2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * Implementation of the Transmission Control Protocol(TCP).
8 * IPv4 specific functions
13 * linux/ipv4/tcp_input.c
14 * linux/ipv4/tcp_output.c
16 * See tcp.c for author information
18 * This program is free software; you can redistribute it and/or
19 * modify it under the terms of the GNU General Public License
20 * as published by the Free Software Foundation; either version
21 * 2 of the License, or (at your option) any later version.
26 * David S. Miller : New socket lookup architecture.
27 * This code is dedicated to John Dyson.
28 * David S. Miller : Change semantics of established hash,
29 * half is devoted to TIME_WAIT sockets
30 * and the rest go in the other half.
31 * Andi Kleen : Add support for syncookies and fixed
32 * some bugs: ip options weren't passed to
33 * the TCP layer, missed a check for an
35 * Andi Kleen : Implemented fast path mtu discovery.
36 * Fixed many serious bugs in the
37 * request_sock handling and moved
38 * most of it into the af independent code.
39 * Added tail drop and some other bugfixes.
40 * Added new listen semantics.
41 * Mike McLagan : Routing by source
42 * Juan Jose Ciarlante: ip_dynaddr bits
43 * Andi Kleen: various fixes.
44 * Vitaly E. Lavrov : Transparent proxy revived after year
46 * Andi Kleen : Fix new listen.
47 * Andi Kleen : Fix accept error reporting.
48 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
49 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
50 * a single port at the same time.
53 #define pr_fmt(fmt) "TCP: " fmt
55 #include <linux/bottom_half.h>
56 #include <linux/types.h>
57 #include <linux/fcntl.h>
58 #include <linux/module.h>
59 #include <linux/random.h>
60 #include <linux/cache.h>
61 #include <linux/jhash.h>
62 #include <linux/init.h>
63 #include <linux/times.h>
64 #include <linux/slab.h>
66 #include <net/net_namespace.h>
68 #include <net/inet_hashtables.h>
70 #include <net/transp_v6.h>
72 #include <net/inet_common.h>
73 #include <net/timewait_sock.h>
75 #include <net/secure_seq.h>
76 #include <net/busy_poll.h>
78 #include <linux/inet.h>
79 #include <linux/ipv6.h>
80 #include <linux/stddef.h>
81 #include <linux/proc_fs.h>
82 #include <linux/seq_file.h>
83 #include <linux/inetdevice.h>
85 #include <crypto/hash.h>
86 #include <linux/scatterlist.h>
88 #include <trace/events/tcp.h>
90 #ifdef CONFIG_TCP_MD5SIG
91 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
92 __be32 daddr, __be32 saddr, const struct tcphdr *th);
95 struct inet_hashinfo tcp_hashinfo;
96 EXPORT_SYMBOL(tcp_hashinfo);
98 static u32 tcp_v4_init_seq(const struct sk_buff *skb)
100 return secure_tcp_seq(ip_hdr(skb)->daddr,
103 tcp_hdr(skb)->source);
106 static u32 tcp_v4_init_ts_off(const struct net *net, const struct sk_buff *skb)
108 return secure_tcp_ts_off(net, ip_hdr(skb)->daddr, ip_hdr(skb)->saddr);
111 int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
113 const struct inet_timewait_sock *tw = inet_twsk(sktw);
114 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw);
115 struct tcp_sock *tp = tcp_sk(sk);
116 int reuse = sock_net(sk)->ipv4.sysctl_tcp_tw_reuse;
119 /* Still does not detect *everything* that goes through
120 * lo, since we require a loopback src or dst address
121 * or direct binding to 'lo' interface.
123 bool loopback = false;
124 if (tw->tw_bound_dev_if == LOOPBACK_IFINDEX)
126 #if IS_ENABLED(CONFIG_IPV6)
127 if (tw->tw_family == AF_INET6) {
128 if (ipv6_addr_loopback(&tw->tw_v6_daddr) ||
129 (ipv6_addr_v4mapped(&tw->tw_v6_daddr) &&
130 (tw->tw_v6_daddr.s6_addr[12] == 127)) ||
131 ipv6_addr_loopback(&tw->tw_v6_rcv_saddr) ||
132 (ipv6_addr_v4mapped(&tw->tw_v6_rcv_saddr) &&
133 (tw->tw_v6_rcv_saddr.s6_addr[12] == 127)))
138 if (ipv4_is_loopback(tw->tw_daddr) ||
139 ipv4_is_loopback(tw->tw_rcv_saddr))
146 /* With PAWS, it is safe from the viewpoint
147 of data integrity. Even without PAWS it is safe provided sequence
148 spaces do not overlap i.e. at data rates <= 80Mbit/sec.
150 Actually, the idea is close to VJ's one, only timestamp cache is
151 held not per host, but per port pair and TW bucket is used as state
154 If TW bucket has been already destroyed we fall back to VJ's scheme
155 and use initial timestamp retrieved from peer table.
157 if (tcptw->tw_ts_recent_stamp &&
158 (!twp || (reuse && time_after32(ktime_get_seconds(),
159 tcptw->tw_ts_recent_stamp)))) {
160 /* In case of repair and re-using TIME-WAIT sockets we still
161 * want to be sure that it is safe as above but honor the
162 * sequence numbers and time stamps set as part of the repair
165 * Without this check re-using a TIME-WAIT socket with TCP
166 * repair would accumulate a -1 on the repair assigned
167 * sequence number. The first time it is reused the sequence
168 * is -1, the second time -2, etc. This fixes that issue
169 * without appearing to create any others.
171 if (likely(!tp->repair)) {
172 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
173 if (tp->write_seq == 0)
175 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
176 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
184 EXPORT_SYMBOL_GPL(tcp_twsk_unique);
186 static int tcp_v4_pre_connect(struct sock *sk, struct sockaddr *uaddr,
189 /* This check is replicated from tcp_v4_connect() and intended to
190 * prevent BPF program called below from accessing bytes that are out
191 * of the bound specified by user in addr_len.
193 if (addr_len < sizeof(struct sockaddr_in))
196 sock_owned_by_me(sk);
198 return BPF_CGROUP_RUN_PROG_INET4_CONNECT(sk, uaddr);
201 /* This will initiate an outgoing connection. */
202 int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
204 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr;
205 struct inet_sock *inet = inet_sk(sk);
206 struct tcp_sock *tp = tcp_sk(sk);
207 __be16 orig_sport, orig_dport;
208 __be32 daddr, nexthop;
212 struct ip_options_rcu *inet_opt;
213 struct inet_timewait_death_row *tcp_death_row = &sock_net(sk)->ipv4.tcp_death_row;
215 if (addr_len < sizeof(struct sockaddr_in))
218 if (usin->sin_family != AF_INET)
219 return -EAFNOSUPPORT;
221 nexthop = daddr = usin->sin_addr.s_addr;
222 inet_opt = rcu_dereference_protected(inet->inet_opt,
223 lockdep_sock_is_held(sk));
224 if (inet_opt && inet_opt->opt.srr) {
227 nexthop = inet_opt->opt.faddr;
230 orig_sport = inet->inet_sport;
231 orig_dport = usin->sin_port;
232 fl4 = &inet->cork.fl.u.ip4;
233 rt = ip_route_connect(fl4, nexthop, inet->inet_saddr,
234 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if,
236 orig_sport, orig_dport, sk);
239 if (err == -ENETUNREACH)
240 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
244 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
249 if (!inet_opt || !inet_opt->opt.srr)
252 if (!inet->inet_saddr)
253 inet->inet_saddr = fl4->saddr;
254 sk_rcv_saddr_set(sk, inet->inet_saddr);
256 if (tp->rx_opt.ts_recent_stamp && inet->inet_daddr != daddr) {
257 /* Reset inherited state */
258 tp->rx_opt.ts_recent = 0;
259 tp->rx_opt.ts_recent_stamp = 0;
260 if (likely(!tp->repair))
264 inet->inet_dport = usin->sin_port;
265 sk_daddr_set(sk, daddr);
267 inet_csk(sk)->icsk_ext_hdr_len = 0;
269 inet_csk(sk)->icsk_ext_hdr_len = inet_opt->opt.optlen;
271 tp->rx_opt.mss_clamp = TCP_MSS_DEFAULT;
273 /* Socket identity is still unknown (sport may be zero).
274 * However we set state to SYN-SENT and not releasing socket
275 * lock select source port, enter ourselves into the hash tables and
276 * complete initialization after this.
278 tcp_set_state(sk, TCP_SYN_SENT);
279 err = inet_hash_connect(tcp_death_row, sk);
285 rt = ip_route_newports(fl4, rt, orig_sport, orig_dport,
286 inet->inet_sport, inet->inet_dport, sk);
292 /* OK, now commit destination to socket. */
293 sk->sk_gso_type = SKB_GSO_TCPV4;
294 sk_setup_caps(sk, &rt->dst);
297 if (likely(!tp->repair)) {
299 tp->write_seq = secure_tcp_seq(inet->inet_saddr,
303 tp->tsoffset = secure_tcp_ts_off(sock_net(sk),
308 inet->inet_id = tp->write_seq ^ jiffies;
310 if (tcp_fastopen_defer_connect(sk, &err))
315 err = tcp_connect(sk);
324 * This unhashes the socket and releases the local port,
327 tcp_set_state(sk, TCP_CLOSE);
329 sk->sk_route_caps = 0;
330 inet->inet_dport = 0;
333 EXPORT_SYMBOL(tcp_v4_connect);
336 * This routine reacts to ICMP_FRAG_NEEDED mtu indications as defined in RFC1191.
337 * It can be called through tcp_release_cb() if socket was owned by user
338 * at the time tcp_v4_err() was called to handle ICMP message.
340 void tcp_v4_mtu_reduced(struct sock *sk)
342 struct inet_sock *inet = inet_sk(sk);
343 struct dst_entry *dst;
346 if ((1 << sk->sk_state) & (TCPF_LISTEN | TCPF_CLOSE))
348 mtu = tcp_sk(sk)->mtu_info;
349 dst = inet_csk_update_pmtu(sk, mtu);
353 /* Something is about to be wrong... Remember soft error
354 * for the case, if this connection will not able to recover.
