2005-12-14 15:24:53 +08:00
|
|
|
/*
|
|
|
|
* DCCP over IPv6
|
2006-03-21 14:01:29 +08:00
|
|
|
* Linux INET6 implementation
|
2005-12-14 15:24:53 +08:00
|
|
|
*
|
|
|
|
* Based on net/dccp6/ipv6.c
|
|
|
|
*
|
|
|
|
* Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or
|
|
|
|
* modify it under the terms of the GNU General Public License
|
|
|
|
* as published by the Free Software Foundation; either version
|
|
|
|
* 2 of the License, or (at your option) any later version.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <linux/module.h>
|
|
|
|
#include <linux/random.h>
|
|
|
|
#include <linux/xfrm.h>
|
|
|
|
|
|
|
|
#include <net/addrconf.h>
|
|
|
|
#include <net/inet_common.h>
|
|
|
|
#include <net/inet_hashtables.h>
|
2005-12-27 12:43:12 +08:00
|
|
|
#include <net/inet_sock.h>
|
2005-12-14 15:24:53 +08:00
|
|
|
#include <net/inet6_connection_sock.h>
|
|
|
|
#include <net/inet6_hashtables.h>
|
|
|
|
#include <net/ip6_route.h>
|
|
|
|
#include <net/ipv6.h>
|
|
|
|
#include <net/protocol.h>
|
|
|
|
#include <net/transp_v6.h>
|
2006-01-07 14:55:39 +08:00
|
|
|
#include <net/ip6_checksum.h>
|
2005-12-14 15:24:53 +08:00
|
|
|
#include <net/xfrm.h>
|
|
|
|
|
|
|
|
#include "dccp.h"
|
|
|
|
#include "ipv6.h"
|
2006-07-24 14:33:28 +08:00
|
|
|
#include "feat.h"
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-03-21 14:00:37 +08:00
|
|
|
/* Socket used for sending RSTs and ACKs */
|
|
|
|
static struct socket *dccp_v6_ctl_socket;
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
static struct inet_connection_sock_af_ops dccp_ipv6_mapped;
|
|
|
|
static struct inet_connection_sock_af_ops dccp_ipv6_af_ops;
|
|
|
|
|
|
|
|
static int dccp_v6_get_port(struct sock *sk, unsigned short snum)
|
|
|
|
{
|
|
|
|
return inet_csk_get_port(&dccp_hashinfo, sk, snum,
|
|
|
|
inet6_csk_bind_conflict);
|
|
|
|
}
|
|
|
|
|
|
|
|
static void dccp_v6_hash(struct sock *sk)
|
|
|
|
{
|
|
|
|
if (sk->sk_state != DCCP_CLOSED) {
|
|
|
|
if (inet_csk(sk)->icsk_af_ops == &dccp_ipv6_mapped) {
|
2006-03-21 13:23:39 +08:00
|
|
|
dccp_hash(sk);
|
2005-12-14 15:24:53 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
local_bh_disable();
|
|
|
|
__inet6_hash(&dccp_hashinfo, sk);
|
|
|
|
local_bh_enable();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2006-11-11 03:43:06 +08:00
|
|
|
/* add pseudo-header to DCCP checksum stored in skb->csum */
|
2006-11-15 13:35:48 +08:00
|
|
|
static inline __sum16 dccp_v6_csum_finish(struct sk_buff *skb,
|
2006-11-11 03:43:06 +08:00
|
|
|
struct in6_addr *saddr,
|
|
|
|
struct in6_addr *daddr)
|
2005-12-14 15:24:53 +08:00
|
|
|
{
|
2006-11-11 03:43:06 +08:00
|
|
|
return csum_ipv6_magic(saddr, daddr, skb->len, IPPROTO_DCCP, skb->csum);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline void dccp_v6_send_check(struct sock *sk, int unused_value,
|
|
|
|
struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
struct dccp_hdr *dh = dccp_hdr(skb);
|
|
|
|
|
|
|
|
dccp_csum_outgoing(skb);
|
|
|
|
dh->dccph_checksum = dccp_v6_csum_finish(skb, &np->saddr, &np->daddr);
|
2005-12-14 15:24:53 +08:00
|
|
|
}
|
|
|
|
|
2006-11-15 13:51:36 +08:00
|
|
|
static inline __u32 secure_dccpv6_sequence_number(__be32 *saddr, __be32 *daddr,
|
2006-12-11 02:01:18 +08:00
|
|
|
__be16 sport, __be16 dport )
|
2005-12-14 15:24:53 +08:00
|
|
|
{
|
2006-11-13 23:34:38 +08:00
|
|
|
return secure_tcpv6_sequence_number(saddr, daddr, sport, dport);
|
|
|
|
}
|
|
|
|
|
|
|
|
static inline __u32 dccp_v6_init_sequence(struct sk_buff *skb)
|
|
|
|
{
|
2007-04-26 08:54:47 +08:00
|
|
|
return secure_dccpv6_sequence_number(ipv6_hdr(skb)->daddr.s6_addr32,
|
|
|
|
ipv6_hdr(skb)->saddr.s6_addr32,
|
2006-11-13 23:34:38 +08:00
|
|
|
dccp_hdr(skb)->dccph_dport,
|
|
|
|
dccp_hdr(skb)->dccph_sport );
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
static void dccp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
|
2006-03-21 11:23:32 +08:00
|
|
|
int type, int code, int offset, __be32 info)
|
2005-12-14 15:24:53 +08:00
|
|
|
{
|
|
|
|
struct ipv6hdr *hdr = (struct ipv6hdr *)skb->data;
|
|
|
|
const struct dccp_hdr *dh = (struct dccp_hdr *)(skb->data + offset);
|
|
|
|
struct ipv6_pinfo *np;
|
|
|
|
struct sock *sk;
|
|
|
|
int err;
|
|
|
|
__u64 seq;
|
|
|
|
|
|
|
|
sk = inet6_lookup(&dccp_hashinfo, &hdr->daddr, dh->dccph_dport,
|
2006-11-22 09:41:56 +08:00
|
|
|
&hdr->saddr, dh->dccph_sport, inet6_iif(skb));
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (sk == NULL) {
|
|
|
|
ICMP6_INC_STATS_BH(__in6_dev_get(skb->dev), ICMP6_MIB_INERRORS);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (sk->sk_state == DCCP_TIME_WAIT) {
|
2006-10-11 10:41:46 +08:00
|
|
|
inet_twsk_put(inet_twsk(sk));
|
2005-12-14 15:24:53 +08:00
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
bh_lock_sock(sk);
|
|
|
|
if (sock_owned_by_user(sk))
|
|
|
|
NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
|
|
|
|
|
|
|
|
if (sk->sk_state == DCCP_CLOSED)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
np = inet6_sk(sk);
|
|
|
|
|
|
|
|
if (type == ICMPV6_PKT_TOOBIG) {
|
|
|
|
struct dst_entry *dst = NULL;
|
|
|
|
|
|
|
|
if (sock_owned_by_user(sk))
|
|
|
|
goto out;
|
|
|
|
if ((1 << sk->sk_state) & (DCCPF_LISTEN | DCCPF_CLOSED))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/* icmp should have updated the destination cache entry */
|
|
|
|
dst = __sk_dst_check(sk, np->dst_cookie);
|
|
|
|
if (dst == NULL) {
|
|
|
|
struct inet_sock *inet = inet_sk(sk);
|
|
|
|
struct flowi fl;
|
|
|
|
|
|
|
|
/* BUGGG_FUTURE: Again, it is not clear how
|
|
|
|
to handle rthdr case. Ignore this complexity
|
|
|
|
for now.
|
|
|
|
*/
|
|
|
|
memset(&fl, 0, sizeof(fl));
|
|
|
|
fl.proto = IPPROTO_DCCP;
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
|
|
|
|
ipv6_addr_copy(&fl.fl6_src, &np->saddr);
|
|
|
|
fl.oif = sk->sk_bound_dev_if;
|
|
|
|
fl.fl_ip_dport = inet->dport;
|
|
|
|
fl.fl_ip_sport = inet->sport;
|
2006-08-05 14:12:42 +08:00
|
|
|
security_sk_classify_flow(sk, &fl);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
err = ip6_dst_lookup(sk, &dst, &fl);
|
|
|
|
if (err) {
|
2005-12-14 15:24:53 +08:00
|
|
|
sk->sk_err_soft = -err;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
err = xfrm_lookup(&dst, &fl, sk, 0);
|
|
|
|
if (err < 0) {
|
2005-12-14 15:24:53 +08:00
|
|
|
sk->sk_err_soft = -err;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
} else
|
|
|
|
dst_hold(dst);
|
|
|
|
|
2005-12-14 15:26:10 +08:00
|
|
|
if (inet_csk(sk)->icsk_pmtu_cookie > dst_mtu(dst)) {
|
2005-12-14 15:24:53 +08:00
|
|
|
dccp_sync_mss(sk, dst_mtu(dst));
|
|
|
|
} /* else let the usual retransmit timer handle it */
|
|
|
|
dst_release(dst);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
icmpv6_err_convert(type, code, &err);
|
|
|
|
|
2007-10-24 20:12:09 +08:00
|
|
|
seq = dccp_hdr_seq(dh);
|
2005-12-14 15:24:53 +08:00
|
|
|
/* Might be for an request_sock */
|
|
|
|
switch (sk->sk_state) {
|
|
|
|
struct request_sock *req, **prev;
|
|
|
|
case DCCP_LISTEN:
|
|
|
|
if (sock_owned_by_user(sk))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
req = inet6_csk_search_req(sk, &prev, dh->dccph_dport,
|
|
|
|
&hdr->daddr, &hdr->saddr,
|
|
|
|
inet6_iif(skb));
|
2006-03-21 14:01:29 +08:00
|
|
|
if (req == NULL)
|
2005-12-14 15:24:53 +08:00
|
|
|
goto out;
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
/*
|
|
|
|
* ICMPs are not backlogged, hence we cannot get an established
|
|
|
|
* socket here.
