2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * Implementation of the Transmission Control Protocol(TCP).
8 * Version: $Id: tcp_ipv4.c,v 1.240 2002/02/01 22:01:04 davem Exp $
10 * IPv4 specific functions
15 * linux/ipv4/tcp_input.c
16 * linux/ipv4/tcp_output.c
18 * See tcp.c for author information
20 * This program is free software; you can redistribute it and/or
21 * modify it under the terms of the GNU General Public License
22 * as published by the Free Software Foundation; either version
23 * 2 of the License, or (at your option) any later version.
28 * David S. Miller : New socket lookup architecture.
29 * This code is dedicated to John Dyson.
30 * David S. Miller : Change semantics of established hash,
31 * half is devoted to TIME_WAIT sockets
32 * and the rest go in the other half.
33 * Andi Kleen : Add support for syncookies and fixed
34 * some bugs: ip options weren't passed to
35 * the TCP layer, missed a check for an
37 * Andi Kleen : Implemented fast path mtu discovery.
38 * Fixed many serious bugs in the
39 * request_sock handling and moved
40 * most of it into the af independent code.
41 * Added tail drop and some other bugfixes.
42 * Added new listen semantics.
43 * Mike McLagan : Routing by source
44 * Juan Jose Ciarlante: ip_dynaddr bits
45 * Andi Kleen: various fixes.
46 * Vitaly E. Lavrov : Transparent proxy revived after year
48 * Andi Kleen : Fix new listen.
49 * Andi Kleen : Fix accept error reporting.
50 * YOSHIFUJI Hideaki @USAGI and: Support IPV6_V6ONLY socket option, which
51 * Alexey Kuznetsov allow both IPv4 and IPv6 sockets to bind
52 * a single port at the same time.
56 #include <linux/types.h>
57 #include <linux/fcntl.h>
58 #include <linux/module.h>
59 #include <linux/random.h>
60 #include <linux/cache.h>
61 #include <linux/jhash.h>
62 #include <linux/init.h>
63 #include <linux/times.h>
65 #include <net/net_namespace.h>
67 #include <net/inet_hashtables.h>
69 #include <net/transp_v6.h>
71 #include <net/inet_common.h>
72 #include <net/timewait_sock.h>
74 #include <net/netdma.h>
76 #include <linux/inet.h>
77 #include <linux/ipv6.h>
78 #include <linux/stddef.h>
79 #include <linux/proc_fs.h>
80 #include <linux/seq_file.h>
82 #include <linux/crypto.h>
83 #include <linux/scatterlist.h>
85 int sysctl_tcp_tw_reuse __read_mostly;
86 int sysctl_tcp_low_latency __read_mostly;
88 /* Check TCP sequence numbers in ICMP packets. */
89 #define ICMP_MIN_LENGTH 8
91 /* Socket used for sending RSTs */
92 static struct socket *tcp_socket __read_mostly;
94 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb);
96 #ifdef CONFIG_TCP_MD5SIG
97 static struct tcp_md5sig_key *tcp_v4_md5_do_lookup(struct sock *sk,
99 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
100 __be32 saddr, __be32 daddr,
101 struct tcphdr *th, int protocol,
102 unsigned int tcplen);
105 struct inet_hashinfo __cacheline_aligned tcp_hashinfo = {
106 .lhash_lock = __RW_LOCK_UNLOCKED(tcp_hashinfo.lhash_lock),
107 .lhash_users = ATOMIC_INIT(0),
108 .lhash_wait = __WAIT_QUEUE_HEAD_INITIALIZER(tcp_hashinfo.lhash_wait),
111 static inline __u32 tcp_v4_init_sequence(struct sk_buff *skb)
113 return secure_tcp_sequence_number(ip_hdr(skb)->daddr,
116 tcp_hdr(skb)->source);
119 int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp)
121 const struct tcp_timewait_sock *tcptw = tcp_twsk(sktw);
122 struct tcp_sock *tp = tcp_sk(sk);
124 /* With PAWS, it is safe from the viewpoint
125 of data integrity. Even without PAWS it is safe provided sequence
126 spaces do not overlap i.e. at data rates <= 80Mbit/sec.
128 Actually, the idea is close to VJ's one, only timestamp cache is
129 held not per host, but per port pair and TW bucket is used as state
132 If TW bucket has been already destroyed we fall back to VJ's scheme
133 and use initial timestamp retrieved from peer table.
135 if (tcptw->tw_ts_recent_stamp &&
136 (twp == NULL || (sysctl_tcp_tw_reuse &&
137 get_seconds() - tcptw->tw_ts_recent_stamp > 1))) {
138 tp->write_seq = tcptw->tw_snd_nxt + 65535 + 2;
139 if (tp->write_seq == 0)
141 tp->rx_opt.ts_recent = tcptw->tw_ts_recent;
142 tp->rx_opt.ts_recent_stamp = tcptw->tw_ts_recent_stamp;
150 EXPORT_SYMBOL_GPL(tcp_twsk_unique);
152 /* This will initiate an outgoing connection. */
153 int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len)
155 struct inet_sock *inet = inet_sk(sk);
156 struct tcp_sock *tp = tcp_sk(sk);
157 struct sockaddr_in *usin = (struct sockaddr_in *)uaddr;
159 __be32 daddr, nexthop;
163 if (addr_len < sizeof(struct sockaddr_in))
166 if (usin->sin_family != AF_INET)
167 return -EAFNOSUPPORT;
169 nexthop = daddr = usin->sin_addr.s_addr;
170 if (inet->opt && inet->opt->srr) {
173 nexthop = inet->opt->faddr;
176 tmp = ip_route_connect(&rt, nexthop, inet->saddr,
177 RT_CONN_FLAGS(sk), sk->sk_bound_dev_if,
179 inet->sport, usin->sin_port, sk, 1);
181 if (tmp == -ENETUNREACH)
182 IP_INC_STATS_BH(IPSTATS_MIB_OUTNOROUTES);
186 if (rt->rt_flags & (RTCF_MULTICAST | RTCF_BROADCAST)) {
191 if (!inet->opt || !inet->opt->srr)
195 inet->saddr = rt->rt_src;
196 inet->rcv_saddr = inet->saddr;
198 if (tp->rx_opt.ts_recent_stamp && inet->daddr != daddr) {
199 /* Reset inherited state */
200 tp->rx_opt.ts_recent = 0;
201 tp->rx_opt.ts_recent_stamp = 0;
205 if (tcp_death_row.sysctl_tw_recycle &&
206 !tp->rx_opt.ts_recent_stamp && rt->rt_dst == daddr) {
207 struct inet_peer *peer = rt_get_peer(rt);
209 * VJ's idea. We save last timestamp seen from
210 * the destination in peer table, when entering state
211 * TIME-WAIT * and initialize rx_opt.ts_recent from it,
212 * when trying new connection.
215 peer->tcp_ts_stamp + TCP_PAWS_MSL >= get_seconds()) {
216 tp->rx_opt.ts_recent_stamp = peer->tcp_ts_stamp;
217 tp->rx_opt.ts_recent = peer->tcp_ts;
221 inet->dport = usin->sin_port;
224 inet_csk(sk)->icsk_ext_hdr_len = 0;
226 inet_csk(sk)->icsk_ext_hdr_len = inet->opt->optlen;
228 tp->rx_opt.mss_clamp = 536;
230 /* Socket identity is still unknown (sport may be zero).
231 * However we set state to SYN-SENT and not releasing socket
232 * lock select source port, enter ourselves into the hash tables and
233 * complete initialization after this.
235 tcp_set_state(sk, TCP_SYN_SENT);
236 err = inet_hash_connect(&tcp_death_row, sk);
240 err = ip_route_newports(&rt, IPPROTO_TCP,
241 inet->sport, inet->dport, sk);
245 /* OK, now commit destination to socket. */
246 sk->sk_gso_type = SKB_GSO_TCPV4;
247 sk_setup_caps(sk, &rt->u.dst);
250 tp->write_seq = secure_tcp_sequence_number(inet->saddr,
255 inet->id = tp->write_seq ^ jiffies;
257 err = tcp_connect(sk);
266 * This unhashes the socket and releases the local port,
269 tcp_set_state(sk, TCP_CLOSE);
271 sk->sk_route_caps = 0;
277 * This routine does path mtu discovery as defined in RFC1191.
279 static void do_pmtu_discovery(struct sock *sk, struct iphdr *iph, u32 mtu)
281 struct dst_entry *dst;
282 struct inet_sock *inet = inet_sk(sk);
284 /* We are not interested in TCP_LISTEN and open_requests (SYN-ACKs
285 * send out by Linux are always <576bytes so they should go through
288 if (sk->sk_state == TCP_LISTEN)
291 /* We don't check in the destentry if pmtu discovery is forbidden
292 * on this route. We just assume that no packet_to_big packets
293 * are send back when pmtu discovery is not active.
294 * There is a small race when the user changes this flag in the
295 * route, but I think that's acceptable.
297 if ((dst = __sk_dst_check(sk, 0)) == NULL)
300 dst->ops->update_pmtu(dst, mtu);
302 /* Something is about to be wrong... Remember soft error
303 * for the case, if this connection will not able to recover.
