]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Copyright (c) 2012-2017 Apple Inc. All rights reserved. | |
3 | * | |
4 | * @APPLE_OSREFERENCE_LICENSE_HEADER_START@ | |
5 | * | |
6 | * This file contains Original Code and/or Modifications of Original Code | |
7 | * as defined in and that are subject to the Apple Public Source License | |
8 | * Version 2.0 (the 'License'). You may not use this file except in | |
9 | * compliance with the License. The rights granted to you under the License | |
10 | * may not be used to create, or enable the creation or redistribution of, | |
11 | * unlawful or unlicensed copies of an Apple operating system, or to | |
12 | * circumvent, violate, or enable the circumvention or violation of, any | |
13 | * terms of an Apple operating system software license agreement. | |
14 | * | |
15 | * Please obtain a copy of the License at | |
16 | * http://www.opensource.apple.com/apsl/ and read it before using this file. | |
17 | * | |
18 | * The Original Code and all software distributed under the License are | |
19 | * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER | |
20 | * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, | |
21 | * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, | |
22 | * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. | |
23 | * Please see the License for the specific language governing rights and | |
24 | * limitations under the License. | |
25 | * | |
26 | * @APPLE_OSREFERENCE_LICENSE_HEADER_END@ | |
27 | */ | |
28 | ||
29 | #include <kern/locks.h> | |
30 | #include <kern/policy_internal.h> | |
31 | #include <kern/zalloc.h> | |
32 | ||
33 | #include <mach/sdt.h> | |
34 | ||
35 | #include <sys/domain.h> | |
36 | #include <sys/kdebug.h> | |
37 | #include <sys/kern_control.h> | |
38 | #include <sys/kernel.h> | |
39 | #include <sys/mbuf.h> | |
40 | #include <sys/mcache.h> | |
41 | #include <sys/param.h> | |
42 | #include <sys/proc.h> | |
43 | #include <sys/protosw.h> | |
44 | #include <sys/resourcevar.h> | |
45 | #include <sys/socket.h> | |
46 | #include <sys/socketvar.h> | |
47 | #include <sys/sysctl.h> | |
48 | #include <sys/syslog.h> | |
49 | #include <sys/systm.h> | |
50 | ||
51 | #include <net/content_filter.h> | |
52 | #include <net/if.h> | |
53 | #include <net/if_var.h> | |
54 | #include <netinet/in.h> | |
55 | #include <netinet/in_pcb.h> | |
56 | #include <netinet/in_var.h> | |
57 | #include <netinet/tcp.h> | |
58 | #include <netinet/tcp_fsm.h> | |
59 | #include <netinet/tcp_seq.h> | |
60 | #include <netinet/tcp_var.h> | |
61 | #include <netinet/mptcp_var.h> | |
62 | #include <netinet/mptcp.h> | |
63 | #include <netinet/mptcp_opt.h> | |
64 | #include <netinet/mptcp_seq.h> | |
65 | #include <netinet/mptcp_timer.h> | |
66 | #include <libkern/crypto/sha1.h> | |
67 | #if INET6 | |
68 | #include <netinet6/in6_pcb.h> | |
69 | #include <netinet6/ip6protosw.h> | |
70 | #endif /* INET6 */ | |
71 | #include <dev/random/randomdev.h> | |
72 | ||
73 | /* | |
74 | * Notes on MPTCP implementation. | |
75 | * | |
76 | * MPTCP is implemented as <SOCK_STREAM,IPPROTO_TCP> protocol in PF_MULTIPATH | |
77 | * communication domain. The structure mtcbinfo describes the MPTCP instance | |