356 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst))
357 sk->sk_err_soft = EMSGSIZE;
361 if (inet->pmtudisc != IP_PMTUDISC_DONT &&
362 ip_sk_accept_pmtu(sk) &&
363 inet_csk(sk)->icsk_pmtu_cookie > mtu) {
364 tcp_sync_mss(sk, mtu);
366 /* Resend the TCP packet because it's
367 * clear that the old packet has been
368 * dropped. This is the new "fast" path mtu
371 tcp_simple_retransmit(sk);
372 } /* else let the usual retransmit timer handle it */
374 EXPORT_SYMBOL(tcp_v4_mtu_reduced);
376 static void do_redirect(struct sk_buff *skb, struct sock *sk)
378 struct dst_entry *dst = __sk_dst_check(sk, 0);
381 dst->ops->redirect(dst, sk, skb);
385 /* handle ICMP messages on TCP_NEW_SYN_RECV request sockets */
386 void tcp_req_err(struct sock *sk, u32 seq, bool abort)
388 struct request_sock *req = inet_reqsk(sk);
389 struct net *net = sock_net(sk);
391 /* ICMPs are not backlogged, hence we cannot get
392 * an established socket here.
394 if (seq != tcp_rsk(req)->snt_isn) {
395 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
398 * Still in SYN_RECV, just remove it silently.
399 * There is no good way to pass the error to the newly
400 * created socket, and POSIX does not want network
401 * errors returned from accept().
403 inet_csk_reqsk_queue_drop(req->rsk_listener, req);
404 tcp_listendrop(req->rsk_listener);
408 EXPORT_SYMBOL(tcp_req_err);
411 * This routine is called by the ICMP module when it gets some
412 * sort of error condition. If err < 0 then the socket should
413 * be closed and the error returned to the user. If err > 0
414 * it's just the icmp type << 8 | icmp code. After adjustment
415 * header points to the first 8 bytes of the tcp header. We need
416 * to find the appropriate port.
418 * The locking strategy used here is very "optimistic". When
419 * someone else accesses the socket the ICMP is just dropped
420 * and for some paths there is no check at all.
421 * A more general error queue to queue errors for later handling
422 * is probably better.
426 void tcp_v4_err(struct sk_buff *icmp_skb, u32 info)
428 const struct iphdr *iph = (const struct iphdr *)icmp_skb->data;
429 struct tcphdr *th = (struct tcphdr *)(icmp_skb->data + (iph->ihl << 2));
430 struct inet_connection_sock *icsk;
432 struct inet_sock *inet;
433 const int type = icmp_hdr(icmp_skb)->type;
434 const int code = icmp_hdr(icmp_skb)->code;
437 struct request_sock *fastopen;
442 struct net *net = dev_net(icmp_skb->dev);
444 sk = __inet_lookup_established(net, &tcp_hashinfo, iph->daddr,
445 th->dest, iph->saddr, ntohs(th->source),
446 inet_iif(icmp_skb), 0);
448 __ICMP_INC_STATS(net, ICMP_MIB_INERRORS);
451 if (sk->sk_state == TCP_TIME_WAIT) {
452 inet_twsk_put(inet_twsk(sk));
455 seq = ntohl(th->seq);
456 if (sk->sk_state == TCP_NEW_SYN_RECV)
457 return tcp_req_err(sk, seq,
458 type == ICMP_PARAMETERPROB ||
459 type == ICMP_TIME_EXCEEDED ||
460 (type == ICMP_DEST_UNREACH &&
461 (code == ICMP_NET_UNREACH ||
462 code == ICMP_HOST_UNREACH)));
465 /* If too many ICMPs get dropped on busy
466 * servers this needs to be solved differently.
467 * We do take care of PMTU discovery (RFC1191) special case :
468 * we can receive locally generated ICMP messages while socket is held.
470 if (sock_owned_by_user(sk)) {
471 if (!(type == ICMP_DEST_UNREACH && code == ICMP_FRAG_NEEDED))
472 __NET_INC_STATS(net, LINUX_MIB_LOCKDROPPEDICMPS);
474 if (sk->sk_state == TCP_CLOSE)
477 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
478 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
484 /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */
485 fastopen = tp->fastopen_rsk;
486 snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una;
487 if (sk->sk_state != TCP_LISTEN &&
488 !between(seq, snd_una, tp->snd_nxt)) {
489 __NET_INC_STATS(net, LINUX_MIB_OUTOFWINDOWICMPS);
495 if (!sock_owned_by_user(sk))
496 do_redirect(icmp_skb, sk);
498 case ICMP_SOURCE_QUENCH:
499 /* Just silently ignore these. */
501 case ICMP_PARAMETERPROB:
504 case ICMP_DEST_UNREACH:
505 if (code > NR_ICMP_UNREACH)
508 if (code == ICMP_FRAG_NEEDED) { /* PMTU discovery (RFC1191) */
509 /* We are not interested in TCP_LISTEN and open_requests
510 * (SYN-ACKs send out by Linux are always <576bytes so
511 * they should go through unfragmented).
513 if (sk->sk_state == TCP_LISTEN)
517 if (!sock_owned_by_user(sk)) {
518 tcp_v4_mtu_reduced(sk);
520 if (!test_and_set_bit(TCP_MTU_REDUCED_DEFERRED, &sk->sk_tsq_flags))
526 err = icmp_err_convert[code].errno;
527 /* check if icmp_skb allows revert of backoff
528 * (see draft-zimmermann-tcp-lcd) */
529 if (code != ICMP_NET_UNREACH && code != ICMP_HOST_UNREACH)
531 if (seq != tp->snd_una || !icsk->icsk_retransmits ||
532 !icsk->icsk_backoff || fastopen)
535 if (sock_owned_by_user(sk))
538 icsk->icsk_backoff--;
539 icsk->icsk_rto = tp->srtt_us ? __tcp_set_rto(tp) :
541 icsk->icsk_rto = inet_csk_rto_backoff(icsk, TCP_RTO_MAX);
543 skb = tcp_rtx_queue_head(sk);
546 tcp_mstamp_refresh(tp);
547 delta_us = (u32)(tp->tcp_mstamp - tcp_skb_timestamp_us(skb));
548 remaining = icsk->icsk_rto -
549 usecs_to_jiffies(delta_us);
552 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
553 remaining, TCP_RTO_MAX);
555 /* RTO revert clocked out retransmission.
556 * Will retransmit now */
557 tcp_retransmit_timer(sk);
561 case ICMP_TIME_EXCEEDED:
568 switch (sk->sk_state) {
571 /* Only in fast or simultaneous open. If a fast open socket is
572 * is already accepted it is treated as a connected one below.
574 if (fastopen && !fastopen->sk)
577 if (!sock_owned_by_user(sk)) {
580 sk->sk_error_report(sk);
584 sk->sk_err_soft = err;
589 /* If we've already connected we will keep trying
590 * until we time out, or the user gives up.
592 * rfc1122 4.2.3.9 allows to consider as hard errors
593 * only PROTO_UNREACH and PORT_UNREACH (well, FRAG_FAILED too,
594 * but it is obsoleted by pmtu discovery).
596 * Note, that in modern internet, where routing is unreliable
597 * and in each dark corner broken firewalls sit, sending random
598 * errors ordered by their masters even this two messages finally lose
599 * their original sense (even Linux sends invalid PORT_UNREACHs)
601 * Now we are in compliance with RFCs.
606 if (!sock_owned_by_user(sk) && inet->recverr) {
608 sk->sk_error_report(sk);
609 } else { /* Only an error on timeout */
610 sk->sk_err_soft = err;
618 void __tcp_v4_send_check(struct sk_buff *skb, __be32 saddr, __be32 daddr)
620 struct tcphdr *th = tcp_hdr(skb);
622 th->check = ~tcp_v4_check(skb->len, saddr, daddr, 0);
623 skb->csum_start = skb_transport_header(skb) - skb->head;
624 skb->csum_offset = offsetof(struct tcphdr, check);
627 /* This routine computes an IPv4 TCP checksum. */
628 void tcp_v4_send_check(struct sock *sk, struct sk_buff *skb)
630 const struct inet_sock *inet = inet_sk(sk);
632 __tcp_v4_send_check(skb, inet->inet_saddr, inet->inet_daddr);
634 EXPORT_SYMBOL(tcp_v4_send_check);
637 * This routine will send an RST to the other tcp.
639 * Someone asks: why I NEVER use socket parameters (TOS, TTL etc.)
641 * Answer: if a packet caused RST, it is not for a socket
642 * existing in our system, if it is matched to a socket,
643 * it is just duplicate segment or bug in other side's TCP.
644 * So that we build reply only basing on parameters
645 * arrived with segment.
646 * Exception: precedence violation. We do not implement it in any case.
649 static void tcp_v4_send_reset(const struct sock *sk, struct sk_buff *skb)
651 const struct tcphdr *th = tcp_hdr(skb);
654 #ifdef CONFIG_TCP_MD5SIG
655 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)];
658 struct ip_reply_arg arg;
659 #ifdef CONFIG_TCP_MD5SIG
660 struct tcp_md5sig_key *key = NULL;
661 const __u8 *hash_location = NULL;
662 unsigned char newhash[16];
664 struct sock *sk1 = NULL;
669 /* Never send a reset in response to a reset. */
673 /* If sk not NULL, it means we did a successful lookup and incoming
674 * route had to be correct. prequeue might have dropped our dst.