305 if (mtu < dst_mtu(dst) && ip_dont_fragment(sk, dst))
306 sk->sk_err_soft = EMSGSIZE;
310 if (inet->pmtudisc != IP_PMTUDISC_DONT &&
311 inet_csk(sk)->icsk_pmtu_cookie > mtu) {
312 tcp_sync_mss(sk, mtu);
314 /* Resend the TCP packet because it's
315 * clear that the old packet has been
316 * dropped. This is the new "fast" path mtu
319 tcp_simple_retransmit(sk);
320 } /* else let the usual retransmit timer handle it */
324 * This routine is called by the ICMP module when it gets some
325 * sort of error condition. If err < 0 then the socket should
326 * be closed and the error returned to the user. If err > 0
327 * it's just the icmp type << 8 | icmp code. After adjustment
328 * header points to the first 8 bytes of the tcp header. We need
329 * to find the appropriate port.
331 * The locking strategy used here is very "optimistic". When
332 * someone else accesses the socket the ICMP is just dropped
333 * and for some paths there is no check at all.
334 * A more general error queue to queue errors for later handling
335 * is probably better.
339 void tcp_v4_err(struct sk_buff *skb, u32 info)
341 struct iphdr *iph = (struct iphdr *)skb->data;
342 struct tcphdr *th = (struct tcphdr *)(skb->data + (iph->ihl << 2));
344 struct inet_sock *inet;
345 const int type = icmp_hdr(skb)->type;
346 const int code = icmp_hdr(skb)->code;
351 if (skb->len < (iph->ihl << 2) + 8) {
352 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
356 sk = inet_lookup(skb->dev->nd_net, &tcp_hashinfo, iph->daddr, th->dest,
357 iph->saddr, th->source, inet_iif(skb));
359 ICMP_INC_STATS_BH(ICMP_MIB_INERRORS);
362 if (sk->sk_state == TCP_TIME_WAIT) {
363 inet_twsk_put(inet_twsk(sk));
368 /* If too many ICMPs get dropped on busy
369 * servers this needs to be solved differently.
371 if (sock_owned_by_user(sk))
372 NET_INC_STATS_BH(LINUX_MIB_LOCKDROPPEDICMPS);
374 if (sk->sk_state == TCP_CLOSE)
378 seq = ntohl(th->seq);
379 if (sk->sk_state != TCP_LISTEN &&
380 !between(seq, tp->snd_una, tp->snd_nxt)) {
381 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
386 case ICMP_SOURCE_QUENCH:
387 /* Just silently ignore these. */
389 case ICMP_PARAMETERPROB:
392 case ICMP_DEST_UNREACH:
393 if (code > NR_ICMP_UNREACH)
396 if (code == ICMP_FRAG_NEEDED) { /* PMTU discovery (RFC1191) */
397 if (!sock_owned_by_user(sk))
398 do_pmtu_discovery(sk, iph, info);
402 err = icmp_err_convert[code].errno;
404 case ICMP_TIME_EXCEEDED:
411 switch (sk->sk_state) {
412 struct request_sock *req, **prev;
414 if (sock_owned_by_user(sk))
417 req = inet_csk_search_req(sk, &prev, th->dest,
418 iph->daddr, iph->saddr);
422 /* ICMPs are not backlogged, hence we cannot get
423 an established socket here.
427 if (seq != tcp_rsk(req)->snt_isn) {
428 NET_INC_STATS_BH(LINUX_MIB_OUTOFWINDOWICMPS);
433 * Still in SYN_RECV, just remove it silently.
434 * There is no good way to pass the error to the newly
435 * created socket, and POSIX does not want network
436 * errors returned from accept().
438 inet_csk_reqsk_queue_drop(sk, req, prev);
442 case TCP_SYN_RECV: /* Cannot happen.
443 It can f.e. if SYNs crossed.
445 if (!sock_owned_by_user(sk)) {
448 sk->sk_error_report(sk);
452 sk->sk_err_soft = err;
457 /* If we've already connected we will keep trying
458 * until we time out, or the user gives up.
460 * rfc1122 4.2.3.9 allows to consider as hard errors
461 * only PROTO_UNREACH and PORT_UNREACH (well, FRAG_FAILED too,
462 * but it is obsoleted by pmtu discovery).
464 * Note, that in modern internet, where routing is unreliable
465 * and in each dark corner broken firewalls sit, sending random
466 * errors ordered by their masters even this two messages finally lose
467 * their original sense (even Linux sends invalid PORT_UNREACHs)
469 * Now we are in compliance with RFCs.
474 if (!sock_owned_by_user(sk) && inet->recverr) {
476 sk->sk_error_report(sk);
477 } else { /* Only an error on timeout */
478 sk->sk_err_soft = err;
486 /* This routine computes an IPv4 TCP checksum. */
487 void tcp_v4_send_check(struct sock *sk, int len, struct sk_buff *skb)
489 struct inet_sock *inet = inet_sk(sk);
490 struct tcphdr *th = tcp_hdr(skb);
492 if (skb->ip_summed == CHECKSUM_PARTIAL) {
493 th->check = ~tcp_v4_check(len, inet->saddr,
495 skb->csum_start = skb_transport_header(skb) - skb->head;
496 skb->csum_offset = offsetof(struct tcphdr, check);
498 th->check = tcp_v4_check(len, inet->saddr, inet->daddr,
499 csum_partial((char *)th,
505 int tcp_v4_gso_send_check(struct sk_buff *skb)
507 const struct iphdr *iph;
510 if (!pskb_may_pull(skb, sizeof(*th)))
517 th->check = ~tcp_v4_check(skb->len, iph->saddr, iph->daddr, 0);
518 skb->csum_start = skb_transport_header(skb) - skb->head;
519 skb->csum_offset = offsetof(struct tcphdr, check);
520 skb->ip_summed = CHECKSUM_PARTIAL;
525 * This routine will send an RST to the other tcp.
527 * Someone asks: why I NEVER use socket parameters (TOS, TTL etc.)
529 * Answer: if a packet caused RST, it is not for a socket
530 * existing in our system, if it is matched to a socket,
531 * it is just duplicate segment or bug in other side's TCP.
532 * So that we build reply only basing on parameters
533 * arrived with segment.
534 * Exception: precedence violation. We do not implement it in any case.
537 static void tcp_v4_send_reset(struct sock *sk, struct sk_buff *skb)
539 struct tcphdr *th = tcp_hdr(skb);
542 #ifdef CONFIG_TCP_MD5SIG
543 __be32 opt[(TCPOLEN_MD5SIG_ALIGNED >> 2)];
546 struct ip_reply_arg arg;
547 #ifdef CONFIG_TCP_MD5SIG
548 struct tcp_md5sig_key *key;
551 /* Never send a reset in response to a reset. */
555 if (((struct rtable *)skb->dst)->rt_type != RTN_LOCAL)
558 /* Swap the send and the receive. */
559 memset(&rep, 0, sizeof(rep));
560 rep.th.dest = th->source;
561 rep.th.source = th->dest;
562 rep.th.doff = sizeof(struct tcphdr) / 4;
566 rep.th.seq = th->ack_seq;
569 rep.th.ack_seq = htonl(ntohl(th->seq) + th->syn + th->fin +
570 skb->len - (th->doff << 2));
573 memset(&arg, 0, sizeof(arg));
574 arg.iov[0].iov_base = (unsigned char *)&rep;
575 arg.iov[0].iov_len = sizeof(rep.th);
577 #ifdef CONFIG_TCP_MD5SIG
578 key = sk ? tcp_v4_md5_do_lookup(sk, ip_hdr(skb)->daddr) : NULL;
580 rep.opt[0] = htonl((TCPOPT_NOP << 24) |
582 (TCPOPT_MD5SIG << 8) |
584 /* Update length and the length the header thinks exists */
585 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
586 rep.th.doff = arg.iov[0].iov_len / 4;
588 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[1],
592 &rep.th, IPPROTO_TCP,
596 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
597 ip_hdr(skb)->saddr, /* XXX */
598 sizeof(struct tcphdr), IPPROTO_TCP, 0);
599 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
601 ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
603 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
604 TCP_INC_STATS_BH(TCP_MIB_OUTRSTS);
607 /* The code following below sending ACKs in SYN-RECV and TIME-WAIT states
608 outside socket context is ugly, certainly. What can I do?
