diff options
-rw-r--r-- | include/linux/rtnetlink.h | 6 | ||||
-rw-r--r-- | include/net/dst.h | 2 | ||||
-rw-r--r-- | include/net/tcp.h | 3 | ||||
-rw-r--r-- | net/ipv4/syncookies.c | 27 | ||||
-rw-r--r-- | net/ipv4/tcp_input.c | 24 | ||||
-rw-r--r-- | net/ipv4/tcp_ipv4.c | 21 | ||||
-rw-r--r-- | net/ipv4/tcp_minisocks.c | 10 | ||||
-rw-r--r-- | net/ipv4/tcp_output.c | 18 | ||||
-rw-r--r-- | net/ipv6/syncookies.c | 28 | ||||
-rw-r--r-- | net/ipv6/tcp_ipv6.c | 3 |
10 files changed, 58 insertions, 84 deletions
diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h index 14fc906ed602..05330fc5b436 100644 --- a/include/linux/rtnetlink.h +++ b/include/linux/rtnetlink.h | |||
@@ -368,11 +368,9 @@ enum { | |||
368 | #define RTAX_MAX (__RTAX_MAX - 1) | 368 | #define RTAX_MAX (__RTAX_MAX - 1) |
369 | 369 | ||
370 | #define RTAX_FEATURE_ECN 0x00000001 | 370 | #define RTAX_FEATURE_ECN 0x00000001 |
371 | #define RTAX_FEATURE_NO_SACK 0x00000002 | 371 | #define RTAX_FEATURE_SACK 0x00000002 |
372 | #define RTAX_FEATURE_NO_TSTAMP 0x00000004 | 372 | #define RTAX_FEATURE_TIMESTAMP 0x00000004 |
373 | #define RTAX_FEATURE_ALLFRAG 0x00000008 | 373 | #define RTAX_FEATURE_ALLFRAG 0x00000008 |
374 | #define RTAX_FEATURE_NO_WSCALE 0x00000010 | ||
375 | #define RTAX_FEATURE_NO_DSACK 0x00000020 | ||
376 | 374 | ||
377 | struct rta_session { | 375 | struct rta_session { |
378 | __u8 proto; | 376 | __u8 proto; |
diff --git a/include/net/dst.h b/include/net/dst.h index 387cb3cfde7e..39c4a5963e12 100644 --- a/include/net/dst.h +++ b/include/net/dst.h | |||
@@ -113,7 +113,7 @@ dst_metric(const struct dst_entry *dst, int metric) | |||
113 | static inline u32 | 113 | static inline u32 |
114 | dst_feature(const struct dst_entry *dst, u32 feature) | 114 | dst_feature(const struct dst_entry *dst, u32 feature) |
115 | { | 115 | { |
116 | return (dst ? dst_metric(dst, RTAX_FEATURES) & feature : 0); | 116 | return dst_metric(dst, RTAX_FEATURES) & feature; |
117 | } | 117 | } |
118 | 118 | ||
119 | static inline u32 dst_mtu(const struct dst_entry *dst) | 119 | static inline u32 dst_mtu(const struct dst_entry *dst) |
diff --git a/include/net/tcp.h b/include/net/tcp.h index 1b6f7d348cee..34f5cc24d903 100644 --- a/include/net/tcp.h +++ b/include/net/tcp.h | |||
@@ -408,8 +408,7 @@ extern int tcp_recvmsg(struct kiocb *iocb, struct sock *sk, | |||
408 | extern void tcp_parse_options(struct sk_buff *skb, | 408 | extern void tcp_parse_options(struct sk_buff *skb, |
409 | struct tcp_options_received *opt_rx, | 409 | struct tcp_options_received *opt_rx, |
410 | u8 **hvpp, | 410 | u8 **hvpp, |
411 | int estab, | 411 | int estab); |
412 | struct dst_entry *dst); | ||
413 | 412 | ||
414 | extern u8 *tcp_parse_md5sig_option(struct tcphdr *th); | 413 | extern u8 *tcp_parse_md5sig_option(struct tcphdr *th); |
415 | 414 | ||
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c index 26399ad2a289..66fd80ef2473 100644 --- a/net/ipv4/syncookies.c +++ b/net/ipv4/syncookies.c | |||
@@ -277,6 +277,13 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
277 | 277 | ||