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
|
|
|
BUG_TRAP(req->sk == NULL);
|
|
|
|
|
|
|
|
if (seq != dccp_rsk(req)->dreq_iss) {
|
|
|
|
NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
inet_csk_reqsk_queue_drop(sk, req, prev);
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
case DCCP_REQUESTING:
|
|
|
|
case DCCP_RESPOND: /* Cannot happen.
|
2006-03-21 14:01:29 +08:00
|
|
|
It can, it SYNs are crossed. --ANK */
|
2005-12-14 15:24:53 +08:00
|
|
|
if (!sock_owned_by_user(sk)) {
|
|
|
|
DCCP_INC_STATS_BH(DCCP_MIB_ATTEMPTFAILS);
|
|
|
|
sk->sk_err = err;
|
|
|
|
/*
|
|
|
|
* Wake people up to see the error
|
|
|
|
* (see connect in sock.c)
|
|
|
|
*/
|
|
|
|
sk->sk_error_report(sk);
|
|
|
|
dccp_done(sk);
|
|
|
|
} else
|
|
|
|
sk->sk_err_soft = err;
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!sock_owned_by_user(sk) && np->recverr) {
|
|
|
|
sk->sk_err = err;
|
|
|
|
sk->sk_error_report(sk);
|
|
|
|
} else
|
|
|
|
sk->sk_err_soft = err;
|
|
|
|
|
|
|
|
out:
|
|
|
|
bh_unlock_sock(sk);
|
|
|
|
sock_put(sk);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int dccp_v6_send_response(struct sock *sk, struct request_sock *req,
|
|
|
|
struct dst_entry *dst)
|
|
|
|
{
|
|
|
|
struct inet6_request_sock *ireq6 = inet6_rsk(req);
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
struct sk_buff *skb;
|
|
|
|
struct ipv6_txoptions *opt = NULL;
|
|
|
|
struct in6_addr *final_p = NULL, final;
|
|
|
|
struct flowi fl;
|
|
|
|
int err = -1;
|
|
|
|
|
|
|
|
memset(&fl, 0, sizeof(fl));
|
|
|
|
fl.proto = IPPROTO_DCCP;
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
|
|
|
|
ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr);
|
|
|
|
fl.fl6_flowlabel = 0;
|
|
|
|
fl.oif = ireq6->iif;
|
|
|
|
fl.fl_ip_dport = inet_rsk(req)->rmt_port;
|
|
|
|
fl.fl_ip_sport = inet_sk(sk)->sport;
|
2006-07-25 14:32:50 +08:00
|
|
|
security_req_classify_flow(req, &fl);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (dst == NULL) {
|
|
|
|
opt = np->opt;
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt != NULL && opt->srcrt != NULL) {
|
|
|
|
const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt;
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
ipv6_addr_copy(&final, &fl.fl6_dst);
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
|
|
|
|
final_p = &final;
|
|
|
|
}
|
|
|
|
|
|
|
|
err = ip6_dst_lookup(sk, &dst, &fl);
|
|
|
|
if (err)
|
|
|
|
goto done;
|
2006-03-21 14:01:29 +08:00
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
if (final_p)
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, final_p);
|
2006-03-21 14:01:29 +08:00
|
|
|
|
|
|
|
err = xfrm_lookup(&dst, &fl, sk, 0);
|
|
|
|
if (err < 0)
|
2005-12-14 15:24:53 +08:00
|
|
|
goto done;
|
|
|
|
}
|
|
|
|
|
|
|
|
skb = dccp_make_response(sk, dst, req);
|
|
|
|
if (skb != NULL) {
|
|
|
|
struct dccp_hdr *dh = dccp_hdr(skb);
|
2006-03-21 14:01:29 +08:00
|
|
|
|
2006-11-11 03:43:06 +08:00
|
|
|
dh->dccph_checksum = dccp_v6_csum_finish(skb,
|
|
|
|
&ireq6->loc_addr,
|
|
|
|
&ireq6->rmt_addr);
|
2005-12-14 15:24:53 +08:00
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
|
|
|
|
err = ip6_xmit(sk, skb, &fl, opt, 0);
|
2006-11-14 21:21:36 +08:00
|
|
|
err = net_xmit_eval(err);
|
2005-12-14 15:24:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
done:
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt != NULL && opt != np->opt)
|
2005-12-14 15:24:53 +08:00
|
|
|
sock_kfree_s(sk, opt, opt->tot_len);
|
2006-02-01 09:53:37 +08:00
|
|
|
dst_release(dst);
|
2005-12-14 15:24:53 +08:00
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void dccp_v6_reqsk_destructor(struct request_sock *req)
|
|
|
|
{
|
|
|
|
if (inet6_rsk(req)->pktopts != NULL)
|
|
|
|
kfree_skb(inet6_rsk(req)->pktopts);
|
|
|
|
}
|
|
|
|
|
2006-11-15 11:07:45 +08:00
|
|
|
static void dccp_v6_ctl_send_reset(struct sock *sk, struct sk_buff *rxskb)
|
2005-12-14 15:24:53 +08:00
|
|
|
{
|
2007-04-26 08:54:47 +08:00
|
|
|
struct ipv6hdr *rxip6h;
|
2005-12-14 15:24:53 +08:00
|
|
|
struct sk_buff *skb;
|
|
|
|
struct flowi fl;
|
|
|
|
|
[DCCP]: Factor out common code for generating Resets
This factors code common to dccp_v{4,6}_ctl_send_reset into a separate function,
and adds support for filling in the Data 1 ... Data 3 fields from RFC 4340, 5.6.
It is useful to have this separate, since the following Reset codes will always
be generated from the control socket rather than via dccp_send_reset:
* Code 3, "No Connection", cf. 8.3.1;
* Code 4, "Packet Error" (identification for Data 1 added);
* Code 5, "Option Error" (identification for Data 1..3 added, will be used later);
* Code 6, "Mandatory Error" (same as Option Error);
* Code 7, "Connection Refused" (what on Earth is the difference to "No Connection"?);
* Code 8, "Bad Service Code";
* Code 9, "Too Busy";
* Code 10, "Bad Init Cookie" (not used).
Code 0 is not recommended by the RFC, the following codes would be used in
dccp_send_reset() instead, since they all relate to an established DCCP connection:
* Code 1, "Closed";
* Code 2, "Aborted";
* Code 11, "Aggression Penalty" (12.3).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
2007-09-27 01:35:19 +08:00
|
|
|
if (dccp_hdr(rxskb)->dccph_type == DCCP_PKT_RESET)
|
2005-12-14 15:24:53 +08:00
|
|
|
return;
|
|
|
|
|
|
|
|
if (!ipv6_unicast_destination(rxskb))
|
2006-03-21 14:01:29 +08:00
|
|
|
return;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
[DCCP]: Factor out common code for generating Resets
This factors code common to dccp_v{4,6}_ctl_send_reset into a separate function,
and adds support for filling in the Data 1 ... Data 3 fields from RFC 4340, 5.6.
It is useful to have this separate, since the following Reset codes will always
be generated from the control socket rather than via dccp_send_reset:
* Code 3, "No Connection", cf. 8.3.1;
* Code 4, "Packet Error" (identification for Data 1 added);
* Code 5, "Option Error" (identification for Data 1..3 added, will be used later);
* Code 6, "Mandatory Error" (same as Option Error);
* Code 7, "Connection Refused" (what on Earth is the difference to "No Connection"?);
* Code 8, "Bad Service Code";
* Code 9, "Too Busy";
* Code 10, "Bad Init Cookie" (not used).
Code 0 is not recommended by the RFC, the following codes would be used in
dccp_send_reset() instead, since they all relate to an established DCCP connection:
* Code 1, "Closed";
* Code 2, "Aborted";
* Code 11, "Aggression Penalty" (12.3).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
2007-09-27 01:35:19 +08:00
|
|
|
skb = dccp_ctl_make_reset(dccp_v6_ctl_socket, rxskb);
|
2006-03-21 14:01:29 +08:00
|
|
|
if (skb == NULL)
|
2006-12-11 02:01:18 +08:00
|
|
|
return;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2007-04-26 08:54:47 +08:00
|
|
|
rxip6h = ipv6_hdr(rxskb);
|
[DCCP]: Factor out common code for generating Resets
This factors code common to dccp_v{4,6}_ctl_send_reset into a separate function,
and adds support for filling in the Data 1 ... Data 3 fields from RFC 4340, 5.6.
It is useful to have this separate, since the following Reset codes will always
be generated from the control socket rather than via dccp_send_reset:
* Code 3, "No Connection", cf. 8.3.1;
* Code 4, "Packet Error" (identification for Data 1 added);
* Code 5, "Option Error" (identification for Data 1..3 added, will be used later);
* Code 6, "Mandatory Error" (same as Option Error);
* Code 7, "Connection Refused" (what on Earth is the difference to "No Connection"?);
* Code 8, "Bad Service Code";
* Code 9, "Too Busy";
* Code 10, "Bad Init Cookie" (not used).
Code 0 is not recommended by the RFC, the following codes would be used in
dccp_send_reset() instead, since they all relate to an established DCCP connection:
* Code 1, "Closed";
* Code 2, "Aborted";
* Code 11, "Aggression Penalty" (12.3).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
2007-09-27 01:35:19 +08:00
|
|
|
dccp_hdr(skb)->dccph_checksum = dccp_v6_csum_finish(skb, &rxip6h->saddr,
|
|
|
|
&rxip6h->daddr);
|
2006-11-11 03:43:06 +08:00
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
memset(&fl, 0, sizeof(fl));
|
2007-04-26 08:54:47 +08:00
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &rxip6h->saddr);
|
|
|
|
ipv6_addr_copy(&fl.fl6_src, &rxip6h->daddr);
|
2006-11-11 03:43:06 +08:00
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
fl.proto = IPPROTO_DCCP;
|
|
|
|
fl.oif = inet6_iif(rxskb);
|
[DCCP]: Factor out common code for generating Resets
This factors code common to dccp_v{4,6}_ctl_send_reset into a separate function,
and adds support for filling in the Data 1 ... Data 3 fields from RFC 4340, 5.6.
