enable docker ppp

hc

2023-12-09 95099d4622f8cb224d94e314c7a8e0df60b13f87

 kernel/net/ipv6/udp.c
..
..
@@ -1,3 +1,4 @@
1
+// SPDX-License-Identifier: GPL-2.0-or-later
1
2
 /*
2
3
  *	UDP over IPv6
3
4
  *	Linux INET6 implementation
..
..
@@ -14,11 +15,6 @@
14
15
  *					a single port at the same time.
15
16
  *      Kazunori MIYAZAWA @USAGI:       change process style to use ip6_append_data
16
17
  *      YOSHIFUJI Hideaki @USAGI:	convert /proc/net/udp6 to seq_file.
17
- *
18
- *	This program is free software; you can redistribute it and/or
19
- *      modify it under the terms of the GNU General Public License
20
- *      as published by the Free Software Foundation; either version
21
- *      2 of the License, or (at your option) any later version.
22
18
  */
23
19
 
24
20
 #include <linux/errno.h>
..
..
@@ -36,6 +32,7 @@
36
32
 #include <linux/skbuff.h>
37
33
 #include <linux/slab.h>
38
34
 #include <linux/uaccess.h>
35
+#include <linux/indirect_call_wrapper.h>
39
36
 
40
37
 #include <net/addrconf.h>
41
38
 #include <net/ndisc.h>
..
..
@@ -45,6 +42,7 @@
45
42
 #include <net/raw.h>
46
43
 #include <net/tcp_states.h>
47
44
 #include <net/ip6_checksum.h>
45
+#include <net/ip6_tunnel.h>
48
46
 #include <net/xfrm.h>
49
47
 #include <net/inet_hashtables.h>
50
48
 #include <net/inet6_hashtables.h>
..
..
@@ -55,16 +53,6 @@
55
53
 #include <linux/seq_file.h>
56
54
 #include <trace/events/skb.h>
57
55
 #include "udp_impl.h"
58
-
59
-static bool udp6_lib_exact_dif_match(struct net *net, struct sk_buff *skb)
60
-{
61
-#if defined(CONFIG_NET_L3_MASTER_DEV)
62
-	if (!net->ipv4.sysctl_udp_l3mdev_accept &&
63
-	    skb && ipv6_l3mdev_skb(IP6CB(skb)->flags))
64
-		return true;
65
-#endif
66
-	return false;
67
-}
68
56
 
69
57
 static u32 udp6_ehashfn(const struct net *net,
70
58
 			const struct in6_addr *laddr,
..
..
@@ -101,7 +89,7 @@
101
89
 	return udp_lib_get_port(sk, snum, hash2_nulladdr);
102
90
 }
103
91
 
104
-static void udp_v6_rehash(struct sock *sk)
92
+void udp_v6_rehash(struct sock *sk)
105
93
 {
106
94
 	u16 new_hash = ipv6_portaddr_hash(sock_net(sk),
107
95
 					  &sk->sk_v6_rcv_saddr,
..
..
@@ -113,14 +101,18 @@
113
101
 static int compute_score(struct sock *sk, struct net *net,
114
102
 			 const struct in6_addr *saddr, __be16 sport,
115
103
 			 const struct in6_addr *daddr, unsigned short hnum,
116
-			 int dif, int sdif, bool exact_dif)
104
+			 int dif, int sdif)
117
105
 {
118
106
 	int score;
119
107
 	struct inet_sock *inet;
108
+	bool dev_match;
120
109
 
121
110
 	if (!net_eq(sock_net(sk), net) ||
122
111
 	    udp_sk(sk)->udp_port_hash != hnum ||
123
112
 	    sk->sk_family != PF_INET6)
113
+		return -1;
114
+
115
+	if (!ipv6_addr_equal(&sk->sk_v6_rcv_saddr, daddr))
124
116
 		return -1;
125
117
 
126
118
 	score = 0;
..
..
@@ -132,27 +124,17 @@
132
124
 		score++;
133
125
 	}
134
126
 
135
-	if (!ipv6_addr_any(&sk->sk_v6_rcv_saddr)) {
136
-		if (!ipv6_addr_equal(&sk->sk_v6_rcv_saddr, daddr))
137
-			return -1;
138
-		score++;
139
-	}
140
-
141
127
 	if (!ipv6_addr_any(&sk->sk_v6_daddr)) {
142
128
 		if (!ipv6_addr_equal(&sk->sk_v6_daddr, saddr))
143
129
 			return -1;
144
130
 		score++;
145
131
 	}
146
132
 
147
-	if (sk->sk_bound_dev_if || exact_dif) {
148
-		bool dev_match = (sk->sk_bound_dev_if == dif ||
149
-				  sk->sk_bound_dev_if == sdif);
150
-
151
-		if (!dev_match)
152
-			return -1;
153
-		if (sk->sk_bound_dev_if)
154
-			score++;
155
-	}
133
+	dev_match = udp_sk_bound_dev_eq(net, sk->sk_bound_dev_if, dif, sdif);
134
+	if (!dev_match)
135
+		return -1;
136
+	if (sk->sk_bound_dev_if)
137
+		score++;
156
138
 
157
139
 	if (READ_ONCE(sk->sk_incoming_cpu) == raw_smp_processor_id())
158
140
 		score++;
..
..
@@ -160,41 +142,76 @@
160
142
 	return score;
161
143
 }
162
144
 
