2 * Copyright (c) 2003, 2004 Jeffrey M. Hsu. All rights reserved.
3 * Copyright (c) 2003, 2004 The DragonFly Project. All rights reserved.
5 * This code is derived from software contributed to The DragonFly Project
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of The DragonFly Project nor the names of its
17 * contributors may be used to endorse or promote products derived
18 * from this software without specific, prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
25 * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
27 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
30 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35 * Copyright (c) 1982, 1986, 1988, 1993
36 * The Regents of the University of California. All rights reserved.
38 * Redistribution and use in source and binary forms, with or without
39 * modification, are permitted provided that the following conditions
41 * 1. Redistributions of source code must retain the above copyright
42 * notice, this list of conditions and the following disclaimer.
43 * 2. Redistributions in binary form must reproduce the above copyright
44 * notice, this list of conditions and the following disclaimer in the
45 * documentation and/or other materials provided with the distribution.
46 * 3. Neither the name of the University nor the names of its contributors
47 * may be used to endorse or promote products derived from this software
48 * without specific prior written permission.
50 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
51 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
52 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
53 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
54 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
55 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
56 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
57 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
58 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
59 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
62 * From: @(#)tcp_usrreq.c 8.2 (Berkeley) 1/3/94
63 * $FreeBSD: src/sys/netinet/tcp_usrreq.c,v 1.51.2.17 2002/10/11 11:46:44 ume Exp $
66 #include "opt_ipsec.h"
68 #include "opt_inet6.h"
69 #include "opt_tcpdebug.h"
71 #include <sys/param.h>
72 #include <sys/systm.h>
73 #include <sys/kernel.h>
74 #include <sys/malloc.h>
75 #include <sys/sysctl.h>
76 #include <sys/globaldata.h>
77 #include <sys/thread.h>
81 #include <sys/domain.h>
83 #include <sys/socket.h>
84 #include <sys/socketvar.h>
85 #include <sys/socketops.h>
86 #include <sys/protosw.h>
88 #include <sys/thread2.h>
89 #include <sys/msgport2.h>
90 #include <sys/socketvar2.h>
93 #include <net/netisr.h>
94 #include <net/route.h>
96 #include <net/netmsg2.h>
97 #include <net/netisr2.h>
99 #include <netinet/in.h>
100 #include <netinet/in_systm.h>
102 #include <netinet/ip6.h>
104 #include <netinet/in_pcb.h>
106 #include <netinet6/in6_pcb.h>
108 #include <netinet/in_var.h>
109 #include <netinet/ip_var.h>
111 #include <netinet6/ip6_var.h>
112 #include <netinet6/tcp6_var.h>
114 #include <netinet/tcp.h>
115 #include <netinet/tcp_fsm.h>
116 #include <netinet/tcp_seq.h>
117 #include <netinet/tcp_timer.h>
118 #include <netinet/tcp_timer2.h>
119 #include <netinet/tcp_var.h>
120 #include <netinet/tcpip.h>
122 #include <netinet/tcp_debug.h>
126 #include <netinet6/ipsec.h>
130 * TCP protocol interface to socket abstraction.
132 extern char *tcpstates[]; /* XXX ??? */
134 static int tcp_attach (struct socket *, struct pru_attach_info *);
135 static void tcp_connect (netmsg_t msg);
137 static void tcp6_connect (netmsg_t msg);
138 static int tcp6_connect_oncpu(struct tcpcb *tp, int flags,
140 struct sockaddr_in6 *sin6,
141 struct in6_addr *addr6);
143 static struct tcpcb *
144 tcp_disconnect (struct tcpcb *);
145 static struct tcpcb *
146 tcp_usrclosed (struct tcpcb *);
149 #define TCPDEBUG0 int ostate = 0
150 #define TCPDEBUG1() ostate = tp ? tp->t_state : 0
151 #define TCPDEBUG2(req) if (tp && (so->so_options & SO_DEBUG)) \
152 tcp_trace(TA_USER, ostate, tp, 0, 0, req)
156 #define TCPDEBUG2(req)
159 static int tcp_lport_extension = 1;
160 SYSCTL_INT(_net_inet_tcp, OID_AUTO, lportext, CTLFLAG_RW,
161 &tcp_lport_extension, 0, "");
164 * For some ill optimized programs, which try to use TCP_NOPUSH
165 * to improve performance, will have small amount of data sits
166 * in the sending buffer. These small amount of data will _not_
167 * be pushed into the network until more data are written into
168 * the socket or the socket write side is shutdown.
170 static int tcp_disable_nopush = 1;
171 SYSCTL_INT(_net_inet_tcp, OID_AUTO, disable_nopush, CTLFLAG_RW,
172 &tcp_disable_nopush, 0, "TCP_NOPUSH socket option will have no effect");
175 * Allocate socket buffer space.
178 tcp_usr_preattach(struct socket *so, int proto __unused,
179 struct pru_attach_info *ai)
183 if (so->so_snd.ssb_hiwat == 0 || so->so_rcv.ssb_hiwat == 0) {
184 error = soreserve(so, tcp_sendspace, tcp_recvspace,
189 atomic_set_int(&so->so_rcv.ssb_flags, SSB_AUTOSIZE | SSB_PREALLOC);
190 atomic_set_int(&so->so_snd.ssb_flags, SSB_AUTOSIZE | SSB_PREALLOC);
196 * TCP attaches to socket via pru_attach(), reserving space,
197 * and an internet control block. This socket may move to
198 * other CPU later when we bind/connect.
201 tcp_usr_attach(netmsg_t msg)
203 struct socket *so = msg->base.nm_so;
204 struct pru_attach_info *ai = msg->attach.nm_ai;
207 struct tcpcb *tp = NULL;
211 KASSERT(inp == NULL, ("tcp socket attached"));
214 error = tcp_attach(so, ai);
218 if ((so->so_options & SO_LINGER) && so->so_linger == 0)
219 so->so_linger = TCP_LINGERTIME;
222 TCPDEBUG2(PRU_ATTACH);
223 lwkt_replymsg(&msg->lmsg, error);
227 * pru_detach() detaches the TCP protocol from the socket.