278 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESRECV); | 278 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESRECV); |
279 | 279 | ||
280 | /* check for timestamp cookie support */ | ||
281 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | ||
282 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0); | ||
283 | |||
284 | if (tcp_opt.saw_tstamp) | ||
285 | cookie_check_timestamp(&tcp_opt); | ||
286 | |||
280 | ret = NULL; | 287 | ret = NULL; |
281 | req = inet_reqsk_alloc(&tcp_request_sock_ops); /* for safety */ | 288 | req = inet_reqsk_alloc(&tcp_request_sock_ops); /* for safety */ |
282 | if (!req) | 289 | if (!req) |
@@ -292,6 +299,12 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
292 | ireq->loc_addr = ip_hdr(skb)->daddr; | 299 | ireq->loc_addr = ip_hdr(skb)->daddr; |
293 | ireq->rmt_addr = ip_hdr(skb)->saddr; | 300 | ireq->rmt_addr = ip_hdr(skb)->saddr; |
294 | ireq->ecn_ok = 0; | 301 | ireq->ecn_ok = 0; |
302 | ireq->snd_wscale = tcp_opt.snd_wscale; | ||
303 | ireq->rcv_wscale = tcp_opt.rcv_wscale; | ||
304 | ireq->sack_ok = tcp_opt.sack_ok; | ||
305 | ireq->wscale_ok = tcp_opt.wscale_ok; | ||
306 | ireq->tstamp_ok = tcp_opt.saw_tstamp; | ||
307 | req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0; | ||
295 | 308 | ||
296 | /* We throwed the options of the initial SYN away, so we hope | 309 | /* We throwed the options of the initial SYN away, so we hope |
297 | * the ACK carries the same options again (see RFC1122 4.2.3.8) | 310 | * the ACK carries the same options again (see RFC1122 4.2.3.8) |
@@ -340,20 +353,6 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, | |||
340 | } | 353 | } |
341 | } | 354 | } |
342 | 355 | ||
343 | /* check for timestamp cookie support */ | ||
344 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | ||
345 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0, &rt->u.dst); | ||
346 | |||
347 | if (tcp_opt.saw_tstamp) | ||
348 | cookie_check_timestamp(&tcp_opt); | ||
349 | |||
350 | ireq->snd_wscale = tcp_opt.snd_wscale; | ||
351 | ireq->rcv_wscale = tcp_opt.rcv_wscale; | ||
352 | ireq->sack_ok = tcp_opt.sack_ok; | ||
353 | ireq->wscale_ok = tcp_opt.wscale_ok; | ||
354 | ireq->tstamp_ok = tcp_opt.saw_tstamp; | ||
355 | req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0; | ||
356 | |||
357 | /* Try to redo what tcp_v4_send_synack did. */ | 356 | /* Try to redo what tcp_v4_send_synack did. */ |
358 | req->window_clamp = tp->window_clamp ? :dst_metric(&rt->u.dst, RTAX_WINDOW); | 357 | req->window_clamp = tp->window_clamp ? :dst_metric(&rt->u.dst, RTAX_WINDOW); |
359 | 358 | ||
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c index 12cab7d74dba..28e029632493 100644 --- a/net/ipv4/tcp_input.c +++ b/net/ipv4/tcp_input.c | |||
@@ -3727,7 +3727,7 @@ old_ack: | |||
3727 | * the fast version below fails. | 3727 | * the fast version below fails. |
3728 | */ | 3728 | */ |
3729 | void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx, | 3729 | void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx, |
3730 | u8 **hvpp, int estab, struct dst_entry *dst) | 3730 | u8 **hvpp, int estab) |