676 if (!sk && skb_rtable(skb)->rt_type != RTN_LOCAL)
679 /* Swap the send and the receive. */
680 memset(&rep, 0, sizeof(rep));
681 rep.th.dest = th->source;
682 rep.th.source = th->dest;
683 rep.th.doff = sizeof(struct tcphdr) / 4;
687 rep.th.seq = th->ack_seq;
690 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin +
691 skb->len - (th->doff << 2));
694 memset(&arg, 0, sizeof(arg));
695 arg.iov[0].iov_base = (unsigned char *)&rep;
696 arg.iov[0].iov_len = sizeof(rep.th);
698 net = sk ? sock_net(sk) : dev_net(skb_dst(skb)->dev);
699 #ifdef CONFIG_TCP_MD5SIG
701 hash_location = tcp_parse_md5sig_option(th);
702 if (sk && sk_fullsock(sk)) {
703 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)
704 &ip_hdr(skb)->saddr, AF_INET);
705 } else if (hash_location) {
707 * active side is lost. Try to find listening socket through
708 * source port, and then find md5 key through listening socket.
709 * we are not loose security here:
710 * Incoming packet is checked with md5 hash with finding key,
711 * no RST generated if md5 hash doesn't match.
713 sk1 = __inet_lookup_listener(net, &tcp_hashinfo, NULL, 0,
715 th->source, ip_hdr(skb)->daddr,
716 ntohs(th->source), inet_iif(skb),
718 /* don't send rst if it can't find key */
722 key = tcp_md5_do_lookup(sk1, (union tcp_md5_addr *)
723 &ip_hdr(skb)->saddr, AF_INET);
728 genhash = tcp_v4_md5_hash_skb(newhash, key, NULL, skb);
729 if (genhash || memcmp(hash_location, newhash, 16) != 0)
735 rep.opt[0] = htonl((TCPOPT_NOP << 24) |
737 (TCPOPT_MD5SIG << 8) |
739 /* Update length and the length the header thinks exists */
740 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
741 rep.th.doff = arg.iov[0].iov_len / 4;
743 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[1],
744 key, ip_hdr(skb)->saddr,
745 ip_hdr(skb)->daddr, &rep.th);
748 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
749 ip_hdr(skb)->saddr, /* XXX */
750 arg.iov[0].iov_len, IPPROTO_TCP, 0);
751 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
752 arg.flags = (sk && inet_sk_transparent(sk)) ? IP_REPLY_ARG_NOSRCCHECK : 0;
754 /* When socket is gone, all binding information is lost.
755 * routing might fail in this case. No choice here, if we choose to force
756 * input interface, we will misroute in case of asymmetric route.
759 arg.bound_dev_if = sk->sk_bound_dev_if;
761 trace_tcp_send_reset(sk, skb);
764 BUILD_BUG_ON(offsetof(struct sock, sk_bound_dev_if) !=
765 offsetof(struct inet_timewait_sock, tw_bound_dev_if));
767 arg.tos = ip_hdr(skb)->tos;
768 arg.uid = sock_net_uid(net, sk && sk_fullsock(sk) ? sk : NULL);
770 ctl_sk = *this_cpu_ptr(net->ipv4.tcp_sk);
772 ctl_sk->sk_mark = (sk->sk_state == TCP_TIME_WAIT) ?
773 inet_twsk(sk)->tw_mark : sk->sk_mark;
774 ip_send_unicast_reply(ctl_sk,
775 skb, &TCP_SKB_CB(skb)->header.h4.opt,
776 ip_hdr(skb)->saddr, ip_hdr(skb)->daddr,
777 &arg, arg.iov[0].iov_len);
780 __TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
781 __TCP_INC_STATS(net, TCP_MIB_OUTRSTS);
784 #ifdef CONFIG_TCP_MD5SIG
790 /* The code following below sending ACKs in SYN-RECV and TIME-WAIT states
791 outside socket context is ugly, certainly. What can I do?
794 static void tcp_v4_send_ack(const struct sock *sk,
795 struct sk_buff *skb, u32 seq, u32 ack,
796 u32 win, u32 tsval, u32 tsecr, int oif,
797 struct tcp_md5sig_key *key,
798 int reply_flags, u8 tos)
800 const struct tcphdr *th = tcp_hdr(skb);
803 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2)
804 #ifdef CONFIG_TCP_MD5SIG
805 + (TCPOLEN_MD5SIG_ALIGNED >> 2)
809 struct net *net = sock_net(sk);
810 struct ip_reply_arg arg;
813 memset(&rep.th, 0, sizeof(struct tcphdr));
814 memset(&arg, 0, sizeof(arg));
816 arg.iov[0].iov_base = (unsigned char *)&rep;
817 arg.iov[0].iov_len = sizeof(rep.th);
819 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
820 (TCPOPT_TIMESTAMP << 8) |
822 rep.opt[1] = htonl(tsval);
823 rep.opt[2] = htonl(tsecr);
824 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED;
827 /* Swap the send and the receive. */
828 rep.th.dest = th->source;
829 rep.th.source = th->dest;
830 rep.th.doff = arg.iov[0].iov_len / 4;
831 rep.th.seq = htonl(seq);
832 rep.th.ack_seq = htonl(ack);
834 rep.th.window = htons(win);
836 #ifdef CONFIG_TCP_MD5SIG
838 int offset = (tsecr) ? 3 : 0;
840 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) |
842 (TCPOPT_MD5SIG << 8) |
844 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
845 rep.th.doff = arg.iov[0].iov_len/4;
847 tcp_v4_md5_hash_hdr((__u8 *) &rep.opt[offset],
848 key, ip_hdr(skb)->saddr,
849 ip_hdr(skb)->daddr, &rep.th);
852 arg.flags = reply_flags;
853 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
854 ip_hdr(skb)->saddr, /* XXX */
855 arg.iov[0].iov_len, IPPROTO_TCP, 0);
856 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
858 arg.bound_dev_if = oif;
860 arg.uid = sock_net_uid(net, sk_fullsock(sk) ? sk : NULL);
862 ctl_sk = *this_cpu_ptr(net->ipv4.tcp_sk);
864 ctl_sk->sk_mark = (sk->sk_state == TCP_TIME_WAIT) ?
865 inet_twsk(sk)->tw_mark : sk->sk_mark;
866 ip_send_unicast_reply(ctl_sk,
867 skb, &TCP_SKB_CB(skb)->header.h4.opt,
868 ip_hdr(skb)->saddr, ip_hdr(skb)->daddr,
869 &arg, arg.iov[0].iov_len);
872 __TCP_INC_STATS(net, TCP_MIB_OUTSEGS);
876 static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
878 struct inet_timewait_sock *tw = inet_twsk(sk);
879 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
881 tcp_v4_send_ack(sk, skb,
882 tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
883 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
884 tcp_time_stamp_raw() + tcptw->tw_ts_offset,
887 tcp_twsk_md5_key(tcptw),
888 tw->tw_transparent ? IP_REPLY_ARG_NOSRCCHECK : 0,
895 static void tcp_v4_reqsk_send_ack(const struct sock *sk, struct sk_buff *skb,
896 struct request_sock *req)
898 /* sk->sk_state == TCP_LISTEN -> for regular TCP_SYN_RECV
899 * sk->sk_state == TCP_SYN_RECV -> for Fast Open.
901 u32 seq = (sk->sk_state == TCP_LISTEN) ? tcp_rsk(req)->snt_isn + 1 :
905 * The window field (SEG.WND) of every outgoing segment, with the
906 * exception of <SYN> segments, MUST be right-shifted by
907 * Rcv.Wind.Shift bits:
909 tcp_v4_send_ack(sk, skb, seq,
910 tcp_rsk(req)->rcv_nxt,
911 req->rsk_rcv_wnd >> inet_rsk(req)->rcv_wscale,
912 tcp_time_stamp_raw() + tcp_rsk(req)->ts_off,
915 tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&ip_hdr(skb)->saddr,
917 inet_rsk(req)->no_srccheck ? IP_REPLY_ARG_NOSRCCHECK : 0,
922 * Send a SYN-ACK after having received a SYN.
923 * This still operates on a request_sock only, not on a big
926 static int tcp_v4_send_synack(const struct sock *sk, struct dst_entry *dst,
928 struct request_sock *req,
929 struct tcp_fastopen_cookie *foc,
930 enum tcp_synack_type synack_type)
932 const struct inet_request_sock *ireq = inet_rsk(req);
937 /* First, grab a route. */
938 if (!dst && (dst = inet_csk_route_req(sk, &fl4, req)) == NULL)
941 skb = tcp_make_synack(sk, dst, req, foc, synack_type);
944 __tcp_v4_send_check(skb, ireq->ir_loc_addr, ireq->ir_rmt_addr);
947 err = ip_build_and_send_pkt(skb, sk, ireq->ir_loc_addr,
949 rcu_dereference(ireq->ireq_opt));
951 err = net_xmit_eval(err);
958 * IPv4 request_sock destructor.
960 static void tcp_v4_reqsk_destructor(struct request_sock *req)
962 kfree(rcu_dereference_protected(inet_rsk(req)->ireq_opt, 1));
965 #ifdef CONFIG_TCP_MD5SIG
967 * RFC2385 MD5 checksumming requires a mapping of
968 * IP address->MD5 Key.
969 * We need to maintain these in the sk structure.
