1/* 2 * UDP over IPv6 3 * Linux INET6 implementation 4 * 5 * Authors: 6 * Pedro Roque <roque@di.fc.ul.pt> 7 * 8 * Based on linux/ipv4/udp.c 9 * 10 * Fixes: 11 * Hideaki YOSHIFUJI : sin6_scope_id support 12 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which 13 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind 14 * a single port at the same time. 15 * Kazunori MIYAZAWA @USAGI: change process style to use ip6_append_data 16 * YOSHIFUJI Hideaki @USAGI: convert /proc/net/udp6 to seq_file. 17 * 18 * This program is free software; you can redistribute it and/or 19 * modify it under the terms of the GNU General Public License 20 * as published by the Free Software Foundation; either version 21 * 2 of the License, or (at your option) any later version. 22 */ 23 24#include <linux/errno.h> 25#include <linux/types.h> 26#include <linux/socket.h> 27#include <linux/sockios.h> 28#include <linux/net.h> 29#include <linux/in6.h> 30#include <linux/netdevice.h> 31#include <linux/if_arp.h> 32#include <linux/ipv6.h> 33#include <linux/icmpv6.h> 34#include <linux/init.h> 35#include <linux/module.h> 36#include <linux/skbuff.h> 37#include <linux/slab.h> 38#include <asm/uaccess.h> 39 40#include <net/ndisc.h> 41#include <net/protocol.h> 42#include <net/transp_v6.h> 43#include <net/ip6_route.h> 44#include <net/raw.h> 45#include <net/tcp_states.h> 46#include <net/ip6_checksum.h> 47#include <net/xfrm.h> 48#include <net/inet6_hashtables.h> 49#include <net/busy_poll.h> 50 51#include <linux/proc_fs.h> 52#include <linux/seq_file.h> 53#include <trace/events/skb.h> 54#include "udp_impl.h" 55 56static u32 udp6_ehashfn(const struct net *net, 57 const struct in6_addr *laddr, 58 const u16 lport, 59 const struct in6_addr *faddr, 60 const __be16 fport) 61{ 62 static u32 udp6_ehash_secret __read_mostly; 63 static u32 udp_ipv6_hash_secret __read_mostly; 64 65 u32 lhash, fhash; 66 67 net_get_random_once(&udp6_ehash_secret, 68 sizeof(udp6_ehash_secret)); 69 net_get_random_once(&udp_ipv6_hash_secret, 70 sizeof(udp_ipv6_hash_secret)); 71 72 lhash = (__force u32)laddr->s6_addr32[3]; 73 fhash = __ipv6_addr_jhash(faddr, udp_ipv6_hash_secret); 74 75 return __inet6_ehashfn(lhash, lport, fhash, fport, 76 udp_ipv6_hash_secret + net_hash_mix(net)); 77} 78 79int ipv6_rcv_saddr_equal(const struct sock *sk, const struct sock *sk2) 80{ 81 const struct in6_addr *sk2_rcv_saddr6 = inet6_rcv_saddr(sk2); 82 int sk2_ipv6only = inet_v6_ipv6only(sk2); 83 int addr_type = ipv6_addr_type(&sk->sk_v6_rcv_saddr); 84 int addr_type2 = sk2_rcv_saddr6 ? ipv6_addr_type(sk2_rcv_saddr6) : IPV6_ADDR_MAPPED; 85 86 /* if both are mapped, treat as IPv4 */ 87 if (addr_type == IPV6_ADDR_MAPPED && addr_type2 == IPV6_ADDR_MAPPED) 88 return (!sk2_ipv6only && 89 (!sk->sk_rcv_saddr || !sk2->sk_rcv_saddr || 90 sk->sk_rcv_saddr == sk2->sk_rcv_saddr)); 91 92 if (addr_type2 == IPV6_ADDR_ANY && 93 !(sk2_ipv6only && addr_type == IPV6_ADDR_MAPPED)) 94 return 1; 95 96 if (addr_type == IPV6_ADDR_ANY && 97 !(ipv6_only_sock(sk) && addr_type2 == IPV6_ADDR_MAPPED)) 98 return 1; 99 100 if (sk2_rcv_saddr6 && 101 ipv6_addr_equal(&sk->sk_v6_rcv_saddr, sk2_rcv_saddr6)) 102 return 1; 103 104 return 0; 105} 106 107static u32 udp6_portaddr_hash(const struct net *net, 108 const struct in6_addr *addr6, 109 unsigned int port) 110{ 111 unsigned int hash, mix = net_hash_mix(net); 112 113 if (ipv6_addr_any(addr6)) 114 hash = jhash_1word(0, mix); 115 else if (ipv6_addr_v4mapped(addr6)) 116 hash = jhash_1word((__force u32)addr6->s6_addr32[3], mix); 117 else 118 hash = jhash2((__force u32 *)addr6->s6_addr32, 4, mix); 119 120 return hash ^ port; 121} 122 123int udp_v6_get_port(struct sock *sk, unsigned short snum) 124{ 125 unsigned int hash2_nulladdr = 126 udp6_portaddr_hash(sock_net(sk), &in6addr_any, snum); 127 unsigned int hash2_partial = 128 udp6_portaddr_hash(sock_net(sk), &sk->sk_v6_rcv_saddr, 0); 129 130 /* precompute partial secondary hash */ 131 udp_sk(sk)->udp_portaddr_hash = hash2_partial; 132 return udp_lib_get_port(sk, snum, ipv6_rcv_saddr_equal, hash2_nulladdr); 133} 134 135static void udp_v6_rehash(struct sock *sk) 136{ 137 u16 new_hash = udp6_portaddr_hash(sock_net(sk), 138 &sk->sk_v6_rcv_saddr, 139 inet_sk(sk)->inet_num); 140 141 udp_lib_rehash(sk, new_hash); 142} 143 144static inline int compute_score(struct sock *sk, struct net *net, 145 unsigned short hnum, 146 const struct in6_addr *saddr, __be16 sport, 147 const struct in6_addr *daddr, __be16 dport, 148 int dif) 149{ 150 int score; 151 struct inet_sock *inet; 152 153 if (!net_eq(sock_net(sk), net) || 154 udp_sk(sk)->udp_port_hash != hnum || 155 sk->sk_family != PF_INET6) 156 return -1; 157 158 score = 0; 159 inet = inet_sk(sk); 160 161 if (inet->inet_dport) { 162 if (inet->inet_dport != sport) 163 return -1; 164 score++; 165 } 166 167 if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) { 168 if (!ipv6_addr_equal(&sk->sk_v6_rcv_saddr, daddr)) 169 return -1; 170 score++; 171 } 172 173 if (!ipv6_addr_any(&sk->sk_v6_daddr)) { 174 if (!ipv6_addr_equal(&sk->sk_v6_daddr, saddr)) 175 return -1; 176 score++; 177 } 178 179 if (sk->sk_bound_dev_if) { 180 if (sk->sk_bound_dev_if != dif) 181 return -1; 182 score++; 183 } 184 185 return score; 186} 187 188#define SCORE2_MAX (1 + 1 + 1) 189static inline int compute_score2(struct sock *sk, struct net *net, 190 const struct in6_addr *saddr, __be16 sport, 191 const struct in6_addr *daddr, 192 unsigned short hnum, int dif) 193{ 194 int score; 195 struct inet_sock *inet; 196 197 if (!net_eq(sock_net(sk), net) || 198 udp_sk(sk)->udp_port_hash != hnum || 199 sk->sk_family != PF_INET6) 200 return -1; 201 202 if (!ipv6_addr_equal(&sk->sk_v6_rcv_saddr, daddr)) 203 return -1; 204 205 score = 0; 206 inet = inet_sk(sk); 207 208 if (inet->inet_dport) { 209 if (inet->inet_dport != sport) 210 return -1; 211 score++; 212 } 213 214 if (!ipv6_addr_any(&sk->sk_v6_daddr)) { 215 if (!ipv6_addr_equal(&sk->sk_v6_daddr, saddr)) 216 return -1; 217 score++; 218 } 219 220 if (sk->sk_bound_dev_if) { 221 if (sk->sk_bound_dev_if != dif) 222 return -1; 223 score++; 224 } 225 226 return score; 227} 228 229/* called with read_rcu_lock() */ 230static struct sock *udp6_lib_lookup2(struct net *net, 231 const struct in6_addr *saddr, __be16 sport, 232 const struct in6_addr *daddr, unsigned int hnum, int dif, 233 struct udp_hslot *hslot2, unsigned int slot2) 234{ 235 struct sock *sk, *result; 236 struct hlist_nulls_node *node; 237 int score, badness, matches = 0, reuseport = 0; 238 u32 hash = 0; 239 240begin: 241 result = NULL; 242 badness = -1; 243 udp_portaddr_for_each_entry_rcu(sk, node, &hslot2->head) { 244 score = compute_score2(sk, net, saddr, sport, 245 daddr, hnum, dif); 246 if (score > badness) { 247 result = sk; 248 badness = score; 249 reuseport = sk->sk_reuseport; 250 if (reuseport) { 251 hash = udp6_ehashfn(net, daddr, hnum, 252 saddr, sport); 253 matches = 1; 254 } else if (score == SCORE2_MAX) 255 goto exact_match; 256 } else if (score == badness && reuseport) { 257 matches++; 258 if (reciprocal_scale(hash, matches) == 0) 259 result = sk; 260 hash = next_pseudo_random32(hash); 261 } 262 } 263 /* 264 * if the nulls value we got at the end of this lookup is 265 * not the expected one, we must restart lookup. 266 * We probably met an item that was moved to another chain. 267 */ 268 if (get_nulls_value(node) != slot2) 269 goto begin; 270 271 if (result) { 272exact_match: 273 if (unlikely(!atomic_inc_not_zero_hint(&result->sk_refcnt, 2))) 274 result = NULL; 275 else if (unlikely(compute_score2(result, net, saddr, sport, 276 daddr, hnum, dif) < badness)) { 277 sock_put(result); 278 goto begin; 279 } 280 } 281 return result; 282} 283 284struct sock *__udp6_lib_lookup(struct net *net, 285 const struct in6_addr *saddr, __be16 sport, 286 const struct in6_addr *daddr, __be16 dport, 287 int dif, struct udp_table *udptable) 288{ 289 struct sock *sk, *result; 290 struct hlist_nulls_node *node; 291 unsigned short hnum = ntohs(dport); 292 unsigned int hash2, slot2, slot = udp_hashfn(net, hnum, udptable->mask); 293 struct udp_hslot *hslot2, *hslot = &udptable->hash[slot]; 294 int score, badness, matches = 0, reuseport = 0; 295 u32 hash = 0; 296 297 rcu_read_lock(); 298 if (hslot->count > 10) { 299 hash2 = udp6_portaddr_hash(net, daddr, hnum); 300 slot2 = hash2 & udptable->mask; 301 hslot2 = &udptable->hash2[slot2]; 302 if (hslot->count < hslot2->count) 303 goto begin; 304 305 result = udp6_lib_lookup2(net, saddr, sport, 306 daddr, hnum, dif, 307 hslot2, slot2); 308 if (!result) { 309 hash2 = udp6_portaddr_hash(net, &in6addr_any, hnum); 310 slot2 = hash2 & udptable->mask; 311 hslot2 = &udptable->hash2[slot2]; 312 if (hslot->count < hslot2->count) 313 goto begin; 314 315 result = udp6_lib_lookup2(net, saddr, sport, 316 &in6addr_any, hnum, dif, 317 hslot2, slot2); 318 } 319 rcu_read_unlock(); 320 return result; 321 } 322begin: 323 result = NULL; 324 badness = -1; 325 sk_nulls_for_each_rcu(sk, node, &hslot->head) { 326 score = compute_score(sk, net, hnum, saddr, sport, daddr, dport, dif); 327 if (score > badness) { 328 result = sk; 329 badness = score; 330 reuseport = sk->sk_reuseport; 331 if (reuseport) { 332 hash = udp6_ehashfn(net, daddr, hnum, 333 saddr, sport); 334 matches = 1; 335 } 336 } else if (score == badness && reuseport) { 337 matches++; 338 if (reciprocal_scale(hash, matches) == 0) 339 result = sk; 340 hash = next_pseudo_random32(hash); 341 } 342 } 343 /* 344 * if the nulls value we got at the end of this lookup is 345 * not the expected one, we must restart lookup. 346 * We probably met an item that was moved to another chain. 347 */ 348 if (get_nulls_value(node) != slot) 349 goto begin; 350 351 if (result) { 352 if (unlikely(!atomic_inc_not_zero_hint(&result->sk_refcnt, 2))) 353 result = NULL; 354 else if (unlikely(compute_score(result, net, hnum, saddr, sport, 355 daddr, dport, dif) < badness)) { 356 sock_put(result); 357 goto begin; 358 } 359 } 360 rcu_read_unlock(); 361 return result; 362} 363EXPORT_SYMBOL_GPL(__udp6_lib_lookup); 364 365static struct sock *__udp6_lib_lookup_skb(struct sk_buff *skb, 366 __be16 sport, __be16 dport, 367 struct udp_table *udptable) 368{ 369 struct sock *sk; 370 const struct ipv6hdr *iph = ipv6_hdr(skb); 371 372 sk = skb_steal_sock(skb); 373 if (unlikely(sk)) 374 return sk; 375 return __udp6_lib_lookup(dev_net(skb_dst(skb)->dev), &iph->saddr, sport, 376 &iph->daddr, dport, inet6_iif(skb), 377 udptable); 378} 379 380struct sock *udp6_lib_lookup(struct net *net, const struct in6_addr *saddr, __be16 sport, 381 const struct in6_addr *daddr, __be16 dport, int dif) 382{ 383 return __udp6_lib_lookup(net, saddr, sport, daddr, dport, dif, &udp_table); 384} 385EXPORT_SYMBOL_GPL(udp6_lib_lookup); 386 387/* 388 * This should be easy, if there is something there we 389 * return it, otherwise we block. 