228 * If the protocol state is non-embryonic, then can't
229 * do this directly: have to initiate a pru_disconnect(),
230 * which may finish later; embryonic TCB's can just
234 tcp_usr_detach(netmsg_t msg)
236 struct socket *so = msg->base.nm_so;
245 * If the inp is already detached or never attached, it may have
246 * been due to an async close or async attach failure. Just return
247 * as if no error occured.
249 * It's possible for the tcpcb (tp) to disconnect from the inp due
250 * to tcp_drop()->tcp_close() being called. This may occur *after*
251 * the detach message has been queued so we may find a NULL tp here.
254 if ((tp = intotcpcb(inp)) != NULL) {
256 tp = tcp_disconnect(tp);
257 TCPDEBUG2(PRU_DETACH);
260 lwkt_replymsg(&msg->lmsg, error);
264 * NOTE: ignore_error is non-zero for certain disconnection races
265 * which we want to silently allow, otherwise close() may return
266 * an unexpected error.
268 * NOTE: The variables (msg) and (tp) are assumed.
270 #define COMMON_START(so, inp, ignore_error) \
276 error = ignore_error ? 0 : EINVAL; \
280 tp = intotcpcb(inp); \
284 #define COMMON_END1(req, noreply) \
288 lwkt_replymsg(&msg->lmsg, error); \
292 #define COMMON_END(req) COMMON_END1((req), 0)
295 * Give the socket an address.
298 tcp_usr_bind(netmsg_t msg)
300 struct socket *so = msg->bind.base.nm_so;
301 struct sockaddr *nam = msg->bind.nm_nam;
302 struct thread *td = msg->bind.nm_td;
306 struct sockaddr_in *sinp;
308 COMMON_START(so, inp, 0);
311 * Must check for multicast addresses and disallow binding
314 sinp = (struct sockaddr_in *)nam;
315 if (sinp->sin_family == AF_INET &&
316 IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) {
317 error = EAFNOSUPPORT;
320 error = in_pcbbind(inp, nam, td);
324 COMMON_END(PRU_BIND);
330 tcp6_usr_bind(netmsg_t msg)
332 struct socket *so = msg->bind.base.nm_so;
333 struct sockaddr *nam = msg->bind.nm_nam;
334 struct thread *td = msg->bind.nm_td;
338 struct sockaddr_in6 *sin6p;
340 COMMON_START(so, inp, 0);
343 * Must check for multicast addresses and disallow binding
346 sin6p = (struct sockaddr_in6 *)nam;
347 if (sin6p->sin6_family == AF_INET6 &&
348 IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) {
349 error = EAFNOSUPPORT;
352 error = in6_pcbbind(inp, nam, td);
355 COMMON_END(PRU_BIND);
359 struct netmsg_inswildcard {
360 struct netmsg_base base;
361 struct inpcb *nm_inp;
365 in_pcbinswildcardhash_handler(netmsg_t msg)
367 struct netmsg_inswildcard *nm = (struct netmsg_inswildcard *)msg;
368 int cpu = mycpuid, nextcpu;
370 in_pcbinswildcardhash_oncpu(nm->nm_inp, &tcbinfo[cpu]);
373 if (nextcpu < ncpus2)
374 lwkt_forwardmsg(netisr_cpuport(nextcpu), &nm->base.lmsg);
376 lwkt_replymsg(&nm->base.lmsg, 0);
380 tcp_sosetport(struct lwkt_msg *msg, lwkt_port_t port)
382 sosetport(((struct netmsg_base *)msg)->nm_so, port);
386 * Prepare to accept connections.
389 tcp_usr_listen(netmsg_t msg)
391 struct socket *so = msg->listen.base.nm_so;
392 struct thread *td = msg->listen.nm_td;
396 struct netmsg_inswildcard nm;
397 lwkt_port_t port0 = netisr_cpuport(0);
399 COMMON_START(so, inp, 0);
401 if (&curthread->td_msgport != port0) {
402 lwkt_msg_t lmsg = &msg->listen.base.lmsg;
404 KASSERT((msg->listen.nm_flags & PRUL_RELINK) == 0,
405 ("already asked to relink"));
407 in_pcbunlink(so->so_pcb, &tcbinfo[mycpuid]);
408 msg->listen.nm_flags |= PRUL_RELINK;
410 /* See the related comment in tcp_connect() */
411 lwkt_setmsg_receipt(lmsg, tcp_sosetport);
412 lwkt_forwardmsg(port0, lmsg);
413 /* msg invalid now */
416 KASSERT(so->so_port == port0, ("so_port is not netisr0"));
418 if (msg->listen.nm_flags & PRUL_RELINK) {
419 msg->listen.nm_flags &= ~PRUL_RELINK;
420 in_pcblink(so->so_pcb, &tcbinfo[mycpuid]);
422 KASSERT(inp->inp_pcbinfo == &tcbinfo[0], ("pcbinfo is not tcbinfo0"));
424 if (tp->t_flags & TF_LISTEN)
427 if (inp->inp_lport == 0) {
428 error = in_pcbbind(inp, NULL, td);
433 tp->t_state = TCPS_LISTEN;
434 tp->t_flags |= TF_LISTEN;
435 tp->tt_msg = NULL; /* Catch any invalid timer usage */
439 * Put this inpcb into wildcard hash on other cpus.
441 ASSERT_INP_NOTINHASH(inp);
442 netmsg_init(&nm.base, NULL, &curthread->td_msgport,
443 MSGF_PRIORITY, in_pcbinswildcardhash_handler);
445 lwkt_domsg(netisr_cpuport(1), &nm.base.lmsg, 0);
447 in_pcbinswildcardhash(inp);
448 COMMON_END(PRU_LISTEN);
454 tcp6_usr_listen(netmsg_t msg)
456 struct socket *so = msg->listen.base.nm_so;
457 struct thread *td = msg->listen.nm_td;
461 struct netmsg_inswildcard nm;
463 COMMON_START(so, inp, 0);
465 if (tp->t_flags & TF_LISTEN)
468 if (inp->inp_lport == 0) {
469 error = in6_pcbbind(inp, NULL, td);
474 tp->t_state = TCPS_LISTEN;
475 tp->t_flags |= TF_LISTEN;
476 tp->tt_msg = NULL; /* Catch any invalid timer usage */
480 * Put this inpcb into wildcard hash on other cpus.