145
+static struct sock *lookup_reuseport(struct net *net, struct sock *sk,
146
+				     struct sk_buff *skb,
147
+				     const struct in6_addr *saddr,
148
+				     __be16 sport,
149
+				     const struct in6_addr *daddr,
150
+				     unsigned int hnum)
151
+{
152
+	struct sock *reuse_sk = NULL;
153
+	u32 hash;
154
+
155
+	if (sk->sk_reuseport && sk->sk_state != TCP_ESTABLISHED) {
156
+		hash = udp6_ehashfn(net, daddr, hnum, saddr, sport);
157
+		reuse_sk = reuseport_select_sock(sk, hash, skb,
158
+						 sizeof(struct udphdr));
159
+	}
160
+	return reuse_sk;
161
+}
162
+
163
163
 /* called with rcu_read_lock() */
164
164
 static struct sock *udp6_lib_lookup2(struct net *net,
165
165
 		const struct in6_addr *saddr, __be16 sport,
166
166
 		const struct in6_addr *daddr, unsigned int hnum,
167
-		int dif, int sdif, bool exact_dif,
168
-		struct udp_hslot *hslot2, struct sk_buff *skb)
167
+		int dif, int sdif, struct udp_hslot *hslot2,
168
+		struct sk_buff *skb)
169
169
 {
170
-	struct sock *sk, *result, *reuseport_result;
170
+	struct sock *sk, *result;
171
171
 	int score, badness;
172
-	u32 hash = 0;
173
172
 
174
173
 	result = NULL;
175
174
 	badness = -1;
176
175
 	udp_portaddr_for_each_entry_rcu(sk, &hslot2->head) {
177
176
 		score = compute_score(sk, net, saddr, sport,
178
-				      daddr, hnum, dif, sdif, exact_dif);
177
+				      daddr, hnum, dif, sdif);
179
178
 		if (score > badness) {
180
-			reuseport_result = NULL;
179
+			result = lookup_reuseport(net, sk, skb,
180
+						  saddr, sport, daddr, hnum);
181
+			/* Fall back to scoring if group has connections */
182
+			if (result && !reuseport_has_conns(sk))
183
+				return result;
181
184
 
182
-			if (sk->sk_reuseport &&
183
-			    sk->sk_state != TCP_ESTABLISHED) {
184
-				hash = udp6_ehashfn(net, daddr, hnum,
185
-						    saddr, sport);
186
-
187
-				reuseport_result = reuseport_select_sock(sk, hash, skb,
188
-									 sizeof(struct udphdr));
189
-				if (reuseport_result && !reuseport_has_conns(sk, false))
190
-					return reuseport_result;
191
-			}
192
-
193
-			result = reuseport_result ? : sk;
185
+			result = result ? : sk;
194
186
 			badness = score;
195
187
 		}
196
188
 	}
197
189
 	return result;
190
+}
191
+
192
+static inline struct sock *udp6_lookup_run_bpf(struct net *net,
193
+					       struct udp_table *udptable,
194
+					       struct sk_buff *skb,
195
+					       const struct in6_addr *saddr,
196
+					       __be16 sport,
197
+					       const struct in6_addr *daddr,
198
+					       u16 hnum)
199
+{
200
+	struct sock *sk, *reuse_sk;
201
+	bool no_reuseport;
202
+
203
+	if (udptable != &udp_table)
204
+		return NULL; /* only UDP is supported */
205
+
206
+	no_reuseport = bpf_sk_lookup_run_v6(net, IPPROTO_UDP,
207
+					    saddr, sport, daddr, hnum, &sk);
208
+	if (no_reuseport || IS_ERR_OR_NULL(sk))
209
+		return sk;
210
+
211
+	reuse_sk = lookup_reuseport(net, sk, skb, saddr, sport, daddr, hnum);
212
+	if (reuse_sk)
213
+		sk = reuse_sk;
214
+	return sk;
198
215
 }
199
216
 
200
217
 /* rcu_read_lock() must be held */
..
..
@@ -204,66 +221,47 @@
204
221
 			       int dif, int sdif, struct udp_table *udptable,
205
222
 			       struct sk_buff *skb)
206
223
 {
207
-	struct sock *sk, *result;
208
224
 	unsigned short hnum = ntohs(dport);
209
-	unsigned int hash2, slot2, slot = udp_hashfn(net, hnum, udptable->mask);
210
-	struct udp_hslot *hslot2, *hslot = &udptable->hash[slot];
211
-	bool exact_dif = udp6_lib_exact_dif_match(net, skb);
212
-	int score, badness;
213
-	u32 hash = 0;
225
+	unsigned int hash2, slot2;
226
+	struct udp_hslot *hslot2;
227
+	struct sock *result, *sk;
214
228
 
215
-	if (hslot->count > 10) {
216
-		hash2 = ipv6_portaddr_hash(net, daddr, hnum);
217
-		slot2 = hash2 & udptable->mask;
218
-		hslot2 = &udptable->hash2[slot2];
219
-		if (hslot->count < hslot2->count)
220
-			goto begin;
229
+	hash2 = ipv6_portaddr_hash(net, daddr, hnum);
230
+	slot2 = hash2 & udptable->mask;
231
+	hslot2 = &udptable->hash2[slot2];
221
232
 