972 /* Find the Key structure for an address. */
973 struct tcp_md5sig_key *tcp_md5_do_lookup(const struct sock *sk,
974 const union tcp_md5_addr *addr,
977 const struct tcp_sock *tp = tcp_sk(sk);
978 struct tcp_md5sig_key *key;
979 const struct tcp_md5sig_info *md5sig;
981 struct tcp_md5sig_key *best_match = NULL;
984 /* caller either holds rcu_read_lock() or socket lock */
985 md5sig = rcu_dereference_check(tp->md5sig_info,
986 lockdep_sock_is_held(sk));
990 hlist_for_each_entry_rcu(key, &md5sig->head, node) {
991 if (key->family != family)
994 if (family == AF_INET) {
995 mask = inet_make_mask(key->prefixlen);
996 match = (key->addr.a4.s_addr & mask) ==
997 (addr->a4.s_addr & mask);
998 #if IS_ENABLED(CONFIG_IPV6)
999 } else if (family == AF_INET6) {
1000 match = ipv6_prefix_equal(&key->addr.a6, &addr->a6,
1007 if (match && (!best_match ||
1008 key->prefixlen > best_match->prefixlen))
1013 EXPORT_SYMBOL(tcp_md5_do_lookup);
1015 static struct tcp_md5sig_key *tcp_md5_do_lookup_exact(const struct sock *sk,
1016 const union tcp_md5_addr *addr,
1017 int family, u8 prefixlen)
1019 const struct tcp_sock *tp = tcp_sk(sk);
1020 struct tcp_md5sig_key *key;
1021 unsigned int size = sizeof(struct in_addr);
1022 const struct tcp_md5sig_info *md5sig;
1024 /* caller either holds rcu_read_lock() or socket lock */
1025 md5sig = rcu_dereference_check(tp->md5sig_info,
1026 lockdep_sock_is_held(sk));
1029 #if IS_ENABLED(CONFIG_IPV6)
1030 if (family == AF_INET6)
1031 size = sizeof(struct in6_addr);
1033 hlist_for_each_entry_rcu(key, &md5sig->head, node) {
1034 if (key->family != family)
1036 if (!memcmp(&key->addr, addr, size) &&
1037 key->prefixlen == prefixlen)
1043 struct tcp_md5sig_key *tcp_v4_md5_lookup(const struct sock *sk,
1044 const struct sock *addr_sk)
1046 const union tcp_md5_addr *addr;
1048 addr = (const union tcp_md5_addr *)&addr_sk->sk_daddr;
1049 return tcp_md5_do_lookup(sk, addr, AF_INET);
1051 EXPORT_SYMBOL(tcp_v4_md5_lookup);
1053 /* This can be called on a newly created socket, from other files */
1054 int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
1055 int family, u8 prefixlen, const u8 *newkey, u8 newkeylen,
1058 /* Add Key to the list */
1059 struct tcp_md5sig_key *key;
1060 struct tcp_sock *tp = tcp_sk(sk);
1061 struct tcp_md5sig_info *md5sig;
1063 key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen);
1065 /* Pre-existing entry - just update that one. */
1066 memcpy(key->key, newkey, newkeylen);
1067 key->keylen = newkeylen;
1071 md5sig = rcu_dereference_protected(tp->md5sig_info,
1072 lockdep_sock_is_held(sk));
1074 md5sig = kmalloc(sizeof(*md5sig), gfp);
1078 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
1079 INIT_HLIST_HEAD(&md5sig->head);
1080 rcu_assign_pointer(tp->md5sig_info, md5sig);
1083 key = sock_kmalloc(sk, sizeof(*key), gfp);
1086 if (!tcp_alloc_md5sig_pool()) {
1087 sock_kfree_s(sk, key, sizeof(*key));
1091 memcpy(key->key, newkey, newkeylen);
1092 key->keylen = newkeylen;
1093 key->family = family;
1094 key->prefixlen = prefixlen;
1095 memcpy(&key->addr, addr,
1096 (family == AF_INET6) ? sizeof(struct in6_addr) :
1097 sizeof(struct in_addr));
1098 hlist_add_head_rcu(&key->node, &md5sig->head);
1101 EXPORT_SYMBOL(tcp_md5_do_add);
1103 int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, int family,
1106 struct tcp_md5sig_key *key;
1108 key = tcp_md5_do_lookup_exact(sk, addr, family, prefixlen);
1111 hlist_del_rcu(&key->node);
1112 atomic_sub(sizeof(*key), &sk->sk_omem_alloc);
1113 kfree_rcu(key, rcu);
1116 EXPORT_SYMBOL(tcp_md5_do_del);
1118 static void tcp_clear_md5_list(struct sock *sk)
1120 struct tcp_sock *tp = tcp_sk(sk);
1121 struct tcp_md5sig_key *key;
1122 struct hlist_node *n;
1123 struct tcp_md5sig_info *md5sig;
1125 md5sig = rcu_dereference_protected(tp->md5sig_info, 1);
1127 hlist_for_each_entry_safe(key, n, &md5sig->head, node) {
1128 hlist_del_rcu(&key->node);
1129 atomic_sub(sizeof(*key), &sk->sk_omem_alloc);
1130 kfree_rcu(key, rcu);
1134 static int tcp_v4_parse_md5_keys(struct sock *sk, int optname,
1135 char __user *optval, int optlen)
1137 struct tcp_md5sig cmd;
1138 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr;
1141 if (optlen < sizeof(cmd))
1144 if (copy_from_user(&cmd, optval, sizeof(cmd)))
1147 if (sin->sin_family != AF_INET)
1150 if (optname == TCP_MD5SIG_EXT &&
1151 cmd.tcpm_flags & TCP_MD5SIG_FLAG_PREFIX) {
1152 prefixlen = cmd.tcpm_prefixlen;
1157 if (!cmd.tcpm_keylen)
1158 return tcp_md5_do_del(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr,
1159 AF_INET, prefixlen);
1161 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
1164 return tcp_md5_do_add(sk, (union tcp_md5_addr *)&sin->sin_addr.s_addr,
1165 AF_INET, prefixlen, cmd.tcpm_key, cmd.tcpm_keylen,
1169 static int tcp_v4_md5_hash_headers(struct tcp_md5sig_pool *hp,
1170 __be32 daddr, __be32 saddr,
1171 const struct tcphdr *th, int nbytes)
1173 struct tcp4_pseudohdr *bp;
1174 struct scatterlist sg;
1181 bp->protocol = IPPROTO_TCP;
1182 bp->len = cpu_to_be16(nbytes);
1184 _th = (struct tcphdr *)(bp + 1);
1185 memcpy(_th, th, sizeof(*th));
1188 sg_init_one(&sg, bp, sizeof(*bp) + sizeof(*th));
1189 ahash_request_set_crypt(hp->md5_req, &sg, NULL,
1190 sizeof(*bp) + sizeof(*th));
1191 return crypto_ahash_update(hp->md5_req);
1194 static int tcp_v4_md5_hash_hdr(char *md5_hash, const struct tcp_md5sig_key *key,
1195 __be32 daddr, __be32 saddr, const struct tcphdr *th)
1197 struct tcp_md5sig_pool *hp;
1198 struct ahash_request *req;
1200 hp = tcp_get_md5sig_pool();
1202 goto clear_hash_noput;
1205 if (crypto_ahash_init(req))
1207 if (tcp_v4_md5_hash_headers(hp, daddr, saddr, th, th->doff << 2))
1209 if (tcp_md5_hash_key(hp, key))
1211 ahash_request_set_crypt(req, NULL, md5_hash, 0);
1212 if (crypto_ahash_final(req))
1215 tcp_put_md5sig_pool();
1219 tcp_put_md5sig_pool();
1221 memset(md5_hash, 0, 16);
1225 int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key,
1226 const struct sock *sk,
1227 const struct sk_buff *skb)
1229 struct tcp_md5sig_pool *hp;
1230 struct ahash_request *req;
1231 const struct tcphdr *th = tcp_hdr(skb);
1232 __be32 saddr, daddr;
1234 if (sk) { /* valid for establish/request sockets */
1235 saddr = sk->sk_rcv_saddr;
1236 daddr = sk->sk_daddr;
1238 const struct iphdr *iph = ip_hdr(skb);
1243 hp = tcp_get_md5sig_pool();
1245 goto clear_hash_noput;
1248 if (crypto_ahash_init(req))
1251 if (tcp_v4_md5_hash_headers(hp, daddr, saddr, th, skb->len))
1253 if (tcp_md5_hash_skb_data(hp, skb, th->doff << 2))
1255 if (tcp_md5_hash_key(hp, key))
1257 ahash_request_set_crypt(req, NULL, md5_hash, 0);
1258 if (crypto_ahash_final(req))
1261 tcp_put_md5sig_pool();
1265 tcp_put_md5sig_pool();
1267 memset(md5_hash, 0, 16);
1270 EXPORT_SYMBOL(tcp_v4_md5_hash_skb);
1274 /* Called with rcu_read_lock() */
1275 static bool tcp_v4_inbound_md5_hash(const struct sock *sk,
1276 const struct sk_buff *skb)
1278 #ifdef CONFIG_TCP_MD5SIG
1280 * This gets called for each TCP segment that arrives
1281 * so we want to be efficient.
1282 * We have 3 drop cases:
1283 * o No MD5 hash and one expected.
1284 * o MD5 hash and we're not expecting one.
1285 * o MD5 hash and its wrong.
1287 const __u8 *hash_location = NULL;
1288 struct tcp_md5sig_key *hash_expected;
1289 const struct iphdr *iph = ip_hdr(skb);
1290 const struct tcphdr *th = tcp_hdr(skb);
1292 unsigned char newhash[16];
1294 hash_expected = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&iph->saddr,
1296 hash_location = tcp_parse_md5sig_option(th);
1298 /* We've parsed the options - do we have a hash? */
1299 if (!hash_expected && !hash_location)
1302 if (hash_expected && !hash_location) {
1303 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
1307 if (!hash_expected && hash_location) {
1308 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5UNEXPECTED);
1312 /* Okay, so this is hash_expected and hash_location -
1313 * so we need to calculate the checksum.
