2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * The Internet Protocol (IP) output module.
8 * Version: $Id: ip_output.c,v 1.100 2002/02/01 22:01:03 davem Exp $
10 * Authors: Ross Biro, <bir7@leland.Stanford.Edu>
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Donald Becker, <becker@super.org>
13 * Alan Cox, <Alan.Cox@linux.org>
15 * Stefan Becker, <stefanb@yello.ping.de>
16 * Jorge Cwik, <jorge@laser.satlink.net>
17 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
18 * Hirokazu Takahashi, <taka@valinux.co.jp>
20 * See ip_input.c for original log
23 * Alan Cox : Missing nonblock feature in ip_build_xmit.
24 * Mike Kilburn : htons() missing in ip_build_xmit.
25 * Bradford Johnson: Fix faulty handling of some frames when
27 * Alexander Demenshin: Missing sk/skb free in ip_queue_xmit
28 * (in case if packet not accepted by
29 * output firewall rules)
30 * Mike McLagan : Routing by source
31 * Alexey Kuznetsov: use new route cache
32 * Andi Kleen: Fix broken PMTU recovery and remove
33 * some redundant tests.
34 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
35 * Andi Kleen : Replace ip_reply with ip_send_reply.
36 * Andi Kleen : Split fast and slow ip_build_xmit path
37 * for decreased register pressure on x86
38 * and more readibility.
39 * Marc Boucher : When call_out_firewall returns FW_QUEUE,
40 * silently drop skb instead of failing with -EPERM.
41 * Detlev Wengorz : Copy protocol for fragments.
42 * Hirokazu Takahashi: HW checksumming for outgoing UDP
44 * Hirokazu Takahashi: sendfile() on UDP works now.
47 #include <asm/uaccess.h>
48 #include <asm/system.h>
49 #include <linux/module.h>
50 #include <linux/types.h>
51 #include <linux/kernel.h>
52 #include <linux/sched.h>
54 #include <linux/string.h>
55 #include <linux/errno.h>
56 #include <linux/config.h>
58 #include <linux/socket.h>
59 #include <linux/sockios.h>
61 #include <linux/inet.h>
62 #include <linux/netdevice.h>
63 #include <linux/etherdevice.h>
64 #include <linux/proc_fs.h>
65 #include <linux/stat.h>
66 #include <linux/init.h>
70 #include <net/protocol.h>
71 #include <net/route.h>
74 #include <linux/skbuff.h>
79 #include <net/checksum.h>
80 #include <net/inetpeer.h>
81 #include <linux/igmp.h>
82 #include <linux/netfilter_ipv4.h>
83 #include <linux/netfilter_bridge.h>
84 #include <linux/mroute.h>
85 #include <linux/netlink.h>
88 * Shall we try to damage output packets if routing dev changes?
91 int sysctl_ip_dynaddr;
92 int sysctl_ip_default_ttl = IPDEFTTL;
94 /* Generate a checksum for an outgoing IP datagram. */
95 __inline__ void ip_send_check(struct iphdr *iph)
98 iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
101 /* dev_loopback_xmit for use with netfilter. */
102 static int ip_dev_loopback_xmit(struct sk_buff *newskb)
104 newskb->mac.raw = newskb->data;
105 __skb_pull(newskb, newskb->nh.raw - newskb->data);
106 newskb->pkt_type = PACKET_LOOPBACK;
107 newskb->ip_summed = CHECKSUM_UNNECESSARY;
108 BUG_TRAP(newskb->dst);
110 #ifdef CONFIG_NETFILTER_DEBUG
111 nf_debug_ip_loopback_xmit(newskb);
117 static inline int ip_select_ttl(struct inet_opt *inet, struct dst_entry *dst)
119 int ttl = inet->uc_ttl;
122 ttl = dst_metric(dst, RTAX_HOPLIMIT);
127 * Add an ip header to a skbuff and send it out.