222
-		result = udp6_lib_lookup2(net, saddr, sport,
223
-					  daddr, hnum, dif, sdif, exact_dif,
224
-					  hslot2, skb);
225
-		if (!result) {
226
-			unsigned int old_slot2 = slot2;
227
-			hash2 = ipv6_portaddr_hash(net, &in6addr_any, hnum);
228
-			slot2 = hash2 & udptable->mask;
229
-			/* avoid searching the same slot again. */
230
-			if (unlikely(slot2 == old_slot2))
231
-				return result;
233
+	/* Lookup connected or non-wildcard sockets */
234
+	result = udp6_lib_lookup2(net, saddr, sport,
235
+				  daddr, hnum, dif, sdif,
236
+				  hslot2, skb);
237
+	if (!IS_ERR_OR_NULL(result) && result->sk_state == TCP_ESTABLISHED)
238
+		goto done;
232
239
 
233
-			hslot2 = &udptable->hash2[slot2];
234
-			if (hslot->count < hslot2->count)
235
-				goto begin;
236
-
237
-			result = udp6_lib_lookup2(net, saddr, sport,
238
-						  daddr, hnum, dif, sdif,
239
-						  exact_dif, hslot2,
240
-						  skb);
241
-		}
242
-		if (unlikely(IS_ERR(result)))
243
-			return NULL;
244
-		return result;
245
-	}
246
-begin:
247
-	result = NULL;
248
-	badness = -1;
249
-	sk_for_each_rcu(sk, &hslot->head) {
250
-		score = compute_score(sk, net, saddr, sport, daddr, hnum, dif,
251
-				      sdif, exact_dif);
252
-		if (score > badness) {
253
-			if (sk->sk_reuseport) {
254
-				hash = udp6_ehashfn(net, daddr, hnum,
255
-						    saddr, sport);
256
-				result = reuseport_select_sock(sk, hash, skb,
257
-							sizeof(struct udphdr));
258
-				if (unlikely(IS_ERR(result)))
259
-					return NULL;
260
-				if (result)
261
-					return result;
262
-			}
240
+	/* Lookup redirect from BPF */
241
+	if (static_branch_unlikely(&bpf_sk_lookup_enabled)) {
242
+		sk = udp6_lookup_run_bpf(net, udptable, skb,
243
+					 saddr, sport, daddr, hnum);
244
+		if (sk) {
263
245
 			result = sk;
264
-			badness = score;
246
+			goto done;
265
247
 		}
266
248
 	}
249
+
250
+	/* Got non-wildcard socket or error on first lookup */
251
+	if (result)
252
+		goto done;
253
+
254
+	/* Lookup wildcard sockets */
255
+	hash2 = ipv6_portaddr_hash(net, &in6addr_any, hnum);
256
+	slot2 = hash2 & udptable->mask;
257
+	hslot2 = &udptable->hash2[slot2];
258
+
259
+	result = udp6_lib_lookup2(net, saddr, sport,
260
+				  &in6addr_any, hnum, dif, sdif,
261
+				  hslot2, skb);
262
+done:
263
+	if (IS_ERR(result))
264
+		return NULL;
267
265
 	return result;
268
266
 }
269
267
 EXPORT_SYMBOL_GPL(__udp6_lib_lookup);
..
..
@@ -329,9 +327,9 @@
329
327
 	struct inet_sock *inet = inet_sk(sk);
330
328
 	struct sk_buff *skb;
331
329
 	unsigned int ulen, copied;
332
-	int peeked, peeking, off;
333
-	int err;
330
+	int off, err, peeking = flags & MSG_PEEK;
334
331
 	int is_udplite = IS_UDPLITE(sk);
332
+	struct udp_mib __percpu *mib;
335
333
 	bool checksum_valid = false;
336
334
 	int is_udp4;
337
335
 
..
..
@@ -342,9 +340,8 @@
342
340
 		return ipv6_recv_rxpmtu(sk, msg, len, addr_len);
343
341
 
344
342
 try_again:
345
-	peeking = flags & MSG_PEEK;
346
343
 	off = sk_peek_offset(sk, flags);
347
-	skb = __skb_recv_udp(sk, flags, noblock, &peeked, &off, &err);
344
+	skb = __skb_recv_udp(sk, flags, noblock, &off, &err);
348
345
 	if (!skb)
349
346
 		return err;
350
347
 
..
..
@@ -356,6 +353,7 @@
356
353
 		msg->msg_flags |= MSG_TRUNC;
357
354
 
358
355
 	is_udp4 = (skb->protocol == htons(ETH_P_IP));
356
+	mib = __UDPX_MIB(sk, is_udp4);
359
357
 
360
358
 	/*
361
359
 	 * If checksum is needed at all, try to do it while copying the
..
..
@@ -382,26 +380,15 @@
382
380
 			goto csum_copy_err;
383
381
 	}
384
382
 	if (unlikely(err)) {
385
-		if (!peeked) {
383
+		if (!peeking) {
386
384
 			atomic_inc(&sk->sk_drops);
387
-			if (is_udp4)
388
-				UDP_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
389
-					      is_udplite);
390
-			else
391
-				UDP6_INC_STATS(sock_net(sk), UDP_MIB_INERRORS,
392
-					       is_udplite);
385
+			SNMP_INC_STATS(mib, UDP_MIB_INERRORS);
393
386
 		}
394
387
 		kfree_skb(skb);
395
388
 		return err;
396
389
 	}
397
-	if (!peeked) {
398
-		if (is_udp4)
399
-			UDP_INC_STATS(sock_net(sk), UDP_MIB_INDATAGRAMS,
400
-				      is_udplite);
401
-		else
402
-			UDP6_INC_STATS(sock_net(sk), UDP_MIB_INDATAGRAMS,
403
-				       is_udplite);
404
-	}
390
+	if (!peeking)
391
+		SNMP_INC_STATS(mib, UDP_MIB_INDATAGRAMS);
405
392
 