1315 genhash = tcp_v4_md5_hash_skb(newhash,
1319 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
1320 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5FAILURE);
1321 net_info_ratelimited("MD5 Hash failed for (%pI4, %d)->(%pI4, %d)%s\n",
1322 &iph->saddr, ntohs(th->source),
1323 &iph->daddr, ntohs(th->dest),
1324 genhash ? " tcp_v4_calc_md5_hash failed"
1333 static void tcp_v4_init_req(struct request_sock *req,
1334 const struct sock *sk_listener,
1335 struct sk_buff *skb)
1337 struct inet_request_sock *ireq = inet_rsk(req);
1338 struct net *net = sock_net(sk_listener);
1340 sk_rcv_saddr_set(req_to_sk(req), ip_hdr(skb)->daddr);
1341 sk_daddr_set(req_to_sk(req), ip_hdr(skb)->saddr);
1342 RCU_INIT_POINTER(ireq->ireq_opt, tcp_v4_save_options(net, skb));
1345 static struct dst_entry *tcp_v4_route_req(const struct sock *sk,
1347 const struct request_sock *req)
1349 return inet_csk_route_req(sk, &fl->u.ip4, req);
1352 struct request_sock_ops tcp_request_sock_ops __read_mostly = {
1354 .obj_size = sizeof(struct tcp_request_sock),
1355 .rtx_syn_ack = tcp_rtx_synack,
1356 .send_ack = tcp_v4_reqsk_send_ack,
1357 .destructor = tcp_v4_reqsk_destructor,
1358 .send_reset = tcp_v4_send_reset,
1359 .syn_ack_timeout = tcp_syn_ack_timeout,
1362 static const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1363 .mss_clamp = TCP_MSS_DEFAULT,
1364 #ifdef CONFIG_TCP_MD5SIG
1365 .req_md5_lookup = tcp_v4_md5_lookup,
1366 .calc_md5_hash = tcp_v4_md5_hash_skb,
1368 .init_req = tcp_v4_init_req,
1369 #ifdef CONFIG_SYN_COOKIES
1370 .cookie_init_seq = cookie_v4_init_sequence,
1372 .route_req = tcp_v4_route_req,
1373 .init_seq = tcp_v4_init_seq,
1374 .init_ts_off = tcp_v4_init_ts_off,
1375 .send_synack = tcp_v4_send_synack,
1378 int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1380 /* Never answer to SYNs send to broadcast or multicast */
1381 if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST))
1384 return tcp_conn_request(&tcp_request_sock_ops,
1385 &tcp_request_sock_ipv4_ops, sk, skb);
1391 EXPORT_SYMBOL(tcp_v4_conn_request);
1395 * The three way handshake has completed - we got a valid synack -
1396 * now create the new socket.
1398 struct sock *tcp_v4_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
1399 struct request_sock *req,
1400 struct dst_entry *dst,
1401 struct request_sock *req_unhash,
1404 struct inet_request_sock *ireq;
1405 struct inet_sock *newinet;
1406 struct tcp_sock *newtp;
1408 #ifdef CONFIG_TCP_MD5SIG
1409 struct tcp_md5sig_key *key;
1411 struct ip_options_rcu *inet_opt;
1413 if (sk_acceptq_is_full(sk))
1416 newsk = tcp_create_openreq_child(sk, req, skb);
1420 newsk->sk_gso_type = SKB_GSO_TCPV4;
1421 inet_sk_rx_dst_set(newsk, skb);
1423 newtp = tcp_sk(newsk);
1424 newinet = inet_sk(newsk);
1425 ireq = inet_rsk(req);
1426 sk_daddr_set(newsk, ireq->ir_rmt_addr);
1427 sk_rcv_saddr_set(newsk, ireq->ir_loc_addr);
1428 newsk->sk_bound_dev_if = ireq->ir_iif;
1429 newinet->inet_saddr = ireq->ir_loc_addr;
1430 inet_opt = rcu_dereference(ireq->ireq_opt);
1431 RCU_INIT_POINTER(newinet->inet_opt, inet_opt);
1432 newinet->mc_index = inet_iif(skb);
1433 newinet->mc_ttl = ip_hdr(skb)->ttl;
1434 newinet->rcv_tos = ip_hdr(skb)->tos;
1435 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1437 inet_csk(newsk)->icsk_ext_hdr_len = inet_opt->opt.optlen;
1438 newinet->inet_id = newtp->write_seq ^ jiffies;
1441 dst = inet_csk_route_child_sock(sk, newsk, req);
1445 /* syncookie case : see end of cookie_v4_check() */
1447 sk_setup_caps(newsk, dst);
1449 tcp_ca_openreq_child(newsk, dst);
1451 tcp_sync_mss(newsk, dst_mtu(dst));
1452 newtp->advmss = tcp_mss_clamp(tcp_sk(sk), dst_metric_advmss(dst));
1454 tcp_initialize_rcv_mss(newsk);
1456 #ifdef CONFIG_TCP_MD5SIG
1457 /* Copy over the MD5 key from the original socket */
1458 key = tcp_md5_do_lookup(sk, (union tcp_md5_addr *)&newinet->inet_daddr,
1462 * We're using one, so create a matching key
1463 * on the newsk structure. If we fail to get
1464 * memory, then we end up not copying the key
1467 tcp_md5_do_add(newsk, (union tcp_md5_addr *)&newinet->inet_daddr,
1468 AF_INET, 32, key->key, key->keylen, GFP_ATOMIC);
1469 sk_nocaps_add(newsk, NETIF_F_GSO_MASK);
1473 if (__inet_inherit_port(sk, newsk) < 0)
1475 *own_req = inet_ehash_nolisten(newsk, req_to_sk(req_unhash));
1476 if (likely(*own_req)) {
1477 tcp_move_syn(newtp, req);
1478 ireq->ireq_opt = NULL;
1480 newinet->inet_opt = NULL;
1485 NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENOVERFLOWS);
1492 newinet->inet_opt = NULL;
1493 inet_csk_prepare_forced_close(newsk);
1497 EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
1499 static struct sock *tcp_v4_cookie_check(struct sock *sk, struct sk_buff *skb)
1501 #ifdef CONFIG_SYN_COOKIES
1502 const struct tcphdr *th = tcp_hdr(skb);
1505 sk = cookie_v4_check(sk, skb);
1510 /* The socket must have it's spinlock held when we get
1511 * here, unless it is a TCP_LISTEN socket.
1513 * We have a potential double-lock case here, so even when
1514 * doing backlog processing we use the BH locking scheme.
1515 * This is because we cannot sleep with the original spinlock
1518 int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1522 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1523 struct dst_entry *dst = sk->sk_rx_dst;
1525 sock_rps_save_rxhash(sk, skb);
1526 sk_mark_napi_id(sk, skb);
1528 if (inet_sk(sk)->rx_dst_ifindex != skb->skb_iif ||
1529 !dst->ops->check(dst, 0)) {
1531 sk->sk_rx_dst = NULL;
1534 tcp_rcv_established(sk, skb);
1538 if (tcp_checksum_complete(skb))
1541 if (sk->sk_state == TCP_LISTEN) {
1542 struct sock *nsk = tcp_v4_cookie_check(sk, skb);
1547 if (tcp_child_process(sk, nsk, skb)) {
1554 sock_rps_save_rxhash(sk, skb);
1556 if (tcp_rcv_state_process(sk, skb)) {
1563 tcp_v4_send_reset(rsk, skb);
1566 /* Be careful here. If this function gets more complicated and
1567 * gcc suffers from register pressure on the x86, sk (in %ebx)
1568 * might be destroyed here. This current version compiles correctly,
1569 * but you have been warned.
1574 TCP_INC_STATS(sock_net(sk), TCP_MIB_CSUMERRORS);
1575 TCP_INC_STATS(sock_net(sk), TCP_MIB_INERRS);
1578 EXPORT_SYMBOL(tcp_v4_do_rcv);
1580 int tcp_v4_early_demux(struct sk_buff *skb)
1582 const struct iphdr *iph;
1583 const struct tcphdr *th;
1586 if (skb->pkt_type != PACKET_HOST)
1589 if (!pskb_may_pull(skb, skb_transport_offset(skb) + sizeof(struct tcphdr)))
1595 if (th->doff < sizeof(struct tcphdr) / 4)
1598 sk = __inet_lookup_established(dev_net(skb->dev), &tcp_hashinfo,
1599 iph->saddr, th->source,
1600 iph->daddr, ntohs(th->dest),
1601 skb->skb_iif, inet_sdif(skb));
1604 skb->destructor = sock_edemux;
1605 if (sk_fullsock(sk)) {
1606 struct dst_entry *dst = READ_ONCE(sk->sk_rx_dst);
1609 dst = dst_check(dst, 0);
1611 inet_sk(sk)->rx_dst_ifindex == skb->skb_iif)
1612 skb_dst_set_noref(skb, dst);
1618 bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb)
1620 u32 limit = sk->sk_rcvbuf + sk->sk_sndbuf;
1622 /* Only socket owner can try to collapse/prune rx queues
1623 * to reduce memory overhead, so add a little headroom here.
1624 * Few sockets backlog are possibly concurrently non empty.
1628 /* In case all data was pulled from skb frags (in __pskb_pull_tail()),
1629 * we can fix skb->truesize to its real value to avoid future drops.
1630 * This is valid because skb is not yet charged to the socket.
1631 * It has been noticed pure SACK packets were sometimes dropped
1632 * (if cooked by drivers without copybreak feature).
1636 if (unlikely(sk_add_backlog(sk, skb, limit))) {
1638 __NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPBACKLOGDROP);
1643 EXPORT_SYMBOL(tcp_add_backlog);
1645 int tcp_filter(struct sock *sk, struct sk_buff *skb)
1647 struct tcphdr *th = (struct tcphdr *)skb->data;
1648 unsigned int eaten = skb->len;
1651 err = sk_filter_trim_cap(sk, skb, th->doff * 4);
1654 TCP_SKB_CB(skb)->end_seq -= eaten;
1658 EXPORT_SYMBOL(tcp_filter);
1660 static void tcp_v4_restore_cb(struct sk_buff *skb)
1662 memmove(IPCB(skb), &TCP_SKB_CB(skb)->header.h4,
1663 sizeof(struct inet_skb_parm));
1666 static void tcp_v4_fill_cb(struct sk_buff *skb, const struct iphdr *iph,
1667 const struct tcphdr *th)
1669 /* This is tricky : We move IPCB at its correct location into TCP_SKB_CB()
1670 * barrier() makes sure compiler wont play fool^Waliasing games.
