2012-11-15 08:49:20 +00:00
|
|
|
/*
|
|
|
|
* IPv6 library code, needed by static components when full IPv6 support is
|
|
|
|
* not configured or static. These functions are needed by GSO/GRO implementation.
|
|
|
|
*/
|
|
|
|
#include <linux/export.h>
|
|
|
|
#include <net/ipv6.h>
|
|
|
|
#include <net/ip6_fib.h>
|
2013-08-31 13:44:28 +08:00
|
|
|
#include <net/addrconf.h>
|
2014-03-30 18:28:03 +02:00
|
|
|
#include <net/secure_seq.h>
|
2012-11-15 08:49:20 +00:00
|
|
|
|
|
|
|
void ipv6_select_ident(struct frag_hdr *fhdr, struct rt6_info *rt)
|
|
|
|
{
|
|
|
|
static atomic_t ipv6_fragmentation_id;
|
2014-03-30 18:28:03 +02:00
|
|
|
struct in6_addr addr;
|
net: fix inet_getid() and ipv6_select_ident() bugs
I noticed we were sending wrong IPv4 ID in TCP flows when MTU discovery
is disabled.
Note how GSO/TSO packets do not have monotonically incrementing ID.
06:37:41.575531 IP (id 14227, proto: TCP (6), length: 4396)
06:37:41.575534 IP (id 14272, proto: TCP (6), length: 65212)
06:37:41.575544 IP (id 14312, proto: TCP (6), length: 57972)
06:37:41.575678 IP (id 14317, proto: TCP (6), length: 7292)
06:37:41.575683 IP (id 14361, proto: TCP (6), length: 63764)
It appears I introduced this bug in linux-3.1.
inet_getid() must return the old value of peer->ip_id_count,
not the new one.
Lets revert this part, and remove the prevention of
a null identification field in IPv6 Fragment Extension Header,
which is dubious and not even done properly.
Fixes: 87c48fa3b463 ("ipv6: make fragment identifications less predictable")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-05-29 08:45:14 -07:00
|
|
|
int ident;
|
2012-11-15 08:49:20 +00:00
|
|
|
|
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
2014-03-30 18:28:03 +02:00
|
|
|
struct inet_peer *peer;
|
|
|
|
struct net *net;
|
2012-11-15 08:49:20 +00:00
|
|
|
|
2014-03-30 18:28:03 +02:00
|
|
|
net = dev_net(rt->dst.dev);
|
|
|
|
peer = inet_getpeer_v6(net->ipv6.peers, &rt->rt6i_dst.addr, 1);
|
|
|
|
if (peer) {
|
|
|
|
fhdr->identification = htonl(inet_getid(peer, 0));
|
|
|
|
inet_putpeer(peer);
|
|
|
|
return;
|
2012-11-15 08:49:20 +00:00
|
|
|
}
|
|
|
|
#endif
|
net: fix inet_getid() and ipv6_select_ident() bugs
I noticed we were sending wrong IPv4 ID in TCP flows when MTU discovery
is disabled.
Note how GSO/TSO packets do not have monotonically incrementing ID.
06:37:41.575531 IP (id 14227, proto: TCP (6), length: 4396)
06:37:41.575534 IP (id 14272, proto: TCP (6), length: 65212)
06:37:41.575544 IP (id 14312, proto: TCP (6), length: 57972)
06:37:41.575678 IP (id 14317, proto: TCP (6), length: 7292)
06:37:41.575683 IP (id 14361, proto: TCP (6), length: 63764)
It appears I introduced this bug in linux-3.1.
inet_getid() must return the old value of peer->ip_id_count,
not the new one.
Lets revert this part, and remove the prevention of
a null identification field in IPv6 Fragment Extension Header,
which is dubious and not even done properly.
Fixes: 87c48fa3b463 ("ipv6: make fragment identifications less predictable")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-05-29 08:45:14 -07:00
|
|
|
ident = atomic_inc_return(&ipv6_fragmentation_id);
|
2014-03-30 18:28:03 +02:00
|
|
|
|
|
|
|
addr = rt->rt6i_dst.addr;
|
net: fix inet_getid() and ipv6_select_ident() bugs
I noticed we were sending wrong IPv4 ID in TCP flows when MTU discovery
is disabled.
Note how GSO/TSO packets do not have monotonically incrementing ID.
06:37:41.575531 IP (id 14227, proto: TCP (6), length: 4396)
06:37:41.575534 IP (id 14272, proto: TCP (6), length: 65212)
06:37:41.575544 IP (id 14312, proto: TCP (6), length: 57972)
06:37:41.575678 IP (id 14317, proto: TCP (6), length: 7292)
06:37:41.575683 IP (id 14361, proto: TCP (6), length: 63764)
It appears I introduced this bug in linux-3.1.
inet_getid() must return the old value of peer->ip_id_count,
not the new one.
