projects / dragonfly.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Network threading stage 1/3: netisrs are already software interrupts,
[dragonfly.git] / sys / netinet / tcp_subr.c
... / ...
CommitLineData
1/*
2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995
3 * The Regents of the University of California. All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. All advertising materials mentioning features or use of this software
14 * must display the following acknowledgement:
15 * This product includes software developed by the University of
16 * California, Berkeley and its contributors.
17 * 4. Neither the name of the University nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
20 *
21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
32 *
33 * @(#)tcp_subr.c 8.2 (Berkeley) 5/24/95
34 * $FreeBSD: src/sys/netinet/tcp_subr.c,v 1.73.2.31 2003/01/24 05:11:34 sam Exp $
35 * $DragonFly: src/sys/netinet/tcp_subr.c,v 1.9 2003/11/08 07:57:51 dillon Exp $
36 */
37
38#include "opt_compat.h"
39#include "opt_inet6.h"
40#include "opt_ipsec.h"
41#include "opt_tcpdebug.h"
42
43#include <sys/param.h>
44#include <sys/systm.h>
45#include <sys/callout.h>
46#include <sys/kernel.h>
47#include <sys/sysctl.h>
48#include <sys/malloc.h>
49#include <sys/mbuf.h>
50#ifdef INET6
51#include <sys/domain.h>
52#endif
53#include <sys/proc.h>
54#include <sys/socket.h>
55#include <sys/socketvar.h>
56#include <sys/protosw.h>
57#include <sys/random.h>
58
59#include <vm/vm_zone.h>
60
61#include <net/route.h>
62#include <net/if.h>
63
64#define _IP_VHL
65#include <netinet/in.h>
66#include <netinet/in_systm.h>
67#include <netinet/ip.h>
68#ifdef INET6
69#include <netinet/ip6.h>
70#endif
71#include <netinet/in_pcb.h>
72#ifdef INET6
73#include <netinet6/in6_pcb.h>
74#endif
75#include <netinet/in_var.h>
76#include <netinet/ip_var.h>
77#ifdef INET6
78#include <netinet6/ip6_var.h>
79#endif
80#include <netinet/tcp.h>
81#include <netinet/tcp_fsm.h>
82#include <netinet/tcp_seq.h>
83#include <netinet/tcp_timer.h>
84#include <netinet/tcp_var.h>
85#ifdef INET6
86#include <netinet6/tcp6_var.h>
87#endif
88#include <netinet/tcpip.h>
89#ifdef TCPDEBUG
90#include <netinet/tcp_debug.h>
91#endif
92#include <netinet6/ip6protosw.h>
93
94#ifdef IPSEC
95#include <netinet6/ipsec.h>
96#ifdef INET6
97#include <netinet6/ipsec6.h>
98#endif
99#endif /*IPSEC*/
100
101#ifdef FAST_IPSEC
102#include <netipsec/ipsec.h>
103#ifdef INET6
104#include <netipsec/ipsec6.h>
105#endif
106#define IPSEC
107#endif /*FAST_IPSEC*/
108
109#include <machine/in_cksum.h>
110#include <sys/md5.h>
111
112int tcp_mssdflt = TCP_MSS;
113SYSCTL_INT(_net_inet_tcp, TCPCTL_MSSDFLT, mssdflt, CTLFLAG_RW,
114 &tcp_mssdflt , 0, "Default TCP Maximum Segment Size");
115
116#ifdef INET6
117int tcp_v6mssdflt = TCP6_MSS;
118SYSCTL_INT(_net_inet_tcp, TCPCTL_V6MSSDFLT, v6mssdflt,
119 CTLFLAG_RW, &tcp_v6mssdflt , 0,
120 "Default TCP Maximum Segment Size for IPv6");
121#endif
122
123#if 0
124static int tcp_rttdflt = TCPTV_SRTTDFLT / PR_SLOWHZ;
125SYSCTL_INT(_net_inet_tcp, TCPCTL_RTTDFLT, rttdflt, CTLFLAG_RW,
126 &tcp_rttdflt , 0, "Default maximum TCP Round Trip Time");
127#endif
128
129int tcp_do_rfc1323 = 1;
130SYSCTL_INT(_net_inet_tcp, TCPCTL_DO_RFC1323, rfc1323, CTLFLAG_RW,
131 &tcp_do_rfc1323 , 0, "Enable rfc1323 (high performance TCP) extensions");
132
133int tcp_do_rfc1644 = 0;
134SYSCTL_INT(_net_inet_tcp, TCPCTL_DO_RFC1644, rfc1644, CTLFLAG_RW,
135 &tcp_do_rfc1644 , 0, "Enable rfc1644 (TTCP) extensions");
136
137static int tcp_tcbhashsize = 0;
138SYSCTL_INT(_net_inet_tcp, OID_AUTO, tcbhashsize, CTLFLAG_RD,
139 &tcp_tcbhashsize, 0, "Size of TCP control-block hashtable");
140
141static int do_tcpdrain = 1;
142SYSCTL_INT(_net_inet_tcp, OID_AUTO, do_tcpdrain, CTLFLAG_RW, &do_tcpdrain, 0,
143 "Enable tcp_drain routine for extra help when low on mbufs");
144
145SYSCTL_INT(_net_inet_tcp, OID_AUTO, pcbcount, CTLFLAG_RD,
146 &tcbinfo.ipi_count, 0, "Number of active PCBs");
147
148static int icmp_may_rst = 1;
149SYSCTL_INT(_net_inet_tcp, OID_AUTO, icmp_may_rst, CTLFLAG_RW, &icmp_may_rst, 0,
150 "Certain ICMP unreachable messages may abort connections in SYN_SENT");
151
152static int tcp_isn_reseed_interval = 0;
153SYSCTL_INT(_net_inet_tcp, OID_AUTO, isn_reseed_interval, CTLFLAG_RW,
154 &tcp_isn_reseed_interval, 0, "Seconds between reseeding of ISN secret");
155
156/*
157 * TCP bandwidth limiting sysctls. Note that the default lower bound of
158 * 1024 exists only for debugging. A good production default would be
159 * something like 6100.
160 */
161static int tcp_inflight_enable = 0;
162SYSCTL_INT(_net_inet_tcp, OID_AUTO, inflight_enable, CTLFLAG_RW,
163 &tcp_inflight_enable, 0, "Enable automatic TCP inflight data limiting");
164
165static int tcp_inflight_debug = 0;
166SYSCTL_INT(_net_inet_tcp, OID_AUTO, inflight_debug, CTLFLAG_RW,
167 &tcp_inflight_debug, 0, "Debug TCP inflight calculations");
168
169static int tcp_inflight_min = 6144;
170SYSCTL_INT(_net_inet_tcp, OID_AUTO, inflight_min, CTLFLAG_RW,
171 &tcp_inflight_min, 0, "Lower-bound for TCP inflight window");
172
173static int tcp_inflight_max = TCP_MAXWIN << TCP_MAX_WINSHIFT;
174SYSCTL_INT(_net_inet_tcp, OID_AUTO, inflight_max, CTLFLAG_RW,
175 &tcp_inflight_max, 0, "Upper-bound for TCP inflight window");
176
177static int tcp_inflight_stab = 20;
178SYSCTL_INT(_net_inet_tcp, OID_AUTO, inflight_stab, CTLFLAG_RW,
179 &tcp_inflight_stab, 0, "Slop in maximal packets / 10 (20 = 2 packets)");
180
181static void tcp_cleartaocache (void);
182static void tcp_notify (struct inpcb *, int);
183
184/*
185 * Target size of TCP PCB hash tables. Must be a power of two.
186 *
187 * Note that this can be overridden by the kernel environment
188 * variable net.inet.tcp.tcbhashsize
189 */
190#ifndef TCBHASHSIZE
191#define TCBHASHSIZE 512
192#endif
193
194/*
195 * This is the actual shape of what we allocate using the zone
196 * allocator. Doing it this way allows us to protect both structures
197 * using the same generation count, and also eliminates the overhead
198 * of allocating tcpcbs separately. By hiding the structure here,
199 * we avoid changing most of the rest of the code (although it needs
200 * to be changed, eventually, for greater efficiency).