130 int ip_build_and_send_pkt(struct sk_buff *skb, struct sock *sk,
131 u32 saddr, u32 daddr, struct ip_options *opt)
133 struct inet_opt *inet = inet_sk(sk);
134 struct rtable *rt = (struct rtable *)skb->dst;
137 /* Build the IP header. */
139 iph=(struct iphdr *)skb_push(skb,sizeof(struct iphdr) + opt->optlen);
141 iph=(struct iphdr *)skb_push(skb,sizeof(struct iphdr));
145 iph->tos = inet->tos;
146 if (ip_dont_fragment(sk, &rt->u.dst))
147 iph->frag_off = htons(IP_DF);
150 iph->ttl = ip_select_ttl(inet, &rt->u.dst);
151 iph->daddr = rt->rt_dst;
152 iph->saddr = rt->rt_src;
153 iph->protocol = sk->sk_protocol;
154 iph->tot_len = htons(skb->len);
155 ip_select_ident(iph, &rt->u.dst, sk);
158 if (opt && opt->optlen) {
159 iph->ihl += opt->optlen>>2;
160 ip_options_build(skb, opt, daddr, rt, 0);
164 skb->priority = sk->sk_priority;
167 return NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
171 static inline int ip_finish_output2(struct sk_buff *skb)
173 struct dst_entry *dst = skb->dst;
174 struct hh_cache *hh = dst->hh;
175 struct net_device *dev = dst->dev;
176 int hh_len = LL_RESERVED_SPACE(dev);
178 /* Be paranoid, rather than too clever. */
179 if (unlikely(skb_headroom(skb) < hh_len && dev->hard_header)) {
180 struct sk_buff *skb2;
182 skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
188 skb_set_owner_w(skb2, skb->sk);
193 #ifdef CONFIG_NETFILTER_DEBUG
194 nf_debug_ip_finish_output2(skb);
195 #endif /*CONFIG_NETFILTER_DEBUG*/
200 read_lock_bh(&hh->hh_lock);
201 hh_alen = HH_DATA_ALIGN(hh->hh_len);
202 memcpy(skb->data - hh_alen, hh->hh_data, hh_alen);
203 read_unlock_bh(&hh->hh_lock);
204 skb_push(skb, hh->hh_len);
205 return hh->hh_output(skb);
206 } else if (dst->neighbour)
207 return dst->neighbour->output(skb);
210 printk(KERN_DEBUG "ip_finish_output2: No header cache and no neighbour!\n");
215 int ip_finish_output(struct sk_buff *skb)
217 struct net_device *dev = skb->dst->dev;
220 skb->protocol = htons(ETH_P_IP);
222 return NF_HOOK(PF_INET, NF_IP_POST_ROUTING, skb, NULL, dev,
226 int ip_mc_output(struct sk_buff **pskb)
228 struct sk_buff *skb = *pskb;
229 struct sock *sk = skb->sk;
230 struct rtable *rt = (struct rtable*)skb->dst;
231 struct net_device *dev = rt->u.dst.dev;
234 * If the indicated interface is up and running, send the packet.
236 IP_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
239 skb->protocol = htons(ETH_P_IP);
242 * Multicasts are looped back for other local users
245 if (rt->rt_flags&RTCF_MULTICAST) {
246 if ((!sk || inet_sk(sk)->mc_loop)
247 #ifdef CONFIG_IP_MROUTE
248 /* Small optimization: do not loopback not local frames,
249 which returned after forwarding; they will be dropped
250 by ip_mr_input in any case.
251 Note, that local frames are looped back to be delivered
254 This check is duplicated in ip_mr_input at the moment.
256 && ((rt->rt_flags&RTCF_LOCAL) || !(IPCB(skb)->flags&IPSKB_FORWARDED))
259 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
261 NF_HOOK(PF_INET, NF_IP_POST_ROUTING, newskb, NULL,
263 ip_dev_loopback_xmit);
266 /* Multicasts with ttl 0 must not go beyond the host */
268 if (skb->nh.iph->ttl == 0) {
274 if (rt->rt_flags&RTCF_BROADCAST) {
275 struct sk_buff *newskb = skb_clone(skb, GFP_ATOMIC);
277 NF_HOOK(PF_INET, NF_IP_POST_ROUTING, newskb, NULL,
278 newskb->dev, ip_dev_loopback_xmit);
281 if (skb->len > dst_pmtu(&rt->u.dst) || skb_shinfo(skb)->frag_list)
282 return ip_fragment(skb, ip_finish_output);
284 return ip_finish_output(skb);
287 int ip_output(struct sk_buff **pskb)
289 struct sk_buff *skb = *pskb;
291 IP_INC_STATS(IPSTATS_MIB_OUTREQUESTS);
293 if ((skb->len > dst_pmtu(skb->dst) || skb_shinfo(skb)->frag_list) &&
294 !skb_shinfo(skb)->tso_size)
295 return ip_fragment(skb, ip_finish_output);
297 return ip_finish_output(skb);
300 int ip_queue_xmit(struct sk_buff *skb, int ipfragok)
302 struct sock *sk = skb->sk;
303 struct inet_opt *inet = inet_sk(sk);
304 struct ip_options *opt = inet->opt;
309 /* Skip all of this if the packet is already routed,
310 * f.e. by something like SCTP.