It is useful to have this separate, since the following Reset codes will always
be generated from the control socket rather than via dccp_send_reset:
* Code 3, "No Connection", cf. 8.3.1;
* Code 4, "Packet Error" (identification for Data 1 added);
* Code 5, "Option Error" (identification for Data 1..3 added, will be used later);
* Code 6, "Mandatory Error" (same as Option Error);
* Code 7, "Connection Refused" (what on Earth is the difference to "No Connection"?);
* Code 8, "Bad Service Code";
* Code 9, "Too Busy";
* Code 10, "Bad Init Cookie" (not used).
Code 0 is not recommended by the RFC, the following codes would be used in
dccp_send_reset() instead, since they all relate to an established DCCP connection:
* Code 1, "Closed";
* Code 2, "Aborted";
* Code 11, "Aggression Penalty" (12.3).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@ghostprotocols.net>
2007-09-27 01:35:19 +08:00
|
|
|
fl.fl_ip_dport = dccp_hdr(skb)->dccph_dport;
|
|
|
|
fl.fl_ip_sport = dccp_hdr(skb)->dccph_sport;
|
2006-08-05 14:12:42 +08:00
|
|
|
security_skb_classify_flow(rxskb, &fl);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
/* sk = NULL, but it is safe for now. RST socket required. */
|
|
|
|
if (!ip6_dst_lookup(NULL, &skb->dst, &fl)) {
|
|
|
|
if (xfrm_lookup(&skb->dst, &fl, NULL, 0) >= 0) {
|
2006-03-21 14:00:37 +08:00
|
|
|
ip6_xmit(dccp_v6_ctl_socket->sk, skb, &fl, NULL, 0);
|
2005-12-14 15:24:53 +08:00
|
|
|
DCCP_INC_STATS_BH(DCCP_MIB_OUTSEGS);
|
|
|
|
DCCP_INC_STATS_BH(DCCP_MIB_OUTRSTS);
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
kfree_skb(skb);
|
|
|
|
}
|
|
|
|
|
2006-11-10 23:01:31 +08:00
|
|
|
static struct request_sock_ops dccp6_request_sock_ops = {
|
|
|
|
.family = AF_INET6,
|
|
|
|
.obj_size = sizeof(struct dccp6_request_sock),
|
|
|
|
.rtx_syn_ack = dccp_v6_send_response,
|
|
|
|
.send_ack = dccp_reqsk_send_ack,
|
|
|
|
.destructor = dccp_v6_reqsk_destructor,
|
|
|
|
.send_reset = dccp_v6_ctl_send_reset,
|
|
|
|
};
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
static struct sock *dccp_v6_hnd_req(struct sock *sk,struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
const struct dccp_hdr *dh = dccp_hdr(skb);
|
2007-04-26 08:54:47 +08:00
|
|
|
const struct ipv6hdr *iph = ipv6_hdr(skb);
|
2005-12-14 15:24:53 +08:00
|
|
|
struct sock *nsk;
|
|
|
|
struct request_sock **prev;
|
|
|
|
/* Find possible connection requests. */
|
|
|
|
struct request_sock *req = inet6_csk_search_req(sk, &prev,
|
|
|
|
dh->dccph_sport,
|
|
|
|
&iph->saddr,
|
|
|
|
&iph->daddr,
|
|
|
|
inet6_iif(skb));
|
|
|
|
if (req != NULL)
|
|
|
|
return dccp_check_req(sk, skb, req, prev);
|
|
|
|
|
|
|
|
nsk = __inet6_lookup_established(&dccp_hashinfo,
|
|
|
|
&iph->saddr, dh->dccph_sport,
|
|
|
|
&iph->daddr, ntohs(dh->dccph_dport),
|
|
|
|
inet6_iif(skb));
|
|
|
|
if (nsk != NULL) {
|
|
|
|
if (nsk->sk_state != DCCP_TIME_WAIT) {
|
|
|
|
bh_lock_sock(nsk);
|
|
|
|
return nsk;
|
|
|
|
}
|
2006-10-11 10:41:46 +08:00
|
|
|
inet_twsk_put(inet_twsk(nsk));
|
2005-12-14 15:24:53 +08:00
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
return sk;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int dccp_v6_conn_request(struct sock *sk, struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct request_sock *req;
|
|
|
|
struct dccp_request_sock *dreq;
|
|
|
|
struct inet6_request_sock *ireq6;
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
2006-12-11 02:01:18 +08:00
|
|
|
const __be32 service = dccp_hdr_request(skb)->dccph_req_service;
|
2005-12-14 15:24:53 +08:00
|
|
|
struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb);
|
|
|
|
|
|
|
|
if (skb->protocol == htons(ETH_P_IP))
|
|
|
|
return dccp_v4_conn_request(sk, skb);
|
|
|
|
|
|
|
|
if (!ipv6_unicast_destination(skb))
|
[DCCP]: Twice the wrong reset code in receiving connection-Requests
This fixes two bugs in processing of connection-Requests in
v{4,6}_conn_request:
1. Due to using the variable `reset_code', the Reset code generated
internally by dccp_parse_options() is overwritten with the
initialised value ("Too Busy") of reset_code, which is not what is
intended.
2. When receiving a connection-Request on a multicast or broadcast
address, no Reset should be generated, to avoid storms of such
packets. Instead of jumping to the `drop' label, the
v{4,6}_conn_request functions now return 0. Below is why in my
understanding this is correct:
When the conn_request function returns < 0, then the caller,
dccp_rcv_state_process(), returns 1. In all instances where
dccp_rcv_state_process is called (dccp_v4_do_rcv, dccp_v6_do_rcv,
and dccp_child_process), a return value of != 0 from
dccp_rcv_state_process() means that a Reset is generated.
If on the other hand the conn_request function returns 0, the
packet is discarded and no Reset is generated.
Note: There may be a related problem when sending the Response, due to
the following.
if (dccp_v6_send_response(sk, req, NULL))
goto drop_and_free;
/* ... */
drop_and_free:
return -1;
In this case, if send_response fails due to transmission errors, the
next thing that is generated is a Reset with a code "Too Busy". I
haven't been able to conjure up such a condition, but it might be good
to change the behaviour here also (not done by this patch).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-05 05:52:28 +08:00
|
|
|
return 0; /* discard, don't send a reset here */
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (dccp_bad_service_code(sk, service)) {
|
[DCCP]: Twice the wrong reset code in receiving connection-Requests
This fixes two bugs in processing of connection-Requests in
v{4,6}_conn_request:
1. Due to using the variable `reset_code', the Reset code generated
internally by dccp_parse_options() is overwritten with the
initialised value ("Too Busy") of reset_code, which is not what is
intended.
2. When receiving a connection-Request on a multicast or broadcast
address, no Reset should be generated, to avoid storms of such
packets. Instead of jumping to the `drop' label, the
v{4,6}_conn_request functions now return 0. Below is why in my
understanding this is correct:
When the conn_request function returns < 0, then the caller,
dccp_rcv_state_process(), returns 1. In all instances where
dccp_rcv_state_process is called (dccp_v4_do_rcv, dccp_v6_do_rcv,
and dccp_child_process), a return value of != 0 from
dccp_rcv_state_process() means that a Reset is generated.
If on the other hand the conn_request function returns 0, the
packet is discarded and no Reset is generated.
Note: There may be a related problem when sending the Response, due to
the following.
if (dccp_v6_send_response(sk, req, NULL))
goto drop_and_free;
/* ... */
drop_and_free:
return -1;
In this case, if send_response fails due to transmission errors, the
next thing that is generated is a Reset with a code "Too Busy". I
haven't been able to conjure up such a condition, but it might be good
to change the behaviour here also (not done by this patch).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-05 05:52:28 +08:00
|
|
|
dcb->dccpd_reset_code = DCCP_RESET_CODE_BAD_SERVICE_CODE;
|
2005-12-14 15:24:53 +08:00
|
|
|
goto drop;
|
2006-12-11 02:01:18 +08:00
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
/*
|
2006-03-21 14:01:29 +08:00
|
|
|
* There are no SYN attacks on IPv6, yet...
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
[DCCP]: Twice the wrong reset code in receiving connection-Requests
This fixes two bugs in processing of connection-Requests in
v{4,6}_conn_request:
1. Due to using the variable `reset_code', the Reset code generated
internally by dccp_parse_options() is overwritten with the
initialised value ("Too Busy") of reset_code, which is not what is
intended.
2. When receiving a connection-Request on a multicast or broadcast
address, no Reset should be generated, to avoid storms of such
packets. Instead of jumping to the `drop' label, the
v{4,6}_conn_request functions now return 0. Below is why in my
understanding this is correct:
When the conn_request function returns < 0, then the caller,
dccp_rcv_state_process(), returns 1. In all instances where
dccp_rcv_state_process is called (dccp_v4_do_rcv, dccp_v6_do_rcv,
and dccp_child_process), a return value of != 0 from
dccp_rcv_state_process() means that a Reset is generated.
If on the other hand the conn_request function returns 0, the
packet is discarded and no Reset is generated.
Note: There may be a related problem when sending the Response, due to
the following.
if (dccp_v6_send_response(sk, req, NULL))
goto drop_and_free;
/* ... */
drop_and_free:
return -1;
In this case, if send_response fails due to transmission errors, the
next thing that is generated is a Reset with a code "Too Busy". I
haven't been able to conjure up such a condition, but it might be good
to change the behaviour here also (not done by this patch).