201 */
202#define ALIGNMENT 32
203#define ALIGNM1 (ALIGNMENT - 1)
204struct inp_tp {
205 union {
206 struct inpcb inp;
207 char align[(sizeof(struct inpcb) + ALIGNM1) & ~ALIGNM1];
208 } inp_tp_u;
209 struct tcpcb tcb;
210 struct callout inp_tp_rexmt, inp_tp_persist, inp_tp_keep, inp_tp_2msl;
211 struct callout inp_tp_delack;
212};
213#undef ALIGNMENT
214#undef ALIGNM1
215
216/*
217 * Tcp initialization
218 */
219void
220tcp_init()
221{
222 int hashsize = TCBHASHSIZE;
223
224 tcp_ccgen = 1;
225 tcp_cleartaocache();
226
227 tcp_delacktime = TCPTV_DELACK;
228 tcp_keepinit = TCPTV_KEEP_INIT;
229 tcp_keepidle = TCPTV_KEEP_IDLE;
230 tcp_keepintvl = TCPTV_KEEPINTVL;
231 tcp_maxpersistidle = TCPTV_KEEP_IDLE;
232 tcp_msl = TCPTV_MSL;
233 tcp_rexmit_min = TCPTV_MIN;
234 tcp_rexmit_slop = TCPTV_CPU_VAR;
235
236 LIST_INIT(&tcb);
237 tcbinfo.listhead = &tcb;
238 TUNABLE_INT_FETCH("net.inet.tcp.tcbhashsize", &hashsize);
239 if (!powerof2(hashsize)) {
240 printf("WARNING: TCB hash size not a power of 2\n");
241 hashsize = 512; /* safe default */
242 }
243 tcp_tcbhashsize = hashsize;
244 tcbinfo.hashbase = hashinit(hashsize, M_PCB, &tcbinfo.hashmask);
245 tcbinfo.porthashbase = hashinit(hashsize, M_PCB,
246 &tcbinfo.porthashmask);
247 tcbinfo.ipi_zone = zinit("tcpcb", sizeof(struct inp_tp), maxsockets,
248 ZONE_INTERRUPT, 0);
249#ifdef INET6
250#define TCP_MINPROTOHDR (sizeof(struct ip6_hdr) + sizeof(struct tcphdr))
251#else /* INET6 */
252#define TCP_MINPROTOHDR (sizeof(struct tcpiphdr))
253#endif /* INET6 */
254 if (max_protohdr < TCP_MINPROTOHDR)
255 max_protohdr = TCP_MINPROTOHDR;
256 if (max_linkhdr + TCP_MINPROTOHDR > MHLEN)
257 panic("tcp_init");
258#undef TCP_MINPROTOHDR
259
260 syncache_init();
261 tcp_thread_init();
262}
263
264/*
265 * Fill in the IP and TCP headers for an outgoing packet, given the tcpcb.
266 * tcp_template used to store this data in mbufs, but we now recopy it out
267 * of the tcpcb each time to conserve mbufs.
268 */
269void
270tcp_fillheaders(tp, ip_ptr, tcp_ptr)
271 struct tcpcb *tp;
272 void *ip_ptr;
273 void *tcp_ptr;
274{
275 struct inpcb *inp = tp->t_inpcb;
276 struct tcphdr *tcp_hdr = (struct tcphdr *)tcp_ptr;
277
278#ifdef INET6
279 if ((inp->inp_vflag & INP_IPV6) != 0) {
280 struct ip6_hdr *ip6;
281
282 ip6 = (struct ip6_hdr *)ip_ptr;
283 ip6->ip6_flow = (ip6->ip6_flow & ~IPV6_FLOWINFO_MASK) |
284 (inp->in6p_flowinfo & IPV6_FLOWINFO_MASK);
285 ip6->ip6_vfc = (ip6->ip6_vfc & ~IPV6_VERSION_MASK) |
286 (IPV6_VERSION & IPV6_VERSION_MASK);
287 ip6->ip6_nxt = IPPROTO_TCP;
288 ip6->ip6_plen = sizeof(struct tcphdr);
289 ip6->ip6_src = inp->in6p_laddr;
290 ip6->ip6_dst = inp->in6p_faddr;
291 tcp_hdr->th_sum = 0;
292 } else
293#endif
294 {
295 struct ip *ip = (struct ip *) ip_ptr;
296
297 ip->ip_vhl = IP_VHL_BORING;
298 ip->ip_tos = 0;
299 ip->ip_len = 0;
300 ip->ip_id = 0;
301 ip->ip_off = 0;
302 ip->ip_ttl = 0;
303 ip->ip_sum = 0;
304 ip->ip_p = IPPROTO_TCP;
305 ip->ip_src = inp->inp_laddr;
306 ip->ip_dst = inp->inp_faddr;
307 tcp_hdr->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr,
308 htons(sizeof(struct tcphdr) + IPPROTO_TCP));
309 }
310
311 tcp_hdr->th_sport = inp->inp_lport;
312 tcp_hdr->th_dport = inp->inp_fport;
313 tcp_hdr->th_seq = 0;
314 tcp_hdr->th_ack = 0;
315 tcp_hdr->th_x2 = 0;
316 tcp_hdr->th_off = 5;
317 tcp_hdr->th_flags = 0;
318 tcp_hdr->th_win = 0;
319 tcp_hdr->th_urp = 0;
320}
321
322/*
323 * Create template to be used to send tcp packets on a connection.
324 * Allocates an mbuf and fills in a skeletal tcp/ip header. The only
325 * use for this function is in keepalives, which use tcp_respond.
326 */
327struct tcptemp *
328tcp_maketemplate(tp)
329 struct tcpcb *tp;
330{
331 struct mbuf *m;
332 struct tcptemp *n;
333
334 m = m_get(M_DONTWAIT, MT_HEADER);
335 if (m == NULL)
336 return (0);
337 m->m_len = sizeof(struct tcptemp);
338 n = mtod(m, struct tcptemp *);
339
340 tcp_fillheaders(tp, (void *)&n->tt_ipgen, (void *)&n->tt_t);
341 return (n);
342}
343
344/*
345 * Send a single message to the TCP at address specified by
346 * the given TCP/IP header. If m == 0, then we make a copy
347 * of the tcpiphdr at ti and send directly to the addressed host.
348 * This is used to force keep alive messages out using the TCP
349 * template for a connection. If flags are given then we send
350 * a message back to the TCP which originated the * segment ti,
351 * and discard the mbuf containing it and any other attached mbufs.
352 *
353 * In any case the ack and sequence number of the transmitted
354 * segment are as specified by the parameters.
355 *
356 * NOTE: If m != NULL, then ti must point to *inside* the mbuf.
