ip_output.c revision daba287b299ec7a2c61ae3a714920e90e8396ad5
1/* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * The Internet Protocol (IP) output module. 7 * 8 * Authors: Ross Biro 9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> 10 * Donald Becker, <becker@super.org> 11 * Alan Cox, <Alan.Cox@linux.org> 12 * Richard Underwood 13 * Stefan Becker, <stefanb@yello.ping.de> 14 * Jorge Cwik, <jorge@laser.satlink.net> 15 * Arnt Gulbrandsen, <agulbra@nvg.unit.no> 16 * Hirokazu Takahashi, <taka@valinux.co.jp> 17 * 18 * See ip_input.c for original log 19 * 20 * Fixes: 21 * Alan Cox : Missing nonblock feature in ip_build_xmit. 22 * Mike Kilburn : htons() missing in ip_build_xmit. 23 * Bradford Johnson: Fix faulty handling of some frames when 24 * no route is found. 25 * Alexander Demenshin: Missing sk/skb free in ip_queue_xmit 26 * (in case if packet not accepted by 27 * output firewall rules) 28 * Mike McLagan : Routing by source 29 * Alexey Kuznetsov: use new route cache 30 * Andi Kleen: Fix broken PMTU recovery and remove 31 * some redundant tests. 32 * Vitaly E. Lavrov : Transparent proxy revived after year coma. 33 * Andi Kleen : Replace ip_reply with ip_send_reply. 34 * Andi Kleen : Split fast and slow ip_build_xmit path 35 * for decreased register pressure on x86 36 * and more readibility. 37 * Marc Boucher : When call_out_firewall returns FW_QUEUE, 38 * silently drop skb instead of failing with -EPERM. 39 * Detlev Wengorz : Copy protocol for fragments. 40 * Hirokazu Takahashi: HW checksumming for outgoing UDP 41 * datagrams. 42 * Hirokazu Takahashi: sendfile() on UDP works now. 43 */ 44 45#include <asm/uaccess.h> 46#include <linux/module.h> 47#include <linux/types.h> 48#include <linux/kernel.h> 49#include <linux/mm.h> 50#include <linux/string.h> 51#include <linux/errno.h> 52#include <linux/highmem.h> 53#include <linux/slab.h> 54 55#include <linux/socket.h> 56#include <linux/sockios.h> 57#include <linux/in.h> 58#include <linux/inet.h> 59#include <linux/netdevice.h> 60#include <linux/etherdevice.h> 61#include <linux/proc_fs.h> 62#include <linux/stat.h> 63#include <linux/init.h> 64 65#include <net/snmp.h> 66#include <net/ip.h> 67#include <net/protocol.h> 68#include <net/route.h> 69#include <net/xfrm.h> 70#include <linux/skbuff.h> 71#include <net/sock.h> 72#include <net/arp.h> 73#include <net/icmp.h> 74#include <net/checksum.h> 75#include <net/inetpeer.h> 76#include <linux/igmp.h> 77#include <linux/netfilter_ipv4.h> 78#include <linux/netfilter_bridge.h> 79#include <linux/mroute.h> 80#include <linux/netlink.h> 81#include <linux/tcp.h> 82 83int sysctl_ip_default_ttl __read_mostly = IPDEFTTL; 84EXPORT_SYMBOL(sysctl_ip_default_ttl); 85 86/* Generate a checksum for an outgoing IP datagram. */ 87void ip_send_check(struct iphdr *iph) 88{ 89 iph->check = 0; 90 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl); 91} 92EXPORT_SYMBOL(ip_send_check); 93 94int __ip_local_out(struct sk_buff *skb) 95{ 96 struct iphdr *iph = ip_hdr(skb); 97 98 iph->tot_len = htons(skb->len); 99 ip_send_check(iph); 100 return nf_hook(NFPROTO_IPV4, NF_INET_LOCAL_OUT, skb, NULL, 101 skb_dst(skb)->dev, dst_output); 102} 103 104int ip_local_out(struct sk_buff *skb) 105{ 106 int err; 107 108 err = __ip_local_out(skb); 109 if (likely(err == 1)) 110 err = dst_output(skb); 111 112 return err; 113} 114EXPORT_SYMBOL_GPL(ip_local_out); 115 116static inline int ip_select_ttl(struct inet_sock *inet, struct dst_entry *dst) 117{ 118 int ttl = inet->uc_ttl; 119 120 if (ttl < 0) 121 ttl = ip4_dst_hoplimit(dst); 122 return ttl; 123} 124 125/* 126 * Add an ip header to a skbuff and send it out. 127 * 128 */ 129int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk, 130 __be32 saddr, __be32 daddr, struct ip_options_rcu *opt) 131{ 132 struct inet_sock *inet = inet_sk(sk); 133 struct rtable *rt = skb_rtable(skb); 134 struct iphdr *iph; 135 136 /* Build the IP header. */ 137 skb_push(skb, sizeof(struct iphdr) + (opt ? opt->opt.optlen : 0)); 138 skb_reset_network_header(skb); 139 iph = ip_hdr(skb); 140 iph->version = 4; 141 iph->ihl = 5; 142 iph->tos = inet->tos; 143 if (ip_dont_fragment(sk, &rt->dst)) 144 iph->frag_off = htons(IP_DF); 145 else 146 iph->frag_off = 0; 147 iph->ttl = ip_select_ttl(inet, &rt->dst); 148 iph->daddr = (opt && opt->opt.srr ? opt->opt.faddr : daddr); 149 iph->saddr = saddr; 150 iph->protocol = sk->sk_protocol; 151 ip_select_ident(skb, &rt->dst, sk); 152 153 if (opt && opt->opt.optlen) { 154 iph->ihl += opt->opt.optlen>>2; 155 ip_options_build(skb, &opt->opt, daddr, rt, 0); 156 } 157 158 skb->priority = sk->sk_priority; 159 skb->mark = sk->sk_mark; 160 161 /* Send it out. */ 162 return ip_local_out(skb); 163} 164EXPORT_SYMBOL_GPL(ip_build_and_send_pkt); 165 166static inline int ip_finish_output2(struct sk_buff *skb) 167{ 168 struct dst_entry *dst = skb_dst(skb); 169 struct rtable *rt = (struct rtable *)dst; 170 struct net_device *dev = dst->dev; 171 unsigned int hh_len = LL_RESERVED_SPACE(dev); 172 struct neighbour *neigh; 173 u32 nexthop; 174 175 if (rt->rt_type == RTN_MULTICAST) { 176 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTMCAST, skb->len); 177 } else if (rt->rt_type == RTN_BROADCAST) 178 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUTBCAST, skb->len); 179 180 /* Be paranoid, rather than too clever. */ 181 if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) { 182 struct sk_buff *skb2; 183 184 skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev)); 185 if (skb2 == NULL) { 186 kfree_skb(skb); 187 return -ENOMEM; 188 } 189 if (skb->sk) 190 skb_set_owner_w(skb2, skb->sk); 191 consume_skb(skb); 192 skb = skb2; 193 } 194 195 rcu_read_lock_bh(); 196 nexthop = (__force u32) rt_nexthop(rt, ip_hdr(skb)->daddr); 197 neigh = __ipv4_neigh_lookup_noref(dev, nexthop); 198 if (unlikely(!neigh)) 199 neigh = __neigh_create(&arp_tbl, &nexthop, dev, false); 200 if (!IS_ERR(neigh)) { 201 int res = dst_neigh_output(dst, neigh, skb); 202 203 rcu_read_unlock_bh(); 204 return res; 205 } 206 rcu_read_unlock_bh(); 207 208 net_dbg_ratelimited("%s: No header cache and no neighbour!