406
393
 	sock_recv_ts_and_drops(msg, sk, skb);
407
394
 
..
..
@@ -429,6 +416,9 @@
429
416
 						(struct sockaddr *)sin6);
430
417
 	}
431
418
 
419
+	if (udp_sk(sk)->gro_enabled)
420
+		udp_cmsg_recv(msg, sk, skb);
421
+
432
422
 	if (np->rxopt.all)
433
423
 		ip6_datagram_recv_common_ctl(sk, msg, skb);
434
424
 
..
..
@@ -451,17 +441,8 @@
451
441
 csum_copy_err:
452
442
 	if (!__sk_queue_drop_skb(sk, &udp_sk(sk)->reader_queue, skb, flags,
453
443
 				 udp_skb_destructor)) {
454
-		if (is_udp4) {
455
-			UDP_INC_STATS(sock_net(sk),
456
-				      UDP_MIB_CSUMERRORS, is_udplite);
457
-			UDP_INC_STATS(sock_net(sk),
458
-				      UDP_MIB_INERRORS, is_udplite);
459
-		} else {
460
-			UDP6_INC_STATS(sock_net(sk),
461
-				       UDP_MIB_CSUMERRORS, is_udplite);
462
-			UDP6_INC_STATS(sock_net(sk),
463
-				       UDP_MIB_INERRORS, is_udplite);
464
-		}
444
+		SNMP_INC_STATS(mib, UDP_MIB_CSUMERRORS);
445
+		SNMP_INC_STATS(mib, UDP_MIB_INERRORS);
465
446
 	}
466
447
 	kfree_skb(skb);
467
448
 
..
..
@@ -471,26 +452,133 @@
471
452
 	goto try_again;
472
453
 }
473
454
 
474
-void __udp6_lib_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
475
-		    u8 type, u8 code, int offset, __be32 info,
476
-		    struct udp_table *udptable)
455
+DEFINE_STATIC_KEY_FALSE(udpv6_encap_needed_key);
456
+void udpv6_encap_enable(void)
457
+{
458
+	static_branch_inc(&udpv6_encap_needed_key);
459
+}
460
+EXPORT_SYMBOL(udpv6_encap_enable);
461
+
462
+/* Handler for tunnels with arbitrary destination ports: no socket lookup, go
463
+ * through error handlers in encapsulations looking for a match.
464
+ */
465
+static int __udp6_lib_err_encap_no_sk(struct sk_buff *skb,
466
+				      struct inet6_skb_parm *opt,
467
+				      u8 type, u8 code, int offset, __be32 info)
468
+{
469
+	int i;
470
+
471
+	for (i = 0; i < MAX_IPTUN_ENCAP_OPS; i++) {
472
+		int (*handler)(struct sk_buff *skb, struct inet6_skb_parm *opt,
473
+			       u8 type, u8 code, int offset, __be32 info);
474
+		const struct ip6_tnl_encap_ops *encap;
475
+
476
+		encap = rcu_dereference(ip6tun_encaps[i]);
477
+		if (!encap)
478
+			continue;
479
+		handler = encap->err_handler;
480
+		if (handler && !handler(skb, opt, type, code, offset, info))
481
+			return 0;
482
+	}
483
+
484
+	return -ENOENT;
485
+}
486
+
487
+/* Try to match ICMP errors to UDP tunnels by looking up a socket without
488
+ * reversing source and destination port: this will match tunnels that force the
489
+ * same destination port on both endpoints (e.g. VXLAN, GENEVE). Note that
490
+ * lwtunnels might actually break this assumption by being configured with
491
+ * different destination ports on endpoints, in this case we won't be able to
492
+ * trace ICMP messages back to them.
493
+ *
494
+ * If this doesn't match any socket, probe tunnels with arbitrary destination
495
+ * ports (e.g. FoU, GUE): there, the receiving socket is useless, as the port
496
+ * we've sent packets to won't necessarily match the local destination port.
497
+ *
498
+ * Then ask the tunnel implementation to match the error against a valid
499
+ * association.
500
+ *
501
+ * Return an error if we can't find a match, the socket if we need further
502
+ * processing, zero otherwise.
503
+ */
504
+static struct sock *__udp6_lib_err_encap(struct net *net,
505
+					 const struct ipv6hdr *hdr, int offset,
506
+					 struct udphdr *uh,
507
+					 struct udp_table *udptable,
508
+					 struct sk_buff *skb,
509
+					 struct inet6_skb_parm *opt,
510
+					 u8 type, u8 code, __be32 info)
511
+{
512
+	int network_offset, transport_offset;
513
+	struct sock *sk;
514
+
515
+	network_offset = skb_network_offset(skb);
516
+	transport_offset = skb_transport_offset(skb);
517
+
518
+	/* Network header needs to point to the outer IPv6 header inside ICMP */
519
+	skb_reset_network_header(skb);
520
+
521
+	/* Transport header needs to point to the UDP header */
522
+	skb_set_transport_header(skb, offset);
523
+
524
+	sk = __udp6_lib_lookup(net, &hdr->daddr, uh->source,
525
+			       &hdr->saddr, uh->dest,
526
+			       inet6_iif(skb), 0, udptable, skb);
527
+	if (sk) {
528
+		int (*lookup)(struct sock *sk, struct sk_buff *skb);
529
+		struct udp_sock *up = udp_sk(sk);
530
+
531
+		lookup = READ_ONCE(up->encap_err_lookup);
532
+		if (!lookup || lookup(sk, skb))
533
+			sk = NULL;
534
+	}
535
+
536
+	if (!sk) {
537
+		sk = ERR_PTR(__udp6_lib_err_encap_no_sk(skb, opt, type, code,
538
+							offset, info));
539
+	}
540
+
541
+	skb_set_transport_header(skb, transport_offset);
542
+	skb_set_network_header(skb, network_offset);
543
+
544
+	return sk;
545
+}
546
+
547
+int __udp6_lib_err(struct sk_buff *skb, struct inet6_skb_parm *opt,
548
+		   u8 type, u8 code, int offset, __be32 info,
549
+		   struct udp_table *udptable)
477
550
 {
478
551
 	struct ipv6_pinfo *np;
479
552
 	const struct ipv6hdr *hdr = (const struct ipv6hdr *)skb->data;
480
553
 	const struct in6_addr *saddr = &hdr->saddr;
481
554
 	const struct in6_addr *daddr = &hdr->daddr;
482
555
 	struct udphdr *uh = (struct udphdr *)(skb->data+offset);
556
+	bool tunnel = false;
483
557
 	struct sock *sk;
484
558
 	int harderr;
485
559
 	int err;
486
560
 	struct net *net = dev_net(skb->dev);
487
561
 