357 */
358void
359tcp_respond(tp, ipgen, th, m, ack, seq, flags)
360 struct tcpcb *tp;
361 void *ipgen;
362 struct tcphdr *th;
363 struct mbuf *m;
364 tcp_seq ack, seq;
365 int flags;
366{
367 int tlen;
368 int win = 0;
369 struct route *ro = 0;
370 struct route sro;
371 struct ip *ip;
372 struct tcphdr *nth;
373#ifdef INET6
374 struct route_in6 *ro6 = 0;
375 struct route_in6 sro6;
376 struct ip6_hdr *ip6;
377 int isipv6;
378#endif /* INET6 */
379 int ipflags = 0;
380
381#ifdef INET6
382 isipv6 = IP_VHL_V(((struct ip *)ipgen)->ip_vhl) == 6;
383 ip6 = ipgen;
384#endif /* INET6 */
385 ip = ipgen;
386
387 if (tp) {
388 if (!(flags & TH_RST)) {
389 win = sbspace(&tp->t_inpcb->inp_socket->so_rcv);
390 if (win > (long)TCP_MAXWIN << tp->rcv_scale)
391 win = (long)TCP_MAXWIN << tp->rcv_scale;
392 }
393#ifdef INET6
394 if (isipv6)
395 ro6 = &tp->t_inpcb->in6p_route;
396 else
397#endif /* INET6 */
398 ro = &tp->t_inpcb->inp_route;
399 } else {
400#ifdef INET6
401 if (isipv6) {
402 ro6 = &sro6;
403 bzero(ro6, sizeof *ro6);
404 } else
405#endif /* INET6 */
406 {
407 ro = &sro;
408 bzero(ro, sizeof *ro);
409 }
410 }
411 if (m == 0) {
412 m = m_gethdr(M_DONTWAIT, MT_HEADER);
413 if (m == NULL)
414 return;
415 tlen = 0;
416 m->m_data += max_linkhdr;
417#ifdef INET6
418 if (isipv6) {
419 bcopy((caddr_t)ip6, mtod(m, caddr_t),
420 sizeof(struct ip6_hdr));
421 ip6 = mtod(m, struct ip6_hdr *);
422 nth = (struct tcphdr *)(ip6 + 1);
423 } else
424#endif /* INET6 */
425 {
426 bcopy((caddr_t)ip, mtod(m, caddr_t), sizeof(struct ip));
427 ip = mtod(m, struct ip *);
428 nth = (struct tcphdr *)(ip + 1);
429 }
430 bcopy((caddr_t)th, (caddr_t)nth, sizeof(struct tcphdr));
431 flags = TH_ACK;
432 } else {
433 m_freem(m->m_next);
434 m->m_next = 0;
435 m->m_data = (caddr_t)ipgen;
436 /* m_len is set later */
437 tlen = 0;
438#define xchg(a,b,type) { type t; t=a; a=b; b=t; }
439#ifdef INET6
440 if (isipv6) {
441 xchg(ip6->ip6_dst, ip6->ip6_src, struct in6_addr);
442 nth = (struct tcphdr *)(ip6 + 1);
443 } else
444#endif /* INET6 */
445 {
446 xchg(ip->ip_dst.s_addr, ip->ip_src.s_addr, n_long);
447 nth = (struct tcphdr *)(ip + 1);
448 }
449 if (th != nth) {
450 /*
451 * this is usually a case when an extension header
452 * exists between the IPv6 header and the
453 * TCP header.
454 */
455 nth->th_sport = th->th_sport;
456 nth->th_dport = th->th_dport;
457 }
458 xchg(nth->th_dport, nth->th_sport, n_short);
459#undef xchg
460 }
461#ifdef INET6
462 if (isipv6) {
463 ip6->ip6_flow = 0;
464 ip6->ip6_vfc = IPV6_VERSION;
465 ip6->ip6_nxt = IPPROTO_TCP;
466 ip6->ip6_plen = htons((u_short)(sizeof (struct tcphdr) +
467 tlen));
468 tlen += sizeof (struct ip6_hdr) + sizeof (struct tcphdr);
469 } else
470#endif
471 {
472 tlen += sizeof (struct tcpiphdr);
473 ip->ip_len = tlen;
474 ip->ip_ttl = ip_defttl;
475 }
476 m->m_len = tlen;
477 m->m_pkthdr.len = tlen;
478 m->m_pkthdr.rcvif = (struct ifnet *) 0;
479 nth->th_seq = htonl(seq);
480 nth->th_ack = htonl(ack);
481 nth->th_x2 = 0;
482 nth->th_off = sizeof (struct tcphdr) >> 2;
483 nth->th_flags = flags;
484 if (tp)
485 nth->th_win = htons((u_short) (win >> tp->rcv_scale));
486 else
487 nth->th_win = htons((u_short)win);
488 nth->th_urp = 0;
489#ifdef INET6
490 if (isipv6) {
491 nth->th_sum = 0;
492 nth->th_sum = in6_cksum(m, IPPROTO_TCP,
493 sizeof(struct ip6_hdr),
494 tlen - sizeof(struct ip6_hdr));
495 ip6->ip6_hlim = in6_selecthlim(tp ? tp->t_inpcb : NULL,
496 ro6 && ro6->ro_rt ?
497 ro6->ro_rt->rt_ifp :
498 NULL);
499 } else
500#endif /* INET6 */
501 {
502 nth->th_sum = in_pseudo(ip->ip_src.s_addr, ip->ip_dst.s_addr,
503 htons((u_short)(tlen - sizeof(struct ip) + ip->ip_p)));
504 m->m_pkthdr.csum_flags = CSUM_TCP;
505 m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum);
506 }
507#ifdef TCPDEBUG
508 if (tp == NULL || (tp->t_inpcb->inp_socket->so_options & SO_DEBUG))
509 tcp_trace(TA_OUTPUT, 0, tp, mtod(m, void *), th, 0);
510#endif
511#ifdef INET6
512 if (isipv6) {
513 (void)ip6_output(m, NULL, ro6, ipflags, NULL, NULL,
514 tp ? tp->t_inpcb : NULL);
515 if (ro6 == &sro6 && ro6->ro_rt) {
516 RTFREE(ro6->ro_rt);
517 ro6->ro_rt = NULL;
518 }
519 } else
520#endif /* INET6 */
521 {
522 (void) ip_output(m, NULL, ro, ipflags, NULL, tp ? tp->t_inpcb : NULL);
523 if (ro == &sro && ro->ro_rt) {
524 RTFREE(ro->ro_rt);
525 ro->ro_rt = NULL;
526 }
527 }
528}
529
530/*
531 * Create a new TCP control block, making an
532 * empty reassembly queue and hooking it to the argument
533 * protocol control block. The `inp' parameter must have
534 * come from the zone allocator set up in tcp_init().
535 */
536struct tcpcb *
537tcp_newtcpcb(inp)
538 struct inpcb *inp;
539{
540 struct inp_tp *it;
541 struct tcpcb *tp;
542#ifdef INET6
543 int isipv6 = (inp->inp_vflag & INP_IPV6) != 0;
544#endif /* INET6 */
545
546 it = (struct inp_tp *)inp;
547 tp = &it->tcb;
548 bzero((char *) tp, sizeof(struct tcpcb));
549 LIST_INIT(&tp->t_segq);
550 tp->t_maxseg = tp->t_maxopd =
551#ifdef INET6
552 isipv6 ? tcp_v6mssdflt :
553#endif /* INET6 */
554 tcp_mssdflt;
555
556 /* Set up our timeouts. */
557 callout_init(tp->tt_rexmt = &it->inp_tp_rexmt);
558 callout_init(tp->tt_persist = &it->inp_tp_persist);
559 callout_init(tp->tt_keep = &it->inp_tp_keep);
560 callout_init(tp->tt_2msl = &it->inp_tp_2msl);
561 callout_init(tp->tt_delack = &it->inp_tp_delack);
562
563 if (tcp_do_rfc1323)
564 tp->t_flags = (TF_REQ_SCALE|TF_REQ_TSTMP);
565 if (tcp_do_rfc1644)
566 tp->t_flags |= TF_REQ_CC;
567 tp->t_inpcb = inp; /* XXX */
568 /*
569 * Init srtt to TCPTV_SRTTBASE (0), so we can tell that we have no
570 * rtt estimate. Set rttvar so that srtt + 4 * rttvar gives
571 * reasonable initial retransmit time.
572 */
573 tp->t_srtt = TCPTV_SRTTBASE;
574 tp->t_rttvar = ((TCPTV_RTOBASE - TCPTV_SRTTBASE) << TCP_RTTVAR_SHIFT) / 4;
575 tp->t_rttmin = tcp_rexmit_min;
576 tp->t_rxtcur = TCPTV_RTOBASE;
577 tp->snd_cwnd = TCP_MAXWIN << TCP_MAX_WINSHIFT;
578 tp->snd_bwnd = TCP_MAXWIN << TCP_MAX_WINSHIFT;
579 tp->snd_ssthresh = TCP_MAXWIN << TCP_MAX_WINSHIFT;
580 tp->t_rcvtime = ticks;
581 tp->t_bw_rtttime = ticks;
582 /*
583 * IPv4 TTL initialization is necessary for an IPv6 socket as well,
584 * because the socket may be bound to an IPv6 wildcard address,
585 * which may match an IPv4-mapped IPv6 address.
586 */
587 inp->inp_ip_ttl = ip_defttl;
588 inp->inp_ppcb = (caddr_t)tp;
589 return (tp); /* XXX */
590}
591
592/*
593 * Drop a TCP connection, reporting
594 * the specified error. If connection is synchronized,
595 * then send a RST to peer.
