2 * IPv6 output functions
3 * Linux INET6 implementation
6 * Pedro Roque <roque@di.fc.ul.pt>
8 * Based on linux/net/ipv4/ip_output.c
10 * This program is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU General Public License
12 * as published by the Free Software Foundation; either version
13 * 2 of the License, or (at your option) any later version.
16 * A.N.Kuznetsov : airthmetics in fragmentation.
17 * extension headers are implemented.
18 * route changes now work.
19 * ip6_forward does not confuse sniffers.
22 * H. von Brand : Added missing #include <linux/string.h>
23 * Imran Patel : frag id should be in NBO
24 * Kazunori MIYAZAWA @USAGI
25 * : add ip6_append_data and related functions
29 #include <linux/errno.h>
30 #include <linux/kernel.h>
31 #include <linux/string.h>
32 #include <linux/socket.h>
33 #include <linux/net.h>
34 #include <linux/netdevice.h>
35 #include <linux/if_arp.h>
36 #include <linux/in6.h>
37 #include <linux/tcp.h>
38 #include <linux/route.h>
39 #include <linux/module.h>
40 #include <linux/slab.h>
42 #include <linux/netfilter.h>
43 #include <linux/netfilter_ipv6.h>
49 #include <net/ndisc.h>
50 #include <net/protocol.h>
51 #include <net/ip6_route.h>
52 #include <net/addrconf.h>
53 #include <net/rawv6.h>
56 #include <net/checksum.h>
57 #include <linux/mroute6.h>
58 #include <net/l3mdev.h>
59 #include <net/lwtunnel.h>
61 static int ip6_finish_output2(struct net *net, struct sock *sk, struct sk_buff *skb)
63 struct dst_entry *dst = skb_dst(skb);
64 struct net_device *dev = dst->dev;
65 struct neighbour *neigh;
66 struct in6_addr *nexthop;
69 skb->protocol = htons(ETH_P_IPV6);
72 if (ipv6_addr_is_multicast(&ipv6_hdr(skb)->daddr)) {
73 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
75 if (!(dev->flags & IFF_LOOPBACK) && sk_mc_loop(sk) &&
76 ((mroute6_socket(net, skb) &&
77 !(IP6CB(skb)->flags & IP6SKB_FORWARDED)) ||
78 ipv6_chk_mcast_addr(dev, &ipv6_hdr(skb)->daddr,
79 &ipv6_hdr(skb)->saddr))) {
80 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
82 /* Do not check for IFF_ALLMULTI; multicast routing
83 is not supported in any case.
86 NF_HOOK(NFPROTO_IPV6, NF_INET_POST_ROUTING,
87 net, sk, newskb, NULL, newskb->dev,
90 if (ipv6_hdr(skb)->hop_limit == 0) {
91 IP6_INC_STATS(net, idev,
92 IPSTATS_MIB_OUTDISCARDS);
98 IP6_UPD_PO_STATS(net, idev, IPSTATS_MIB_OUTMCAST, skb->len);
100 if (IPV6_ADDR_MC_SCOPE(&ipv6_hdr(skb)->daddr) <=
101 IPV6_ADDR_SCOPE_NODELOCAL &&
102 !(dev->flags & IFF_LOOPBACK)) {
108 if (lwtunnel_xmit_redirect(dst->lwtstate)) {
109 int res = lwtunnel_xmit(skb);
111 if (res < 0 || res == LWTUNNEL_XMIT_DONE)
116 nexthop = rt6_nexthop((struct rt6_info *)dst, &ipv6_hdr(skb)->daddr);
117 neigh = __ipv6_neigh_lookup_noref(dst->dev, nexthop);
118 if (unlikely(!neigh))
119 neigh = __neigh_create(&nd_tbl, nexthop, dst->dev, false);
120 if (!IS_ERR(neigh)) {
121 ret = dst_neigh_output(dst, neigh, skb);
122 rcu_read_unlock_bh();
125 rcu_read_unlock_bh();
127 IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTNOROUTES);
132 static int ip6_finish_output(struct net *net, struct sock *sk, struct sk_buff *skb)
134 if ((skb->len > ip6_skb_dst_mtu(skb) && !skb_is_gso(skb)) ||
135 dst_allfrag(skb_dst(skb)) ||
136 (IP6CB(skb)->frag_max_size && skb->len > IP6CB(skb)->frag_max_size))
137 return ip6_fragment(net, sk, skb, ip6_finish_output2);
139 return ip6_finish_output2(net, sk, skb);
142 int ip6_output(struct net *net, struct sock *sk, struct sk_buff *skb)
144 struct net_device *dev = skb_dst(skb)->dev;
145 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
147 if (unlikely(idev->cnf.disable_ipv6)) {
148 IP6_INC_STATS(net, idev, IPSTATS_MIB_OUTDISCARDS);
153 return NF_HOOK_COND(NFPROTO_IPV6, NF_INET_POST_ROUTING,
154 net, sk, skb, NULL, dev,
156 !(IP6CB(skb)->flags & IP6SKB_REROUTED));
159 bool ip6_autoflowlabel(struct net *net, const struct ipv6_pinfo *np)
161 if (!np->autoflowlabel_set)
162 return ip6_default_np_autolabel(net);
164 return np->autoflowlabel;
168 * xmit an sk_buff (used by TCP, SCTP and DCCP)
169 * Note : socket lock is not held for SYNACK packets, but might be modified
170 * by calls to skb_set_owner_w() and ipv6_local_error(),
171 * which are using proper atomic operations or spinlocks.
173 int ip6_xmit(const struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6,
174 __u32 mark, struct ipv6_txoptions *opt, int tclass)
176 struct net *net = sock_net(sk);
177 const struct ipv6_pinfo *np = inet6_sk(sk);
178 struct in6_addr *first_hop = &fl6->daddr;
179 struct dst_entry *dst = skb_dst(skb);
180 unsigned int head_room;
182 u8 proto = fl6->flowi6_proto;
183 int seg_len = skb->len;
187 head_room = sizeof(struct ipv6hdr) + LL_RESERVED_SPACE(dst->dev);
189 head_room += opt->opt_nflen + opt->opt_flen;
191 if (unlikely(skb_headroom(skb) < head_room)) {
192 struct sk_buff *skb2 = skb_realloc_headroom(skb, head_room);
194 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
195 IPSTATS_MIB_OUTDISCARDS);
200 skb_set_owner_w(skb2, skb->sk);
206 seg_len += opt->opt_nflen + opt->opt_flen;
209 ipv6_push_frag_opts(skb, opt, &proto);
212 ipv6_push_nfrag_opts(skb, opt, &proto, &first_hop);
215 skb_push(skb, sizeof(struct ipv6hdr));
216 skb_reset_network_header(skb);
220 * Fill in the IPv6 header
223 hlimit = np->hop_limit;
225 hlimit = ip6_dst_hoplimit(dst);
227 ip6_flow_hdr(hdr, tclass, ip6_make_flowlabel(net, skb, fl6->flowlabel,
228 ip6_autoflowlabel(net, np), fl6));
230 hdr->payload_len = htons(seg_len);
231 hdr->nexthdr = proto;
232 hdr->hop_limit = hlimit;
234 hdr->saddr = fl6->saddr;
235 hdr->daddr = *first_hop;
237 skb->protocol = htons(ETH_P_IPV6);
238 skb->priority = sk->sk_priority;
242 if ((skb->len <= mtu) || skb->ignore_df || skb_is_gso(skb)) {
243 IP6_UPD_PO_STATS(net, ip6_dst_idev(skb_dst(skb)),
244 IPSTATS_MIB_OUT, skb->len);
246 /* if egress device is enslaved to an L3 master device pass the
247 * skb to its handler for processing
249 skb = l3mdev_ip6_out((struct sock *)sk, skb);
253 /* hooks should never assume socket lock is held.