1672 memmove(&TCP_SKB_CB(skb)->header.h4, IPCB(skb),
1673 sizeof(struct inet_skb_parm));
1676 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1677 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1678 skb->len - th->doff * 4);
1679 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1680 TCP_SKB_CB(skb)->tcp_flags = tcp_flag_byte(th);
1681 TCP_SKB_CB(skb)->tcp_tw_isn = 0;
1682 TCP_SKB_CB(skb)->ip_dsfield = ipv4_get_dsfield(iph);
1683 TCP_SKB_CB(skb)->sacked = 0;
1684 TCP_SKB_CB(skb)->has_rxtstamp =
1685 skb->tstamp || skb_hwtstamps(skb)->hwtstamp;
1692 int tcp_v4_rcv(struct sk_buff *skb)
1694 struct net *net = dev_net(skb->dev);
1695 int sdif = inet_sdif(skb);
1696 const struct iphdr *iph;
1697 const struct tcphdr *th;
1702 if (skb->pkt_type != PACKET_HOST)
1705 /* Count it even if it's bad */
1706 __TCP_INC_STATS(net, TCP_MIB_INSEGS);
1708 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1711 th = (const struct tcphdr *)skb->data;
1713 if (unlikely(th->doff < sizeof(struct tcphdr) / 4))
1715 if (!pskb_may_pull(skb, th->doff * 4))
1718 /* An explanation is required here, I think.
1719 * Packet length and doff are validated by header prediction,
1720 * provided case of th->doff==0 is eliminated.
1721 * So, we defer the checks. */
1723 if (skb_checksum_init(skb, IPPROTO_TCP, inet_compute_pseudo))
1726 th = (const struct tcphdr *)skb->data;
1729 sk = __inet_lookup_skb(&tcp_hashinfo, skb, __tcp_hdrlen(th), th->source,
1730 th->dest, sdif, &refcounted);
1735 if (sk->sk_state == TCP_TIME_WAIT)
1738 if (sk->sk_state == TCP_NEW_SYN_RECV) {
1739 struct request_sock *req = inet_reqsk(sk);
1740 bool req_stolen = false;
1743 sk = req->rsk_listener;
1744 if (unlikely(tcp_v4_inbound_md5_hash(sk, skb))) {
1745 sk_drops_add(sk, skb);
1749 if (tcp_checksum_complete(skb)) {
1753 if (unlikely(sk->sk_state != TCP_LISTEN)) {
1754 inet_csk_reqsk_queue_drop_and_put(sk, req);
1757 /* We own a reference on the listener, increase it again
1758 * as we might lose it too soon.
1763 if (!tcp_filter(sk, skb)) {
1764 th = (const struct tcphdr *)skb->data;
1766 tcp_v4_fill_cb(skb, iph, th);
1767 nsk = tcp_check_req(sk, skb, req, false, &req_stolen);
1772 /* Another cpu got exclusive access to req
1773 * and created a full blown socket.
1774 * Try to feed this packet to this socket
1775 * instead of discarding it.
1777 tcp_v4_restore_cb(skb);
1781 goto discard_and_relse;
1785 tcp_v4_restore_cb(skb);
1786 } else if (tcp_child_process(sk, nsk, skb)) {
1787 tcp_v4_send_reset(nsk, skb);
1788 goto discard_and_relse;
1794 if (unlikely(iph->ttl < inet_sk(sk)->min_ttl)) {
1795 __NET_INC_STATS(net, LINUX_MIB_TCPMINTTLDROP);
1796 goto discard_and_relse;
1799 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
1800 goto discard_and_relse;
1802 if (tcp_v4_inbound_md5_hash(sk, skb))
1803 goto discard_and_relse;
1807 if (tcp_filter(sk, skb))
1808 goto discard_and_relse;
1809 th = (const struct tcphdr *)skb->data;
1811 tcp_v4_fill_cb(skb, iph, th);
1815 if (sk->sk_state == TCP_LISTEN) {
1816 ret = tcp_v4_do_rcv(sk, skb);
1817 goto put_and_return;
1820 sk_incoming_cpu_update(sk);
1822 bh_lock_sock_nested(sk);
1823 tcp_segs_in(tcp_sk(sk), skb);
1825 if (!sock_owned_by_user(sk)) {
1826 ret = tcp_v4_do_rcv(sk, skb);
1827 } else if (tcp_add_backlog(sk, skb)) {
1828 goto discard_and_relse;
1839 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
1842 tcp_v4_fill_cb(skb, iph, th);
1844 if (tcp_checksum_complete(skb)) {
1846 __TCP_INC_STATS(net, TCP_MIB_CSUMERRORS);
1848 __TCP_INC_STATS(net, TCP_MIB_INERRS);
1850 tcp_v4_send_reset(NULL, skb);
1854 /* Discard frame. */
1859 sk_drops_add(sk, skb);
1865 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1866 inet_twsk_put(inet_twsk(sk));
1870 tcp_v4_fill_cb(skb, iph, th);
1872 if (tcp_checksum_complete(skb)) {
1873 inet_twsk_put(inet_twsk(sk));
1876 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1878 struct sock *sk2 = inet_lookup_listener(dev_net(skb->dev),
1881 iph->saddr, th->source,
1882 iph->daddr, th->dest,
1886 inet_twsk_deschedule_put(inet_twsk(sk));
1888 tcp_v4_restore_cb(skb);
1896 tcp_v4_timewait_ack(sk, skb);
1899 tcp_v4_send_reset(sk, skb);
1900 inet_twsk_deschedule_put(inet_twsk(sk));
1902 case TCP_TW_SUCCESS:;
1907 static struct timewait_sock_ops tcp_timewait_sock_ops = {
1908 .twsk_obj_size = sizeof(struct tcp_timewait_sock),
1909 .twsk_unique = tcp_twsk_unique,
1910 .twsk_destructor= tcp_twsk_destructor,
1913 void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb)
1915 struct dst_entry *dst = skb_dst(skb);
1917 if (dst && dst_hold_safe(dst)) {
1918 sk->sk_rx_dst = dst;
1919 inet_sk(sk)->rx_dst_ifindex = skb->skb_iif;
1922 EXPORT_SYMBOL(inet_sk_rx_dst_set);
1924 const struct inet_connection_sock_af_ops ipv4_specific = {
1925 .queue_xmit = ip_queue_xmit,
1926 .send_check = tcp_v4_send_check,
1927 .rebuild_header = inet_sk_rebuild_header,
1928 .sk_rx_dst_set = inet_sk_rx_dst_set,
1929 .conn_request = tcp_v4_conn_request,
1930 .syn_recv_sock = tcp_v4_syn_recv_sock,
1931 .net_header_len = sizeof(struct iphdr),
1932 .setsockopt = ip_setsockopt,
1933 .getsockopt = ip_getsockopt,
1934 .addr2sockaddr = inet_csk_addr2sockaddr,
1935 .sockaddr_len = sizeof(struct sockaddr_in),
1936 #ifdef CONFIG_COMPAT
1937 .compat_setsockopt = compat_ip_setsockopt,
1938 .compat_getsockopt = compat_ip_getsockopt,
1940 .mtu_reduced = tcp_v4_mtu_reduced,
1942 EXPORT_SYMBOL(ipv4_specific);
1944 #ifdef CONFIG_TCP_MD5SIG
1945 static const struct tcp_sock_af_ops tcp_sock_ipv4_specific = {
1946 .md5_lookup = tcp_v4_md5_lookup,
1947 .calc_md5_hash = tcp_v4_md5_hash_skb,
1948 .md5_parse = tcp_v4_parse_md5_keys,
1952 /* NOTE: A lot of things set to zero explicitly by call to
1953 * sk_alloc() so need not be done here.
1955 static int tcp_v4_init_sock(struct sock *sk)
1957 struct inet_connection_sock *icsk = inet_csk(sk);
1961 icsk->icsk_af_ops = &ipv4_specific;
1963 #ifdef CONFIG_TCP_MD5SIG
1964 tcp_sk(sk)->af_specific = &tcp_sock_ipv4_specific;
1970 void tcp_v4_destroy_sock(struct sock *sk)
1972 struct tcp_sock *tp = tcp_sk(sk);
1974 trace_tcp_destroy_sock(sk);
1976 tcp_clear_xmit_timers(sk);
1978 tcp_cleanup_congestion_control(sk);
1980 tcp_cleanup_ulp(sk);
1982 /* Cleanup up the write buffer. */
1983 tcp_write_queue_purge(sk);
1985 /* Check if we want to disable active TFO */
1986 tcp_fastopen_active_disable_ofo_check(sk);
1988 /* Cleans up our, hopefully empty, out_of_order_queue. */
1989 skb_rbtree_purge(&tp->out_of_order_queue);
1991 #ifdef CONFIG_TCP_MD5SIG
1992 /* Clean up the MD5 key list, if any */
1993 if (tp->md5sig_info) {
1994 tcp_clear_md5_list(sk);
1995 kfree_rcu(rcu_dereference_protected(tp->md5sig_info, 1), rcu);
1996 tp->md5sig_info = NULL;
2000 /* Clean up a referenced TCP bind bucket. */
2001 if (inet_csk(sk)->icsk_bind_hash)
2004 BUG_ON(tp->fastopen_rsk);
2006 /* If socket is aborted during connect operation */
2007 tcp_free_fastopen_req(tp);
2008 tcp_fastopen_destroy_cipher(sk);
2009 tcp_saved_syn_free(tp);
2011 sk_sockets_allocated_dec(sk);
2013 EXPORT_SYMBOL(tcp_v4_destroy_sock);
2015 #ifdef CONFIG_PROC_FS
2016 /* Proc filesystem TCP sock list dumping. */
2019 * Get next listener socket follow cur. If cur is NULL, get first socket
2020 * starting from bucket given in st->bucket; when st->bucket is zero the
2021 * very first socket in the hash table is returned.