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Ian McDonald <ian.mcdonald@jandi.co.nz>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2007-10-05 05:52:28 +08:00
|
|
|
dcb->dccpd_reset_code = DCCP_RESET_CODE_TOO_BUSY;
|
2005-12-14 15:24:53 +08:00
|
|
|
if (inet_csk_reqsk_queue_is_full(sk))
|
2006-03-21 14:01:29 +08:00
|
|
|
goto drop;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
|
|
|
|
goto drop;
|
|
|
|
|
[DCCP]: Fix Oops in DCCPv6
I think I got the cause for the Oops observed in
http://www.mail-archive.com/dccp@vger.kernel.org/msg00578.html
The problem is always with applications listening on PF_INET6 sockets. Apart
from the mentioned oops, I observed another one one, triggered at irregular
intervals via timer interrupt:
run_timer_softirq -> dccp_keepalive_timer
-> inet_csk_reqsk_queue_prune
-> reqsk_free
-> dccp_v6_reqsk_destructor
The latter function is the problem and is also the last function to be called
in said kernel panic.
In any case, there is a real problem with allocating the right request_sock
which is what this patch tackles.
It fixes the following problem:
- application listens on PF_INET6
- DCCPv4 packet comes in, is handed over to dccp_v4_do_rcv, from there
to dccp_v4_conn_request
Now: socket is PF_INET6, packet is IPv4. The following code then furnishes the
connection with IPv6 - request_sock operations:
req = reqsk_alloc(sk->sk_prot->rsk_prot);
The first problem is that all further incoming packets will get a Reset since
the connection can not be looked up.
The second problem is worse:
--> reqsk_alloc is called instead of inet6_reqsk_alloc
--> consequently inet6_rsk_offset is never set (dangling pointer)
--> the request_sock_ops are nevertheless still dccp6_request_ops
--> destructor is called via reqsk_free
--> dccp_v6_reqsk_destructor tries to free random memory location (inet6_rsk_offset not set)
--> panic
I have tested this for a while, DCCP sockets are now handled correctly in all
three scenarios (v4/v6 only/v4-mapped).
Commiter note: I've added the dccp_request_sock_ops forward declaration to keep
the tree building and to reduce the size of the patch for 2.6.19,
later I'll move the functions to the top of the affected source
code to match what we have in the TCP counterpart, where this
problem hasn't existed in the first place, dumb me not to have
done the same thing on DCCP land 8)
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Signed-off-by: Arnaldo Carvalho de Melo <acme@mandriva.com>
2006-10-11 23:26:54 +08:00
|
|
|
req = inet6_reqsk_alloc(&dccp6_request_sock_ops);
|
2005-12-14 15:24:53 +08:00
|
|
|
if (req == NULL)
|
|
|
|
goto drop;
|
|
|
|
|
2006-11-11 02:08:37 +08:00
|
|
|
if (dccp_parse_options(sk, skb))
|
|
|
|
goto drop_and_free;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-11-11 02:08:37 +08:00
|
|
|
dccp_reqsk_init(req, skb);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-07-25 14:32:50 +08:00
|
|
|
if (security_inet_conn_request(sk, skb, req))
|
|
|
|
goto drop_and_free;
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
ireq6 = inet6_rsk(req);
|
2007-04-26 08:54:47 +08:00
|
|
|
ipv6_addr_copy(&ireq6->rmt_addr, &ipv6_hdr(skb)->saddr);
|
|
|
|
ipv6_addr_copy(&ireq6->loc_addr, &ipv6_hdr(skb)->daddr);
|
2005-12-14 15:24:53 +08:00
|
|
|
ireq6->pktopts = NULL;
|
|
|
|
|
|
|
|
if (ipv6_opt_accepted(sk, skb) ||
|
|
|
|
np->rxopt.bits.rxinfo || np->rxopt.bits.rxoinfo ||
|
|
|
|
np->rxopt.bits.rxhlim || np->rxopt.bits.rxohlim) {
|
|
|
|
atomic_inc(&skb->users);
|
|
|
|
ireq6->pktopts = skb;
|
|
|
|
}
|
|
|
|
ireq6->iif = sk->sk_bound_dev_if;
|
|
|
|
|
|
|
|
/* So that link locals have meaning */
|
|
|
|
if (!sk->sk_bound_dev_if &&
|
|
|
|
ipv6_addr_type(&ireq6->rmt_addr) & IPV6_ADDR_LINKLOCAL)
|
|
|
|
ireq6->iif = inet6_iif(skb);
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
/*
|
2005-12-14 15:24:53 +08:00
|
|
|
* Step 3: Process LISTEN state
|
|
|
|
*
|
2006-11-11 02:29:14 +08:00
|
|
|
* Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookie
|
2005-12-14 15:24:53 +08:00
|
|
|
*
|
2006-11-11 02:29:14 +08:00
|
|
|
* In fact we defer setting S.GSR, S.SWL, S.SWH to
|
|
|
|
* dccp_create_openreq_child.
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
|
|
|
dreq = dccp_rsk(req);
|
|
|
|
dreq->dreq_isr = dcb->dccpd_seq;
|
2006-11-13 23:31:50 +08:00
|
|
|
dreq->dreq_iss = dccp_v6_init_sequence(skb);
|
2005-12-14 15:24:53 +08:00
|
|
|
dreq->dreq_service = service;
|
|
|
|
|
|
|
|
if (dccp_v6_send_response(sk, req, NULL))
|
|
|
|
goto drop_and_free;
|
|
|
|
|
|
|
|
inet6_csk_reqsk_queue_hash_add(sk, req, DCCP_TIMEOUT_INIT);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
drop_and_free:
|
|
|
|
reqsk_free(req);
|
|
|
|
drop:
|
|
|
|
DCCP_INC_STATS_BH(DCCP_MIB_ATTEMPTFAILS);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
static struct sock *dccp_v6_request_recv_sock(struct sock *sk,
|
|
|
|
struct sk_buff *skb,
|
|
|
|
struct request_sock *req,
|
|
|
|
struct dst_entry *dst)
|
|
|
|
{
|
|
|
|
struct inet6_request_sock *ireq6 = inet6_rsk(req);
|
|
|
|
struct ipv6_pinfo *newnp, *np = inet6_sk(sk);
|
|
|
|
struct inet_sock *newinet;
|
|
|
|
struct dccp_sock *newdp;
|
|
|
|
struct dccp6_sock *newdp6;
|
|
|
|
struct sock *newsk;
|
|
|
|
struct ipv6_txoptions *opt;
|
|
|
|
|
|
|
|
if (skb->protocol == htons(ETH_P_IP)) {
|
|
|
|
/*
|
|
|
|
* v6 mapped
|
|
|
|
*/
|
|
|
|
newsk = dccp_v4_request_recv_sock(sk, skb, req, dst);
|
2006-03-21 14:01:29 +08:00
|
|
|
if (newsk == NULL)
|
2005-12-14 15:24:53 +08:00
|
|
|
return NULL;
|
|
|
|
|
|
|
|
newdp6 = (struct dccp6_sock *)newsk;
|
|
|
|
newdp = dccp_sk(newsk);
|
|
|
|
newinet = inet_sk(newsk);
|
|
|
|
newinet->pinet6 = &newdp6->inet6;
|
|
|
|
newnp = inet6_sk(newsk);
|
|
|
|
|
|
|
|
memcpy(newnp, np, sizeof(struct ipv6_pinfo));
|
|
|
|
|
|
|
|
ipv6_addr_set(&newnp->daddr, 0, 0, htonl(0x0000FFFF),
|
|
|
|
newinet->daddr);
|
|
|
|
|
|
|
|
ipv6_addr_set(&newnp->saddr, 0, 0, htonl(0x0000FFFF),
|
|
|
|
newinet->saddr);
|
|
|
|
|
|
|
|
ipv6_addr_copy(&newnp->rcv_saddr, &newnp->saddr);
|
|
|
|
|
|
|
|
inet_csk(newsk)->icsk_af_ops = &dccp_ipv6_mapped;
|
|
|
|
newsk->sk_backlog_rcv = dccp_v4_do_rcv;
|
|
|
|
newnp->pktoptions = NULL;
|
|
|
|
newnp->opt = NULL;
|
|
|
|
newnp->mcast_oif = inet6_iif(skb);
|
2007-04-26 08:54:47 +08:00
|
|
|
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
/*
|
|
|
|
* No need to charge this sock to the relevant IPv6 refcnt debug socks count
|
|
|
|
* here, dccp_create_openreq_child now does this for us, see the comment in
|
|
|
|
* that function for the gory details. -acme
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* It is tricky place. Until this moment IPv4 tcp
|
|
|
|
worked with IPv6 icsk.icsk_af_ops.
|
|
|
|
Sync it now.