482 KKASSERT(so->so_port == netisr_cpuport(0));
484 KKASSERT(inp->inp_pcbinfo == &tcbinfo[0]);
485 ASSERT_INP_NOTINHASH(inp);
487 netmsg_init(&nm.base, NULL, &curthread->td_msgport,
488 MSGF_PRIORITY, in_pcbinswildcardhash_handler);
490 lwkt_domsg(netisr_cpuport(1), &nm.base.lmsg, 0);
492 in_pcbinswildcardhash(inp);
493 COMMON_END(PRU_LISTEN);
498 * Initiate connection to peer.
499 * Create a template for use in transmissions on this connection.
500 * Enter SYN_SENT state, and mark socket as connecting.
501 * Start keep-alive timer, and seed output sequence space.
502 * Send initial segment on connection.
505 tcp_usr_connect(netmsg_t msg)
507 struct socket *so = msg->connect.base.nm_so;
508 struct sockaddr *nam = msg->connect.nm_nam;
509 struct thread *td = msg->connect.nm_td;
513 struct sockaddr_in *sinp;
515 COMMON_START(so, inp, 0);
518 * Must disallow TCP ``connections'' to multicast addresses.
520 sinp = (struct sockaddr_in *)nam;
521 if (sinp->sin_family == AF_INET
522 && IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) {
523 error = EAFNOSUPPORT;
527 if (!prison_remote_ip(td, (struct sockaddr*)sinp)) {
528 error = EAFNOSUPPORT; /* IPv6 only jail */
533 /* msg is invalid now */
536 if (msg->connect.nm_m) {
537 m_freem(msg->connect.nm_m);
538 msg->connect.nm_m = NULL;
540 if (msg->connect.nm_flags & PRUC_HELDTD)
542 if (error && (msg->connect.nm_flags & PRUC_ASYNC)) {
543 so->so_error = error;
544 soisdisconnected(so);
546 lwkt_replymsg(&msg->lmsg, error);
552 tcp6_usr_connect(netmsg_t msg)
554 struct socket *so = msg->connect.base.nm_so;
555 struct sockaddr *nam = msg->connect.nm_nam;
556 struct thread *td = msg->connect.nm_td;
560 struct sockaddr_in6 *sin6p;
562 COMMON_START(so, inp, 0);
565 * Must disallow TCP ``connections'' to multicast addresses.
567 sin6p = (struct sockaddr_in6 *)nam;
568 if (sin6p->sin6_family == AF_INET6
569 && IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) {
570 error = EAFNOSUPPORT;
574 if (!prison_remote_ip(td, nam)) {
575 error = EAFNOSUPPORT; /* IPv4 only jail */
579 /* Reject v4-mapped address */
580 if (IN6_IS_ADDR_V4MAPPED(&sin6p->sin6_addr)) {
581 error = EADDRNOTAVAIL;
585 inp->inp_inc.inc_isipv6 = 1;
587 /* msg is invalid now */
590 if (msg->connect.nm_m) {
591 m_freem(msg->connect.nm_m);
592 msg->connect.nm_m = NULL;
594 lwkt_replymsg(&msg->lmsg, error);
600 * Initiate disconnect from peer.
601 * If connection never passed embryonic stage, just drop;
602 * else if don't need to let data drain, then can just drop anyways,
603 * else have to begin TCP shutdown process: mark socket disconnecting,
604 * drain unread data, state switch to reflect user close, and
605 * send segment (e.g. FIN) to peer. Socket will be really disconnected
606 * when peer sends FIN and acks ours.
608 * SHOULD IMPLEMENT LATER PRU_CONNECT VIA REALLOC TCPCB.
611 tcp_usr_disconnect(netmsg_t msg)
613 struct socket *so = msg->disconnect.base.nm_so;
618 COMMON_START(so, inp, 1);
619 tp = tcp_disconnect(tp);
620 COMMON_END(PRU_DISCONNECT);
624 * Accept a connection. Essentially all the work is
625 * done at higher levels; just return the address
626 * of the peer, storing through addr.
629 tcp_usr_accept(netmsg_t msg)
631 struct socket *so = msg->accept.base.nm_so;
632 struct sockaddr **nam = msg->accept.nm_nam;
635 struct tcpcb *tp = NULL;
639 if (so->so_state & SS_ISDISCONNECTED) {
640 error = ECONNABORTED;
650 in_setpeeraddr(so, nam);
651 COMMON_END(PRU_ACCEPT);
656 tcp6_usr_accept(netmsg_t msg)
658 struct socket *so = msg->accept.base.nm_so;
659 struct sockaddr **nam = msg->accept.nm_nam;
662 struct tcpcb *tp = NULL;
667 if (so->so_state & SS_ISDISCONNECTED) {
668 error = ECONNABORTED;
677 in6_setpeeraddr(so, nam);
678 COMMON_END(PRU_ACCEPT);
683 * Mark the connection as being incapable of further output.
686 tcp_usr_shutdown(netmsg_t msg)
688 struct socket *so = msg->shutdown.base.nm_so;
693 COMMON_START(so, inp, 0);
695 tp = tcp_usrclosed(tp);
697 error = tcp_output(tp);
698 COMMON_END(PRU_SHUTDOWN);
702 * After a receive, possibly send window update to peer.
705 tcp_usr_rcvd(netmsg_t msg)
707 struct socket *so = msg->rcvd.base.nm_so;
708 int error = 0, noreply = 0;
712 COMMON_START(so, inp, 0);
714 if (msg->rcvd.nm_pru_flags & PRUR_ASYNC) {
716 so_async_rcvd_reply(so);
720 COMMON_END1(PRU_RCVD, noreply);
724 * Do a send by putting data in output queue and updating urgent
725 * marker if URG set. Possibly send more data. Unlike the other
726 * pru_*() routines, the mbuf chains are our responsibility. We
727 * must either enqueue them or free them. The other pru_* routines
728 * generally are caller-frees.