596 */
597struct tcpcb *
598tcp_drop(tp, errno)
599 struct tcpcb *tp;
600 int errno;
601{
602 struct socket *so = tp->t_inpcb->inp_socket;
603
604 if (TCPS_HAVERCVDSYN(tp->t_state)) {
605 tp->t_state = TCPS_CLOSED;
606 (void) tcp_output(tp);
607 tcpstat.tcps_drops++;
608 } else
609 tcpstat.tcps_conndrops++;
610 if (errno == ETIMEDOUT && tp->t_softerror)
611 errno = tp->t_softerror;
612 so->so_error = errno;
613 return (tcp_close(tp));
614}
615
616/*
617 * Close a TCP control block:
618 * discard all space held by the tcp
619 * discard internet protocol block
620 * wake up any sleepers
621 */
622struct tcpcb *
623tcp_close(tp)
624 struct tcpcb *tp;
625{
626 struct tseg_qent *q;
627 struct inpcb *inp = tp->t_inpcb;
628 struct socket *so = inp->inp_socket;
629#ifdef INET6
630 int isipv6 = (inp->inp_vflag & INP_IPV6) != 0;
631#endif /* INET6 */
632 struct rtentry *rt;
633 int dosavessthresh;
634
635 /*
636 * Make sure that all of our timers are stopped before we
637 * delete the PCB.
638 */
639 callout_stop(tp->tt_rexmt);
640 callout_stop(tp->tt_persist);
641 callout_stop(tp->tt_keep);
642 callout_stop(tp->tt_2msl);
643 callout_stop(tp->tt_delack);
644
645 /*
646 * If we got enough samples through the srtt filter,
647 * save the rtt and rttvar in the routing entry.
648 * 'Enough' is arbitrarily defined as the 16 samples.
649 * 16 samples is enough for the srtt filter to converge
650 * to within 5% of the correct value; fewer samples and
651 * we could save a very bogus rtt.
652 *
653 * Don't update the default route's characteristics and don't
654 * update anything that the user "locked".
655 */
656 if (tp->t_rttupdated >= 16) {
657 u_long i = 0;
658#ifdef INET6
659 if (isipv6) {
660 struct sockaddr_in6 *sin6;
661
662 if ((rt = inp->in6p_route.ro_rt) == NULL)
663 goto no_valid_rt;
664 sin6 = (struct sockaddr_in6 *)rt_key(rt);
665 if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr))
666 goto no_valid_rt;
667 }
668 else
669#endif /* INET6 */
670 if ((rt = inp->inp_route.ro_rt) == NULL ||
671 ((struct sockaddr_in *)rt_key(rt))->sin_addr.s_addr
672 == INADDR_ANY)
673 goto no_valid_rt;
674
675 if ((rt->rt_rmx.rmx_locks & RTV_RTT) == 0) {
676 i = tp->t_srtt *
677 (RTM_RTTUNIT / (hz * TCP_RTT_SCALE));
678 if (rt->rt_rmx.rmx_rtt && i)
679 /*
680 * filter this update to half the old & half
681 * the new values, converting scale.
682 * See route.h and tcp_var.h for a
683 * description of the scaling constants.
684 */
685 rt->rt_rmx.rmx_rtt =
686 (rt->rt_rmx.rmx_rtt + i) / 2;
687 else
688 rt->rt_rmx.rmx_rtt = i;
689 tcpstat.tcps_cachedrtt++;
690 }
691 if ((rt->rt_rmx.rmx_locks & RTV_RTTVAR) == 0) {
692 i = tp->t_rttvar *
693 (RTM_RTTUNIT / (hz * TCP_RTTVAR_SCALE));
694 if (rt->rt_rmx.rmx_rttvar && i)
695 rt->rt_rmx.rmx_rttvar =
696 (rt->rt_rmx.rmx_rttvar + i) / 2;
697 else
698 rt->rt_rmx.rmx_rttvar = i;
699 tcpstat.tcps_cachedrttvar++;
700 }
701 /*
702 * The old comment here said:
703 * update the pipelimit (ssthresh) if it has been updated
704 * already or if a pipesize was specified & the threshhold
705 * got below half the pipesize. I.e., wait for bad news
706 * before we start updating, then update on both good
707 * and bad news.
708 *
709 * But we want to save the ssthresh even if no pipesize is
710 * specified explicitly in the route, because such
711 * connections still have an implicit pipesize specified
712 * by the global tcp_sendspace. In the absence of a reliable
713 * way to calculate the pipesize, it will have to do.
714 */
715 i = tp->snd_ssthresh;
716 if (rt->rt_rmx.rmx_sendpipe != 0)
717 dosavessthresh = (i < rt->rt_rmx.rmx_sendpipe / 2);
718 else
719 dosavessthresh = (i < so->so_snd.sb_hiwat / 2);
720 if (((rt->rt_rmx.rmx_locks & RTV_SSTHRESH) == 0 &&
721 i != 0 && rt->rt_rmx.rmx_ssthresh != 0)
722 || dosavessthresh) {
723 /*
724 * convert the limit from user data bytes to
725 * packets then to packet data bytes.
726 */
727 i = (i + tp->t_maxseg / 2) / tp->t_maxseg;
728 if (i < 2)
729 i = 2;
730 i *= (u_long)(tp->t_maxseg +
731#ifdef INET6
732 (isipv6 ? sizeof (struct ip6_hdr) +
733 sizeof (struct tcphdr) :
734#endif
735 sizeof (struct tcpiphdr)
736#ifdef INET6
737 )
738#endif
739 );
740 if (rt->rt_rmx.rmx_ssthresh)
741 rt->rt_rmx.rmx_ssthresh =
742 (rt->rt_rmx.rmx_ssthresh + i) / 2;
743 else
744 rt->rt_rmx.rmx_ssthresh = i;
745 tcpstat.tcps_cachedssthresh++;
746 }
747 }
748 no_valid_rt:
749 /* free the reassembly queue, if any */
750 while((q = LIST_FIRST(&tp->t_segq)) != NULL) {
751 LIST_REMOVE(q, tqe_q);
752 m_freem(q->tqe_m);
753 FREE(q, M_TSEGQ);
754 }
755 inp->inp_ppcb = NULL;
756 soisdisconnected(so);
757#ifdef INET6
758 if (INP_CHECK_SOCKAF(so, AF_INET6))
759 in6_pcbdetach(inp);
760 else
761#endif /* INET6 */
762 in_pcbdetach(inp);
763 tcpstat.tcps_closed++;
764 return ((struct tcpcb *)0);
765}
766
767void
768tcp_drain()
769{
770 if (do_tcpdrain)
771 {
772 struct inpcb *inpb;
773 struct tcpcb *tcpb;
774 struct tseg_qent *te;
775
776 /*
777 * Walk the tcpbs, if existing, and flush the reassembly queue,
778 * if there is one...
779 * XXX: The "Net/3" implementation doesn't imply that the TCP
780 * reassembly queue should be flushed, but in a situation
781 * where we're really low on mbufs, this is potentially
782 * usefull.
783 */
784 LIST_FOREACH(inpb, tcbinfo.listhead, inp_list) {
785 if ((tcpb = intotcpcb(inpb))) {
786 while ((te = LIST_FIRST(&tcpb->t_segq))
787 != NULL) {
788 LIST_REMOVE(te, tqe_q);
789 m_freem(te->tqe_m);
790 FREE(te, M_TSEGQ);
791 }
792 }
793 }
794
795 }
796}
797
798/*
799 * Notify a tcp user of an asynchronous error;
800 * store error as soft error, but wake up user
801 * (for now, won't do anything until can select for soft error).
802 *
803 * Do not wake up user since there currently is no mechanism for
804 * reporting soft errors (yet - a kqueue filter may be added).
805 */
806static void
807tcp_notify(inp, error)
808 struct inpcb *inp;
809 int error;
810{
811 struct tcpcb *tp = (struct tcpcb *)inp->inp_ppcb;
812
813 /*
814 * Ignore some errors if we are hooked up.
815 * If connection hasn't completed, has retransmitted several times,
816 * and receives a second error, give up now. This is better
817 * than waiting a long time to establish a connection that
818 * can never complete.