\n", 209 __func__); 210 kfree_skb(skb); 211 return -EINVAL; 212} 213 214static int ip_finish_output(struct sk_buff *skb) 215{ 216#if defined(CONFIG_NETFILTER) && defined(CONFIG_XFRM) 217 /* Policy lookup after SNAT yielded a new policy */ 218 if (skb_dst(skb)->xfrm != NULL) { 219 IPCB(skb)->flags |= IPSKB_REROUTED; 220 return dst_output(skb); 221 } 222#endif 223 if (skb->len > ip_skb_dst_mtu(skb) && !skb_is_gso(skb)) 224 return ip_fragment(skb, ip_finish_output2); 225 else 226 return ip_finish_output2(skb); 227} 228 229int ip_mc_output(struct sk_buff *skb) 230{ 231 struct sock *sk = skb->sk; 232 struct rtable *rt = skb_rtable(skb); 233 struct net_device *dev = rt->dst.dev; 234 235 /* 236 * If the indicated interface is up and running, send the packet. 237 */ 238 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len); 239 240 skb->dev = dev; 241 skb->protocol = htons(ETH_P_IP); 242 243 /* 244 * Multicasts are looped back for other local users 245 */ 246 247 if (rt->rt_flags&RTCF_MULTICAST) { 248 if (sk_mc_loop(sk) 249#ifdef CONFIG_IP_MROUTE 250 /* Small optimization: do not loopback not local frames, 251 which returned after forwarding; they will be dropped 252 by ip_mr_input in any case. 253 Note, that local frames are looped back to be delivered 254 to local recipients. 255 256 This check is duplicated in ip_mr_input at the moment. 257 */ 258 && 259 ((rt->rt_flags & RTCF_LOCAL) || 260 !(IPCB(skb)->flags & IPSKB_FORWARDED)) 261#endif 262 ) { 263 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC); 264 if (newskb) 265 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, 266 newskb, NULL, newskb->dev, 267 dev_loopback_xmit); 268 } 269 270 /* Multicasts with ttl 0 must not go beyond the host */ 271 272 if (ip_hdr(skb)->ttl == 0) { 273 kfree_skb(skb); 274 return 0; 275 } 276 } 277 278 if (rt->rt_flags&RTCF_BROADCAST) { 279 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC); 280 if (newskb) 281 NF_HOOK(NFPROTO_IPV4, NF_INET_POST_ROUTING, newskb, 282 NULL, newskb->dev, dev_loopback_xmit); 283 } 284 285 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL, 286 skb->dev, ip_finish_output, 287 !(IPCB(skb)->flags & IPSKB_REROUTED)); 288} 289 290int ip_output(struct sk_buff *skb) 291{ 292 struct net_device *dev = skb_dst(skb)->dev; 293 294 IP_UPD_PO_STATS(dev_net(dev), IPSTATS_MIB_OUT, skb->len); 295 296 skb->dev = dev; 297 skb->protocol = htons(ETH_P_IP); 298 299 return NF_HOOK_COND(NFPROTO_IPV4, NF_INET_POST_ROUTING, skb, NULL, dev, 300 ip_finish_output, 301 !(IPCB(skb)->flags & IPSKB_REROUTED)); 302} 303 304/* 305 * copy saddr and daddr, possibly using 64bit load/stores 306 * Equivalent to : 307 * iph->saddr = fl4->saddr; 308 * iph->daddr = fl4->daddr; 309 */ 310static void ip_copy_addrs(struct iphdr *iph, const struct flowi4 *fl4) 311{ 312 BUILD_BUG_ON(offsetof(typeof(*fl4), daddr) != 313 offsetof(typeof(*fl4), saddr) + sizeof(fl4->saddr)); 314 memcpy(&iph->saddr, &fl4->saddr, 315 sizeof(fl4->saddr) + sizeof(fl4->daddr)); 316} 317 318int ip_queue_xmit(struct sk_buff *skb, struct flowi *fl) 319{ 320 struct sock *sk = skb->sk; 321 struct inet_sock *inet = inet_sk(sk); 322 struct ip_options_rcu *inet_opt; 323 struct flowi4 *fl4; 324 struct rtable *rt; 325 struct iphdr *iph; 326 int res; 327 328 /* Skip all of this if the packet is already routed, 329 * f.e. by something like SCTP. 330 */ 331 rcu_read_lock(); 332 inet_opt = rcu_dereference(inet->inet_opt); 333 fl4 = &fl->u.ip4; 334 rt = skb_rtable(skb); 335 if (rt != NULL) 336 goto packet_routed; 337 338 /* Make sure we can route this packet. */ 339 rt = (struct rtable *)__sk_dst_check(sk, 0); 340 if (rt == NULL) { 341 __be32 daddr; 342 343 /* Use correct destination address if we have options. */ 344 daddr = inet->inet_daddr; 345 if (inet_opt && inet_opt->opt.srr) 346 daddr = inet_opt->opt.faddr; 347 348 /* If this fails, retransmit mechanism of transport layer will 349 * keep trying until route appears or the connection times 350 * itself out. 351 */ 352 rt = ip_route_output_ports(sock_net(sk), fl4, sk, 353 daddr, inet->inet_saddr, 354 inet->inet_dport, 355 inet->inet_sport, 356 sk->sk_protocol, 357 RT_CONN_FLAGS(sk), 358 sk->sk_bound_dev_if); 359 if (IS_ERR(rt)) 360 goto no_route; 361 sk_setup_caps(sk, &rt->dst); 362 } 363 skb_dst_set_noref(skb, &rt->dst); 364 365packet_routed: 366 if (inet_opt && inet_opt->opt.is_strictroute && rt->rt_uses_gateway) 367 goto no_route; 368 369 /* OK, we know where to send it, allocate and build IP header. */ 370 