731 tcp_usr_send(netmsg_t msg)
733 struct socket *so = msg->send.base.nm_so;
734 int flags = msg->send.nm_flags;
735 struct mbuf *m = msg->send.nm_m;
741 KKASSERT(msg->send.nm_control == NULL);
742 KKASSERT(msg->send.nm_addr == NULL);
743 KKASSERT((flags & PRUS_FREEADDR) == 0);
749 * OOPS! we lost a race, the TCP session got reset after
750 * we checked SS_CANTSENDMORE, eg: while doing uiomove or a
751 * network interrupt in the non-critical section of sosend().
754 error = ECONNRESET; /* XXX EPIPE? */
764 * This is no longer necessary, since:
765 * - sosendtcp() has already checked it for us
766 * - It does not work with asynchronized send
770 * Don't let too much OOB data build up
772 if (flags & PRUS_OOB) {
773 if (ssb_space(&so->so_snd) < -512) {
782 * Pump the data into the socket.
785 ssb_appendstream(&so->so_snd, m);
788 if (flags & PRUS_OOB) {
790 * According to RFC961 (Assigned Protocols),
791 * the urgent pointer points to the last octet
792 * of urgent data. We continue, however,
793 * to consider it to indicate the first octet
794 * of data past the urgent section.
795 * Otherwise, snd_up should be one lower.
797 tp->snd_up = tp->snd_una + so->so_snd.ssb_cc;
798 tp->t_flags |= TF_FORCE;
799 error = tcp_output(tp);
800 tp->t_flags &= ~TF_FORCE;
802 if (flags & PRUS_EOF) {
804 * Close the send side of the connection after
808 tp = tcp_usrclosed(tp);
810 if (tp != NULL && !tcp_output_pending(tp)) {
811 if (flags & PRUS_MORETOCOME)
812 tp->t_flags |= TF_MORETOCOME;
813 error = tcp_output_fair(tp);
814 if (flags & PRUS_MORETOCOME)
815 tp->t_flags &= ~TF_MORETOCOME;
818 COMMON_END1((flags & PRUS_OOB) ? PRU_SENDOOB :
819 ((flags & PRUS_EOF) ? PRU_SEND_EOF : PRU_SEND),
820 (flags & PRUS_NOREPLY));
824 * NOTE: (so) is referenced from soabort*() and netmsg_pru_abort()
825 * will sofree() it when we return.
828 tcp_usr_abort(netmsg_t msg)
830 struct socket *so = msg->abort.base.nm_so;
835 COMMON_START(so, inp, 1);
836 tp = tcp_drop(tp, ECONNABORTED);
837 COMMON_END(PRU_ABORT);
841 * Receive out-of-band data.
844 tcp_usr_rcvoob(netmsg_t msg)
846 struct socket *so = msg->rcvoob.base.nm_so;
847 struct mbuf *m = msg->rcvoob.nm_m;
848 int flags = msg->rcvoob.nm_flags;
853 COMMON_START(so, inp, 0);
854 if ((so->so_oobmark == 0 &&
855 (so->so_state & SS_RCVATMARK) == 0) ||
856 so->so_options & SO_OOBINLINE ||
857 tp->t_oobflags & TCPOOB_HADDATA) {
861 if ((tp->t_oobflags & TCPOOB_HAVEDATA) == 0) {
866 *mtod(m, caddr_t) = tp->t_iobc;
867 if ((flags & MSG_PEEK) == 0)
868 tp->t_oobflags ^= (TCPOOB_HAVEDATA | TCPOOB_HADDATA);
869 COMMON_END(PRU_RCVOOB);
873 tcp_usr_savefaddr(struct socket *so, const struct sockaddr *faddr)
875 in_savefaddr(so, faddr);
880 tcp6_usr_savefaddr(struct socket *so, const struct sockaddr *faddr)
882 in6_savefaddr(so, faddr);
887 tcp_usr_preconnect(struct socket *so, const struct sockaddr *nam,
888 struct thread *td __unused)
890 const struct sockaddr_in *sinp;
892 sinp = (const struct sockaddr_in *)nam;
893 if (sinp->sin_family == AF_INET &&
894 IN_MULTICAST(ntohl(sinp->sin_addr.s_addr)))
901 /* xxx - should be const */
902 struct pr_usrreqs tcp_usrreqs = {
903 .pru_abort = tcp_usr_abort,
904 .pru_accept = tcp_usr_accept,
905 .pru_attach = tcp_usr_attach,
906 .pru_bind = tcp_usr_bind,
907 .pru_connect = tcp_usr_connect,
908 .pru_connect2 = pr_generic_notsupp,
909 .pru_control = in_control_dispatch,
910 .pru_detach = tcp_usr_detach,
911 .pru_disconnect = tcp_usr_disconnect,
912 .pru_listen = tcp_usr_listen,
913 .pru_peeraddr = in_setpeeraddr_dispatch,
914 .pru_rcvd = tcp_usr_rcvd,
915 .pru_rcvoob = tcp_usr_rcvoob,
916 .pru_send = tcp_usr_send,
917 .pru_sense = pru_sense_null,
918 .pru_shutdown = tcp_usr_shutdown,
919 .pru_sockaddr = in_setsockaddr_dispatch,
920 .pru_sosend = sosendtcp,
921 .pru_soreceive = sorecvtcp,
922 .pru_savefaddr = tcp_usr_savefaddr,
923 .pru_preconnect = tcp_usr_preconnect,
924 .pru_preattach = tcp_usr_preattach
928 struct pr_usrreqs tcp6_usrreqs = {
929 .pru_abort = tcp_usr_abort,
930 .pru_accept = tcp6_usr_accept,
931 .pru_attach = tcp_usr_attach,
932 .pru_bind = tcp6_usr_bind,
933 .pru_connect = tcp6_usr_connect,
934 .pru_connect2 = pr_generic_notsupp,
935 .pru_control = in6_control_dispatch,
936 .pru_detach = tcp_usr_detach,
937 .pru_disconnect = tcp_usr_disconnect,
938 .pru_listen = tcp6_usr_listen,
939 .pru_peeraddr = in6_setpeeraddr_dispatch,
940 .pru_rcvd = tcp_usr_rcvd,
941 .pru_rcvoob = tcp_usr_rcvoob,
942 .pru_send = tcp_usr_send,
943 .pru_sense = pru_sense_null,
944 .pru_shutdown = tcp_usr_shutdown,
945 .pru_sockaddr = in6_setsockaddr_dispatch,
946 .pru_sosend = sosendtcp,
947 .pru_soreceive = sorecvtcp,
948 .pru_savefaddr = tcp6_usr_savefaddr
953 tcp_connect_oncpu(struct tcpcb *tp, int flags, struct mbuf *m,
954 struct sockaddr_in *sin, struct sockaddr_in *if_sin)
956 struct inpcb *inp = tp->t_inpcb, *oinp;
957 struct socket *so = inp->inp_socket;
958 struct route *ro = &inp->inp_route;
960 KASSERT(inp->inp_pcbinfo == &tcbinfo[mycpu->gd_cpuid],
961 ("pcbinfo mismatch"));
963 oinp = in_pcblookup_hash(inp->inp_pcbinfo,
964 sin->sin_addr, sin->sin_port,
965 (inp->inp_laddr.s_addr != INADDR_ANY ?
