6;
|
|
/* 1. TCP pseudo-header (RFC2460) */
|
|
bp->saddr = *saddr;
|
|
bp->daddr = *daddr;
|
|
bp->protocol = cpu_to_be32(IPPROTO_TCP);
|
|
bp->len = cpu_to_be32(nbytes);
|
|
|
|
sg_init_one(&sg, bp, sizeof(*bp));
|
|
return crypto_hash_update(&hp->md5_desc, &sg, sizeof(*bp));
|
|
}
|
|
|
|
static int tcp_v6_md5_hash_hdr(char *md5_hash, struct tcp_md5sig_key *key,
|
|
const struct in6_addr *daddr, struct in6_addr *saddr,
|
|
const struct tcphdr *th)
|
|
{
|
|
struct tcp_md5sig_pool *hp;
|
|
struct hash_desc *desc;
|
|
|
|
hp = tcp_get_md5sig_pool();
|
|
if (!hp)
|
|
goto clear_hash_noput;
|
|
desc = &hp->md5_desc;
|
|
|
|
if (crypto_hash_init(desc))
|
|
goto clear_hash;
|
|
if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, th->doff << 2))
|
|
goto clear_hash;
|
|
if (tcp_md5_hash_header(hp, th))
|
|
goto clear_hash;
|
|
if (tcp_md5_hash_key(hp, key))
|
|
goto clear_hash;
|
|
if (crypto_hash_final(desc, md5_hash))
|
|
goto clear_hash;
|
|
|
|
tcp_put_md5sig_pool();
|
|
return 0;
|
|
|
|
clear_hash:
|
|
tcp_put_md5sig_pool();
|
|
clear_hash_noput:
|
|
memset(md5_hash, 0, 16);
|
|
return 1;
|
|
}
|
|
|
|
static int tcp_v6_md5_hash_skb(char *md5_hash,
|
|
const struct tcp_md5sig_key *key,
|
|
const struct sock *sk,
|
|
const struct sk_buff *skb)
|
|
{
|
|
const struct in6_addr *saddr, *daddr;
|
|
struct tcp_md5sig_pool *hp;
|
|
struct hash_desc *desc;
|
|
const struct tcphdr *th = tcp_hdr(skb);
|
|
|
|
if (sk) { /* valid for establish/request sockets */
|
|
saddr = &sk->sk_v6_rcv_saddr;
|
|
daddr = &sk->sk_v6_daddr;
|
|
} else {
|
|
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
|
|
saddr = &ip6h->saddr;
|
|
daddr = &ip6h->daddr;
|
|
}
|
|
|
|
hp = tcp_get_md5sig_pool();
|
|
if (!hp)
|
|
goto clear_hash_noput;
|
|
desc = &hp->md5_desc;
|
|
|
|
if (crypto_hash_init(desc))
|
|
goto clear_hash;
|
|
|
|
if (tcp_v6_md5_hash_pseudoheader(hp, daddr, saddr, skb->len))
|
|
goto clear_hash;
|
|
if (tcp_md5_hash_header(hp, th))
|
|
goto clear_hash;
|
|
if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
|
|
goto clear_hash;
|
|
if (tcp_md5_hash_key(hp, key))
|
|
goto clear_hash;
|
|
if (crypto_hash_final(desc, md5_hash))
|
|
goto clear_hash;
|
|
|
|
tcp_put_md5sig_pool();
|
|
return 0;
|
|
|
|
clear_hash:
|
|
tcp_put_md5sig_pool();
|
|
clear_hash_noput:
|
|
memset(md5_hash, 0, 16);
|
|
return 1;
|
|
}
|
|
|
|
#endif
|
|
|
|
static bool tcp_v6_inbound_md5_hash(const struct sock *sk,
|
|
const struct sk_buff *skb)
|
|
{
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
const __u8 *hash_location = NULL;
|
|
struct tcp_md5sig_key *hash_expected;
|
|
const struct ipv6hdr *ip6h = ipv6_hdr(skb);
|
|
const struct tcphdr *th = tcp_hdr(skb);
|
|
int genhash;
|
|
u8 newhash[16];
|
|
|
|
hash_expected = tcp_v6_md5_do_lookup(sk, &ip6h->saddr);
|
|
hash_location = tcp_parse_md5sig_option(th);
|
|
|
|
/* We've parsed the options - do we have a hash? */
|
|
if (!hash_expected && !hash_location)
|
|
return false;
|
|
|
|
if (hash_expected && !hash_location) {
|
|
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
|
|
return true;
|
|
}
|
|
|
|
if (!hash_expected && hash_location) {
|
|
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
|
|
return true;
|
|
}
|
|
|
|
/* check the signature */
|
|
genhash = tcp_v6_md5_hash_skb(newhash,
|
|
hash_expected,
|
|
NULL, skb);
|
|
|
|
if (genhash || memcmp(hash_location, newhash, 16) != 0) {
|
|
net_info_ratelimited("MD5 Hash %s for [%pI6c]:%u->[%pI6c]:%u\n",
|
|
genhash ? "failed" : "mismatch",
|
|
&ip6h->saddr, ntohs(th->source),
|
|
&ip6h->daddr, ntohs(th->dest));
|
|
return true;
|
|
}
|
|
#endif
|
|
return false;
|
|
}
|
|
|
|
static void tcp_v6_init_req(struct request_sock *req,
|
|
const struct sock *sk_listener,
|
|
struct sk_buff *skb)
|
|
{
|
|
struct inet_request_sock *ireq = inet_rsk(req);
|
|
const struct ipv6_pinfo *np = inet6_sk(sk_listener);
|
|
|
|
ireq->ir_v6_rmt_addr = ipv6_hdr(skb)->saddr;
|
|
ireq->ir_v6_loc_addr = ipv6_hdr(skb)->daddr;
|
|
|
|
/* So that link locals have meaning */
|
|
if (!sk_listener->sk_bound_dev_if &&
|
|
ipv6_addr_type(&ireq->ir_v6_rmt_addr) & IPV6_ADDR_LINKLOCAL)
|
|
ireq->ir_iif = tcp_v6_iif(skb);
|
|
|
|
if (!TCP_SKB_CB(skb)->tcp_tw_isn &&
|
|
(ipv6_opt_accepted(sk_listener, skb, &TCP_SKB_CB(skb)->header.h6) ||
|
|
np->rxopt.bits.rxinfo ||
|
|
np->rxopt.bits.rxoinfo || np->rxopt.bits.rxhlim ||
|
|
np->rxopt.bits.rxohlim || np->repflow)) {
|
|
atomic_inc(&skb->users);
|
|
ireq->pktopts = skb;
|
|
}
|
|
}
|
|
|
|
static struct dst_entry *tcp_v6_route_req(const struct sock *sk,
|
|
struct flowi *fl,
|
|
const struct request_sock *req,
|
|
bool *strict)
|
|
{
|
|
if (strict)
|
|
*strict = true;
|
|
return inet6_csk_route_req(sk, &fl->u.ip6, req, IPPROTO_TCP);
|
|
}
|
|
|
|
struct request_sock_ops tcp6_request_sock_ops __read_mostly = {
|
|
