1/* SPDX-License-Identifier: GPL-2.0-or-later */
   2/*
   3 *	Linux INET6 implementation
   4 *
   5 *	Authors:
   6 *	Pedro Roque		<roque@di.fc.ul.pt>
   7 */
   8
   9#ifndef _NET_IPV6_H
  10#define _NET_IPV6_H
  11
  12#include <linux/ipv6.h>
  13#include <linux/hardirq.h>
  14#include <linux/jhash.h>
  15#include <linux/refcount.h>
  16#include <linux/jump_label_ratelimit.h>
  17#include <net/if_inet6.h>
  18#include <net/flow.h>
  19#include <net/flow_dissector.h>
  20#include <net/inet_dscp.h>
  21#include <net/snmp.h>
  22#include <net/netns/hash.h>
  23
  24struct ip_tunnel_info;
  25
  26#define SIN6_LEN_RFC2133	24
  27
  28#define IPV6_MAXPLEN		65535
  29
  30/*
  31 *	NextHeader field of IPv6 header
  32 */
  33
  34#define NEXTHDR_HOP		0	/* Hop-by-hop option header. */
  35#define NEXTHDR_IPV4		4	/* IPv4 in IPv6 */
  36#define NEXTHDR_TCP		6	/* TCP segment. */
  37#define NEXTHDR_UDP		17	/* UDP message. */
  38#define NEXTHDR_IPV6		41	/* IPv6 in IPv6 */
  39#define NEXTHDR_ROUTING		43	/* Routing header. */
  40#define NEXTHDR_FRAGMENT	44	/* Fragmentation/reassembly header. */
  41#define NEXTHDR_GRE		47	/* GRE header. */
  42#define NEXTHDR_ESP		50	/* Encapsulating security payload. */
  43#define NEXTHDR_AUTH		51	/* Authentication header. */
  44#define NEXTHDR_ICMP		58	/* ICMP for IPv6. */
  45#define NEXTHDR_NONE		59	/* No next header */
  46#define NEXTHDR_DEST		60	/* Destination options header. */
  47#define NEXTHDR_SCTP		132	/* SCTP message. */
  48#define NEXTHDR_MOBILITY	135	/* Mobility header. */
  49
  50#define NEXTHDR_MAX		255
  51
  52#define IPV6_DEFAULT_HOPLIMIT   64
  53#define IPV6_DEFAULT_MCASTHOPS	1
  54
  55/* Limits on Hop-by-Hop and Destination options.
  56 *
  57 * Per RFC8200 there is no limit on the maximum number or lengths of options in
  58 * Hop-by-Hop or Destination options other then the packet must fit in an MTU.
  59 * We allow configurable limits in order to mitigate potential denial of
  60 * service attacks.
  61 *
  62 * There are three limits that may be set:
  63 *   - Limit the number of options in a Hop-by-Hop or Destination options
  64 *     extension header
  65 *   - Limit the byte length of a Hop-by-Hop or Destination options extension
  66 *     header
  67 *   - Disallow unknown options
  68 *
  69 * The limits are expressed in corresponding sysctls:
  70 *
  71 * ipv6.sysctl.max_dst_opts_cnt
  72 * ipv6.sysctl.max_hbh_opts_cnt
  73 * ipv6.sysctl.max_dst_opts_len
  74 * ipv6.sysctl.max_hbh_opts_len
  75 *
  76 * max_*_opts_cnt is the number of TLVs that are allowed for Destination
  77 * options or Hop-by-Hop options. If the number is less than zero then unknown
  78 * TLVs are disallowed and the number of known options that are allowed is the
  79 * absolute value. Setting the value to INT_MAX indicates no limit.
  80 *
  81 * max_*_opts_len is the length limit in bytes of a Destination or
  82 * Hop-by-Hop options extension header. Setting the value to INT_MAX
  83 * indicates no length limit.
  84 *
  85 * If a limit is exceeded when processing an extension header the packet is
  86 * silently discarded.
  87 */
  88
  89/* Default limits for Hop-by-Hop and Destination options */
  90#define IP6_DEFAULT_MAX_DST_OPTS_CNT	 8
  91#define IP6_DEFAULT_MAX_HBH_OPTS_CNT	 8
  92#define IP6_DEFAULT_MAX_DST_OPTS_LEN	 INT_MAX /* No limit */
  93#define IP6_DEFAULT_MAX_HBH_OPTS_LEN	 INT_MAX /* No limit */
  94
  95/*
  96 *	Addr type
  97 *	
  98 *	type	-	unicast | multicast
  99 *	scope	-	local	| site	    | global
 100 *	v4	-	compat
 101 *	v4mapped
 102 *	any
 103 *	loopback
 104 */
 105
 106#define IPV6_ADDR_ANY		0x0000U
 107
 108#define IPV6_ADDR_UNICAST	0x0001U
 109#define IPV6_ADDR_MULTICAST	0x0002U
 110
 111#define IPV6_ADDR_LOOPBACK	0x0010U
 112#define IPV6_ADDR_LINKLOCAL	0x0020U
 113#define IPV6_ADDR_SITELOCAL	0x0040U
 114
 115#define IPV6_ADDR_COMPATv4	0x0080U
 116
 117#define IPV6_ADDR_SCOPE_MASK	0x00f0U
 118
 119#define IPV6_ADDR_MAPPED	0x1000U
 120
 121/*
 122 *	Addr scopes
 123 */
 124#define IPV6_ADDR_MC_SCOPE(a)	\
 125	((a)->s6_addr[1] & 0x0f)	/* nonstandard */
 126#define __IPV6_ADDR_SCOPE_INVALID	-1
 127#define IPV6_ADDR_SCOPE_NODELOCAL	0x01
 128#define IPV6_ADDR_SCOPE_LINKLOCAL	0x02
 129#define IPV6_ADDR_SCOPE_SITELOCAL	0x05
 130#define IPV6_ADDR_SCOPE_ORGLOCAL	0x08
 131#define IPV6_ADDR_SCOPE_GLOBAL		0x0e
 132
 133/*
 134 *	Addr flags
 135 */
 136#define IPV6_ADDR_MC_FLAG_TRANSIENT(a)	\
 137	((a)->s6_addr[1] & 0x10)
 138#define IPV6_ADDR_MC_FLAG_PREFIX(a)	\
 139	((a)->s6_addr[1] & 0x20)
 140#define IPV6_ADDR_MC_FLAG_RENDEZVOUS(a)	\
 141	((a)->s6_addr[1] & 0x40)
 142
 143/*
 144 *	fragmentation header
 145 */
 146
 147struct frag_hdr {
 148	__u8	nexthdr;
 149	__u8	reserved;
 150	__be16	frag_off;
 151	__be32	identification;
 152};
 153
 154/*
 155 * Jumbo payload option, as described in RFC 2675 2.