254 * we promote our socket to non const
256 return NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT,
257 net, (struct sock *)sk, skb, NULL, dst->dev,
262 /* ipv6_local_error() does not require socket lock,
263 * we promote our socket to non const
265 ipv6_local_error((struct sock *)sk, EMSGSIZE, fl6, mtu);
267 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)), IPSTATS_MIB_FRAGFAILS);
271 EXPORT_SYMBOL(ip6_xmit);
273 static int ip6_call_ra_chain(struct sk_buff *skb, int sel)
275 struct ip6_ra_chain *ra;
276 struct sock *last = NULL;
278 read_lock(&ip6_ra_lock);
279 for (ra = ip6_ra_chain; ra; ra = ra->next) {
280 struct sock *sk = ra->sk;
281 if (sk && ra->sel == sel &&
282 (!sk->sk_bound_dev_if ||
283 sk->sk_bound_dev_if == skb->dev->ifindex)) {
285 struct sk_buff *skb2 = skb_clone(skb, GFP_ATOMIC);
287 rawv6_rcv(last, skb2);
294 rawv6_rcv(last, skb);
295 read_unlock(&ip6_ra_lock);
298 read_unlock(&ip6_ra_lock);
302 static int ip6_forward_proxy_check(struct sk_buff *skb)
304 struct ipv6hdr *hdr = ipv6_hdr(skb);
305 u8 nexthdr = hdr->nexthdr;
309 if (ipv6_ext_hdr(nexthdr)) {
310 offset = ipv6_skip_exthdr(skb, sizeof(*hdr), &nexthdr, &frag_off);
314 offset = sizeof(struct ipv6hdr);
316 if (nexthdr == IPPROTO_ICMPV6) {
317 struct icmp6hdr *icmp6;
319 if (!pskb_may_pull(skb, (skb_network_header(skb) +
320 offset + 1 - skb->data)))
323 icmp6 = (struct icmp6hdr *)(skb_network_header(skb) + offset);
325 switch (icmp6->icmp6_type) {
326 case NDISC_ROUTER_SOLICITATION:
327 case NDISC_ROUTER_ADVERTISEMENT:
328 case NDISC_NEIGHBOUR_SOLICITATION:
329 case NDISC_NEIGHBOUR_ADVERTISEMENT:
331 /* For reaction involving unicast neighbor discovery
332 * message destined to the proxied address, pass it to
342 * The proxying router can't forward traffic sent to a link-local
343 * address, so signal the sender and discard the packet. This
344 * behavior is clarified by the MIPv6 specification.
346 if (ipv6_addr_type(&hdr->daddr) & IPV6_ADDR_LINKLOCAL) {
347 dst_link_failure(skb);
354 static inline int ip6_forward_finish(struct net *net, struct sock *sk,
357 struct dst_entry *dst = skb_dst(skb);
359 __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTFORWDATAGRAMS);
360 __IP6_ADD_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_OUTOCTETS, skb->len);
362 return dst_output(net, sk, skb);
365 static unsigned int ip6_dst_mtu_forward(const struct dst_entry *dst)
368 struct inet6_dev *idev;
370 if (dst_metric_locked(dst, RTAX_MTU)) {
371 mtu = dst_metric_raw(dst, RTAX_MTU);
378 idev = __in6_dev_get(dst->dev);
380 mtu = idev->cnf.mtu6;
386 static bool ip6_pkt_too_big(const struct sk_buff *skb, unsigned int mtu)
391 /* ipv6 conntrack defrag sets max_frag_size + ignore_df */
392 if (IP6CB(skb)->frag_max_size && IP6CB(skb)->frag_max_size > mtu)
398 if (skb_is_gso(skb) && skb_gso_validate_mtu(skb, mtu))
404 int ip6_forward(struct sk_buff *skb)
406 struct dst_entry *dst = skb_dst(skb);
407 struct ipv6hdr *hdr = ipv6_hdr(skb);
408 struct inet6_skb_parm *opt = IP6CB(skb);
409 struct net *net = dev_net(dst->dev);
412 if (net->ipv6.devconf_all->forwarding == 0)
415 if (skb->pkt_type != PACKET_HOST)
418 if (unlikely(skb->sk))
421 if (skb_warn_if_lro(skb))
424 if (!xfrm6_policy_check(NULL, XFRM_POLICY_FWD, skb)) {
425 __IP6_INC_STATS(net, ip6_dst_idev(dst),
426 IPSTATS_MIB_INDISCARDS);
430 skb_forward_csum(skb);
433 * We DO NOT make any processing on
434 * RA packets, pushing them to user level AS IS
435 * without ane WARRANTY that application will be able
436 * to interpret them. The reason is that we
437 * cannot make anything clever here.
439 * We are not end-node, so that if packet contains
440 * AH/ESP, we cannot make anything.
441 * Defragmentation also would be mistake, RA packets
442 * cannot be fragmented, because there is no warranty
443 * that different fragments will go along one path. --ANK
445 if (unlikely(opt->flags & IP6SKB_ROUTERALERT)) {
446 if (ip6_call_ra_chain(skb, ntohs(opt->ra)))
451 * check and decrement ttl
453 if (hdr->hop_limit <= 1) {
454 /* Force OUTPUT device used as source address */
456 icmpv6_send(skb, ICMPV6_TIME_EXCEED, ICMPV6_EXC_HOPLIMIT, 0);
457 __IP6_INC_STATS(net, ip6_dst_idev(dst),
458 IPSTATS_MIB_INHDRERRORS);
464 /* XXX: idev->cnf.proxy_ndp? */
465 if (net->ipv6.devconf_all->proxy_ndp &&
466 pneigh_lookup(&nd_tbl, net, &hdr->daddr, skb->dev, 0)) {
467 int proxied = ip6_forward_proxy_check(skb);
469 return ip6_input(skb);
470 else if (proxied < 0) {
471 __IP6_INC_STATS(net, ip6_dst_idev(dst),
472 IPSTATS_MIB_INDISCARDS);
477 if (!xfrm6_route_forward(skb)) {
478 __IP6_INC_STATS(net, ip6_dst_idev(dst),
479 IPSTATS_MIB_INDISCARDS);
484 /* IPv6 specs say nothing about it, but it is clear that we cannot
485 send redirects to source routed frames.