819 */
820 if (tp->t_state == TCPS_ESTABLISHED &&
821 (error == EHOSTUNREACH || error == ENETUNREACH ||
822 error == EHOSTDOWN)) {
823 return;
824 } else if (tp->t_state < TCPS_ESTABLISHED && tp->t_rxtshift > 3 &&
825 tp->t_softerror)
826 tcp_drop(tp, error);
827 else
828 tp->t_softerror = error;
829#if 0
830 wakeup((caddr_t) &so->so_timeo);
831 sorwakeup(so);
832 sowwakeup(so);
833#endif
834}
835
836static int
837tcp_pcblist(SYSCTL_HANDLER_ARGS)
838{
839 int error, i, n, s;
840 struct inpcb *inp, **inp_list;
841 inp_gen_t gencnt;
842 struct xinpgen xig;
843
844 /*
845 * The process of preparing the TCB list is too time-consuming and
846 * resource-intensive to repeat twice on every request.
847 */
848 if (req->oldptr == 0) {
849 n = tcbinfo.ipi_count;
850 req->oldidx = 2 * (sizeof xig)
851 + (n + n/8) * sizeof(struct xtcpcb);
852 return 0;
853 }
854
855 if (req->newptr != 0)
856 return EPERM;
857
858 /*
859 * OK, now we're committed to doing something.
860 */
861 s = splnet();
862 gencnt = tcbinfo.ipi_gencnt;
863 n = tcbinfo.ipi_count;
864 splx(s);
865
866 xig.xig_len = sizeof xig;
867 xig.xig_count = n;
868 xig.xig_gen = gencnt;
869 xig.xig_sogen = so_gencnt;
870 error = SYSCTL_OUT(req, &xig, sizeof xig);
871 if (error)
872 return error;
873
874 inp_list = malloc(n * sizeof *inp_list, M_TEMP, M_WAITOK);
875 if (inp_list == 0)
876 return ENOMEM;
877
878 s = splnet();
879 for (inp = LIST_FIRST(tcbinfo.listhead), i = 0; inp && i < n;
880 inp = LIST_NEXT(inp, inp_list)) {
881 if (inp->inp_gencnt <= gencnt && !prison_xinpcb(req->td, inp))
882 inp_list[i++] = inp;
883 }
884 splx(s);
885 n = i;
886
887 error = 0;
888 for (i = 0; i < n; i++) {
889 inp = inp_list[i];
890 if (inp->inp_gencnt <= gencnt) {
891 struct xtcpcb xt;
892 caddr_t inp_ppcb;
893 xt.xt_len = sizeof xt;
894 /* XXX should avoid extra copy */
895 bcopy(inp, &xt.xt_inp, sizeof *inp);
896 inp_ppcb = inp->inp_ppcb;
897 if (inp_ppcb != NULL)
898 bcopy(inp_ppcb, &xt.xt_tp, sizeof xt.xt_tp);
899 else
900 bzero((char *) &xt.xt_tp, sizeof xt.xt_tp);
901 if (inp->inp_socket)
902 sotoxsocket(inp->inp_socket, &xt.xt_socket);
903 error = SYSCTL_OUT(req, &xt, sizeof xt);
904 }
905 }
906 if (!error) {
907 /*
908 * Give the user an updated idea of our state.
909 * If the generation differs from what we told
910 * her before, she knows that something happened
911 * while we were processing this request, and it
912 * might be necessary to retry.
913 */
914 s = splnet();
915 xig.xig_gen = tcbinfo.ipi_gencnt;
916 xig.xig_sogen = so_gencnt;
917 xig.xig_count = tcbinfo.ipi_count;
918 splx(s);
919 error = SYSCTL_OUT(req, &xig, sizeof xig);
920 }
921 free(inp_list, M_TEMP);
922 return error;
923}
924
925SYSCTL_PROC(_net_inet_tcp, TCPCTL_PCBLIST, pcblist, CTLFLAG_RD, 0, 0,
926 tcp_pcblist, "S,xtcpcb", "List of active TCP connections");
927
928static int
929tcp_getcred(SYSCTL_HANDLER_ARGS)
930{
931 struct sockaddr_in addrs[2];
932 struct inpcb *inp;
933 int error, s;
934
935 error = suser(req->td);
936 if (error)
937 return (error);
938 error = SYSCTL_IN(req, addrs, sizeof(addrs));
939 if (error)
940 return (error);
941 s = splnet();
942 inp = in_pcblookup_hash(&tcbinfo, addrs[1].sin_addr, addrs[1].sin_port,
943 addrs[0].sin_addr, addrs[0].sin_port, 0, NULL);
944 if (inp == NULL || inp->inp_socket == NULL) {
945 error = ENOENT;
946 goto out;
947 }
948 error = SYSCTL_OUT(req, inp->inp_socket->so_cred, sizeof(struct ucred));
949out:
950 splx(s);
951 return (error);
952}
953
954SYSCTL_PROC(_net_inet_tcp, OID_AUTO, getcred, CTLTYPE_OPAQUE|CTLFLAG_RW,
955 0, 0, tcp_getcred, "S,ucred", "Get the ucred of a TCP connection");
956
957#ifdef INET6
958static int
959tcp6_getcred(SYSCTL_HANDLER_ARGS)
960{
961 struct sockaddr_in6 addrs[2];
962 struct inpcb *inp;
963 int error, s, mapped = 0;
964
965 error = suser(req->td);
966 if (error)
967 return (error);
968 error = SYSCTL_IN(req, addrs, sizeof(addrs));
969 if (error)
970 return (error);
971 if (IN6_IS_ADDR_V4MAPPED(&addrs[0].sin6_addr)) {
972 if (IN6_IS_ADDR_V4MAPPED(&addrs[1].sin6_addr))
973 mapped = 1;
974 else
975 return (EINVAL);
976 }
977 s = splnet();
978 if (mapped == 1)
979 inp = in_pcblookup_hash(&tcbinfo,
980 *(struct in_addr *)&addrs[1].sin6_addr.s6_addr[12],
981 addrs[1].sin6_port,
982 *(struct in_addr *)&addrs[0].sin6_addr.s6_addr[12],
983 addrs[0].sin6_port,
984 0, NULL);
985 else
986 inp = in6_pcblookup_hash(&tcbinfo, &addrs[1].sin6_addr,
987 addrs[1].sin6_port,
988 &addrs[0].sin6_addr, addrs[0].sin6_port,
989 0, NULL);
990 if (inp == NULL || inp->inp_socket == NULL) {
991 error = ENOENT;
992 goto out;
993 }
994 error = SYSCTL_OUT(req, inp->inp_socket->so_cred,
995 sizeof(struct ucred));
996out:
997 splx(s);
998 return (error);
999}
1000
1001SYSCTL_PROC(_net_inet6_tcp6, OID_AUTO, getcred, CTLTYPE_OPAQUE|CTLFLAG_RW,
1002 0, 0,
1003 tcp6_getcred, "S,ucred", "Get the ucred of a TCP6 connection");
1004#endif
1005
1006
1007void
1008tcp_ctlinput(cmd, sa, vip)
1009 int cmd;
1010 struct sockaddr *sa;
1011 void *vip;
1012{
1013 struct ip *ip = vip;
1014 struct tcphdr *th;
1015 struct in_addr faddr;
1016 struct inpcb *inp;
1017 struct tcpcb *tp;
1018 void (*notify) (struct inpcb *, int) = tcp_notify;
1019 tcp_seq icmp_seq;
1020 int s;
1021
1022 faddr = ((struct sockaddr_in *)sa)->sin_addr;
1023 if (sa->sa_family != AF_INET || faddr.s_addr == INADDR_ANY)
1024 return;
1025
1026 if (cmd == PRC_QUENCH)
1027 notify = tcp_quench;
1028 else if (icmp_may_rst && (cmd == PRC_UNREACH_ADMIN_PROHIB ||
1029 cmd == PRC_UNREACH_PORT || cmd == PRC_TIMXCEED_INTRANS) && ip)
1030 notify = tcp_drop_syn_sent;
1031 else if (cmd == PRC_MSGSIZE)
1032 notify = tcp_mtudisc;
1033 else if (PRC_IS_REDIRECT(cmd)) {
1034 ip = 0;
1035 notify = in_rtchange;
1036 } else if (cmd == PRC_HOSTDEAD)
1037 ip = 0;
1038 else if ((unsigned)cmd > PRC_NCMDS || inetctlerrmap[cmd] == 0)
1039 return;
1040 if (ip) {
1041 s = splnet();
1042 th = (struct tcphdr *)((caddr_t)ip
1043 + (IP_VHL_HL(ip->ip_vhl) << 2));