 156 */
 157struct hop_jumbo_hdr {
 158	u8	nexthdr;
 159	u8	hdrlen;
 160	u8	tlv_type;	/* IPV6_TLV_JUMBO, 0xC2 */
 161	u8	tlv_len;	/* 4 */
 162	__be32	jumbo_payload_len;
 163};
 164
 165#define	IP6_MF		0x0001
 166#define	IP6_OFFSET	0xFFF8
 167
 168struct ip6_fraglist_iter {
 169	struct ipv6hdr	*tmp_hdr;
 170	struct sk_buff	*frag;
 171	int		offset;
 172	unsigned int	hlen;
 173	__be32		frag_id;
 174	u8		nexthdr;
 175};
 176
 177int ip6_fraglist_init(struct sk_buff *skb, unsigned int hlen, u8 *prevhdr,
 178		      u8 nexthdr, __be32 frag_id,
 179		      struct ip6_fraglist_iter *iter);
 180void ip6_fraglist_prepare(struct sk_buff *skb, struct ip6_fraglist_iter *iter);
 181
 182static inline struct sk_buff *ip6_fraglist_next(struct ip6_fraglist_iter *iter)
 183{
 184	struct sk_buff *skb = iter->frag;
 185
 186	iter->frag = skb->next;
 187	skb_mark_not_on_list(skb);
 188
 189	return skb;
 190}
 191
 192struct ip6_frag_state {
 193	u8		*prevhdr;
 194	unsigned int	hlen;
 195	unsigned int	mtu;
 196	unsigned int	left;
 197	int		offset;
 198	int		ptr;
 199	int		hroom;
 200	int		troom;
 201	__be32		frag_id;
 202	u8		nexthdr;
 203};
 204
 205void ip6_frag_init(struct sk_buff *skb, unsigned int hlen, unsigned int mtu,
 206		   unsigned short needed_tailroom, int hdr_room, u8 *prevhdr,
 207		   u8 nexthdr, __be32 frag_id, struct ip6_frag_state *state);
 208struct sk_buff *ip6_frag_next(struct sk_buff *skb,
 209			      struct ip6_frag_state *state);
 210
 211#define IP6_REPLY_MARK(net, mark) \
 212	((net)->ipv6.sysctl.fwmark_reflect ? (mark) : 0)
 213
 214#include <net/sock.h>
 215
 216/* sysctls */
 217extern int sysctl_mld_max_msf;
 218extern int sysctl_mld_qrv;
 219
 220#define _DEVINC(net, statname, mod, idev, field)			\
 221({									\
 222	struct inet6_dev *_idev = (idev);				\
 223	if (likely(_idev != NULL))					\
 224		mod##SNMP_INC_STATS64((_idev)->stats.statname, (field));\
 225	mod##SNMP_INC_STATS64((net)->mib.statname##_statistics, (field));\
 226})
 227
 228/* per device counters are atomic_long_t */
 229#define _DEVINCATOMIC(net, statname, mod, idev, field)			\
 230({									\
 231	struct inet6_dev *_idev = (idev);				\
 232	if (likely(_idev != NULL))					\
 233		SNMP_INC_STATS_ATOMIC_LONG((_idev)->stats.statname##dev, (field)); \
 234	mod##SNMP_INC_STATS((net)->mib.statname##_statistics, (field));\
 235})
 236
 237/* per device and per net counters are atomic_long_t */
 238#define _DEVINC_ATOMIC_ATOMIC(net, statname, idev, field)		\
 239({									\
 240	struct inet6_dev *_idev = (idev);				\
 241	if (likely(_idev != NULL))					\
 242		SNMP_INC_STATS_ATOMIC_LONG((_idev)->stats.statname##dev, (field)); \
 243	SNMP_INC_STATS_ATOMIC_LONG((net)->mib.statname##_statistics, (field));\
 244})
 245
 246#define _DEVADD(net, statname, mod, idev, field, val)			\
 247({									\
 248	struct inet6_dev *_idev = (idev);				\
 249	if (likely(_idev != NULL))					\
 250		mod##SNMP_ADD_STATS((_idev)->stats.statname, (field), (val)); \
 251	mod##SNMP_ADD_STATS((net)->mib.statname##_statistics, (field), (val));\
 252})
 253
 254#define _DEVUPD(net, statname, mod, idev, field, val)			\
 255({									\
 256	struct inet6_dev *_idev = (idev);				\
 257	if (likely(_idev != NULL))					\
 258		mod##SNMP_UPD_PO_STATS((_idev)->stats.statname, field, (val)); \
 259	mod##SNMP_UPD_PO_STATS((net)->mib.statname##_statistics, field, (val));\
 260})
 261
 262/* MIBs */
 263
 264#define IP6_INC_STATS(net, idev,field)		\
 265		_DEVINC(net, ipv6, , idev, field)
 266#define __IP6_INC_STATS(net, idev,field)	\
 267		_DEVINC(net, ipv6, __, idev, field)
 268#define IP6_ADD_STATS(net, idev,field,val)	\
 269		_DEVADD(net, ipv6, , idev, field, val)
 270#define __IP6_ADD_STATS(net, idev,field,val)	\
 271		_DEVADD(net, ipv6, __, idev, field, val)
 272#define IP6_UPD_PO_STATS(net, idev,field,val)   \
 273		_DEVUPD(net, ipv6, , idev, field, val)
 274#define __IP6_UPD_PO_STATS(net, idev,field,val)   \
 275		_DEVUPD(net, ipv6, __, idev, field, val)
 276#define ICMP6_INC_STATS(net, idev, field)	\
 277		_DEVINCATOMIC(net, icmpv6, , idev, field)
 278#define __ICMP6_INC_STATS(net, idev, field)	\
 279		_DEVINCATOMIC(net, icmpv6, __, idev, field)
 280
 281#define ICMP6MSGOUT_INC_STATS(net, idev, field)		\
 282	_DEVINC_ATOMIC_ATOMIC(net, icmpv6msg, idev, field +256)
 283#define ICMP6MSGIN_INC_STATS(net, idev, field)	\
 284	_DEVINC_ATOMIC_ATOMIC(net, icmpv6msg, idev, field)
 285
 286struct ip6_ra_chain {
 287	struct ip6_ra_chain	*next;
 288	struct sock		*sk;
 289	int			sel;
 290	void			(*destructor)(struct sock *);
 291};
 292
 293extern struct ip6_ra_chain	*ip6_ra_chain;
 294extern rwlock_t ip6_ra_lock;
 295
 296/*
 297   This structure is prepared by protocol, when parsing
 298   ancillary data and passed to IPv6.