2023 static void *listening_get_next(struct seq_file *seq, void *cur)
2025 struct tcp_seq_afinfo *afinfo = PDE_DATA(file_inode(seq->file));
2026 struct tcp_iter_state *st = seq->private;
2027 struct net *net = seq_file_net(seq);
2028 struct inet_listen_hashbucket *ilb;
2029 struct sock *sk = cur;
2033 ilb = &tcp_hashinfo.listening_hash[st->bucket];
2034 spin_lock(&ilb->lock);
2035 sk = sk_head(&ilb->head);
2039 ilb = &tcp_hashinfo.listening_hash[st->bucket];
2045 sk_for_each_from(sk) {
2046 if (!net_eq(sock_net(sk), net))
2048 if (sk->sk_family == afinfo->family)
2051 spin_unlock(&ilb->lock);
2053 if (++st->bucket < INET_LHTABLE_SIZE)
2058 static void *listening_get_idx(struct seq_file *seq, loff_t *pos)
2060 struct tcp_iter_state *st = seq->private;
2065 rc = listening_get_next(seq, NULL);
2067 while (rc && *pos) {
2068 rc = listening_get_next(seq, rc);
2074 static inline bool empty_bucket(const struct tcp_iter_state *st)
2076 return hlist_nulls_empty(&tcp_hashinfo.ehash[st->bucket].chain);
2080 * Get first established socket starting from bucket given in st->bucket.
2081 * If st->bucket is zero, the very first socket in the hash is returned.
2083 static void *established_get_first(struct seq_file *seq)
2085 struct tcp_seq_afinfo *afinfo = PDE_DATA(file_inode(seq->file));
2086 struct tcp_iter_state *st = seq->private;
2087 struct net *net = seq_file_net(seq);
2091 for (; st->bucket <= tcp_hashinfo.ehash_mask; ++st->bucket) {
2093 struct hlist_nulls_node *node;
2094 spinlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket);
2096 /* Lockless fast path for the common case of empty buckets */
2097 if (empty_bucket(st))
2101 sk_nulls_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
2102 if (sk->sk_family != afinfo->family ||
2103 !net_eq(sock_net(sk), net)) {
2109 spin_unlock_bh(lock);
2115 static void *established_get_next(struct seq_file *seq, void *cur)
2117 struct tcp_seq_afinfo *afinfo = PDE_DATA(file_inode(seq->file));
2118 struct sock *sk = cur;
2119 struct hlist_nulls_node *node;
2120 struct tcp_iter_state *st = seq->private;
2121 struct net *net = seq_file_net(seq);
2126 sk = sk_nulls_next(sk);
2128 sk_nulls_for_each_from(sk, node) {
2129 if (sk->sk_family == afinfo->family &&
2130 net_eq(sock_net(sk), net))
2134 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2136 return established_get_first(seq);
2139 static void *established_get_idx(struct seq_file *seq, loff_t pos)
2141 struct tcp_iter_state *st = seq->private;
2145 rc = established_get_first(seq);
2148 rc = established_get_next(seq, rc);
2154 static void *tcp_get_idx(struct seq_file *seq, loff_t pos)
2157 struct tcp_iter_state *st = seq->private;
2159 st->state = TCP_SEQ_STATE_LISTENING;
2160 rc = listening_get_idx(seq, &pos);
2163 st->state = TCP_SEQ_STATE_ESTABLISHED;
2164 rc = established_get_idx(seq, pos);
2170 static void *tcp_seek_last_pos(struct seq_file *seq)
2172 struct tcp_iter_state *st = seq->private;
2173 int offset = st->offset;
2174 int orig_num = st->num;
2177 switch (st->state) {
2178 case TCP_SEQ_STATE_LISTENING:
2179 if (st->bucket >= INET_LHTABLE_SIZE)
2181 st->state = TCP_SEQ_STATE_LISTENING;
2182 rc = listening_get_next(seq, NULL);
2183 while (offset-- && rc)
2184 rc = listening_get_next(seq, rc);
2188 st->state = TCP_SEQ_STATE_ESTABLISHED;
2190 case TCP_SEQ_STATE_ESTABLISHED:
2191 if (st->bucket > tcp_hashinfo.ehash_mask)
2193 rc = established_get_first(seq);
2194 while (offset-- && rc)
2195 rc = established_get_next(seq, rc);
2203 void *tcp_seq_start(struct seq_file *seq, loff_t *pos)
2205 struct tcp_iter_state *st = seq->private;
2208 if (*pos && *pos == st->last_pos) {
2209 rc = tcp_seek_last_pos(seq);
2214 st->state = TCP_SEQ_STATE_LISTENING;
2218 rc = *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2221 st->last_pos = *pos;
2224 EXPORT_SYMBOL(tcp_seq_start);
2226 void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2228 struct tcp_iter_state *st = seq->private;
2231 if (v == SEQ_START_TOKEN) {
2232 rc = tcp_get_idx(seq, 0);
2236 switch (st->state) {
2237 case TCP_SEQ_STATE_LISTENING:
2238 rc = listening_get_next(seq, v);
2240 st->state = TCP_SEQ_STATE_ESTABLISHED;
2243 rc = established_get_first(seq);
2246 case TCP_SEQ_STATE_ESTABLISHED:
2247 rc = established_get_next(seq, v);
2252 st->last_pos = *pos;
2255 EXPORT_SYMBOL(tcp_seq_next);
2257 void tcp_seq_stop(struct seq_file *seq, void *v)
2259 struct tcp_iter_state *st = seq->private;
2261 switch (st->state) {
2262 case TCP_SEQ_STATE_LISTENING:
2263 if (v != SEQ_START_TOKEN)
2264 spin_unlock(&tcp_hashinfo.listening_hash[st->bucket].lock);
2266 case TCP_SEQ_STATE_ESTABLISHED:
2268 spin_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2272 EXPORT_SYMBOL(tcp_seq_stop);
2274 static void get_openreq4(const struct request_sock *req,
2275 struct seq_file *f, int i)
2277 const struct inet_request_sock *ireq = inet_rsk(req);
2278 long delta = req->rsk_timer.expires - jiffies;
2280 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2281 " %02X %08X:%08X %02X:%08lX %08X %5u %8d %u %d %pK",
2286 ntohs(ireq->ir_rmt_port),
2288 0, 0, /* could print option size, but that is af dependent. */
2289 1, /* timers active (only the expire timer) */
2290 jiffies_delta_to_clock_t(delta),
2292 from_kuid_munged(seq_user_ns(f),
2293 sock_i_uid(req->rsk_listener)),
2294 0, /* non standard timer */
2295 0, /* open_requests have no inode */
2300 static void get_tcp4_sock(struct sock *sk, struct seq_file *f, int i)
2303 unsigned long timer_expires;
2304 const struct tcp_sock *tp = tcp_sk(sk);
2305 const struct inet_connection_sock *icsk = inet_csk(sk);
2306 const struct inet_sock *inet = inet_sk(sk);
2307 const struct fastopen_queue *fastopenq = &icsk->icsk_accept_queue.fastopenq;
2308 __be32 dest = inet->inet_daddr;
2309 __be32 src = inet->inet_rcv_saddr;
2310 __u16 destp = ntohs(inet->inet_dport);
2311 __u16 srcp = ntohs(inet->inet_sport);
2315 if (icsk->icsk_pending == ICSK_TIME_RETRANS ||
2316 icsk->icsk_pending == ICSK_TIME_REO_TIMEOUT ||
2317 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
2319 timer_expires = icsk->icsk_timeout;
2320 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2322 timer_expires = icsk->icsk_timeout;
2323 } else if (timer_pending(&sk->sk_timer)) {
2325 timer_expires = sk->sk_timer.expires;
2328 timer_expires = jiffies;
2331 state = inet_sk_state_load(sk);
2332 if (state == TCP_LISTEN)
2333 rx_queue = sk->sk_ack_backlog;
2335 /* Because we don't lock the socket,
2336 * we might find a transient negative value.
2338 rx_queue = max_t(int, tp->rcv_nxt - tp->copied_seq, 0);
2340 seq_printf(f, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2341 "%08X %5u %8d %lu %d %pK %lu %lu %u %u %d",
2342 i, src, srcp, dest, destp, state,
2343 tp->write_seq - tp->snd_una,
2346 jiffies_delta_to_clock_t(timer_expires - jiffies),
2347 icsk->icsk_retransmits,
2348 from_kuid_munged(seq_user_ns(f), sock_i_uid(sk)),
2349 icsk->icsk_probes_out,
2351 refcount_read(&sk->sk_refcnt), sk,
2352 jiffies_to_clock_t(icsk->icsk_rto),
2353 jiffies_to_clock_t(icsk->icsk_ack.ato),
2354 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2356 state == TCP_LISTEN ?