611 static void tcp_v4_send_ack(struct tcp_timewait_sock *twsk,
612 struct sk_buff *skb, u32 seq, u32 ack,
615 struct tcphdr *th = tcp_hdr(skb);
618 __be32 opt[(TCPOLEN_TSTAMP_ALIGNED >> 2)
619 #ifdef CONFIG_TCP_MD5SIG
620 + (TCPOLEN_MD5SIG_ALIGNED >> 2)
624 struct ip_reply_arg arg;
625 #ifdef CONFIG_TCP_MD5SIG
626 struct tcp_md5sig_key *key;
627 struct tcp_md5sig_key tw_key;
630 memset(&rep.th, 0, sizeof(struct tcphdr));
631 memset(&arg, 0, sizeof(arg));
633 arg.iov[0].iov_base = (unsigned char *)&rep;
634 arg.iov[0].iov_len = sizeof(rep.th);
636 rep.opt[0] = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
637 (TCPOPT_TIMESTAMP << 8) |
639 rep.opt[1] = htonl(tcp_time_stamp);
640 rep.opt[2] = htonl(ts);
641 arg.iov[0].iov_len += TCPOLEN_TSTAMP_ALIGNED;
644 /* Swap the send and the receive. */
645 rep.th.dest = th->source;
646 rep.th.source = th->dest;
647 rep.th.doff = arg.iov[0].iov_len / 4;
648 rep.th.seq = htonl(seq);
649 rep.th.ack_seq = htonl(ack);
651 rep.th.window = htons(win);
653 #ifdef CONFIG_TCP_MD5SIG
655 * The SKB holds an imcoming packet, but may not have a valid ->sk
656 * pointer. This is especially the case when we're dealing with a
657 * TIME_WAIT ack, because the sk structure is long gone, and only
658 * the tcp_timewait_sock remains. So the md5 key is stashed in that
659 * structure, and we use it in preference. I believe that (twsk ||
660 * skb->sk) holds true, but we program defensively.
662 if (!twsk && skb->sk) {
663 key = tcp_v4_md5_do_lookup(skb->sk, ip_hdr(skb)->daddr);
664 } else if (twsk && twsk->tw_md5_keylen) {
665 tw_key.key = twsk->tw_md5_key;
666 tw_key.keylen = twsk->tw_md5_keylen;
672 int offset = (ts) ? 3 : 0;
674 rep.opt[offset++] = htonl((TCPOPT_NOP << 24) |
676 (TCPOPT_MD5SIG << 8) |
678 arg.iov[0].iov_len += TCPOLEN_MD5SIG_ALIGNED;
679 rep.th.doff = arg.iov[0].iov_len/4;
681 tcp_v4_do_calc_md5_hash((__u8 *)&rep.opt[offset],
685 &rep.th, IPPROTO_TCP,
689 arg.csum = csum_tcpudp_nofold(ip_hdr(skb)->daddr,
690 ip_hdr(skb)->saddr, /* XXX */
691 arg.iov[0].iov_len, IPPROTO_TCP, 0);
692 arg.csumoffset = offsetof(struct tcphdr, check) / 2;
694 arg.bound_dev_if = twsk->tw_sk.tw_bound_dev_if;
696 ip_send_reply(tcp_socket->sk, skb, &arg, arg.iov[0].iov_len);
698 TCP_INC_STATS_BH(TCP_MIB_OUTSEGS);
701 static void tcp_v4_timewait_ack(struct sock *sk, struct sk_buff *skb)
703 struct inet_timewait_sock *tw = inet_twsk(sk);
704 struct tcp_timewait_sock *tcptw = tcp_twsk(sk);
706 tcp_v4_send_ack(tcptw, skb, tcptw->tw_snd_nxt, tcptw->tw_rcv_nxt,
707 tcptw->tw_rcv_wnd >> tw->tw_rcv_wscale,
708 tcptw->tw_ts_recent);
713 static void tcp_v4_reqsk_send_ack(struct sk_buff *skb,
714 struct request_sock *req)
716 tcp_v4_send_ack(NULL, skb, tcp_rsk(req)->snt_isn + 1,
717 tcp_rsk(req)->rcv_isn + 1, req->rcv_wnd,
722 * Send a SYN-ACK after having received a SYN.
723 * This still operates on a request_sock only, not on a big
726 static int tcp_v4_send_synack(struct sock *sk, struct request_sock *req,
727 struct dst_entry *dst)
729 const struct inet_request_sock *ireq = inet_rsk(req);
731 struct sk_buff * skb;
733 /* First, grab a route. */
734 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
737 skb = tcp_make_synack(sk, dst, req);
740 struct tcphdr *th = tcp_hdr(skb);
742 th->check = tcp_v4_check(skb->len,
745 csum_partial((char *)th, skb->len,
748 err = ip_build_and_send_pkt(skb, sk, ireq->loc_addr,
751 err = net_xmit_eval(err);
760 * IPv4 request_sock destructor.
762 static void tcp_v4_reqsk_destructor(struct request_sock *req)
764 kfree(inet_rsk(req)->opt);
767 #ifdef CONFIG_SYN_COOKIES
768 static void syn_flood_warning(struct sk_buff *skb)
770 static unsigned long warntime;
772 if (time_after(jiffies, (warntime + HZ * 60))) {
775 "possible SYN flooding on port %d. Sending cookies.\n",
776 ntohs(tcp_hdr(skb)->dest));
782 * Save and compile IPv4 options into the request_sock if needed.
784 static struct ip_options *tcp_v4_save_options(struct sock *sk,
787 struct ip_options *opt = &(IPCB(skb)->opt);
788 struct ip_options *dopt = NULL;
790 if (opt && opt->optlen) {
791 int opt_size = optlength(opt);
792 dopt = kmalloc(opt_size, GFP_ATOMIC);
794 if (ip_options_echo(dopt, skb)) {
803 #ifdef CONFIG_TCP_MD5SIG
805 * RFC2385 MD5 checksumming requires a mapping of
806 * IP address->MD5 Key.
807 * We need to maintain these in the sk structure.
810 /* Find the Key structure for an address. */
811 static struct tcp_md5sig_key *
812 tcp_v4_md5_do_lookup(struct sock *sk, __be32 addr)
814 struct tcp_sock *tp = tcp_sk(sk);
817 if (!tp->md5sig_info || !tp->md5sig_info->entries4)
819 for (i = 0; i < tp->md5sig_info->entries4; i++) {
820 if (tp->md5sig_info->keys4[i].addr == addr)
821 return &tp->md5sig_info->keys4[i].base;
826 struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk,
827 struct sock *addr_sk)
829 return tcp_v4_md5_do_lookup(sk, inet_sk(addr_sk)->daddr);
832 EXPORT_SYMBOL(tcp_v4_md5_lookup);
834 static struct tcp_md5sig_key *tcp_v4_reqsk_md5_lookup(struct sock *sk,
835 struct request_sock *req)
837 return tcp_v4_md5_do_lookup(sk, inet_rsk(req)->rmt_addr);
840 /* This can be called on a newly created socket, from other files */
841 int tcp_v4_md5_do_add(struct sock *sk, __be32 addr,
842 u8 *newkey, u8 newkeylen)
844 /* Add Key to the list */
845 struct tcp_md5sig_key *key;
846 struct tcp_sock *tp = tcp_sk(sk);
847 struct tcp4_md5sig_key *keys;
849 key = tcp_v4_md5_do_lookup(sk, addr);
851 /* Pre-existing entry - just update that one. */
854 key->keylen = newkeylen;
856 struct tcp_md5sig_info *md5sig;
858 if (!tp->md5sig_info) {
859 tp->md5sig_info = kzalloc(sizeof(*tp->md5sig_info),
861 if (!tp->md5sig_info) {
865 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
867 if (tcp_alloc_md5sig_pool() == NULL) {
871 md5sig = tp->md5sig_info;
873 if (md5sig->alloced4 == md5sig->entries4) {
874 keys = kmalloc((sizeof(*keys) *
875 (md5sig->entries4 + 1)), GFP_ATOMIC);
878 tcp_free_md5sig_pool();
882 if (md5sig->entries4)
883 memcpy(keys, md5sig->keys4,
884 sizeof(*keys) * md5sig->entries4);
886 /* Free old key list, and reference new one */
887 kfree(md5sig->keys4);
888 md5sig->keys4 = keys;
892 md5sig->keys4[md5sig->entries4 - 1].addr = addr;
893 md5sig->keys4[md5sig->entries4 - 1].base.key = newkey;
894 md5sig->keys4[md5sig->entries4 - 1].base.keylen = newkeylen;
899 EXPORT_SYMBOL(tcp_v4_md5_do_add);
901 static int tcp_v4_md5_add_func(struct sock *sk, struct sock *addr_sk,
902 u8 *newkey, u8 newkeylen)
904 return tcp_v4_md5_do_add(sk, inet_sk(addr_sk)->daddr,
908 int tcp_v4_md5_do_del(struct sock *sk, __be32 addr)
910 struct tcp_sock *tp = tcp_sk(sk);
913 for (i = 0; i < tp->md5sig_info->entries4; i++) {
914 if (tp->md5sig_info->keys4[i].addr == addr) {
916 kfree(tp->md5sig_info->keys4[i].base.key);
917 tp->md5sig_info->entries4--;
919 if (tp->md5sig_info->entries4 == 0) {
920 kfree(tp->md5sig_info->keys4);
921 tp->md5sig_info->keys4 = NULL;
922 tp->md5sig_info->alloced4 = 0;
923 } else if (tp->md5sig_info->entries4 != i) {
924 /* Need to do some manipulation */
925 memmove(&tp->md5sig_info->keys4[i],
926 &tp->md5sig_info->keys4[i+1],
927 (tp->md5sig_info->entries4 - i) *
928 sizeof(struct tcp4_md5sig_key));
930 tcp_free_md5sig_pool();
937 EXPORT_SYMBOL(tcp_v4_md5_do_del);
939 static void tcp_v4_clear_md5_list(struct sock *sk)
941 struct tcp_sock *tp = tcp_sk(sk);
943 /* Free each key, then the set of key keys,
944 * the crypto element, and then decrement our
945 * hold on the last resort crypto.