|
|
|
|
*/
|
2005-12-14 15:26:10 +08:00
|
|
|
dccp_sync_mss(newsk, inet_csk(newsk)->icsk_pmtu_cookie);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
return newsk;
|
|
|
|
}
|
|
|
|
|
|
|
|
opt = np->opt;
|
|
|
|
|
|
|
|
if (sk_acceptq_is_full(sk))
|
|
|
|
goto out_overflow;
|
|
|
|
|
|
|
|
if (dst == NULL) {
|
|
|
|
struct in6_addr *final_p = NULL, final;
|
|
|
|
struct flowi fl;
|
|
|
|
|
|
|
|
memset(&fl, 0, sizeof(fl));
|
|
|
|
fl.proto = IPPROTO_DCCP;
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &ireq6->rmt_addr);
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt != NULL && opt->srcrt != NULL) {
|
|
|
|
const struct rt0_hdr *rt0 = (struct rt0_hdr *)opt->srcrt;
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
ipv6_addr_copy(&final, &fl.fl6_dst);
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
|
|
|
|
final_p = &final;
|
|
|
|
}
|
|
|
|
ipv6_addr_copy(&fl.fl6_src, &ireq6->loc_addr);
|
|
|
|
fl.oif = sk->sk_bound_dev_if;
|
|
|
|
fl.fl_ip_dport = inet_rsk(req)->rmt_port;
|
|
|
|
fl.fl_ip_sport = inet_sk(sk)->sport;
|
2006-08-05 14:12:42 +08:00
|
|
|
security_sk_classify_flow(sk, &fl);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (ip6_dst_lookup(sk, &dst, &fl))
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
if (final_p)
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, final_p);
|
|
|
|
|
|
|
|
if ((xfrm_lookup(&dst, &fl, sk, 0)) < 0)
|
|
|
|
goto out;
|
2006-03-21 14:01:29 +08:00
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
newsk = dccp_create_openreq_child(sk, req, skb);
|
|
|
|
if (newsk == NULL)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* No need to charge this sock to the relevant IPv6 refcnt debug socks
|
|
|
|
* count here, dccp_create_openreq_child now does this for us, see the
|
|
|
|
* comment in that function for the gory details. -acme
|
|
|
|
*/
|
|
|
|
|
2006-08-30 08:15:09 +08:00
|
|
|
__ip6_dst_store(newsk, dst, NULL, NULL);
|
2006-03-21 14:01:29 +08:00
|
|
|
newsk->sk_route_caps = dst->dev->features & ~(NETIF_F_IP_CSUM |
|
|
|
|
NETIF_F_TSO);
|
2005-12-14 15:24:53 +08:00
|
|
|
newdp6 = (struct dccp6_sock *)newsk;
|
|
|
|
newinet = inet_sk(newsk);
|
|
|
|
newinet->pinet6 = &newdp6->inet6;
|
|
|
|
newdp = dccp_sk(newsk);
|
|
|
|
newnp = inet6_sk(newsk);
|
|
|
|
|
|
|
|
memcpy(newnp, np, sizeof(struct ipv6_pinfo));
|
|
|
|
|
|
|
|
ipv6_addr_copy(&newnp->daddr, &ireq6->rmt_addr);
|
|
|
|
ipv6_addr_copy(&newnp->saddr, &ireq6->loc_addr);
|
|
|
|
ipv6_addr_copy(&newnp->rcv_saddr, &ireq6->loc_addr);
|
|
|
|
newsk->sk_bound_dev_if = ireq6->iif;
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
/* Now IPv6 options...
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
First: no IPv4 options.
|
|
|
|
*/
|
|
|
|
newinet->opt = NULL;
|
|
|
|
|
|
|
|
/* Clone RX bits */
|
|
|
|
newnp->rxopt.all = np->rxopt.all;
|
|
|
|
|
|
|
|
/* Clone pktoptions received with SYN */
|
|
|
|
newnp->pktoptions = NULL;
|
|
|
|
if (ireq6->pktopts != NULL) {
|
|
|
|
newnp->pktoptions = skb_clone(ireq6->pktopts, GFP_ATOMIC);
|
|
|
|
kfree_skb(ireq6->pktopts);
|
|
|
|
ireq6->pktopts = NULL;
|
|
|
|
if (newnp->pktoptions)
|
|
|
|
skb_set_owner_r(newnp->pktoptions, newsk);
|
|
|
|
}
|
|
|
|
newnp->opt = NULL;
|
|
|
|
newnp->mcast_oif = inet6_iif(skb);
|
2007-04-26 08:54:47 +08:00
|
|
|
newnp->mcast_hops = ipv6_hdr(skb)->hop_limit;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
/*
|
|
|
|
* Clone native IPv6 options from listening socket (if any)
|
|
|
|
*
|
|
|
|
* Yes, keeping reference count would be much more clever, but we make
|
|
|
|
* one more one thing there: reattach optmem to newsk.
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt != NULL) {
|
2005-12-14 15:24:53 +08:00
|
|
|
newnp->opt = ipv6_dup_options(newsk, opt);
|
|
|
|
if (opt != np->opt)
|
|
|
|
sock_kfree_s(sk, opt, opt->tot_len);
|
|
|
|
}
|
|
|
|
|
2005-12-14 15:26:10 +08:00
|
|
|
inet_csk(newsk)->icsk_ext_hdr_len = 0;
|
2006-03-21 14:01:29 +08:00
|
|
|
if (newnp->opt != NULL)
|
2005-12-14 15:26:10 +08:00
|
|
|
inet_csk(newsk)->icsk_ext_hdr_len = (newnp->opt->opt_nflen +
|
|
|
|
newnp->opt->opt_flen);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
dccp_sync_mss(newsk, dst_mtu(dst));
|
|
|
|
|
|
|
|
newinet->daddr = newinet->saddr = newinet->rcv_saddr = LOOPBACK4_IPV6;
|
|
|
|
|
|
|
|
__inet6_hash(&dccp_hashinfo, newsk);
|
|
|
|
inet_inherit_port(&dccp_hashinfo, sk, newsk);
|
|
|
|
|
|
|
|
return newsk;
|
|
|
|
|
|
|
|
out_overflow:
|
|
|
|
NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
|
|
|
|
out:
|
|
|
|
NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt != NULL && opt != np->opt)
|
2005-12-14 15:24:53 +08:00
|
|
|
sock_kfree_s(sk, opt, opt->tot_len);
|
|
|
|
dst_release(dst);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* The socket must have it's spinlock held when we get
|
|
|
|
* here.
|
|
|
|
*
|
|
|
|
* We have a potential double-lock case here, so even when
|
|
|
|
* doing backlog processing we use the BH locking scheme.
|
|
|
|
* This is because we cannot sleep with the original spinlock
|
|
|
|
* held.
|
|
|
|
*/
|
|
|
|
static int dccp_v6_do_rcv(struct sock *sk, struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
struct sk_buff *opt_skb = NULL;
|
|
|
|
|
|
|
|
/* Imagine: socket is IPv6. IPv4 packet arrives,
|
|
|
|
goes to IPv4 receive handler and backlogged.
|
|
|
|
From backlog it always goes here. Kerboom...
|
|
|
|
Fortunately, dccp_rcv_established and rcv_established
|
|
|
|
handle them correctly, but it is not case with
|
|
|
|
dccp_v6_hnd_req and dccp_v6_ctl_send_reset(). --ANK
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (skb->protocol == htons(ETH_P_IP))
|
|
|
|
return dccp_v4_do_rcv(sk, skb);
|
|
|
|
|
2006-09-01 06:28:39 +08:00
|
|
|
if (sk_filter(sk, skb))
|
2005-12-14 15:24:53 +08:00
|
|
|
goto discard;
|
|
|
|
|
|
|
|
/*
|
2006-03-21 14:01:29 +08:00
|
|
|
* socket locking is here for SMP purposes as backlog rcv is currently
|
|
|
|
* called with bh processing disabled.
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
|
|
|
|
|
|
|
/* Do Stevens' IPV6_PKTOPTIONS.
|
|
|
|
|
|
|
|
Yes, guys, it is the only place in our code, where we
|
|
|
|
may make it not affecting IPv4.
|
|
|
|
The rest of code is protocol independent,
|
|
|
|
and I do not like idea to uglify IPv4.
|
|
|
|
|
|
|
|
Actually, all the idea behind IPV6_PKTOPTIONS
|
|
|
|
looks not very well thought. For now we latch
|
|
|
|
options, received in the last packet, enqueued
|
|
|
|
by tcp. Feel free to propose better solution.
|
2007-02-09 22:24:38 +08:00
|
|
|
--ANK (980728)
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
|
|
|
if (np->rxopt.all)
|
2006-11-10 21:13:33 +08:00
|
|
|
/*
|
|
|
|
* FIXME: Add handling of IPV6_PKTOPTIONS skb. See the comments below
|
|
|
|
* (wrt ipv6_pktopions) and net/ipv6/tcp_ipv6.c for an example.
|
|
|
|
*/
|
2005-12-14 15:24:53 +08:00
|
|
|
opt_skb = skb_clone(skb, GFP_ATOMIC);
|
|
|
|
|
|
|
|
if (sk->sk_state == DCCP_OPEN) { /* Fast path */
|
|
|
|
if (dccp_rcv_established(sk, skb, dccp_hdr(skb), skb->len))
|
|
|
|
goto reset;
|
2006-10-21 10:44:17 +08:00
|
|
|
if (opt_skb) {
|
2006-11-10 21:13:33 +08:00
|
|
|
/* XXX This is where we would goto ipv6_pktoptions. */
|
2006-10-21 10:44:17 +08:00
|
|
|
__kfree_skb(opt_skb);
|
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2006-11-11 02:29:14 +08:00
|
|
|
/*
|
|
|
|
* Step 3: Process LISTEN state
|
|
|
|
* If S.state == LISTEN,
|
|
|
|
* If P.type == Request or P contains a valid Init Cookie option,
|
|
|
|
* (* Must scan the packet's options to check for Init
|
|
|
|
* Cookies. Only Init Cookies are processed here,
|
|
|
|
* however; other options are processed in Step 8. This
|
|
|
|
* scan need only be performed if the endpoint uses Init
|
|
|
|
* Cookies *)
|
|
|
|
* (* Generate a new socket and switch to that socket *)
|
|
|
|
* Set S := new socket for this port pair
|
|
|
|
* S.state = RESPOND
|
|
|
|
* Choose S.ISS (initial seqno) or set from Init Cookies
|
|
|
|
* Initialize S.GAR := S.ISS
|
|
|
|
* Set S.ISR, S.GSR, S.SWL, S.SWH from packet or Init Cookies
|
|
|
|
* Continue with S.state == RESPOND
|
|
|
|
* (* A Response packet will be generated in Step 11 *)
|
|
|
|
* Otherwise,
|
|
|
|
* Generate Reset(No Connection) unless P.type == Reset
|
|
|
|
* Drop packet and return
|
|
|
|
*
|
|
|
|
* NOTE: the check for the packet types is done in
|
|
|
|
* dccp_rcv_state_process
|
|
|
|
*/
|
2006-03-21 14:01:29 +08:00
|
|
|
if (sk->sk_state == DCCP_LISTEN) {
|
2005-12-14 15:24:53 +08:00
|
|
|
struct sock *nsk = dccp_v6_hnd_req(sk, skb);
|
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
if (nsk == NULL)
|
|
|
|
goto discard;
|
2005-12-14 15:24:53 +08:00
|
|
|
/*
|
|
|
|
* Queue it on the new socket if the new socket is active,
|
|
|
|
* otherwise we just shortcircuit this and continue with
|
|
|
|
* the new socket..