skb_push(skb, sizeof(struct iphdr) + (inet_opt ? inet_opt->opt.optlen : 0)); 371 skb_reset_network_header(skb); 372 iph = ip_hdr(skb); 373 *((__be16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff)); 374 if (ip_dont_fragment(sk, &rt->dst) && !skb->local_df) 375 iph->frag_off = htons(IP_DF); 376 else 377 iph->frag_off = 0; 378 iph->ttl = ip_select_ttl(inet, &rt->dst); 379 iph->protocol = sk->sk_protocol; 380 ip_copy_addrs(iph, fl4); 381 382 /* Transport layer set skb->h.foo itself. */ 383 384 if (inet_opt && inet_opt->opt.optlen) { 385 iph->ihl += inet_opt->opt.optlen >> 2; 386 ip_options_build(skb, &inet_opt->opt, inet->inet_daddr, rt, 0); 387 } 388 389 ip_select_ident_more(skb, &rt->dst, sk, 390 (skb_shinfo(skb)->gso_segs ?: 1) - 1); 391 392 skb->priority = sk->sk_priority; 393 skb->mark = sk->sk_mark; 394 395 res = ip_local_out(skb); 396 rcu_read_unlock(); 397 return res; 398 399no_route: 400 rcu_read_unlock(); 401 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES); 402 kfree_skb(skb); 403 return -EHOSTUNREACH; 404} 405EXPORT_SYMBOL(ip_queue_xmit); 406 407 408static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from) 409{ 410 to->pkt_type = from->pkt_type; 411 to->priority = from->priority; 412 to->protocol = from->protocol; 413 skb_dst_drop(to); 414 skb_dst_copy(to, from); 415 to->dev = from->dev; 416 to->mark = from->mark; 417 418 /* Copy the flags to each fragment. */ 419 IPCB(to)->flags = IPCB(from)->flags; 420 421#ifdef CONFIG_NET_SCHED 422 to->tc_index = from->tc_index; 423#endif 424 nf_copy(to, from); 425#if IS_ENABLED(CONFIG_NETFILTER_XT_TARGET_TRACE) 426 to->nf_trace = from->nf_trace; 427#endif 428#if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE) 429 to->ipvs_property = from->ipvs_property; 430#endif 431 skb_copy_secmark(to, from); 432} 433 434/* 435 * This IP datagram is too large to be sent in one piece. Break it up into 436 * smaller pieces (each of size equal to IP header plus 437 * a block of the data of the original IP data part) that will yet fit in a 438 * single device frame, and queue such a frame for sending. 439 */ 440 441int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff *)) 442{ 443 struct iphdr *iph; 444 int ptr; 445 struct net_device *dev; 446 struct sk_buff *skb2; 447 unsigned int mtu, hlen, left, len, ll_rs; 448 int offset; 449 __be16 not_last_frag; 450 struct rtable *rt = skb_rtable(skb); 451 int err = 0; 452 453 dev = rt->dst.dev; 454 455 /* 456 * Point into the IP datagram header. 457 */ 458 459 iph = ip_hdr(skb); 460 461 if (unlikely(((iph->frag_off & htons(IP_DF)) && !skb->local_df) || 462 (IPCB(skb)->frag_max_size && 463 IPCB(skb)->frag_max_size > dst_mtu(&rt->dst)))) { 464 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS); 465 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED, 466 htonl(ip_skb_dst_mtu(skb))); 467 kfree_skb(skb); 468 return -EMSGSIZE; 469 } 470 471 /* 472 * Setup starting values. 473 */ 474 475 hlen = iph->ihl * 4; 476 mtu = dst_mtu(&rt->dst) - hlen; /* Size of data space */ 477#ifdef CONFIG_BRIDGE_NETFILTER 478 if (skb->nf_bridge) 479 mtu -= nf_bridge_mtu_reduction(skb); 480#endif 481 IPCB(skb)->flags |= IPSKB_FRAG_COMPLETE; 482 483 /* When frag_list is given, use it. First, check its validity: 484 * some transformers could create wrong frag_list or break existing 485 * one, it is not prohibited. In this case fall back to copying. 486 * 487 * LATER: this step can be merged to real generation of fragments, 488 * we can switch to copy when see the first bad fragment. 489 */ 490 if (skb_has_frag_list(skb)) { 491 struct sk_buff *frag, *frag2; 492 int first_len = skb_pagelen(skb); 493 494 if (first_len - hlen > mtu || 495 ((first_len - hlen) & 7) || 496 ip_is_fragment(iph) || 497 skb_cloned(skb)) 498 goto slow_path; 499 500 skb_walk_frags(skb, frag) { 501 /* Correct geometry. */ 502 if (frag->len > mtu || 503 ((frag->len & 7) && frag->next) || 504 skb_headroom(frag) < hlen) 505 goto slow_path_clean; 506 507 /* Partially cloned skb? */ 508 if (skb_shared(frag)) 509 goto slow_path_clean; 510 511 BUG_ON(frag->sk); 512 if (skb->sk) { 513 frag->sk = skb->sk; 514 frag->destructor = sock_wfree; 515 } 516 skb->truesize -= frag->truesize; 517 } 518 519 /* Everything is OK. Generate! */ 520 521 err = 0; 522 offset = 0; 523 frag = skb_shinfo(skb)->frag_list; 524 skb_frag_list_init(skb); 525 skb->data_len = first_len - skb_headlen(skb); 526 skb->len = first_len; 527 iph->tot_len = htons(first_len); 528 iph->frag_off = htons(IP_MF); 529 ip_send_check(iph); 530 531 for (;;) { 532 /* Prepare header of the next frame, 533 * before previous one went down. */ 534 if (frag) { 535 frag->ip_summed = CHECKSUM_NONE; 536 skb_reset_transport_header(frag); 537 __skb_push(frag, hlen); 538 skb_reset_network_header(frag); 539 memcpy(skb_network_header(frag), iph, hlen); 540 iph = ip_hdr(frag); 541 iph->tot_len = htons(frag->len); 542 ip_copy_metadata(frag, skb); 543 if (offset == 0) 544 ip_options_fragment(frag); 545 offset += skb->len - hlen; 546 iph->frag_off = htons(offset>>3); 547 if (frag->next != NULL) 548 iph->frag_off |= htons(IP_MF); 549 /* Ready, complete checksum */ 550 ip_send_check(iph); 551 } 552 553 err = output(skb); 554 555 if (!err) 556 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES); 557 if (err || !frag) 558 