.family = AF_INET6,
|
|
.obj_size = sizeof(struct tcp6_request_sock),
|
|
.rtx_syn_ack = tcp_rtx_synack,
|
|
.send_ack = tcp_v6_reqsk_send_ack,
|
|
.destructor = tcp_v6_reqsk_destructor,
|
|
.send_reset = tcp_v6_send_reset,
|
|
.syn_ack_timeout = tcp_syn_ack_timeout,
|
|
};
|
|
|
|
static const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops = {
|
|
.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) -
|
|
sizeof(struct ipv6hdr),
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
.req_md5_lookup = tcp_v6_md5_lookup,
|
|
.calc_md5_hash = tcp_v6_md5_hash_skb,
|
|
#endif
|
|
.init_req = tcp_v6_init_req,
|
|
#ifdef CONFIG_SYN_COOKIES
|
|
.cookie_init_seq = cookie_v6_init_sequence,
|
|
#endif
|
|
.route_req = tcp_v6_route_req,
|
|
.init_seq = tcp_v6_init_sequence,
|
|
.send_synack = tcp_v6_send_synack,
|
|
};
|
|
|
|
static void tcp_v6_send_response(const struct sock *sk, struct sk_buff *skb, u32 seq,
|
|
u32 ack, u32 win, u32 tsval, u32 tsecr,
|
|
int oif, struct tcp_md5sig_key *key, int rst,
|
|
u8 tclass, u32 label)
|
|
{
|
|
const struct tcphdr *th = tcp_hdr(skb);
|
|
struct tcphdr *t1;
|
|
struct sk_buff *buff;
|
|
struct flowi6 fl6;
|
|
struct net *net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
|
|
struct sock *ctl_sk = net->ipv6.tcp_sk;
|
|
unsigned int tot_len = sizeof(struct tcphdr);
|
|
struct dst_entry *dst;
|
|
__be32 *topt;
|
|
|
|
if (tsecr)
|
|
tot_len += TCPOLEN_TSTAMP_ALIGNED;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
if (key)
|
|
tot_len += TCPOLEN_MD5SIG_ALIGNED;
|
|
#endif
|
|
|
|
buff = alloc_skb(MAX_HEADER + sizeof(struct ipv6hdr) + tot_len,
|
|
GFP_ATOMIC);
|
|
if (!buff)
|
|
return;
|
|
|
|
skb_reserve(buff, MAX_HEADER + sizeof(struct ipv6hdr) + tot_len);
|
|
|
|
t1 = (struct tcphdr *) skb_push(buff, tot_len);
|
|
skb_reset_transport_header(buff);
|
|
|
|
/* Swap the send and the receive. */
|
|
memset(t1, 0, sizeof(*t1));
|
|
t1->dest = th->source;
|
|
t1->source = th->dest;
|
|
t1->doff = tot_len / 4;
|
|
t1->seq = htonl(seq);
|
|
t1->ack_seq = htonl(ack);
|
|
t1->ack = !rst || !th->ack;
|
|
t1->rst = rst;
|
|
t1->window = htons(win);
|
|
|
|
topt = (__be32 *)(t1 + 1);
|
|
|
|
if (tsecr) {
|
|
*topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
(TCPOPT_TIMESTAMP << 8) | TCPOLEN_TIMESTAMP);
|
|
*topt++ = htonl(tsval);
|
|
*topt++ = htonl(tsecr);
|
|
}
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
if (key) {
|
|
*topt++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
|
|
(TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
|
|
tcp_v6_md5_hash_hdr((__u8 *)topt, key,
|
|
&ipv6_hdr(skb)->saddr,
|
|
&ipv6_hdr(skb)->daddr, t1);
|
|
}
|
|
#endif
|
|
|
|
memset(&fl6, 0, sizeof(fl6));
|
|
fl6.daddr = ipv6_hdr(skb)->saddr;
|
|
fl6.saddr = ipv6_hdr(skb)->daddr;
|
|
fl6.flowlabel = label;
|
|
|
|
buff->ip_summed = CHECKSUM_PARTIAL;
|
|
buff->csum = 0;
|
|
|
|
__tcp_v6_send_check(buff, &fl6.saddr, &fl6.daddr);
|
|
|
|
fl6.flowi6_proto = IPPROTO_TCP;
|
|
if (rt6_need_strict(&fl6.daddr) && !oif)
|
|
fl6.flowi6_oif = tcp_v6_iif(skb);
|
|
else
|
|
fl6.flowi6_oif = oif;
|
|
fl6.flowi6_mark = IP6_REPLY_MARK(net, skb->mark);
|
|
fl6.fl6_dport = t1->dest;
|
|
fl6.fl6_sport = t1->source;
|
|
security_skb_classify_flow(skb, flowi6_to_flowi(&fl6));
|
|
|
|
/* Pass a socket to ip6_dst_lookup either it is for RST
|
|
* Underlying function will use this to retrieve the network
|
|
* namespace
|
|
*/
|
|
dst = ip6_dst_lookup_flow(ctl_sk, &fl6, NULL);
|
|
if (!IS_ERR(dst)) {
|
|
skb_dst_set(buff, dst);
|
|
ip6_xmit(ctl_sk, buff, &fl6, NULL, tclass);
|
|
TCP_INC_STATS_BH(net, TCP_MIB_OUTSEGS);
|
|
if (rst)
|
|
TCP_INC_STATS_BH(net, TCP_MIB_OUTRSTS);
|
|
return;
|
|
}
|
|
|
|
kfree_skb(buff);
|
|
}
|
|
|
|
static void tcp_v6_send_reset(const struct sock *sk, struct sk_buff *skb)
|
|
{
|
|
const struct tcphdr *th = tcp_hdr(skb);
|
|
u32 seq = 0, ack_seq = 0;
|
|
struct tcp_md5sig_key *key = NULL;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
const __u8 *hash_location = NULL;
|
|
struct ipv6hdr *ipv6h = ipv6_hdr(skb);
|
|
unsigned char newhash[16];
|
|
int genhash;
|
|
struct sock *sk1 = NULL;
|
|
#endif
|
|
int oif;
|
|
|
|
if (th->rst)
|
|
return;
|
|
|
|
/* If sk not NULL, it means we did a successful lookup and incoming
|
|
* route had to be correct. prequeue might have dropped our dst.
|
|
*/
|
|
if (!sk && !ipv6_unicast_destination(skb))
|
|
return;
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
hash_location = tcp_parse_md5sig_option(th);
|
|
if (!sk && hash_location) {
|
|
/*
|
|
* active side is lost. Try to find listening socket through
|
|
* source port, and then find md5 key through listening socket.
|
|
* we are not loose security here:
|
|
* Incoming packet is checked with md5 hash with finding key,
|
|
* no RST generated if md5 hash doesn't match.