|
|
|
|
*/
|
2006-12-11 02:01:18 +08:00
|
|
|
if (nsk != sk) {
|
2005-12-14 15:24:53 +08:00
|
|
|
if (dccp_child_process(sk, nsk, skb))
|
|
|
|
goto reset;
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt_skb != NULL)
|
2005-12-14 15:24:53 +08:00
|
|
|
__kfree_skb(opt_skb);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (dccp_rcv_state_process(sk, skb, dccp_hdr(skb), skb->len))
|
|
|
|
goto reset;
|
2006-10-21 10:44:17 +08:00
|
|
|
if (opt_skb) {
|
2006-11-10 21:13:33 +08:00
|
|
|
/* XXX This is where we would goto ipv6_pktoptions. */
|
2006-10-21 10:44:17 +08:00
|
|
|
__kfree_skb(opt_skb);
|
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
reset:
|
2006-11-15 11:07:45 +08:00
|
|
|
dccp_v6_ctl_send_reset(sk, skb);
|
2005-12-14 15:24:53 +08:00
|
|
|
discard:
|
2006-03-21 14:01:29 +08:00
|
|
|
if (opt_skb != NULL)
|
2005-12-14 15:24:53 +08:00
|
|
|
__kfree_skb(opt_skb);
|
|
|
|
kfree_skb(skb);
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2007-10-16 03:50:28 +08:00
|
|
|
static int dccp_v6_rcv(struct sk_buff *skb)
|
2005-12-14 15:24:53 +08:00
|
|
|
{
|
|
|
|
const struct dccp_hdr *dh;
|
|
|
|
struct sock *sk;
|
2006-11-11 03:43:06 +08:00
|
|
|
int min_cov;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-11-11 03:43:06 +08:00
|
|
|
/* Step 1: Check header basics */
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
if (dccp_invalid_packet(skb))
|
|
|
|
goto discard_it;
|
|
|
|
|
2006-11-11 03:43:06 +08:00
|
|
|
/* Step 1: If header checksum is incorrect, drop packet and return. */
|
2007-04-26 08:54:47 +08:00
|
|
|
if (dccp_v6_csum_finish(skb, &ipv6_hdr(skb)->saddr,
|
|
|
|
&ipv6_hdr(skb)->daddr)) {
|
2006-11-21 04:39:23 +08:00
|
|
|
DCCP_WARN("dropped packet with invalid checksum\n");
|
2006-11-11 03:43:06 +08:00
|
|
|
goto discard_it;
|
|
|
|
}
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
dh = dccp_hdr(skb);
|
|
|
|
|
2007-10-24 20:12:09 +08:00
|
|
|
DCCP_SKB_CB(skb)->dccpd_seq = dccp_hdr_seq(dh);
|
2005-12-14 15:24:53 +08:00
|
|
|
DCCP_SKB_CB(skb)->dccpd_type = dh->dccph_type;
|
|
|
|
|
|
|
|
if (dccp_packet_without_ack(skb))
|
|
|
|
DCCP_SKB_CB(skb)->dccpd_ack_seq = DCCP_PKT_WITHOUT_ACK_SEQ;
|
|
|
|
else
|
|
|
|
DCCP_SKB_CB(skb)->dccpd_ack_seq = dccp_hdr_ack_seq(skb);
|
|
|
|
|
|
|
|
/* Step 2:
|
2006-12-11 02:01:18 +08:00
|
|
|
* Look up flow ID in table and get corresponding socket */
|
2007-04-26 08:54:47 +08:00
|
|
|
sk = __inet6_lookup(&dccp_hashinfo, &ipv6_hdr(skb)->saddr,
|
2005-12-14 15:24:53 +08:00
|
|
|
dh->dccph_sport,
|
2007-04-26 08:54:47 +08:00
|
|
|
&ipv6_hdr(skb)->daddr, ntohs(dh->dccph_dport),
|
2005-12-14 15:24:53 +08:00
|
|
|
inet6_iif(skb));
|
2006-03-21 14:01:29 +08:00
|
|
|
/*
|
2005-12-14 15:24:53 +08:00
|
|
|
* Step 2:
|
2006-12-11 02:01:18 +08:00
|
|
|
* If no socket ...
|
2005-12-14 15:24:53 +08:00
|
|
|
*/
|
2006-11-10 21:46:34 +08:00
|
|
|
if (sk == NULL) {
|
|
|
|
dccp_pr_debug("failed to look up flow ID in table and "
|
|
|
|
"get corresponding socket\n");
|
2005-12-14 15:24:53 +08:00
|
|
|
goto no_dccp_socket;
|
2006-11-10 21:46:34 +08:00
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-03-21 14:01:29 +08:00
|
|
|
/*
|
2005-12-14 15:24:53 +08:00
|
|
|
* Step 2:
|
2006-12-11 02:01:18 +08:00
|
|
|
* ... or S.state == TIMEWAIT,
|
2005-12-14 15:24:53 +08:00
|
|
|
* Generate Reset(No Connection) unless P.type == Reset
|
|
|
|
* Drop packet and return
|
|
|
|
*/
|
2006-11-10 21:46:34 +08:00
|
|
|
if (sk->sk_state == DCCP_TIME_WAIT) {
|
|
|
|
dccp_pr_debug("sk->sk_state == DCCP_TIME_WAIT: do_time_wait\n");
|
|
|
|
inet_twsk_put(inet_twsk(sk));
|
|
|
|
goto no_dccp_socket;
|
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-11-11 03:43:06 +08:00
|
|
|
/*
|
|
|
|
* RFC 4340, sec. 9.2.1: Minimum Checksum Coverage
|
2006-12-11 02:01:18 +08:00
|
|
|
* o if MinCsCov = 0, only packets with CsCov = 0 are accepted
|
|
|
|
* o if MinCsCov > 0, also accept packets with CsCov >= MinCsCov
|
2006-11-11 03:43:06 +08:00
|
|
|
*/
|
|
|
|
min_cov = dccp_sk(sk)->dccps_pcrlen;
|
|
|
|
if (dh->dccph_cscov && (min_cov == 0 || dh->dccph_cscov < min_cov)) {
|
|
|
|
dccp_pr_debug("Packet CsCov %d does not satisfy MinCsCov %d\n",
|
|
|
|
dh->dccph_cscov, min_cov);
|
|
|
|
/* FIXME: send Data Dropped option (see also dccp_v4_rcv) */
|
|
|
|
goto discard_and_relse;
|
|
|
|
}
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb))
|
|
|
|
goto discard_and_relse;
|
|
|
|
|
2006-11-17 00:06:06 +08:00
|
|
|
return sk_receive_skb(sk, skb, 1) ? -1 : 0;
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
no_dccp_socket:
|
|
|
|
if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb))
|
|
|
|
goto discard_it;
|
|
|
|
/*
|
|
|
|
* Step 2:
|
2006-12-11 02:01:18 +08:00
|
|
|
* If no socket ...
|
2005-12-14 15:24:53 +08:00
|
|
|
* Generate Reset(No Connection) unless P.type == Reset
|
|
|
|
* Drop packet and return
|
|
|
|
*/
|
|
|
|
if (dh->dccph_type != DCCP_PKT_RESET) {
|
|
|
|
DCCP_SKB_CB(skb)->dccpd_reset_code =
|
|
|
|
DCCP_RESET_CODE_NO_CONNECTION;
|
2006-11-15 11:07:45 +08:00
|
|
|
dccp_v6_ctl_send_reset(sk, skb);
|
2005-12-14 15:24:53 +08:00
|
|
|
}
|
|
|
|
|
2006-11-10 21:46:34 +08:00
|
|
|
discard_it:
|
2005-12-14 15:24:53 +08:00
|
|
|
kfree_skb(skb);
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
discard_and_relse:
|
|
|
|
sock_put(sk);
|
|
|
|
goto discard_it;
|
|
|
|
}
|
|
|
|
|
2006-11-10 23:01:31 +08:00
|
|
|
static int dccp_v6_connect(struct sock *sk, struct sockaddr *uaddr,
|
|
|
|
int addr_len)
|
|
|
|
{
|
|
|
|
struct sockaddr_in6 *usin = (struct sockaddr_in6 *)uaddr;
|
|
|
|
struct inet_connection_sock *icsk = inet_csk(sk);
|
|
|
|
struct inet_sock *inet = inet_sk(sk);
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
struct dccp_sock *dp = dccp_sk(sk);
|
|
|
|
struct in6_addr *saddr = NULL, *final_p = NULL, final;
|
|
|
|
struct flowi fl;
|
|
|
|
struct dst_entry *dst;
|
|
|
|
int addr_type;
|
|
|
|
int err;
|
|
|
|
|
|
|
|
dp->dccps_role = DCCP_ROLE_CLIENT;
|
|
|
|
|
|
|
|
if (addr_len < SIN6_LEN_RFC2133)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
if (usin->sin6_family != AF_INET6)
|
|
|
|
return -EAFNOSUPPORT;
|
|
|
|
|
|
|
|
memset(&fl, 0, sizeof(fl));
|
|
|
|
|
|
|
|
if (np->sndflow) {
|
|
|
|
fl.fl6_flowlabel = usin->sin6_flowinfo & IPV6_FLOWINFO_MASK;
|
|
|
|
IP6_ECN_flow_init(fl.fl6_flowlabel);
|
|
|
|
if (fl.fl6_flowlabel & IPV6_FLOWLABEL_MASK) {
|
|
|
|
struct ip6_flowlabel *flowlabel;
|
|
|
|
flowlabel = fl6_sock_lookup(sk, fl.fl6_flowlabel);
|
|
|
|
if (flowlabel == NULL)
|
|
|
|
return -EINVAL;
|
|
|
|
ipv6_addr_copy(&usin->sin6_addr, &flowlabel->dst);
|
|
|
|
fl6_sock_release(flowlabel);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
/*
|
|
|
|
* connect() to INADDR_ANY means loopback (BSD'ism).