947 if (tp->md5sig_info->entries4) {
949 for (i = 0; i < tp->md5sig_info->entries4; i++)
950 kfree(tp->md5sig_info->keys4[i].base.key);
951 tp->md5sig_info->entries4 = 0;
952 tcp_free_md5sig_pool();
954 if (tp->md5sig_info->keys4) {
955 kfree(tp->md5sig_info->keys4);
956 tp->md5sig_info->keys4 = NULL;
957 tp->md5sig_info->alloced4 = 0;
961 static int tcp_v4_parse_md5_keys(struct sock *sk, char __user *optval,
964 struct tcp_md5sig cmd;
965 struct sockaddr_in *sin = (struct sockaddr_in *)&cmd.tcpm_addr;
968 if (optlen < sizeof(cmd))
971 if (copy_from_user(&cmd, optval, sizeof(cmd)))
974 if (sin->sin_family != AF_INET)
977 if (!cmd.tcpm_key || !cmd.tcpm_keylen) {
978 if (!tcp_sk(sk)->md5sig_info)
980 return tcp_v4_md5_do_del(sk, sin->sin_addr.s_addr);
983 if (cmd.tcpm_keylen > TCP_MD5SIG_MAXKEYLEN)
986 if (!tcp_sk(sk)->md5sig_info) {
987 struct tcp_sock *tp = tcp_sk(sk);
988 struct tcp_md5sig_info *p = kzalloc(sizeof(*p), GFP_KERNEL);
994 sk->sk_route_caps &= ~NETIF_F_GSO_MASK;
997 newkey = kmemdup(cmd.tcpm_key, cmd.tcpm_keylen, GFP_KERNEL);
1000 return tcp_v4_md5_do_add(sk, sin->sin_addr.s_addr,
1001 newkey, cmd.tcpm_keylen);
1004 static int tcp_v4_do_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
1005 __be32 saddr, __be32 daddr,
1006 struct tcphdr *th, int protocol,
1007 unsigned int tcplen)
1009 struct scatterlist sg[4];
1012 __sum16 old_checksum;
1013 struct tcp_md5sig_pool *hp;
1014 struct tcp4_pseudohdr *bp;
1015 struct hash_desc *desc;
1017 unsigned int nbytes = 0;
1020 * Okay, so RFC2385 is turned on for this connection,
1021 * so we need to generate the MD5 hash for the packet now.
1024 hp = tcp_get_md5sig_pool();
1026 goto clear_hash_noput;
1028 bp = &hp->md5_blk.ip4;
1029 desc = &hp->md5_desc;
1032 * 1. the TCP pseudo-header (in the order: source IP address,
1033 * destination IP address, zero-padded protocol number, and
1039 bp->protocol = protocol;
1040 bp->len = htons(tcplen);
1042 sg_init_table(sg, 4);
1044 sg_set_buf(&sg[block++], bp, sizeof(*bp));
1045 nbytes += sizeof(*bp);
1047 /* 2. the TCP header, excluding options, and assuming a
1050 old_checksum = th->check;
1052 sg_set_buf(&sg[block++], th, sizeof(struct tcphdr));
1053 nbytes += sizeof(struct tcphdr);
1055 /* 3. the TCP segment data (if any) */
1056 data_len = tcplen - (th->doff << 2);
1058 unsigned char *data = (unsigned char *)th + (th->doff << 2);
1059 sg_set_buf(&sg[block++], data, data_len);
1063 /* 4. an independently-specified key or password, known to both
1064 * TCPs and presumably connection-specific
1066 sg_set_buf(&sg[block++], key->key, key->keylen);
1067 nbytes += key->keylen;
1069 sg_mark_end(&sg[block - 1]);
1071 /* Now store the Hash into the packet */
1072 err = crypto_hash_init(desc);
1075 err = crypto_hash_update(desc, sg, nbytes);
1078 err = crypto_hash_final(desc, md5_hash);
1082 /* Reset header, and free up the crypto */
1083 tcp_put_md5sig_pool();
1084 th->check = old_checksum;
1089 tcp_put_md5sig_pool();
1091 memset(md5_hash, 0, 16);
1095 int tcp_v4_calc_md5_hash(char *md5_hash, struct tcp_md5sig_key *key,
1097 struct dst_entry *dst,
1098 struct request_sock *req,
1099 struct tcphdr *th, int protocol,
1100 unsigned int tcplen)
1102 __be32 saddr, daddr;
1105 saddr = inet_sk(sk)->saddr;
1106 daddr = inet_sk(sk)->daddr;
1108 struct rtable *rt = (struct rtable *)dst;
1113 return tcp_v4_do_calc_md5_hash(md5_hash, key,
1115 th, protocol, tcplen);
1118 EXPORT_SYMBOL(tcp_v4_calc_md5_hash);
1120 static int tcp_v4_inbound_md5_hash(struct sock *sk, struct sk_buff *skb)
1123 * This gets called for each TCP segment that arrives
1124 * so we want to be efficient.
1125 * We have 3 drop cases:
1126 * o No MD5 hash and one expected.
1127 * o MD5 hash and we're not expecting one.
1128 * o MD5 hash and its wrong.
1130 __u8 *hash_location = NULL;
1131 struct tcp_md5sig_key *hash_expected;
1132 const struct iphdr *iph = ip_hdr(skb);
1133 struct tcphdr *th = tcp_hdr(skb);
1134 int length = (th->doff << 2) - sizeof(struct tcphdr);
1137 unsigned char newhash[16];
1139 hash_expected = tcp_v4_md5_do_lookup(sk, iph->saddr);
1142 * If the TCP option length is less than the TCP_MD5SIG
1143 * option length, then we can shortcut
1145 if (length < TCPOLEN_MD5SIG) {
1152 /* Okay, we can't shortcut - we have to grub through the options */
1153 ptr = (unsigned char *)(th + 1);
1154 while (length > 0) {
1155 int opcode = *ptr++;
1168 if (opsize > length)
1171 if (opcode == TCPOPT_MD5SIG) {
1172 hash_location = ptr;
1180 /* We've parsed the options - do we have a hash? */
1181 if (!hash_expected && !hash_location)
1184 if (hash_expected && !hash_location) {
1185 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash expected but NOT found "
1186 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1187 NIPQUAD(iph->saddr), ntohs(th->source),
1188 NIPQUAD(iph->daddr), ntohs(th->dest));
1192 if (!hash_expected && hash_location) {
1193 LIMIT_NETDEBUG(KERN_INFO "MD5 Hash NOT expected but found "
1194 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)\n",
1195 NIPQUAD(iph->saddr), ntohs(th->source),
1196 NIPQUAD(iph->daddr), ntohs(th->dest));
1200 /* Okay, so this is hash_expected and hash_location -
1201 * so we need to calculate the checksum.
1203 genhash = tcp_v4_do_calc_md5_hash(newhash,
1205 iph->saddr, iph->daddr,
1206 th, sk->sk_protocol,
1209 if (genhash || memcmp(hash_location, newhash, 16) != 0) {
1210 if (net_ratelimit()) {
1211 printk(KERN_INFO "MD5 Hash failed for "
1212 "(" NIPQUAD_FMT ", %d)->(" NIPQUAD_FMT ", %d)%s\n",
1213 NIPQUAD(iph->saddr), ntohs(th->source),
1214 NIPQUAD(iph->daddr), ntohs(th->dest),
1215 genhash ? " tcp_v4_calc_md5_hash failed" : "");
1224 struct request_sock_ops tcp_request_sock_ops __read_mostly = {
1226 .obj_size = sizeof(struct tcp_request_sock),
1227 .rtx_syn_ack = tcp_v4_send_synack,
1228 .send_ack = tcp_v4_reqsk_send_ack,
1229 .destructor = tcp_v4_reqsk_destructor,
1230 .send_reset = tcp_v4_send_reset,
1233 #ifdef CONFIG_TCP_MD5SIG
1234 static struct tcp_request_sock_ops tcp_request_sock_ipv4_ops = {
1235 .md5_lookup = tcp_v4_reqsk_md5_lookup,
1239 static struct timewait_sock_ops tcp_timewait_sock_ops = {
1240 .twsk_obj_size = sizeof(struct tcp_timewait_sock),
1241 .twsk_unique = tcp_twsk_unique,
1242 .twsk_destructor= tcp_twsk_destructor,
1245 int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
1247 struct inet_request_sock *ireq;
1248 struct tcp_options_received tmp_opt;
1249 struct request_sock *req;
1250 __be32 saddr = ip_hdr(skb)->saddr;
1251 __be32 daddr = ip_hdr(skb)->daddr;
1252 __u32 isn = TCP_SKB_CB(skb)->when;
1253 struct dst_entry *dst = NULL;
1254 #ifdef CONFIG_SYN_COOKIES
1255 int want_cookie = 0;
1257 #define want_cookie 0 /* Argh, why doesn't gcc optimize this :( */
1260 /* Never answer to SYNs send to broadcast or multicast */
1261 if (((struct rtable *)skb->dst)->rt_flags &
1262 (RTCF_BROADCAST | RTCF_MULTICAST))
1265 /* TW buckets are converted to open requests without
1266 * limitations, they conserve resources and peer is
1267 * evidently real one.