1044 inp = in_pcblookup_hash(&tcbinfo, faddr, th->th_dport,
1045 ip->ip_src, th->th_sport, 0, NULL);
1046 if (inp != NULL && inp->inp_socket != NULL) {
1047 icmp_seq = htonl(th->th_seq);
1048 tp = intotcpcb(inp);
1049 if (SEQ_GEQ(icmp_seq, tp->snd_una) &&
1050 SEQ_LT(icmp_seq, tp->snd_max))
1051 (*notify)(inp, inetctlerrmap[cmd]);
1052 } else {
1053 struct in_conninfo inc;
1054
1055 inc.inc_fport = th->th_dport;
1056 inc.inc_lport = th->th_sport;
1057 inc.inc_faddr = faddr;
1058 inc.inc_laddr = ip->ip_src;
1059#ifdef INET6
1060 inc.inc_isipv6 = 0;
1061#endif
1062 syncache_unreach(&inc, th);
1063 }
1064 splx(s);
1065 } else
1066 in_pcbnotifyall(&tcb, faddr, inetctlerrmap[cmd], notify);
1067}
1068
1069#ifdef INET6
1070void
1071tcp6_ctlinput(cmd, sa, d)
1072 int cmd;
1073 struct sockaddr *sa;
1074 void *d;
1075{
1076 struct tcphdr th;
1077 void (*notify) (struct inpcb *, int) = tcp_notify;
1078 struct ip6_hdr *ip6;
1079 struct mbuf *m;
1080 struct ip6ctlparam *ip6cp = NULL;
1081 const struct sockaddr_in6 *sa6_src = NULL;
1082 int off;
1083 struct tcp_portonly {
1084 u_int16_t th_sport;
1085 u_int16_t th_dport;
1086 } *thp;
1087
1088 if (sa->sa_family != AF_INET6 ||
1089 sa->sa_len != sizeof(struct sockaddr_in6))
1090 return;
1091
1092 if (cmd == PRC_QUENCH)
1093 notify = tcp_quench;
1094 else if (cmd == PRC_MSGSIZE)
1095 notify = tcp_mtudisc;
1096 else if (!PRC_IS_REDIRECT(cmd) &&
1097 ((unsigned)cmd > PRC_NCMDS || inet6ctlerrmap[cmd] == 0))
1098 return;
1099
1100 /* if the parameter is from icmp6, decode it. */
1101 if (d != NULL) {
1102 ip6cp = (struct ip6ctlparam *)d;
1103 m = ip6cp->ip6c_m;
1104 ip6 = ip6cp->ip6c_ip6;
1105 off = ip6cp->ip6c_off;
1106 sa6_src = ip6cp->ip6c_src;
1107 } else {
1108 m = NULL;
1109 ip6 = NULL;
1110 off = 0; /* fool gcc */
1111 sa6_src = &sa6_any;
1112 }
1113
1114 if (ip6) {
1115 struct in_conninfo inc;
1116 /*
1117 * XXX: We assume that when IPV6 is non NULL,
1118 * M and OFF are valid.
1119 */
1120
1121 /* check if we can safely examine src and dst ports */
1122 if (m->m_pkthdr.len < off + sizeof(*thp))
1123 return;
1124
1125 bzero(&th, sizeof(th));
1126 m_copydata(m, off, sizeof(*thp), (caddr_t)&th);
1127
1128 in6_pcbnotify(&tcb, sa, th.th_dport,
1129 (struct sockaddr *)ip6cp->ip6c_src,
1130 th.th_sport, cmd, notify);
1131
1132 inc.inc_fport = th.th_dport;
1133 inc.inc_lport = th.th_sport;
1134 inc.inc6_faddr = ((struct sockaddr_in6 *)sa)->sin6_addr;
1135 inc.inc6_laddr = ip6cp->ip6c_src->sin6_addr;
1136 inc.inc_isipv6 = 1;
1137 syncache_unreach(&inc, &th);
1138 } else
1139 in6_pcbnotify(&tcb, sa, 0, (const struct sockaddr *)sa6_src,
1140 0, cmd, notify);
1141}
1142#endif /* INET6 */
1143
1144
1145/*
1146 * Following is where TCP initial sequence number generation occurs.
1147 *
1148 * There are two places where we must use initial sequence numbers:
1149 * 1. In SYN-ACK packets.
1150 * 2. In SYN packets.
1151 *
1152 * All ISNs for SYN-ACK packets are generated by the syncache. See
1153 * tcp_syncache.c for details.
1154 *
1155 * The ISNs in SYN packets must be monotonic; TIME_WAIT recycling
1156 * depends on this property. In addition, these ISNs should be
1157 * unguessable so as to prevent connection hijacking. To satisfy
1158 * the requirements of this situation, the algorithm outlined in
1159 * RFC 1948 is used to generate sequence numbers.
1160 *
1161 * Implementation details:
1162 *
1163 * Time is based off the system timer, and is corrected so that it
1164 * increases by one megabyte per second. This allows for proper
1165 * recycling on high speed LANs while still leaving over an hour
1166 * before rollover.
1167 *
1168 * net.inet.tcp.isn_reseed_interval controls the number of seconds
1169 * between seeding of isn_secret. This is normally set to zero,
1170 * as reseeding should not be necessary.
1171 *
1172 */
1173
1174#define ISN_BYTES_PER_SECOND 1048576
1175
1176u_char isn_secret[32];
1177int isn_last_reseed;
1178MD5_CTX isn_ctx;
1179
1180tcp_seq
1181tcp_new_isn(tp)
1182 struct tcpcb *tp;
1183{
1184 u_int32_t md5_buffer[4];
1185 tcp_seq new_isn;
1186
1187 /* Seed if this is the first use, reseed if requested. */
1188 if ((isn_last_reseed == 0) || ((tcp_isn_reseed_interval > 0) &&
1189 (((u_int)isn_last_reseed + (u_int)tcp_isn_reseed_interval*hz)
1190 < (u_int)ticks))) {
1191 read_random_unlimited(&isn_secret, sizeof(isn_secret));
1192 isn_last_reseed = ticks;
1193 }
1194
1195 /* Compute the md5 hash and return the ISN. */
1196 MD5Init(&isn_ctx);
1197 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->inp_fport, sizeof(u_short));
1198 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->inp_lport, sizeof(u_short));
1199#ifdef INET6
1200 if ((tp->t_inpcb->inp_vflag & INP_IPV6) != 0) {
1201 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->in6p_faddr,
1202 sizeof(struct in6_addr));
1203 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->in6p_laddr,
1204 sizeof(struct in6_addr));
1205 } else
1206#endif
1207 {
1208 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->inp_faddr,
1209 sizeof(struct in_addr));
1210 MD5Update(&isn_ctx, (u_char *) &tp->t_inpcb->inp_laddr,
1211 sizeof(struct in_addr));
1212 }
1213 MD5Update(&isn_ctx, (u_char *) &isn_secret, sizeof(isn_secret));
1214 MD5Final((u_char *) &md5_buffer, &isn_ctx);
1215 new_isn = (tcp_seq) md5_buffer[0];
1216 new_isn += ticks * (ISN_BYTES_PER_SECOND / hz);
1217 return new_isn;
1218}
1219
1220/*
1221 * When a source quench is received, close congestion window
1222 * to one segment. We will gradually open it again as we proceed.
1223 */
1224void
1225tcp_quench(inp, errno)
1226 struct inpcb *inp;
1227 int errno;
1228{
1229 struct tcpcb *tp = intotcpcb(inp);
1230
1231 if (tp)
1232 tp->snd_cwnd = tp->t_maxseg;
1233}
1234
1235/*
1236 * When a specific ICMP unreachable message is received and the
1237 * connection state is SYN-SENT, drop the connection. This behavior
1238 * is controlled by the icmp_may_rst sysctl.