Lets revert this part, and remove the prevention of
a null identification field in IPv6 Fragment Extension Header,
which is dubious and not even done properly.
Fixes: 87c48fa3b463 ("ipv6: make fragment identifications less predictable")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-05-29 08:45:14 -07:00
|
|
|
addr.s6_addr32[0] ^= (__force __be32)ident;
|
2014-03-30 18:28:03 +02:00
|
|
|
fhdr->identification = htonl(secure_ipv6_id(addr.s6_addr32));
|
2012-11-15 08:49:20 +00:00
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(ipv6_select_ident);
|
|
|
|
|
|
|
|
int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr)
|
|
|
|
{
|
|
|
|
u16 offset = sizeof(struct ipv6hdr);
|
|
|
|
struct ipv6_opt_hdr *exthdr =
|
|
|
|
(struct ipv6_opt_hdr *)(ipv6_hdr(skb) + 1);
|
2013-05-28 20:34:26 +00:00
|
|
|
unsigned int packet_len = skb_tail_pointer(skb) -
|
|
|
|
skb_network_header(skb);
|
2012-11-15 08:49:20 +00:00
|
|
|
int found_rhdr = 0;
|
|
|
|
*nexthdr = &ipv6_hdr(skb)->nexthdr;
|
|
|
|
|
|
|
|
while (offset + 1 <= packet_len) {
|
|
|
|
|
|
|
|
switch (**nexthdr) {
|
|
|
|
|
|
|
|
case NEXTHDR_HOP:
|
|
|
|
break;
|
|
|
|
case NEXTHDR_ROUTING:
|
|
|
|
found_rhdr = 1;
|
|
|
|
break;
|
|
|
|
case NEXTHDR_DEST:
|
|
|
|
#if IS_ENABLED(CONFIG_IPV6_MIP6)
|
|
|
|
if (ipv6_find_tlv(skb, offset, IPV6_TLV_HAO) >= 0)
|
|
|
|
break;
|
|
|
|
#endif
|
|
|
|
if (found_rhdr)
|
|
|
|
return offset;
|
|
|
|
break;
|
|
|
|
default :
|
|
|
|
return offset;
|
|
|
|
}
|
|
|
|
|
|
|
|
offset += ipv6_optlen(exthdr);
|
|
|
|
*nexthdr = &exthdr->nexthdr;
|
|
|
|
exthdr = (struct ipv6_opt_hdr *)(skb_network_header(skb) +
|
|
|
|
offset);
|
|
|
|
}
|
|
|
|
|
|
|
|
return offset;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(ip6_find_1stfragopt);
|
2013-08-31 13:44:28 +08:00
|
|
|
|
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
|
|
|
int ip6_dst_hoplimit(struct dst_entry *dst)
|
|
|
|
{
|
|
|
|
int hoplimit = dst_metric_raw(dst, RTAX_HOPLIMIT);
|
|
|
|
if (hoplimit == 0) {
|
|
|
|
struct net_device *dev = dst->dev;
|
|
|
|
struct inet6_dev *idev;
|
|
|
|
|
|
|
|
rcu_read_lock();
|
|
|
|
idev = __in6_dev_get(dev);
|
|
|
|
if (idev)
|
|
|
|
hoplimit = idev->cnf.hop_limit;
|
|
|
|
else
|
|
|
|
hoplimit = dev_net(dev)->ipv6.devconf_all->hop_limit;
|
|
|
|
rcu_read_unlock();
|
|
|
|
}
|
|
|
|
return hoplimit;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL(ip6_dst_hoplimit);
|
|
|
|
#endif
|
2013-08-31 13:44:29 +08:00
|
|
|
|
|
|
|
int __ip6_local_out(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
int len;
|
|
|
|
|
|
|
|
len = skb->len - sizeof(struct ipv6hdr);
|
|
|
|
if (len > IPV6_MAXPLEN)
|
|
|
|
len = 0;
|
|
|
|
ipv6_hdr(skb)->payload_len = htons(len);
|
|
|
|
|
|
|
|
return nf_hook(NFPROTO_IPV6, NF_INET_LOCAL_OUT, skb, NULL,
|
|
|
|
skb_dst(skb)->dev, dst_output);
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(__ip6_local_out);
|
|
|
|
|
|
|
|
int ip6_local_out(struct sk_buff *skb)
|
|
|
|
{
|
|
|
|
int err;
|
|
|
|
|
|
|
|
err = __ip6_local_out(skb);
|
|
|
|
if (likely(err == 1))
|
|
|
|
err = dst_output(skb);
|
|
|
|
|
|
|
|
return err;
|
|
|
|
}
|
|
|
|
EXPORT_SYMBOL_GPL(ip6_local_out);
|