312 rt = (struct rtable *) skb->dst;
316 /* Make sure we can route this packet. */
317 rt = (struct rtable *)__sk_dst_check(sk, 0);
321 /* Use correct destination address if we have options. */
327 struct flowi fl = { .oif = sk->sk_bound_dev_if,
330 .saddr = inet->saddr,
331 .tos = RT_CONN_FLAGS(sk) } },
332 .proto = sk->sk_protocol,
334 { .sport = inet->sport,
335 .dport = inet->dport } } };
337 /* If this fails, retransmit mechanism of transport layer will
338 * keep trying until route appears or the connection times
341 if (ip_route_output_flow(&rt, &fl, sk, 0))
344 __sk_dst_set(sk, &rt->u.dst);
345 tcp_v4_setup_caps(sk, &rt->u.dst);
347 skb->dst = dst_clone(&rt->u.dst);
350 if (opt && opt->is_strictroute && rt->rt_dst != rt->rt_gateway)
353 /* OK, we know where to send it, allocate and build IP header. */
354 iph = (struct iphdr *) skb_push(skb, sizeof(struct iphdr) + (opt ? opt->optlen : 0));
355 *((__u16 *)iph) = htons((4 << 12) | (5 << 8) | (inet->tos & 0xff));
356 iph->tot_len = htons(skb->len);
357 if (ip_dont_fragment(sk, &rt->u.dst) && !ipfragok)
358 iph->frag_off = htons(IP_DF);
361 iph->ttl = ip_select_ttl(inet, &rt->u.dst);
362 iph->protocol = sk->sk_protocol;
363 iph->saddr = rt->rt_src;
364 iph->daddr = rt->rt_dst;
366 /* Transport layer set skb->h.foo itself. */
368 if(opt && opt->optlen) {
369 iph->ihl += opt->optlen >> 2;
370 ip_options_build(skb, opt, inet->daddr, rt, 0);
373 mtu = dst_pmtu(&rt->u.dst);
374 if (skb->len > mtu && (sk->sk_route_caps & NETIF_F_TSO)) {
377 /* Hack zone: all this must be done by TCP. */
378 hlen = ((skb->h.raw - skb->data) + (skb->h.th->doff << 2));
379 skb_shinfo(skb)->tso_size = mtu - hlen;
380 skb_shinfo(skb)->tso_segs =
381 (skb->len - hlen + skb_shinfo(skb)->tso_size - 1)/
382 skb_shinfo(skb)->tso_size - 1;
385 ip_select_ident_more(iph, &rt->u.dst, sk, skb_shinfo(skb)->tso_segs);
387 /* Add an IP checksum. */
390 skb->priority = sk->sk_priority;
392 return NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL, rt->u.dst.dev,
396 IP_INC_STATS(IPSTATS_MIB_OUTNOROUTES);
398 return -EHOSTUNREACH;
402 static void ip_copy_metadata(struct sk_buff *to, struct sk_buff *from)
404 to->pkt_type = from->pkt_type;
405 to->priority = from->priority;
406 to->protocol = from->protocol;
407 to->security = from->security;
408 to->dst = dst_clone(from->dst);
411 /* Copy the flags to each fragment. */
412 IPCB(to)->flags = IPCB(from)->flags;
414 #ifdef CONFIG_NET_SCHED
415 to->tc_index = from->tc_index;
417 #ifdef CONFIG_NETFILTER
418 to->nfmark = from->nfmark;
419 to->nfcache = from->nfcache;
420 /* Connection association is same as pre-frag packet */
421 nf_conntrack_put(to->nfct);
422 to->nfct = from->nfct;
423 nf_conntrack_get(to->nfct);
424 #ifdef CONFIG_BRIDGE_NETFILTER
425 nf_bridge_put(to->nf_bridge);
426 to->nf_bridge = from->nf_bridge;
427 nf_bridge_get(to->nf_bridge);
429 #ifdef CONFIG_NETFILTER_DEBUG
430 to->nf_debug = from->nf_debug;
436 * This IP datagram is too large to be sent in one piece. Break it up into
437 * smaller pieces (each of size equal to IP header plus
438 * a block of the data of the original IP data part) that will yet fit in a
439 * single device frame, and queue such a frame for sending.