|
|
*/
|
|
sk1 = inet6_lookup_listener(dev_net(skb_dst(skb)->dev),
|
|
&tcp_hashinfo, &ipv6h->saddr,
|
|
th->source, &ipv6h->daddr,
|
|
ntohs(th->source), tcp_v6_iif(skb));
|
|
if (!sk1)
|
|
return;
|
|
|
|
rcu_read_lock();
|
|
key = tcp_v6_md5_do_lookup(sk1, &ipv6h->saddr);
|
|
if (!key)
|
|
goto release_sk1;
|
|
|
|
genhash = tcp_v6_md5_hash_skb(newhash, key, NULL, skb);
|
|
if (genhash || memcmp(hash_location, newhash, 16) != 0)
|
|
goto release_sk1;
|
|
} else {
|
|
key = sk ? tcp_v6_md5_do_lookup(sk, &ipv6h->saddr) : NULL;
|
|
}
|
|
#endif
|
|
|
|
if (th->ack)
|
|
seq = ntohl(th->ack_seq);
|
|
else
|
|
ack_seq = ntohl(th->seq) + th->syn + th->fin + skb->len -
|
|
(th->doff << 2);
|
|
|
|
oif = sk ? sk->sk_bound_dev_if : 0;
|
|
tcp_v6_send_response(sk, skb, seq, ack_seq, 0, 0, 0, oif, key, 1, 0, 0);
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
release_sk1:
|
|
if (sk1) {
|
|
rcu_read_unlock();
|
|
sock_put(sk1);
|
|
}
|
|
#endif
|
|
}
|
|
|
|
static void tcp_v6_send_ack(const struct sock *sk, struct sk_buff *skb, u32 seq,
|
|
u32 ack, u32 win, u32 tsval, u32 tsecr, int oif,
|
|
struct tcp_md5sig_key *key, u8 tclass,
|
|
u32 label)
|
|
{
|
|
tcp_v6_send_response(sk, skb, seq, ack, win, tsval, tsecr, oif, key, 0,
|
|
tclass, label);
|
|
}
|
|
|
|
static void tcp_v6_timewait_ack(struct sock *sk, struct sk_buff *skb)
|
|
{
|
|
struct inet_timewait_sock *tw = inet_twsk(sk);
|
|
struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
|
|
|
|
tcp_v6_send_ack(sk, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
|
|
tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
|
|
tcp_time_stamp + tcptw->tw_ts_offset,
|
|
tcptw->tw_ts_recent, tw->tw_bound_dev_if, tcp_twsk_md5_key(tcptw),
|
|
tw->tw_tclass, cpu_to_be32(tw->tw_flowlabel));
|
|
|
|
inet_twsk_put(tw);
|
|
}
|
|
|
|
static void tcp_v6_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
|
|
struct request_sock *req)
|
|
{
|
|
/* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
|
|
* sk->sk_state == TCP_SYN_RECV -> for Fast Open.
|
|
*/
|
|
tcp_v6_send_ack(sk, skb, (sk->sk_state == TCP_LISTEN) ?
|
|
tcp_rsk(req)->snt_isn + 1 : tcp_sk(sk)->snd_nxt,
|
|
tcp_rsk(req)->rcv_nxt, req->rsk_rcv_wnd,
|
|
tcp_time_stamp, req->ts_recent, sk->sk_bound_dev_if,
|
|
tcp_v6_md5_do_lookup(sk, &ipv6_hdr(skb)->daddr),
|
|
0, 0);
|
|
}
|
|
|
|
|
|
static struct sock *tcp_v6_cookie_check(struct sock *sk, struct sk_buff *skb)
|
|
{
|
|
#ifdef CONFIG_SYN_COOKIES
|
|
const struct tcphdr *th = tcp_hdr(skb);
|
|
|
|
if (!th->syn)
|
|
sk = cookie_v6_check(sk, skb);
|
|
#endif
|
|
return sk;
|
|
}
|
|
|
|
static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
|
|
{
|
|
if (skb->protocol == htons(ETH_P_IP))
|
|
return tcp_v4_conn_request(sk, skb);
|
|
|
|
if (!ipv6_unicast_destination(skb))
|
|
goto drop;
|
|
|
|
return tcp_conn_request(&tcp6_request_sock_ops,
|
|
&tcp_request_sock_ipv6_ops, sk, skb);
|
|
|
|
drop:
|
|
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
|
|
return 0; /* don't send reset */
|
|
}
|
|
|
|
static struct sock *tcp_v6_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
|
|
struct request_sock *req,
|
|
struct dst_entry *dst,
|
|
struct request_sock *req_unhash,
|
|
bool *own_req)
|
|
{
|
|
struct inet_request_sock *ireq;
|
|
struct ipv6_pinfo *newnp;
|
|
const struct ipv6_pinfo *np = inet6_sk(sk);
|
|
struct ipv6_txoptions *opt;
|
|
struct tcp6_sock *newtcp6sk;
|
|
struct inet_sock *newinet;
|
|
struct tcp_sock *newtp;
|
|
struct sock *newsk;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
struct tcp_md5sig_key *key;
|
|
#endif
|
|
struct flowi6 fl6;
|
|
|
|
if (skb->protocol == htons(ETH_P_IP)) {
|
|
/*
|
|
* v6 mapped
|
|
*/
|
|
|
|
newsk = tcp_v4_syn_recv_sock(sk, skb, req, dst,
|
|
req_unhash, own_req);
|
|
|
|
if (!newsk)
|
|
return NULL;
|
|
|
|
newtcp6sk = (struct tcp6_sock *)newsk;
|
|
inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
|
|
|
|
newinet = inet_sk(newsk);
|
|
newnp = inet6_sk(newsk);
|
|
newtp = tcp_sk(newsk);
|
|
|
|
memcpy(newnp, np, sizeof(struct ipv6_pinfo));
|
|
|
|
newnp->saddr = newsk->sk_v6_rcv_saddr;
|
|
|
|
inet_csk(newsk)->icsk_af_ops = &ipv6_mapped;
|
|
newsk->sk_backlog_rcv = tcp_v4_do_rcv;
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
newtp->af_specific = &tcp_sock_ipv6_mapped_specific;
|
|
#endif
|
|
|
|
newnp->ipv6_ac_list = NULL;
|
|
newnp->ipv6_fl_list = NULL;
|
|
newnp->pktoptions = NULL;
|
|
newnp->opt = NULL;
|
|
newnp->mcast_oif = tcp_v6_iif(skb);
|
|
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
|
newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
|
|
if (np->repflow)
|
|
newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
|
|
|
|
/*
|
|
* No need to charge this sock to the relevant IPv6 refcnt debug socks count
|
|
* here, tcp_create_openreq_child now does this for us, see the comment in
|
|
* that function for the gory details. -acme
|
|
*/
|
|
|
|
/* It is tricky place. Until this moment IPv4 tcp
|
|
worked with IPv6 icsk.icsk_af_ops.
|
|
Sync it now.
|
|
*/
|
|
tcp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
|
|
|
|
return newsk;
|
|
}
|
|
|
|
ireq = inet_rsk(req);
|
|
|
|
if (sk_acceptq_is_full(sk))
|
|
goto out_overflow;
|
|
|
|
if (!dst) {
|
|
dst = inet6_csk_route_req(sk, &fl6, req, IPPROTO_TCP);
|
|
if (!dst)
|
|
goto out;
|
|
}
|
|
|
|
newsk = tcp_create_openreq_child(sk, req, skb);
|
|
if (!newsk)
|
|
goto out_nonewsk;
|
|
|
|
/*
|
|
* No need to charge this sock to the relevant IPv6 refcnt debug socks
|
|
* count here, tcp_create_openreq_child now does this for us, see the
|
|
* comment in that function for the gory details. -acme
|
|
*/
|
|
|
|
newsk->sk_gso_type = SKB_GSO_TCPV6;
|
|
ip6_dst_store(newsk, dst, NULL, NULL);
|
|
inet6_sk_rx_dst_set(newsk, skb);
|
|
|
|
newtcp6sk = (struct tcp6_sock *)newsk;
|
|
inet_sk(newsk)->pinet6 = &newtcp6sk->inet6;
|
|
|
|
newtp = tcp_sk(newsk);
|
|
newinet = inet_sk(newsk);
|
|
newnp = inet6_sk(newsk);
|
|
|
|
memcpy(newnp, np, sizeof(struct ipv6_pinfo));
|
|
|
|
newsk->sk_v6_daddr = ireq->ir_v6_rmt_addr;
|
|
newnp->saddr = ireq->ir_v6_loc_addr;
|
|
newsk->sk_v6_rcv_saddr = ireq->ir_v6_loc_addr;
|
|
newsk->sk_bound_dev_if = ireq->ir_iif;
|
|
|
|
/* Now IPv6 options...
