From patchwork Sun Mar 22 17:22:23 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Eric Dumazet X-Patchwork-Id: 453175 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id A279914011D for ; Mon, 23 Mar 2015 04:23:23 +1100 (AEDT) Authentication-Results: ozlabs.org; dkim=fail reason="verification failed; unprotected key" header.d=google.com header.i=@google.com header.b=jvaHd2zh; dkim-adsp=none (unprotected policy); dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751967AbbCVRXT (ORCPT ); Sun, 22 Mar 2015 13:23:19 -0400 Received: from mail-yh0-f74.google.com ([209.85.213.74]:33091 "EHLO mail-yh0-f74.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751951AbbCVRXQ (ORCPT ); Sun, 22 Mar 2015 13:23:16 -0400 Received: by yhoc41 with SMTP id c41so6107993yho.0 for ; Sun, 22 Mar 2015 10:23:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=hJwvRpmi6jnqoBvpTYUYNwg11Go1MHugqD5pDZQNgNI=; b=jvaHd2zhwkV5HowMHtmROmfTdQf/SCeFsrpMib3GxF5bxWnCwvMhVFO6IPxVc2wrKp CxTjq0Cnbxt9SpqGJdcj20ttYImiubtylOg97sWzsph5rLCx4ZKTLMUVVObhjCrow2ON /UpZkXxezzdebdCT9JZCnT7pTCMfVzCRwEVeSyrgwTN+dBwtKKyqzCRLcC1DQ9sZR300 3HhXPi8NmnMeK/D1WZnuaaPIw+slA2BWlzbCROiun1+I53ft+xQ9UGPxXVUCoJ+/rZqp Y1Wc/GZdnFg/hQQqNSFAbXhuVUlKhlPfTILCOvb3HkYZP6dg3LcZJRQ7+EG7tJbZaDWs 0CbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=hJwvRpmi6jnqoBvpTYUYNwg11Go1MHugqD5pDZQNgNI=; b=X+doWu+KS0ugENQppGcv7zaX5wFFUGLRtPv+IfvgnCMvgG3ApeYdycskM55t1VYuPE NMhP661e5FThKTUKW61venae19rs5Q+QQO01Y4VRTW69ps4C4vMdGvXCAXl9itIY7Y+M KdhbvMf8C9KENZWTXU1EPiOmzsSD8g0hAlx+Xj1ZtgJM1WIHe0Pi7nn7IoAf8ezDtIP+ wfWbT207dC3Ag8l0EP2hEFOr/7Y6ocWfoC6T5jpXwsYYE3SyU5NXh+QMTzRX1M1pH3Vc LaKyVWEGo5CvN1ieE3uwMmrmxye0HJ+4pMavUquOHi5fttaXrUp45ATkdAsGwC0B1idc mGuw== X-Gm-Message-State: ALoCoQkYaIVqt4bn7eznLD6ral0w6IiMFEj86vMhCiJixrtGLQkA5y0bRxDXpAsgZT0YAnNy0UYn X-Received: by 10.236.230.39 with SMTP id i37mr96444290yhq.47.1427044996121; Sun, 22 Mar 2015 10:23:16 -0700 (PDT) Received: from corpmail-nozzle1-2.hot.corp.google.com ([100.108.1.103]) by gmr-mx.google.com with ESMTPS id f61si789186yho.3.2015.03.22.10.23.15 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sun, 22 Mar 2015 10:23:16 -0700 (PDT) Received: from manihi.mtv.corp.google.com ([172.17.131.143]) by corpmail-nozzle1-2.hot.corp.google.com with ESMTP id r9ecaxoo.1; Sun, 22 Mar 2015 10:23:16 -0700 Received: by manihi.mtv.corp.google.com (Postfix, from userid 160623) id 725F9A05FC; Sun, 22 Mar 2015 10:23:15 -0700 (PDT) From: Eric Dumazet To: "David S. Miller" Cc: netdev , Eric Dumazet , Eric Dumazet Subject: [PATCH net-next 6/8] ipv6: tcp: handle ICMP messages on TCP_NEW_SYN_RECV request sockets Date: Sun, 22 Mar 2015 10:22:23 -0700 Message-Id: <1427044945-32608-7-git-send-email-edumazet@google.com> X-Mailer: git-send-email 2.2.0.rc0.207.ga3a616c In-Reply-To: <1427044945-32608-1-git-send-email-edumazet@google.com> References: <1427044945-32608-1-git-send-email-edumazet@google.com> Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org tcp_v6_err() can restrict lookups to ehash table, and not to listeners. Note this patch creates the infrastructure, but this means that ICMP messages for request sockets are ignored until complete conversion. Signed-off-by: Eric Dumazet --- net/ipv6/tcp_ipv6.c | 47 ++++++++++++----------------------------------- 1 file changed, 12 insertions(+), 35 deletions(-) diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index 6e3f90db038c..4a4e6d30c448 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c @@ -324,18 +324,20 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, { const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data; const struct tcphdr *th = (struct tcphdr *)(skb->data+offset); + struct net *net = dev_net(skb->dev); + struct request_sock *fastopen; struct ipv6_pinfo *np; - struct sock *sk; - int err; struct tcp_sock *tp; - struct request_sock *fastopen; __u32 seq, snd_una; - struct net *net = dev_net(skb->dev); + struct sock *sk; + int err; - sk = inet6_lookup(net, &tcp_hashinfo, &hdr->daddr, - th->dest, &hdr->saddr, th->source, skb->dev->ifindex); + sk = __inet6_lookup_established(net, &tcp_hashinfo, + &hdr->daddr, th->dest, + &hdr->saddr, ntohs(th->source), + skb->dev->ifindex); - if (sk == NULL) { + if (!sk) { ICMP6_INC_STATS_BH(net, __in6_dev_get(skb->dev), ICMP6_MIB_INERRORS); return; @@ -345,6 +347,9 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, inet_twsk_put(inet_twsk(sk)); return; } + seq = ntohl(th->seq); + if (sk->sk_state == TCP_NEW_SYN_RECV) + return tcp_req_err(sk, seq); bh_lock_sock(sk); if (sock_owned_by_user(sk) && type != ICMPV6_PKT_TOOBIG) @@ -359,7 +364,6 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, } tp = tcp_sk(sk); - seq = ntohl(th->seq); /* XXX (TFO) - tp->snd_una should be ISN (tcp_create_openreq_child() */ fastopen = tp->fastopen_rsk; snd_una = fastopen ? tcp_rsk(fastopen)->snt_isn : tp->snd_una; @@ -403,33 +407,6 @@ static void tcp_v6_err(struct sk_buff *skb, struct inet6_skb_parm *opt, /* Might be for an request_sock */ switch (sk->sk_state) { - struct request_sock *req; - case TCP_LISTEN: - if (sock_owned_by_user(sk)) - goto out; - - /* Note : We use inet6_iif() here, not tcp_v6_iif() */ - req = inet6_csk_search_req(sk, th->dest, &hdr->daddr, - &hdr->saddr, inet6_iif(skb)); - if (!req) - goto out; - - /* ICMPs are not backlogged, hence we cannot get - * an established socket here. - */ - WARN_ON(req->sk != NULL); - - if (seq != tcp_rsk(req)->snt_isn) { - NET_INC_STATS_BH(net, LINUX_MIB_OUTOFWINDOWICMPS); - reqsk_put(req); - goto out; - } - - inet_csk_reqsk_queue_drop(sk, req); - NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_LISTENDROPS); - reqsk_put(req); - goto out; - case TCP_SYN_SENT: case TCP_SYN_RECV: /* Only in fast or simultaneous open. If a fast open socket is