3731 | { | 3731 | { |
3732 | unsigned char *ptr; | 3732 | unsigned char *ptr; |
3733 | struct tcphdr *th = tcp_hdr(skb); | 3733 | struct tcphdr *th = tcp_hdr(skb); |
@@ -3766,8 +3766,7 @@ void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx, | |||
3766 | break; | 3766 | break; |
3767 | case TCPOPT_WINDOW: | 3767 | case TCPOPT_WINDOW: |
3768 | if (opsize == TCPOLEN_WINDOW && th->syn && | 3768 | if (opsize == TCPOLEN_WINDOW && th->syn && |
3769 | !estab && sysctl_tcp_window_scaling && | 3769 | !estab && sysctl_tcp_window_scaling) { |
3770 | !dst_feature(dst, RTAX_FEATURE_NO_WSCALE)) { | ||
3771 | __u8 snd_wscale = *(__u8 *)ptr; | 3770 | __u8 snd_wscale = *(__u8 *)ptr; |
3772 | opt_rx->wscale_ok = 1; | 3771 | opt_rx->wscale_ok = 1; |
3773 | if (snd_wscale > 14) { | 3772 | if (snd_wscale > 14) { |
@@ -3783,8 +3782,7 @@ void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx, | |||
3783 | case TCPOPT_TIMESTAMP: | 3782 | case TCPOPT_TIMESTAMP: |
3784 | if ((opsize == TCPOLEN_TIMESTAMP) && | 3783 | if ((opsize == TCPOLEN_TIMESTAMP) && |
3785 | ((estab && opt_rx->tstamp_ok) || | 3784 | ((estab && opt_rx->tstamp_ok) || |
3786 | (!estab && sysctl_tcp_timestamps && | 3785 | (!estab && sysctl_tcp_timestamps))) { |
3787 | !dst_feature(dst, RTAX_FEATURE_NO_TSTAMP)))) { | ||
3788 | opt_rx->saw_tstamp = 1; | 3786 | opt_rx->saw_tstamp = 1; |
3789 | opt_rx->rcv_tsval = get_unaligned_be32(ptr); | 3787 | opt_rx->rcv_tsval = get_unaligned_be32(ptr); |
3790 | opt_rx->rcv_tsecr = get_unaligned_be32(ptr + 4); | 3788 | opt_rx->rcv_tsecr = get_unaligned_be32(ptr + 4); |
@@ -3792,8 +3790,7 @@ void tcp_parse_options(struct sk_buff *skb, struct tcp_options_received *opt_rx, | |||
3792 | break; | 3790 | break; |
3793 | case TCPOPT_SACK_PERM: | 3791 | case TCPOPT_SACK_PERM: |
3794 | if (opsize == TCPOLEN_SACK_PERM && th->syn && | 3792 | if (opsize == TCPOLEN_SACK_PERM && th->syn && |
3795 | !estab && sysctl_tcp_sack && | 3793 | !estab && sysctl_tcp_sack) { |
3796 | !dst_feature(dst, RTAX_FEATURE_NO_SACK)) { | ||
3797 | opt_rx->sack_ok = 1; | 3794 | opt_rx->sack_ok = 1; |
3798 | tcp_sack_reset(opt_rx); | 3795 | tcp_sack_reset(opt_rx); |
3799 | } | 3796 | } |
@@ -3878,7 +3875,7 @@ static int tcp_fast_parse_options(struct sk_buff *skb, struct tcphdr *th, | |||
3878 | if (tcp_parse_aligned_timestamp(tp, th)) | 3875 | if (tcp_parse_aligned_timestamp(tp, th)) |
3879 | return 1; | 3876 | return 1; |
3880 | } | 3877 | } |
3881 | tcp_parse_options(skb, &tp->rx_opt, hvpp, 1, NULL); | 3878 | tcp_parse_options(skb, &tp->rx_opt, hvpp, 1); |
3882 | return 1; | 3879 | return 1; |
3883 | } | 3880 | } |
3884 | 3881 | ||
@@ -4133,10 +4130,8 @@ static inline int tcp_sack_extend(struct tcp_sack_block *sp, u32 seq, | |||
4133 | static void tcp_dsack_set(struct sock *sk, u32 seq, u32 end_seq) | 4130 | static void tcp_dsack_set(struct sock *sk, u32 seq, u32 end_seq) |
4134 | { | 4131 | { |
4135 | struct tcp_sock *tp = tcp_sk(sk); | 4132 | struct tcp_sock *tp = tcp_sk(sk); |
4136 | struct dst_entry *dst = __sk_dst_get(sk); | ||