|
|
|
|
First: no IPv4 options.
|
|
*/
|
|
newinet->inet_opt = NULL;
|
|
newnp->ipv6_ac_list = NULL;
|
|
newnp->ipv6_fl_list = NULL;
|
|
|
|
/* Clone RX bits */
|
|
newnp->rxopt.all = np->rxopt.all;
|
|
|
|
newnp->pktoptions = NULL;
|
|
newnp->opt = NULL;
|
|
newnp->mcast_oif = tcp_v6_iif(skb);
|
|
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
|
newnp->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(skb));
|
|
if (np->repflow)
|
|
newnp->flow_label = ip6_flowlabel(ipv6_hdr(skb));
|
|
|
|
/* Clone native IPv6 options from listening socket (if any)
|
|
|
|
Yes, keeping reference count would be much more clever,
|
|
but we make one more one thing there: reattach optmem
|
|
to newsk.
|
|
*/
|
|
opt = rcu_dereference(np->opt);
|
|
if (opt) {
|
|
opt = ipv6_dup_options(newsk, opt);
|
|
RCU_INIT_POINTER(newnp->opt, opt);
|
|
}
|
|
inet_csk(newsk)->icsk_ext_hdr_len = 0;
|
|
if (opt)
|
|
inet_csk(newsk)->icsk_ext_hdr_len = opt->opt_nflen +
|
|
opt->opt_flen;
|
|
|
|
tcp_ca_openreq_child(newsk, dst);
|
|
|
|
tcp_sync_mss(newsk, dst_mtu(dst));
|
|
newtp->advmss = dst_metric_advmss(dst);
|
|
if (tcp_sk(sk)->rx_opt.user_mss &&
|
|
tcp_sk(sk)->rx_opt.user_mss < newtp->advmss)
|
|
newtp->advmss = tcp_sk(sk)->rx_opt.user_mss;
|
|
|
|
tcp_initialize_rcv_mss(newsk);
|
|
|
|
newinet->inet_daddr = newinet->inet_saddr = LOOPBACK4_IPV6;
|
|
newinet->inet_rcv_saddr = LOOPBACK4_IPV6;
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
/* Copy over the MD5 key from the original socket */
|
|
key = tcp_v6_md5_do_lookup(sk, &newsk->sk_v6_daddr);
|
|
if (key) {
|
|
/* We're using one, so create a matching key
|
|
* on the newsk structure. If we fail to get
|
|
* memory, then we end up not copying the key
|
|
* across. Shucks.
|
|
*/
|
|
tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newsk->sk_v6_daddr,
|
|
AF_INET6, key->key, key->keylen,
|
|
sk_gfp_atomic(sk, GFP_ATOMIC));
|
|
}
|
|
#endif
|
|
|
|
if (__inet_inherit_port(sk, newsk) < 0) {
|
|
inet_csk_prepare_forced_close(newsk);
|
|
tcp_done(newsk);
|
|
goto out;
|
|
}
|
|
*own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
|
|
if (*own_req) {
|
|
tcp_move_syn(newtp, req);
|
|
|
|
/* Clone pktoptions received with SYN, if we own the req */
|
|
if (ireq->pktopts) {
|
|
newnp->pktoptions = skb_clone(ireq->pktopts,
|
|
sk_gfp_atomic(sk, GFP_ATOMIC));
|
|
consume_skb(ireq->pktopts);
|
|
ireq->pktopts = NULL;
|
|
if (newnp->pktoptions)
|
|
skb_set_owner_r(newnp->pktoptions, newsk);
|
|
}
|
|
}
|
|
|
|
return newsk;
|
|
|
|
out_overflow:
|
|
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
|
|
out_nonewsk:
|
|
dst_release(dst);
|
|
out:
|
|
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS);
|
|
return NULL;
|
|
}
|
|
|
|
/* The socket must have it's spinlock held when we get
|
|
* here, unless it is a TCP_LISTEN socket.
|
|
*
|
|
* We have a potential double-lock case here, so even when
|
|
* doing backlog processing we use the BH locking scheme.
|
|
* This is because we cannot sleep with the original spinlock
|
|
* held.
|
|
*/
|
|
static int tcp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
|
|
{
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
struct tcp_sock *tp;
|
|
struct sk_buff *opt_skb = NULL;
|
|
|
|
/* Imagine: socket is IPv6. IPv4 packet arrives,
|
|
goes to IPv4 receive handler and backlogged.
|
|
From backlog it always goes here. Kerboom...
|
|
Fortunately, tcp_rcv_established and rcv_established
|
|
handle them correctly, but it is not case with
|
|
tcp_v6_hnd_req and tcp_v6_send_reset(). --ANK
|
|
*/
|
|
|
|
if (skb->protocol == htons(ETH_P_IP))
|
|
return tcp_v4_do_rcv(sk, skb);
|
|
|
|
if (sk_filter(sk, skb))
|
|
goto discard;
|
|
|
|
/*
|
|
* socket locking is here for SMP purposes as backlog rcv
|
|
* is currently called with bh processing disabled.
|
|
*/
|
|
|
|
/* Do Stevens' IPV6_PKTOPTIONS.
|
|
|
|
Yes, guys, it is the only place in our code, where we
|
|
may make it not affecting IPv4.
|
|
The rest of code is protocol independent,
|
|
and I do not like idea to uglify IPv4.
|
|
|
|
Actually, all the idea behind IPV6_PKTOPTIONS
|
|
looks not very well thought. For now we latch
|
|
options, received in the last packet, enqueued
|
|
by tcp. Feel free to propose better solution.
|
|
--ANK (980728)
|
|
*/
|
|
if (np->rxopt.all)
|
|
opt_skb = skb_clone(skb, sk_gfp_atomic(sk, GFP_ATOMIC));
|
|
|
|
if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
|
|
struct dst_entry *dst = sk->sk_rx_dst;
|
|
|
|
sock_rps_save_rxhash(sk, skb);
|
|
sk_mark_napi_id(sk, skb);
|
|
if (dst) {
|
|
if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
|
|
dst->ops->check(dst, np->rx_dst_cookie) == NULL) {
|
|
dst_release(dst);
|
|
sk->sk_rx_dst = NULL;
|
|
}
|
|
}
|
|
|
|
tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len);
|
|
if (opt_skb)
|
|
goto ipv6_pktoptions;
|
|
return 0;
|
|
}
|
|
|
|
if (tcp_checksum_complete(skb))
|
|
goto csum_err;
|
|
|
|
if (sk->sk_state == TCP_LISTEN) {
|
|
struct sock *nsk = tcp_v6_cookie_check(sk, skb);
|
|
|
|
if (!nsk)
|
|
goto discard;
|
|
|
|
if (nsk != sk) {
|
|
sock_rps_save_rxhash(nsk, skb);
|
|
sk_mark_napi_id(nsk, skb);
|
|
if (tcp_child_process(sk, nsk, skb))
|
|
goto reset;
|
|
if (opt_skb)
|
|
__kfree_skb(opt_skb);
|
|
return 0;
|
|
}
|
|
} else
|
|
sock_rps_save_rxhash(sk, skb);
|
|
|
|
if (tcp_rcv_state_process(sk, skb))
|
|
goto reset;
|
|
if (opt_skb)
|
|
goto ipv6_pktoptions;
|
|
return 0;
|
|
|
|
reset:
|
|
tcp_v6_send_reset(sk, skb);
|
|
discard:
|
|
if (opt_skb)
|
|
__kfree_skb(opt_skb);
|
|
kfree_skb(skb);
|
|
return 0;
|
|
csum_err:
|
|
TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_CSUMERRORS);
|
|
TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_INERRS);
|
|
goto discard;
|
|
|
|
|
|
ipv6_pktoptions:
|
|
/* Do you ask, what is it?
