tcp: Don't pass cookie to __cookie_v[46]_check().

	u32 (*cookie_init_sequence)(const struct ipv6hdr *iph,

				    const struct tcphdr *th, u16 *mssp);

	int (*cookie_v6_check)(const struct ipv6hdr *iph,

			       const struct tcphdr *th, __u32 cookie);

			       const struct tcphdr *th);

#endif

	void (*route_input)(struct sk_buff *skb);

	int (*fragment)(struct net *net, struct sock *sk, struct sk_buff *skb,

}

static inline int nf_cookie_v6_check(const struct ipv6hdr *iph,

				     const struct tcphdr *th, __u32 cookie)

				     const struct tcphdr *th)

{

#if IS_ENABLED(CONFIG_SYN_COOKIES)

#if IS_MODULE(CONFIG_IPV6)

	const struct nf_ipv6_ops *v6_ops = nf_get_ipv6_ops();

	if (v6_ops)

		return v6_ops->cookie_v6_check(iph, th, cookie);

		return v6_ops->cookie_v6_check(iph, th);

#elif IS_BUILTIN(CONFIG_IPV6)

	return __cookie_v6_check(iph, th, cookie);

	return __cookie_v6_check(iph, th);

#endif

#endif

	return 0;

struct sock *tcp_get_cookie_sock(struct sock *sk, struct sk_buff *skb,

				 struct request_sock *req,

				 struct dst_entry *dst, u32 tsoff);

int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th,

		      u32 cookie);

int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th);

struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb);

struct request_sock *cookie_tcp_reqsk_alloc(const struct request_sock_ops *ops,

					    const struct tcp_request_sock_ops *af_ops,

		   const struct net *net, const struct dst_entry *dst);

/* From net/ipv6/syncookies.c */

int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th,

		      u32 cookie);

int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th);

struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb);

u32 __cookie_v6_init_sequence(const struct ipv6hdr *iph,

	   struct tcphdr *, th, u32, th_len)

{

#ifdef CONFIG_SYN_COOKIES

	u32 cookie;

	int ret;

	if (unlikely(!sk || th_len < sizeof(*th)))

	if (tcp_synq_no_recent_overflow(sk))

		return -ENOENT;

	cookie = ntohl(th->ack_seq) - 1;

	/* Both struct iphdr and struct ipv6hdr have the version field at the

	 * same offset so we can cast to the shorter header (struct iphdr).

	 */

		if (sk->sk_family == AF_INET6 && ipv6_only_sock(sk))

			return -EINVAL;

		ret = __cookie_v4_check((struct iphdr *)iph, th, cookie);

		ret = __cookie_v4_check((struct iphdr *)iph, th);

		break;

#if IS_BUILTIN(CONFIG_IPV6)

		if (sk->sk_family != AF_INET6)

			return -EINVAL;

		ret = __cookie_v6_check((struct ipv6hdr *)iph, th, cookie);

		ret = __cookie_v6_check((struct ipv6hdr *)iph, th);

		break;

#endif /* CONFIG_IPV6 */

BPF_CALL_2(bpf_tcp_raw_check_syncookie_ipv4, struct iphdr *, iph,

	   struct tcphdr *, th)

{

	u32 cookie = ntohl(th->ack_seq) - 1;

	if (__cookie_v4_check(iph, th, cookie) > 0)

	if (__cookie_v4_check(iph, th) > 0)

		return 0;

	return -EACCES;

	   struct tcphdr *, th)

{

#if IS_BUILTIN(CONFIG_IPV6)

	u32 cookie = ntohl(th->ack_seq) - 1;

	if (__cookie_v6_check(iph, th, cookie) > 0)

	if (__cookie_v6_check(iph, th) > 0)

		return 0;

	return -EACCES;

 * Check if a ack sequence number is a valid syncookie.

 * Return the decoded mss if it is, or 0 if not.

 */

int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th,

		      u32 cookie)

int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th)

{

	__u32 cookie = ntohl(th->ack_seq) - 1;

	__u32 seq = ntohl(th->seq) - 1;

	__u32 mssind = check_tcp_syn_cookie(cookie, iph->saddr, iph->daddr,

	__u32 mssind;

	mssind = check_tcp_syn_cookie(cookie, iph->saddr, iph->daddr,

				      th->source, th->dest, seq);

	return mssind < ARRAY_SIZE(msstab) ? msstab[mssind] : 0;

{

	struct ip_options *opt = &TCP_SKB_CB(skb)->header.h4.opt;

	const struct tcphdr *th = tcp_hdr(skb);

	__u32 cookie = ntohl(th->ack_seq) - 1;

	struct tcp_options_received tcp_opt;

	struct tcp_sock *tp = tcp_sk(sk);

	struct inet_request_sock *ireq;

	if (tcp_synq_no_recent_overflow(sk))

		goto out;

	mss = __cookie_v4_check(ip_hdr(skb), th, cookie);

	mss = __cookie_v4_check(ip_hdr(skb), th);

	if (mss == 0) {

		__NET_INC_STATS(net, LINUX_MIB_SYNCOOKIESFAILED);

		goto out;

	ireq = inet_rsk(req);

	treq = tcp_rsk(req);

	treq->rcv_isn		= ntohl(th->seq) - 1;

	treq->snt_isn		= cookie;

	treq->snt_isn		= ntohl(th->ack_seq) - 1;

	treq->ts_off		= 0;

	treq->txhash		= net_tx_rndhash();

	req->mss		= mss;

	return __cookie_v6_init_sequence(iph, th, mssp);

}

int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th,

		      __u32 cookie)

int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th)

{

	__u32 cookie = ntohl(th->ack_seq) - 1;

	__u32 seq = ntohl(th->seq) - 1;

	__u32 mssind = check_tcp_syn_cookie(cookie, &iph->saddr, &iph->daddr,

	__u32 mssind;

	mssind = check_tcp_syn_cookie(cookie, &iph->saddr, &iph->daddr,

				      th->source, th->dest, seq);

	return mssind < ARRAY_SIZE(msstab) ? msstab[mssind] : 0;

struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb)

{

	const struct tcphdr *th = tcp_hdr(skb);

	__u32 cookie = ntohl(th->ack_seq) - 1;

	struct ipv6_pinfo *np = inet6_sk(sk);

	struct tcp_options_received tcp_opt;

	struct tcp_sock *tp = tcp_sk(sk);

	if (tcp_synq_no_recent_overflow(sk))

		goto out;

	mss = __cookie_v6_check(ipv6_hdr(skb), th, cookie);

	mss = __cookie_v6_check(ipv6_hdr(skb), th);

	if (mss == 0) {

		__NET_INC_STATS(net, LINUX_MIB_SYNCOOKIESFAILED);

		goto out;

	req->ts_recent		= tcp_opt.saw_tstamp ? tcp_opt.rcv_tsval : 0;

	treq->snt_synack	= 0;

	treq->rcv_isn = ntohl(th->seq) - 1;

	treq->snt_isn = cookie;

	treq->snt_isn = ntohl(th->ack_seq) - 1;

	treq->ts_off = 0;

	treq->txhash = net_tx_rndhash();