 299 */
 300
 301struct ipv6_txoptions {
 302	refcount_t		refcnt;
 303	/* Length of this structure */
 304	int			tot_len;
 305
 306	/* length of extension headers   */
 307
 308	__u16			opt_flen;	/* after fragment hdr */
 309	__u16			opt_nflen;	/* before fragment hdr */
 310
 311	struct ipv6_opt_hdr	*hopopt;
 312	struct ipv6_opt_hdr	*dst0opt;
 313	struct ipv6_rt_hdr	*srcrt;	/* Routing Header */
 314	struct ipv6_opt_hdr	*dst1opt;
 315	struct rcu_head		rcu;
 316	/* Option buffer, as read by IPV6_PKTOPTIONS, starts here. */
 317};
 318
 319/* flowlabel_reflect sysctl values */
 320enum flowlabel_reflect {
 321	FLOWLABEL_REFLECT_ESTABLISHED		= 1,
 322	FLOWLABEL_REFLECT_TCP_RESET		= 2,
 323	FLOWLABEL_REFLECT_ICMPV6_ECHO_REPLIES	= 4,
 324};
 325
 326struct ip6_flowlabel {
 327	struct ip6_flowlabel __rcu *next;
 328	__be32			label;
 329	atomic_t		users;
 330	struct in6_addr		dst;
 331	struct ipv6_txoptions	*opt;
 332	unsigned long		linger;
 333	struct rcu_head		rcu;
 334	u8			share;
 335	union {
 336		struct pid *pid;
 337		kuid_t uid;
 338	} owner;
 339	unsigned long		lastuse;
 340	unsigned long		expires;
 341	struct net		*fl_net;
 342};
 343
 344#define IPV6_FLOWINFO_MASK		cpu_to_be32(0x0FFFFFFF)
 345#define IPV6_FLOWLABEL_MASK		cpu_to_be32(0x000FFFFF)
 346#define IPV6_FLOWLABEL_STATELESS_FLAG	cpu_to_be32(0x00080000)
 347
 348#define IPV6_TCLASS_MASK (IPV6_FLOWINFO_MASK & ~IPV6_FLOWLABEL_MASK)
 349#define IPV6_TCLASS_SHIFT	20
 350
 351struct ipv6_fl_socklist {
 352	struct ipv6_fl_socklist	__rcu	*next;
 353	struct ip6_flowlabel		*fl;
 354	struct rcu_head			rcu;
 355};
 356
 357struct ipcm6_cookie {
 358	struct sockcm_cookie sockc;
 359	__s16 hlimit;
 360	__s16 tclass;
 361	__u16 gso_size;
 362	__s8  dontfrag;
 363	struct ipv6_txoptions *opt;
 364};
 365
 366static inline void ipcm6_init(struct ipcm6_cookie *ipc6)
 367{
 368	*ipc6 = (struct ipcm6_cookie) {
 369		.hlimit = -1,
 370		.tclass = -1,
 371		.dontfrag = -1,
 372	};
 373}
 374
 375static inline void ipcm6_init_sk(struct ipcm6_cookie *ipc6,
 376				 const struct sock *sk)
 377{
 378	*ipc6 = (struct ipcm6_cookie) {
 379		.hlimit = -1,
 380		.tclass = inet6_sk(sk)->tclass,
 381		.dontfrag = inet6_test_bit(DONTFRAG, sk),
 382	};
 383}
 384
 385static inline struct ipv6_txoptions *txopt_get(const struct ipv6_pinfo *np)
 386{
 387	struct ipv6_txoptions *opt;
 388
 389	rcu_read_lock();
 390	opt = rcu_dereference(np->opt);
 391	if (opt) {
 392		if (!refcount_inc_not_zero(&opt->refcnt))
 393			opt = NULL;
 394		else
 395			opt = rcu_pointer_handoff(opt);
 396	}
 397	rcu_read_unlock();
 398	return opt;
 399}
 400
 401static inline void txopt_put(struct ipv6_txoptions *opt)
 402{
 403	if (opt && refcount_dec_and_test(&opt->refcnt))
 404		kfree_rcu(opt, rcu);
 405}
 406
 407#if IS_ENABLED(CONFIG_IPV6)
 408struct ip6_flowlabel *__fl6_sock_lookup(struct sock *sk, __be32 label);
 409
 410extern struct static_key_false_deferred ipv6_flowlabel_exclusive;
 411static inline struct ip6_flowlabel *fl6_sock_lookup(struct sock *sk,
 412						    __be32 label)
 413{
 414	if (static_branch_unlikely(&ipv6_flowlabel_exclusive.key) &&
 415	    READ_ONCE(sock_net(sk)->ipv6.flowlabel_has_excl))
 416		return __fl6_sock_lookup(sk, label) ? : ERR_PTR(-ENOENT);
 417
 418	return NULL;
 419}
 420#endif
 421
 422struct ipv6_txoptions *fl6_merge_options(struct ipv6_txoptions *opt_space,
 423					 struct ip6_flowlabel *fl,
 424					 struct ipv6_txoptions *fopt);
 425void fl6_free_socklist(struct sock *sk);
 426int ipv6_flowlabel_opt(struct sock *sk, sockptr_t optval, int optlen);
 427int ipv6_flowlabel_opt_get(struct sock *sk, struct in6_flowlabel_req *freq,
 428			   int flags);
 429int ip6_flowlabel_init(void);
 430void ip6_flowlabel_cleanup(void);
 431bool ip6_autoflowlabel(struct net *net, const struct sock *sk);
 432
 433static inline void fl6_sock_release(struct ip6_flowlabel *fl)
 434{
 435	if (fl)
 436		atomic_dec(&fl->users);
 437}
 438
 439enum skb_drop_reason icmpv6_notify(struct sk_buff *skb, u8 type,
 440				   u8 code, __be32 info);
 441
 442void icmpv6_push_pending_frames(struct sock *sk, struct flowi6 *fl6,
 443				struct icmp6hdr *thdr, int len);
 444
 445int ip6_ra_control(struct sock *sk, int sel);
 446
 447int ipv6_parse_hopopts(struct sk_buff *skb);
 448
 449struct ipv6_txoptions *ipv6_dup_options(struct sock *sk,
 450					struct ipv6_txoptions *opt);
 451struct ipv6_txoptions *ipv6_renew_options(struct sock *sk,
 452					  struct ipv6_txoptions *opt,
 453					  int newtype,
 454					  struct ipv6_opt_hdr *newopt);
 455struct ipv6_txoptions *__ipv6_fixup_options(struct ipv6_txoptions *opt_space,
 456					    struct ipv6_txoptions *opt);
 457
 458static inline struct ipv6_txoptions *
 459ipv6_fixup_options(struct ipv6_txoptions *opt_space, struct ipv6_txoptions *opt)
 460{
 461	if (!opt)
 462		return NULL;
 463	return __ipv6_fixup_options(opt_space, opt);
 464}
 465
 466bool ipv6_opt_accepted(const struct sock *sk, const struct sk_buff *skb,
 467		       const struct inet6_skb_parm *opt);
 468struct ipv6_txoptions *ipv6_update_options(struct sock *sk,
 469					   struct ipv6_txoptions *opt);
 470
 471/* This helper is specialized for BIG TCP needs.
 472 * It assumes the hop_jumbo_hdr will immediately follow the IPV6 header.
 473 * It assumes headers are already in skb->head.
 474 * Returns 0, or IPPROTO_TCP if a BIG TCP packet is there.
 475 */
 476static inline int ipv6_has_hopopt_jumbo(const struct sk_buff *skb)
 477{
 478	const struct hop_jumbo_hdr *jhdr;
 479	const struct ipv6hdr *nhdr;
 480
 481	if (likely(skb->len <= GRO_LEGACY_MAX_SIZE))
 482		return 0;
 483
 484	if (skb->protocol != htons(ETH_P_IPV6))
 485		return 0;
 486
 487	if (skb_network_offset(skb) +
 488	    sizeof(struct ipv6hdr) +
 489	    sizeof(struct hop_jumbo_hdr) > skb_headlen(skb))
 490		return 0;
 491
 492	nhdr = ipv6_hdr(skb);
 493
 494	if (nhdr->nexthdr != NEXTHDR_HOP)
 495		return 0;
 496
 497	jhdr = (const struct hop_jumbo_hdr *) (nhdr + 1);
 498	if (jhdr->tlv_type != IPV6_TLV_JUMBO || jhdr->hdrlen != 0 ||
 499	    jhdr->nexthdr != IPPROTO_TCP)
 500		return 0;
 501	return jhdr->nexthdr;
 502}
 503
 504/* Return 0 if HBH header is successfully removed
 505 * Or if HBH removal is unnecessary (packet is not big TCP)
 506 * Return error to indicate dropping the packet
 507 */
 508static inline int ipv6_hopopt_jumbo_remove(struct sk_buff *skb)
 509{
 510	const int hophdr_len = sizeof(struct hop_jumbo_hdr);
 511	int nexthdr = ipv6_has_hopopt_jumbo(skb);
 512	struct ipv6hdr *h6;
 513
 514	if (!nexthdr)
 515		return 0;
 516
 517	if (skb_cow_head(skb, 0))
 518		return -1;
 519
 520	/* Remove the HBH header.