|
|
|
|
*/
|
|
|
|
if (ipv6_addr_any(&usin->sin6_addr))
|
|
|
|
usin->sin6_addr.s6_addr[15] = 1;
|
|
|
|
|
|
|
|
addr_type = ipv6_addr_type(&usin->sin6_addr);
|
|
|
|
|
|
|
|
if (addr_type & IPV6_ADDR_MULTICAST)
|
|
|
|
return -ENETUNREACH;
|
|
|
|
|
|
|
|
if (addr_type & IPV6_ADDR_LINKLOCAL) {
|
|
|
|
if (addr_len >= sizeof(struct sockaddr_in6) &&
|
|
|
|
usin->sin6_scope_id) {
|
|
|
|
/* If interface is set while binding, indices
|
|
|
|
* must coincide.
|
|
|
|
*/
|
|
|
|
if (sk->sk_bound_dev_if &&
|
|
|
|
sk->sk_bound_dev_if != usin->sin6_scope_id)
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
sk->sk_bound_dev_if = usin->sin6_scope_id;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Connect to link-local address requires an interface */
|
|
|
|
if (!sk->sk_bound_dev_if)
|
|
|
|
return -EINVAL;
|
|
|
|
}
|
|
|
|
|
|
|
|
ipv6_addr_copy(&np->daddr, &usin->sin6_addr);
|
|
|
|
np->flow_label = fl.fl6_flowlabel;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* DCCP over IPv4
|
|
|
|
*/
|
|
|
|
if (addr_type == IPV6_ADDR_MAPPED) {
|
|
|
|
u32 exthdrlen = icsk->icsk_ext_hdr_len;
|
|
|
|
struct sockaddr_in sin;
|
|
|
|
|
|
|
|
SOCK_DEBUG(sk, "connect: ipv4 mapped\n");
|
|
|
|
|
|
|
|
if (__ipv6_only_sock(sk))
|
|
|
|
return -ENETUNREACH;
|
|
|
|
|
|
|
|
sin.sin_family = AF_INET;
|
|
|
|
sin.sin_port = usin->sin6_port;
|
|
|
|
sin.sin_addr.s_addr = usin->sin6_addr.s6_addr32[3];
|
|
|
|
|
|
|
|
icsk->icsk_af_ops = &dccp_ipv6_mapped;
|
|
|
|
sk->sk_backlog_rcv = dccp_v4_do_rcv;
|
|
|
|
|
|
|
|
err = dccp_v4_connect(sk, (struct sockaddr *)&sin, sizeof(sin));
|
|
|
|
if (err) {
|
|
|
|
icsk->icsk_ext_hdr_len = exthdrlen;
|
|
|
|
icsk->icsk_af_ops = &dccp_ipv6_af_ops;
|
|
|
|
sk->sk_backlog_rcv = dccp_v6_do_rcv;
|
|
|
|
goto failure;
|
|
|
|
} else {
|
|
|
|
ipv6_addr_set(&np->saddr, 0, 0, htonl(0x0000FFFF),
|
|
|
|
inet->saddr);
|
|
|
|
ipv6_addr_set(&np->rcv_saddr, 0, 0, htonl(0x0000FFFF),
|
|
|
|
inet->rcv_saddr);
|
|
|
|
}
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (!ipv6_addr_any(&np->rcv_saddr))
|
|
|
|
saddr = &np->rcv_saddr;
|
|
|
|
|
|
|
|
fl.proto = IPPROTO_DCCP;
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, &np->daddr);
|
|
|
|
ipv6_addr_copy(&fl.fl6_src, saddr ? saddr : &np->saddr);
|
|
|
|
fl.oif = sk->sk_bound_dev_if;
|
|
|
|
fl.fl_ip_dport = usin->sin6_port;
|
|
|
|
fl.fl_ip_sport = inet->sport;
|
|
|
|
security_sk_classify_flow(sk, &fl);
|
|
|
|
|
|
|
|
if (np->opt != NULL && np->opt->srcrt != NULL) {
|
|
|
|
const struct rt0_hdr *rt0 = (struct rt0_hdr *)np->opt->srcrt;
|
|
|
|
|
|
|
|
ipv6_addr_copy(&final, &fl.fl6_dst);
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, rt0->addr);
|
|
|
|
final_p = &final;
|
|
|
|
}
|
|
|
|
|
|
|
|
err = ip6_dst_lookup(sk, &dst, &fl);
|
|
|
|
if (err)
|
|
|
|
goto failure;
|
|
|
|
|
|
|
|
if (final_p)
|
|
|
|
ipv6_addr_copy(&fl.fl6_dst, final_p);
|
|
|
|
|
2007-05-25 09:17:54 +08:00
|
|
|
err = __xfrm_lookup(&dst, &fl, sk, 1);
|
|
|
|
if (err < 0) {
|
|
|
|
if (err == -EREMOTE)
|
|
|
|
err = ip6_dst_blackhole(sk, &dst, &fl);
|
|
|
|
if (err < 0)
|
|
|
|
goto failure;
|
|
|
|
}
|
2006-11-10 23:01:31 +08:00
|
|
|
|
|
|
|
if (saddr == NULL) {
|
|
|
|
saddr = &fl.fl6_src;
|
|
|
|
ipv6_addr_copy(&np->rcv_saddr, saddr);
|
|
|
|
}
|
|
|
|
|
|
|
|
/* set the source address */
|
|
|
|
ipv6_addr_copy(&np->saddr, saddr);
|
|
|
|
inet->rcv_saddr = LOOPBACK4_IPV6;
|
|
|
|
|
|
|
|
__ip6_dst_store(sk, dst, NULL, NULL);
|
|
|
|
|
|
|
|
icsk->icsk_ext_hdr_len = 0;
|
|
|
|
if (np->opt != NULL)
|
|
|
|
icsk->icsk_ext_hdr_len = (np->opt->opt_flen +
|
|
|
|
np->opt->opt_nflen);
|
|
|
|
|
|
|
|
inet->dport = usin->sin6_port;
|
|
|
|
|
|
|
|
dccp_set_state(sk, DCCP_REQUESTING);
|
|
|
|
err = inet6_hash_connect(&dccp_death_row, sk);
|
|
|
|
if (err)
|
|
|
|
goto late_failure;
|
2006-11-13 23:34:38 +08:00
|
|
|
|
|
|
|
dp->dccps_iss = secure_dccpv6_sequence_number(np->saddr.s6_addr32,
|
|
|
|
np->daddr.s6_addr32,
|
|
|
|
inet->sport, inet->dport);
|
2006-11-10 23:01:31 +08:00
|
|
|
err = dccp_connect(sk);
|
|
|
|
if (err)
|
|
|
|
goto late_failure;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
late_failure:
|
|
|
|
dccp_set_state(sk, DCCP_CLOSED);
|
|
|
|
__sk_dst_reset(sk);
|
|
|
|
failure:
|
|
|
|
inet->dport = 0;
|
|
|
|
sk->sk_route_caps = 0;
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
static struct inet_connection_sock_af_ops dccp_ipv6_af_ops = {
|
2006-03-21 14:48:35 +08:00
|
|
|
.queue_xmit = inet6_csk_xmit,
|
|
|
|
.send_check = dccp_v6_send_check,
|
|
|
|
.rebuild_header = inet6_sk_rebuild_header,
|
|
|
|
.conn_request = dccp_v6_conn_request,
|
|
|
|
.syn_recv_sock = dccp_v6_request_recv_sock,
|
|
|
|
.net_header_len = sizeof(struct ipv6hdr),
|
|
|
|
.setsockopt = ipv6_setsockopt,
|
|
|
|
.getsockopt = ipv6_getsockopt,
|
|
|
|
.addr2sockaddr = inet6_csk_addr2sockaddr,
|
|
|
|
.sockaddr_len = sizeof(struct sockaddr_in6),
|
2006-03-21 14:45:21 +08:00
|
|
|
#ifdef CONFIG_COMPAT
|
2006-03-21 14:48:35 +08:00
|
|
|
.compat_setsockopt = compat_ipv6_setsockopt,
|
|
|
|
.compat_getsockopt = compat_ipv6_getsockopt,
|
2006-03-21 14:45:21 +08:00
|
|
|
#endif
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
/*
|
|
|
|
* DCCP over IPv4 via INET6 API
|
|
|
|
*/
|
|
|
|
static struct inet_connection_sock_af_ops dccp_ipv6_mapped = {
|
2006-03-21 14:48:35 +08:00
|
|
|
.queue_xmit = ip_queue_xmit,
|
|
|
|
.send_check = dccp_v4_send_check,
|
|
|
|
.rebuild_header = inet_sk_rebuild_header,
|
|
|
|
.conn_request = dccp_v6_conn_request,
|
|
|
|
.syn_recv_sock = dccp_v6_request_recv_sock,
|
|
|
|
.net_header_len = sizeof(struct iphdr),
|
|
|
|
.setsockopt = ipv6_setsockopt,
|
|
|
|
.getsockopt = ipv6_getsockopt,
|
|
|
|
.addr2sockaddr = inet6_csk_addr2sockaddr,
|
|
|
|
.sockaddr_len = sizeof(struct sockaddr_in6),
|
2006-03-21 14:45:21 +08:00
|
|
|
#ifdef CONFIG_COMPAT
|
2006-03-21 14:48:35 +08:00
|
|
|
.compat_setsockopt = compat_ipv6_setsockopt,
|
|
|
|
.compat_getsockopt = compat_ipv6_getsockopt,
|
2006-03-21 14:45:21 +08:00
|
|
|
#endif
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
/* NOTE: A lot of things set to zero explicitly by call to
|
|
|
|
* sk_alloc() so need not be done here.