390 */ 391 392int udpv6_recvmsg(struct sock *sk, struct msghdr *msg, size_t len, 393 int noblock, int flags, int *addr_len) 394{ 395 struct ipv6_pinfo *np = inet6_sk(sk); 396 struct inet_sock *inet = inet_sk(sk); 397 struct sk_buff *skb; 398 unsigned int ulen, copied; 399 int peeked, off = 0; 400 int err; 401 int is_udplite = IS_UDPLITE(sk); 402 int is_udp4; 403 bool slow; 404 405 if (flags & MSG_ERRQUEUE) 406 return ipv6_recv_error(sk, msg, len, addr_len); 407 408 if (np->rxpmtu && np->rxopt.bits.rxpmtu) 409 return ipv6_recv_rxpmtu(sk, msg, len, addr_len); 410 411try_again: 412 skb = __skb_recv_datagram(sk, flags | (noblock ? MSG_DONTWAIT : 0), 413 &peeked, &off, &err); 414 if (!skb) 415 goto out; 416 417 ulen = skb->len - sizeof(struct udphdr); 418 copied = len; 419 if (copied > ulen) 420 copied = ulen; 421 else if (copied < ulen) 422 msg->msg_flags |= MSG_TRUNC; 423 424 is_udp4 = (skb->protocol == htons(ETH_P_IP)); 425 426 /* 427 * If checksum is needed at all, try to do it while copying the 428 * data. If the data is truncated, or if we only want a partial 429 * coverage checksum (UDP-Lite), do it before the copy. 430 */ 431 432 if (copied < ulen || UDP_SKB_CB(skb)->partial_cov) { 433 if (udp_lib_checksum_complete(skb)) 434 goto csum_copy_err; 435 } 436 437 if (skb_csum_unnecessary(skb)) 438 err = skb_copy_datagram_msg(skb, sizeof(struct udphdr), 439 msg, copied); 440 else { 441 err = skb_copy_and_csum_datagram_msg(skb, sizeof(struct udphdr), msg); 442 if (err == -EINVAL) 443 goto csum_copy_err; 444 } 445 if (unlikely(err)) { 446 trace_kfree_skb(skb, udpv6_recvmsg); 447 if (!peeked) { 448 atomic_inc(&sk->sk_drops); 449 if (is_udp4) 450 UDP_INC_STATS_USER(sock_net(sk), 451 UDP_MIB_INERRORS, 452 is_udplite); 453 else 454 UDP6_INC_STATS_USER(sock_net(sk), 455 UDP_MIB_INERRORS, 456 is_udplite); 457 } 458 goto out_free; 459 } 460 if (!peeked) { 461 if (is_udp4) 462 UDP_INC_STATS_USER(sock_net(sk), 463 UDP_MIB_INDATAGRAMS, is_udplite); 464 else 465 UDP6_INC_STATS_USER(sock_net(sk), 466 UDP_MIB_INDATAGRAMS, is_udplite); 467 } 468 469 sock_recv_ts_and_drops(msg, sk, skb); 470 471 /* Copy the address. */ 472 if (msg->msg_name) { 473 DECLARE_SOCKADDR(struct sockaddr_in6 *, sin6, msg->msg_name); 474 sin6->sin6_family = AF_INET6; 475 sin6->sin6_port = udp_hdr(skb)->source; 476 sin6->sin6_flowinfo = 0; 477 478 if (is_udp4) { 479 ipv6_addr_set_v4mapped(ip_hdr(skb)->saddr, 480 &sin6->sin6_addr); 481 sin6->sin6_scope_id = 0; 482 } else { 483 sin6->sin6_addr = ipv6_hdr(skb)->saddr; 484 sin6->sin6_scope_id = 485 ipv6_iface_scope_id(&sin6->sin6_addr, 486 inet6_iif(skb)); 487 } 488 *addr_len = sizeof(*sin6); 489 } 490 491 if (np->rxopt.all) 492 ip6_datagram_recv_common_ctl(sk, msg, skb); 493 494 if (is_udp4) { 495 if (inet->cmsg_flags) 496 ip_cmsg_recv(msg, skb); 497 } else { 498 if (np->rxopt.all) 499 ip6_datagram_recv_specific_ctl(sk, msg, skb); 500 } 501 502 err = copied; 503 if (flags & MSG_TRUNC) 504 err = ulen; 505 506out_free: 507 skb_free_datagram_locked(sk, skb); 508out: 509 return err; 510 511csum_copy_err: 512 slow = lock_sock_fast(sk); 513 if (!skb_kill_datagram(sk, skb, flags)) { 514 if (is_udp4) { 515 UDP_INC_STATS_USER(sock_net(sk), 516 UDP_MIB_CSUMERRORS, is_udplite); 517 UDP_INC_STATS_USER(sock_net(sk), 518 UDP_MIB_INERRORS, is_udplite); 519 } else { 520 UDP6_INC_STATS_USER(sock_net(sk), 521 UDP_MIB_CSUMERRORS, is_udplite); 522 UDP6_INC_STATS_USER(sock_net(sk), 523 UDP_MIB_INERRORS, is_udplite); 524 } 525 } 526 unlock_sock_fast(sk, slow); 527 528 /* starting over for a new packet, but check if we need to yield */ 529 cond_resched(); 530 msg->msg_flags &= ~MSG_TRUNC; 531 goto try_again; 532} 533 534void __udp6_lib_err(struct sk_buff *skb, struct inet6_skb_parm *opt, 535 u8 type, u8 code, int offset, __be32 info, 536 struct udp_table *udptable) 537{ 538 struct ipv6_pinfo *np; 539 const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data; 540 const struct in6_addr *saddr = &hdr->saddr; 541 const struct in6_addr *daddr = &hdr->daddr; 542 struct udphdr *uh = (struct udphdr *)(skb->data+offset); 543 struct sock *sk; 544 int err; 545 struct net *net = dev_net(skb->dev); 546 547 sk = __udp6_lib_lookup(net, daddr, uh->dest, 548 saddr, uh->source, inet6_iif(skb), udptable); 549 if (!sk) { 550 ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), 551 ICMP6_MIB_INERRORS); 552 return; 553 } 554 555 if (type == ICMPV6_PKT_TOOBIG) { 556 if (!ip6_sk_accept_pmtu(sk)) 557 goto out; 558 ip6_sk_update_pmtu(skb, sk, info); 559 } 560 if (type == NDISC_REDIRECT) { 561 ip6_sk_redirect(skb, sk); 562 goto out; 563 } 564 565 np = inet6_sk(sk); 566 567 if (!icmpv6_err_convert(type, code, &err) && !np->recverr) 568 goto out; 569 570 if (sk->sk_state != TCP_ESTABLISHED && !np->recverr) 571 goto out; 572 573 if (np->recverr) 574 ipv6_icmp_error(sk, skb, err, uh->dest, ntohl(info), (u8 *)(uh+1)); 575 576 sk->sk_err = err; 577 sk->sk_error_report(sk); 578out: 579 sock_put(sk); 580} 581 582static int __udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) 583{ 584 int rc; 585 586 if (!ipv6_addr_any(&sk->sk_v6_daddr)) { 587 sock_rps_save_rxhash(sk, skb); 588 sk_mark_napi_id(sk, skb); 589 sk_incoming_cpu_update(sk); 590 } 591 592 rc = sock_queue_rcv_skb(sk, skb); 593 if (rc < 0) { 594 int is_udplite = IS_UDPLITE(sk); 595 596 /* Note that an ENOMEM error is charged twice */ 597 if (rc == -ENOMEM) 598 UDP6_INC_STATS_BH(sock_net(sk), 599 UDP_MIB_RCVBUFERRORS, is_udplite); 600 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); 601 kfree_skb(skb); 602 return -1; 603 } 604 return 0; 605} 606 607static __inline__ void udpv6_err(struct sk_buff *skb, 608 struct inet6_skb_parm *opt, u8 type, 609 u8 code, int offset, __be32 info) 610{ 611 __udp6_lib_err(skb, opt, type, code, offset, info, &udp_table); 612} 613 614static struct static_key udpv6_encap_needed __read_mostly; 615void udpv6_encap_enable(void) 616{ 617 if (!static_key_enabled(&udpv6_encap_needed)) 618 static_key_slow_inc(&udpv6_encap_needed); 619} 620EXPORT_SYMBOL(udpv6_encap_enable); 621 622int udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb) 623{ 624 struct udp_sock *up = udp_sk(sk); 625 int rc; 626 int is_udplite = IS_UDPLITE(sk); 627 628 if (!xfrm6_policy_check(sk, XFRM_POLICY_IN, skb)) 629 goto drop; 630 631 if (static_key_false(&udpv6_encap_needed) && up->encap_type) { 632 int (*encap_rcv)(struct sock *sk, struct sk_buff *skb); 633 634 /* 635 * This is an encapsulation socket so pass the skb to 636 * the socket's udp_encap_rcv() hook. Otherwise, just 637 * fall through and pass this up the UDP socket. 638 * up->encap_rcv() returns the following value: 639 * =0 if skb was successfully passed to the encap 640 * handler or was discarded by it. 641 * >0 if skb should be passed on to UDP. 642 * <0 if skb should be resubmitted as proto -N 643 */ 644 645 /* if we're overly short, let UDP handle it */ 646 encap_rcv = ACCESS_ONCE(up->encap_rcv); 647 if (skb->len > sizeof(struct udphdr) && encap_rcv) { 648 int ret; 649 650 /* Verify checksum before giving to encap */ 651 if (udp_lib_checksum_complete(skb)) 652 goto csum_error; 653 654 ret = encap_rcv(sk, skb); 655 if (ret <= 0) { 656 UDP_INC_STATS_BH(sock_net(sk), 657 UDP_MIB_INDATAGRAMS, 658 is_udplite); 659 return -ret; 660 } 661 } 662 663 /* FALLTHROUGH -- it's a UDP Packet */ 664 } 665 666 /* 667 * UDP-Lite specific tests, ignored on UDP sockets (see net/ipv4/udp.c). 668 */ 669 if ((is_udplite & UDPLITE_RECV_CC) && UDP_SKB_CB(skb)->partial_cov) { 670 671 if (up->pcrlen == 0) { /* full coverage was set */ 672 net_dbg_ratelimited("UDPLITE6: partial coverage %d while full coverage %d requested\n", 673 UDP_SKB_CB(skb)->cscov, skb->len); 674 goto drop; 675 } 676 if (UDP_SKB_CB(skb)->cscov < up->pcrlen) { 677 net_dbg_ratelimited("UDPLITE6: coverage %d too small, need min %d\n", 678 UDP_SKB_CB(skb)->cscov, up->pcrlen); 679 goto drop; 680 } 681 } 682 683 if (rcu_access_pointer(sk->sk_filter)) { 684 if (udp_lib_checksum_complete(skb)) 685 goto csum_error; 686 } 687 688 if (sk_rcvqueues_full(sk, sk->sk_rcvbuf)) { 689 UDP6_INC_STATS_BH(sock_net(sk), 690 UDP_MIB_RCVBUFERRORS, is_udplite); 691 goto drop; 692 } 693 694 skb_dst_drop(skb); 695 696 bh_lock_sock(sk); 697 rc = 0; 698 if (!sock_owned_by_user(sk)) 699 rc = __udpv6_queue_rcv_skb(sk, skb); 700 else if (sk_add_backlog(sk, skb, sk->sk_rcvbuf)) { 701 bh_unlock_sock(sk); 702 goto drop; 703 } 704 bh_unlock_sock(sk); 705 706 return rc; 707 708csum_error: 709 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_CSUMERRORS, is_udplite); 710drop: 711 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, is_udplite); 712 atomic_inc(&sk->sk_drops); 713 kfree_skb(skb); 714 return -1; 715} 716 717static bool __udp_v6_is_mcast_sock(struct net *net, struct sock *sk, 718 __be16 loc_port, const struct in6_addr *loc_addr, 719 __be16 rmt_port, const struct in6_addr *rmt_addr, 720 int dif, unsigned short hnum) 721{ 722 struct inet_sock *inet = inet_sk(sk); 723 724 if (!net_eq(sock_net(sk), net)) 725 return false; 726 727 if (udp_sk(sk)->udp_port_hash != hnum || 728 sk->sk_family != PF_INET6 || 729 (inet->inet_dport && inet->inet_dport != rmt_port) || 730 (!ipv6_addr_any(&sk->sk_v6_daddr) && 731 !ipv6_addr_equal(&sk->sk_v6_daddr, rmt_addr)) || 732 (sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif) || 733 (!ipv6_addr_any(&sk->sk_v6_rcv_saddr) && 734 !ipv6_addr_equal(&sk->sk_v6_rcv_saddr, loc_addr))) 735 return false; 736 if (!inet6_mc_check(sk, loc_addr, rmt_addr)) 737 return false; 738 return true; 739} 740 741static void flush_stack(struct sock **stack, unsigned int count, 742 struct sk_buff *skb, unsigned int final) 743{ 744 struct sk_buff *skb1 = NULL; 745 struct sock *sk; 746 unsigned int i; 747 748 for (i = 0; i < count; i++) { 749 sk = stack[i]; 750 if (likely(!skb1)) 751 skb1 = (i == final) ? skb : skb_clone(skb, GFP_ATOMIC); 752 if (!skb1) { 753 atomic_inc(&sk->sk_drops); 754 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_RCVBUFERRORS, 755 IS_UDPLITE(sk)); 756 UDP6_INC_STATS_BH(sock_net(sk), UDP_MIB_INERRORS, 757 IS_UDPLITE(sk)); 758 } 759 760 if (skb1 && udpv6_queue_rcv_skb(sk, skb1) <= 0) 761 skb1 = NULL; 762 sock_put(sk); 763 } 764 if (unlikely(skb1)) 765 kfree_skb(skb1); 766} 767 768static void udp6_csum_zero_error(struct sk_buff *skb) 769{ 770 /* RFC 2460 section 8.1 says that we SHOULD log 771 * this error. Well, it is reasonable. 772 */ 773 net_dbg_ratelimited("IPv6: udp checksum is 0 for [%pI6c]:%u->[%pI6c]:%u\n", 774 &ipv6_hdr(skb)->saddr, ntohs(udp_hdr(skb)->source), 775 &ipv6_hdr(skb)->daddr, ntohs(udp_hdr(skb)->dest)); 776} 777 778/* 779 * Note: called only from the BH handler context, 780 * so we don't need to lock the hashes. 