78 | * of a Multipath protocol in that domain. It is used to keep track of all | |
79 | * MPTCP PCB instances in the system, and is protected by the global lock | |
80 | * mppi_lock. | |
81 | * | |
82 | * An MPTCP socket is opened by calling socket(PF_MULTIPATH, SOCK_STREAM, | |
83 | * IPPROTO_TCP). Upon success, a Multipath PCB gets allocated and along with | |
84 | * it comes an MPTCP Session and an MPTCP PCB. All three structures are | |
85 | * allocated from the same memory block, and each structure has a pointer | |
86 | * to the adjacent ones. The layout is defined by the mpp_mtp structure. | |
87 | * The socket lock (mpp_lock) is used to protect accesses to the Multipath | |
88 | * PCB (mppcb) as well as the MPTCP Session (mptses). | |
89 | * | |
90 | * The MPTCP Session is an MPTCP-specific extension to the Multipath PCB; | |
91 | * | |
92 | * A functioning MPTCP Session consists of one or more subflow sockets. Each | |
93 | * subflow socket is essentially a regular PF_INET/PF_INET6 TCP socket, and is | |
94 | * represented by the mptsub structure. Because each subflow requires access | |
95 | * to the MPTCP Session, the MPTCP socket's so_usecount is bumped up for each | |
96 | * subflow. This gets decremented prior to the subflow's destruction. | |
97 | * | |
98 | * To handle events (read, write, control) from the subflows, we do direct | |
99 | * upcalls into the specific function. | |
100 | * | |
101 | * The whole MPTCP connection is protected by a single lock, the MPTCP socket's | |
102 | * lock. Incoming data on a subflow also ends up taking this single lock. To | |
103 | * achieve the latter, tcp_lock/unlock has been changed to rather use the lock | |
104 | * of the MPTCP-socket. | |
105 | * | |
106 | * An MPTCP socket will be destroyed when its so_usecount drops to zero; this | |
107 | * work is done by the MPTCP garbage collector which is invoked on demand by | |
108 | * the PF_MULTIPATH garbage collector. This process will take place once all | |
109 | * of the subflows have been destroyed. | |
110 | */ | |
111 | ||
112 | static void mptcp_attach_to_subf(struct socket *, struct mptcb *, uint8_t); | |
113 | static void mptcp_detach_mptcb_from_subf(struct mptcb *, struct socket *); | |
114 | ||
115 | static uint32_t mptcp_gc(struct mppcbinfo *); | |
116 | static int mptcp_subflow_soreceive(struct socket *, struct sockaddr **, | |
117 | struct uio *, struct mbuf **, struct mbuf **, int *); | |
118 | static int mptcp_subflow_sosend(struct socket *, struct sockaddr *, | |
119 | struct uio *, struct mbuf *, struct mbuf *, int); | |
120 | static void mptcp_subflow_rupcall(struct socket *, void *, int); | |
121 | static void mptcp_subflow_input(struct mptses *, struct mptsub *); | |
122 | static void mptcp_subflow_wupcall(struct socket *, void *, int); | |
123 | static void mptcp_subflow_eupcall1(struct socket *, void *, uint32_t); | |
124 | static void mptcp_update_last_owner(struct socket *so, struct socket *mp_so); | |
125 | static void mptcp_drop_tfo_data(struct mptses *, struct mptsub *); | |
126 | ||
127 | static void mptcp_subflow_abort(struct mptsub *, int); | |