486 We don't send redirects to frames decapsulated from IPsec.
488 if (IP6CB(skb)->iif == dst->dev->ifindex &&
489 opt->srcrt == 0 && !skb_sec_path(skb)) {
490 struct in6_addr *target = NULL;
491 struct inet_peer *peer;
495 * incoming and outgoing devices are the same
499 rt = (struct rt6_info *) dst;
500 if (rt->rt6i_flags & RTF_GATEWAY)
501 target = &rt->rt6i_gateway;
503 target = &hdr->daddr;
505 peer = inet_getpeer_v6(net->ipv6.peers, &hdr->daddr, 1);
507 /* Limit redirects both by destination (here)
508 and by source (inside ndisc_send_redirect)
510 if (inet_peer_xrlim_allow(peer, 1*HZ))
511 ndisc_send_redirect(skb, target);
515 int addrtype = ipv6_addr_type(&hdr->saddr);
517 /* This check is security critical. */
518 if (addrtype == IPV6_ADDR_ANY ||
519 addrtype & (IPV6_ADDR_MULTICAST | IPV6_ADDR_LOOPBACK))
521 if (addrtype & IPV6_ADDR_LINKLOCAL) {
522 icmpv6_send(skb, ICMPV6_DEST_UNREACH,
523 ICMPV6_NOT_NEIGHBOUR, 0);
528 mtu = ip6_dst_mtu_forward(dst);
529 if (mtu < IPV6_MIN_MTU)
532 if (ip6_pkt_too_big(skb, mtu)) {
533 /* Again, force OUTPUT device used as source address */
535 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
536 __IP6_INC_STATS(net, ip6_dst_idev(dst),
537 IPSTATS_MIB_INTOOBIGERRORS);
538 __IP6_INC_STATS(net, ip6_dst_idev(dst),
539 IPSTATS_MIB_FRAGFAILS);
544 if (skb_cow(skb, dst->dev->hard_header_len)) {
545 __IP6_INC_STATS(net, ip6_dst_idev(dst),
546 IPSTATS_MIB_OUTDISCARDS);
552 /* Mangling hops number delayed to point after skb COW */
556 return NF_HOOK(NFPROTO_IPV6, NF_INET_FORWARD,
557 net, NULL, skb, skb->dev, dst->dev,
561 __IP6_INC_STATS(net, ip6_dst_idev(dst), IPSTATS_MIB_INADDRERRORS);
567 static void ip6_copy_metadata(struct sk_buff *to, struct sk_buff *from)
569 to->pkt_type = from->pkt_type;
570 to->priority = from->priority;
571 to->protocol = from->protocol;
573 skb_dst_set(to, dst_clone(skb_dst(from)));
575 to->mark = from->mark;
577 skb_copy_hash(to, from);
579 #ifdef CONFIG_NET_SCHED
580 to->tc_index = from->tc_index;
583 skb_copy_secmark(to, from);
586 int ip6_fragment(struct net *net, struct sock *sk, struct sk_buff *skb,
587 int (*output)(struct net *, struct sock *, struct sk_buff *))
589 struct sk_buff *frag;
590 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
591 struct ipv6_pinfo *np = skb->sk && !dev_recursion_level() ?
592 inet6_sk(skb->sk) : NULL;
593 struct ipv6hdr *tmp_hdr;
595 unsigned int mtu, hlen, left, len, nexthdr_offset;
598 int ptr, offset = 0, err = 0;
599 u8 *prevhdr, nexthdr = 0;
601 err = ip6_find_1stfragopt(skb, &prevhdr);
606 nexthdr_offset = prevhdr - skb_network_header(skb);
608 mtu = ip6_skb_dst_mtu(skb);
610 /* We must not fragment if the socket is set to force MTU discovery
611 * or if the skb it not generated by a local socket.
613 if (unlikely(!skb->ignore_df && skb->len > mtu))
616 if (IP6CB(skb)->frag_max_size) {
617 if (IP6CB(skb)->frag_max_size > mtu)
620 /* don't send fragments larger than what we received */
621 mtu = IP6CB(skb)->frag_max_size;
622 if (mtu < IPV6_MIN_MTU)
626 if (np && np->frag_size < mtu) {
630 if (mtu < hlen + sizeof(struct frag_hdr) + 8)
632 mtu -= hlen + sizeof(struct frag_hdr);
634 frag_id = ipv6_select_ident(net, &ipv6_hdr(skb)->daddr,
635 &ipv6_hdr(skb)->saddr);
637 if (skb->ip_summed == CHECKSUM_PARTIAL &&
638 (err = skb_checksum_help(skb)))
641 prevhdr = skb_network_header(skb) + nexthdr_offset;
642 hroom = LL_RESERVED_SPACE(rt->dst.dev);
643 if (skb_has_frag_list(skb)) {
644 int first_len = skb_pagelen(skb);
645 struct sk_buff *frag2;
647 if (first_len - hlen > mtu ||
648 ((first_len - hlen) & 7) ||
650 skb_headroom(skb) < (hroom + sizeof(struct frag_hdr)))
653 skb_walk_frags(skb, frag) {
654 /* Correct geometry. */
655 if (frag->len > mtu ||
656 ((frag->len & 7) && frag->next) ||
657 skb_headroom(frag) < (hlen + hroom + sizeof(struct frag_hdr)))
658 goto slow_path_clean;
660 /* Partially cloned skb? */
661 if (skb_shared(frag))
662 goto slow_path_clean;
667 frag->destructor = sock_wfree;
669 skb->truesize -= frag->truesize;
676 *prevhdr = NEXTHDR_FRAGMENT;
677 tmp_hdr = kmemdup(skb_network_header(skb), hlen, GFP_ATOMIC);
682 frag = skb_shinfo(skb)->frag_list;
683 skb_frag_list_init(skb);
685 __skb_pull(skb, hlen);
686 fh = (struct frag_hdr *)__skb_push(skb, sizeof(struct frag_hdr));
687 __skb_push(skb, hlen);
688 skb_reset_network_header(skb);
689 memcpy(skb_network_header(skb), tmp_hdr, hlen);
691 fh->nexthdr = nexthdr;
693 fh->frag_off = htons(IP6_MF);
694 fh->identification = frag_id;
696 first_len = skb_pagelen(skb);
697 skb->data_len = first_len - skb_headlen(skb);
698 skb->len = first_len;
699 ipv6_hdr(skb)->payload_len = htons(first_len -
700 sizeof(struct ipv6hdr));
705 /* Prepare header of the next frame,
706 * before previous one went down. */
708 frag->ip_summed = CHECKSUM_NONE;
709 skb_reset_transport_header(frag);
710 fh = (struct frag_hdr *)__skb_push(frag, sizeof(struct frag_hdr));
711 __skb_push(frag, hlen);
712 skb_reset_network_header(frag);
713 memcpy(skb_network_header(frag), tmp_hdr,
715 offset += skb->len - hlen - sizeof(struct frag_hdr);
716 fh->nexthdr = nexthdr;
718 fh->frag_off = htons(offset);
720 fh->frag_off |= htons(IP6_MF);
721 fh->identification = frag_id;
722 ipv6_hdr(frag)->payload_len =
724 sizeof(struct ipv6hdr));
725 ip6_copy_metadata(frag, skb);
728 err = output(net, sk, skb);
730 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
731 IPSTATS_MIB_FRAGCREATES);
744 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
745 IPSTATS_MIB_FRAGOKS);
750 kfree_skb_list(frag);
752 IP6_INC_STATS(net, ip6_dst_idev(&rt->dst),
753 IPSTATS_MIB_FRAGFAILS);
758 skb_walk_frags(skb, frag2) {
762 frag2->destructor = NULL;
763 skb->truesize += frag2->truesize;
768 left = skb->len - hlen; /* Space per frame */
769 ptr = hlen; /* Where to start from */
772 * Fragment the datagram.