1239 */
1240void
1241tcp_drop_syn_sent(inp, errno)
1242 struct inpcb *inp;
1243 int errno;
1244{
1245 struct tcpcb *tp = intotcpcb(inp);
1246
1247 if (tp && tp->t_state == TCPS_SYN_SENT)
1248 tcp_drop(tp, errno);
1249}
1250
1251/*
1252 * When `need fragmentation' ICMP is received, update our idea of the MSS
1253 * based on the new value in the route. Also nudge TCP to send something,
1254 * since we know the packet we just sent was dropped.
1255 * This duplicates some code in the tcp_mss() function in tcp_input.c.
1256 */
1257void
1258tcp_mtudisc(inp, errno)
1259 struct inpcb *inp;
1260 int errno;
1261{
1262 struct tcpcb *tp = intotcpcb(inp);
1263 struct rtentry *rt;
1264 struct rmxp_tao *taop;
1265 struct socket *so = inp->inp_socket;
1266 int offered;
1267 int mss;
1268#ifdef INET6
1269 int isipv6 = (tp->t_inpcb->inp_vflag & INP_IPV6) != 0;
1270#endif /* INET6 */
1271
1272 if (tp) {
1273#ifdef INET6
1274 if (isipv6)
1275 rt = tcp_rtlookup6(&inp->inp_inc);
1276 else
1277#endif /* INET6 */
1278 rt = tcp_rtlookup(&inp->inp_inc);
1279 if (!rt || !rt->rt_rmx.rmx_mtu) {
1280 tp->t_maxopd = tp->t_maxseg =
1281#ifdef INET6
1282 isipv6 ? tcp_v6mssdflt :
1283#endif /* INET6 */
1284 tcp_mssdflt;
1285 return;
1286 }
1287 taop = rmx_taop(rt->rt_rmx);
1288 offered = taop->tao_mssopt;
1289 mss = rt->rt_rmx.rmx_mtu -
1290#ifdef INET6
1291 (isipv6 ?
1292 sizeof(struct ip6_hdr) + sizeof(struct tcphdr) :
1293#endif /* INET6 */
1294 sizeof(struct tcpiphdr)
1295#ifdef INET6
1296 )
1297#endif /* INET6 */
1298 ;
1299
1300 if (offered)
1301 mss = min(mss, offered);
1302 /*
1303 * XXX - The above conditional probably violates the TCP
1304 * spec. The problem is that, since we don't know the
1305 * other end's MSS, we are supposed to use a conservative
1306 * default. But, if we do that, then MTU discovery will
1307 * never actually take place, because the conservative
1308 * default is much less than the MTUs typically seen
1309 * on the Internet today. For the moment, we'll sweep
1310 * this under the carpet.
1311 *
1312 * The conservative default might not actually be a problem
1313 * if the only case this occurs is when sending an initial
1314 * SYN with options and data to a host we've never talked
1315 * to before. Then, they will reply with an MSS value which
1316 * will get recorded and the new parameters should get
1317 * recomputed. For Further Study.
1318 */
1319 if (tp->t_maxopd <= mss)
1320 return;
1321 tp->t_maxopd = mss;
1322
1323 if ((tp->t_flags & (TF_REQ_TSTMP|TF_NOOPT)) == TF_REQ_TSTMP &&
1324 (tp->t_flags & TF_RCVD_TSTMP) == TF_RCVD_TSTMP)
1325 mss -= TCPOLEN_TSTAMP_APPA;
1326 if ((tp->t_flags & (TF_REQ_CC|TF_NOOPT)) == TF_REQ_CC &&
1327 (tp->t_flags & TF_RCVD_CC) == TF_RCVD_CC)
1328 mss -= TCPOLEN_CC_APPA;
1329#if (MCLBYTES & (MCLBYTES - 1)) == 0
1330 if (mss > MCLBYTES)
1331 mss &= ~(MCLBYTES-1);
1332#else
1333 if (mss > MCLBYTES)
1334 mss = mss / MCLBYTES * MCLBYTES;
1335#endif
1336 if (so->so_snd.sb_hiwat < mss)
1337 mss = so->so_snd.sb_hiwat;
1338
1339 tp->t_maxseg = mss;
1340
1341 tcpstat.tcps_mturesent++;
1342 tp->t_rtttime = 0;
1343 tp->snd_nxt = tp->snd_una;
1344 tcp_output(tp);
1345 }
1346}
1347
1348/*
1349 * Look-up the routing entry to the peer of this inpcb. If no route
1350 * is found and it cannot be allocated the return NULL. This routine
1351 * is called by TCP routines that access the rmx structure and by tcp_mss
1352 * to get the interface MTU.
1353 */
1354struct rtentry *
1355tcp_rtlookup(inc)
1356 struct in_conninfo *inc;
1357{
1358 struct route *ro;
1359 struct rtentry *rt;
1360
1361 ro = &inc->inc_route;
1362 rt = ro->ro_rt;
1363 if (rt == NULL || !(rt->rt_flags & RTF_UP)) {
1364 /* No route yet, so try to acquire one */
1365 if (inc->inc_faddr.s_addr != INADDR_ANY) {
1366 ro->ro_dst.sa_family = AF_INET;
1367 ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
1368 ((struct sockaddr_in *) &ro->ro_dst)->sin_addr =
1369 inc->inc_faddr;
1370 rtalloc(ro);
1371 rt = ro->ro_rt;
1372 }
1373 }
1374 return rt;
1375}
1376
1377#ifdef INET6
1378struct rtentry *
1379tcp_rtlookup6(inc)
1380 struct in_conninfo *inc;
1381{
1382 struct route_in6 *ro6;
1383 struct rtentry *rt;
1384
1385 ro6 = &inc->inc6_route;
1386 rt = ro6->ro_rt;
1387 if (rt == NULL || !(rt->rt_flags & RTF_UP)) {
1388 /* No route yet, so try to acquire one */
1389 if (!IN6_IS_ADDR_UNSPECIFIED(&inc->inc6_faddr)) {
1390 ro6->ro_dst.sin6_family = AF_INET6;
1391 ro6->ro_dst.sin6_len = sizeof(struct sockaddr_in6);
1392 ro6->ro_dst.sin6_addr = inc->inc6_faddr;
1393 rtalloc((struct route *)ro6);
1394 rt = ro6->ro_rt;
1395 }
1396 }
1397 return rt;
1398}
1399#endif /* INET6 */
1400
1401#ifdef IPSEC
1402/* compute ESP/AH header size for TCP, including outer IP header. */
1403size_t
1404ipsec_hdrsiz_tcp(tp)
1405 struct tcpcb *tp;
1406{
1407 struct inpcb *inp;
1408 struct mbuf *m;
1409 size_t hdrsiz;
1410 struct ip *ip;
1411#ifdef INET6
1412 struct ip6_hdr *ip6;
1413#endif /* INET6 */
1414 struct tcphdr *th;
1415
1416 if ((tp == NULL) || ((inp = tp->t_inpcb) == NULL))
1417 return 0;
1418 MGETHDR(m, M_DONTWAIT, MT_DATA);
1419 if (!m)
1420 return 0;
1421
1422#ifdef INET6
1423 if ((inp->inp_vflag & INP_IPV6) != 0) {
1424 ip6 = mtod(m, struct ip6_hdr *);
1425 th = (struct tcphdr *)(ip6 + 1);
1426 m->m_pkthdr.len = m->m_len =
1427 sizeof(struct ip6_hdr) + sizeof(struct tcphdr);
1428 tcp_fillheaders(tp, ip6, th);
1429 hdrsiz = ipsec6_hdrsiz(m, IPSEC_DIR_OUTBOUND, inp);
1430 } else
1431#endif /* INET6 */
1432 {
1433 ip = mtod(m, struct ip *);
1434 th = (struct tcphdr *)(ip + 1);
1435 m->m_pkthdr.len = m->m_len = sizeof(struct tcpiphdr);
1436 tcp_fillheaders(tp, ip, th);
1437 hdrsiz = ipsec4_hdrsiz(m, IPSEC_DIR_OUTBOUND, inp);
1438 }
1439
1440 m_free(m);
1441 return hdrsiz;
1442}
1443#endif /*IPSEC*/
1444
1445/*
1446 * Return a pointer to the cached information about the remote host.