966 inp->inp_laddr : if_sin->sin_addr),
967 inp->inp_lport, 0, NULL);
972 if (inp->inp_laddr.s_addr == INADDR_ANY)
973 inp->inp_laddr = if_sin->sin_addr;
974 inp->inp_faddr = sin->sin_addr;
975 inp->inp_fport = sin->sin_port;
976 in_pcbinsconnhash(inp);
979 * We are now on the inpcb's owner CPU, if the cached route was
980 * freed because the rtentry's owner CPU is not the current CPU
981 * (e.g. in tcp_connect()), then we try to reallocate it here with
982 * the hope that a rtentry may be cloned from a RTF_PRCLONING
985 if (!(inp->inp_socket->so_options & SO_DONTROUTE) && /*XXX*/
987 bzero(&ro->ro_dst, sizeof(struct sockaddr_in));
988 ro->ro_dst.sa_family = AF_INET;
989 ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
990 ((struct sockaddr_in *)&ro->ro_dst)->sin_addr =
996 * Now that no more errors can occur, change the protocol processing
997 * port to the current thread (which is the correct thread).
999 * Create TCP timer message now; we are on the tcpcb's owner
1002 tcp_create_timermsg(tp, &curthread->td_msgport);
1005 * Compute window scaling to request. Use a larger scaling then
1006 * needed for the initial receive buffer in case the receive buffer
1009 if (tp->request_r_scale < TCP_MIN_WINSHIFT)
1010 tp->request_r_scale = TCP_MIN_WINSHIFT;
1011 while (tp->request_r_scale < TCP_MAX_WINSHIFT &&
1012 (TCP_MAXWIN << tp->request_r_scale) < so->so_rcv.ssb_hiwat
1014 tp->request_r_scale++;
1018 tcpstat.tcps_connattempt++;
1019 tp->t_state = TCPS_SYN_SENT;
1020 tcp_callout_reset(tp, tp->tt_keep, tp->t_keepinit, tcp_timer_keep);
1021 tp->iss = tcp_new_isn(tp);
1022 tcp_sendseqinit(tp);
1024 ssb_appendstream(&so->so_snd, m);
1026 if (flags & PRUS_OOB)
1027 tp->snd_up = tp->snd_una + so->so_snd.ssb_cc;
1031 * Close the send side of the connection after
1032 * the data is sent if flagged.
1034 if ((flags & (PRUS_OOB|PRUS_EOF)) == PRUS_EOF) {
1036 tp = tcp_usrclosed(tp);
1038 return (tcp_output(tp));
1042 * Common subroutine to open a TCP connection to remote host specified
1043 * by struct sockaddr_in in mbuf *nam. Call in_pcbbind to assign a local
1044 * port number if needed. Call in_pcbladdr to do the routing and to choose
1045 * a local host address (interface).
1046 * Initialize connection parameters and enter SYN-SENT state.
1049 tcp_connect(netmsg_t msg)
1051 struct socket *so = msg->connect.base.nm_so;
1052 struct sockaddr *nam = msg->connect.nm_nam;
1053 struct thread *td = msg->connect.nm_td;
1054 struct sockaddr_in *sin = (struct sockaddr_in *)nam;
1055 struct sockaddr_in *if_sin = NULL;
1061 COMMON_START(so, inp, 0);
1064 * Reconnect our pcb if we have to
1066 if (msg->connect.nm_flags & PRUC_RECONNECT) {
1067 msg->connect.nm_flags &= ~PRUC_RECONNECT;
1068 in_pcblink(so->so_pcb, &tcbinfo[mycpu->gd_cpuid]);
1072 * Bind if we have to
1074 if (inp->inp_lport == 0) {
1075 if (tcp_lport_extension) {
1076 KKASSERT(inp->inp_laddr.s_addr == INADDR_ANY);
1078 error = in_pcbladdr(inp, nam, &if_sin, td);
1081 inp->inp_laddr.s_addr = if_sin->sin_addr.s_addr;
1083 error = in_pcbbind_remote(inp, nam, td);
1087 msg->connect.nm_flags |= PRUC_HASLADDR;
1089 error = in_pcbbind(inp, NULL, td);
1095 if ((msg->connect.nm_flags & PRUC_HASLADDR) == 0) {
1097 * Calculate the correct protocol processing thread. The
1098 * connect operation must run there. Set the forwarding
1099 * port before we forward the message or it will get bounced
1102 error = in_pcbladdr(inp, nam, &if_sin, td);
1106 KKASSERT(inp->inp_socket == so);
1108 port = tcp_addrport(sin->sin_addr.s_addr, sin->sin_port,
1109 (inp->inp_laddr.s_addr != INADDR_ANY ?