break; 559 560 skb = frag; 561 frag = skb->next; 562 skb->next = NULL; 563 } 564 565 if (err == 0) { 566 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS); 567 return 0; 568 } 569 570 while (frag) { 571 skb = frag->next; 572 kfree_skb(frag); 573 frag = skb; 574 } 575 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS); 576 return err; 577 578slow_path_clean: 579 skb_walk_frags(skb, frag2) { 580 if (frag2 == frag) 581 break; 582 frag2->sk = NULL; 583 frag2->destructor = NULL; 584 skb->truesize += frag2->truesize; 585 } 586 } 587 588slow_path: 589 /* for offloaded checksums cleanup checksum before fragmentation */ 590 if ((skb->ip_summed == CHECKSUM_PARTIAL) && skb_checksum_help(skb)) 591 goto fail; 592 iph = ip_hdr(skb); 593 594 left = skb->len - hlen; /* Space per frame */ 595 ptr = hlen; /* Where to start from */ 596 597 /* for bridged IP traffic encapsulated inside f.e. a vlan header, 598 * we need to make room for the encapsulating header 599 */ 600 ll_rs = LL_RESERVED_SPACE_EXTRA(rt->dst.dev, nf_bridge_pad(skb)); 601 602 /* 603 * Fragment the datagram. 604 */ 605 606 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3; 607 not_last_frag = iph->frag_off & htons(IP_MF); 608 609 /* 610 * Keep copying data until we run out. 611 */ 612 613 while (left > 0) { 614 len = left; 615 /* IF: it doesn't fit, use 'mtu' - the data space left */ 616 if (len > mtu) 617 len = mtu; 618 /* IF: we are not sending up to and including the packet end 619 then align the next start on an eight byte boundary */ 620 if (len < left) { 621 len &= ~7; 622 } 623 /* 624 * Allocate buffer. 625 */ 626 627 if ((skb2 = alloc_skb(len+hlen+ll_rs, GFP_ATOMIC)) == NULL) { 628 NETDEBUG(KERN_INFO "IP: frag: no memory for new fragment!\n"); 629 err = -ENOMEM; 630 goto fail; 631 } 632 633 /* 634 * Set up data on packet 635 */ 636 637 ip_copy_metadata(skb2, skb); 638 skb_reserve(skb2, ll_rs); 639 skb_put(skb2, len + hlen); 640 skb_reset_network_header(skb2); 641 skb2->transport_header = skb2->network_header + hlen; 642 643 /* 644 * Charge the memory for the fragment to any owner 645 * it might possess 646 */ 647 648 if (skb->sk) 649 skb_set_owner_w(skb2, skb->sk); 650 651 /* 652 * Copy the packet header into the new buffer. 653 */ 654 655 skb_copy_from_linear_data(skb, skb_network_header(skb2), hlen); 656 657 /* 658 * Copy a block of the IP datagram. 659 */ 660 if (skb_copy_bits(skb, ptr, skb_transport_header(skb2), len)) 661 BUG(); 662 left -= len; 663 664 /* 665 * Fill in the new header fields. 666 */ 667 iph = ip_hdr(skb2); 668 iph->frag_off = htons((offset >> 3)); 669 670 /* ANK: dirty, but effective trick. Upgrade options only if 671 * the segment to be fragmented was THE FIRST (otherwise, 672 * options are already fixed) and make it ONCE 673 * on the initial skb, so that all the following fragments 674 * will inherit fixed options. 675 */ 676 if (offset == 0) 677 ip_options_fragment(skb); 678 679 /* 680 * Added AC : If we are fragmenting a fragment that's not the 681 * last fragment then keep MF on each bit 682 */ 683 if (left > 0 || not_last_frag) 684 iph->frag_off |= htons(IP_MF); 685 ptr += len; 686 offset += len; 687 688 /* 689 * Put this fragment into the sending queue. 690 */ 691 iph->tot_len = htons(len + hlen); 692 693 ip_send_check(iph); 694 695 err = output(skb2); 696 if (err) 697 goto fail; 698 699 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGCREATES); 700 } 701 consume_skb(skb); 702 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGOKS); 703 return err; 704 705fail: 706 kfree_skb(skb); 707 IP_INC_STATS(dev_net(dev), IPSTATS_MIB_FRAGFAILS); 708 return err; 709} 710EXPORT_SYMBOL(ip_fragment); 711 712int 713ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb) 714{ 715 struct iovec *iov = from; 716 717 if (skb->ip_summed == CHECKSUM_PARTIAL) { 718 if (memcpy_fromiovecend(to, iov, offset, len) < 0) 719 return -EFAULT; 720 } else { 721 __wsum csum = 0; 722 if (csum_partial_copy_fromiovecend(to, iov, offset, len, &csum) < 0) 723 return -EFAULT; 724 skb->csum = csum_block_add(skb->csum, csum, odd); 725 } 726 return 0; 727} 728EXPORT_SYMBOL(ip_generic_getfrag); 729 730static inline __wsum 731csum_page(struct page *page, int offset, int copy) 732{ 733 char *kaddr; 734 __wsum csum; 735 kaddr = kmap(page); 736 csum = csum_partial(kaddr + offset, copy, 0); 737 kunmap(page); 738 return csum; 739} 740 741static inline int ip_ufo_append_data(struct sock *sk, 742 struct sk_buff_head *queue, 743 int getfrag(void *from, char *to, int offset, int len, 744 int odd, struct sk_buff *skb), 745 void *from, int length, int hh_len, int fragheaderlen, 746 int transhdrlen, int maxfraglen, unsigned int flags) 747{ 748 struct sk_buff *skb; 749 int err; 750 751 /* There is support for UDP fragmentation offload by network 752 * device, so create one single skb packet containing complete 753 * udp datagram 754 */ 755 if ((skb = skb_peek_tail(queue)) == NULL) { 756 skb = sock_alloc_send_skb(sk, 757 hh_len + fragheaderlen + transhdrlen + 20, 758 (flags & MSG_DONTWAIT), &err); 759 760 if (skb == NULL) 761 return err; 762 763 /* reserve space for Hardware header */ 764 skb_reserve(skb, hh_len); 765 766 /* create space for UDP/IP header */ 767 skb_put(skb, fragheaderlen + transhdrlen); 768 769 /* initialize network header pointer */ 770 skb_reset_network_header(skb); 771 772 /* initialize protocol header pointer */ 773 skb->transport_header = skb->network_header + fragheaderlen; 774 775 skb->csum = 0; 776 777 778 __skb_queue_tail(queue, skb); 779 } else if (skb_is_gso(skb)) { 780 goto append; 781 } 782 783 skb->ip_summed = CHECKSUM_PARTIAL; 784 /* specify the length of each IP datagram fragment */ 785 skb_shinfo(skb)->gso_size = maxfraglen - fragheaderlen; 786 skb_shinfo(skb)->gso_type = SKB_GSO_UDP; 787 788append: 789 return skb_append_datato_frags(sk, skb, getfrag, from, 790 (length - transhdrlen)); 791} 792 793static int __ip_append_data(struct sock *sk, 794 struct flowi4 *fl4, 795 struct sk_buff_head *queue, 796 struct inet_cork *cork, 797 struct page_frag *pfrag, 798 int getfrag(void *from, char *to, int offset, 799 int len, int odd, struct sk_buff *skb), 800 void *from, int length, int transhdrlen, 801 unsigned int flags) 802{ 803 struct inet_sock *inet = inet_sk(sk); 804 struct sk_buff *skb; 805 806 struct ip_options *opt = cork->opt; 807 int hh_len; 808 int exthdrlen; 809 int mtu; 810 int copy; 811 int err; 812 int offset = 0; 813 unsigned int maxfraglen, fragheaderlen, maxnonfragsize; 814 int csummode = CHECKSUM_NONE; 815 struct rtable *rt = (struct rtable *)cork->dst; 816 817 skb = skb_peek_tail(queue); 818 819 exthdrlen = !skb ? rt->dst.header_len : 0; 820 mtu = cork->fragsize; 821 822 hh_len = LL_RESERVED_SPACE(rt->dst.dev); 823 824 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0); 825 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen; 826 maxnonfragsize = (inet->pmtudisc >= IP_PMTUDISC_DO) ? 827 mtu : 0xFFFF; 828 829 if (cork->length + length > maxnonfragsize - fragheaderlen) { 830 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport, 831 mtu-exthdrlen); 832 return -EMSGSIZE; 833 } 834 835 /* 836 * transhdrlen > 0 means that this is the first fragment and we wish 837 * it won't be fragmented in the future. 838 */ 839 if (transhdrlen && 840 length + fragheaderlen <= mtu && 841 rt->dst.dev->features & NETIF_F_V4_CSUM && 842 !exthdrlen) 843 csummode = CHECKSUM_PARTIAL; 844 845 cork->length += length; 846 if (((length > mtu) || (skb && skb_is_gso(skb))) && 847 (sk->sk_protocol == IPPROTO_UDP) && 848 (rt->dst.dev->features & NETIF_F_UFO) && !rt->dst.header_len) { 849 err = ip_ufo_append_data(sk, queue, getfrag, from, length, 850 hh_len, fragheaderlen, transhdrlen, 851 maxfraglen, flags); 852 if (err) 853 goto error; 854 return 0; 855 } 856 857 /* So, what's going on in the loop below? 858 * 859 * We use calculated fragment length to generate chained skb, 860 * each of segments is IP fragment ready for sending to network after 861 * adding appropriate IP header. 862 */ 863 864 if (!skb) 865 goto alloc_new_skb; 866 867 while (length > 0) { 868 /* Check if the remaining data fits into current packet. */ 869 copy = mtu - skb->len; 870 if (copy < length) 871 copy = maxfraglen - skb->len; 872 if (copy <= 0) { 873 char *data; 874 unsigned int datalen; 875 unsigned int fraglen; 876 unsigned int fraggap; 877 unsigned int alloclen; 878 struct sk_buff *skb_prev; 879alloc_new_skb: 880 skb_prev = skb; 881 if (skb_prev) 882 fraggap = skb_prev->len - maxfraglen; 883 else 884 fraggap = 0; 885 886 /* 887 * If remaining data exceeds the mtu, 888 * we know we need more fragment(s). 889 */ 890 datalen = length + fraggap; 891 if (datalen > mtu - fragheaderlen) 892 datalen = maxfraglen - fragheaderlen; 893 fraglen = datalen + fragheaderlen; 894 895 if ((flags & MSG_MORE) && 896 !(rt->dst.dev->features&NETIF_F_SG)) 897 alloclen = mtu; 898 else 899 alloclen = fraglen; 900 901 alloclen += exthdrlen; 902 903 /* The last fragment gets additional space at tail. 904 * Note, with MSG_MORE we overallocate on fragments, 905 * because we have no idea what fragment will be 906 * the last. 907 */ 908 if (datalen == length + fraggap) 909 alloclen += rt->dst.trailer_len; 910 911 if (transhdrlen) { 912 skb = sock_alloc_send_skb(sk, 913 alloclen + hh_len + 15, 914 (flags & MSG_DONTWAIT), &err); 915 } else { 916 skb = NULL; 917 if (atomic_read(&sk->sk_wmem_alloc) <= 918 2 * sk->sk_sndbuf) 919 skb = sock_wmalloc(sk, 920 alloclen + hh_len + 15, 1, 921 sk->sk_allocation); 922 if (unlikely(skb == NULL)) 923 err = -ENOBUFS; 924 else 925 /* only the initial fragment is 926 time stamped */ 927 cork->tx_flags = 0; 928 } 929 if (skb == NULL) 930 goto error; 931 932 /* 933 * Fill in the control structures 934 */ 935 skb->ip_summed = csummode; 936 skb->csum = 0; 937 skb_reserve(skb, hh_len); 938 skb_shinfo(skb)->tx_flags = cork->tx_flags; 939 940 /* 941 * Find where to start putting bytes. 942 */ 943 data = skb_put(skb, fraglen + exthdrlen); 944 skb_set_network_header(skb, exthdrlen); 945 skb->transport_header = (skb->network_header + 946 fragheaderlen); 947 data += fragheaderlen + exthdrlen; 948 949 if (fraggap) { 950 skb->csum = skb_copy_and_csum_bits( 951 skb_prev, maxfraglen, 952 data + transhdrlen, fraggap, 0); 953 skb_prev->csum = csum_sub(skb_prev->csum, 954 skb->csum); 955 data += fraggap; 956 pskb_trim_unique(skb_prev, maxfraglen); 957 } 958 959 copy = datalen - transhdrlen - fraggap; 960 if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, fraggap, skb) < 0) { 961 err = -EFAULT; 962 kfree_skb(skb); 963 goto error; 964 } 965 966 offset += copy; 967 length -= datalen - fraggap; 968 transhdrlen = 0; 969 exthdrlen = 0; 970 csummode = CHECKSUM_NONE; 971 972 /* 973 * Put the packet on the pending queue. 