488
562
 	sk = __udp6_lib_lookup(net, daddr, uh->dest, saddr, uh->source,
489
-			       inet6_iif(skb), 0, udptable, NULL);
563
+			       inet6_iif(skb), inet6_sdif(skb), udptable, NULL);
490
564
 	if (!sk) {
491
-		__ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
492
-				  ICMP6_MIB_INERRORS);
493
-		return;
565
+		/* No socket for error: try tunnels before discarding */
566
+		sk = ERR_PTR(-ENOENT);
567
+		if (static_branch_unlikely(&udpv6_encap_needed_key)) {
568
+			sk = __udp6_lib_err_encap(net, hdr, offset, uh,
569
+						  udptable, skb,
570
+						  opt, type, code, info);
571
+			if (!sk)
572
+				return 0;
573
+		}
574
+
575
+		if (IS_ERR(sk)) {
576
+			__ICMP6_INC_STATS(net, __in6_dev_get(skb->dev),
577
+					  ICMP6_MIB_INERRORS);
578
+			return PTR_ERR(sk);
579
+		}
580
+
581
+		tunnel = true;
494
582
 	}
495
583
 
496
584
 	harderr = icmpv6_err_convert(type, code, &err);
..
..
@@ -504,9 +592,18 @@
504
592
 			harderr = 1;
505
593
 	}
506
594
 	if (type == NDISC_REDIRECT) {
507
-		ip6_sk_redirect(skb, sk);
595
+		if (tunnel) {
596
+			ip6_redirect(skb, sock_net(sk), inet6_iif(skb),
597
+				     sk->sk_mark, sk->sk_uid);
598
+		} else {
599
+			ip6_sk_redirect(skb, sk);
600
+		}
508
601
 		goto out;
509
602
 	}
603
+
604
+	/* Tunnels don't have an application socket: don't pass errors back */
605
+	if (tunnel)
606
+		goto out;
510
607
 
511
608
 	if (!np->recverr) {
512
609
 		if (!harderr || sk->sk_state != TCP_ESTABLISHED)
..
..
@@ -518,7 +615,7 @@
518
615
 	sk->sk_err = err;
519
616
 	sk->sk_error_report(sk);
520
617
 out:
521
-	return;
618
+	return 0;
522
619
 }
523
620
 
524
621
 static int __udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
..
..
@@ -549,21 +646,14 @@
549
646
 	return 0;
550
647
 }
551
648
 
552
-static __inline__ void udpv6_err(struct sk_buff *skb,
553
-				 struct inet6_skb_parm *opt, u8 type,
554
-				 u8 code, int offset, __be32 info)
649
+static __inline__ int udpv6_err(struct sk_buff *skb,
650
+				struct inet6_skb_parm *opt, u8 type,
651
+				u8 code, int offset, __be32 info)
555
652
 {
556
-	__udp6_lib_err(skb, opt, type, code, offset, info, &udp_table);
653
+	return __udp6_lib_err(skb, opt, type, code, offset, info, &udp_table);
557
654
 }
558
655
 
559
-static DEFINE_STATIC_KEY_FALSE(udpv6_encap_needed_key);
560
-void udpv6_encap_enable(void)
561
-{
562
-	static_branch_enable(&udpv6_encap_needed_key);
563
-}
564
-EXPORT_SYMBOL(udpv6_encap_enable);
565
-
566
-static int udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
656
+static int udpv6_queue_rcv_one_skb(struct sock *sk, struct sk_buff *skb)
567
657
 {
568
658
 	struct udp_sock *up = udp_sk(sk);
569
659
 	int is_udplite = IS_UDPLITE(sk);
..
..
@@ -646,10 +736,31 @@
646
736
 	return -1;
647
737
 }
648
738
 