|
|
|
|
1. skb was enqueued by tcp.
|
|
2. skb is added to tail of read queue, rather than out of order.
|
|
3. socket is not in passive state.
|
|
4. Finally, it really contains options, which user wants to receive.
|
|
*/
|
|
tp = tcp_sk(sk);
|
|
if (TCP_SKB_CB(opt_skb)->end_seq == tp->rcv_nxt &&
|
|
!((1 << sk->sk_state) & (TCPF_CLOSE | TCPF_LISTEN))) {
|
|
if (np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo)
|
|
np->mcast_oif = tcp_v6_iif(opt_skb);
|
|
if (np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim)
|
|
np->mcast_hops = ipv6_hdr(opt_skb)->hop_limit;
|
|
if (np->rxopt.bits.rxflow || np->rxopt.bits.rxtclass)
|
|
np->rcv_flowinfo = ip6_flowinfo(ipv6_hdr(opt_skb));
|
|
if (np->repflow)
|
|
np->flow_label = ip6_flowlabel(ipv6_hdr(opt_skb));
|
|
if (ipv6_opt_accepted(sk, opt_skb, &TCP_SKB_CB(opt_skb)->header.h6)) {
|
|
skb_set_owner_r(opt_skb, sk);
|
|
opt_skb = xchg(&np->pktoptions, opt_skb);
|
|
} else {
|
|
__kfree_skb(opt_skb);
|
|
opt_skb = xchg(&np->pktoptions, NULL);
|
|
}
|
|
}
|
|
|
|
kfree_skb(opt_skb);
|
|
return 0;
|
|
}
|
|
|
|
static void tcp_v6_fill_cb(struct sk_buff *skb, const struct ipv6hdr *hdr,
|
|
const struct tcphdr *th)
|
|
{
|
|
/* This is tricky: we move IP6CB at its correct location into
|
|
* TCP_SKB_CB(). It must be done after xfrm6_policy_check(), because
|
|
* _decode_session6() uses IP6CB().
|
|
* barrier() makes sure compiler won't play aliasing games.
|
|
*/
|
|
memmove(&TCP_SKB_CB(skb)->header.h6, IP6CB(skb),
|
|
sizeof(struct inet6_skb_parm));
|
|
barrier();
|
|
|
|
TCP_SKB_CB(skb)->seq = ntohl(th->seq);
|
|
TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
|
|
skb->len - th->doff*4);
|
|
TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
|
|
TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
|
|
TCP_SKB_CB(skb)->tcp_tw_isn = 0;
|
|
TCP_SKB_CB(skb)->ip_dsfield = ipv6_get_dsfield(hdr);
|
|
TCP_SKB_CB(skb)->sacked = 0;
|
|
}
|
|
|
|
static void tcp_v6_restore_cb(struct sk_buff *skb)
|
|
{
|
|
/* We need to move header back to the beginning if xfrm6_policy_check()
|
|
* and tcp_v6_fill_cb() are going to be called again.
|
|
*/
|
|
memmove(IP6CB(skb), &TCP_SKB_CB(skb)->header.h6,
|
|
sizeof(struct inet6_skb_parm));
|
|
}
|
|
|
|
static int tcp_v6_rcv(struct sk_buff *skb)
|
|
{
|
|
const struct tcphdr *th;
|
|
const struct ipv6hdr *hdr;
|
|
struct sock *sk;
|
|
int ret;
|
|
struct net *net = dev_net(skb->dev);
|
|
|
|
if (skb->pkt_type != PACKET_HOST)
|
|
goto discard_it;
|
|
|
|
/*
|
|
* Count it even if it's bad.
|
|
*/
|
|
TCP_INC_STATS_BH(net, TCP_MIB_INSEGS);
|
|
|
|
if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
|
|
goto discard_it;
|
|
|
|
th = tcp_hdr(skb);
|
|
|
|
if (th->doff < sizeof(struct tcphdr)/4)
|
|
goto bad_packet;
|
|
if (!pskb_may_pull(skb, th->doff*4))
|
|
goto discard_it;
|
|
|
|
if (skb_checksum_init(skb, IPPROTO_TCP, ip6_compute_pseudo))
|
|
goto csum_error;
|
|
|
|
th = tcp_hdr(skb);
|
|
hdr = ipv6_hdr(skb);
|
|
|
|
lookup:
|
|
sk = __inet6_lookup_skb(&tcp_hashinfo, skb, th->source, th->dest,
|
|
inet6_iif(skb));
|
|
if (!sk)
|
|
goto no_tcp_socket;
|
|
|
|
process:
|
|
if (sk->sk_state == TCP_TIME_WAIT)
|
|
goto do_time_wait;
|
|
|
|
if (sk->sk_state == TCP_NEW_SYN_RECV) {
|
|
struct request_sock *req = inet_reqsk(sk);
|
|
struct sock *nsk;
|
|
|
|
sk = req->rsk_listener;
|
|
tcp_v6_fill_cb(skb, hdr, th);
|
|
if (tcp_v6_inbound_md5_hash(sk, skb)) {
|
|
reqsk_put(req);
|
|
goto discard_it;
|
|
}
|
|
if (unlikely(sk->sk_state != TCP_LISTEN)) {
|
|
inet_csk_reqsk_queue_drop_and_put(sk, req);
|
|
goto lookup;
|
|
}
|
|
sock_hold(sk);
|
|
nsk = tcp_check_req(sk, skb, req, false);
|
|
if (!nsk) {
|
|
reqsk_put(req);
|
|
goto discard_and_relse;
|
|
}
|
|
if (nsk == sk) {
|
|
reqsk_put(req);
|
|
tcp_v6_restore_cb(skb);
|
|
} else if (tcp_child_process(sk, nsk, skb)) {
|
|
tcp_v6_send_reset(nsk, skb);
|
|
goto discard_and_relse;
|
|
} else {
|
|
sock_put(sk);
|
|
return 0;
|
|
}
|
|
}
|
|
if (hdr->hop_limit < inet6_sk(sk)->min_hopcount) {
|
|
NET_INC_STATS_BH(net, LINUX_MIB_TCPMINTTLDROP);
|
|
goto discard_and_relse;
|
|
}
|
|
|
|
if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
|
|
goto discard_and_relse;
|
|
|
|
tcp_v6_fill_cb(skb, hdr, th);
|
|
|
|
if (tcp_v6_inbound_md5_hash(sk, skb))
|
|
goto discard_and_relse;
|
|
|
|
if (sk_filter(sk, skb))
|
|
goto discard_and_relse;
|
|
|
|
skb->dev = NULL;
|
|
|
|
if (sk->sk_state == TCP_LISTEN) {
|
|
ret = tcp_v6_do_rcv(sk, skb);
|
|
goto put_and_return;
|
|
}
|
|
|
|
sk_incoming_cpu_update(sk);
|
|
|
|
bh_lock_sock_nested(sk);
|
|
tcp_sk(sk)->segs_in += max_t(u16, 1, skb_shinfo(skb)->gso_segs);
|
|
ret = 0;
|
|
if (!sock_owned_by_user(sk)) {
|
|
if (!tcp_prequeue(sk, skb))
|
|
ret = tcp_v6_do_rcv(sk, skb);
|
|
} else if (unlikely(sk_add_backlog(sk, skb,
|
|
sk->sk_rcvbuf + sk->sk_sndbuf))) {
|
|
bh_unlock_sock(sk);
|
|
NET_INC_STATS_BH(net, LINUX_MIB_TCPBACKLOGDROP);
|
|
goto discard_and_relse;
|
|
}
|
|