1447 * The cached information is stored in the protocol specific part of
1448 * the route metrics.
1449 */
1450struct rmxp_tao *
1451tcp_gettaocache(inc)
1452 struct in_conninfo *inc;
1453{
1454 struct rtentry *rt;
1455
1456#ifdef INET6
1457 if (inc->inc_isipv6)
1458 rt = tcp_rtlookup6(inc);
1459 else
1460#endif /* INET6 */
1461 rt = tcp_rtlookup(inc);
1462
1463 /* Make sure this is a host route and is up. */
1464 if (rt == NULL ||
1465 (rt->rt_flags & (RTF_UP|RTF_HOST)) != (RTF_UP|RTF_HOST))
1466 return NULL;
1467
1468 return rmx_taop(rt->rt_rmx);
1469}
1470
1471/*
1472 * Clear all the TAO cache entries, called from tcp_init.
1473 *
1474 * XXX
1475 * This routine is just an empty one, because we assume that the routing
1476 * routing tables are initialized at the same time when TCP, so there is
1477 * nothing in the cache left over.
1478 */
1479static void
1480tcp_cleartaocache()
1481{
1482}
1483
1484/*
1485 * TCP BANDWIDTH DELAY PRODUCT WINDOW LIMITING
1486 *
1487 * This code attempts to calculate the bandwidth-delay product as a
1488 * means of determining the optimal window size to maximize bandwidth,
1489 * minimize RTT, and avoid the over-allocation of buffers on interfaces and
1490 * routers. This code also does a fairly good job keeping RTTs in check
1491 * across slow links like modems. We implement an algorithm which is very
1492 * similar (but not meant to be) TCP/Vegas. The code operates on the
1493 * transmitter side of a TCP connection and so only effects the transmit
1494 * side of the connection.
1495 *
1496 * BACKGROUND: TCP makes no provision for the management of buffer space
1497 * at the end points or at the intermediate routers and switches. A TCP
1498 * stream, whether using NewReno or not, will eventually buffer as
1499 * many packets as it is able and the only reason this typically works is
1500 * due to the fairly small default buffers made available for a connection
1501 * (typicaly 16K or 32K). As machines use larger windows and/or window
1502 * scaling it is now fairly easy for even a single TCP connection to blow-out
1503 * all available buffer space not only on the local interface, but on
1504 * intermediate routers and switches as well. NewReno makes a misguided
1505 * attempt to 'solve' this problem by waiting for an actual failure to occur,
1506 * then backing off, then steadily increasing the window again until another
1507 * failure occurs, ad-infinitum. This results in terrible oscillation that
1508 * is only made worse as network loads increase and the idea of intentionally
1509 * blowing out network buffers is, frankly, a terrible way to manage network
1510 * resources.
1511 *
1512 * It is far better to limit the transmit window prior to the failure
1513 * condition being achieved. There are two general ways to do this: First
1514 * you can 'scan' through different transmit window sizes and locate the
1515 * point where the RTT stops increasing, indicating that you have filled the
1516 * pipe, then scan backwards until you note that RTT stops decreasing, then
1517 * repeat ad-infinitum. This method works in principle but has severe
1518 * implementation issues due to RTT variances, timer granularity, and
1519 * instability in the algorithm which can lead to many false positives and
1520 * create oscillations as well as interact badly with other TCP streams
1521 * implementing the same algorithm.
1522 *
1523 * The second method is to limit the window to the bandwidth delay product
1524 * of the link. This is the method we implement. RTT variances and our
1525 * own manipulation of the congestion window, bwnd, can potentially
1526 * destabilize the algorithm. For this reason we have to stabilize the
1527 * elements used to calculate the window. We do this by using the minimum
1528 * observed RTT, the long term average of the observed bandwidth, and
1529 * by adding two segments worth of slop. It isn't perfect but it is able
1530 * to react to changing conditions and gives us a very stable basis on
1531 * which to extend the algorithm.
1532 */
1533void
1534tcp_xmit_bandwidth_limit(struct tcpcb *tp, tcp_seq ack_seq)
1535{
1536 u_long bw;
1537 u_long bwnd;
1538 int save_ticks;
1539
1540 /*
1541 * If inflight_enable is disabled in the middle of a tcp connection,
1542 * make sure snd_bwnd is effectively disabled.
1543 */
1544 if (tcp_inflight_enable == 0) {
1545 tp->snd_bwnd = TCP_MAXWIN << TCP_MAX_WINSHIFT;
1546 tp->snd_bandwidth = 0;
1547 return;
1548 }
1549
1550 /*
1551 * Figure out the bandwidth. Due to the tick granularity this
1552 * is a very rough number and it MUST be averaged over a fairly
1553 * long period of time. XXX we need to take into account a link
1554 * that is not using all available bandwidth, but for now our
1555 * slop will ramp us up if this case occurs and the bandwidth later
1556 * increases.
1557 *
1558 * Note: if ticks rollover 'bw' may wind up negative. We must
1559 * effectively reset t_bw_rtttime for this case.
1560 */
1561 save_ticks = ticks;
1562 if ((u_int)(save_ticks - tp->t_bw_rtttime) < 1)
1563 return;
1564
1565 bw = (int64_t)(ack_seq - tp->t_bw_rtseq) * hz /
1566 (save_ticks - tp->t_bw_rtttime);
1567 tp->t_bw_rtttime = save_ticks;
1568 tp->t_bw_rtseq = ack_seq;
1569 if (tp->t_bw_rtttime == 0 || (int)bw < 0)
1570 return;
1571 bw = ((int64_t)tp->snd_bandwidth * 15 + bw) >> 4;
1572
1573 tp->snd_bandwidth = bw;
1574
1575 /*
1576 * Calculate the semi-static bandwidth delay product, plus two maximal
1577 * segments. The additional slop puts us squarely in the sweet
1578 * spot and also handles the bandwidth run-up case. Without the
1579 * slop we could be locking ourselves into a lower bandwidth.
1580 *
1581 * Situations Handled:
1582 * (1) Prevents over-queueing of packets on LANs, especially on
1583 * high speed LANs, allowing larger TCP buffers to be
1584 * specified, and also does a good job preventing
1585 * over-queueing of packets over choke points like modems
1586 * (at least for the transmit side).
1587 *
1588 * (2) Is able to handle changing network loads (bandwidth
1589 * drops so bwnd drops, bandwidth increases so bwnd
1590 * increases).
1591 *
1592 * (3) Theoretically should stabilize in the face of multiple
1593 * connections implementing the same algorithm (this may need
1594 * a little work).
1595 *
1596 * (4) Stability value (defaults to 20 = 2 maximal packets) can
1597 * be adjusted with a sysctl but typically only needs to be on
1598 * very slow connections. A value no smaller then 5 should
1599 * be used, but only reduce this default if you have no other
1600 * choice.
1601 */
1602#define USERTT ((tp->t_srtt + tp->t_rttbest) / 2)
1603 bwnd = (int64_t)bw * USERTT / (hz << TCP_RTT_SHIFT) + tcp_inflight_stab * (int)tp->t_maxseg / 10;
1604#undef USERTT
1605
1606 if (tcp_inflight_debug > 0) {
1607 static int ltime;
1608 if ((u_int)(ticks - ltime) >= hz / tcp_inflight_debug) {
1609 ltime = ticks;
1610 printf("%p bw %ld rttbest %d srtt %d bwnd %ld\n",
1611 tp,
1612 bw,
1613 tp->t_rttbest,
1614 tp->t_srtt,
1615 bwnd
1616 );
1617 }
1618 }
1619 if ((long)bwnd < tcp_inflight_min)
1620 bwnd = tcp_inflight_min;
1621 if (bwnd > tcp_inflight_max)
1622 bwnd = tcp_inflight_max;
1623 if ((long)bwnd < tp->t_maxseg * 2)
1624 bwnd = tp->t_maxseg * 2;
1625 tp->snd_bwnd = bwnd;
1626}
DragonFly Project Source