739
+static int udpv6_queue_rcv_skb(struct sock *sk, struct sk_buff *skb)
740
+{
741
+	struct sk_buff *next, *segs;
742
+	int ret;
743
+
744
+	if (likely(!udp_unexpected_gso(sk, skb)))
745
+		return udpv6_queue_rcv_one_skb(sk, skb);
746
+
747
+	__skb_push(skb, -skb_mac_offset(skb));
748
+	segs = udp_rcv_segment(sk, skb, false);
749
+	skb_list_walk_safe(segs, skb, next) {
750
+		__skb_pull(skb, skb_transport_offset(skb));
751
+
752
+		ret = udpv6_queue_rcv_one_skb(sk, skb);
753
+		if (ret > 0)
754
+			ip6_protocol_deliver_rcu(dev_net(skb->dev), skb, ret,
755
+						 true);
756
+	}
757
+	return 0;
758
+}
759
+
649
760
 static bool __udp_v6_is_mcast_sock(struct net *net, struct sock *sk,
650
761
 				   __be16 loc_port, const struct in6_addr *loc_addr,
651
762
 				   __be16 rmt_port, const struct in6_addr *rmt_addr,
652
-				   int dif, unsigned short hnum)
763
+				   int dif, int sdif, unsigned short hnum)
653
764
 {
654
765
 	struct inet_sock *inet = inet_sk(sk);
655
766
 
..
..
@@ -661,7 +772,7 @@
661
772
 	    (inet->inet_dport && inet->inet_dport != rmt_port) ||
662
773
 	    (!ipv6_addr_any(&sk->sk_v6_daddr) &&
663
774
 		    !ipv6_addr_equal(&sk->sk_v6_daddr, rmt_addr)) ||
664
-	    (sk->sk_bound_dev_if && sk->sk_bound_dev_if != dif) ||
775
+	    !udp_sk_bound_dev_eq(net, sk->sk_bound_dev_if, dif, sdif) ||
665
776
 	    (!ipv6_addr_any(&sk->sk_v6_rcv_saddr) &&
666
777
 		    !ipv6_addr_equal(&sk->sk_v6_rcv_saddr, loc_addr)))
667
778
 		return false;
..
..
@@ -695,6 +806,7 @@
695
806
 	unsigned int offset = offsetof(typeof(*sk), sk_node);
696
807
 	unsigned int hash2 = 0, hash2_any = 0, use_hash2 = (hslot->count > 10);
697
808
 	int dif = inet6_iif(skb);
809
+	int sdif = inet6_sdif(skb);
698
810
 	struct hlist_node *node;
699
811
 	struct sk_buff *nskb;
700
812
 
..
..
@@ -709,7 +821,8 @@
709
821
 
710
822
 	sk_for_each_entry_offset_rcu(sk, node, &hslot->head, offset) {
711
823
 		if (!__udp_v6_is_mcast_sock(net, sk, uh->dest, daddr,
712
-					    uh->source, saddr, dif, hnum))
824
+					    uh->source, saddr, dif, sdif,
825
+					    hnum))
713
826
 			continue;
714
827
 		/* If zero checksum and no_check is not on for
715
828
 		 * the socket then skip it.
..
..
@@ -769,8 +882,7 @@
769
882
 	int ret;
770
883
 
771
884
 	if (inet_get_convert_csum(sk) && uh->check && !IS_UDPLITE(sk))
772
-		skb_checksum_try_convert(skb, IPPROTO_UDP, uh->check,
773
-					 ip6_compute_pseudo);
885
+		skb_checksum_try_convert(skb, IPPROTO_UDP, ip6_compute_pseudo);
774
886
 
775
887
 	ret = udpv6_queue_rcv_skb(sk, skb);
776
888
 
..
..
@@ -787,6 +899,7 @@
787
899
 	struct net *net = dev_net(skb->dev);
788
900
 	struct udphdr *uh;
789
901
 	struct sock *sk;
902
+	bool refcounted;
790
903
 	u32 ulen = 0;
791
904
 
792
905
 	if (!pskb_may_pull(skb, sizeof(struct udphdr)))
..
..
@@ -823,21 +936,23 @@
823
936
 		goto csum_error;
824
937
 
825
938
 	/* Check if the socket is already available, e.g. due to early demux */
826
-	sk = skb_steal_sock(skb);
939
+	sk = skb_steal_sock(skb, &refcounted);
827
940
 	if (sk) {
828
941
 		struct dst_entry *dst = skb_dst(skb);
829
942
 		int ret;
830
943
 
831
-		if (unlikely(sk->sk_rx_dst != dst))
944
+		if (unlikely(rcu_dereference(sk->sk_rx_dst) != dst))
832
945
 			udp6_sk_rx_dst_set(sk, dst);
833
946
 
834
947
 		if (!uh->check && !udp_sk(sk)->no_check6_rx) {
835
-			sock_put(sk);
948
+			if (refcounted)
949
+				sock_put(sk);
836
950
 			goto report_csum_error;
837
951
 		}
838
952
 
839
953
 		ret = udp6_unicast_rcv_skb(sk, skb, uh);
840
-		sock_put(sk);
954
+		if (refcounted)
955
+			sock_put(sk);
841
956
 		return ret;
842
957
 	}
843
958
 