974 */ 975 __skb_queue_tail(queue, skb); 976 continue; 977 } 978 979 if (copy > length) 980 copy = length; 981 982 if (!(rt->dst.dev->features&NETIF_F_SG)) { 983 unsigned int off; 984 985 off = skb->len; 986 if (getfrag(from, skb_put(skb, copy), 987 offset, copy, off, skb) < 0) { 988 __skb_trim(skb, off); 989 err = -EFAULT; 990 goto error; 991 } 992 } else { 993 int i = skb_shinfo(skb)->nr_frags; 994 995 err = -ENOMEM; 996 if (!sk_page_frag_refill(sk, pfrag)) 997 goto error; 998 999 if (!skb_can_coalesce(skb, i, pfrag->page, 1000 pfrag->offset)) { 1001 err = -EMSGSIZE; 1002 if (i == MAX_SKB_FRAGS) 1003 goto error; 1004 1005 __skb_fill_page_desc(skb, i, pfrag->page, 1006 pfrag->offset, 0); 1007 skb_shinfo(skb)->nr_frags = ++i; 1008 get_page(pfrag->page); 1009 } 1010 copy = min_t(int, copy, pfrag->size - pfrag->offset); 1011 if (getfrag(from, 1012 page_address(pfrag->page) + pfrag->offset, 1013 offset, copy, skb->len, skb) < 0) 1014 goto error_efault; 1015 1016 pfrag->offset += copy; 1017 skb_frag_size_add(&skb_shinfo(skb)->frags[i - 1], copy); 1018 skb->len += copy; 1019 skb->data_len += copy; 1020 skb->truesize += copy; 1021 atomic_add(copy, &sk->sk_wmem_alloc); 1022 } 1023 offset += copy; 1024 length -= copy; 1025 } 1026 1027 return 0; 1028 1029error_efault: 1030 err = -EFAULT; 1031error: 1032 cork->length -= length; 1033 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS); 1034 return err; 1035} 1036 1037static int ip_setup_cork(struct sock *sk, struct inet_cork *cork, 1038 struct ipcm_cookie *ipc, struct rtable **rtp) 1039{ 1040 struct inet_sock *inet = inet_sk(sk); 1041 struct ip_options_rcu *opt; 1042 struct rtable *rt; 1043 1044 /* 1045 * setup for corking. 1046 */ 1047 opt = ipc->opt; 1048 if (opt) { 1049 if (cork->opt == NULL) { 1050 cork->opt = kmalloc(sizeof(struct ip_options) + 40, 1051 sk->sk_allocation); 1052 if (unlikely(cork->opt == NULL)) 1053 return -ENOBUFS; 1054 } 1055 memcpy(cork->opt, &opt->opt, sizeof(struct ip_options) + opt->opt.optlen); 1056 cork->flags |= IPCORK_OPT; 1057 cork->addr = ipc->addr; 1058 } 1059 rt = *rtp; 1060 if (unlikely(!rt)) 1061 return -EFAULT; 1062 /* 1063 * We steal reference to this route, caller should not release it 1064 */ 1065 *rtp = NULL; 1066 cork->fragsize = inet->pmtudisc == IP_PMTUDISC_PROBE ? 1067 rt->dst.dev->mtu : dst_mtu(&rt->dst); 1068 cork->dst = &rt->dst; 1069 cork->length = 0; 1070 cork->ttl = ipc->ttl; 1071 cork->tos = ipc->tos; 1072 cork->priority = ipc->priority; 1073 cork->tx_flags = ipc->tx_flags; 1074 1075 return 0; 1076} 1077 1078/* 1079 * ip_append_data() and ip_append_page() can make one large IP datagram 1080 * from many pieces of data. Each pieces will be holded on the socket 1081 * until ip_push_pending_frames() is called. Each piece can be a page 1082 * or non-page data. 1083 * 1084 * Not only UDP, other transport protocols - e.g. raw sockets - can use 1085 * this interface potentially. 1086 * 1087 * LATER: length must be adjusted by pad at tail, when it is required. 1088 */ 1089int ip_append_data(struct sock *sk, struct flowi4 *fl4, 1090 int getfrag(void *from, char *to, int offset, int len, 1091 int odd, struct sk_buff *skb), 1092 void *from, int length, int transhdrlen, 1093 struct ipcm_cookie *ipc, struct rtable **rtp, 1094 unsigned int flags) 1095{ 1096 struct inet_sock *inet = inet_sk(sk); 1097 int err; 1098 1099 if (flags&MSG_PROBE) 1100 return 0; 1101 1102 if (skb_queue_empty(&sk->sk_write_queue)) { 1103 err = ip_setup_cork(sk, &inet->cork.base, ipc, rtp); 1104 if (err) 1105 return err; 1106 } else { 1107 transhdrlen = 0; 1108 } 1109 1110 return __ip_append_data(sk, fl4, &sk->sk_write_queue, &inet->cork.base, 1111 sk_page_frag(sk), getfrag, 1112 from, length, transhdrlen, flags); 1113} 1114 1115ssize_t ip_append_page(struct sock *sk, struct flowi4 *fl4, struct page *page, 1116 int offset, size_t size, int flags) 1117{ 1118 struct inet_sock *inet = inet_sk(sk); 1119 struct sk_buff *skb; 1120 struct rtable *rt; 1121 struct ip_options *opt = NULL; 1122 struct inet_cork *cork; 1123 int hh_len; 1124 int mtu; 1125 int len; 1126 int err; 1127 unsigned int maxfraglen, fragheaderlen, fraggap, maxnonfragsize; 1128 1129 if (inet->hdrincl) 1130 return -EPERM; 1131 1132 if (flags&MSG_PROBE) 1133 return 0; 1134 1135 if (skb_queue_empty(&sk->sk_write_queue)) 1136 return -EINVAL; 1137 1138 cork = &inet->cork.base; 1139 rt = (struct rtable *)cork->dst; 1140 if (cork->flags & IPCORK_OPT) 1141 opt = cork->opt; 1142 1143 if (!(rt->dst.dev->features&NETIF_F_SG)) 1144 return -EOPNOTSUPP; 1145 1146 hh_len = LL_RESERVED_SPACE(rt->dst.dev); 1147 mtu = cork->fragsize; 1148 1149 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0); 1150 maxfraglen = ((mtu - fragheaderlen) & ~7) + fragheaderlen; 1151 maxnonfragsize = (inet->pmtudisc >= IP_PMTUDISC_DO) ? 