128 | ||
129 | static void mptcp_send_dfin(struct socket *so); | |
130 | ||
131 | /* | |
132 | * Possible return values for subflow event handlers. Note that success | |
133 | * values must be greater or equal than MPTS_EVRET_OK. Values less than that | |
134 | * indicate errors or actions which require immediate attention; they will | |
135 | * prevent the rest of the handlers from processing their respective events | |
136 | * until the next round of events processing. | |
137 | */ | |
138 | typedef enum { | |
139 | MPTS_EVRET_DELETE = 1, /* delete this subflow */ | |
140 | MPTS_EVRET_OK = 2, /* OK */ | |
141 | MPTS_EVRET_CONNECT_PENDING = 3, /* resume pended connects */ | |
142 | MPTS_EVRET_DISCONNECT_FALLBACK = 4, /* abort all but preferred */ | |
143 | } ev_ret_t; | |
144 | ||
145 | static ev_ret_t mptcp_subflow_events(struct mptses *, struct mptsub *, uint64_t *); | |
146 | static ev_ret_t mptcp_subflow_propagate_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
147 | static ev_ret_t mptcp_subflow_nosrcaddr_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
148 | static ev_ret_t mptcp_subflow_failover_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
149 | static ev_ret_t mptcp_subflow_ifdenied_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
150 | static ev_ret_t mptcp_subflow_connected_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
151 | static ev_ret_t mptcp_subflow_disconnected_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
152 | static ev_ret_t mptcp_subflow_mpstatus_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
153 | static ev_ret_t mptcp_subflow_mustrst_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
154 | static ev_ret_t mptcp_subflow_mpcantrcvmore_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
155 | static ev_ret_t mptcp_subflow_adaptive_rtimo_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
156 | static ev_ret_t mptcp_subflow_adaptive_wtimo_ev(struct mptses *, struct mptsub *, uint64_t *, uint64_t); | |
157 | ||
158 | static const char *mptcp_evret2str(ev_ret_t); | |
159 | ||
160 | static void mptcp_do_sha1(mptcp_key_t *, char *); | |
161 | static void mptcp_init_local_parms(struct mptses *); | |
162 | ||
163 | static unsigned int mptsub_zone_size; /* size of mptsub */ | |
164 | static struct zone *mptsub_zone; /* zone for mptsub */ | |
165 | ||
166 | static unsigned int mptopt_zone_size; /* size of mptopt */ | |
167 | static struct zone *mptopt_zone; /* zone for mptopt */ | |
168 | ||
169 | static unsigned int mpt_subauth_entry_size; /* size of subf auth entry */ | |
170 | static struct zone *mpt_subauth_zone; /* zone of subf auth entry */ | |
171 | ||
172 | struct mppcbinfo mtcbinfo; | |
173 | ||
174 | #define MPTCP_SUBFLOW_WRITELEN (8 * 1024) /* bytes to write each time */ | |
175 | #define MPTCP_SUBFLOW_READLEN (8 * 1024) /* bytes to read each time */ | |
176 | ||
177 | SYSCTL_DECL(_net_inet); | |
178 | ||
179 | SYSCTL_NODE(_net_inet, OID_AUTO, mptcp, CTLFLAG_RW|CTLFLAG_LOCKED, 0, "MPTCP"); | |
180 | ||
181 | uint32_t mptcp_dbg_area = 31; /* more noise if greater than 1 */ | |
182 | SYSCTL_UINT(_net_inet_mptcp, OID_AUTO, dbg_area, CTLFLAG_RW|CTLFLAG_LOCKED, | |