bh_unlock_sock(sk);
|
|
|
|
put_and_return:
|
|
sock_put(sk);
|
|
return ret ? -1 : 0;
|
|
|
|
no_tcp_socket:
|
|
if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
|
|
goto discard_it;
|
|
|
|
tcp_v6_fill_cb(skb, hdr, th);
|
|
|
|
if (tcp_checksum_complete(skb)) {
|
|
csum_error:
|
|
TCP_INC_STATS_BH(net, TCP_MIB_CSUMERRORS);
|
|
bad_packet:
|
|
TCP_INC_STATS_BH(net, TCP_MIB_INERRS);
|
|
} else {
|
|
tcp_v6_send_reset(NULL, skb);
|
|
}
|
|
|
|
discard_it:
|
|
kfree_skb(skb);
|
|
return 0;
|
|
|
|
discard_and_relse:
|
|
sock_put(sk);
|
|
goto discard_it;
|
|
|
|
do_time_wait:
|
|
if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) {
|
|
inet_twsk_put(inet_twsk(sk));
|
|
goto discard_it;
|
|
}
|
|
|
|
tcp_v6_fill_cb(skb, hdr, th);
|
|
|
|
if (tcp_checksum_complete(skb)) {
|
|
inet_twsk_put(inet_twsk(sk));
|
|
goto csum_error;
|
|
}
|
|
|
|
switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
|
|
case TCP_TW_SYN:
|
|
{
|
|
struct sock *sk2;
|
|
|
|
sk2 = inet6_lookup_listener(dev_net(skb->dev), &tcp_hashinfo,
|
|
&ipv6_hdr(skb)->saddr, th->source,
|
|
&ipv6_hdr(skb)->daddr,
|
|
ntohs(th->dest), tcp_v6_iif(skb));
|
|
if (sk2) {
|
|
struct inet_timewait_sock *tw = inet_twsk(sk);
|
|
inet_twsk_deschedule_put(tw);
|
|
sk = sk2;
|
|
tcp_v6_restore_cb(skb);
|
|
goto process;
|
|
}
|
|
/* Fall through to ACK */
|
|
}
|
|
case TCP_TW_ACK:
|
|
tcp_v6_timewait_ack(sk, skb);
|
|
break;
|
|
case TCP_TW_RST:
|
|
tcp_v6_restore_cb(skb);
|
|
goto no_tcp_socket;
|
|
case TCP_TW_SUCCESS:
|
|
;
|
|
}
|
|
goto discard_it;
|
|
}
|
|
|
|
static void tcp_v6_early_demux(struct sk_buff *skb)
|
|
{
|
|
const struct ipv6hdr *hdr;
|
|
const struct tcphdr *th;
|
|
struct sock *sk;
|
|
|
|
if (skb->pkt_type != PACKET_HOST)
|
|
return;
|
|
|
|
if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
|
|
return;
|
|
|
|
hdr = ipv6_hdr(skb);
|
|
th = tcp_hdr(skb);
|
|
|
|
if (th->doff < sizeof(struct tcphdr) / 4)
|
|
return;
|
|
|
|
/* Note : We use inet6_iif() here, not tcp_v6_iif() */
|
|
sk = __inet6_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
|
|
&hdr->saddr, th->source,
|
|
&hdr->daddr, ntohs(th->dest),
|
|
inet6_iif(skb));
|
|
if (sk) {
|
|
skb->sk = sk;
|
|
skb->destructor = sock_edemux;
|
|
if (sk_fullsock(sk)) {
|
|
struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
|
|
|
|
if (dst)
|
|
dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
|
|
if (dst &&
|
|
inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
|
|
skb_dst_set_noref(skb, dst);
|
|
}
|
|
}
|
|
}
|
|
|
|
static struct timewait_sock_ops tcp6_timewait_sock_ops = {
|
|
.twsk_obj_size = sizeof(struct tcp6_timewait_sock),
|
|
.twsk_unique = tcp_twsk_unique,
|
|
.twsk_destructor = tcp_twsk_destructor,
|
|
};
|
|
|
|
static const struct inet_connection_sock_af_ops ipv6_specific = {
|
|
.queue_xmit = inet6_csk_xmit,
|
|
.send_check = tcp_v6_send_check,
|
|
.rebuild_header = inet6_sk_rebuild_header,
|
|
.sk_rx_dst_set = inet6_sk_rx_dst_set,
|
|
.conn_request = tcp_v6_conn_request,
|
|
.syn_recv_sock = tcp_v6_syn_recv_sock,
|
|
.net_header_len = sizeof(struct ipv6hdr),
|
|
.net_frag_header_len = sizeof(struct frag_hdr),
|
|
.setsockopt = ipv6_setsockopt,
|
|
.getsockopt = ipv6_getsockopt,
|
|
.addr2sockaddr = inet6_csk_addr2sockaddr,
|
|
.sockaddr_len = sizeof(struct sockaddr_in6),
|
|
.bind_conflict = inet6_csk_bind_conflict,
|
|
#ifdef CONFIG_COMPAT
|
|
.compat_setsockopt = compat_ipv6_setsockopt,
|
|
.compat_getsockopt = compat_ipv6_getsockopt,
|
|
#endif
|
|
.mtu_reduced = tcp_v6_mtu_reduced,
|
|
};
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
static const struct tcp_sock_af_ops tcp_sock_ipv6_specific = {
|
|
.md5_lookup = tcp_v6_md5_lookup,
|
|
.calc_md5_hash = tcp_v6_md5_hash_skb,
|
|
.md5_parse = tcp_v6_parse_md5_keys,
|
|
};
|
|
#endif
|
|
|
|
/*
|
|
* TCP over IPv4 via INET6 API
|
|
*/
|
|
static const struct inet_connection_sock_af_ops ipv6_mapped = {
|
|
.queue_xmit = ip_queue_xmit,
|
|
.send_check = tcp_v4_send_check,
|
|
.rebuild_header = inet_sk_rebuild_header,
|
|
.sk_rx_dst_set = inet_sk_rx_dst_set,
|
|
.conn_request = tcp_v6_conn_request,
|
|
.syn_recv_sock = tcp_v6_syn_recv_sock,
|
|
.net_header_len = sizeof(struct iphdr),
|
|
.setsockopt = ipv6_setsockopt,
|
|
.getsockopt = ipv6_getsockopt,
|
|
.addr2sockaddr = inet6_csk_addr2sockaddr,
|
|
.sockaddr_len = sizeof(struct sockaddr_in6),
|
|
.bind_conflict = inet6_csk_bind_conflict,
|
|
#ifdef CONFIG_COMPAT
|
|
.compat_setsockopt = compat_ipv6_setsockopt,
|
|
.compat_getsockopt = compat_ipv6_getsockopt,
|
|
#endif
|
|
.mtu_reduced = tcp_v4_mtu_reduced,
|
|
};
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
static const struct tcp_sock_af_ops tcp_sock_ipv6_mapped_specific = {
|
|
.md5_lookup = tcp_v4_md5_lookup,
|
|
.calc_md5_hash = tcp_v4_md5_hash_skb,
|
|
.md5_parse = tcp_v6_parse_md5_keys,
|
|
};
|
|
#endif
|
|
|
|
/* NOTE: A lot of things set to zero explicitly by call to
|
|
* sk_alloc() so need not be done here.