 521	 * Layout: [Ethernet header][IPv6 header][HBH][L4 Header]
 522	 */
 523	memmove(skb_mac_header(skb) + hophdr_len, skb_mac_header(skb),
 524		skb_network_header(skb) - skb_mac_header(skb) +
 525		sizeof(struct ipv6hdr));
 526
 527	__skb_pull(skb, hophdr_len);
 528	skb->network_header += hophdr_len;
 529	skb->mac_header += hophdr_len;
 530
 531	h6 = ipv6_hdr(skb);
 532	h6->nexthdr = nexthdr;
 533
 534	return 0;
 535}
 536
 537static inline bool ipv6_accept_ra(const struct inet6_dev *idev)
 538{
 539	s32 accept_ra = READ_ONCE(idev->cnf.accept_ra);
 540
 541	/* If forwarding is enabled, RA are not accepted unless the special
 542	 * hybrid mode (accept_ra=2) is enabled.
 543	 */
 544	return READ_ONCE(idev->cnf.forwarding) ? accept_ra == 2 :
 545		accept_ra;
 546}
 547
 548#define IPV6_FRAG_HIGH_THRESH	(4 * 1024*1024)	/* 4194304 */
 549#define IPV6_FRAG_LOW_THRESH	(3 * 1024*1024)	/* 3145728 */
 550#define IPV6_FRAG_TIMEOUT	(60 * HZ)	/* 60 seconds */
 551
 552int __ipv6_addr_type(const struct in6_addr *addr);
 553static inline int ipv6_addr_type(const struct in6_addr *addr)
 554{
 555	return __ipv6_addr_type(addr) & 0xffff;
 556}
 557
 558static inline int ipv6_addr_scope(const struct in6_addr *addr)
 559{
 560	return __ipv6_addr_type(addr) & IPV6_ADDR_SCOPE_MASK;
 561}
 562
 563static inline int __ipv6_addr_src_scope(int type)
 564{
 565	return (type == IPV6_ADDR_ANY) ? __IPV6_ADDR_SCOPE_INVALID : (type >> 16);
 566}
 567
 568static inline int ipv6_addr_src_scope(const struct in6_addr *addr)
 569{
 570	return __ipv6_addr_src_scope(__ipv6_addr_type(addr));
 571}
 572
 573static inline bool __ipv6_addr_needs_scope_id(int type)
 574{
 575	return type & IPV6_ADDR_LINKLOCAL ||
 576	       (type & IPV6_ADDR_MULTICAST &&
 577		(type & (IPV6_ADDR_LOOPBACK|IPV6_ADDR_LINKLOCAL)));
 578}
 579
 580static inline __u32 ipv6_iface_scope_id(const struct in6_addr *addr, int iface)
 581{
 582	return __ipv6_addr_needs_scope_id(__ipv6_addr_type(addr)) ? iface : 0;
 583}
 584
 585static inline int ipv6_addr_cmp(const struct in6_addr *a1, const struct in6_addr *a2)
 586{
 587	return memcmp(a1, a2, sizeof(struct in6_addr));
 588}
 589
 590static inline bool
 591ipv6_masked_addr_cmp(const struct in6_addr *a1, const struct in6_addr *m,
 592		     const struct in6_addr *a2)
 593{
 594#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 595	const unsigned long *ul1 = (const unsigned long *)a1;
 596	const unsigned long *ulm = (const unsigned long *)m;
 597	const unsigned long *ul2 = (const unsigned long *)a2;
 598
 599	return !!(((ul1[0] ^ ul2[0]) & ulm[0]) |
 600		  ((ul1[1] ^ ul2[1]) & ulm[1]));
 601#else
 602	return !!(((a1->s6_addr32[0] ^ a2->s6_addr32[0]) & m->s6_addr32[0]) |
 603		  ((a1->s6_addr32[1] ^ a2->s6_addr32[1]) & m->s6_addr32[1]) |
 604		  ((a1->s6_addr32[2] ^ a2->s6_addr32[2]) & m->s6_addr32[2]) |
 605		  ((a1->s6_addr32[3] ^ a2->s6_addr32[3]) & m->s6_addr32[3]));
 606#endif
 607}
 608
 609static inline void ipv6_addr_prefix(struct in6_addr *pfx,
 610				    const struct in6_addr *addr,
 611				    int plen)
 612{
 613	/* caller must guarantee 0 <= plen <= 128 */
 614	int o = plen >> 3,
 615	    b = plen & 0x7;
 616
 617	memset(pfx->s6_addr, 0, sizeof(pfx->s6_addr));
 618	memcpy(pfx->s6_addr, addr, o);
 619	if (b != 0)
 620		pfx->s6_addr[o] = addr->s6_addr[o] & (0xff00 >> b);
 621}
 622
 623static inline void ipv6_addr_prefix_copy(struct in6_addr *addr,
 624					 const struct in6_addr *pfx,
 625					 int plen)
 626{
 627	/* caller must guarantee 0 <= plen <= 128 */
 628	int o = plen >> 3,
 629	    b = plen & 0x7;
 630
 631	memcpy(addr->s6_addr, pfx, o);
 632	if (b != 0) {
 633		addr->s6_addr[o] &= ~(0xff00 >> b);
 634		addr->s6_addr[o] |= (pfx->s6_addr[o] & (0xff00 >> b));
 635	}
 636}
 637
 638static inline void __ipv6_addr_set_half(__be32 *addr,
 639					__be32 wh, __be32 wl)
 640{
 641#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 642#if defined(__BIG_ENDIAN)
 643	if (__builtin_constant_p(wh) && __builtin_constant_p(wl)) {
 644		*(__force u64 *)addr = ((__force u64)(wh) << 32 | (__force u64)(wl));
 645		return;
 646	}
 647#elif defined(__LITTLE_ENDIAN)
 648	if (__builtin_constant_p(wl) && __builtin_constant_p(wh)) {
 649		*(__force u64 *)addr = ((__force u64)(wl) << 32 | (__force u64)(wh));
 650		return;
 651	}
 652#endif
 653#endif
 654	addr[0] = wh;
 655	addr[1] = wl;
 656}
 657
 658static inline void ipv6_addr_set(struct in6_addr *addr,
 659				     __be32 w1, __be32 w2,
 660				     __be32 w3, __be32 w4)
 661{
 662	__ipv6_addr_set_half(&addr->s6_addr32[0], w1, w2);
 663	__ipv6_addr_set_half(&addr->s6_addr32[2], w3, w4);
 664}
 665
 666static inline bool ipv6_addr_equal(const struct in6_addr *a1,
 667				   const struct in6_addr *a2)
 668{
 669#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 670	const unsigned long *ul1 = (const unsigned long *)a1;
 671	const unsigned long *ul2 = (const unsigned long *)a2;
 672
 673	return ((ul1[0] ^ ul2[0]) | (ul1[1] ^ ul2[1])) == 0UL;
 674#else
 675	return ((a1->s6_addr32[0] ^ a2->s6_addr32[0]) |
 676		(a1->s6_addr32[1] ^ a2->s6_addr32[1]) |
 677		(a1->s6_addr32[2] ^ a2->s6_addr32[2]) |
 678		(a1->s6_addr32[3] ^ a2->s6_addr32[3])) == 0;
 679#endif
 680}
 681
 682#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 683static inline bool __ipv6_prefix_equal64_half(const __be64 *a1,
 684					      const __be64 *a2,
 685					      unsigned int len)