442 int ip_fragment(struct sk_buff *skb, int (*output)(struct sk_buff*))
447 struct net_device *dev;
448 struct sk_buff *skb2;
449 unsigned int mtu, hlen, left, len, ll_rs;
452 struct rtable *rt = (struct rtable*)skb->dst;
458 * Point into the IP datagram header.
463 if (unlikely((iph->frag_off & htons(IP_DF)) && !skb->local_df)) {
464 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_FRAG_NEEDED,
465 htonl(dst_pmtu(&rt->u.dst)));
471 * Setup starting values.
475 mtu = dst_pmtu(&rt->u.dst) - hlen; /* Size of data space */
477 /* When frag_list is given, use it. First, check its validity:
478 * some transformers could create wrong frag_list or break existing
479 * one, it is not prohibited. In this case fall back to copying.
481 * LATER: this step can be merged to real generation of fragments,
482 * we can switch to copy when see the first bad fragment.
484 if (skb_shinfo(skb)->frag_list) {
485 struct sk_buff *frag;
486 int first_len = skb_pagelen(skb);
488 if (first_len - hlen > mtu ||
489 ((first_len - hlen) & 7) ||
490 (iph->frag_off & htons(IP_MF|IP_OFFSET)) ||
494 for (frag = skb_shinfo(skb)->frag_list; frag; frag = frag->next) {
495 /* Correct geometry. */
496 if (frag->len > mtu ||
497 ((frag->len & 7) && frag->next) ||
498 skb_headroom(frag) < hlen)
501 /* Partially cloned skb? */
502 if (skb_shared(frag))
506 /* Everything is OK. Generate! */
510 frag = skb_shinfo(skb)->frag_list;
511 skb_shinfo(skb)->frag_list = NULL;
512 skb->data_len = first_len - skb_headlen(skb);
513 skb->len = first_len;
514 iph->tot_len = htons(first_len);
515 iph->frag_off |= htons(IP_MF);
519 /* Prepare header of the next frame,
520 * before previous one went down. */
522 frag->h.raw = frag->data;
523 frag->nh.raw = __skb_push(frag, hlen);
524 memcpy(frag->nh.raw, iph, hlen);
526 iph->tot_len = htons(frag->len);
528 atomic_dec(&frag->dst->__refcnt);
530 ip_copy_metadata(frag, skb);
532 ip_options_fragment(frag);
533 offset += skb->len - hlen;
534 iph->frag_off = htons(offset>>3);
535 if (frag->next != NULL)
536 iph->frag_off |= htons(IP_MF);
537 /* Ready, complete checksum */
552 IP_INC_STATS(IPSTATS_MIB_FRAGOKS);
561 IP_INC_STATS(IPSTATS_MIB_FRAGFAILS);
566 left = skb->len - hlen; /* Space per frame */
567 ptr = raw + hlen; /* Where to start from */
569 #ifdef CONFIG_BRIDGE_NETFILTER
570 /* for bridged IP traffic encapsulated inside f.e. a vlan header,
571 * we need to make room for the encapsulating header */
572 ll_rs = LL_RESERVED_SPACE_EXTRA(rt->u.dst.dev, nf_bridge_pad(skb));
573 mtu -= nf_bridge_pad(skb);
575 ll_rs = LL_RESERVED_SPACE(rt->u.dst.dev);
578 * Fragment the datagram.
581 offset = (ntohs(iph->frag_off) & IP_OFFSET) << 3;
582 not_last_frag = iph->frag_off & htons(IP_MF);
585 * Keep copying data until we run out.
590 /* IF: it doesn't fit, use 'mtu' - the data space left */
593 /* IF: we are not sending upto and including the packet end
594 then align the next start on an eight byte boundary */
602 if ((skb2 = alloc_skb(len+hlen+ll_rs, GFP_ATOMIC)) == NULL) {
603 NETDEBUG(printk(KERN_INFO "IP: frag: no memory for new fragment!\n"));
609 * Set up data on packet
612 ip_copy_metadata(skb2, skb);
613 skb_reserve(skb2, ll_rs);
614 skb_put(skb2, len + hlen);
615 skb2->nh.raw = skb2->data;
616 skb2->h.raw = skb2->data + hlen;
619 * Charge the memory for the fragment to any owner
624 skb_set_owner_w(skb2, skb->sk);
627 * Copy the packet header into the new buffer.
630 memcpy(skb2->nh.raw, skb->data, hlen);
633 * Copy a block of the IP datagram.
635 if (skb_copy_bits(skb, ptr, skb2->h.raw, len))
640 * Fill in the new header fields.