183 | &mptcp_dbg_area, 0, "MPTCP debug area"); | |
184 | ||
185 | uint32_t mptcp_dbg_level = 1; | |
186 | SYSCTL_INT(_net_inet_mptcp, OID_AUTO, dbg_level, CTLFLAG_RW | CTLFLAG_LOCKED, | |
187 | &mptcp_dbg_level, 0, "MPTCP debug level"); | |
188 | ||
189 | SYSCTL_UINT(_net_inet_mptcp, OID_AUTO, pcbcount, CTLFLAG_RD|CTLFLAG_LOCKED, | |
190 | &mtcbinfo.mppi_count, 0, "Number of active PCBs"); | |
191 | ||
192 | ||
193 | static int mptcp_alternate_port = 0; | |
194 | SYSCTL_INT(_net_inet_mptcp, OID_AUTO, alternate_port, CTLFLAG_RW | CTLFLAG_LOCKED, | |
195 | &mptcp_alternate_port, 0, "Set alternate port for MPTCP connections"); | |
196 | ||
197 | static struct protosw mptcp_subflow_protosw; | |
198 | static struct pr_usrreqs mptcp_subflow_usrreqs; | |
199 | #if INET6 | |
200 | static struct ip6protosw mptcp_subflow_protosw6; | |
201 | static struct pr_usrreqs mptcp_subflow_usrreqs6; | |
202 | #endif /* INET6 */ | |
203 | ||
204 | static uint8_t mptcp_create_subflows_scheduled; | |
205 | ||
206 | typedef struct mptcp_subflow_event_entry { | |
207 | uint64_t sofilt_hint_mask; | |
208 | ev_ret_t (*sofilt_hint_ev_hdlr)( | |
209 | struct mptses *mpte, | |
210 | struct mptsub *mpts, | |
211 | uint64_t *p_mpsofilt_hint, | |
212 | uint64_t event); | |
213 | } mptsub_ev_entry_t; | |
214 | ||
215 | static uint8_t mptcp_cellicon_is_set; | |
216 | static uint32_t mptcp_last_cellicon_set; | |
217 | #define MPTCP_CELLICON_TOGGLE_RATE (5 * TCP_RETRANSHZ) /* Only toggle every 5 seconds */ | |
218 | ||
219 | /* | |
220 | * XXX The order of the event handlers below is really | |
221 | * really important. Think twice before changing it. | |
222 | */ | |
223 | static mptsub_ev_entry_t mpsub_ev_entry_tbl [] = { | |
224 | { | |
225 | .sofilt_hint_mask = SO_FILT_HINT_MPCANTRCVMORE, | |
226 | .sofilt_hint_ev_hdlr = mptcp_subflow_mpcantrcvmore_ev, | |
227 | }, | |
228 | { | |
229 | .sofilt_hint_mask = SO_FILT_HINT_MPFAILOVER, | |
230 | .sofilt_hint_ev_hdlr = mptcp_subflow_failover_ev, | |
231 | }, | |
232 | { | |
233 | .sofilt_hint_mask = SO_FILT_HINT_CONNRESET, | |
234 | .sofilt_hint_ev_hdlr = mptcp_subflow_propagate_ev, | |
235 | }, | |
236 | { | |
237 | .sofilt_hint_mask = SO_FILT_HINT_MUSTRST, | |
238 | .sofilt_hint_ev_hdlr = mptcp_subflow_mustrst_ev, | |
239 | }, | |
240 | { | |
241 | .sofilt_hint_mask = SO_FILT_HINT_CANTRCVMORE, | |
242 | .sofilt_hint_ev_hdlr = mptcp_subflow_propagate_ev, | |
243 | }, | |
244 | { | |
245 | .sofilt_hint_mask = SO_FILT_HINT_TIMEOUT, | |
246 | .sofilt_hint_ev_hdlr = mptcp_subflow_propagate_ev, | |
247 | }, | |
248 | { | |
249 | .sofilt_hint_mask = SO_FILT_HINT_NOSRCADDR, | |
250 | .sofilt_hint_ev_hdlr = mptcp_subflow_nosrcaddr_ev, | |
251 | }, | |
252 | { | |
253 | .sofilt_hint_mask = SO_FILT_HINT_IFDENIED, | |
254 | .sofilt_hint_ev_hdlr = mptcp_subflow_ifdenied_ev, | |
255 | }, | |
256 | { | |
257 | .sofilt_hint_mask = SO_FILT_HINT_CONNECTED, | |
258 | .sofilt_hint_ev_hdlr = mptcp_subflow_connected_ev, | |
259 | }, | |
260 | { | |
261 | .sofilt_hint_mask = SO_FILT_HINT_MPSTATUS, | |
262 | .sofilt_hint_ev_hdlr = mptcp_subflow_mpstatus_ev, | |
263 | }, | |
264 | { | |