1269 if (inet_csk_reqsk_queue_is_full(sk) && !isn) {
1270 #ifdef CONFIG_SYN_COOKIES
1271 if (sysctl_tcp_syncookies) {
1278 /* Accept backlog is full. If we have already queued enough
1279 * of warm entries in syn queue, drop request. It is better than
1280 * clogging syn queue with openreqs with exponentially increasing
1283 if (sk_acceptq_is_full(sk) && inet_csk_reqsk_queue_young(sk) > 1)
1286 req = reqsk_alloc(&tcp_request_sock_ops);
1290 #ifdef CONFIG_TCP_MD5SIG
1291 tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops;
1294 tcp_clear_options(&tmp_opt);
1295 tmp_opt.mss_clamp = 536;
1296 tmp_opt.user_mss = tcp_sk(sk)->rx_opt.user_mss;
1298 tcp_parse_options(skb, &tmp_opt, 0);
1301 tcp_clear_options(&tmp_opt);
1302 tmp_opt.saw_tstamp = 0;
1305 if (tmp_opt.saw_tstamp && !tmp_opt.rcv_tsval) {
1306 /* Some OSes (unknown ones, but I see them on web server, which
1307 * contains information interesting only for windows'
1308 * users) do not send their stamp in SYN. It is easy case.
1309 * We simply do not advertise TS support.
1311 tmp_opt.saw_tstamp = 0;
1312 tmp_opt.tstamp_ok = 0;
1314 tmp_opt.tstamp_ok = tmp_opt.saw_tstamp;
1316 tcp_openreq_init(req, &tmp_opt, skb);
1318 if (security_inet_conn_request(sk, skb, req))
1321 ireq = inet_rsk(req);
1322 ireq->loc_addr = daddr;
1323 ireq->rmt_addr = saddr;
1324 ireq->opt = tcp_v4_save_options(sk, skb);
1326 TCP_ECN_create_request(req, tcp_hdr(skb));
1329 #ifdef CONFIG_SYN_COOKIES
1330 syn_flood_warning(skb);
1332 isn = cookie_v4_init_sequence(sk, skb, &req->mss);
1334 struct inet_peer *peer = NULL;
1336 /* VJ's idea. We save last timestamp seen
1337 * from the destination in peer table, when entering
1338 * state TIME-WAIT, and check against it before
1339 * accepting new connection request.
1341 * If "isn" is not zero, this request hit alive
1342 * timewait bucket, so that all the necessary checks
1343 * are made in the function processing timewait state.
1345 if (tmp_opt.saw_tstamp &&
1346 tcp_death_row.sysctl_tw_recycle &&
1347 (dst = inet_csk_route_req(sk, req)) != NULL &&
1348 (peer = rt_get_peer((struct rtable *)dst)) != NULL &&
1349 peer->v4daddr == saddr) {
1350 if (get_seconds() < peer->tcp_ts_stamp + TCP_PAWS_MSL &&
1351 (s32)(peer->tcp_ts - req->ts_recent) >
1353 NET_INC_STATS_BH(LINUX_MIB_PAWSPASSIVEREJECTED);
1358 /* Kill the following clause, if you dislike this way. */
1359 else if (!sysctl_tcp_syncookies &&
1360 (sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) <
1361 (sysctl_max_syn_backlog >> 2)) &&
1362 (!peer || !peer->tcp_ts_stamp) &&
1363 (!dst || !dst_metric(dst, RTAX_RTT))) {
1364 /* Without syncookies last quarter of
1365 * backlog is filled with destinations,
1366 * proven to be alive.
1367 * It means that we continue to communicate
1368 * to destinations, already remembered
1369 * to the moment of synflood.
1371 LIMIT_NETDEBUG(KERN_DEBUG "TCP: drop open "
1372 "request from %u.%u.%u.%u/%u\n",
1374 ntohs(tcp_hdr(skb)->source));
1379 isn = tcp_v4_init_sequence(skb);
1381 tcp_rsk(req)->snt_isn = isn;
1383 if (tcp_v4_send_synack(sk, req, dst))
1389 inet_csk_reqsk_queue_hash_add(sk, req, TCP_TIMEOUT_INIT);
1401 * The three way handshake has completed - we got a valid synack -
1402 * now create the new socket.
1404 struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb,
1405 struct request_sock *req,
1406 struct dst_entry *dst)
1408 struct inet_request_sock *ireq;
1409 struct inet_sock *newinet;
1410 struct tcp_sock *newtp;
1412 #ifdef CONFIG_TCP_MD5SIG
1413 struct tcp_md5sig_key *key;
1416 if (sk_acceptq_is_full(sk))
1419 if (!dst && (dst = inet_csk_route_req(sk, req)) == NULL)
1422 newsk = tcp_create_openreq_child(sk, req, skb);
1426 newsk->sk_gso_type = SKB_GSO_TCPV4;
1427 sk_setup_caps(newsk, dst);
1429 newtp = tcp_sk(newsk);
1430 newinet = inet_sk(newsk);
1431 ireq = inet_rsk(req);
1432 newinet->daddr = ireq->rmt_addr;
1433 newinet->rcv_saddr = ireq->loc_addr;
1434 newinet->saddr = ireq->loc_addr;
1435 newinet->opt = ireq->opt;
1437 newinet->mc_index = inet_iif(skb);
1438 newinet->mc_ttl = ip_hdr(skb)->ttl;
1439 inet_csk(newsk)->icsk_ext_hdr_len = 0;
1441 inet_csk(newsk)->icsk_ext_hdr_len = newinet->opt->optlen;
1442 newinet->id = newtp->write_seq ^ jiffies;
1444 tcp_mtup_init(newsk);
1445 tcp_sync_mss(newsk, dst_mtu(dst));
1446 newtp->advmss = dst_metric(dst, RTAX_ADVMSS);
1447 tcp_initialize_rcv_mss(newsk);
1449 #ifdef CONFIG_TCP_MD5SIG
1450 /* Copy over the MD5 key from the original socket */
1451 if ((key = tcp_v4_md5_do_lookup(sk, newinet->daddr)) != NULL) {
1453 * We're using one, so create a matching key
1454 * on the newsk structure. If we fail to get
1455 * memory, then we end up not copying the key
1458 char *newkey = kmemdup(key->key, key->keylen, GFP_ATOMIC);
1460 tcp_v4_md5_do_add(newsk, inet_sk(sk)->daddr,
1461 newkey, key->keylen);
1465 __inet_hash_nolisten(newsk);
1466 __inet_inherit_port(sk, newsk);
1471 NET_INC_STATS_BH(LINUX_MIB_LISTENOVERFLOWS);
1473 NET_INC_STATS_BH(LINUX_MIB_LISTENDROPS);
1478 static struct sock *tcp_v4_hnd_req(struct sock *sk, struct sk_buff *skb)
1480 struct tcphdr *th = tcp_hdr(skb);
1481 const struct iphdr *iph = ip_hdr(skb);
1483 struct request_sock **prev;
1484 /* Find possible connection requests. */
1485 struct request_sock *req = inet_csk_search_req(sk, &prev, th->source,
1486 iph->saddr, iph->daddr);
1488 return tcp_check_req(sk, skb, req, prev);
1490 nsk = inet_lookup_established(sk->sk_net, &tcp_hashinfo, iph->saddr,
1491 th->source, iph->daddr, th->dest, inet_iif(skb));
1494 if (nsk->sk_state != TCP_TIME_WAIT) {
1498 inet_twsk_put(inet_twsk(nsk));
1502 #ifdef CONFIG_SYN_COOKIES
1503 if (!th->rst && !th->syn && th->ack)
1504 sk = cookie_v4_check(sk, skb, &(IPCB(skb)->opt));
1509 static __sum16 tcp_v4_checksum_init(struct sk_buff *skb)
1511 const struct iphdr *iph = ip_hdr(skb);
1513 if (skb->ip_summed == CHECKSUM_COMPLETE) {
1514 if (!tcp_v4_check(skb->len, iph->saddr,
1515 iph->daddr, skb->csum)) {
1516 skb->ip_summed = CHECKSUM_UNNECESSARY;
1521 skb->csum = csum_tcpudp_nofold(iph->saddr, iph->daddr,
1522 skb->len, IPPROTO_TCP, 0);
1524 if (skb->len <= 76) {
1525 return __skb_checksum_complete(skb);
1531 /* The socket must have it's spinlock held when we get
1534 * We have a potential double-lock case here, so even when
1535 * doing backlog processing we use the BH locking scheme.