775 troom = rt->dst.dev->needed_tailroom;
778 * Keep copying data until we run out.
781 u8 *fragnexthdr_offset;
784 /* IF: it doesn't fit, use 'mtu' - the data space left */
787 /* IF: we are not sending up to and including the packet end
788 then align the next start on an eight byte boundary */
793 /* Allocate buffer */
794 frag = alloc_skb(len + hlen + sizeof(struct frag_hdr) +
795 hroom + troom, GFP_ATOMIC);
802 * Set up data on packet
805 ip6_copy_metadata(frag, skb);
806 skb_reserve(frag, hroom);
807 skb_put(frag, len + hlen + sizeof(struct frag_hdr));
808 skb_reset_network_header(frag);
809 fh = (struct frag_hdr *)(skb_network_header(frag) + hlen);
810 frag->transport_header = (frag->network_header + hlen +
811 sizeof(struct frag_hdr));
814 * Charge the memory for the fragment to any owner
818 skb_set_owner_w(frag, skb->sk);
821 * Copy the packet header into the new buffer.
823 skb_copy_from_linear_data(skb, skb_network_header(frag), hlen);
825 fragnexthdr_offset = skb_network_header(frag);
826 fragnexthdr_offset += prevhdr - skb_network_header(skb);
827 *fragnexthdr_offset = NEXTHDR_FRAGMENT;
830 * Build fragment header.
832 fh->nexthdr = nexthdr;
834 fh->identification = frag_id;
837 * Copy a block of the IP datagram.
839 BUG_ON(skb_copy_bits(skb, ptr, skb_transport_header(frag),
843 fh->frag_off = htons(offset);
845 fh->frag_off |= htons(IP6_MF);
846 ipv6_hdr(frag)->payload_len = htons(frag->len -
847 sizeof(struct ipv6hdr));
853 * Put this fragment into the sending queue.
855 err = output(net, sk, frag);
859 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
860 IPSTATS_MIB_FRAGCREATES);
862 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
863 IPSTATS_MIB_FRAGOKS);
868 if (skb->sk && dst_allfrag(skb_dst(skb)))
869 sk_nocaps_add(skb->sk, NETIF_F_GSO_MASK);
871 skb->dev = skb_dst(skb)->dev;
872 icmpv6_send(skb, ICMPV6_PKT_TOOBIG, 0, mtu);
876 IP6_INC_STATS(net, ip6_dst_idev(skb_dst(skb)),
877 IPSTATS_MIB_FRAGFAILS);
882 static inline int ip6_rt_check(const struct rt6key *rt_key,
883 const struct in6_addr *fl_addr,
884 const struct in6_addr *addr_cache)
886 return (rt_key->plen != 128 || !ipv6_addr_equal(fl_addr, &rt_key->addr)) &&
887 (!addr_cache || !ipv6_addr_equal(fl_addr, addr_cache));
890 static struct dst_entry *ip6_sk_dst_check(struct sock *sk,
891 struct dst_entry *dst,
892 const struct flowi6 *fl6)
894 struct ipv6_pinfo *np = inet6_sk(sk);
900 if (dst->ops->family != AF_INET6) {
905 rt = (struct rt6_info *)dst;
906 /* Yes, checking route validity in not connected
907 * case is not very simple. Take into account,
908 * that we do not support routing by source, TOS,
909 * and MSG_DONTROUTE --ANK (980726)
911 * 1. ip6_rt_check(): If route was host route,
912 * check that cached destination is current.
913 * If it is network route, we still may
914 * check its validity using saved pointer
915 * to the last used address: daddr_cache.
916 * We do not want to save whole address now,
917 * (because main consumer of this service
918 * is tcp, which has not this problem),
919 * so that the last trick works only on connected
921 * 2. oif also should be the same.
923 if (ip6_rt_check(&rt->rt6i_dst, &fl6->daddr, np->daddr_cache) ||
924 #ifdef CONFIG_IPV6_SUBTREES
925 ip6_rt_check(&rt->rt6i_src, &fl6->saddr, np->saddr_cache) ||
927 (!(fl6->flowi6_flags & FLOWI_FLAG_SKIP_NH_OIF) &&
928 (fl6->flowi6_oif && fl6->flowi6_oif != dst->dev->ifindex))) {
937 static int ip6_dst_lookup_tail(struct net *net, const struct sock *sk,
938 struct dst_entry **dst, struct flowi6 *fl6)
940 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
947 /* The correct way to handle this would be to do
948 * ip6_route_get_saddr, and then ip6_route_output; however,
949 * the route-specific preferred source forces the
950 * ip6_route_output call _before_ ip6_route_get_saddr.
952 * In source specific routing (no src=any default route),
953 * ip6_route_output will fail given src=any saddr, though, so
954 * that's why we try it again later.