643 iph->frag_off = htons((offset >> 3));
645 /* ANK: dirty, but effective trick. Upgrade options only if
646 * the segment to be fragmented was THE FIRST (otherwise,
647 * options are already fixed) and make it ONCE
648 * on the initial skb, so that all the following fragments
649 * will inherit fixed options.
652 ip_options_fragment(skb);
655 * Added AC : If we are fragmenting a fragment that's not the
656 * last fragment then keep MF on each bit
658 if (left > 0 || not_last_frag)
659 iph->frag_off |= htons(IP_MF);
664 * Put this fragment into the sending queue.
667 IP_INC_STATS(IPSTATS_MIB_FRAGCREATES);
669 iph->tot_len = htons(len + hlen);
678 IP_INC_STATS(IPSTATS_MIB_FRAGOKS);
683 IP_INC_STATS(IPSTATS_MIB_FRAGFAILS);
688 ip_generic_getfrag(void *from, char *to, int offset, int len, int odd, struct sk_buff *skb)
690 struct iovec *iov = from;
692 if (skb->ip_summed == CHECKSUM_HW) {
693 if (memcpy_fromiovecend(to, iov, offset, len) < 0)
696 unsigned int csum = 0;
697 if (csum_partial_copy_fromiovecend(to, iov, offset, len, &csum) < 0)
699 skb->csum = csum_block_add(skb->csum, csum, odd);
704 static inline unsigned int
705 csum_page(struct page *page, int offset, int copy)
710 csum = csum_partial(kaddr + offset, copy, 0);
716 * ip_append_data() and ip_append_page() can make one large IP datagram
717 * from many pieces of data. Each pieces will be holded on the socket
718 * until ip_push_pending_frames() is called. Eache pieces can be a page
721 * Not only UDP, other transport protocols - e.g. raw sockets - can use
722 * this interface potentially.
724 * LATER: length must be adjusted by pad at tail, when it is required.
726 int ip_append_data(struct sock *sk,
727 int getfrag(void *from, char *to, int offset, int len,
728 int odd, struct sk_buff *skb),
729 void *from, int length, int transhdrlen,
730 struct ipcm_cookie *ipc, struct rtable *rt,
733 struct inet_opt *inet = inet_sk(sk);
736 struct ip_options *opt = NULL;
743 unsigned int maxfraglen, fragheaderlen;
744 int csummode = CHECKSUM_NONE;
749 if (skb_queue_empty(&sk->sk_write_queue)) {
755 if (inet->cork.opt == NULL) {
756 inet->cork.opt = kmalloc(sizeof(struct ip_options) + 40, sk->sk_allocation);
757 if (unlikely(inet->cork.opt == NULL))
760 memcpy(inet->cork.opt, opt, sizeof(struct ip_options)+opt->optlen);
761 inet->cork.flags |= IPCORK_OPT;
762 inet->cork.addr = ipc->addr;
764 dst_hold(&rt->u.dst);
765 inet->cork.fragsize = mtu = dst_pmtu(&rt->u.dst);
767 inet->cork.length = 0;
768 sk->sk_sndmsg_page = NULL;
769 sk->sk_sndmsg_off = 0;
770 if ((exthdrlen = rt->u.dst.header_len) != 0) {
772 transhdrlen += exthdrlen;
776 if (inet->cork.flags & IPCORK_OPT)
777 opt = inet->cork.opt;
781 mtu = inet->cork.fragsize;
783 hh_len = LL_RESERVED_SPACE(rt->u.dst.dev);
785 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
786 maxfraglen = ((mtu-fragheaderlen) & ~7) + fragheaderlen;
788 if (inet->cork.length + length > 0xFFFF - fragheaderlen) {
789 ip_local_error(sk, EMSGSIZE, rt->rt_dst, inet->dport, mtu-exthdrlen);
794 * transhdrlen > 0 means that this is the first fragment and we wish
795 * it won't be fragmented in the future.
798 length + fragheaderlen <= maxfraglen &&
799 rt->u.dst.dev->features&(NETIF_F_IP_CSUM|NETIF_F_NO_CSUM|NETIF_F_HW_CSUM) &&
801 csummode = CHECKSUM_HW;
803 inet->cork.length += length;
805 /* So, what's going on in the loop below?
807 * We use calculated fragment length to generate chained skb,
808 * each of segments is IP fragment ready for sending to network after
809 * adding appropriate IP header.