4137 | 4133 | ||
4138 | if (tcp_is_sack(tp) && sysctl_tcp_dsack && | 4134 | if (tcp_is_sack(tp) && sysctl_tcp_dsack) { |
4139 | !dst_feature(dst, RTAX_FEATURE_NO_DSACK)) { | ||
4140 | int mib_idx; | 4135 | int mib_idx; |
4141 | 4136 | ||
4142 | if (before(seq, tp->rcv_nxt)) | 4137 | if (before(seq, tp->rcv_nxt)) |
@@ -4165,15 +4160,13 @@ static void tcp_dsack_extend(struct sock *sk, u32 seq, u32 end_seq) | |||
4165 | static void tcp_send_dupack(struct sock *sk, struct sk_buff *skb) | 4160 | static void tcp_send_dupack(struct sock *sk, struct sk_buff *skb) |
4166 | { | 4161 | { |
4167 | struct tcp_sock *tp = tcp_sk(sk); | 4162 | struct tcp_sock *tp = tcp_sk(sk); |
4168 | struct dst_entry *dst = __sk_dst_get(sk); | ||
4169 | 4163 | ||
4170 | if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq && | 4164 | if (TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq && |
4171 | before(TCP_SKB_CB(skb)->seq, tp->rcv_nxt)) { | 4165 | before(TCP_SKB_CB(skb)->seq, tp->rcv_nxt)) { |
4172 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_DELAYEDACKLOST); | 4166 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_DELAYEDACKLOST); |
4173 | tcp_enter_quickack_mode(sk); | 4167 | tcp_enter_quickack_mode(sk); |
4174 | 4168 | ||
4175 | if (tcp_is_sack(tp) && sysctl_tcp_dsack && | 4169 | if (tcp_is_sack(tp) && sysctl_tcp_dsack) { |
4176 | !dst_feature(dst, RTAX_FEATURE_NO_DSACK)) { | ||
4177 | u32 end_seq = TCP_SKB_CB(skb)->end_seq; | 4170 | u32 end_seq = TCP_SKB_CB(skb)->end_seq; |
4178 | 4171 | ||
4179 | if (after(TCP_SKB_CB(skb)->end_seq, tp->rcv_nxt)) | 4172 | if (after(TCP_SKB_CB(skb)->end_seq, tp->rcv_nxt)) |
@@ -5428,11 +5421,10 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb, | |||
5428 | u8 *hash_location; | 5421 | u8 *hash_location; |
5429 | struct inet_connection_sock *icsk = inet_csk(sk); | 5422 | struct inet_connection_sock *icsk = inet_csk(sk); |
5430 | struct tcp_sock *tp = tcp_sk(sk); | 5423 | struct tcp_sock *tp = tcp_sk(sk); |
5431 | struct dst_entry *dst = __sk_dst_get(sk); | ||
5432 | struct tcp_cookie_values *cvp = tp->cookie_values; | 5424 | struct tcp_cookie_values *cvp = tp->cookie_values; |
5433 | int saved_clamp = tp->rx_opt.mss_clamp; | 5425 | int saved_clamp = tp->rx_opt.mss_clamp; |
5434 | 5426 | ||
5435 | tcp_parse_options(skb, &tp->rx_opt, &hash_location, 0, dst); | 5427 | tcp_parse_options(skb, &tp->rx_opt, &hash_location, 0); |
5436 | 5428 | ||
5437 | if (th->ack) { | 5429 | if (th->ack) { |
5438 | /* rfc793: | 5430 | /* rfc793: |
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c index 15e96030ce47..65b8ebfd078a 100644 --- a/net/ipv4/tcp_ipv4.c +++ b/net/ipv4/tcp_ipv4.c | |||
@@ -1262,20 +1262,10 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) | |||
1262 | tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops; | 1262 | tcp_rsk(req)->af_specific = &tcp_request_sock_ipv4_ops; |
1263 | #endif | 1263 | #endif |
1264 | 1264 | ||
1265 | ireq = inet_rsk(req); | ||
1266 | ireq->loc_addr = daddr; | ||
1267 | ireq->rmt_addr = saddr; | ||
1268 | ireq->no_srccheck = inet_sk(sk)->transparent; | ||