781 */ 782static int __udp6_lib_mcast_deliver(struct net *net, struct sk_buff *skb, 783 const struct in6_addr *saddr, const struct in6_addr *daddr, 784 struct udp_table *udptable, int proto) 785{ 786 struct sock *sk, *stack[256 / sizeof(struct sock *)]; 787 const struct udphdr *uh = udp_hdr(skb); 788 struct hlist_nulls_node *node; 789 unsigned short hnum = ntohs(uh->dest); 790 struct udp_hslot *hslot = udp_hashslot(udptable, net, hnum); 791 int dif = inet6_iif(skb); 792 unsigned int count = 0, offset = offsetof(typeof(*sk), sk_nulls_node); 793 unsigned int hash2 = 0, hash2_any = 0, use_hash2 = (hslot->count > 10); 794 bool inner_flushed = false; 795 796 if (use_hash2) { 797 hash2_any = udp6_portaddr_hash(net, &in6addr_any, hnum) & 798 udp_table.mask; 799 hash2 = udp6_portaddr_hash(net, daddr, hnum) & udp_table.mask; 800start_lookup: 801 hslot = &udp_table.hash2[hash2]; 802 offset = offsetof(typeof(*sk), __sk_common.skc_portaddr_node); 803 } 804 805 spin_lock(&hslot->lock); 806 sk_nulls_for_each_entry_offset(sk, node, &hslot->head, offset) { 807 if (__udp_v6_is_mcast_sock(net, sk, 808 uh->dest, daddr, 809 uh->source, saddr, 810 dif, hnum) && 811 /* If zero checksum and no_check is not on for 812 * the socket then skip it. 813 */ 814 (uh->check || udp_sk(sk)->no_check6_rx)) { 815 if (unlikely(count == ARRAY_SIZE(stack))) { 816 flush_stack(stack, count, skb, ~0); 817 inner_flushed = true; 818 count = 0; 819 } 820 stack[count++] = sk; 821 sock_hold(sk); 822 } 823 } 824 825 spin_unlock(&hslot->lock); 826 827 /* Also lookup *:port if we are using hash2 and haven't done so yet. */ 828 if (use_hash2 && hash2 != hash2_any) { 829 hash2 = hash2_any; 830 goto start_lookup; 831 } 832 833 if (count) { 834 flush_stack(stack, count, skb, count - 1); 835 } else { 836 if (!inner_flushed) 837 UDP_INC_STATS_BH(net, UDP_MIB_IGNOREDMULTI, 838 proto == IPPROTO_UDPLITE); 839 consume_skb(skb); 840 } 841 return 0; 842} 843 844int __udp6_lib_rcv(struct sk_buff *skb, struct udp_table *udptable, 845 int proto) 846{ 847 struct net *net = dev_net(skb->dev); 848 struct sock *sk; 849 struct udphdr *uh; 850 const struct in6_addr *saddr, *daddr; 851 u32 ulen = 0; 852 853 if (!pskb_may_pull(skb, sizeof(struct udphdr))) 854 goto discard; 855 856 saddr = &ipv6_hdr(skb)->saddr; 857 daddr = &ipv6_hdr(skb)->daddr; 858 uh = udp_hdr(skb); 859 860 ulen = ntohs(uh->len); 861 if (ulen > skb->len) 862 goto short_packet; 863 864 if (proto == IPPROTO_UDP) { 865 /* UDP validates ulen. */ 866 867 /* Check for jumbo payload */ 868 if (ulen == 0) 869 ulen = skb->len; 870 871 if (ulen < sizeof(*uh)) 872 goto short_packet; 873 874 if (ulen < skb->len) { 875 if (pskb_trim_rcsum(skb, ulen)) 876 goto short_packet; 877 saddr = &ipv6_hdr(skb)->saddr; 878 daddr = &ipv6_hdr(skb)->daddr; 879 uh = udp_hdr(skb); 880 } 881 } 882 883 if (udp6_csum_init(skb, uh, proto)) 884 goto csum_error; 885 886 /* 887 * Multicast receive code 888 */ 889 if (ipv6_addr_is_multicast(daddr)) 890 return __udp6_lib_mcast_deliver(net, skb, 891 saddr, daddr, udptable, proto); 892 893 /* Unicast */ 894 895 /* 896 * check socket cache ... must talk to Alan about his plans 897 * for sock caches... i'll skip this for now. 898 */ 899 sk = __udp6_lib_lookup_skb(skb, uh->source, uh->dest, udptable); 900 if (sk) { 901 int ret; 902 903 if (!uh->check && !udp_sk(sk)->no_check6_rx) { 904 sock_put(sk); 905 udp6_csum_zero_error(skb); 906 goto csum_error; 907 } 908 909 if (inet_get_convert_csum(sk) && uh->check && !IS_UDPLITE(sk)) 910 skb_checksum_try_convert(skb, IPPROTO_UDP, uh->check, 911 ip6_compute_pseudo); 912 913 ret = udpv6_queue_rcv_skb(sk, skb); 914 sock_put(sk); 915 916 /* a return value > 0 means to resubmit the input, but 917 * it wants the return to be -protocol, or 0 918 */ 919 if (ret > 0) 920 return -ret; 921 922 return 0; 923 } 924 925 if (!uh->check) { 926 udp6_csum_zero_error(skb); 927 goto csum_error; 928 } 929 930 if (!xfrm6_policy_check(NULL, XFRM_POLICY_IN, skb)) 931 goto discard; 932 933 if (udp_lib_checksum_complete(skb)) 934 goto csum_error; 935 936 UDP6_INC_STATS_BH(net, UDP_MIB_NOPORTS, proto == IPPROTO_UDPLITE); 937 icmpv6_send(skb, ICMPV6_DEST_UNREACH, ICMPV6_PORT_UNREACH, 0); 938 939 kfree_skb(skb); 940 return 0; 941 942short_packet: 943 net_dbg_ratelimited("UDP%sv6: short packet: From [%pI6c]:%u %d/%d to [%pI6c]:%u\n", 944 proto == IPPROTO_UDPLITE ? "-Lite" : "", 945 saddr, ntohs(uh->source), 946 ulen, skb->len, 947 daddr, ntohs(uh->dest)); 948 goto discard; 949csum_error: 950 UDP6_INC_STATS_BH(net, UDP_MIB_CSUMERRORS, proto == IPPROTO_UDPLITE); 951discard: 952 UDP6_INC_STATS_BH(net, UDP_MIB_INERRORS, proto == IPPROTO_UDPLITE); 953 kfree_skb(skb); 954 return 0; 955} 956 957static __inline__ int udpv6_rcv(struct sk_buff *skb) 958{ 959 return __udp6_lib_rcv(skb, &udp_table, IPPROTO_UDP); 960} 961 962/* 963 * Throw away all pending data and cancel the corking. Socket is locked. 964 */ 965static void udp_v6_flush_pending_frames(struct sock *sk) 966{ 967 struct udp_sock *up = udp_sk(sk); 968 969 if (up->pending == AF_INET) 970 udp_flush_pending_frames(sk); 971 else if (up->pending) { 972 up->len = 0; 973 up->pending = 0; 974 ip6_flush_pending_frames(sk); 975 } 976} 977 978/** 979 * udp6_hwcsum_outgoing - handle outgoing HW checksumming 980 * @sk: socket we are sending on 981 * @skb: sk_buff containing the filled-in UDP header 982 * (checksum field must be zeroed out) 983 */ 984static void udp6_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb, 985 const struct in6_addr *saddr, 986 const struct in6_addr *daddr, int len) 987{ 988 unsigned int offset; 989 struct udphdr *uh = udp_hdr(skb); 990 struct sk_buff *frags = skb_shinfo(skb)->frag_list; 991 __wsum csum = 0; 992 993 if (!frags) { 994 /* Only one fragment on the socket. */ 995 skb->csum_start = skb_transport_header(skb) - skb->head; 996 skb->csum_offset = offsetof(struct udphdr, check); 997 uh->check = ~csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP, 