1152 mtu : 0xFFFF; 1153 1154 if (cork->length + size > maxnonfragsize - fragheaderlen) { 1155 ip_local_error(sk, EMSGSIZE, fl4->daddr, inet->inet_dport, mtu); 1156 return -EMSGSIZE; 1157 } 1158 1159 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL) 1160 return -EINVAL; 1161 1162 cork->length += size; 1163 if ((size + skb->len > mtu) && 1164 (sk->sk_protocol == IPPROTO_UDP) && 1165 (rt->dst.dev->features & NETIF_F_UFO)) { 1166 skb_shinfo(skb)->gso_size = mtu - fragheaderlen; 1167 skb_shinfo(skb)->gso_type = SKB_GSO_UDP; 1168 } 1169 1170 1171 while (size > 0) { 1172 int i; 1173 1174 if (skb_is_gso(skb)) 1175 len = size; 1176 else { 1177 1178 /* Check if the remaining data fits into current packet. */ 1179 len = mtu - skb->len; 1180 if (len < size) 1181 len = maxfraglen - skb->len; 1182 } 1183 if (len <= 0) { 1184 struct sk_buff *skb_prev; 1185 int alloclen; 1186 1187 skb_prev = skb; 1188 fraggap = skb_prev->len - maxfraglen; 1189 1190 alloclen = fragheaderlen + hh_len + fraggap + 15; 1191 skb = sock_wmalloc(sk, alloclen, 1, sk->sk_allocation); 1192 if (unlikely(!skb)) { 1193 err = -ENOBUFS; 1194 goto error; 1195 } 1196 1197 /* 1198 * Fill in the control structures 1199 */ 1200 skb->ip_summed = CHECKSUM_NONE; 1201 skb->csum = 0; 1202 skb_reserve(skb, hh_len); 1203 1204 /* 1205 * Find where to start putting bytes. 1206 */ 1207 skb_put(skb, fragheaderlen + fraggap); 1208 skb_reset_network_header(skb); 1209 skb->transport_header = (skb->network_header + 1210 fragheaderlen); 1211 if (fraggap) { 1212 skb->csum = skb_copy_and_csum_bits(skb_prev, 1213 maxfraglen, 1214 skb_transport_header(skb), 1215 fraggap, 0); 1216 skb_prev->csum = csum_sub(skb_prev->csum, 1217 skb->csum); 1218 pskb_trim_unique(skb_prev, maxfraglen); 1219 } 1220 1221 /* 1222 * Put the packet on the pending queue. 1223 */ 1224 __skb_queue_tail(&sk->sk_write_queue, skb); 1225 continue; 1226 } 1227 1228 i = skb_shinfo(skb)->nr_frags; 1229 if (len > size) 1230 len = size; 1231 if (skb_can_coalesce(skb, i, page, offset)) { 1232 skb_frag_size_add(&skb_shinfo(skb)->frags[i-1], len); 1233 } else if (i < MAX_SKB_FRAGS) { 1234 get_page(page); 1235 skb_fill_page_desc(skb, i, page, offset, len); 1236 } else { 1237 err = -EMSGSIZE; 1238 goto error; 1239 } 1240 1241 if (skb->ip_summed == CHECKSUM_NONE) { 1242 __wsum csum; 1243 csum = csum_page(page, offset, len); 1244 skb->csum = csum_block_add(skb->csum, csum, skb->len); 1245 } 1246 1247 skb->len += len; 1248 skb->data_len += len; 1249 skb->truesize += len; 1250 atomic_add(len, &sk->sk_wmem_alloc); 1251 offset += len; 1252 size -= len; 1253 } 1254 return 0; 1255 1256error: 1257 cork->length -= size; 1258 IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTDISCARDS); 1259 return err; 1260} 1261 1262static void ip_cork_release(struct inet_cork *cork) 1263{ 1264 cork->flags &= ~IPCORK_OPT; 1265 kfree(cork->opt); 1266 cork->opt = NULL; 1267 dst_release(cork->dst); 1268 cork->dst = NULL; 1269} 1270 1271/* 1272 * Combined all pending IP fragments on the socket as one IP datagram 1273 * and push them out. 1274 */ 1275struct sk_buff *__ip_make_skb(struct sock *sk, 1276 struct flowi4 *fl4, 1277 struct sk_buff_head *queue, 1278 struct inet_cork *cork) 1279{ 1280 struct sk_buff *skb, *tmp_skb; 1281 struct sk_buff **tail_skb; 1282 struct inet_sock *inet = inet_sk(sk); 1283 struct net *net = sock_net(sk); 1284 struct ip_options *opt = NULL; 1285 struct rtable *rt = (struct rtable *)cork->dst; 1286 struct iphdr *iph; 1287 __be16 df = 0; 1288 __u8 ttl; 1289 1290 if ((skb = __skb_dequeue(queue)) == NULL) 1291 goto out; 1292 tail_skb = &(skb_shinfo(skb)->frag_list); 1293 1294 /* move skb->data to ip header from ext header */ 1295 if (skb->data < skb_network_header(skb)) 1296 __skb_pull(skb, skb_network_offset(skb)); 1297 while ((tmp_skb = __skb_dequeue(queue)) != NULL) { 1298 __skb_pull(tmp_skb, skb_network_header_len(skb)); 1299 *tail_skb = tmp_skb; 1300 tail_skb = &(tmp_skb->next); 1301 skb->len += tmp_skb->len; 1302 skb->data_len += tmp_skb->len; 1303 skb->truesize += tmp_skb->truesize; 1304 tmp_skb->destructor = NULL; 1305 tmp_skb->sk = NULL; 1306 } 1307 1308 /* Unless user demanded real pmtu discovery (IP_PMTUDISC_DO), we allow 1309 * to fragment the frame generated here. No matter, what transforms 1310 * how transforms change size of the packet, it will come out. 1311 */ 1312 if (inet->pmtudisc < IP_PMTUDISC_DO) 1313 skb->local_df = 1; 1314 1315 /* DF bit is set when we want to see DF on outgoing frames. 1316 * If local_df is set too, we still allow to fragment this frame 1317 * locally. */ 1318 if (inet->pmtudisc >= IP_PMTUDISC_DO || 1319 (skb->len <= dst_mtu(&rt->dst) && 1320 ip_dont_fragment(sk, &rt->dst))) 1321 df = htons(IP_DF); 1322 1323 if (cork->flags & IPCORK_OPT) 1324 opt = cork->opt; 1325 1326 if (cork->ttl != 0) 1327 ttl = cork->ttl; 1328 else if (rt->rt_type == RTN_MULTICAST) 1329 ttl = inet->mc_ttl; 1330 else 1331 ttl = ip_select_ttl(inet, &rt->dst); 1332 1333 iph = ip_hdr(skb); 1334 iph->version = 4; 1335 iph->ihl = 5; 1336 iph->tos = (cork->tos != -1) ? cork->tos : inet->tos; 1337 iph->frag_off = df; 1338 iph->ttl = ttl; 1339 iph->protocol = sk->sk_protocol; 1340 ip_copy_addrs(iph, fl4); 1341 ip_select_ident(skb, &rt->dst, sk); 1342 1343 if (opt) { 1344 iph->ihl += opt->optlen>>2; 1345 ip_options_build(skb, opt, cork->addr, rt, 0); 1346 } 1347 1348 skb->priority = (cork->tos != -1) ? cork->priority: sk->sk_priority; 1349 skb->mark = sk->sk_mark; 1350 /* 1351 * Steal rt from cork.dst to avoid a pair of atomic_inc/atomic_dec 1352 * on dst refcount 1353 */ 1354 cork->dst = NULL; 1355 