813 * If mtu-fragheaderlen is not 0 modulo 8, we generate additional
814 * small fragment of length (mtu-fragheaderlen)%8, even though
815 * it is not necessary. Not a big bug, but needs a fix.
818 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
822 if ((copy = maxfraglen - skb->len) <= 0) {
824 unsigned int datalen;
825 unsigned int fraglen;
826 unsigned int alloclen;
830 datalen = maxfraglen - fragheaderlen;
831 if (datalen > length)
834 fraglen = datalen + fragheaderlen;
835 if ((flags & MSG_MORE) &&
836 !(rt->u.dst.dev->features&NETIF_F_SG))
837 alloclen = maxfraglen;
839 alloclen = datalen + fragheaderlen;
841 /* The last fragment gets additional space at tail.
842 * Note, with MSG_MORE we overallocate on fragments,
843 * because we have no idea what fragment will be
846 if (datalen == length)
847 alloclen += rt->u.dst.trailer_len;
850 skb = sock_alloc_send_skb(sk,
851 alloclen + hh_len + 15,
852 (flags & MSG_DONTWAIT), &err);
855 if (atomic_read(&sk->sk_wmem_alloc) <=
857 skb = sock_wmalloc(sk,
858 alloclen + hh_len + 15, 1,
860 if (unlikely(skb == NULL))
867 * Fill in the control structures
869 skb->ip_summed = csummode;
871 skb_reserve(skb, hh_len);
874 * Find where to start putting bytes.
876 data = skb_put(skb, fraglen);
877 skb->nh.raw = data + exthdrlen;
878 data += fragheaderlen;
879 skb->h.raw = data + exthdrlen;
881 copy = datalen - transhdrlen;
882 if (copy > 0 && getfrag(from, data + transhdrlen, offset, copy, 0, skb) < 0) {
892 csummode = CHECKSUM_NONE;
895 * Put the packet on the pending queue.
897 __skb_queue_tail(&sk->sk_write_queue, skb);
904 if (!(rt->u.dst.dev->features&NETIF_F_SG)) {
908 if (getfrag(from, skb_put(skb, copy),
909 offset, copy, off, skb) < 0) {
910 __skb_trim(skb, off);
915 int i = skb_shinfo(skb)->nr_frags;
916 skb_frag_t *frag = &skb_shinfo(skb)->frags[i-1];
917 struct page *page = sk->sk_sndmsg_page;
918 int off = sk->sk_sndmsg_off;
921 if (page && (left = PAGE_SIZE - off) > 0) {
924 if (page != frag->page) {
925 if (i == MAX_SKB_FRAGS) {
930 skb_fill_page_desc(skb, i, page, sk->sk_sndmsg_off, 0);
931 frag = &skb_shinfo(skb)->frags[i];
933 } else if (i < MAX_SKB_FRAGS) {
934 if (copy > PAGE_SIZE)
936 page = alloc_pages(sk->sk_allocation, 0);
941 sk->sk_sndmsg_page = page;
942 sk->sk_sndmsg_off = 0;
944 skb_fill_page_desc(skb, i, page, 0, 0);
945 frag = &skb_shinfo(skb)->frags[i];
946 skb->truesize += PAGE_SIZE;
947 atomic_add(PAGE_SIZE, &sk->sk_wmem_alloc);
952 if (getfrag(from, page_address(frag->page)+frag->page_offset+frag->size, offset, copy, skb->len, skb) < 0) {
956 sk->sk_sndmsg_off += copy;
959 skb->data_len += copy;
968 inet->cork.length -= length;
969 IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
973 ssize_t ip_append_page(struct sock *sk, struct page *page,
974 int offset, size_t size, int flags)
976 struct inet_opt *inet = inet_sk(sk);
979 struct ip_options *opt = NULL;
984 unsigned int maxfraglen, fragheaderlen;
992 if (skb_queue_empty(&sk->sk_write_queue))
996 if (inet->cork.flags & IPCORK_OPT)
997 opt = inet->cork.opt;
999 if (!(rt->u.dst.dev->features&NETIF_F_SG))
1002 hh_len = LL_RESERVED_SPACE(rt->u.dst.dev);
1003 mtu = inet->cork.fragsize;
1005 fragheaderlen = sizeof(struct iphdr) + (opt ? opt->optlen : 0);
1006 maxfraglen = ((mtu-fragheaderlen) & ~7) + fragheaderlen;
1008 if (inet->cork.length + size > 0xFFFF - fragheaderlen) {
1009 ip_local_error(sk, EMSGSIZE, rt->rt_dst, inet->dport, mtu);
1013 if ((skb = skb_peek_tail(&sk->sk_write_queue)) == NULL)
1016 inet->cork.length += size;
1020 if ((len = maxfraglen - skb->len) <= 0) {
1025 skb = sock_wmalloc(sk, fragheaderlen + hh_len + 15, 1,
1027 if (unlikely(!skb)) {
1033 * Fill in the control structures
1035 skb->ip_summed = CHECKSUM_NONE;
1037 skb_reserve(skb, hh_len);
1040 * Find where to start putting bytes.