|
|
*/
|
|
static int tcp_v6_init_sock(struct sock *sk)
|
|
{
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
|
|
tcp_init_sock(sk);
|
|
|
|
icsk->icsk_af_ops = &ipv6_specific;
|
|
|
|
#ifdef CONFIG_TCP_MD5SIG
|
|
tcp_sk(sk)->af_specific = &tcp_sock_ipv6_specific;
|
|
#endif
|
|
|
|
return 0;
|
|
}
|
|
|
|
static void tcp_v6_destroy_sock(struct sock *sk)
|
|
{
|
|
tcp_v4_destroy_sock(sk);
|
|
inet6_destroy_sock(sk);
|
|
}
|
|
|
|
#ifdef CONFIG_PROC_FS
|
|
/* Proc filesystem TCPv6 sock list dumping. */
|
|
static void get_openreq6(struct seq_file *seq,
|
|
const struct request_sock *req, int i)
|
|
{
|
|
long ttd = req->rsk_timer.expires - jiffies;
|
|
const struct in6_addr *src = &inet_rsk(req)->ir_v6_loc_addr;
|
|
const struct in6_addr *dest = &inet_rsk(req)->ir_v6_rmt_addr;
|
|
|
|
if (ttd < 0)
|
|
ttd = 0;
|
|
|
|
seq_printf(seq,
|
|
"%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
|
|
"%02X %08X:%08X %02X:%08lX %08X %5u %8d %d %d %pK\n",
|
|
i,
|
|
src->s6_addr32[0], src->s6_addr32[1],
|
|
src->s6_addr32[2], src->s6_addr32[3],
|
|
inet_rsk(req)->ir_num,
|
|
dest->s6_addr32[0], dest->s6_addr32[1],
|
|
dest->s6_addr32[2], dest->s6_addr32[3],
|
|
ntohs(inet_rsk(req)->ir_rmt_port),
|
|
TCP_SYN_RECV,
|
|
0, 0, /* could print option size, but that is af dependent. */
|
|
1, /* timers active (only the expire timer) */
|
|
jiffies_to_clock_t(ttd),
|
|
req->num_timeout,
|
|
from_kuid_munged(seq_user_ns(seq),
|
|
sock_i_uid(req->rsk_listener)),
|
|
0, /* non standard timer */
|
|
0, /* open_requests have no inode */
|
|
0, req);
|
|
}
|
|
|
|
static void get_tcp6_sock(struct seq_file *seq, struct sock *sp, int i)
|
|
{
|
|
const struct in6_addr *dest, *src;
|
|
__u16 destp, srcp;
|
|
int timer_active;
|
|
unsigned long timer_expires;
|
|
const struct inet_sock *inet = inet_sk(sp);
|
|
const struct tcp_sock *tp = tcp_sk(sp);
|
|
const struct inet_connection_sock *icsk = inet_csk(sp);
|
|
const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
|
|
int rx_queue;
|
|
int state;
|
|
__u8 state_seq = sp->sk_state;
|
|
|
|
dest = &sp->sk_v6_daddr;
|
|
src = &sp->sk_v6_rcv_saddr;
|
|
destp = ntohs(inet->inet_dport);
|
|
srcp = ntohs(inet->inet_sport);
|
|
|
|
if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
|
|
icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS ||
|
|
icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
|
|
timer_active = 1;
|
|
timer_expires = icsk->icsk_timeout;
|
|
} else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
|
|
timer_active = 4;
|
|
timer_expires = icsk->icsk_timeout;
|
|
} else if (timer_pending(&sp->sk_timer)) {
|
|
timer_active = 2;
|
|
timer_expires = sp->sk_timer.expires;
|
|
} else {
|
|
timer_active = 0;
|
|
timer_expires = jiffies;
|
|
}
|
|
|
|
state = sk_state_load(sp);
|
|
if (state == TCP_LISTEN)
|
|
rx_queue = sp->sk_ack_backlog;
|
|
else
|
|
/* Because we don't lock the socket,
|
|
* we might find a transient negative value.
|
|
*/
|
|
rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
|
|
|
|
if (inet->transparent)
|
|
state_seq |= 0x80;
|
|
|
|
seq_printf(seq,
|
|
"%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
|
|
"%02X %08X:%08X %02X:%08lX %08X %5u %8d %lu %d %pK %lu %lu %u %u %d\n",
|
|
i,
|
|
src->s6_addr32[0], src->s6_addr32[1],
|
|
src->s6_addr32[2], src->s6_addr32[3], srcp,
|
|
dest->s6_addr32[0], dest->s6_addr32[1],
|
|
dest->s6_addr32[2], dest->s6_addr32[3], destp,
|
|
state_seq,
|
|
tp->write_seq - tp->snd_una,
|
|
rx_queue,
|
|
timer_active,
|
|
jiffies_delta_to_clock_t(timer_expires - jiffies),
|
|
icsk->icsk_retransmits,
|
|
from_kuid_munged(seq_user_ns(seq), sock_i_uid(sp)),
|
|
icsk->icsk_probes_out,
|
|
sock_i_ino(sp),
|
|
atomic_read(&sp->sk_refcnt), sp,
|
|
jiffies_to_clock_t(icsk->icsk_rto),
|
|
jiffies_to_clock_t(icsk->icsk_ack.ato),
|
|
(icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
|
|
tp->snd_cwnd,
|
|
state == TCP_LISTEN ?