1536 * This is because we cannot sleep with the original spinlock
1539 int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb)
1542 #ifdef CONFIG_TCP_MD5SIG
1544 * We really want to reject the packet as early as possible
1546 * o We're expecting an MD5'd packet and this is no MD5 tcp option
1547 * o There is an MD5 option and we're not expecting one
1549 if (tcp_v4_inbound_md5_hash(sk, skb))
1553 if (sk->sk_state == TCP_ESTABLISHED) { /* Fast path */
1554 TCP_CHECK_TIMER(sk);
1555 if (tcp_rcv_established(sk, skb, tcp_hdr(skb), skb->len)) {
1559 TCP_CHECK_TIMER(sk);
1563 if (skb->len < tcp_hdrlen(skb) || tcp_checksum_complete(skb))
1566 if (sk->sk_state == TCP_LISTEN) {
1567 struct sock *nsk = tcp_v4_hnd_req(sk, skb);
1572 if (tcp_child_process(sk, nsk, skb)) {
1580 TCP_CHECK_TIMER(sk);
1581 if (tcp_rcv_state_process(sk, skb, tcp_hdr(skb), skb->len)) {
1585 TCP_CHECK_TIMER(sk);
1589 tcp_v4_send_reset(rsk, skb);
1592 /* Be careful here. If this function gets more complicated and
1593 * gcc suffers from register pressure on the x86, sk (in %ebx)
1594 * might be destroyed here. This current version compiles correctly,
1595 * but you have been warned.
1600 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1608 int tcp_v4_rcv(struct sk_buff *skb)
1610 const struct iphdr *iph;
1615 if (skb->pkt_type != PACKET_HOST)
1618 /* Count it even if it's bad */
1619 TCP_INC_STATS_BH(TCP_MIB_INSEGS);
1621 if (!pskb_may_pull(skb, sizeof(struct tcphdr)))
1626 if (th->doff < sizeof(struct tcphdr) / 4)
1628 if (!pskb_may_pull(skb, th->doff * 4))
1631 /* An explanation is required here, I think.
1632 * Packet length and doff are validated by header prediction,
1633 * provided case of th->doff==0 is eliminated.
1634 * So, we defer the checks. */
1635 if (!skb_csum_unnecessary(skb) && tcp_v4_checksum_init(skb))
1640 TCP_SKB_CB(skb)->seq = ntohl(th->seq);
1641 TCP_SKB_CB(skb)->end_seq = (TCP_SKB_CB(skb)->seq + th->syn + th->fin +
1642 skb->len - th->doff * 4);
1643 TCP_SKB_CB(skb)->ack_seq = ntohl(th->ack_seq);
1644 TCP_SKB_CB(skb)->when = 0;
1645 TCP_SKB_CB(skb)->flags = iph->tos;
1646 TCP_SKB_CB(skb)->sacked = 0;
1648 sk = __inet_lookup(skb->dev->nd_net, &tcp_hashinfo, iph->saddr,
1649 th->source, iph->daddr, th->dest, inet_iif(skb));
1654 if (sk->sk_state == TCP_TIME_WAIT)
1657 if (!xfrm4_policy_check(sk, XFRM_POLICY_IN, skb))
1658 goto discard_and_relse;
1661 if (sk_filter(sk, skb))
1662 goto discard_and_relse;
1666 bh_lock_sock_nested(sk);
1668 if (!sock_owned_by_user(sk)) {
1669 #ifdef CONFIG_NET_DMA
1670 struct tcp_sock *tp = tcp_sk(sk);
1671 if (!tp->ucopy.dma_chan && tp->ucopy.pinned_list)
1672 tp->ucopy.dma_chan = get_softnet_dma();
1673 if (tp->ucopy.dma_chan)
1674 ret = tcp_v4_do_rcv(sk, skb);
1678 if (!tcp_prequeue(sk, skb))
1679 ret = tcp_v4_do_rcv(sk, skb);
1682 sk_add_backlog(sk, skb);
1690 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb))
1693 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1695 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1697 tcp_v4_send_reset(NULL, skb);
1701 /* Discard frame. */
1710 if (!xfrm4_policy_check(NULL, XFRM_POLICY_IN, skb)) {
1711 inet_twsk_put(inet_twsk(sk));
1715 if (skb->len < (th->doff << 2) || tcp_checksum_complete(skb)) {
1716 TCP_INC_STATS_BH(TCP_MIB_INERRS);
1717 inet_twsk_put(inet_twsk(sk));
1720 switch (tcp_timewait_state_process(inet_twsk(sk), skb, th)) {
1722 struct sock *sk2 = inet_lookup_listener(skb->dev->nd_net,
1724 iph->daddr, th->dest,
1727 inet_twsk_deschedule(inet_twsk(sk), &tcp_death_row);
1728 inet_twsk_put(inet_twsk(sk));
1732 /* Fall through to ACK */
1735 tcp_v4_timewait_ack(sk, skb);
1739 case TCP_TW_SUCCESS:;
1744 /* VJ's idea. Save last timestamp seen from this destination
1745 * and hold it at least for normal timewait interval to use for duplicate
1746 * segment detection in subsequent connections, before they enter synchronized
1750 int tcp_v4_remember_stamp(struct sock *sk)
1752 struct inet_sock *inet = inet_sk(sk);
1753 struct tcp_sock *tp = tcp_sk(sk);
1754 struct rtable *rt = (struct rtable *)__sk_dst_get(sk);
1755 struct inet_peer *peer = NULL;
1758 if (!rt || rt->rt_dst != inet->daddr) {
1759 peer = inet_getpeer(inet->daddr, 1);
1763 rt_bind_peer(rt, 1);
1768 if ((s32)(peer->tcp_ts - tp->rx_opt.ts_recent) <= 0 ||
1769 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1770 peer->tcp_ts_stamp <= tp->rx_opt.ts_recent_stamp)) {
1771 peer->tcp_ts_stamp = tp->rx_opt.ts_recent_stamp;
1772 peer->tcp_ts = tp->rx_opt.ts_recent;
1782 int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw)
1784 struct inet_peer *peer = inet_getpeer(tw->tw_daddr, 1);
1787 const struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw);
1789 if ((s32)(peer->tcp_ts - tcptw->tw_ts_recent) <= 0 ||
1790 (peer->tcp_ts_stamp + TCP_PAWS_MSL < get_seconds() &&
1791 peer->tcp_ts_stamp <= tcptw->tw_ts_recent_stamp)) {
1792 peer->tcp_ts_stamp = tcptw->tw_ts_recent_stamp;
1793 peer->tcp_ts = tcptw->tw_ts_recent;
1802 struct inet_connection_sock_af_ops ipv4_specific = {
1803 .queue_xmit = ip_queue_xmit,
1804 .send_check = tcp_v4_send_check,
1805 .rebuild_header = inet_sk_rebuild_header,
1806 .conn_request = tcp_v4_conn_request,
1807 .syn_recv_sock = tcp_v4_syn_recv_sock,
1808 .remember_stamp = tcp_v4_remember_stamp,
1809 .net_header_len = sizeof(struct iphdr),
1810 .setsockopt = ip_setsockopt,
1811 .getsockopt = ip_getsockopt,
1812 .addr2sockaddr = inet_csk_addr2sockaddr,
1813 .sockaddr_len = sizeof(struct sockaddr_in),
1814 .bind_conflict = inet_csk_bind_conflict,
1815 #ifdef CONFIG_COMPAT
1816 .compat_setsockopt = compat_ip_setsockopt,
1817 .compat_getsockopt = compat_ip_getsockopt,
1821 #ifdef CONFIG_TCP_MD5SIG
1822 static struct tcp_sock_af_ops tcp_sock_ipv4_specific = {
1823 .md5_lookup = tcp_v4_md5_lookup,
1824 .calc_md5_hash = tcp_v4_calc_md5_hash,
1825 .md5_add = tcp_v4_md5_add_func,
1826 .md5_parse = tcp_v4_parse_md5_keys,
1830 /* NOTE: A lot of things set to zero explicitly by call to
1831 * sk_alloc() so need not be done here.
1833 static int tcp_v4_init_sock(struct sock *sk)
1835 struct inet_connection_sock *icsk = inet_csk(sk);
1836 struct tcp_sock *tp = tcp_sk(sk);
1838 skb_queue_head_init(&tp->out_of_order_queue);
1839 tcp_init_xmit_timers(sk);
1840 tcp_prequeue_init(tp);
1842 icsk->icsk_rto = TCP_TIMEOUT_INIT;
1843 tp->mdev = TCP_TIMEOUT_INIT;
1845 /* So many TCP implementations out there (incorrectly) count the
1846 * initial SYN frame in their delayed-ACK and congestion control
1847 * algorithms that we must have the following bandaid to talk
1848 * efficiently to them. -DaveM
1852 /* See draft-stevens-tcpca-spec-01 for discussion of the
1853 * initialization of these values.