1110 inp->inp_laddr.s_addr : if_sin->sin_addr.s_addr),
1113 if (port != &curthread->td_msgport) {
1114 lwkt_msg_t lmsg = &msg->connect.base.lmsg;
1117 * in_pcbladdr() may have allocated a route entry for us
1118 * on the current CPU, but we need a route entry on the
1119 * inpcb's owner CPU, so free it here.
1121 in_pcbresetroute(inp);
1124 * We are moving the protocol processing port the socket
1125 * is on, we have to unlink here and re-link on the
1128 in_pcbunlink(so->so_pcb, &tcbinfo[mycpu->gd_cpuid]);
1129 msg->connect.nm_flags |= PRUC_RECONNECT;
1130 msg->connect.base.nm_dispatch = tcp_connect;
1133 * Use message put done receipt to change this socket's
1134 * so_port, i.e. _after_ this message was put onto the
1135 * target netisr's msgport but _before_ the message could
1136 * be pulled from the target netisr's msgport, so that:
1137 * - The upper half (socket code) will not see the new
1138 * msgport before this message reaches the new msgport
1139 * and messages for this socket will be ordered.
1140 * - This message will see the new msgport, when its
1141 * handler is called in the target netisr.
1144 * We MUST use messege put done receipt to change this
1146 * If we changed the so_port in this netisr after the
1147 * lwkt_forwardmsg (so messages for this socket will be
1148 * ordered) and changed the so_port in the target netisr
1149 * at the very beginning of this message's handler, we
1150 * would suffer so_port overwritten race, given this
1151 * message might be forwarded again.
1154 * This mechanism depends on that the netisr's msgport
1155 * is spin msgport (currently it is :).
1157 * If the upper half saw the new msgport before this
1158 * message reached the target netisr's msgport, the
1159 * messages sent from the upper half could reach the new
1160 * msgport before this message, thus there would be
1161 * message reordering. The worst case could be soclose()
1162 * saw the new msgport and the detach message could reach
1163 * the new msgport before this message, i.e. the inpcb
1164 * could have been destroyed when this message was still
1165 * pending on or on its way to the new msgport. Other
1166 * weird cases could also happen, e.g. inpcb->inp_pcbinfo,
1167 * since we have unlinked this inpcb from the current
1170 lwkt_setmsg_receipt(lmsg, tcp_sosetport);
1171 lwkt_forwardmsg(port, lmsg);
1172 /* msg invalid now */
1174 } else if (msg->connect.nm_flags & PRUC_HELDTD) {
1176 * The original thread is no longer needed; release it.
1179 msg->connect.nm_flags &= ~PRUC_HELDTD;
1181 error = tcp_connect_oncpu(tp, msg->connect.nm_sndflags,
1182 msg->connect.nm_m, sin, if_sin);
1183 msg->connect.nm_m = NULL;
1185 if (msg->connect.nm_m) {
1186 m_freem(msg->connect.nm_m);
1187 msg->connect.nm_m = NULL;
1189 if (msg->connect.nm_flags & PRUC_HELDTD)
1191 if (error && (msg->connect.nm_flags & PRUC_ASYNC)) {
1192 so->so_error = error;
1193 soisdisconnected(so);
1195 lwkt_replymsg(&msg->connect.base.lmsg, error);
1196 /* msg invalid now */
1202 tcp6_connect(netmsg_t msg)
1205 struct socket *so = msg->connect.base.nm_so;
1206 struct sockaddr *nam = msg->connect.nm_nam;
1207 struct thread *td = msg->connect.nm_td;
1209 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam;
1210 struct in6_addr *addr6;
1214 COMMON_START(so, inp, 0);
1217 * Reconnect our pcb if we have to
1219 if (msg->connect.nm_flags & PRUC_RECONNECT) {
1220 msg->connect.nm_flags &= ~PRUC_RECONNECT;
1221 in_pcblink(so->so_pcb, &tcbinfo[mycpu->gd_cpuid]);
1225 * Bind if we have to
1227 if (inp->inp_lport == 0) {
1228 error = in6_pcbbind(inp, NULL, td);
1234 * Cannot simply call in_pcbconnect, because there might be an
1235 * earlier incarnation of this same connection still in
1236 * TIME_WAIT state, creating an ADDRINUSE error.
1238 error = in6_pcbladdr(inp, nam, &addr6, td);
1242 port = tcp6_addrport(); /* XXX hack for now, always cpu0 */
1244 if (port != &curthread->td_msgport) {
1245 lwkt_msg_t lmsg = &msg->connect.base.lmsg;
1248 * in_pcbladdr() may have allocated a route entry for us
1249 * on the current CPU, but we need a route entry on the
1250 * inpcb's owner CPU, so free it here.
1252 in_pcbresetroute(inp);
1254 in_pcbunlink(so->so_pcb, &tcbinfo[mycpu->gd_cpuid]);
1255 msg->connect.nm_flags |= PRUC_RECONNECT;
1256 msg->connect.base.nm_dispatch = tcp6_connect;
1258 /* See the related comment in tcp_connect() */
1259 lwkt_setmsg_receipt(lmsg, tcp_sosetport);
1260 lwkt_forwardmsg(port, lmsg);
1261 /* msg invalid now */
1264 error = tcp6_connect_oncpu(tp, msg->connect.nm_sndflags,
1265 &msg->connect.nm_m, sin6, addr6);
1266 /* nm_m may still be intact */
1268 if (msg->connect.nm_m) {
1269 m_freem(msg->connect.nm_m);
1270 msg->connect.nm_m = NULL;
1272 lwkt_replymsg(&msg->connect.base.lmsg, error);
1273 /* msg invalid now */
1277 tcp6_connect_oncpu(struct tcpcb *tp, int flags, struct mbuf **mp,
1278 struct sockaddr_in6 *sin6, struct in6_addr *addr6)
1280 struct mbuf *m = *mp;
1281 struct inpcb *inp = tp->t_inpcb;
1282 struct socket *so = inp->inp_socket;
1286 * Cannot simply call in_pcbconnect, because there might be an
1287 * earlier incarnation of this same connection still in
1288 * TIME_WAIT state, creating an ADDRINUSE error.