956 if (ipv6_addr_any(&fl6->saddr) && (!*dst || !(*dst)->error)) {
958 bool had_dst = *dst != NULL;
961 *dst = ip6_route_output(net, sk, fl6);
962 rt = (*dst)->error ? NULL : (struct rt6_info *)*dst;
963 err = ip6_route_get_saddr(net, rt, &fl6->daddr,
964 sk ? inet6_sk(sk)->srcprefs : 0,
967 goto out_err_release;
969 /* If we had an erroneous initial result, pretend it
970 * never existed and let the SA-enabled version take
973 if (!had_dst && (*dst)->error) {
979 flags |= RT6_LOOKUP_F_IFACE;
983 *dst = ip6_route_output_flags(net, sk, fl6, flags);
987 goto out_err_release;
989 #ifdef CONFIG_IPV6_OPTIMISTIC_DAD
991 * Here if the dst entry we've looked up
992 * has a neighbour entry that is in the INCOMPLETE
993 * state and the src address from the flow is
994 * marked as OPTIMISTIC, we release the found
995 * dst entry and replace it instead with the
996 * dst entry of the nexthop router
998 rt = (struct rt6_info *) *dst;
1000 n = __ipv6_neigh_lookup_noref(rt->dst.dev,
1001 rt6_nexthop(rt, &fl6->daddr));
1002 err = n && !(n->nud_state & NUD_VALID) ? -EINVAL : 0;
1003 rcu_read_unlock_bh();
1006 struct inet6_ifaddr *ifp;
1007 struct flowi6 fl_gw6;
1010 ifp = ipv6_get_ifaddr(net, &fl6->saddr,
1013 redirect = (ifp && ifp->flags & IFA_F_OPTIMISTIC);
1019 * We need to get the dst entry for the
1020 * default router instead
1023 memcpy(&fl_gw6, fl6, sizeof(struct flowi6));
1024 memset(&fl_gw6.daddr, 0, sizeof(struct in6_addr));
1025 *dst = ip6_route_output(net, sk, &fl_gw6);
1026 err = (*dst)->error;
1028 goto out_err_release;
1032 if (ipv6_addr_v4mapped(&fl6->saddr) &&
1033 !(ipv6_addr_v4mapped(&fl6->daddr) || ipv6_addr_any(&fl6->daddr))) {
1034 err = -EAFNOSUPPORT;
1035 goto out_err_release;
1044 if (err == -ENETUNREACH)
1045 IP6_INC_STATS(net, NULL, IPSTATS_MIB_OUTNOROUTES);
1050 * ip6_dst_lookup - perform route lookup on flow
1051 * @sk: socket which provides route info
1052 * @dst: pointer to dst_entry * for result
1053 * @fl6: flow to lookup
1055 * This function performs a route lookup on the given flow.
1057 * It returns zero on success, or a standard errno code on error.
1059 int ip6_dst_lookup(struct net *net, struct sock *sk, struct dst_entry **dst,
1063 return ip6_dst_lookup_tail(net, sk, dst, fl6);
1065 EXPORT_SYMBOL_GPL(ip6_dst_lookup);
1068 * ip6_dst_lookup_flow - perform route lookup on flow with ipsec
1069 * @sk: socket which provides route info
1070 * @fl6: flow to lookup
1071 * @final_dst: final destination address for ipsec lookup
1073 * This function performs a route lookup on the given flow.
1075 * It returns a valid dst pointer on success, or a pointer encoded
1078 struct dst_entry *ip6_dst_lookup_flow(struct net *net, const struct sock *sk, struct flowi6 *fl6,
1079 const struct in6_addr *final_dst)
1081 struct dst_entry *dst = NULL;
1084 err = ip6_dst_lookup_tail(net, sk, &dst, fl6);
1086 return ERR_PTR(err);
1088 fl6->daddr = *final_dst;
1090 return xfrm_lookup_route(net, dst, flowi6_to_flowi(fl6), sk, 0);
1092 EXPORT_SYMBOL_GPL(ip6_dst_lookup_flow);
1095 * ip6_sk_dst_lookup_flow - perform socket cached route lookup on flow
1096 * @sk: socket which provides the dst cache and route info
1097 * @fl6: flow to lookup
1098 * @final_dst: final destination address for ipsec lookup
1100 * This function performs a route lookup on the given flow with the
1101 * possibility of using the cached route in the socket if it is valid.
1102 * It will take the socket dst lock when operating on the dst cache.
1103 * As a result, this function can only be used in process context.
1105 * It returns a valid dst pointer on success, or a pointer encoded
1108 struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1109 const struct in6_addr *final_dst)
1111 struct dst_entry *dst = sk_dst_check(sk, inet6_sk(sk)->dst_cookie);
1113 dst = ip6_sk_dst_check(sk, dst, fl6);
1115 dst = ip6_dst_lookup_flow(sock_net(sk), sk, fl6, final_dst);
1119 EXPORT_SYMBOL_GPL(ip6_sk_dst_lookup_flow);
1121 static inline int ip6_ufo_append_data(struct sock *sk,
1122 struct sk_buff_head *queue,
1123 int getfrag(void *from, char *to, int offset, int len,
1124 int odd, struct sk_buff *skb),
1125 void *from, int length, int hh_len, int fragheaderlen,
1126 int exthdrlen, int transhdrlen, int mtu,
1127 unsigned int flags, const struct flowi6 *fl6)
1130 struct sk_buff *skb;
1133 /* There is support for UDP large send offload by network
1134 * device, so create one single skb packet containing complete
1137 skb = skb_peek_tail(queue);
1139 skb = sock_alloc_send_skb(sk,
1140 hh_len + fragheaderlen + transhdrlen + 20,
1141 (flags & MSG_DONTWAIT), &err);
1145 /* reserve space for Hardware header */
1146 skb_reserve(skb, hh_len);
1148 /* create space for UDP/IP header */
1149 skb_put(skb, fragheaderlen + transhdrlen);
1151 /* initialize network header pointer */
1152 skb_set_network_header(skb, exthdrlen);
1154 /* initialize protocol header pointer */
1155 skb->transport_header = skb->network_header + fragheaderlen;
1157 skb->protocol = htons(ETH_P_IPV6);
1160 __skb_queue_tail(queue, skb);
1161 } else if (skb_is_gso(skb)) {
1165 skb->ip_summed = CHECKSUM_PARTIAL;
1166 /* Specify the length of each IPv6 datagram fragment.
1167 * It has to be a multiple of 8.
1169 skb_shinfo(skb)->gso_size = (mtu - fragheaderlen -
1170 sizeof(struct frag_hdr)) & ~7;
1171 skb_shinfo(skb)->gso_type = SKB_GSO_UDP;
1172 skb_shinfo(skb)->ip6_frag_id = ipv6_select_ident(sock_net(sk),
1177 return skb_append_datato_frags(sk, skb, getfrag, from,
1178 (length - transhdrlen));
1181 static inline struct ipv6_opt_hdr *ip6_opt_dup(struct ipv6_opt_hdr *src,
1184 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1187 static inline struct ipv6_rt_hdr *ip6_rthdr_dup(struct ipv6_rt_hdr *src,
1190 return src ? kmemdup(src, (src->hdrlen + 1) * 8, gfp) : NULL;
1193 static void ip6_append_data_mtu(unsigned int *mtu,
1195 unsigned int fragheaderlen,
1196 struct sk_buff *skb,
1197 struct rt6_info *rt,
1198 unsigned int orig_mtu)
1200 if (!(rt->dst.flags & DST_XFRM_TUNNEL)) {
1202 /* first fragment, reserve header_len */
1203 *mtu = orig_mtu - rt->dst.header_len;
1207 * this fragment is not first, the headers
1208 * space is regarded as data space.