 686{
 687	if (len && ((*a1 ^ *a2) & cpu_to_be64((~0UL) << (64 - len))))
 688		return false;
 689	return true;
 690}
 691
 692static inline bool ipv6_prefix_equal(const struct in6_addr *addr1,
 693				     const struct in6_addr *addr2,
 694				     unsigned int prefixlen)
 695{
 696	const __be64 *a1 = (const __be64 *)addr1;
 697	const __be64 *a2 = (const __be64 *)addr2;
 698
 699	if (prefixlen >= 64) {
 700		if (a1[0] ^ a2[0])
 701			return false;
 702		return __ipv6_prefix_equal64_half(a1 + 1, a2 + 1, prefixlen - 64);
 703	}
 704	return __ipv6_prefix_equal64_half(a1, a2, prefixlen);
 705}
 706#else
 707static inline bool ipv6_prefix_equal(const struct in6_addr *addr1,
 708				     const struct in6_addr *addr2,
 709				     unsigned int prefixlen)
 710{
 711	const __be32 *a1 = addr1->s6_addr32;
 712	const __be32 *a2 = addr2->s6_addr32;
 713	unsigned int pdw, pbi;
 714
 715	/* check complete u32 in prefix */
 716	pdw = prefixlen >> 5;
 717	if (pdw && memcmp(a1, a2, pdw << 2))
 718		return false;
 719
 720	/* check incomplete u32 in prefix */
 721	pbi = prefixlen & 0x1f;
 722	if (pbi && ((a1[pdw] ^ a2[pdw]) & htonl((0xffffffff) << (32 - pbi))))
 723		return false;
 724
 725	return true;
 726}
 727#endif
 728
 729static inline bool ipv6_addr_any(const struct in6_addr *a)
 730{
 731#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 732	const unsigned long *ul = (const unsigned long *)a;
 733
 734	return (ul[0] | ul[1]) == 0UL;
 735#else
 736	return (a->s6_addr32[0] | a->s6_addr32[1] |
 737		a->s6_addr32[2] | a->s6_addr32[3]) == 0;
 738#endif
 739}
 740
 741static inline u32 ipv6_addr_hash(const struct in6_addr *a)
 742{
 743#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 744	const unsigned long *ul = (const unsigned long *)a;
 745	unsigned long x = ul[0] ^ ul[1];
 746
 747	return (u32)(x ^ (x >> 32));
 748#else
 749	return (__force u32)(a->s6_addr32[0] ^ a->s6_addr32[1] ^
 750			     a->s6_addr32[2] ^ a->s6_addr32[3]);
 751#endif
 752}
 753
 754/* more secured version of ipv6_addr_hash() */
 755static inline u32 __ipv6_addr_jhash(const struct in6_addr *a, const u32 initval)
 756{
 757	return jhash2((__force const u32 *)a->s6_addr32,
 758		      ARRAY_SIZE(a->s6_addr32), initval);
 759}
 760
 761static inline bool ipv6_addr_loopback(const struct in6_addr *a)
 762{
 763#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 764	const __be64 *be = (const __be64 *)a;
 765
 766	return (be[0] | (be[1] ^ cpu_to_be64(1))) == 0UL;
 767#else
 768	return (a->s6_addr32[0] | a->s6_addr32[1] |
 769		a->s6_addr32[2] | (a->s6_addr32[3] ^ cpu_to_be32(1))) == 0;
 770#endif
 771}
 772
 773/*
 774 * Note that we must __force cast these to unsigned long to make sparse happy,
 775 * since all of the endian-annotated types are fixed size regardless of arch.
 776 */
 777static inline bool ipv6_addr_v4mapped(const struct in6_addr *a)
 778{
 779	return (
 780#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 781		*(unsigned long *)a |
 782#else
 783		(__force unsigned long)(a->s6_addr32[0] | a->s6_addr32[1]) |
 784#endif
 785		(__force unsigned long)(a->s6_addr32[2] ^
 786					cpu_to_be32(0x0000ffff))) == 0UL;
 787}
 788
 789static inline bool ipv6_addr_v4mapped_loopback(const struct in6_addr *a)
 790{
 791	return ipv6_addr_v4mapped(a) && ipv4_is_loopback(a->s6_addr32[3]);
 792}
 793
 794static inline u32 ipv6_portaddr_hash(const struct net *net,
 795				     const struct in6_addr *addr6,
 796				     unsigned int port)
 797{
 798	unsigned int hash, mix = net_hash_mix(net);
 799
 800	if (ipv6_addr_any(addr6))
 801		hash = jhash_1word(0, mix);
 802	else if (ipv6_addr_v4mapped(addr6))
 803		hash = jhash_1word((__force u32)addr6->s6_addr32[3], mix);
 804	else
 805		hash = jhash2((__force u32 *)addr6->s6_addr32, 4, mix);
 806
 807	return hash ^ port;
 808}
 809
 810/*
 811 * Check for a RFC 4843 ORCHID address
 812 * (Overlay Routable Cryptographic Hash Identifiers)
 813 */
 814static inline bool ipv6_addr_orchid(const struct in6_addr *a)
 815{
 816	return (a->s6_addr32[0] & htonl(0xfffffff0)) == htonl(0x20010010);
 817}
 818
 819static inline bool ipv6_addr_is_multicast(const struct in6_addr *addr)
 820{
 821	return (addr->s6_addr32[0] & htonl(0xFF000000)) == htonl(0xFF000000);
 822}
 823
 824static inline void ipv6_addr_set_v4mapped(const __be32 addr,
 825					  struct in6_addr *v4mapped)
 826{
 827	ipv6_addr_set(v4mapped,
 828			0, 0,
 829			htonl(0x0000FFFF),
 830			addr);
 831}
 832
 833/*
 834 * find the first different bit between two addresses
 835 * length of address must be a multiple of 32bits
 836 */
 837static inline int __ipv6_addr_diff32(const void *token1, const void *token2, int addrlen)
 838{
 839	const __be32 *a1 = token1, *a2 = token2;
 840	int i;
 841
 842	addrlen >>= 2;
 843
 844	for (i = 0; i < addrlen; i++) {
 845		__be32 xb = a1[i] ^ a2[i];
 846		if (xb)
 847			return i * 32 + 31 - __fls(ntohl(xb));
 848	}
 849
 850	/*
 851	 *	we should *never* get to this point since that
 852	 *	would mean the addrs are equal
 853	 *
 854	 *	However, we do get to it 8) And exactly, when
 855	 *	addresses are equal 8)
 856	 *
 857	 *	ip route add 1111::/128 via ...
 858	 *	ip route add 1111::/64 via ...
 859	 *	and we are here.
 860	 *
 861	 *	Ideally, this function should stop comparison
 862	 *	at prefix length. It does not, but it is still OK,
 863	 *	if returned value is greater than prefix length.