1269 | ireq->opt = tcp_v4_save_options(sk, skb); | ||
1270 | |||
1271 | dst = inet_csk_route_req(sk, req); | ||
1272 | if(!dst) | ||
1273 | goto drop_and_free; | ||
1274 | |||
1275 | tcp_clear_options(&tmp_opt); | 1265 | tcp_clear_options(&tmp_opt); |
1276 | tmp_opt.mss_clamp = TCP_MSS_DEFAULT; | 1266 | tmp_opt.mss_clamp = TCP_MSS_DEFAULT; |
1277 | tmp_opt.user_mss = tp->rx_opt.user_mss; | 1267 | tmp_opt.user_mss = tp->rx_opt.user_mss; |
1278 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0, dst); | 1268 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0); |
1279 | 1269 | ||
1280 | if (tmp_opt.cookie_plus > 0 && | 1270 | if (tmp_opt.cookie_plus > 0 && |
1281 | tmp_opt.saw_tstamp && | 1271 | tmp_opt.saw_tstamp && |
@@ -1319,8 +1309,14 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) | |||
1319 | tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; | 1309 | tmp_opt.tstamp_ok = tmp_opt.saw_tstamp; |
1320 | tcp_openreq_init(req, &tmp_opt, skb); | 1310 | tcp_openreq_init(req, &tmp_opt, skb); |
1321 | 1311 | ||
1312 | ireq = inet_rsk(req); | ||
1313 | ireq->loc_addr = daddr; | ||
1314 | ireq->rmt_addr = saddr; | ||
1315 | ireq->no_srccheck = inet_sk(sk)->transparent; | ||
1316 | ireq->opt = tcp_v4_save_options(sk, skb); | ||
1317 | |||
1322 | if (security_inet_conn_request(sk, skb, req)) | 1318 | if (security_inet_conn_request(sk, skb, req)) |
1323 | goto drop_and_release; | 1319 | goto drop_and_free; |
1324 | 1320 | ||
1325 | if (!want_cookie) | 1321 | if (!want_cookie) |
1326 | TCP_ECN_create_request(req, tcp_hdr(skb)); | 1322 | TCP_ECN_create_request(req, tcp_hdr(skb)); |
@@ -1345,6 +1341,7 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) | |||
1345 | */ | 1341 | */ |
1346 | if (tmp_opt.saw_tstamp && | 1342 | if (tmp_opt.saw_tstamp && |
1347 | tcp_death_row.sysctl_tw_recycle && | 1343 | tcp_death_row.sysctl_tw_recycle && |
1344 | (dst = inet_csk_route_req(sk, req)) != NULL && | ||
1348 | (peer = rt_get_peer((struct rtable *)dst)) != NULL && | 1345 | (peer = rt_get_peer((struct rtable *)dst)) != NULL && |
1349 | peer->v4daddr == saddr) { | 1346 | peer->v4daddr == saddr) { |
1350 | if ((u32)get_seconds() - peer->tcp_ts_stamp < TCP_PAWS_MSL && | 1347 | if ((u32)get_seconds() - peer->tcp_ts_stamp < TCP_PAWS_MSL && |
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c index 87accec8d097..f206ee5dda80 100644 --- a/net/ipv4/tcp_minisocks.c +++ b/net/ipv4/tcp_minisocks.c | |||
@@ -95,9 +95,9 @@ tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb, | |||
95 | struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw); | 95 | struct tcp_timewait_sock *tcptw = tcp_twsk((struct sock *)tw); |
96 | int paws_reject = 0; | 96 | int paws_reject = 0; |
97 | 97 | ||
98 | tmp_opt.saw_tstamp = 0; | ||
98 | if (th->doff > (sizeof(*th) >> 2) && tcptw->tw_ts_recent_stamp) { | 99 | if (th->doff > (sizeof(*th) >> 2) && tcptw->tw_ts_recent_stamp) { |
99 | tmp_opt.tstamp_ok = 1; | 100 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0); |
100 | tcp_parse_options(skb, &tmp_opt, &hash_location, 1, NULL); | ||