2357 fastopenq->max_qlen :
2358 (tcp_in_initial_slowstart(tp) ? -1 : tp->snd_ssthresh));
2361 static void get_timewait4_sock(const struct inet_timewait_sock *tw,
2362 struct seq_file *f, int i)
2364 long delta = tw->tw_timer.expires - jiffies;
2368 dest = tw->tw_daddr;
2369 src = tw->tw_rcv_saddr;
2370 destp = ntohs(tw->tw_dport);
2371 srcp = ntohs(tw->tw_sport);
2373 seq_printf(f, "%4d: %08X:%04X %08X:%04X"
2374 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %pK",
2375 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2376 3, jiffies_delta_to_clock_t(delta), 0, 0, 0, 0,
2377 refcount_read(&tw->tw_refcnt), tw);
2382 static int tcp4_seq_show(struct seq_file *seq, void *v)
2384 struct tcp_iter_state *st;
2385 struct sock *sk = v;
2387 seq_setwidth(seq, TMPSZ - 1);
2388 if (v == SEQ_START_TOKEN) {
2389 seq_puts(seq, " sl local_address rem_address st tx_queue "
2390 "rx_queue tr tm->when retrnsmt uid timeout "
2396 if (sk->sk_state == TCP_TIME_WAIT)
2397 get_timewait4_sock(v, seq, st->num);
2398 else if (sk->sk_state == TCP_NEW_SYN_RECV)
2399 get_openreq4(v, seq, st->num);
2401 get_tcp4_sock(v, seq, st->num);
2407 static const struct seq_operations tcp4_seq_ops = {
2408 .show = tcp4_seq_show,
2409 .start = tcp_seq_start,
2410 .next = tcp_seq_next,
2411 .stop = tcp_seq_stop,
2414 static struct tcp_seq_afinfo tcp4_seq_afinfo = {
2418 static int __net_init tcp4_proc_init_net(struct net *net)
2420 if (!proc_create_net_data("tcp", 0444, net->proc_net, &tcp4_seq_ops,
2421 sizeof(struct tcp_iter_state), &tcp4_seq_afinfo))
2426 static void __net_exit tcp4_proc_exit_net(struct net *net)
2428 remove_proc_entry("tcp", net->proc_net);
2431 static struct pernet_operations tcp4_net_ops = {
2432 .init = tcp4_proc_init_net,
2433 .exit = tcp4_proc_exit_net,
2436 int __init tcp4_proc_init(void)
2438 return register_pernet_subsys(&tcp4_net_ops);
2441 void tcp4_proc_exit(void)
2443 unregister_pernet_subsys(&tcp4_net_ops);
2445 #endif /* CONFIG_PROC_FS */
2447 struct proto tcp_prot = {
2449 .owner = THIS_MODULE,
2451 .pre_connect = tcp_v4_pre_connect,
2452 .connect = tcp_v4_connect,
2453 .disconnect = tcp_disconnect,
2454 .accept = inet_csk_accept,
2456 .init = tcp_v4_init_sock,
2457 .destroy = tcp_v4_destroy_sock,
2458 .shutdown = tcp_shutdown,
2459 .setsockopt = tcp_setsockopt,
2460 .getsockopt = tcp_getsockopt,
2461 .keepalive = tcp_set_keepalive,
2462 .recvmsg = tcp_recvmsg,
2463 .sendmsg = tcp_sendmsg,
2464 .sendpage = tcp_sendpage,
2465 .backlog_rcv = tcp_v4_do_rcv,
2466 .release_cb = tcp_release_cb,
2468 .unhash = inet_unhash,
2469 .get_port = inet_csk_get_port,
2470 .enter_memory_pressure = tcp_enter_memory_pressure,
2471 .leave_memory_pressure = tcp_leave_memory_pressure,
2472 .stream_memory_free = tcp_stream_memory_free,
2473 .sockets_allocated = &tcp_sockets_allocated,
2474 .orphan_count = &tcp_orphan_count,
2475 .memory_allocated = &tcp_memory_allocated,
2476 .memory_pressure = &tcp_memory_pressure,
2477 .sysctl_mem = sysctl_tcp_mem,
2478 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
2479 .sysctl_rmem_offset = offsetof(struct net, ipv4.sysctl_tcp_rmem),
2480 .max_header = MAX_TCP_HEADER,
2481 .obj_size = sizeof(struct tcp_sock),
2482 .slab_flags = SLAB_TYPESAFE_BY_RCU,
2483 .twsk_prot = &tcp_timewait_sock_ops,
2484 .rsk_prot = &tcp_request_sock_ops,
2485 .h.hashinfo = &tcp_hashinfo,
2486 .no_autobind = true,
2487 #ifdef CONFIG_COMPAT
2488 .compat_setsockopt = compat_tcp_setsockopt,
2489 .compat_getsockopt = compat_tcp_getsockopt,
2491 .diag_destroy = tcp_abort,
2493 EXPORT_SYMBOL(tcp_prot);
2495 static void __net_exit tcp_sk_exit(struct net *net)
2499 module_put(net->ipv4.tcp_congestion_control->owner);
2501 for_each_possible_cpu(cpu)
2502 inet_ctl_sock_destroy(*per_cpu_ptr(net->ipv4.tcp_sk, cpu));
2503 free_percpu(net->ipv4.tcp_sk);
2506 static int __net_init tcp_sk_init(struct net *net)
2510 net->ipv4.tcp_sk = alloc_percpu(struct sock *);
2511 if (!net->ipv4.tcp_sk)
2514 for_each_possible_cpu(cpu) {
2517 res = inet_ctl_sock_create(&sk, PF_INET, SOCK_RAW,
2521 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
2523 /* Please enforce IP_DF and IPID==0 for RST and
2524 * ACK sent in SYN-RECV and TIME-WAIT state.
2526 inet_sk(sk)->pmtudisc = IP_PMTUDISC_DO;
2528 *per_cpu_ptr(net->ipv4.tcp_sk, cpu) = sk;
2531 net->ipv4.sysctl_tcp_ecn = 2;
2532 net->ipv4.sysctl_tcp_ecn_fallback = 1;
2534 net->ipv4.sysctl_tcp_base_mss = TCP_BASE_MSS;
2535 net->ipv4.sysctl_tcp_probe_threshold = TCP_PROBE_THRESHOLD;
2536 net->ipv4.sysctl_tcp_probe_interval = TCP_PROBE_INTERVAL;
2538 net->ipv4.sysctl_tcp_keepalive_time = TCP_KEEPALIVE_TIME;
2539 net->ipv4.sysctl_tcp_keepalive_probes = TCP_KEEPALIVE_PROBES;
2540 net->ipv4.sysctl_tcp_keepalive_intvl = TCP_KEEPALIVE_INTVL;
2542 net->ipv4.sysctl_tcp_syn_retries = TCP_SYN_RETRIES;
2543 net->ipv4.sysctl_tcp_synack_retries = TCP_SYNACK_RETRIES;
2544 net->ipv4.sysctl_tcp_syncookies = 1;
2545 net->ipv4.sysctl_tcp_reordering = TCP_FASTRETRANS_THRESH;
2546 net->ipv4.sysctl_tcp_retries1 = TCP_RETR1;
2547 net->ipv4.sysctl_tcp_retries2 = TCP_RETR2;
2548 net->ipv4.sysctl_tcp_orphan_retries = 0;
2549 net->ipv4.sysctl_tcp_fin_timeout = TCP_FIN_TIMEOUT;
2550 net->ipv4.sysctl_tcp_notsent_lowat = UINT_MAX;
2551 net->ipv4.sysctl_tcp_tw_reuse = 2;
2553 cnt = tcp_hashinfo.ehash_mask + 1;
2554 net->ipv4.tcp_death_row.sysctl_max_tw_buckets = cnt / 2;
2555 net->ipv4.tcp_death_row.hashinfo = &tcp_hashinfo;
2557 net->ipv4.sysctl_max_syn_backlog = max(128, cnt / 256);
2558 net->ipv4.sysctl_tcp_sack = 1;
2559 net->ipv4.sysctl_tcp_window_scaling = 1;
2560 net->ipv4.sysctl_tcp_timestamps = 1;
2561 net->ipv4.sysctl_tcp_early_retrans = 3;
2562 net->ipv4.sysctl_tcp_recovery = TCP_RACK_LOSS_DETECTION;
2563 net->ipv4.sysctl_tcp_slow_start_after_idle = 1; /* By default, RFC2861 behavior. */
2564 net->ipv4.sysctl_tcp_retrans_collapse = 1;
2565 net->ipv4.sysctl_tcp_max_reordering = 300;
2566 net->ipv4.sysctl_tcp_dsack = 1;
2567 net->ipv4.sysctl_tcp_app_win = 31;
2568 net->ipv4.sysctl_tcp_adv_win_scale = 1;
2569 net->ipv4.sysctl_tcp_frto = 2;
2570 net->ipv4.sysctl_tcp_moderate_rcvbuf = 1;
2571 /* This limits the percentage of the congestion window which we
2572 * will allow a single TSO frame to consume. Building TSO frames
2573 * which are too large can cause TCP streams to be bursty.
2575 net->ipv4.sysctl_tcp_tso_win_divisor = 3;
2576 /* Default TSQ limit of four TSO segments */
2577 net->ipv4.sysctl_tcp_limit_output_bytes = 262144;
2578 /* rfc5961 challenge ack rate limiting */
2579 net->ipv4.sysctl_tcp_challenge_ack_limit = 1000;
2580 net->ipv4.sysctl_tcp_min_tso_segs = 2;
2581 net->ipv4.sysctl_tcp_min_rtt_wlen = 300;
2582 net->ipv4.sysctl_tcp_autocorking = 1;
2583 net->ipv4.sysctl_tcp_invalid_ratelimit = HZ/2;
2584 net->ipv4.sysctl_tcp_pacing_ss_ratio = 200;
2585 net->ipv4.sysctl_tcp_pacing_ca_ratio = 120;
2586 if (net != &init_net) {
2587 memcpy(net->ipv4.sysctl_tcp_rmem,
2588 init_net.ipv4.sysctl_tcp_rmem,
2589 sizeof(init_net.ipv4.sysctl_tcp_rmem));
2590 memcpy(net->ipv4.sysctl_tcp_wmem,
2591 init_net.ipv4.sysctl_tcp_wmem,
2592 sizeof(init_net.ipv4.sysctl_tcp_wmem));
2594 net->ipv4.sysctl_tcp_comp_sack_delay_ns = NSEC_PER_MSEC;
2595 net->ipv4.sysctl_tcp_comp_sack_nr = 44;
2596 net->ipv4.sysctl_tcp_fastopen = TFO_CLIENT_ENABLE;
2597 spin_lock_init(&net->ipv4.tcp_fastopen_ctx_lock);
2598 net->ipv4.sysctl_tcp_fastopen_blackhole_timeout = 60 * 60;
2599 atomic_set(&net->ipv4.tfo_active_disable_times, 0);
2601 /* Reno is always built in */
2602 if (!net_eq(net, &init_net) &&
2603 try_module_get(init_net.ipv4.tcp_congestion_control->owner))
2604 net->ipv4.tcp_congestion_control = init_net.ipv4.tcp_congestion_control;
2606 net->ipv4.tcp_congestion_control = &tcp_reno;
2615 static void __net_exit tcp_sk_exit_batch(struct list_head *net_exit_list)
2619 inet_twsk_purge(&tcp_hashinfo, AF_INET);
2621 list_for_each_entry(net, net_exit_list, exit_list)
2622 tcp_fastopen_ctx_destroy(net);
2625 static struct pernet_operations __net_initdata tcp_sk_ops = {
2626 .init = tcp_sk_init,
2627 .exit = tcp_sk_exit,
2628 .exit_batch = tcp_sk_exit_batch,
2631 void __init tcp_v4_init(void)
2633 if (register_pernet_subsys(&tcp_sk_ops))
2634 panic("Failed to create the TCP control socket.\n");
projects / linux.git / blob