1212 *maxfraglen = ((*mtu - fragheaderlen) & ~7)
1213 + fragheaderlen - sizeof(struct frag_hdr);
1217 static int ip6_setup_cork(struct sock *sk, struct inet_cork_full *cork,
1218 struct inet6_cork *v6_cork, struct ipcm6_cookie *ipc6,
1219 struct rt6_info *rt, struct flowi6 *fl6)
1221 struct ipv6_pinfo *np = inet6_sk(sk);
1223 struct ipv6_txoptions *opt = ipc6->opt;
1229 if (WARN_ON(v6_cork->opt))
1232 v6_cork->opt = kzalloc(sizeof(*opt), sk->sk_allocation);
1233 if (unlikely(!v6_cork->opt))
1236 v6_cork->opt->tot_len = sizeof(*opt);
1237 v6_cork->opt->opt_flen = opt->opt_flen;
1238 v6_cork->opt->opt_nflen = opt->opt_nflen;
1240 v6_cork->opt->dst0opt = ip6_opt_dup(opt->dst0opt,
1242 if (opt->dst0opt && !v6_cork->opt->dst0opt)
1245 v6_cork->opt->dst1opt = ip6_opt_dup(opt->dst1opt,
1247 if (opt->dst1opt && !v6_cork->opt->dst1opt)
1250 v6_cork->opt->hopopt = ip6_opt_dup(opt->hopopt,
1252 if (opt->hopopt && !v6_cork->opt->hopopt)
1255 v6_cork->opt->srcrt = ip6_rthdr_dup(opt->srcrt,
1257 if (opt->srcrt && !v6_cork->opt->srcrt)
1260 /* need source address above miyazawa*/
1263 cork->base.dst = &rt->dst;
1264 cork->fl.u.ip6 = *fl6;
1265 v6_cork->hop_limit = ipc6->hlimit;
1266 v6_cork->tclass = ipc6->tclass;
1267 if (rt->dst.flags & DST_XFRM_TUNNEL)
1268 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1269 READ_ONCE(rt->dst.dev->mtu) : dst_mtu(&rt->dst);
1271 mtu = np->pmtudisc >= IPV6_PMTUDISC_PROBE ?
1272 READ_ONCE(rt->dst.dev->mtu) : dst_mtu(rt->dst.path);
1273 if (np->frag_size < mtu) {
1275 mtu = np->frag_size;
1277 cork->base.fragsize = mtu;
1278 if (dst_allfrag(rt->dst.path))
1279 cork->base.flags |= IPCORK_ALLFRAG;
1280 cork->base.length = 0;
1285 static int __ip6_append_data(struct sock *sk,
1287 struct sk_buff_head *queue,
1288 struct inet_cork *cork,
1289 struct inet6_cork *v6_cork,
1290 struct page_frag *pfrag,
1291 int getfrag(void *from, char *to, int offset,
1292 int len, int odd, struct sk_buff *skb),
1293 void *from, int length, int transhdrlen,
1294 unsigned int flags, struct ipcm6_cookie *ipc6,
1295 const struct sockcm_cookie *sockc)
1297 struct sk_buff *skb, *skb_prev = NULL;
1298 unsigned int maxfraglen, fragheaderlen, mtu, orig_mtu, pmtu;
1300 int dst_exthdrlen = 0;
1307 struct rt6_info *rt = (struct rt6_info *)cork->dst;
1308 struct ipv6_txoptions *opt = v6_cork->opt;
1309 int csummode = CHECKSUM_NONE;
1310 unsigned int maxnonfragsize, headersize;
1312 skb = skb_peek_tail(queue);
1314 exthdrlen = opt ? opt->opt_flen : 0;
1315 dst_exthdrlen = rt->dst.header_len - rt->rt6i_nfheader_len;
1318 mtu = cork->fragsize;
1321 hh_len = LL_RESERVED_SPACE(rt->dst.dev);
1323 fragheaderlen = sizeof(struct ipv6hdr) + rt->rt6i_nfheader_len +
1324 (opt ? opt->opt_nflen : 0);
1326 headersize = sizeof(struct ipv6hdr) +
1327 (opt ? opt->opt_flen + opt->opt_nflen : 0) +
1328 (dst_allfrag(&rt->dst) ?
1329 sizeof(struct frag_hdr) : 0) +
1330 rt->rt6i_nfheader_len;
1332 if (mtu <= fragheaderlen ||
1333 ((mtu - fragheaderlen) & ~7) + fragheaderlen <= sizeof(struct frag_hdr))
1336 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen -
1337 sizeof(struct frag_hdr);
1339 /* as per RFC 7112 section 5, the entire IPv6 Header Chain must fit
1340 * the first fragment
1342 if (headersize + transhdrlen > mtu)
1345 if (cork->length + length > mtu - headersize && ipc6->dontfrag &&
1346 (sk->sk_protocol == IPPROTO_UDP ||
1347 sk->sk_protocol == IPPROTO_RAW)) {
1348 ipv6_local_rxpmtu(sk, fl6, mtu - headersize +
1349 sizeof(struct ipv6hdr));
1353 if (ip6_sk_ignore_df(sk))
1354 maxnonfragsize = sizeof(struct ipv6hdr) + IPV6_MAXPLEN;
1356 maxnonfragsize = mtu;
1358 if (cork->length + length > maxnonfragsize - headersize) {
1360 pmtu = max_t(int, mtu - headersize + sizeof(struct ipv6hdr), 0);
1361 ipv6_local_error(sk, EMSGSIZE, fl6, pmtu);
1365 /* CHECKSUM_PARTIAL only with no extension headers and when
1366 * we are not going to fragment
1368 if (transhdrlen && sk->sk_protocol == IPPROTO_UDP &&
1369 headersize == sizeof(struct ipv6hdr) &&
1370 length < mtu - headersize &&
1371 !(flags & MSG_MORE) &&
1372 rt->dst.dev->features & (NETIF_F_IPV6_CSUM | NETIF_F_HW_CSUM))
1373 csummode = CHECKSUM_PARTIAL;
1375 if (sk->sk_type == SOCK_DGRAM || sk->sk_type == SOCK_RAW) {
1376 sock_tx_timestamp(sk, sockc->tsflags, &tx_flags);
1377 if (tx_flags & SKBTX_ANY_SW_TSTAMP &&
1378 sk->sk_tsflags & SOF_TIMESTAMPING_OPT_ID)
1379 tskey = sk->sk_tskey++;
1383 * Let's try using as much space as possible.
1384 * Use MTU if total length of the message fits into the MTU.
1385 * Otherwise, we need to reserve fragment header and
1386 * fragment alignment (= 8-15 octects, in total).