1290 oinp = in6_pcblookup_hash(inp->inp_pcbinfo,
1291 &sin6->sin6_addr, sin6->sin6_port,
1292 (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) ?
1293 addr6 : &inp->in6p_laddr),
1294 inp->inp_lport, 0, NULL);
1296 return (EADDRINUSE);
1298 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr))
1299 inp->in6p_laddr = *addr6;
1300 inp->in6p_faddr = sin6->sin6_addr;
1301 inp->inp_fport = sin6->sin6_port;
1302 if ((sin6->sin6_flowinfo & IPV6_FLOWINFO_MASK) != 0)
1303 inp->in6p_flowinfo = sin6->sin6_flowinfo;
1304 in_pcbinsconnhash(inp);
1307 * Now that no more errors can occur, change the protocol processing
1308 * port to the current thread (which is the correct thread).
1310 * Create TCP timer message now; we are on the tcpcb's owner
1313 tcp_create_timermsg(tp, &curthread->td_msgport);
1315 /* Compute window scaling to request. */
1316 if (tp->request_r_scale < TCP_MIN_WINSHIFT)
1317 tp->request_r_scale = TCP_MIN_WINSHIFT;
1318 while (tp->request_r_scale < TCP_MAX_WINSHIFT &&
1319 (TCP_MAXWIN << tp->request_r_scale) < so->so_rcv.ssb_hiwat) {
1320 tp->request_r_scale++;
1324 tcpstat.tcps_connattempt++;
1325 tp->t_state = TCPS_SYN_SENT;
1326 tcp_callout_reset(tp, tp->tt_keep, tp->t_keepinit, tcp_timer_keep);
1327 tp->iss = tcp_new_isn(tp);
1328 tcp_sendseqinit(tp);
1330 ssb_appendstream(&so->so_snd, m);
1332 if (flags & PRUS_OOB)
1333 tp->snd_up = tp->snd_una + so->so_snd.ssb_cc;
1337 * Close the send side of the connection after
1338 * the data is sent if flagged.
1340 if ((flags & (PRUS_OOB|PRUS_EOF)) == PRUS_EOF) {
1342 tp = tcp_usrclosed(tp);
1344 return (tcp_output(tp));
1350 * The new sockopt interface makes it possible for us to block in the
1351 * copyin/out step (if we take a page fault). Taking a page fault while
1352 * in a critical section is probably a Bad Thing. (Since sockets and pcbs
1353 * both now use TSM, there probably isn't any need for this function to
1354 * run in a critical section any more. This needs more examination.)
1357 tcp_ctloutput(netmsg_t msg)
1359 struct socket *so = msg->base.nm_so;
1360 struct sockopt *sopt = msg->ctloutput.nm_sopt;
1361 int error, opt, optval, opthz;
1371 tp = intotcpcb(inp);
1373 /* Get socket's owner cpuid hint */
1374 if (sopt->sopt_level == SOL_SOCKET &&
1375 sopt->sopt_dir == SOPT_GET &&
1376 sopt->sopt_name == SO_CPUHINT) {
1377 if (tp->t_flags & TF_LISTEN) {
1379 * Listen sockets owner cpuid is always 0,
1380 * which does not make sense if SO_REUSEPORT
1383 if (so->so_options & SO_REUSEPORT)
1384 optval = (inp->inp_lgrpindex & ncpus2_mask);
1386 optval = -1; /* no hint */
1390 soopt_from_kbuf(sopt, &optval, sizeof(optval));
1394 if (sopt->sopt_level != IPPROTO_TCP) {
1395 if (sopt->sopt_level == IPPROTO_IP) {
1396 switch (sopt->sopt_name) {
1397 case IP_MULTICAST_IF:
1398 case IP_MULTICAST_VIF:
1399 case IP_MULTICAST_TTL:
1400 case IP_MULTICAST_LOOP:
1401 case IP_ADD_MEMBERSHIP:
1402 case IP_DROP_MEMBERSHIP:
1404 * Multicast does not make sense on
1412 if (INP_CHECK_SOCKAF(so, AF_INET6))
1413 ip6_ctloutput_dispatch(msg);
1417 /* msg invalid now */
1421 switch (sopt->sopt_dir) {
1423 error = soopt_to_kbuf(sopt, &optval, sizeof optval,
1427 switch (sopt->sopt_name) {
1430 tp->t_keepidle = tp->t_keepintvl;
1432 tp->t_keepidle = tcp_keepidle;
1433 tcp_timer_keep_activity(tp, 0);
1435 #ifdef TCP_SIGNATURE
1436 case TCP_SIGNATURE_ENABLE:
1437 if (tp->t_state == TCPS_CLOSED) {
1439 * This is the only safe state that this
1440 * option could be changed. Some segments
1441 * could already have been sent in other
1445 tp->t_flags |= TF_SIGNATURE;
1447 tp->t_flags &= ~TF_SIGNATURE;
1452 #endif /* TCP_SIGNATURE */
1455 switch (sopt->sopt_name) {
1463 opt = 0; /* dead code to fool gcc */
1470 tp->t_flags &= ~opt;
1474 if (tcp_disable_nopush)
1477 tp->t_flags |= TF_NOPUSH;
1479 tp->t_flags &= ~TF_NOPUSH;
1480 error = tcp_output(tp);
1486 * Must be between 0 and maxseg. If the requested
1487 * maxseg is too small to satisfy the desired minmss,
1488 * pump it up (silently so sysctl modifications of
1489 * minmss do not create unexpected program failures).
1490 * Handle degenerate cases.