skb_dst_set(skb, &rt->dst); 1356 1357 if (iph->protocol == IPPROTO_ICMP) 1358 icmp_out_count(net, ((struct icmphdr *) 1359 skb_transport_header(skb))->type); 1360 1361 ip_cork_release(cork); 1362out: 1363 return skb; 1364} 1365 1366int ip_send_skb(struct net *net, struct sk_buff *skb) 1367{ 1368 int err; 1369 1370 err = ip_local_out(skb); 1371 if (err) { 1372 if (err > 0) 1373 err = net_xmit_errno(err); 1374 if (err) 1375 IP_INC_STATS(net, IPSTATS_MIB_OUTDISCARDS); 1376 } 1377 1378 return err; 1379} 1380 1381int ip_push_pending_frames(struct sock *sk, struct flowi4 *fl4) 1382{ 1383 struct sk_buff *skb; 1384 1385 skb = ip_finish_skb(sk, fl4); 1386 if (!skb) 1387 return 0; 1388 1389 /* Netfilter gets whole the not fragmented skb. */ 1390 return ip_send_skb(sock_net(sk), skb); 1391} 1392 1393/* 1394 * Throw away all pending data on the socket. 1395 */ 1396static void __ip_flush_pending_frames(struct sock *sk, 1397 struct sk_buff_head *queue, 1398 struct inet_cork *cork) 1399{ 1400 struct sk_buff *skb; 1401 1402 while ((skb = __skb_dequeue_tail(queue)) != NULL) 1403 kfree_skb(skb); 1404 1405 ip_cork_release(cork); 1406} 1407 1408void ip_flush_pending_frames(struct sock *sk) 1409{ 1410 __ip_flush_pending_frames(sk, &sk->sk_write_queue, &inet_sk(sk)->cork.base); 1411} 1412 1413struct sk_buff *ip_make_skb(struct sock *sk, 1414 struct flowi4 *fl4, 1415 int getfrag(void *from, char *to, int offset, 1416 int len, int odd, struct sk_buff *skb), 1417 void *from, int length, int transhdrlen, 1418 struct ipcm_cookie *ipc, struct rtable **rtp, 1419 unsigned int flags) 1420{ 1421 struct inet_cork cork; 1422 struct sk_buff_head queue; 1423 int err; 1424 1425 if (flags & MSG_PROBE) 1426 return NULL; 1427 1428 __skb_queue_head_init(&queue); 1429 1430 cork.flags = 0; 1431 cork.addr = 0; 1432 cork.opt = NULL; 1433 err = ip_setup_cork(sk, &cork, ipc, rtp); 1434 if (err) 1435 return ERR_PTR(err); 1436 1437 err = __ip_append_data(sk, fl4, &queue, &cork, 1438 ¤t->task_frag, getfrag, 1439 from, length, transhdrlen, flags); 1440 if (err) { 1441 __ip_flush_pending_frames(sk, &queue, &cork); 1442 return ERR_PTR(err); 1443 } 1444 1445 return __ip_make_skb(sk, fl4, &queue, &cork); 1446} 1447 1448/* 1449 * Fetch data from kernel space and fill in checksum if needed. 1450 */ 1451static int ip_reply_glue_bits(void *dptr, char *to, int offset, 1452 int len, int odd, struct sk_buff *skb) 1453{ 1454 __wsum csum; 1455 1456 csum = csum_partial_copy_nocheck(dptr+offset, to, len, 0); 1457 skb->csum = csum_block_add(skb->csum, csum, odd); 1458 return 0; 1459} 1460 1461/* 1462 * Generic function to send a packet as reply to another packet. 1463 * Used to send some TCP resets/acks so far. 1464 * 1465 * Use a fake percpu inet socket to avoid false sharing and contention. 1466 */ 1467static DEFINE_PER_CPU(struct inet_sock, unicast_sock) = { 1468 .sk = { 1469 .__sk_common = { 1470 .skc_refcnt = ATOMIC_INIT(1), 1471 }, 1472 .sk_wmem_alloc = ATOMIC_INIT(1), 1473 .sk_allocation = GFP_ATOMIC, 1474 .sk_flags = (1UL << SOCK_USE_WRITE_QUEUE), 1475 }, 1476 .pmtudisc = IP_PMTUDISC_WANT, 1477 .uc_ttl = -1, 1478}; 1479 1480void ip_send_unicast_reply(struct net *net, struct sk_buff *skb, __be32 daddr, 1481 __be32 saddr, const struct ip_reply_arg *arg, 1482 unsigned int len) 1483{ 1484 struct ip_options_data replyopts; 1485 struct ipcm_cookie ipc; 1486 struct flowi4 fl4; 1487 struct rtable *rt = skb_rtable(skb); 1488 struct sk_buff *nskb; 1489 struct sock *sk; 1490 struct inet_sock *inet; 1491 1492 if (ip_options_echo(&replyopts.opt.opt, skb)) 1493 return; 1494 1495 ipc.addr = daddr; 1496 ipc.opt = NULL; 1497 ipc.tx_flags = 0; 1498 ipc.ttl = 0; 1499 ipc.tos = -1; 1500 1501 if (replyopts.opt.opt.optlen) { 1502 ipc.opt = &replyopts.opt; 1503 1504 if (replyopts.opt.opt.srr) 1505 daddr = replyopts.opt.opt.faddr; 1506 } 1507 1508 flowi4_init_output(&fl4, arg->bound_dev_if, 0, 1509 RT_TOS(arg->tos), 1510 RT_SCOPE_UNIVERSE, ip_hdr(skb)->protocol, 1511 ip_reply_arg_flowi_flags(arg), 1512 daddr, saddr, 1513 tcp_hdr(skb)->source, tcp_hdr(skb)->dest); 1514 security_skb_classify_flow(skb, flowi4_to_flowi(&fl4)); 1515 rt = ip_route_output_key(net, &fl4); 1516 if (IS_ERR(rt)) 1517 return; 1518 1519 inet = &get_cpu_var(unicast_sock); 1520 1521 inet->tos = arg->tos; 1522 sk = &inet->sk; 1523 sk->sk_priority = skb->priority; 1524 sk->sk_protocol = ip_hdr(skb)->protocol; 1525 sk->sk_bound_dev_if = arg->bound_dev_if; 1526 sock_net_set(sk, net); 1527 __skb_queue_head_init(&sk->sk_write_queue); 1528 sk->sk_sndbuf = sysctl_wmem_default; 1529 ip_append_data(sk, &fl4, ip_reply_glue_bits, arg->iov->iov_base, len, 0, 1530 &ipc, &rt, MSG_DONTWAIT); 1531 nskb = skb_peek(&sk->sk_write_queue); 1532 if (nskb) { 1533 if (arg->csumoffset >= 0) 1534 *((__sum16 *)skb_transport_header(nskb) + 1535 arg->csumoffset) = csum_fold(csum_add(nskb->csum, 1536 arg->csum)); 1537 nskb->ip_summed = CHECKSUM_NONE; 1538 skb_orphan(nskb); 1539 skb_set_queue_mapping(nskb, skb_get_queue_mapping(skb)); 1540 ip_push_pending_frames(sk, &fl4); 1541 } 1542 1543 put_cpu_var(unicast_sock); 1544 1545 ip_rt_put(rt); 1546} 1547 1548void __init ip_init(void) 1549{ 1550 ip_rt_init(); 1551 inet_initpeers(); 1552 1553#if defined(CONFIG_IP_MULTICAST) && defined(CONFIG_PROC_FS) 1554 igmp_mc_proc_init(); 1555#endif 1556} 1557