..
..
@@ -904,7 +1019,7 @@
904
1019
 
905
1020
 	udp_portaddr_for_each_entry_rcu(sk, &hslot2->head) {
906
1021
 		if (sk->sk_state == TCP_ESTABLISHED &&
907
-		    INET6_MATCH(sk, net, rmt_addr, loc_addr, ports, dif, sdif))
1022
+		    inet6_match(net, sk, rmt_addr, loc_addr, ports, dif, sdif))
908
1023
 			return sk;
909
1024
 		/* Only check first socket in chain */
910
1025
 		break;
..
..
@@ -912,7 +1027,7 @@
912
1027
 	return NULL;
913
1028
 }
914
1029
 
915
-static void udp_v6_early_demux(struct sk_buff *skb)
1030
+void udp_v6_early_demux(struct sk_buff *skb)
916
1031
 {
917
1032
 	struct net *net = dev_net(skb->dev);
918
1033
 	const struct udphdr *uh;
..
..
@@ -940,7 +1055,7 @@
940
1055
 
941
1056
 	skb->sk = sk;
942
1057
 	skb->destructor = sock_efree;
943
-	dst = READ_ONCE(sk->sk_rx_dst);
1058
+	dst = rcu_dereference(sk->sk_rx_dst);
944
1059
 
945
1060
 	if (dst)
946
1061
 		dst = dst_check(dst, inet6_sk(sk)->rx_dst_cookie);
..
..
@@ -953,7 +1068,7 @@
953
1068
 	}
954
1069
 }
955
1070
 
956
-static __inline__ int udpv6_rcv(struct sk_buff *skb)
1071
+INDIRECT_CALLABLE_SCOPE int udpv6_rcv(struct sk_buff *skb)
957
1072
 {
958
1073
 	return __udp6_lib_rcv(skb, &udp_table, IPPROTO_UDP);
959
1074
 }
..
..
@@ -977,6 +1092,8 @@
977
1092
 static int udpv6_pre_connect(struct sock *sk, struct sockaddr *uaddr,
978
1093
 			     int addr_len)
979
1094
 {
1095
+	if (addr_len < offsetofend(struct sockaddr, sa_family))
1096
+		return -EINVAL;
980
1097
 	/* The following checks are replicated from __ip6_datagram_connect()
981
1098
 	 * and intended to prevent BPF program called below from accessing
982
1099
 	 * bytes that are out of the bound specified by user in addr_len.
..
..
@@ -998,6 +1115,9 @@
998
1115
  *	@sk:	socket we are sending on
999
1116
  *	@skb:	sk_buff containing the filled-in UDP header
1000
1117
  *		(checksum field must be zeroed out)
1118
+ *	@saddr: source address
1119
+ *	@daddr: destination address
1120
+ *	@len:	length of packet
1001
1121
  */
1002
1122
 static void udp6_hwcsum_outgoing(struct sock *sk, struct sk_buff *skb,
1003
1123
 				 const struct in6_addr *saddr,
..
..
@@ -1177,6 +1297,7 @@
1177
1297
 	ipcm6_init(&ipc6);
1178
1298
 	ipc6.gso_size = READ_ONCE(up->gso_size);
1179
1299
 	ipc6.sockc.tsflags = sk->sk_tsflags;
1300
+	ipc6.sockc.mark = sk->sk_mark;
1180
1301
 
1181
1302
 	/* destination address check */
1182
1303
 	if (sin6) {
..
..
@@ -1266,7 +1387,7 @@
1266
1387
 			fl6.flowlabel = sin6->sin6_flowinfo&IPV6_FLOWINFO_MASK;
1267
1388
 			if (fl6.flowlabel&IPV6_FLOWLABEL_MASK) {
1268
1389
 				flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
1269
-				if (!flowlabel)
1390
+				if (IS_ERR(flowlabel))
1270
1391
 					return -EINVAL;
1271
1392
 			}
1272
1393
 		}
..
..
@@ -1299,7 +1420,6 @@
1299
1420
 	if (!fl6.flowi6_oif)
1300
1421
 		fl6.flowi6_oif = np->sticky_pktinfo.ipi6_ifindex;
1301
1422
 
1302
-	fl6.flowi6_mark = sk->sk_mark;
1303
1423
 	fl6.flowi6_uid = sk->sk_uid;
1304
1424
 
1305
1425
 	if (msg->msg_controllen) {
..
..
@@ -1318,7 +1438,7 @@
1318
1438
 		}
1319
1439
 		if ((fl6.flowlabel&IPV6_FLOWLABEL_MASK) && !flowlabel) {
1320
1440
 			flowlabel = fl6_sock_lookup(sk, fl6.flowlabel);
1321
-			if (!flowlabel)
1441
+			if (IS_ERR(flowlabel))
1322
1442
 				return -EINVAL;
1323
1443
 		}
1324
1444
 		if (!(opt->opt_nflen|opt->opt_flen))
..
..
@@ -1335,6 +1455,7 @@
1335
1455
 	ipc6.opt = opt;
1336
1456
 