1492 if (optval > 0 && optval <= tp->t_maxseg) {
1493 if (optval + 40 < tcp_minmss) {
1494 optval = tcp_minmss - 40;
1498 tp->t_maxseg = optval;
1505 opthz = ((int64_t)optval * hz) / 1000;
1507 tp->t_keepinit = opthz;
1513 opthz = ((int64_t)optval * hz) / 1000;
1515 tp->t_keepidle = opthz;
1516 tcp_timer_keep_activity(tp, 0);
1523 opthz = ((int64_t)optval * hz) / 1000;
1525 tp->t_keepintvl = opthz;
1526 tp->t_maxidle = tp->t_keepintvl * tp->t_keepcnt;
1534 tp->t_keepcnt = optval;
1535 tp->t_maxidle = tp->t_keepintvl * tp->t_keepcnt;
1542 error = ENOPROTOOPT;
1548 switch (sopt->sopt_name) {
1549 #ifdef TCP_SIGNATURE
1550 case TCP_SIGNATURE_ENABLE:
1551 optval = (tp->t_flags & TF_SIGNATURE) ? 1 : 0;
1553 #endif /* TCP_SIGNATURE */
1555 optval = tp->t_flags & TF_NODELAY;
1558 optval = tp->t_maxseg;
1561 optval = tp->t_flags & TF_NOOPT;
1564 optval = tp->t_flags & TF_NOPUSH;
1567 optval = ((int64_t)tp->t_keepinit * 1000) / hz;
1570 optval = ((int64_t)tp->t_keepidle * 1000) / hz;
1573 optval = ((int64_t)tp->t_keepintvl * 1000) / hz;
1576 optval = tp->t_keepcnt;
1579 error = ENOPROTOOPT;
1583 soopt_from_kbuf(sopt, &optval, sizeof optval);
1587 lwkt_replymsg(&msg->lmsg, error);
1591 * tcp_sendspace and tcp_recvspace are the default send and receive window
1592 * sizes, respectively. These are obsolescent (this information should
1593 * be set by the route).
1595 * Use a default that does not require tcp window scaling to be turned
1596 * on. Individual programs or the administrator can increase the default.
1598 u_long tcp_sendspace = 57344; /* largest multiple of PAGE_SIZE < 64k */
1599 SYSCTL_INT(_net_inet_tcp, TCPCTL_SENDSPACE, sendspace, CTLFLAG_RW,
1600 &tcp_sendspace , 0, "Maximum outgoing TCP datagram size");
1601 u_long tcp_recvspace = 57344; /* largest multiple of PAGE_SIZE < 64k */
1602 SYSCTL_INT(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW,
1603 &tcp_recvspace , 0, "Maximum incoming TCP datagram size");
1606 * Attach TCP protocol to socket, allocating internet protocol control
1607 * block, tcp control block, buffer space, and entering CLOSED state.
1610 tcp_attach(struct socket *so, struct pru_attach_info *ai)
1617 boolean_t isipv6 = INP_CHECK_SOCKAF(so, AF_INET6);
1621 error = tcp_usr_preattach(so, 0 /* don't care */, ai);
1625 /* Post attach; do nothing */
1628 cpu = mycpu->gd_cpuid;
1631 * Set the default pcbinfo. This will likely change when we
1634 error = in_pcballoc(so, &tcbinfo[cpu]);
1640 inp->in6p_hops = -1; /* use kernel default */
1642 tp = tcp_newtcpcb(inp);
1643 KASSERT(tp != NULL, ("tcp_newtcpcb failed"));
1644 tp->t_state = TCPS_CLOSED;
1645 /* Keep a reference for asynchronized pru_rcvd */
1651 * Initiate (or continue) disconnect.
1652 * If embryonic state, just send reset (once).
1653 * If in ``let data drain'' option and linger null, just drop.
1654 * Otherwise (hard), mark socket disconnecting and drop
1655 * current input data; switch states based on user close, and
1656 * send segment to peer (with FIN).
1658 static struct tcpcb *
1659 tcp_disconnect(struct tcpcb *tp)
1661 struct socket *so = tp->t_inpcb->inp_socket;
1663 if (tp->t_state < TCPS_ESTABLISHED) {
1665 } else if ((so->so_options & SO_LINGER) && so->so_linger == 0) {
1666 tp = tcp_drop(tp, 0);
1668 lwkt_gettoken(&so->so_rcv.ssb_token);
1669 soisdisconnecting(so);
1670 sbflush(&so->so_rcv.sb);
1671 tp = tcp_usrclosed(tp);
1674 lwkt_reltoken(&so->so_rcv.ssb_token);
1680 * User issued close, and wish to trail through shutdown states:
1681 * if never received SYN, just forget it. If got a SYN from peer,
1682 * but haven't sent FIN, then go to FIN_WAIT_1 state to send peer a FIN.
1683 * If already got a FIN from peer, then almost done; go to LAST_ACK
1684 * state. In all other cases, have already sent FIN to peer (e.g.
1685 * after PRU_SHUTDOWN), and just have to play tedious game waiting
1686 * for peer to send FIN or not respond to keep-alives, etc.
1687 * We can let the user exit from the close as soon as the FIN is acked.
1689 static struct tcpcb *
1690 tcp_usrclosed(struct tcpcb *tp)
1693 switch (tp->t_state) {
1697 tp->t_state = TCPS_CLOSED;
1702 case TCPS_SYN_RECEIVED:
1703 tp->t_flags |= TF_NEEDFIN;
1706 case TCPS_ESTABLISHED:
1707 tp->t_state = TCPS_FIN_WAIT_1;
1710 case TCPS_CLOSE_WAIT:
1711 tp->t_state = TCPS_LAST_ACK;
1714 if (tp && tp->t_state >= TCPS_FIN_WAIT_2) {
1715 soisdisconnected(tp->t_inpcb->inp_socket);
1716 /* To prevent the connection hanging in FIN_WAIT_2 forever. */
1717 if (tp->t_state == TCPS_FIN_WAIT_2) {
1718 tcp_callout_reset(tp, tp->tt_2msl, tp->t_maxidle,