1855 tp->snd_ssthresh = 0x7fffffff; /* Infinity */
1856 tp->snd_cwnd_clamp = ~0;
1857 tp->mss_cache = 536;
1859 tp->reordering = sysctl_tcp_reordering;
1860 icsk->icsk_ca_ops = &tcp_init_congestion_ops;
1862 sk->sk_state = TCP_CLOSE;
1864 sk->sk_write_space = sk_stream_write_space;
1865 sock_set_flag(sk, SOCK_USE_WRITE_QUEUE);
1867 icsk->icsk_af_ops = &ipv4_specific;
1868 icsk->icsk_sync_mss = tcp_sync_mss;
1869 #ifdef CONFIG_TCP_MD5SIG
1870 tp->af_specific = &tcp_sock_ipv4_specific;
1873 sk->sk_sndbuf = sysctl_tcp_wmem[1];
1874 sk->sk_rcvbuf = sysctl_tcp_rmem[1];
1876 atomic_inc(&tcp_sockets_allocated);
1881 int tcp_v4_destroy_sock(struct sock *sk)
1883 struct tcp_sock *tp = tcp_sk(sk);
1885 tcp_clear_xmit_timers(sk);
1887 tcp_cleanup_congestion_control(sk);
1889 /* Cleanup up the write buffer. */
1890 tcp_write_queue_purge(sk);
1892 /* Cleans up our, hopefully empty, out_of_order_queue. */
1893 __skb_queue_purge(&tp->out_of_order_queue);
1895 #ifdef CONFIG_TCP_MD5SIG
1896 /* Clean up the MD5 key list, if any */
1897 if (tp->md5sig_info) {
1898 tcp_v4_clear_md5_list(sk);
1899 kfree(tp->md5sig_info);
1900 tp->md5sig_info = NULL;
1904 #ifdef CONFIG_NET_DMA
1905 /* Cleans up our sk_async_wait_queue */
1906 __skb_queue_purge(&sk->sk_async_wait_queue);
1909 /* Clean prequeue, it must be empty really */
1910 __skb_queue_purge(&tp->ucopy.prequeue);
1912 /* Clean up a referenced TCP bind bucket. */
1913 if (inet_csk(sk)->icsk_bind_hash)
1917 * If sendmsg cached page exists, toss it.
1919 if (sk->sk_sndmsg_page) {
1920 __free_page(sk->sk_sndmsg_page);
1921 sk->sk_sndmsg_page = NULL;
1924 atomic_dec(&tcp_sockets_allocated);
1929 EXPORT_SYMBOL(tcp_v4_destroy_sock);
1931 #ifdef CONFIG_PROC_FS
1932 /* Proc filesystem TCP sock list dumping. */
1934 static inline struct inet_timewait_sock *tw_head(struct hlist_head *head)
1936 return hlist_empty(head) ? NULL :
1937 list_entry(head->first, struct inet_timewait_sock, tw_node);
1940 static inline struct inet_timewait_sock *tw_next(struct inet_timewait_sock *tw)
1942 return tw->tw_node.next ?
1943 hlist_entry(tw->tw_node.next, typeof(*tw), tw_node) : NULL;
1946 static void *listening_get_next(struct seq_file *seq, void *cur)
1948 struct inet_connection_sock *icsk;
1949 struct hlist_node *node;
1950 struct sock *sk = cur;
1951 struct tcp_iter_state* st = seq->private;
1955 sk = sk_head(&tcp_hashinfo.listening_hash[0]);
1961 if (st->state == TCP_SEQ_STATE_OPENREQ) {
1962 struct request_sock *req = cur;
1964 icsk = inet_csk(st->syn_wait_sk);
1968 if (req->rsk_ops->family == st->family) {
1974 if (++st->sbucket >= icsk->icsk_accept_queue.listen_opt->nr_table_entries)
1977 req = icsk->icsk_accept_queue.listen_opt->syn_table[st->sbucket];
1979 sk = sk_next(st->syn_wait_sk);
1980 st->state = TCP_SEQ_STATE_LISTENING;
1981 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1983 icsk = inet_csk(sk);
1984 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1985 if (reqsk_queue_len(&icsk->icsk_accept_queue))
1987 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1991 sk_for_each_from(sk, node) {
1992 if (sk->sk_family == st->family) {
1996 icsk = inet_csk(sk);
1997 read_lock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
1998 if (reqsk_queue_len(&icsk->icsk_accept_queue)) {
2000 st->uid = sock_i_uid(sk);
2001 st->syn_wait_sk = sk;
2002 st->state = TCP_SEQ_STATE_OPENREQ;
2006 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2008 if (++st->bucket < INET_LHTABLE_SIZE) {
2009 sk = sk_head(&tcp_hashinfo.listening_hash[st->bucket]);
2017 static void *listening_get_idx(struct seq_file *seq, loff_t *pos)
2019 void *rc = listening_get_next(seq, NULL);
2021 while (rc && *pos) {
2022 rc = listening_get_next(seq, rc);
2028 static void *established_get_first(struct seq_file *seq)
2030 struct tcp_iter_state* st = seq->private;
2033 for (st->bucket = 0; st->bucket < tcp_hashinfo.ehash_size; ++st->bucket) {
2035 struct hlist_node *node;
2036 struct inet_timewait_sock *tw;
2037 rwlock_t *lock = inet_ehash_lockp(&tcp_hashinfo, st->bucket);
2040 sk_for_each(sk, node, &tcp_hashinfo.ehash[st->bucket].chain) {
2041 if (sk->sk_family != st->family) {
2047 st->state = TCP_SEQ_STATE_TIME_WAIT;
2048 inet_twsk_for_each(tw, node,
2049 &tcp_hashinfo.ehash[st->bucket].twchain) {
2050 if (tw->tw_family != st->family) {
2056 read_unlock_bh(lock);
2057 st->state = TCP_SEQ_STATE_ESTABLISHED;
2063 static void *established_get_next(struct seq_file *seq, void *cur)
2065 struct sock *sk = cur;
2066 struct inet_timewait_sock *tw;
2067 struct hlist_node *node;
2068 struct tcp_iter_state* st = seq->private;
2072 if (st->state == TCP_SEQ_STATE_TIME_WAIT) {
2076 while (tw && tw->tw_family != st->family) {
2083 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2084 st->state = TCP_SEQ_STATE_ESTABLISHED;
2086 if (++st->bucket < tcp_hashinfo.ehash_size) {
2087 read_lock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2088 sk = sk_head(&tcp_hashinfo.ehash[st->bucket].chain);
2096 sk_for_each_from(sk, node) {
2097 if (sk->sk_family == st->family)
2101 st->state = TCP_SEQ_STATE_TIME_WAIT;
2102 tw = tw_head(&tcp_hashinfo.ehash[st->bucket].twchain);
2110 static void *established_get_idx(struct seq_file *seq, loff_t pos)
2112 void *rc = established_get_first(seq);
2115 rc = established_get_next(seq, rc);
2121 static void *tcp_get_idx(struct seq_file *seq, loff_t pos)
2124 struct tcp_iter_state* st = seq->private;
2126 inet_listen_lock(&tcp_hashinfo);
2127 st->state = TCP_SEQ_STATE_LISTENING;
2128 rc = listening_get_idx(seq, &pos);
2131 inet_listen_unlock(&tcp_hashinfo);
2132 st->state = TCP_SEQ_STATE_ESTABLISHED;
2133 rc = established_get_idx(seq, pos);
2139 static void *tcp_seq_start(struct seq_file *seq, loff_t *pos)
2141 struct tcp_iter_state* st = seq->private;
2142 st->state = TCP_SEQ_STATE_LISTENING;
2144 return *pos ? tcp_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
2147 static void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2150 struct tcp_iter_state* st;
2152 if (v == SEQ_START_TOKEN) {
2153 rc = tcp_get_idx(seq, 0);
2158 switch (st->state) {
2159 case TCP_SEQ_STATE_OPENREQ:
2160 case TCP_SEQ_STATE_LISTENING:
2161 rc = listening_get_next(seq, v);
2163 inet_listen_unlock(&tcp_hashinfo);
2164 st->state = TCP_SEQ_STATE_ESTABLISHED;
2165 rc = established_get_first(seq);
2168 case TCP_SEQ_STATE_ESTABLISHED:
2169 case TCP_SEQ_STATE_TIME_WAIT:
2170 rc = established_get_next(seq, v);
2178 static void tcp_seq_stop(struct seq_file *seq, void *v)
2180 struct tcp_iter_state* st = seq->private;
2182 switch (st->state) {
2183 case TCP_SEQ_STATE_OPENREQ:
2185 struct inet_connection_sock *icsk = inet_csk(st->syn_wait_sk);
2186 read_unlock_bh(&icsk->icsk_accept_queue.syn_wait_lock);