101 | 101 | ||
102 | if (tmp_opt.saw_tstamp) { | 102 | if (tmp_opt.saw_tstamp) { |
103 | tmp_opt.ts_recent = tcptw->tw_ts_recent; | 103 | tmp_opt.ts_recent = tcptw->tw_ts_recent; |
@@ -526,9 +526,9 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb, | |||
526 | __be32 flg = tcp_flag_word(th) & (TCP_FLAG_RST|TCP_FLAG_SYN|TCP_FLAG_ACK); | 526 | __be32 flg = tcp_flag_word(th) & (TCP_FLAG_RST|TCP_FLAG_SYN|TCP_FLAG_ACK); |
527 | int paws_reject = 0; | 527 | int paws_reject = 0; |
528 | 528 | ||
529 | if ((th->doff > (sizeof(*th) >> 2)) && (req->ts_recent)) { | 529 | tmp_opt.saw_tstamp = 0; |
530 | tmp_opt.tstamp_ok = 1; | 530 | if (th->doff > (sizeof(struct tcphdr)>>2)) { |
531 | tcp_parse_options(skb, &tmp_opt, &hash_location, 1, NULL); | 531 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0); |
532 | 532 | ||
533 | if (tmp_opt.saw_tstamp) { | 533 | if (tmp_opt.saw_tstamp) { |
534 | tmp_opt.ts_recent = req->ts_recent; | 534 | tmp_opt.ts_recent = req->ts_recent; |
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index 93316a96d820..383ce237640f 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c | |||
@@ -553,7 +553,6 @@ static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb, | |||
553 | struct tcp_md5sig_key **md5) { | 553 | struct tcp_md5sig_key **md5) { |
554 | struct tcp_sock *tp = tcp_sk(sk); | 554 | struct tcp_sock *tp = tcp_sk(sk); |
555 | struct tcp_cookie_values *cvp = tp->cookie_values; | 555 | struct tcp_cookie_values *cvp = tp->cookie_values; |
556 | struct dst_entry *dst = __sk_dst_get(sk); | ||
557 | unsigned remaining = MAX_TCP_OPTION_SPACE; | 556 | unsigned remaining = MAX_TCP_OPTION_SPACE; |
558 | u8 cookie_size = (!tp->rx_opt.cookie_out_never && cvp != NULL) ? | 557 | u8 cookie_size = (!tp->rx_opt.cookie_out_never && cvp != NULL) ? |
559 | tcp_cookie_size_check(cvp->cookie_desired) : | 558 | tcp_cookie_size_check(cvp->cookie_desired) : |
@@ -581,22 +580,18 @@ static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb, | |||
581 | opts->mss = tcp_advertise_mss(sk); | 580 | opts->mss = tcp_advertise_mss(sk); |
582 | remaining -= TCPOLEN_MSS_ALIGNED; | 581 | remaining -= TCPOLEN_MSS_ALIGNED; |
583 | 582 | ||
584 | if (likely(sysctl_tcp_timestamps && | 583 | if (likely(sysctl_tcp_timestamps && *md5 == NULL)) { |
585 | !dst_feature(dst, RTAX_FEATURE_NO_TSTAMP) && | ||
586 | *md5 == NULL)) { | ||
587 | opts->options |= OPTION_TS; | 584 | opts->options |= OPTION_TS; |
588 | opts->tsval = TCP_SKB_CB(skb)->when; | 585 | opts->tsval = TCP_SKB_CB(skb)->when; |
589 | opts->tsecr = tp->rx_opt.ts_recent; | 586 | opts->tsecr = tp->rx_opt.ts_recent; |
590 | remaining -= TCPOLEN_TSTAMP_ALIGNED; | 587 | remaining -= TCPOLEN_TSTAMP_ALIGNED; |
591 | } | 588 | } |
592 | if (likely(sysctl_tcp_window_scaling && | 589 | if (likely(sysctl_tcp_window_scaling)) { |
593 | !dst_feature(dst, RTAX_FEATURE_NO_WSCALE))) { | ||
594 | opts->ws = tp->rx_opt.rcv_wscale; | 590 | opts->ws = tp->rx_opt.rcv_wscale; |
595 | opts->options |= OPTION_WSCALE; | 591 | opts->options |= OPTION_WSCALE; |