|
|
fastopenq->max_qlen :
|
|
(tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh)
|
|
);
|
|
}
|
|
|
|
static void get_timewait6_sock(struct seq_file *seq,
|
|
struct inet_timewait_sock *tw, int i)
|
|
{
|
|
long delta = tw->tw_timer.expires - jiffies;
|
|
const struct in6_addr *dest, *src;
|
|
__u16 destp, srcp;
|
|
|
|
dest = &tw->tw_v6_daddr;
|
|
src = &tw->tw_v6_rcv_saddr;
|
|
destp = ntohs(tw->tw_dport);
|
|
srcp = ntohs(tw->tw_sport);
|
|
|
|
seq_printf(seq,
|
|
"%4d: %08X%08X%08X%08X:%04X %08X%08X%08X%08X:%04X "
|
|
"%02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK\n",
|
|
i,
|
|
src->s6_addr32[0], src->s6_addr32[1],
|
|
src->s6_addr32[2], src->s6_addr32[3], srcp,
|
|
dest->s6_addr32[0], dest->s6_addr32[1],
|
|
dest->s6_addr32[2], dest->s6_addr32[3], destp,
|
|
tw->tw_substate, 0, 0,
|
|
3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
|
|
atomic_read(&tw->tw_refcnt), tw);
|
|
}
|
|
|
|
static int tcp6_seq_show(struct seq_file *seq, void *v)
|
|
{
|
|
struct tcp_iter_state *st;
|
|
struct sock *sk = v;
|
|
|
|
if (v == SEQ_START_TOKEN) {
|
|
seq_puts(seq,
|
|
" sl "
|
|
"local_address "
|
|
"remote_address "
|
|
"st tx_queue rx_queue tr tm->when retrnsmt"
|
|
" uid timeout inode\n");
|
|
goto out;
|
|
}
|
|
st = seq->private;
|
|
|
|
if (sk->sk_state == TCP_TIME_WAIT)
|
|
get_timewait6_sock(seq, v, st->num);
|
|
else if (sk->sk_state == TCP_NEW_SYN_RECV)
|
|
get_openreq6(seq, v, st->num);
|
|
else
|
|
get_tcp6_sock(seq, v, st->num);
|
|
out:
|
|
return 0;
|
|
}
|
|
|
|
static const struct file_operations tcp6_afinfo_seq_fops = {
|
|
.owner = THIS_MODULE,
|
|
.open = tcp_seq_open,
|
|
.read = seq_read,
|
|
.llseek = seq_lseek,
|
|
.release = seq_release_net
|
|
};
|
|
|
|
static struct tcp_seq_afinfo tcp6_seq_afinfo = {
|
|
.name = "tcp6",
|
|
.family = AF_INET6,
|
|
.seq_fops = &tcp6_afinfo_seq_fops,
|
|
.seq_ops = {
|
|
.show = tcp6_seq_show,
|
|
},
|
|
};
|
|
|
|
int __net_init tcp6_proc_init(struct net *net)
|
|
{
|
|
return tcp_proc_register(net, &tcp6_seq_afinfo);
|
|
}
|
|
|
|
void tcp6_proc_exit(struct net *net)
|
|
{
|
|
tcp_proc_unregister(net, &tcp6_seq_afinfo);
|
|
}
|
|
#endif
|
|
|
|
static void tcp_v6_clear_sk(struct sock *sk, int size)
|
|
{
|
|
struct inet_sock *inet = inet_sk(sk);
|
|
|
|
/* we do not want to clear pinet6 field, because of RCU lookups */
|
|
sk_prot_clear_nulls(sk, offsetof(struct inet_sock, pinet6));
|
|
|
|
size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6);
|
|
memset(&inet->pinet6 + 1, 0, size);
|
|
}
|
|
|
|
struct proto tcpv6_prot = {
|
|
.name = "TCPv6",
|
|
.owner = THIS_MODULE,
|
|
.close = tcp_close,
|
|
.connect = tcp_v6_connect,
|
|
.disconnect = tcp_disconnect,
|
|
.accept = inet_csk_accept,
|
|
.ioctl = tcp_ioctl,
|
|
.init = tcp_v6_init_sock,
|
|
.destroy = tcp_v6_destroy_sock,
|
|
.shutdown = tcp_shutdown,
|
|
.setsockopt = tcp_setsockopt,
|
|
.getsockopt = tcp_getsockopt,
|
|
.recvmsg = tcp_recvmsg,
|
|
.sendmsg = tcp_sendmsg,
|
|
.sendpage = tcp_sendpage,
|
|
.backlog_rcv = tcp_v6_do_rcv,
|
|
.release_cb = tcp_release_cb,
|
|
.hash = inet_hash,
|
|
.unhash = inet_unhash,
|
|
.get_port = inet_csk_get_port,
|
|
.enter_memory_pressure = tcp_enter_memory_pressure,
|
|
.stream_memory_free = tcp_stream_memory_free,
|
|
.sockets_allocated = &tcp_sockets_allocated,
|
|
.memory_allocated = &tcp_memory_allocated,
|
|
.memory_pressure = &tcp_memory_pressure,
|
|
.orphan_count = &tcp_orphan_count,
|
|
.sysctl_mem = sysctl_tcp_mem,
|
|
.sysctl_wmem = sysctl_tcp_wmem,
|
|
.sysctl_rmem = sysctl_tcp_rmem,
|
|
.max_header = MAX_TCP_HEADER,
|
|
.obj_size = sizeof(struct tcp6_sock),
|
|
.slab_flags = SLAB_DESTROY_BY_RCU,
|
|
.twsk_prot = &tcp6_timewait_sock_ops,
|
|
.rsk_prot = &tcp6_request_sock_ops,
|
|
.h.hashinfo = &tcp_hashinfo,
|
|
.no_autobind = true,
|
|
#ifdef CONFIG_COMPAT
|
|
.compat_setsockopt = compat_tcp_setsockopt,
|
|
.compat_getsockopt = compat_tcp_getsockopt,
|
|
#endif
|
|
#ifdef CONFIG_MEMCG_KMEM
|
|
.proto_cgroup = tcp_proto_cgroup,
|
|
#endif
|
|
.clear_sk = tcp_v6_clear_sk,
|
|
.diag_destroy = tcp_abort,
|
|
};
|
|
|
|
static const struct inet6_protocol tcpv6_protocol = {
|
|
.early_demux = tcp_v6_early_demux,
|
|
.handler = tcp_v6_rcv,
|
|
.err_handler = tcp_v6_err,
|
|
.flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
|
|
};
|
|
|
|
static struct inet_protosw tcpv6_protosw = {
|
|
.type = SOCK_STREAM,
|
|
.protocol = IPPROTO_TCP,
|
|
.prot = &tcpv6_prot,
|
|
.ops = &inet6_stream_ops,
|
|
.flags = INET_PROTOSW_PERMANENT |
|
|
INET_PROTOSW_ICSK,
|
|
};
|
|
|
|
static int __net_init tcpv6_net_init(struct net *net)
|
|
{
|
|
return inet_ctl_sock_create(&net->ipv6.tcp_sk, PF_INET6,
|
|
SOCK_RAW, IPPROTO_TCP, net);
|
|
}
|
|
|
|
static void __net_exit tcpv6_net_exit(struct net *net)
|
|
{
|
|
inet_ctl_sock_destroy(net->ipv6.tcp_sk);
|
|
}
|
|
|
|
static void __net_exit tcpv6_net_exit_batch(struct list_head *net_exit_list)
|
|
{
|
|
inet_twsk_purge(&tcp_hashinfo, &tcp_death_row, AF_INET6);
|
|
}
|
|
|
|
static struct pernet_operations tcpv6_net_ops = {
|
|
.init = tcpv6_net_init,
|
|
.exit = tcpv6_net_exit,
|
|
.exit_batch = tcpv6_net_exit_batch,
|
|
};
|
|
|
|
int __init tcpv6_init(void)
|
|
{
|
|
int ret;
|
|
|
|
ret = inet6_add_protocol(&tcpv6_protocol, IPPROTO_TCP);
|
|
if (ret)
|
|
goto out;
|
|
|
|
/* register inet6 protocol */
|
|
ret = inet6_register_protosw(&tcpv6_protosw);
|
|
if (ret)
|
|
goto out_tcpv6_protocol;
|
|
|
|
ret = register_pernet_subsys(&tcpv6_net_ops);
|
|
if (ret)
|
|
goto out_tcpv6_protosw;
|
|
out:
|
|
return ret;
|
|
|
|
out_tcpv6_protosw:
|
|
inet6_unregister_protosw(&tcpv6_protosw);
|
|
out_tcpv6_protocol:
|
|
inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
|
|
goto out;
|
|
}
|
|
|
|
void tcpv6_exit(void)
|
|
{
|
|
unregister_pernet_subsys(&tcpv6_net_ops);
|
|
inet6_unregister_protosw(&tcpv6_protosw);
|
|
inet6_del_protocol(&tcpv6_protocol, IPPROTO_TCP);
|
|
}
|