2188 case TCP_SEQ_STATE_LISTENING:
2189 if (v != SEQ_START_TOKEN)
2190 inet_listen_unlock(&tcp_hashinfo);
2192 case TCP_SEQ_STATE_TIME_WAIT:
2193 case TCP_SEQ_STATE_ESTABLISHED:
2195 read_unlock_bh(inet_ehash_lockp(&tcp_hashinfo, st->bucket));
2200 static int tcp_seq_open(struct inode *inode, struct file *file)
2202 struct tcp_seq_afinfo *afinfo = PDE(inode)->data;
2203 struct seq_file *seq;
2204 struct tcp_iter_state *s;
2207 if (unlikely(afinfo == NULL))
2210 s = kzalloc(sizeof(*s), GFP_KERNEL);
2213 s->family = afinfo->family;
2214 s->seq_ops.start = tcp_seq_start;
2215 s->seq_ops.next = tcp_seq_next;
2216 s->seq_ops.show = afinfo->seq_show;
2217 s->seq_ops.stop = tcp_seq_stop;
2219 rc = seq_open(file, &s->seq_ops);
2222 seq = file->private_data;
2231 int tcp_proc_register(struct tcp_seq_afinfo *afinfo)
2234 struct proc_dir_entry *p;
2238 afinfo->seq_fops->owner = afinfo->owner;
2239 afinfo->seq_fops->open = tcp_seq_open;
2240 afinfo->seq_fops->read = seq_read;
2241 afinfo->seq_fops->llseek = seq_lseek;
2242 afinfo->seq_fops->release = seq_release_private;
2244 p = proc_net_fops_create(&init_net, afinfo->name, S_IRUGO, afinfo->seq_fops);
2252 void tcp_proc_unregister(struct tcp_seq_afinfo *afinfo)
2256 proc_net_remove(&init_net, afinfo->name);
2257 memset(afinfo->seq_fops, 0, sizeof(*afinfo->seq_fops));
2260 static void get_openreq4(struct sock *sk, struct request_sock *req,
2261 char *tmpbuf, int i, int uid)
2263 const struct inet_request_sock *ireq = inet_rsk(req);
2264 int ttd = req->expires - jiffies;
2266 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
2267 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %u %d %p",
2270 ntohs(inet_sk(sk)->sport),
2272 ntohs(ireq->rmt_port),
2274 0, 0, /* could print option size, but that is af dependent. */
2275 1, /* timers active (only the expire timer) */
2276 jiffies_to_clock_t(ttd),
2279 0, /* non standard timer */
2280 0, /* open_requests have no inode */
2281 atomic_read(&sk->sk_refcnt),
2285 static void get_tcp4_sock(struct sock *sk, char *tmpbuf, int i)
2288 unsigned long timer_expires;
2289 struct tcp_sock *tp = tcp_sk(sk);
2290 const struct inet_connection_sock *icsk = inet_csk(sk);
2291 struct inet_sock *inet = inet_sk(sk);
2292 __be32 dest = inet->daddr;
2293 __be32 src = inet->rcv_saddr;
2294 __u16 destp = ntohs(inet->dport);
2295 __u16 srcp = ntohs(inet->sport);
2297 if (icsk->icsk_pending == ICSK_TIME_RETRANS) {
2299 timer_expires = icsk->icsk_timeout;
2300 } else if (icsk->icsk_pending == ICSK_TIME_PROBE0) {
2302 timer_expires = icsk->icsk_timeout;
2303 } else if (timer_pending(&sk->sk_timer)) {
2305 timer_expires = sk->sk_timer.expires;
2308 timer_expires = jiffies;
2311 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X %02X %08X:%08X %02X:%08lX "
2312 "%08X %5d %8d %lu %d %p %u %u %u %u %d",
2313 i, src, srcp, dest, destp, sk->sk_state,
2314 tp->write_seq - tp->snd_una,
2315 sk->sk_state == TCP_LISTEN ? sk->sk_ack_backlog :
2316 (tp->rcv_nxt - tp->copied_seq),
2318 jiffies_to_clock_t(timer_expires - jiffies),
2319 icsk->icsk_retransmits,
2321 icsk->icsk_probes_out,
2323 atomic_read(&sk->sk_refcnt), sk,
2326 (icsk->icsk_ack.quick << 1) | icsk->icsk_ack.pingpong,
2328 tp->snd_ssthresh >= 0xFFFF ? -1 : tp->snd_ssthresh);
2331 static void get_timewait4_sock(struct inet_timewait_sock *tw,
2332 char *tmpbuf, int i)
2336 int ttd = tw->tw_ttd - jiffies;
2341 dest = tw->tw_daddr;
2342 src = tw->tw_rcv_saddr;
2343 destp = ntohs(tw->tw_dport);
2344 srcp = ntohs(tw->tw_sport);
2346 sprintf(tmpbuf, "%4d: %08X:%04X %08X:%04X"
2347 " %02X %08X:%08X %02X:%08lX %08X %5d %8d %d %d %p",
2348 i, src, srcp, dest, destp, tw->tw_substate, 0, 0,
2349 3, jiffies_to_clock_t(ttd), 0, 0, 0, 0,
2350 atomic_read(&tw->tw_refcnt), tw);
2355 static int tcp4_seq_show(struct seq_file *seq, void *v)
2357 struct tcp_iter_state* st;
2358 char tmpbuf[TMPSZ + 1];
2360 if (v == SEQ_START_TOKEN) {
2361 seq_printf(seq, "%-*s\n", TMPSZ - 1,
2362 " sl local_address rem_address st tx_queue "
2363 "rx_queue tr tm->when retrnsmt uid timeout "
2369 switch (st->state) {
2370 case TCP_SEQ_STATE_LISTENING:
2371 case TCP_SEQ_STATE_ESTABLISHED:
2372 get_tcp4_sock(v, tmpbuf, st->num);
2374 case TCP_SEQ_STATE_OPENREQ:
2375 get_openreq4(st->syn_wait_sk, v, tmpbuf, st->num, st->uid);
2377 case TCP_SEQ_STATE_TIME_WAIT:
2378 get_timewait4_sock(v, tmpbuf, st->num);
2381 seq_printf(seq, "%-*s\n", TMPSZ - 1, tmpbuf);
2386 static struct file_operations tcp4_seq_fops;
2387 static struct tcp_seq_afinfo tcp4_seq_afinfo = {
2388 .owner = THIS_MODULE,
2391 .seq_show = tcp4_seq_show,
2392 .seq_fops = &tcp4_seq_fops,
2395 int __init tcp4_proc_init(void)
2397 return tcp_proc_register(&tcp4_seq_afinfo);
2400 void tcp4_proc_exit(void)
2402 tcp_proc_unregister(&tcp4_seq_afinfo);
2404 #endif /* CONFIG_PROC_FS */
2406 DEFINE_PROTO_INUSE(tcp)
2408 struct proto tcp_prot = {
2410 .owner = THIS_MODULE,
2412 .connect = tcp_v4_connect,
2413 .disconnect = tcp_disconnect,
2414 .accept = inet_csk_accept,
2416 .init = tcp_v4_init_sock,
2417 .destroy = tcp_v4_destroy_sock,
2418 .shutdown = tcp_shutdown,
2419 .setsockopt = tcp_setsockopt,
2420 .getsockopt = tcp_getsockopt,
2421 .recvmsg = tcp_recvmsg,
2422 .backlog_rcv = tcp_v4_do_rcv,
2424 .unhash = inet_unhash,
2425 .get_port = inet_csk_get_port,
2426 .enter_memory_pressure = tcp_enter_memory_pressure,
2427 .sockets_allocated = &tcp_sockets_allocated,
2428 .orphan_count = &tcp_orphan_count,
2429 .memory_allocated = &tcp_memory_allocated,
2430 .memory_pressure = &tcp_memory_pressure,
2431 .sysctl_mem = sysctl_tcp_mem,
2432 .sysctl_wmem = sysctl_tcp_wmem,
2433 .sysctl_rmem = sysctl_tcp_rmem,
2434 .max_header = MAX_TCP_HEADER,
2435 .obj_size = sizeof(struct tcp_sock),
2436 .twsk_prot = &tcp_timewait_sock_ops,
2437 .rsk_prot = &tcp_request_sock_ops,
2438 .hashinfo = &tcp_hashinfo,
2439 #ifdef CONFIG_COMPAT
2440 .compat_setsockopt = compat_tcp_setsockopt,
2441 .compat_getsockopt = compat_tcp_getsockopt,
2443 REF_PROTO_INUSE(tcp)
2446 void __init tcp_v4_init(struct net_proto_family *ops)
2448 if (inet_csk_ctl_sock_create(&tcp_socket, PF_INET, SOCK_RAW,
2450 panic("Failed to create the TCP control socket.\n");
2453 EXPORT_SYMBOL(ipv4_specific);
2454 EXPORT_SYMBOL(tcp_hashinfo);
2455 EXPORT_SYMBOL(tcp_prot);
2456 EXPORT_SYMBOL(tcp_v4_conn_request);
2457 EXPORT_SYMBOL(tcp_v4_connect);
2458 EXPORT_SYMBOL(tcp_v4_do_rcv);
2459 EXPORT_SYMBOL(tcp_v4_remember_stamp);
2460 EXPORT_SYMBOL(tcp_v4_send_check);
2461 EXPORT_SYMBOL(tcp_v4_syn_recv_sock);
2463 #ifdef CONFIG_PROC_FS
2464 EXPORT_SYMBOL(tcp_proc_register);
2465 EXPORT_SYMBOL(tcp_proc_unregister);
2467 EXPORT_SYMBOL(sysctl_tcp_low_latency);
projects / linux-flexiantxendom0-3.2.10.git / blob