596 | remaining -= TCPOLEN_WSCALE_ALIGNED; | 592 | remaining -= TCPOLEN_WSCALE_ALIGNED; |
597 | } | 593 | } |
598 | if (likely(sysctl_tcp_sack && | 594 | if (likely(sysctl_tcp_sack)) { |
599 | !dst_feature(dst, RTAX_FEATURE_NO_SACK))) { | ||
600 | opts->options |= OPTION_SACK_ADVERTISE; | 595 | opts->options |= OPTION_SACK_ADVERTISE; |
601 | if (unlikely(!(OPTION_TS & opts->options))) | 596 | if (unlikely(!(OPTION_TS & opts->options))) |
602 | remaining -= TCPOLEN_SACKPERM_ALIGNED; | 597 | remaining -= TCPOLEN_SACKPERM_ALIGNED; |
@@ -2527,9 +2522,7 @@ static void tcp_connect_init(struct sock *sk) | |||
2527 | * See tcp_input.c:tcp_rcv_state_process case TCP_SYN_SENT. | 2522 | * See tcp_input.c:tcp_rcv_state_process case TCP_SYN_SENT. |
2528 | */ | 2523 | */ |
2529 | tp->tcp_header_len = sizeof(struct tcphdr) + | 2524 | tp->tcp_header_len = sizeof(struct tcphdr) + |
2530 | (sysctl_tcp_timestamps && | 2525 | (sysctl_tcp_timestamps ? TCPOLEN_TSTAMP_ALIGNED : 0); |
2531 | (!dst_feature(dst, RTAX_FEATURE_NO_TSTAMP) ? | ||
2532 | TCPOLEN_TSTAMP_ALIGNED : 0)); | ||
2533 | 2526 | ||
2534 | #ifdef CONFIG_TCP_MD5SIG | 2527 | #ifdef CONFIG_TCP_MD5SIG |
2535 | if (tp->af_specific->md5_lookup(sk, sk) != NULL) | 2528 | if (tp->af_specific->md5_lookup(sk, sk) != NULL) |
@@ -2555,8 +2548,7 @@ static void tcp_connect_init(struct sock *sk) | |||
2555 | tp->advmss - (tp->rx_opt.ts_recent_stamp ? tp->tcp_header_len - sizeof(struct tcphdr) : 0), | 2548 | tp->advmss - (tp->rx_opt.ts_recent_stamp ? tp->tcp_header_len - sizeof(struct tcphdr) : 0), |
2556 | &tp->rcv_wnd, | 2549 | &tp->rcv_wnd, |
2557 | &tp->window_clamp, | 2550 | &tp->window_clamp, |
2558 | (sysctl_tcp_window_scaling && | 2551 | sysctl_tcp_window_scaling, |
2559 | !dst_feature(dst, RTAX_FEATURE_NO_WSCALE)), | ||
2560 | &rcv_wscale); | 2552 | &rcv_wscale); |
2561 | 2553 | ||
2562 | tp->rx_opt.rcv_wscale = rcv_wscale; | 2554 | tp->rx_opt.rcv_wscale = rcv_wscale; |
diff --git a/net/ipv6/syncookies.c b/net/ipv6/syncookies.c index 5b9af508b8f2..7208a06576c6 100644 --- a/net/ipv6/syncookies.c +++ b/net/ipv6/syncookies.c | |||
@@ -185,6 +185,13 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
185 | 185 | ||
186 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESRECV); | 186 | NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_SYNCOOKIESRECV); |
187 | 187 | ||
188 | /* check for timestamp cookie support */ | ||
189 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | ||
190 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0); | ||
191 | |||
192 | if (tcp_opt.saw_tstamp) | ||
193 | cookie_check_timestamp(&tcp_opt); | ||
194 | |||
188 | ret = NULL; | 195 | ret = NULL; |
189 | req = inet6_reqsk_alloc(&tcp6_request_sock_ops); | 196 | req = inet6_reqsk_alloc(&tcp6_request_sock_ops); |
190 | if (!req) | 197 | if (!req) |
@@ -218,6 +225,12 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
218 | req->expires = 0UL; | 225 | req->expires = 0UL; |
219 | req->retrans = 0; | 226 | req->retrans = 0; |
220 | ireq->ecn_ok = 0; | 227 | ireq->ecn_ok = 0; |
228 | ireq->snd_wscale = tcp_opt.snd_wscale; | ||