 864	 *					--ANK (980803)
 865	 */
 866	return addrlen << 5;
 867}
 868
 869#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 870static inline int __ipv6_addr_diff64(const void *token1, const void *token2, int addrlen)
 871{
 872	const __be64 *a1 = token1, *a2 = token2;
 873	int i;
 874
 875	addrlen >>= 3;
 876
 877	for (i = 0; i < addrlen; i++) {
 878		__be64 xb = a1[i] ^ a2[i];
 879		if (xb)
 880			return i * 64 + 63 - __fls(be64_to_cpu(xb));
 881	}
 882
 883	return addrlen << 6;
 884}
 885#endif
 886
 887static inline int __ipv6_addr_diff(const void *token1, const void *token2, int addrlen)
 888{
 889#if defined(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && BITS_PER_LONG == 64
 890	if (__builtin_constant_p(addrlen) && !(addrlen & 7))
 891		return __ipv6_addr_diff64(token1, token2, addrlen);
 892#endif
 893	return __ipv6_addr_diff32(token1, token2, addrlen);
 894}
 895
 896static inline int ipv6_addr_diff(const struct in6_addr *a1, const struct in6_addr *a2)
 897{
 898	return __ipv6_addr_diff(a1, a2, sizeof(struct in6_addr));
 899}
 900
 901__be32 ipv6_select_ident(struct net *net,
 902			 const struct in6_addr *daddr,
 903			 const struct in6_addr *saddr);
 904__be32 ipv6_proxy_select_ident(struct net *net, struct sk_buff *skb);
 905
 906int ip6_dst_hoplimit(struct dst_entry *dst);
 907
 908static inline int ip6_sk_dst_hoplimit(struct ipv6_pinfo *np, struct flowi6 *fl6,
 909				      struct dst_entry *dst)
 910{
 911	int hlimit;
 912
 913	if (ipv6_addr_is_multicast(&fl6->daddr))
 914		hlimit = READ_ONCE(np->mcast_hops);
 915	else
 916		hlimit = READ_ONCE(np->hop_limit);
 917	if (hlimit < 0)
 918		hlimit = ip6_dst_hoplimit(dst);
 919	return hlimit;
 920}
 921
 922/* copy IPv6 saddr & daddr to flow_keys, possibly using 64bit load/store
 923 * Equivalent to :	flow->v6addrs.src = iph->saddr;
 924 *			flow->v6addrs.dst = iph->daddr;
 925 */
 926static inline void iph_to_flow_copy_v6addrs(struct flow_keys *flow,
 927					    const struct ipv6hdr *iph)
 928{
 929	BUILD_BUG_ON(offsetof(typeof(flow->addrs), v6addrs.dst) !=
 930		     offsetof(typeof(flow->addrs), v6addrs.src) +
 931		     sizeof(flow->addrs.v6addrs.src));
 932	memcpy(&flow->addrs.v6addrs, &iph->addrs, sizeof(flow->addrs.v6addrs));
 933	flow->control.addr_type = FLOW_DISSECTOR_KEY_IPV6_ADDRS;
 934}
 935
 936#if IS_ENABLED(CONFIG_IPV6)
 937
 938static inline bool ipv6_can_nonlocal_bind(struct net *net,
 939					  struct inet_sock *inet)
 940{
 941	return net->ipv6.sysctl.ip_nonlocal_bind ||
 942		test_bit(INET_FLAGS_FREEBIND, &inet->inet_flags) ||
 943		test_bit(INET_FLAGS_TRANSPARENT, &inet->inet_flags);
 944}
 945
 946/* Sysctl settings for net ipv6.auto_flowlabels */
 947#define IP6_AUTO_FLOW_LABEL_OFF		0
 948#define IP6_AUTO_FLOW_LABEL_OPTOUT	1
 949#define IP6_AUTO_FLOW_LABEL_OPTIN	2
 950#define IP6_AUTO_FLOW_LABEL_FORCED	3
 951
 952#define IP6_AUTO_FLOW_LABEL_MAX		IP6_AUTO_FLOW_LABEL_FORCED
 953
 954#define IP6_DEFAULT_AUTO_FLOW_LABELS	IP6_AUTO_FLOW_LABEL_OPTOUT
 955
 956static inline __be32 ip6_make_flowlabel(struct net *net, struct sk_buff *skb,
 957					__be32 flowlabel, bool autolabel,
 958					struct flowi6 *fl6)
 959{
 960	u32 hash;
 961
 962	/* @flowlabel may include more than a flow label, eg, the traffic class.
 963	 * Here we want only the flow label value.
 964	 */
 965	flowlabel &= IPV6_FLOWLABEL_MASK;
 966
 967	if (flowlabel ||
 968	    net->ipv6.sysctl.auto_flowlabels == IP6_AUTO_FLOW_LABEL_OFF ||
 969	    (!autolabel &&
 970	     net->ipv6.sysctl.auto_flowlabels != IP6_AUTO_FLOW_LABEL_FORCED))
 971		return flowlabel;
 972
 973	hash = skb_get_hash_flowi6(skb, fl6);
 974
 975	/* Since this is being sent on the wire obfuscate hash a bit
 976	 * to minimize possibility that any useful information to an
 977	 * attacker is leaked. Only lower 20 bits are relevant.
 978	 */
 979	hash = rol32(hash, 16);
 980
 981	flowlabel = (__force __be32)hash & IPV6_FLOWLABEL_MASK;
 982
 983	if (net->ipv6.sysctl.flowlabel_state_ranges)
 984		flowlabel |= IPV6_FLOWLABEL_STATELESS_FLAG;
 985
 986	return flowlabel;
 987}
 988
 989static inline int ip6_default_np_autolabel(struct net *net)
 990{
 991	switch (net->ipv6.sysctl.auto_flowlabels) {
 992	case IP6_AUTO_FLOW_LABEL_OFF:
 993	case IP6_AUTO_FLOW_LABEL_OPTIN:
 994	default:
 995		return 0;
 996	case IP6_AUTO_FLOW_LABEL_OPTOUT:
 997	case IP6_AUTO_FLOW_LABEL_FORCED:
 998		return 1;
 999	}
1000}
1001#else
1002static inline __be32 ip6_make_flowlabel(struct net *net, struct sk_buff *skb,
1003					__be32 flowlabel, bool autolabel,
1004					struct flowi6 *fl6)
1005{
1006	return flowlabel;
1007}
1008static inline int ip6_default_np_autolabel(struct net *net)
1009{
1010	return 0;
1011}
1012#endif
1013
1014#if IS_ENABLED(CONFIG_IPV6)
1015static inline int ip6_multipath_hash_policy(const struct net *net)
1016{
1017	return net->ipv6.sysctl.multipath_hash_policy;
1018}
1019static inline u32 ip6_multipath_hash_fields(const struct net *net)
1020{
1021	return net->ipv6.sysctl.multipath_hash_fields;
1022}
1023#else
1024static inline int ip6_multipath_hash_policy(const struct net *net)
1025{
1026	return 0;
1027}
1028static inline u32 ip6_multipath_hash_fields(const struct net *net)
1029{
1030	return 0;
1031}
1032#endif
1033
1034/*
1035 *	Header manipulation
1036 */
1037static inline void ip6_flow_hdr(struct ipv6hdr *hdr, unsigned int tclass,
1038				__be32 flowlabel)
1039{
1040	*(__be32 *)hdr = htonl(0x60000000 | (tclass << 20)) | flowlabel;
1041}
1042
1043static inline __be32 ip6_flowinfo(const struct ipv6hdr *hdr)
1044{
1045	return *(__be32 *)hdr & IPV6_FLOWINFO_MASK;
1046}
1047
1048static inline __be32 ip6_flowlabel(const struct ipv6hdr *hdr)
1049{
1050	return *(__be32 *)hdr & IPV6_FLOWLABEL_MASK;
1051}
1052