1042 data = skb_put(skb, fragheaderlen);
1043 skb->nh.iph = iph = (struct iphdr *)data;
1044 data += fragheaderlen;
1048 * Put the packet on the pending queue.
1050 __skb_queue_tail(&sk->sk_write_queue, skb);
1054 i = skb_shinfo(skb)->nr_frags;
1057 if (skb_can_coalesce(skb, i, page, offset)) {
1058 skb_shinfo(skb)->frags[i-1].size += len;
1059 } else if (i < MAX_SKB_FRAGS) {
1061 skb_fill_page_desc(skb, i, page, offset, len);
1067 if (skb->ip_summed == CHECKSUM_NONE) {
1069 csum = csum_page(page, offset, len);
1070 skb->csum = csum_block_add(skb->csum, csum, skb->len);
1074 skb->data_len += len;
1081 inet->cork.length -= size;
1082 IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
1087 * Combined all pending IP fragments on the socket as one IP datagram
1088 * and push them out.
1090 int ip_push_pending_frames(struct sock *sk)
1092 struct sk_buff *skb, *tmp_skb;
1093 struct sk_buff **tail_skb;
1094 struct inet_opt *inet = inet_sk(sk);
1095 struct ip_options *opt = NULL;
1096 struct rtable *rt = inet->cork.rt;
1102 if ((skb = __skb_dequeue(&sk->sk_write_queue)) == NULL)
1104 tail_skb = &(skb_shinfo(skb)->frag_list);
1106 /* move skb->data to ip header from ext header */
1107 if (skb->data < skb->nh.raw)
1108 __skb_pull(skb, skb->nh.raw - skb->data);
1109 while ((tmp_skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) {
1110 __skb_pull(tmp_skb, skb->h.raw - skb->nh.raw);
1111 *tail_skb = tmp_skb;
1112 tail_skb = &(tmp_skb->next);
1113 skb->len += tmp_skb->len;
1114 skb->data_len += tmp_skb->len;
1115 skb->truesize += tmp_skb->truesize;
1116 __sock_put(tmp_skb->sk);
1117 tmp_skb->destructor = NULL;
1121 /* Unless user demanded real pmtu discovery (IP_PMTUDISC_DO), we allow
1122 * to fragment the frame generated here. No matter, what transforms
1123 * how transforms change size of the packet, it will come out.
1125 if (inet->pmtudisc != IP_PMTUDISC_DO)
1128 /* DF bit is set when we want to see DF on outgoing frames.
1129 * If local_df is set too, we still allow to fragment this frame
1131 if (inet->pmtudisc == IP_PMTUDISC_DO ||
1132 (!skb_shinfo(skb)->frag_list && ip_dont_fragment(sk, &rt->u.dst)))
1135 if (inet->cork.flags & IPCORK_OPT)
1136 opt = inet->cork.opt;
1138 if (rt->rt_type == RTN_MULTICAST)
1141 ttl = ip_select_ttl(inet, &rt->u.dst);
1143 iph = (struct iphdr *)skb->data;
1147 iph->ihl += opt->optlen>>2;
1148 ip_options_build(skb, opt, inet->cork.addr, rt, 0);
1150 iph->tos = inet->tos;
1151 iph->tot_len = htons(skb->len);
1154 __ip_select_ident(iph, &rt->u.dst, 0);
1156 iph->id = htons(inet->id++);
1159 iph->protocol = sk->sk_protocol;
1160 iph->saddr = rt->rt_src;
1161 iph->daddr = rt->rt_dst;
1164 skb->priority = sk->sk_priority;
1165 skb->dst = dst_clone(&rt->u.dst);
1167 /* Netfilter gets whole the not fragmented skb. */
1168 err = NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, skb, NULL,
1169 skb->dst->dev, dst_output);
1172 err = inet->recverr ? net_xmit_errno(err) : 0;
1178 inet->cork.flags &= ~IPCORK_OPT;
1179 if (inet->cork.opt) {
1180 kfree(inet->cork.opt);
1181 inet->cork.opt = NULL;
1183 if (inet->cork.rt) {
1184 ip_rt_put(inet->cork.rt);
1185 inet->cork.rt = NULL;
1190 IP_INC_STATS(IPSTATS_MIB_OUTDISCARDS);
1195 * Throw away all pending data on the socket.