229 | ireq->rcv_wscale = tcp_opt.rcv_wscale; | ||
230 | ireq->sack_ok = tcp_opt.sack_ok; | ||
231 | ireq->wscale_ok = tcp_opt.wscale_ok; | ||
232 | ireq->tstamp_ok = tcp_opt.saw_tstamp; | ||
233 | req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0; | ||
221 | treq->rcv_isn = ntohl(th->seq) - 1; | 234 | treq->rcv_isn = ntohl(th->seq) - 1; |
222 | treq->snt_isn = cookie; | 235 | treq->snt_isn = cookie; |
223 | 236 | ||
@@ -253,21 +266,6 @@ struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb) | |||
253 | goto out_free; | 266 | goto out_free; |
254 | } | 267 | } |
255 | 268 | ||
256 | /* check for timestamp cookie support */ | ||
257 | memset(&tcp_opt, 0, sizeof(tcp_opt)); | ||
258 | tcp_parse_options(skb, &tcp_opt, &hash_location, 0, dst); | ||
259 | |||
260 | if (tcp_opt.saw_tstamp) | ||
261 | cookie_check_timestamp(&tcp_opt); | ||
262 | |||
263 | req->ts_recent = tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0; | ||
264 | |||
265 | ireq->snd_wscale = tcp_opt.snd_wscale; | ||
266 | ireq->rcv_wscale = tcp_opt.rcv_wscale; | ||
267 | ireq->sack_ok = tcp_opt.sack_ok; | ||
268 | ireq->wscale_ok = tcp_opt.wscale_ok; | ||
269 | ireq->tstamp_ok = tcp_opt.saw_tstamp; | ||
270 | |||
271 | req->window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW); | 269 | req->window_clamp = tp->window_clamp ? :dst_metric(dst, RTAX_WINDOW); |
272 | tcp_select_initial_window(tcp_full_space(sk), req->mss, | 270 | tcp_select_initial_window(tcp_full_space(sk), req->mss, |
273 | &req->rcv_wnd, &req->window_clamp, | 271 | &req->rcv_wnd, &req->window_clamp, |
diff --git a/net/ipv6/tcp_ipv6.c b/net/ipv6/tcp_ipv6.c index ee9cf62458d4..febfd595a40d 100644 --- a/net/ipv6/tcp_ipv6.c +++ b/net/ipv6/tcp_ipv6.c | |||
@@ -1169,7 +1169,6 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) | |||
1169 | struct inet6_request_sock *treq; | 1169 | struct inet6_request_sock *treq; |
1170 | struct ipv6_pinfo *np = inet6_sk(sk); | 1170 | struct ipv6_pinfo *np = inet6_sk(sk); |
1171 | struct tcp_sock *tp = tcp_sk(sk); | 1171 | struct tcp_sock *tp = tcp_sk(sk); |
1172 | struct dst_entry *dst = __sk_dst_get(sk); | ||
1173 | __u32 isn = TCP_SKB_CB(skb)->when; | 1172 | __u32 isn = TCP_SKB_CB(skb)->when; |
1174 | #ifdef CONFIG_SYN_COOKIES | 1173 | #ifdef CONFIG_SYN_COOKIES |
1175 | int want_cookie = 0; | 1174 | int want_cookie = 0; |
@@ -1208,7 +1207,7 @@ static int tcp_v6_conn_request(struct sock *sk, struct sk_buff *skb) | |||
1208 | tcp_clear_options(&tmp_opt); | 1207 | tcp_clear_options(&tmp_opt); |
1209 | tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); | 1208 | tmp_opt.mss_clamp = IPV6_MIN_MTU - sizeof(struct tcphdr) - sizeof(struct ipv6hdr); |
1210 | tmp_opt.user_mss = tp->rx_opt.user_mss; | 1209 | tmp_opt.user_mss = tp->rx_opt.user_mss; |
1211 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0, dst); | 1210 | tcp_parse_options(skb, &tmp_opt, &hash_location, 0); |
1212 | 1211 | ||
1213 | if (tmp_opt.cookie_plus > 0 && | 1212 | if (tmp_opt.cookie_plus > 0 && |
1214 | tmp_opt.saw_tstamp && | 1213 | tmp_opt.saw_tstamp && |