1053static inline u8 ip6_tclass(__be32 flowinfo)
1054{
1055	return ntohl(flowinfo & IPV6_TCLASS_MASK) >> IPV6_TCLASS_SHIFT;
1056}
1057
1058static inline dscp_t ip6_dscp(__be32 flowinfo)
1059{
1060	return inet_dsfield_to_dscp(ip6_tclass(flowinfo));
1061}
1062
1063static inline __be32 ip6_make_flowinfo(unsigned int tclass, __be32 flowlabel)
1064{
1065	return htonl(tclass << IPV6_TCLASS_SHIFT) | flowlabel;
1066}
1067
1068static inline __be32 flowi6_get_flowlabel(const struct flowi6 *fl6)
1069{
1070	return fl6->flowlabel & IPV6_FLOWLABEL_MASK;
1071}
1072
1073/*
1074 *	Prototypes exported by ipv6
1075 */
1076
1077/*
1078 *	rcv function (called from netdevice level)
1079 */
1080
1081int ipv6_rcv(struct sk_buff *skb, struct net_device *dev,
1082	     struct packet_type *pt, struct net_device *orig_dev);
1083void ipv6_list_rcv(struct list_head *head, struct packet_type *pt,
1084		   struct net_device *orig_dev);
1085
1086int ip6_rcv_finish(struct net *net, struct sock *sk, struct sk_buff *skb);
1087
1088/*
1089 *	upper-layer output functions
1090 */
1091int ip6_xmit(const struct sock *sk, struct sk_buff *skb, struct flowi6 *fl6,
1092	     __u32 mark, struct ipv6_txoptions *opt, int tclass, u32 priority);
1093
1094int ip6_find_1stfragopt(struct sk_buff *skb, u8 **nexthdr);
1095
1096int ip6_append_data(struct sock *sk,
1097		    int getfrag(void *from, char *to, int offset, int len,
1098				int odd, struct sk_buff *skb),
1099		    void *from, size_t length, int transhdrlen,
1100		    struct ipcm6_cookie *ipc6, struct flowi6 *fl6,
1101		    struct rt6_info *rt, unsigned int flags);
1102
1103int ip6_push_pending_frames(struct sock *sk);
1104
1105void ip6_flush_pending_frames(struct sock *sk);
1106
1107int ip6_send_skb(struct sk_buff *skb);
1108
1109struct sk_buff *__ip6_make_skb(struct sock *sk, struct sk_buff_head *queue,
1110			       struct inet_cork_full *cork,
1111			       struct inet6_cork *v6_cork);
1112struct sk_buff *ip6_make_skb(struct sock *sk,
1113			     int getfrag(void *from, char *to, int offset,
1114					 int len, int odd, struct sk_buff *skb),
1115			     void *from, size_t length, int transhdrlen,
1116			     struct ipcm6_cookie *ipc6,
1117			     struct rt6_info *rt, unsigned int flags,
1118			     struct inet_cork_full *cork);
1119
1120static inline struct sk_buff *ip6_finish_skb(struct sock *sk)
1121{
1122	return __ip6_make_skb(sk, &sk->sk_write_queue, &inet_sk(sk)->cork,
1123			      &inet6_sk(sk)->cork);
1124}
1125
1126int ip6_dst_lookup(struct net *net, struct sock *sk, struct dst_entry **dst,
1127		   struct flowi6 *fl6);
1128struct dst_entry *ip6_dst_lookup_flow(struct net *net, const struct sock *sk, struct flowi6 *fl6,
1129				      const struct in6_addr *final_dst);
1130struct dst_entry *ip6_sk_dst_lookup_flow(struct sock *sk, struct flowi6 *fl6,
1131					 const struct in6_addr *final_dst,
1132					 bool connected);
1133struct dst_entry *ip6_blackhole_route(struct net *net,
1134				      struct dst_entry *orig_dst);
1135
1136/*
1137 *	skb processing functions
1138 */
1139
1140int ip6_output(struct net *net, struct sock *sk, struct sk_buff *skb);
1141int ip6_forward(struct sk_buff *skb);
1142int ip6_input(struct sk_buff *skb);
1143int ip6_mc_input(struct sk_buff *skb);
1144void ip6_protocol_deliver_rcu(struct net *net, struct sk_buff *skb, int nexthdr,
1145			      bool have_final);
1146
1147int __ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb);
1148int ip6_local_out(struct net *net, struct sock *sk, struct sk_buff *skb);
1149
1150/*
1151 *	Extension header (options) processing
1152 */
1153
1154void ipv6_push_nfrag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt,
1155			  u8 *proto, struct in6_addr **daddr_p,
1156			  struct in6_addr *saddr);
1157void ipv6_push_frag_opts(struct sk_buff *skb, struct ipv6_txoptions *opt,
1158			 u8 *proto);
1159
1160int ipv6_skip_exthdr(const struct sk_buff *, int start, u8 *nexthdrp,
1161		     __be16 *frag_offp);
1162
1163bool ipv6_ext_hdr(u8 nexthdr);
1164
1165enum {
1166	IP6_FH_F_FRAG		= (1 << 0),
1167	IP6_FH_F_AUTH		= (1 << 1),
1168	IP6_FH_F_SKIP_RH	= (1 << 2),
1169};
1170
1171/* find specified header and get offset to it */
1172int ipv6_find_hdr(const struct sk_buff *skb, unsigned int *offset, int target,
1173		  unsigned short *fragoff, int *fragflg);
1174
1175int ipv6_find_tlv(const struct sk_buff *skb, int offset, int type);
1176
1177struct in6_addr *fl6_update_dst(struct flowi6 *fl6,
1178				const struct ipv6_txoptions *opt,
1179				struct in6_addr *orig);
1180
1181/*
1182 *	socket options (ipv6_sockglue.c)
1183 */
1184DECLARE_STATIC_KEY_FALSE(ip6_min_hopcount);
1185
1186int do_ipv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
1187		       unsigned int optlen);
1188int ipv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
1189		    unsigned int optlen);
1190int do_ipv6_getsockopt(struct sock *sk, int level, int optname,
1191		       sockptr_t optval, sockptr_t optlen);
1192int ipv6_getsockopt(struct sock *sk, int level, int optname,
1193		    char __user *optval, int __user *optlen);
1194
1195int __ip6_datagram_connect(struct sock *sk, struct sockaddr *addr,
1196			   int addr_len);
1197int ip6_datagram_connect(struct sock *sk, struct sockaddr *addr, int addr_len);
1198int ip6_datagram_connect_v6_only(struct sock *sk, struct sockaddr *addr,
1199				 int addr_len);
1200int ip6_datagram_dst_update(struct sock *sk, bool fix_sk_saddr);
1201void ip6_datagram_release_cb(struct sock *sk);
1202
1203int ipv6_recv_error(struct sock *sk, struct msghdr *msg, int len,
1204		    int *addr_len);
1205int ipv6_recv_rxpmtu(struct sock *sk, struct msghdr *msg, int len,
1206		     int *addr_len);
1207void ipv6_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port,