1337
1457
 	fl6.flowi6_proto = sk->sk_protocol;
1458
+	fl6.flowi6_mark = ipc6.sockc.mark;
1338
1459
 	fl6.daddr = *daddr;
1339
1460
 	if (ipv6_addr_any(&fl6.saddr) && !ipv6_addr_any(&np->saddr))
1340
1461
 		fl6.saddr = np->saddr;
..
..
@@ -1376,7 +1497,7 @@
1376
1497
 	} else if (!fl6.flowi6_oif)
1377
1498
 		fl6.flowi6_oif = np->ucast_oif;
1378
1499
 
1379
-	security_sk_classify_flow(sk, flowi6_to_flowi(&fl6));
1500
+	security_sk_classify_flow(sk, flowi6_to_flowi_common(&fl6));
1380
1501
 
1381
1502
 	if (ipc6.tclass < 0)
1382
1503
 		ipc6.tclass = np->tclass;
..
..
@@ -1482,11 +1603,17 @@
1482
1603
 	udp_v6_flush_pending_frames(sk);
1483
1604
 	release_sock(sk);
1484
1605
 
1485
-	if (static_branch_unlikely(&udpv6_encap_needed_key) && up->encap_type) {
1486
-		void (*encap_destroy)(struct sock *sk);
1487
-		encap_destroy = READ_ONCE(up->encap_destroy);
1488
-		if (encap_destroy)
1489
-			encap_destroy(sk);
1606
+	if (static_branch_unlikely(&udpv6_encap_needed_key)) {
1607
+		if (up->encap_type) {
1608
+			void (*encap_destroy)(struct sock *sk);
1609
+			encap_destroy = READ_ONCE(up->encap_destroy);
1610
+			if (encap_destroy)
1611
+				encap_destroy(sk);
1612
+		}
1613
+		if (up->encap_enabled) {
1614
+			static_branch_dec(&udpv6_encap_needed_key);
1615
+			udp_encap_disable();
1616
+		}
1490
1617
 	}
1491
1618
 
1492
1619
 	inet6_destroy_sock(sk);
..
..
@@ -1495,25 +1622,15 @@
1495
1622
 /*
1496
1623
  *	Socket option code for UDP
1497
1624
  */
1498
-int udpv6_setsockopt(struct sock *sk, int level, int optname,
1499
-		     char __user *optval, unsigned int optlen)
1625
+int udpv6_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
1626
+		     unsigned int optlen)
1500
1627
 {
1501
1628
 	if (level == SOL_UDP  ||  level == SOL_UDPLITE)
1502
-		return udp_lib_setsockopt(sk, level, optname, optval, optlen,
1629
+		return udp_lib_setsockopt(sk, level, optname,
1630
+					  optval, optlen,
1503
1631
 					  udp_v6_push_pending_frames);
1504
1632
 	return ipv6_setsockopt(sk, level, optname, optval, optlen);
1505
1633
 }
1506
-
1507
-#ifdef CONFIG_COMPAT
1508
-int compat_udpv6_setsockopt(struct sock *sk, int level, int optname,
1509
-			    char __user *optval, unsigned int optlen)
1510
-{
1511
-	if (level == SOL_UDP  ||  level == SOL_UDPLITE)
1512
-		return udp_lib_setsockopt(sk, level, optname, optval, optlen,
1513
-					  udp_v6_push_pending_frames);
1514
-	return compat_ipv6_setsockopt(sk, level, optname, optval, optlen);
1515
-}
1516
-#endif
1517
1634
 
1518
1635
 int udpv6_getsockopt(struct sock *sk, int level, int optname,
1519
1636
 		     char __user *optval, int __user *optlen)
..
..
@@ -1523,22 +1640,7 @@
1523
1640
 	return ipv6_getsockopt(sk, level, optname, optval, optlen);
1524
1641
 }
1525
1642
 
1526
-#ifdef CONFIG_COMPAT
1527
-int compat_udpv6_getsockopt(struct sock *sk, int level, int optname,
1528
-			    char __user *optval, int __user *optlen)
1529
-{
1530
-	if (level == SOL_UDP  ||  level == SOL_UDPLITE)
1531
-		return udp_lib_getsockopt(sk, level, optname, optval, optlen);
1532
-	return compat_ipv6_getsockopt(sk, level, optname, optval, optlen);
1533
-}
1534
-#endif
1535
-
1536
-/* thinking of making this const? Don't.
1537
- * early_demux can change based on sysctl.
1538
- */
1539
-static struct inet6_protocol udpv6_protocol = {
1540
-	.early_demux	=	udp_v6_early_demux,
1541
-	.early_demux_handler =  udp_v6_early_demux,
1643
+static const struct inet6_protocol udpv6_protocol = {
1542
1644
 	.handler	=	udpv6_rcv,
1543
1645
 	.err_handler	=	udpv6_err,
1544
1646
 	.flags		=	INET6_PROTO_NOPOLICY|INET6_PROTO_FINAL,
..
..
@@ -1615,10 +1717,6 @@
1615
1717
 	.sysctl_rmem_offset     = offsetof(struct net, ipv4.sysctl_udp_rmem_min),
1616
1718
 	.obj_size		= sizeof(struct udp6_sock),
1617
1719
 	.h.udp_table		= &udp_table,
1618
-#ifdef CONFIG_COMPAT
1619
-	.compat_setsockopt	= compat_udpv6_setsockopt,
1620
-	.compat_getsockopt	= compat_udpv6_getsockopt,
1621
-#endif
1622
1720
 	.diag_destroy		= udp_abort,
1623
1721
 };
1624
1722