|
|
|
|
*/
|
|
|
|
static int dccp_v6_init_sock(struct sock *sk)
|
|
|
|
{
|
2006-03-21 14:00:37 +08:00
|
|
|
static __u8 dccp_v6_ctl_sock_initialized;
|
|
|
|
int err = dccp_init_sock(sk, dccp_v6_ctl_sock_initialized);
|
2005-12-14 15:24:53 +08:00
|
|
|
|
2006-03-21 14:00:37 +08:00
|
|
|
if (err == 0) {
|
|
|
|
if (unlikely(!dccp_v6_ctl_sock_initialized))
|
|
|
|
dccp_v6_ctl_sock_initialized = 1;
|
2005-12-14 15:24:53 +08:00
|
|
|
inet_csk(sk)->icsk_af_ops = &dccp_ipv6_af_ops;
|
2006-03-21 14:00:37 +08:00
|
|
|
}
|
2005-12-14 15:24:53 +08:00
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int dccp_v6_destroy_sock(struct sock *sk)
|
|
|
|
{
|
2006-03-21 13:23:15 +08:00
|
|
|
dccp_destroy_sock(sk);
|
2005-12-14 15:24:53 +08:00
|
|
|
return inet6_destroy_sock(sk);
|
|
|
|
}
|
|
|
|
|
2006-11-10 23:01:31 +08:00
|
|
|
static struct timewait_sock_ops dccp6_timewait_sock_ops = {
|
|
|
|
.twsk_obj_size = sizeof(struct dccp6_timewait_sock),
|
|
|
|
};
|
|
|
|
|
2007-11-06 15:42:25 +08:00
|
|
|
DEFINE_PROTO_INUSE(dccp_v6)
|
|
|
|
|
2005-12-14 15:24:53 +08:00
|
|
|
static struct proto dccp_v6_prot = {
|
2006-03-21 14:48:35 +08:00
|
|
|
.name = "DCCPv6",
|
|
|
|
.owner = THIS_MODULE,
|
|
|
|
.close = dccp_close,
|
|
|
|
.connect = dccp_v6_connect,
|
|
|
|
.disconnect = dccp_disconnect,
|
|
|
|
.ioctl = dccp_ioctl,
|
|
|
|
.init = dccp_v6_init_sock,
|
|
|
|
.setsockopt = dccp_setsockopt,
|
|
|
|
.getsockopt = dccp_getsockopt,
|
|
|
|
.sendmsg = dccp_sendmsg,
|
|
|
|
.recvmsg = dccp_recvmsg,
|
|
|
|
.backlog_rcv = dccp_v6_do_rcv,
|
|
|
|
.hash = dccp_v6_hash,
|
|
|
|
.unhash = dccp_unhash,
|
|
|
|
.accept = inet_csk_accept,
|
|
|
|
.get_port = dccp_v6_get_port,
|
|
|
|
.shutdown = dccp_shutdown,
|
|
|
|
.destroy = dccp_v6_destroy_sock,
|
|
|
|
.orphan_count = &dccp_orphan_count,
|
|
|
|
.max_header = MAX_DCCP_HEADER,
|
|
|
|
.obj_size = sizeof(struct dccp6_sock),
|
|
|
|
.rsk_prot = &dccp6_request_sock_ops,
|
|
|
|
.twsk_prot = &dccp6_timewait_sock_ops,
|
2006-03-21 14:45:21 +08:00
|
|
|
#ifdef CONFIG_COMPAT
|
2006-03-21 14:48:35 +08:00
|
|
|
.compat_setsockopt = compat_dccp_setsockopt,
|
|
|
|
.compat_getsockopt = compat_dccp_getsockopt,
|
2006-03-21 14:45:21 +08:00
|
|
|
#endif
|
2007-11-06 15:42:25 +08:00
|
|
|
REF_PROTO_INUSE(dccp_v6)
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static struct inet6_protocol dccp_v6_protocol = {
|
2006-03-21 14:01:29 +08:00
|
|
|
.handler = dccp_v6_rcv,
|
|
|
|
.err_handler = dccp_v6_err,
|
|
|
|
.flags = INET6_PROTO_NOPOLICY | INET6_PROTO_FINAL,
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static struct proto_ops inet6_dccp_ops = {
|
2006-03-21 14:48:35 +08:00
|
|
|
.family = PF_INET6,
|
|
|
|
.owner = THIS_MODULE,
|
|
|
|
.release = inet6_release,
|
|
|
|
.bind = inet6_bind,
|
|
|
|
.connect = inet_stream_connect,
|
|
|
|
.socketpair = sock_no_socketpair,
|
|
|
|
.accept = inet_accept,
|
|
|
|
.getname = inet6_getname,
|
|
|
|
.poll = dccp_poll,
|
|
|
|
.ioctl = inet6_ioctl,
|
|
|
|
.listen = inet_dccp_listen,
|
|
|
|
.shutdown = inet_shutdown,
|
|
|
|
.setsockopt = sock_common_setsockopt,
|
|
|
|
.getsockopt = sock_common_getsockopt,
|
|
|
|
.sendmsg = inet_sendmsg,
|
|
|
|
.recvmsg = sock_common_recvmsg,
|
|
|
|
.mmap = sock_no_mmap,
|
|
|
|
.sendpage = sock_no_sendpage,
|
2006-03-21 14:45:21 +08:00
|
|
|
#ifdef CONFIG_COMPAT
|
2006-03-21 14:48:35 +08:00
|
|
|
.compat_setsockopt = compat_sock_common_setsockopt,
|
|
|
|
.compat_getsockopt = compat_sock_common_getsockopt,
|
2006-03-21 14:45:21 +08:00
|
|
|
#endif
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static struct inet_protosw dccp_v6_protosw = {
|
|
|
|
.type = SOCK_DCCP,
|
|
|
|
.protocol = IPPROTO_DCCP,
|
|
|
|
.prot = &dccp_v6_prot,
|
|
|
|
.ops = &inet6_dccp_ops,
|
|
|
|
.capability = -1,
|
2005-12-14 15:26:10 +08:00
|
|
|
.flags = INET_PROTOSW_ICSK,
|
2005-12-14 15:24:53 +08:00
|
|
|
};
|
|
|
|
|
|
|
|
static int __init dccp_v6_init(void)
|
|
|
|
{
|
|
|
|
int err = proto_register(&dccp_v6_prot, 1);
|
|
|
|
|
|
|
|
if (err != 0)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
err = inet6_add_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
|
|
|
|
if (err != 0)
|
|
|
|
goto out_unregister_proto;
|
|
|
|
|
|
|
|
inet6_register_protosw(&dccp_v6_protosw);
|
2006-03-21 14:00:37 +08:00
|
|
|
|
2006-03-21 14:01:03 +08:00
|
|
|
err = inet_csk_ctl_sock_create(&dccp_v6_ctl_socket, PF_INET6,
|
|
|
|
SOCK_DCCP, IPPROTO_DCCP);
|
|
|
|
if (err != 0)
|
2006-03-21 14:00:37 +08:00
|
|
|
goto out_unregister_protosw;
|
2005-12-14 15:24:53 +08:00
|
|
|
out:
|
|
|
|
return err;
|
2006-03-21 14:00:37 +08:00
|
|
|
out_unregister_protosw:
|
|
|
|
inet6_del_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
|
|
|
|
inet6_unregister_protosw(&dccp_v6_protosw);
|
2005-12-14 15:24:53 +08:00
|
|
|
out_unregister_proto:
|
|
|
|
proto_unregister(&dccp_v6_prot);
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void __exit dccp_v6_exit(void)
|
|
|
|
{
|
|
|
|
inet6_del_protocol(&dccp_v6_protocol, IPPROTO_DCCP);
|
|
|
|
inet6_unregister_protosw(&dccp_v6_protosw);
|
|
|
|
proto_unregister(&dccp_v6_prot);
|
|
|
|
}
|
|
|
|
|
|
|
|
module_init(dccp_v6_init);
|
|
|
|
module_exit(dccp_v6_exit);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* __stringify doesn't likes enums, so use SOCK_DCCP (6) and IPPROTO_DCCP (33)
|
|
|
|
* values directly, Also cover the case where the protocol is not specified,
|
|
|
|
* i.e. net-pf-PF_INET6-proto-0-type-SOCK_DCCP
|
|
|
|
*/
|
2007-10-22 07:45:03 +08:00
|
|
|
MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 33, 6);
|
|
|
|
MODULE_ALIAS_NET_PF_PROTO_TYPE(PF_INET6, 0, 6);
|
2005-12-14 15:24:53 +08:00
|
|
|
MODULE_LICENSE("GPL");
|
|
|
|
MODULE_AUTHOR("Arnaldo Carvalho de Melo <acme@mandriva.com>");
|
|
|
|
MODULE_DESCRIPTION("DCCPv6 - Datagram Congestion Controlled Protocol");
|