0); 998 } else { 999 /* 1000 * HW-checksum won't work as there are two or more 1001 * fragments on the socket so that all csums of sk_buffs 1002 * should be together 1003 */ 1004 offset = skb_transport_offset(skb); 1005 skb->csum = skb_checksum(skb, offset, skb->len - offset, 0); 1006 1007 skb->ip_summed = CHECKSUM_NONE; 1008 1009 do { 1010 csum = csum_add(csum, frags->csum); 1011 } while ((frags = frags->next)); 1012 1013 uh->check = csum_ipv6_magic(saddr, daddr, len, IPPROTO_UDP, 1014 csum); 1015 if (uh->check == 0) 1016 uh->check = CSUM_MANGLED_0; 1017 } 1018} 1019 1020/* 1021 * Sending 1022 */ 1023 1024static int udp_v6_send_skb(struct sk_buff *skb, struct flowi6 *fl6) 1025{ 1026 struct sock *sk = skb->sk; 1027 struct udphdr *uh; 1028 int err = 0; 1029 int is_udplite = IS_UDPLITE(sk); 1030 __wsum csum = 0; 1031 int offset = skb_transport_offset(skb); 1032 int len = skb->len - offset; 1033 1034 /* 1035 * Create a UDP header 1036 */ 1037 uh = udp_hdr(skb); 1038 uh->source = fl6->fl6_sport; 1039 uh->dest = fl6->fl6_dport; 1040 uh->len = htons(len); 1041 uh->check = 0; 1042 1043 if (is_udplite) 1044 csum = udplite_csum(skb); 1045 else if (udp_sk(sk)->no_check6_tx) { /* UDP csum disabled */ 1046 skb->ip_summed = CHECKSUM_NONE; 1047 goto send; 1048 } else if (skb->ip_summed == CHECKSUM_PARTIAL) { /* UDP hardware csum */ 1049 udp6_hwcsum_outgoing(sk, skb, &fl6->saddr, &fl6->daddr, len); 1050 goto send; 1051 } else 1052 csum = udp_csum(skb); 1053 1054 /* add protocol-dependent pseudo-header */ 1055 uh->check = csum_ipv6_magic(&fl6->saddr, &fl6->daddr, 1056 len, fl6->flowi6_proto, csum); 1057 if (uh->check == 0) 1058 uh->check = CSUM_MANGLED_0; 1059 1060send: 1061 err = ip6_send_skb(skb); 1062 if (err) { 1063 if (err == -ENOBUFS && !inet6_sk(sk)->recverr) { 1064 UDP6_INC_STATS_USER(sock_net(sk), 1065 UDP_MIB_SNDBUFERRORS, is_udplite); 1066 err = 0; 1067 } 1068 } else 1069 UDP6_INC_STATS_USER(sock_net(sk), 1070 UDP_MIB_OUTDATAGRAMS, is_udplite); 1071 return err; 1072} 1073 1074static int udp_v6_push_pending_frames(struct sock *sk) 1075{ 1076 struct sk_buff *skb; 1077 struct udp_sock *up = udp_sk(sk); 1078 struct flowi6 fl6; 1079 int err = 0; 1080 1081 if (up->pending == AF_INET) 1082 return udp_push_pending_frames(sk); 1083 1084 /* ip6_finish_skb will release the cork, so make a copy of 1085 * fl6 here. 1086 */ 1087 fl6 = inet_sk(sk)->cork.fl.u.ip6; 1088 1089 skb = ip6_finish_skb(sk); 1090 if (!skb) 1091 goto out; 1092 1093 err = udp_v6_send_skb(skb, &fl6); 1094 1095out: 1096 up->len = 0; 1097 up->pending = 0; 1098 return err; 1099} 1100 1101int udpv6_sendmsg(struct sock *sk, struct msghdr *msg, size_t len) 1102{ 1103 struct ipv6_txoptions opt_space; 1104 struct udp_sock *up = udp_sk(sk); 1105 struct inet_sock *inet = inet_sk(sk); 1106 struct ipv6_pinfo *np = inet6_sk(sk); 1107 DECLARE_SOCKADDR(struct sockaddr_in6 *, sin6, msg->msg_name); 1108 struct in6_addr *daddr, *final_p, final; 1109 struct ipv6_txoptions *opt = NULL; 1110 struct ipv6_txoptions *opt_to_free = NULL; 1111 struct ip6_flowlabel *flowlabel = NULL; 1112 struct flowi6 fl6; 1113 struct dst_entry *dst; 1114 int addr_len = msg->msg_namelen; 1115 int ulen = len; 1116 int hlimit = -1; 1117 int tclass = -1; 1118 int dontfrag = -1; 1119 int corkreq = up->corkflag || msg->msg_flags&MSG_MORE; 1120 int err; 1121 int connected = 0; 1122 int is_udplite = IS_UDPLITE(sk); 1123 int (*getfrag)(void *, char *, int, int, int, struct sk_buff *); 1124 1125 /* destination address check */ 1126 if (sin6) { 1127 if (addr_len < offsetof(struct sockaddr, sa_data)) 1128 return -EINVAL; 1129 1130 switch (sin6->sin6_family) { 1131 case AF_INET6: 1132 if (addr_len < SIN6_LEN_RFC2133) 1133 return -EINVAL; 1134 daddr = &sin6->sin6_addr; 1135 break; 1136 case AF_INET: 1137 goto do_udp_sendmsg; 1138 case AF_UNSPEC: 1139 msg->msg_name = sin6 = NULL; 1140 msg->msg_namelen = addr_len = 0; 1141 daddr = NULL; 1142 break; 1143 default: 1144 return -EINVAL; 1145 } 1146 } else if (!up->pending) { 1147 if (sk->sk_state != TCP_ESTABLISHED) 1148 return -EDESTADDRREQ; 1149 daddr = &sk->sk_v6_daddr; 1150 } else 1151 daddr = NULL; 1152 1153 if (daddr) { 1154 if (ipv6_addr_v4mapped(daddr)) { 1155 struct sockaddr_in sin; 1156 sin.sin_family = AF_INET; 1157 sin.sin_port = sin6 ? sin6->sin6_port : inet->inet_dport; 1158 sin.sin_addr.s_addr = daddr->s6_addr32[3]; 1159 msg->msg_name = &sin; 1160 msg->msg_namelen = sizeof(sin); 1161do_udp_sendmsg: 1162 if (__ipv6_only_sock(sk)) 1163 return -ENETUNREACH; 1164 return udp_sendmsg(sk, msg, len); 1165 } 1166 } 1167 1168 if (up->pending == AF_INET) 1169 return udp_sendmsg(sk, msg, len); 1170 1171 /* Rough check on arithmetic overflow, 1172 better check is made in ip6_append_data(). 1173 */ 1174 if (len > INT_MAX - sizeof(struct udphdr)) 1175 return -EMSGSIZE; 1176 1177 getfrag = is_udplite ? udplite_getfrag : ip_generic_getfrag; 1178 if (up->pending) { 1179 /* 1180 * There are pending frames. 1181 * The socket lock must be held while it's corked. 1182 */ 1183 lock_sock(sk); 1184 if (likely(up->pending)) { 1185 if (unlikely(up->pending != AF_INET6)) { 1186 release_sock(sk); 1187 return -EAFNOSUPPORT; 1188 } 1189 dst = NULL; 1190 goto do_append_data; 1191 } 1192 release_sock(sk); 1193 } 1194 ulen += sizeof(struct udphdr); 1195 1196 memset(&fl6, 0, sizeof(fl6)); 1197 1198 if (sin6) { 1199 if (sin6->sin6_port == 0) 1200 return -EINVAL; 1201 1202 fl6.fl6_dport = sin6->sin6_port; 1203 daddr = &sin6->sin6_addr; 1204 1205 if (np->sndflow) { 1206 fl6.flowlabel = sin6->sin6_flowinfo&IPV6_FLOWINFO_MASK; 1207 if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) { 1208 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel); 1209 if (!flowlabel) 1210 return -EINVAL; 1211 } 1212 } 1213 1214 /* 1215 * Otherwise it will be difficult to maintain 1216 * sk->sk_dst_cache. 