1388 * Note that we may need to "move" the data from the tail of
1389 * of the buffer to the new fragment when we split
1392 * FIXME: It may be fragmented into multiple chunks
1393 * at once if non-fragmentable extension headers
1398 cork->length += length;
1399 if ((skb && skb_is_gso(skb)) ||
1400 (((length + fragheaderlen) > mtu) &&
1401 (skb_queue_len(queue) <= 1) &&
1402 (sk->sk_protocol == IPPROTO_UDP) &&
1403 (rt->dst.dev->features & NETIF_F_UFO) && !rt->dst.header_len &&
1404 (sk->sk_type == SOCK_DGRAM) && !udp_get_no_check6_tx(sk))) {
1405 err = ip6_ufo_append_data(sk, queue, getfrag, from, length,
1406 hh_len, fragheaderlen, exthdrlen,
1407 transhdrlen, mtu, flags, fl6);
1416 while (length > 0) {
1417 /* Check if the remaining data fits into current packet. */
1418 copy = (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - skb->len;
1420 copy = maxfraglen - skb->len;
1424 unsigned int datalen;
1425 unsigned int fraglen;
1426 unsigned int fraggap;
1427 unsigned int alloclen;
1429 /* There's no room in the current skb */
1431 fraggap = skb->len - maxfraglen;
1434 /* update mtu and maxfraglen if necessary */
1435 if (!skb || !skb_prev)
1436 ip6_append_data_mtu(&mtu, &maxfraglen,
1437 fragheaderlen, skb, rt,
1443 * If remaining data exceeds the mtu,
1444 * we know we need more fragment(s).
1446 datalen = length + fraggap;
1448 if (datalen > (cork->length <= mtu && !(cork->flags & IPCORK_ALLFRAG) ? mtu : maxfraglen) - fragheaderlen)
1449 datalen = maxfraglen - fragheaderlen - rt->dst.trailer_len;
1450 if ((flags & MSG_MORE) &&
1451 !(rt->dst.dev->features&NETIF_F_SG))
1454 alloclen = datalen + fragheaderlen;
1456 alloclen += dst_exthdrlen;
1458 if (datalen != length + fraggap) {
1460 * this is not the last fragment, the trailer
1461 * space is regarded as data space.
1463 datalen += rt->dst.trailer_len;
1466 alloclen += rt->dst.trailer_len;
1467 fraglen = datalen + fragheaderlen;
1470 * We just reserve space for fragment header.
1471 * Note: this may be overallocation if the message
1472 * (without MSG_MORE) fits into the MTU.
1474 alloclen += sizeof(struct frag_hdr);
1476 copy = datalen - transhdrlen - fraggap;
1482 skb = sock_alloc_send_skb(sk,
1484 (flags & MSG_DONTWAIT), &err);
1487 if (atomic_read(&sk->sk_wmem_alloc) <=
1489 skb = sock_wmalloc(sk,
1490 alloclen + hh_len, 1,
1498 * Fill in the control structures
1500 skb->protocol = htons(ETH_P_IPV6);
1501 skb->ip_summed = csummode;
1503 /* reserve for fragmentation and ipsec header */
1504 skb_reserve(skb, hh_len + sizeof(struct frag_hdr) +
1507 /* Only the initial fragment is time stamped */
1508 skb_shinfo(skb)->tx_flags = tx_flags;
1510 skb_shinfo(skb)->tskey = tskey;
1514 * Find where to start putting bytes
1516 data = skb_put(skb, fraglen);
1517 skb_set_network_header(skb, exthdrlen);
1518 data += fragheaderlen;
1519 skb->transport_header = (skb->network_header +
1522 skb->csum = skb_copy_and_csum_bits(
1523 skb_prev, maxfraglen,
1524 data + transhdrlen, fraggap, 0);
1525 skb_prev->csum = csum_sub(skb_prev->csum,
1528 pskb_trim_unique(skb_prev, maxfraglen);
1531 getfrag(from, data + transhdrlen, offset,
1532 copy, fraggap, skb) < 0) {
1539 length -= datalen - fraggap;
1545 * Put the packet on the pending queue
1547 __skb_queue_tail(queue, skb);
1554 if (!(rt->dst.dev->features&NETIF_F_SG) &&
1555 skb_tailroom(skb) >= copy) {
1559 if (getfrag(from, skb_put(skb, copy),
1560 offset, copy, off, skb) < 0) {
1561 __skb_trim(skb, off);
1566 int i = skb_shinfo(skb)->nr_frags;
1569 if (!sk_page_frag_refill(sk, pfrag))
1572 if (!skb_can_coalesce(skb, i, pfrag->page,
1575 if (i == MAX_SKB_FRAGS)
1578 __skb_fill_page_desc(skb, i, pfrag->page,
1580 skb_shinfo(skb)->nr_frags = ++i;
1581 get_page(pfrag->page);
1583 copy = min_t(int, copy, pfrag->size - pfrag->offset);
1585 page_address(pfrag->page) + pfrag->offset,
1586 offset, copy, skb->len, skb) < 0)
1589 pfrag->offset += copy;
1590 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy);
1592 skb->data_len += copy;
1593 skb->truesize += copy;
1594 atomic_add(copy, &sk->sk_wmem_alloc);
1605 cork->length -= length;
1606 IP6_INC_STATS(sock_net(sk), rt->rt6i_idev, IPSTATS_MIB_OUTDISCARDS);
1610 int ip6_append_data(struct sock *sk,
1611 int getfrag(void *from, char *to, int offset, int len,
1612 int odd, struct sk_buff *skb),
1613 void *from, int length, int transhdrlen,
1614 struct ipcm6_cookie *ipc6, struct flowi6 *fl6,
1615 struct rt6_info *rt, unsigned int flags,
1616 const struct sockcm_cookie *sockc)
1618 struct inet_sock *inet = inet_sk(sk);
1619 struct ipv6_pinfo *np = inet6_sk(sk);
1623 if (flags&MSG_PROBE)
1625 if (skb_queue_empty(&sk->sk_write_queue)) {
1629 err = ip6_setup_cork(sk, &inet->cork, &np->cork,
1634 exthdrlen = (ipc6->opt ? ipc6->opt->opt_flen : 0);
1635 length += exthdrlen;
1636 transhdrlen += exthdrlen;
1638 fl6 = &inet->cork.fl.u.ip6;
1642 return __ip6_append_data(sk, fl6, &sk->sk_write_queue, &inet->cork.base,
1643 &np->cork, sk_page_frag(sk), getfrag,
1644 from, length, transhdrlen, flags, ipc6, sockc);