1197 void ip_flush_pending_frames(struct sock *sk)
1199 struct inet_opt *inet = inet_sk(sk);
1200 struct sk_buff *skb;
1202 while ((skb = __skb_dequeue_tail(&sk->sk_write_queue)) != NULL)
1205 inet->cork.flags &= ~IPCORK_OPT;
1206 if (inet->cork.opt) {
1207 kfree(inet->cork.opt);
1208 inet->cork.opt = NULL;
1210 if (inet->cork.rt) {
1211 ip_rt_put(inet->cork.rt);
1212 inet->cork.rt = NULL;
1218 * Fetch data from kernel space and fill in checksum if needed.
1220 static int ip_reply_glue_bits(void *dptr, char *to, int offset,
1221 int len, int odd, struct sk_buff *skb)
1225 csum = csum_partial_copy_nocheck(dptr+offset, to, len, 0);
1226 skb->csum = csum_block_add(skb->csum, csum, odd);
1231 * Generic function to send a packet as reply to another packet.
1232 * Used to send TCP resets so far. ICMP should use this function too.
1234 * Should run single threaded per socket because it uses the sock
1235 * structure to pass arguments.
1237 * LATER: switch from ip_build_xmit to ip_append_*
1239 void ip_send_reply(struct sock *sk, struct sk_buff *skb, struct ip_reply_arg *arg,
1242 struct inet_opt *inet = inet_sk(sk);
1244 struct ip_options opt;
1247 struct ipcm_cookie ipc;
1249 struct rtable *rt = (struct rtable*)skb->dst;
1251 if (ip_options_echo(&replyopts.opt, skb))
1254 daddr = ipc.addr = rt->rt_src;
1257 if (replyopts.opt.optlen) {
1258 ipc.opt = &replyopts.opt;
1261 daddr = replyopts.opt.faddr;
1265 struct flowi fl = { .nl_u = { .ip4_u =
1267 .saddr = rt->rt_spec_dst,
1268 .tos = RT_TOS(skb->nh.iph->tos) } },
1269 /* Not quite clean, but right. */
1271 { .sport = skb->h.th->dest,
1272 .dport = skb->h.th->source } },
1273 .proto = sk->sk_protocol };
1274 if (ip_route_output_key(&rt, &fl))
1278 /* And let IP do all the hard work.
1280 This chunk is not reenterable, hence spinlock.
1281 Note that it uses the fact, that this function is called
1282 with locally disabled BH and that sk cannot be already spinlocked.
1285 inet->tos = skb->nh.iph->tos;
1286 sk->sk_priority = skb->priority;
1287 sk->sk_protocol = skb->nh.iph->protocol;
1288 ip_append_data(sk, ip_reply_glue_bits, arg->iov->iov_base, len, 0,
1289 &ipc, rt, MSG_DONTWAIT);
1290 if ((skb = skb_peek(&sk->sk_write_queue)) != NULL) {
1291 if (arg->csumoffset >= 0)
1292 *((u16 *)skb->h.raw + arg->csumoffset) = csum_fold(csum_add(skb->csum, arg->csum));
1293 skb->ip_summed = CHECKSUM_NONE;
1294 ip_push_pending_frames(sk);
1303 * IP protocol layer initialiser
1306 static struct packet_type ip_packet_type = {
1307 .type = __constant_htons(ETH_P_IP),
1312 * IP registers the packet type and then calls the subprotocol initialisers
1315 void __init ip_init(void)
1317 dev_add_pack(&ip_packet_type);
1322 #if defined(CONFIG_IP_MULTICAST) && defined(CONFIG_PROC_FS)
1323 igmp_mc_proc_init();
1327 EXPORT_SYMBOL(ip_finish_output);
1328 EXPORT_SYMBOL(ip_fragment);
1329 EXPORT_SYMBOL(ip_generic_getfrag);
1330 EXPORT_SYMBOL(ip_queue_xmit);
1331 EXPORT_SYMBOL(ip_send_check);
1333 #ifdef CONFIG_SYSCTL
1334 EXPORT_SYMBOL(sysctl_ip_default_ttl);