1217 */ 1218 if (sk->sk_state == TCP_ESTABLISHED && 1219 ipv6_addr_equal(daddr, &sk->sk_v6_daddr)) 1220 daddr = &sk->sk_v6_daddr; 1221 1222 if (addr_len >= sizeof(struct sockaddr_in6) && 1223 sin6->sin6_scope_id && 1224 __ipv6_addr_needs_scope_id(__ipv6_addr_type(daddr))) 1225 fl6.flowi6_oif = sin6->sin6_scope_id; 1226 } else { 1227 if (sk->sk_state != TCP_ESTABLISHED) 1228 return -EDESTADDRREQ; 1229 1230 fl6.fl6_dport = inet->inet_dport; 1231 daddr = &sk->sk_v6_daddr; 1232 fl6.flowlabel = np->flow_label; 1233 connected = 1; 1234 } 1235 1236 if (!fl6.flowi6_oif) 1237 fl6.flowi6_oif = sk->sk_bound_dev_if; 1238 1239 if (!fl6.flowi6_oif) 1240 fl6.flowi6_oif = np->sticky_pktinfo.ipi6_ifindex; 1241 1242 fl6.flowi6_mark = sk->sk_mark; 1243 1244 if (msg->msg_controllen) { 1245 opt = &opt_space; 1246 memset(opt, 0, sizeof(struct ipv6_txoptions)); 1247 opt->tot_len = sizeof(*opt); 1248 1249 err = ip6_datagram_send_ctl(sock_net(sk), sk, msg, &fl6, opt, 1250 &hlimit, &tclass, &dontfrag); 1251 if (err < 0) { 1252 fl6_sock_release(flowlabel); 1253 return err; 1254 } 1255 if ((fl6.flowlabel&IPV6_FLOWLABEL_MASK) && !flowlabel) { 1256 flowlabel = fl6_sock_lookup(sk, fl6.flowlabel); 1257 if (!flowlabel) 1258 return -EINVAL; 1259 } 1260 if (!(opt->opt_nflen|opt->opt_flen)) 1261 opt = NULL; 1262 connected = 0; 1263 } 1264 if (!opt) { 1265 opt = txopt_get(np); 1266 opt_to_free = opt; 1267 } 1268 if (flowlabel) 1269 opt = fl6_merge_options(&opt_space, flowlabel, opt); 1270 opt = ipv6_fixup_options(&opt_space, opt); 1271 1272 fl6.flowi6_proto = sk->sk_protocol; 1273 if (!ipv6_addr_any(daddr)) 1274 fl6.daddr = *daddr; 1275 else 1276 fl6.daddr.s6_addr[15] = 0x1; /* :: means loopback (BSD'ism) */ 1277 if (ipv6_addr_any(&fl6.saddr) && !ipv6_addr_any(&np->saddr)) 1278 fl6.saddr = np->saddr; 1279 fl6.fl6_sport = inet->inet_sport; 1280 1281 final_p = fl6_update_dst(&fl6, opt, &final); 1282 if (final_p) 1283 connected = 0; 1284 1285 if (!fl6.flowi6_oif && ipv6_addr_is_multicast(&fl6.daddr)) { 1286 fl6.flowi6_oif = np->mcast_oif; 1287 connected = 0; 1288 } else if (!fl6.flowi6_oif) 1289 fl6.flowi6_oif = np->ucast_oif; 1290 1291 security_sk_classify_flow(sk, flowi6_to_flowi(&fl6)); 1292 1293 dst = ip6_sk_dst_lookup_flow(sk, &fl6, final_p); 1294 if (IS_ERR(dst)) { 1295 err = PTR_ERR(dst); 1296 dst = NULL; 1297 goto out; 1298 } 1299 1300 if (hlimit < 0) 1301 hlimit = ip6_sk_dst_hoplimit(np, &fl6, dst); 1302 1303 if (tclass < 0) 1304 tclass = np->tclass; 1305 1306 if (msg->msg_flags&MSG_CONFIRM) 1307 goto do_confirm; 1308back_from_confirm: 1309 1310 /* Lockless fast path for the non-corking case */ 1311 if (!corkreq) { 1312 struct sk_buff *skb; 1313 1314 skb = ip6_make_skb(sk, getfrag, msg, ulen, 1315 sizeof(struct udphdr), hlimit, tclass, opt, 1316 &fl6, (struct rt6_info *)dst, 1317 msg->msg_flags, dontfrag); 1318 err = PTR_ERR(skb); 1319 if (!IS_ERR_OR_NULL(skb)) 1320 err = udp_v6_send_skb(skb, &fl6); 1321 goto release_dst; 1322 } 1323 1324 lock_sock(sk); 1325 if (unlikely(up->pending)) { 1326 /* The socket is already corked while preparing it. */ 1327 /* ... which is an evident application bug. --ANK */ 1328 release_sock(sk); 1329 1330 net_dbg_ratelimited("udp cork app bug 2\n"); 1331 err = -EINVAL; 1332 goto out; 1333 } 1334 1335 up->pending = AF_INET6; 1336 1337do_append_data: 1338 if (dontfrag < 0) 1339 dontfrag = np->dontfrag; 1340 up->len += ulen; 1341 err = ip6_append_data(sk, getfrag, msg, ulen, 1342 sizeof(struct udphdr), hlimit, tclass, opt, &fl6, 1343 (struct rt6_info *)dst, 1344 corkreq ? msg->msg_flags|MSG_MORE : msg->msg_flags, dontfrag); 1345 if (err) 1346 udp_v6_flush_pending_frames(sk); 1347 else if (!corkreq) 1348 err = udp_v6_push_pending_frames(sk); 1349 else if (unlikely(skb_queue_empty(&sk->sk_write_queue))) 1350 up->pending = 0; 1351 1352 if (err > 0) 1353 err = np->recverr ? net_xmit_errno(err) : 0; 1354 release_sock(sk); 1355 1356release_dst: 1357 if (dst) { 1358 if (connected) { 1359 ip6_dst_store(sk, dst, 1360 ipv6_addr_equal(&fl6.daddr, &sk->sk_v6_daddr) ? 1361 &sk->sk_v6_daddr : NULL, 1362#ifdef CONFIG_IPV6_SUBTREES 1363 ipv6_addr_equal(&fl6.saddr, &np->saddr) ? 1364 &np->saddr : 1365#endif 1366 NULL); 1367 } else { 1368 dst_release(dst); 1369 } 1370 dst = NULL; 1371 } 1372 1373out: 1374 dst_release(dst); 1375 fl6_sock_release(flowlabel); 1376 txopt_put(opt_to_free); 1377 if (!err) 1378 return len; 1379 /* 1380 * ENOBUFS = no kernel mem, SOCK_NOSPACE = no sndbuf space. Reporting 1381 * ENOBUFS might not be good (it's not tunable per se), but otherwise 1382 * we don't have a good statistic (IpOutDiscards but it can be too many 1383 * things). We could add another new stat but at least for now that 1384 * seems like overkill. 1385 */ 1386 if (err == -ENOBUFS || test_bit(SOCK_NOSPACE, &sk->sk_socket->flags)) { 1387 UDP6_INC_STATS_USER(sock_net(sk), 1388 UDP_MIB_SNDBUFERRORS, is_udplite); 1389 } 1390 return err; 1391 1392do_confirm: 1393 dst_confirm(dst); 1394 if (!