1208		     u32 info, u8 *payload);
1209void ipv6_local_error(struct sock *sk, int err, struct flowi6 *fl6, u32 info);
1210void ipv6_local_rxpmtu(struct sock *sk, struct flowi6 *fl6, u32 mtu);
1211
1212void inet6_cleanup_sock(struct sock *sk);
1213void inet6_sock_destruct(struct sock *sk);
1214int inet6_release(struct socket *sock);
1215int inet6_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len);
1216int inet6_bind_sk(struct sock *sk, struct sockaddr *uaddr, int addr_len);
1217int inet6_getname(struct socket *sock, struct sockaddr *uaddr,
1218		  int peer);
1219int inet6_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg);
1220int inet6_compat_ioctl(struct socket *sock, unsigned int cmd,
1221		unsigned long arg);
1222
1223int inet6_hash_connect(struct inet_timewait_death_row *death_row,
1224			      struct sock *sk);
1225int inet6_sendmsg(struct socket *sock, struct msghdr *msg, size_t size);
1226int inet6_recvmsg(struct socket *sock, struct msghdr *msg, size_t size,
1227		  int flags);
1228
1229/*
1230 * reassembly.c
1231 */
1232extern const struct proto_ops inet6_stream_ops;
1233extern const struct proto_ops inet6_dgram_ops;
1234extern const struct proto_ops inet6_sockraw_ops;
1235
1236struct group_source_req;
1237struct group_filter;
1238
1239int ip6_mc_source(int add, int omode, struct sock *sk,
1240		  struct group_source_req *pgsr);
1241int ip6_mc_msfilter(struct sock *sk, struct group_filter *gsf,
1242		  struct sockaddr_storage *list);
1243int ip6_mc_msfget(struct sock *sk, struct group_filter *gsf,
1244		  sockptr_t optval, size_t ss_offset);
1245
1246#ifdef CONFIG_PROC_FS
1247int ac6_proc_init(struct net *net);
1248void ac6_proc_exit(struct net *net);
1249int raw6_proc_init(void);
1250void raw6_proc_exit(void);
1251int tcp6_proc_init(struct net *net);
1252void tcp6_proc_exit(struct net *net);
1253int udp6_proc_init(struct net *net);
1254void udp6_proc_exit(struct net *net);
1255int udplite6_proc_init(void);
1256void udplite6_proc_exit(void);
1257int ipv6_misc_proc_init(void);
1258void ipv6_misc_proc_exit(void);
1259int snmp6_register_dev(struct inet6_dev *idev);
1260int snmp6_unregister_dev(struct inet6_dev *idev);
1261
1262#else
1263static inline int ac6_proc_init(struct net *net) { return 0; }
1264static inline void ac6_proc_exit(struct net *net) { }
1265static inline int snmp6_register_dev(struct inet6_dev *idev) { return 0; }
1266static inline int snmp6_unregister_dev(struct inet6_dev *idev) { return 0; }
1267#endif
1268
1269#ifdef CONFIG_SYSCTL
1270struct ctl_table *ipv6_icmp_sysctl_init(struct net *net);
1271size_t ipv6_icmp_sysctl_table_size(void);
1272struct ctl_table *ipv6_route_sysctl_init(struct net *net);
1273size_t ipv6_route_sysctl_table_size(struct net *net);
1274int ipv6_sysctl_register(void);
1275void ipv6_sysctl_unregister(void);
1276#endif
1277
1278int ipv6_sock_mc_join(struct sock *sk, int ifindex,
1279		      const struct in6_addr *addr);
1280int ipv6_sock_mc_join_ssm(struct sock *sk, int ifindex,
1281			  const struct in6_addr *addr, unsigned int mode);
1282int ipv6_sock_mc_drop(struct sock *sk, int ifindex,
1283		      const struct in6_addr *addr);
1284
1285static inline int ip6_sock_set_v6only(struct sock *sk)
1286{
1287	if (inet_sk(sk)->inet_num)
1288		return -EINVAL;
1289	lock_sock(sk);
1290	sk->sk_ipv6only = true;
1291	release_sock(sk);
1292	return 0;
1293}
1294
1295static inline void ip6_sock_set_recverr(struct sock *sk)
1296{
1297	inet6_set_bit(RECVERR6, sk);
1298}
1299
1300#define IPV6_PREFER_SRC_MASK (IPV6_PREFER_SRC_TMP | IPV6_PREFER_SRC_PUBLIC | \
1301			      IPV6_PREFER_SRC_COA)
1302
1303static inline int ip6_sock_set_addr_preferences(struct sock *sk, int val)
1304{
1305	unsigned int prefmask = ~IPV6_PREFER_SRC_MASK;
1306	unsigned int pref = 0;
1307
1308	/* check PUBLIC/TMP/PUBTMP_DEFAULT conflicts */
1309	switch (val & (IPV6_PREFER_SRC_PUBLIC |
1310		       IPV6_PREFER_SRC_TMP |
1311		       IPV6_PREFER_SRC_PUBTMP_DEFAULT)) {
1312	case IPV6_PREFER_SRC_PUBLIC:
1313		pref |= IPV6_PREFER_SRC_PUBLIC;
1314		prefmask &= ~(IPV6_PREFER_SRC_PUBLIC |
1315			      IPV6_PREFER_SRC_TMP);
1316		break;
1317	case IPV6_PREFER_SRC_TMP:
1318		pref |= IPV6_PREFER_SRC_TMP;
1319		prefmask &= ~(IPV6_PREFER_SRC_PUBLIC |
1320			      IPV6_PREFER_SRC_TMP);
1321		break;
1322	case IPV6_PREFER_SRC_PUBTMP_DEFAULT:
1323		prefmask &= ~(IPV6_PREFER_SRC_PUBLIC |
1324			      IPV6_PREFER_SRC_TMP);
1325		break;
1326	case 0:
1327		break;
1328	default:
1329		return -EINVAL;
1330	}
1331
1332	/* check HOME/COA conflicts */
1333	switch (val & (IPV6_PREFER_SRC_HOME | IPV6_PREFER_SRC_COA)) {
1334	case IPV6_PREFER_SRC_HOME:
1335		prefmask &= ~IPV6_PREFER_SRC_COA;
1336		break;
1337	case IPV6_PREFER_SRC_COA:
1338		pref |= IPV6_PREFER_SRC_COA;
1339		break;
1340	case 0:
1341		break;
1342	default:
1343		return -EINVAL;
1344	}
1345
1346	/* check CGA/NONCGA conflicts */
1347	switch (val & (IPV6_PREFER_SRC_CGA|IPV6_PREFER_SRC_NONCGA)) {
1348	case IPV6_PREFER_SRC_CGA:
1349	case IPV6_PREFER_SRC_NONCGA:
1350	case 0:
1351		break;
1352	default:
1353		return -EINVAL;
1354	}
1355
1356	WRITE_ONCE(inet6_sk(sk)->srcprefs,
1357		   (READ_ONCE(inet6_sk(sk)->srcprefs) & prefmask) | pref);
1358	return 0;
1359}
1360
1361static inline void ip6_sock_set_recvpktinfo(struct sock *sk)
1362{
1363	lock_sock(sk);
1364	inet6_sk(sk)->rxopt.bits.rxinfo = true;
1365	release_sock(sk);
1366}
1367
1368#define IPV6_ADDR_WORDS 4
1369
1370static inline void ipv6_addr_cpu_to_be32(__be32 *dst, const u32 *src)
1371{
1372	cpu_to_be32_array(dst, src, IPV6_ADDR_WORDS);
1373}
1374
1375static inline void ipv6_addr_be32_to_cpu(u32 *dst, const __be32 *src)
1376{
1377	be32_to_cpu_array(dst, src, IPV6_ADDR_WORDS);
1378}
1379
1380#endif /* _NET_IPV6_H */