1646 EXPORT_SYMBOL_GPL(ip6_append_data);
1648 static void ip6_cork_release(struct inet_cork_full *cork,
1649 struct inet6_cork *v6_cork)
1652 kfree(v6_cork->opt->dst0opt);
1653 kfree(v6_cork->opt->dst1opt);
1654 kfree(v6_cork->opt->hopopt);
1655 kfree(v6_cork->opt->srcrt);
1656 kfree(v6_cork->opt);
1657 v6_cork->opt = NULL;
1660 if (cork->base.dst) {
1661 dst_release(cork->base.dst);
1662 cork->base.dst = NULL;
1663 cork->base.flags &= ~IPCORK_ALLFRAG;
1665 memset(&cork->fl, 0, sizeof(cork->fl));
1668 struct sk_buff *__ip6_make_skb(struct sock *sk,
1669 struct sk_buff_head *queue,
1670 struct inet_cork_full *cork,
1671 struct inet6_cork *v6_cork)
1673 struct sk_buff *skb, *tmp_skb;
1674 struct sk_buff **tail_skb;
1675 struct in6_addr final_dst_buf, *final_dst = &final_dst_buf;
1676 struct ipv6_pinfo *np = inet6_sk(sk);
1677 struct net *net = sock_net(sk);
1678 struct ipv6hdr *hdr;
1679 struct ipv6_txoptions *opt = v6_cork->opt;
1680 struct rt6_info *rt = (struct rt6_info *)cork->base.dst;
1681 struct flowi6 *fl6 = &cork->fl.u.ip6;
1682 unsigned char proto = fl6->flowi6_proto;
1684 skb = __skb_dequeue(queue);
1687 tail_skb = &(skb_shinfo(skb)->frag_list);
1689 /* move skb->data to ip header from ext header */
1690 if (skb->data < skb_network_header(skb))
1691 __skb_pull(skb, skb_network_offset(skb));
1692 while ((tmp_skb = __skb_dequeue(queue)) != NULL) {
1693 __skb_pull(tmp_skb, skb_network_header_len(skb));
1694 *tail_skb = tmp_skb;
1695 tail_skb = &(tmp_skb->next);
1696 skb->len += tmp_skb->len;
1697 skb->data_len += tmp_skb->len;
1698 skb->truesize += tmp_skb->truesize;
1699 tmp_skb->destructor = NULL;
1703 /* Allow local fragmentation. */
1704 skb->ignore_df = ip6_sk_ignore_df(sk);
1706 *final_dst = fl6->daddr;
1707 __skb_pull(skb, skb_network_header_len(skb));
1708 if (opt && opt->opt_flen)
1709 ipv6_push_frag_opts(skb, opt, &proto);
1710 if (opt && opt->opt_nflen)
1711 ipv6_push_nfrag_opts(skb, opt, &proto, &final_dst);
1713 skb_push(skb, sizeof(struct ipv6hdr));
1714 skb_reset_network_header(skb);
1715 hdr = ipv6_hdr(skb);
1717 ip6_flow_hdr(hdr, v6_cork->tclass,
1718 ip6_make_flowlabel(net, skb, fl6->flowlabel,
1719 ip6_autoflowlabel(net, np), fl6));
1720 hdr->hop_limit = v6_cork->hop_limit;
1721 hdr->nexthdr = proto;
1722 hdr->saddr = fl6->saddr;
1723 hdr->daddr = *final_dst;
1725 skb->priority = sk->sk_priority;
1726 skb->mark = sk->sk_mark;
1728 skb_dst_set(skb, dst_clone(&rt->dst));
1729 IP6_UPD_PO_STATS(net, rt->rt6i_idev, IPSTATS_MIB_OUT, skb->len);
1730 if (proto == IPPROTO_ICMPV6) {
1731 struct inet6_dev *idev = ip6_dst_idev(skb_dst(skb));
1733 ICMP6MSGOUT_INC_STATS(net, idev, icmp6_hdr(skb)->icmp6_type);
1734 ICMP6_INC_STATS(net, idev, ICMP6_MIB_OUTMSGS);
1737 ip6_cork_release(cork, v6_cork);
1742 int ip6_send_skb(struct sk_buff *skb)
1744 struct net *net = sock_net(skb->sk);
1745 struct rt6_info *rt = (struct rt6_info *)skb_dst(skb);
1748 err = ip6_local_out(net, skb->sk, skb);
1751 err = net_xmit_errno(err);
1753 IP6_INC_STATS(net, rt->rt6i_idev,
1754 IPSTATS_MIB_OUTDISCARDS);
1760 int ip6_push_pending_frames(struct sock *sk)
1762 struct sk_buff *skb;
1764 skb = ip6_finish_skb(sk);
1768 return ip6_send_skb(skb);
1770 EXPORT_SYMBOL_GPL(ip6_push_pending_frames);
1772 static void __ip6_flush_pending_frames(struct sock *sk,
1773 struct sk_buff_head *queue,
1774 struct inet_cork_full *cork,
1775 struct inet6_cork *v6_cork)
1777 struct sk_buff *skb;
1779 while ((skb = __skb_dequeue_tail(queue)) != NULL) {
1781 IP6_INC_STATS(sock_net(sk), ip6_dst_idev(skb_dst(skb)),
1782 IPSTATS_MIB_OUTDISCARDS);
1786 ip6_cork_release(cork, v6_cork);
1789 void ip6_flush_pending_frames(struct sock *sk)
1791 __ip6_flush_pending_frames(sk, &sk->sk_write_queue,
1792 &inet_sk(sk)->cork, &inet6_sk(sk)->cork);
1794 EXPORT_SYMBOL_GPL(ip6_flush_pending_frames);
1796 struct sk_buff *ip6_make_skb(struct sock *sk,
1797 int getfrag(void *from, char *to, int offset,
1798 int len, int odd, struct sk_buff *skb),
1799 void *from, int length, int transhdrlen,
1800 struct ipcm6_cookie *ipc6, struct flowi6 *fl6,
1801 struct rt6_info *rt, unsigned int flags,
1802 const struct sockcm_cookie *sockc)
1804 struct inet_cork_full cork;
1805 struct inet6_cork v6_cork;
1806 struct sk_buff_head queue;
1807 int exthdrlen = (ipc6->opt ? ipc6->opt->opt_flen : 0);
1810 if (flags & MSG_PROBE)
1813 __skb_queue_head_init(&queue);
1815 cork.base.flags = 0;
1817 cork.base.opt = NULL;
1818 cork.base.dst = NULL;
1820 err = ip6_setup_cork(sk, &cork, &v6_cork, ipc6, rt, fl6);
1822 ip6_cork_release(&cork, &v6_cork);
1823 return ERR_PTR(err);
1825 if (ipc6->dontfrag < 0)
1826 ipc6->dontfrag = inet6_sk(sk)->dontfrag;
1828 err = __ip6_append_data(sk, fl6, &queue, &cork.base, &v6_cork,
1829 ¤t->task_frag, getfrag, from,
1830 length + exthdrlen, transhdrlen + exthdrlen,
1831 flags, ipc6, sockc);
1833 __ip6_flush_pending_frames(sk, &queue, &cork, &v6_cork);
1834 return ERR_PTR(err);
1837 return __ip6_make_skb(sk, &queue, &cork, &v6_cork);
projects / releases.git / blob