(msg->msg_flags&MSG_PROBE) || len) 1395 goto back_from_confirm; 1396 err = 0; 1397 goto out; 1398} 1399 1400void udpv6_destroy_sock(struct sock *sk) 1401{ 1402 struct udp_sock *up = udp_sk(sk); 1403 lock_sock(sk); 1404 udp_v6_flush_pending_frames(sk); 1405 release_sock(sk); 1406 1407 if (static_key_false(&udpv6_encap_needed) && up->encap_type) { 1408 void (*encap_destroy)(struct sock *sk); 1409 encap_destroy = ACCESS_ONCE(up->encap_destroy); 1410 if (encap_destroy) 1411 encap_destroy(sk); 1412 } 1413 1414 inet6_destroy_sock(sk); 1415} 1416 1417/* 1418 * Socket option code for UDP 1419 */ 1420int udpv6_setsockopt(struct sock *sk, int level, int optname, 1421 char __user *optval, unsigned int optlen) 1422{ 1423 if (level == SOL_UDP || level == SOL_UDPLITE) 1424 return udp_lib_setsockopt(sk, level, optname, optval, optlen, 1425 udp_v6_push_pending_frames); 1426 return ipv6_setsockopt(sk, level, optname, optval, optlen); 1427} 1428 1429#ifdef CONFIG_COMPAT 1430int compat_udpv6_setsockopt(struct sock *sk, int level, int optname, 1431 char __user *optval, unsigned int optlen) 1432{ 1433 if (level == SOL_UDP || level == SOL_UDPLITE) 1434 return udp_lib_setsockopt(sk, level, optname, optval, optlen, 1435 udp_v6_push_pending_frames); 1436 return compat_ipv6_setsockopt(sk, level, optname, optval, optlen); 1437} 1438#endif 1439 1440int udpv6_getsockopt(struct sock *sk, int level, int optname, 1441 char __user *optval, int __user *optlen) 1442{ 1443 if (level == SOL_UDP || level == SOL_UDPLITE) 1444 return udp_lib_getsockopt(sk, level, optname, optval, optlen); 1445 return ipv6_getsockopt(sk, level, optname, optval, optlen); 1446} 1447 1448#ifdef CONFIG_COMPAT 1449int compat_udpv6_getsockopt(struct sock *sk, int level, int optname, 1450 char __user *optval, int __user *optlen) 1451{ 1452 if (level == SOL_UDP || level == SOL_UDPLITE) 1453 return udp_lib_getsockopt(sk, level, optname, optval, optlen); 1454 return compat_ipv6_getsockopt(sk, level, optname, optval, optlen); 1455} 1456#endif 1457 1458static const struct inet6_protocol udpv6_protocol = { 1459 .handler = udpv6_rcv, 1460 .err_handler = udpv6_err, 1461 .flags = INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL, 1462}; 1463 1464/* ------------------------------------------------------------------------ */ 1465#ifdef CONFIG_PROC_FS 1466int udp6_seq_show(struct seq_file *seq, void *v) 1467{ 1468 if (v == SEQ_START_TOKEN) { 1469 seq_puts(seq, IPV6_SEQ_DGRAM_HEADER); 1470 } else { 1471 int bucket = ((struct udp_iter_state *)seq->private)->bucket; 1472 struct inet_sock *inet = inet_sk(v); 1473 __u16 srcp = ntohs(inet->inet_sport); 1474 __u16 destp = ntohs(inet->inet_dport); 1475 ip6_dgram_sock_seq_show(seq, v, srcp, destp, bucket); 1476 } 1477 return 0; 1478} 1479 1480static const struct file_operations udp6_afinfo_seq_fops = { 1481 .owner = THIS_MODULE, 1482 .open = udp_seq_open, 1483 .read = seq_read, 1484 .llseek = seq_lseek, 1485 .release = seq_release_net 1486}; 1487 1488static struct udp_seq_afinfo udp6_seq_afinfo = { 1489 .name = "udp6", 1490 .family = AF_INET6, 1491 .udp_table = &udp_table, 1492 .seq_fops = &udp6_afinfo_seq_fops, 1493 .seq_ops = { 1494 .show = udp6_seq_show, 1495 }, 1496}; 1497 1498int __net_init udp6_proc_init(struct net *net) 1499{ 1500 return udp_proc_register(net, &udp6_seq_afinfo); 1501} 1502 1503void udp6_proc_exit(struct net *net) { 1504 udp_proc_unregister(net, &udp6_seq_afinfo); 1505} 1506#endif /* CONFIG_PROC_FS */ 1507 1508void udp_v6_clear_sk(struct sock *sk, int size) 1509{ 1510 struct inet_sock *inet = inet_sk(sk); 1511 1512 /* we do not want to clear pinet6 field, because of RCU lookups */ 1513 sk_prot_clear_portaddr_nulls(sk, offsetof(struct inet_sock, pinet6)); 1514 1515 size -= offsetof(struct inet_sock, pinet6) + sizeof(inet->pinet6); 1516 memset(&inet->pinet6 + 1, 0, size); 1517} 1518 1519/* ------------------------------------------------------------------------ */ 1520 1521struct proto udpv6_prot = { 1522 .name = "UDPv6", 1523 .owner = THIS_MODULE, 1524 .close = udp_lib_close, 1525 .connect = ip6_datagram_connect, 1526 .disconnect = udp_disconnect, 1527 .ioctl = udp_ioctl, 1528 .destroy = udpv6_destroy_sock, 1529 .setsockopt = udpv6_setsockopt, 1530 .getsockopt = udpv6_getsockopt, 1531 .sendmsg = udpv6_sendmsg, 1532 .recvmsg = udpv6_recvmsg, 1533 .backlog_rcv = __udpv6_queue_rcv_skb, 1534 .hash = udp_lib_hash, 1535 .unhash = udp_lib_unhash, 1536 .rehash = udp_v6_rehash, 1537 .get_port = udp_v6_get_port, 1538 .memory_allocated = &udp_memory_allocated, 1539 .sysctl_mem = sysctl_udp_mem, 1540 .sysctl_wmem = &sysctl_udp_wmem_min, 1541 .sysctl_rmem = &sysctl_udp_rmem_min, 1542 .obj_size = sizeof(struct udp6_sock), 1543 .slab_flags = SLAB_DESTROY_BY_RCU, 1544 .h.udp_table = &udp_table, 1545#ifdef CONFIG_COMPAT 1546 .compat_setsockopt = compat_udpv6_setsockopt, 1547 .compat_getsockopt = compat_udpv6_getsockopt, 1548#endif 1549 .clear_sk = udp_v6_clear_sk, 1550}; 1551 1552static struct inet_protosw udpv6_protosw = { 1553 .type = SOCK_DGRAM, 1554 .protocol = IPPROTO_UDP, 1555 .prot = &udpv6_prot, 1556 .ops = &inet6_dgram_ops, 1557 .flags = INET_PROTOSW_PERMANENT, 1558}; 1559 1560int __init udpv6_init(void) 1561{ 1562 int ret; 1563 1564 ret = inet6_add_protocol(&udpv6_protocol, IPPROTO_UDP); 1565 if (ret) 1566 goto out; 1567 1568 ret = inet6_register_protosw(&udpv6_protosw); 1569 if (ret) 1570 goto out_udpv6_protocol; 1571out: 1572 return ret; 1573 1574out_udpv6_protocol: 1575 inet6_del_protocol(&udpv6_protocol, IPPROTO_UDP); 1576 goto out; 1577} 1578 1579void udpv6_exit(void) 1580{ 1581 inet6_unregister_protosw(&udpv6_protosw); 1582 inet6_del_protocol(&udpv6_protocol, IPPROTO_UDP); 1583} 1584