265 | .sofilt_hint_mask = SO_FILT_HINT_DISCONNECTED, | |
266 | .sofilt_hint_ev_hdlr = mptcp_subflow_disconnected_ev, | |
267 | }, | |
268 | { | |
269 | .sofilt_hint_mask = SO_FILT_HINT_ADAPTIVE_RTIMO, | |
270 | .sofilt_hint_ev_hdlr = mptcp_subflow_adaptive_rtimo_ev, | |
271 | }, | |
272 | { | |
273 | .sofilt_hint_mask = SO_FILT_HINT_ADAPTIVE_WTIMO, | |
274 | .sofilt_hint_ev_hdlr = mptcp_subflow_adaptive_wtimo_ev, | |
275 | }, | |
276 | }; | |
277 | ||
278 | os_log_t mptcp_log_handle; | |
279 | ||
280 | /* | |
281 | * Protocol pr_init callback. | |
282 | */ | |
283 | void | |
284 | mptcp_init(struct protosw *pp, struct domain *dp) | |
285 | { | |
286 | #pragma unused(dp) | |
287 | static int mptcp_initialized = 0; | |
288 | struct protosw *prp; | |
289 | #if INET6 | |
290 | struct ip6protosw *prp6; | |
291 | #endif /* INET6 */ | |
292 | ||
293 | VERIFY((pp->pr_flags & (PR_INITIALIZED|PR_ATTACHED)) == PR_ATTACHED); | |
294 | ||
295 | /* do this only once */ | |
296 | if (mptcp_initialized) | |
297 | return; | |
298 | mptcp_initialized = 1; | |
299 | ||
300 | /* | |
301 | * Since PF_MULTIPATH gets initialized after PF_INET/INET6, | |
302 | * we must be able to find IPPROTO_TCP entries for both. | |
303 | */ | |
304 | prp = pffindproto_locked(PF_INET, IPPROTO_TCP, SOCK_STREAM); | |
305 | VERIFY(prp != NULL); | |
306 | bcopy(prp, &mptcp_subflow_protosw, sizeof (*prp)); | |
307 | bcopy(prp->pr_usrreqs, &mptcp_subflow_usrreqs, | |
308 | sizeof (mptcp_subflow_usrreqs)); | |
309 | mptcp_subflow_protosw.pr_entry.tqe_next = NULL; | |
310 | mptcp_subflow_protosw.pr_entry.tqe_prev = NULL; | |
311 | mptcp_subflow_protosw.pr_usrreqs = &mptcp_subflow_usrreqs; | |
312 | mptcp_subflow_usrreqs.pru_soreceive = mptcp_subflow_soreceive; | |
313 | mptcp_subflow_usrreqs.pru_sosend = mptcp_subflow_sosend; | |
314 | mptcp_subflow_usrreqs.pru_rcvoob = pru_rcvoob_notsupp; | |
315 | /* | |
316 | * Socket filters shouldn't attach/detach to/from this protosw | |
317 | * since pr_protosw is to be used instead, which points to the | |
318 | * real protocol; if they do, it is a bug and we should panic. | |
319 | */ | |
320 | mptcp_subflow_protosw.pr_filter_head.tqh_first = | |
321 | (struct socket_filter *)(uintptr_t)0xdeadbeefdeadbeef; | |
322 | mptcp_subflow_protosw.pr_filter_head.tqh_last = | |
323 | (struct socket_filter **)(uintptr_t)0xdeadbeefdeadbeef; | |
324 | ||
325 | #if INET6 | |
326 | prp6 = (struct ip6protosw *)pffindproto_locked(PF_INET6, | |
327 | IPPROTO_TCP, SOCK_STREAM); | |
328 | VERIFY(prp6 != NULL); | |
329 | bcopy(prp6, &mptcp_subflow_protosw6, sizeof (*prp6)); | |
330 | bcopy(prp6->pr_usrreqs, &mptcp_subflow_usrreqs6, | |
331 | sizeof (mptcp_subflow_usrreqs6)); | |
332 | mptcp_subflow_protosw6.pr_entry.tqe_next = NULL; | |
333 | mptcp_subflow_protosw6.pr_entry.tqe_prev = NULL; | |
334 | mptcp_subflow_protosw6.pr_usrreqs = &mptcp_subflow_usrreqs6; | |
335 | mptcp_subflow_usrreqs6.pru_soreceive = mptcp_subflow_soreceive; | |
336 | mptcp_subflow_usrreqs6.pru_sosend = mptcp_subflow_sosend; | |
337 | mptcp_subflow_usrreqs6.pru_rcvoob = pru_rcvoob_notsupp; | |
338 | /* | |
339 | * Socket filters shouldn't attach/detach to/from this protosw | |
340 | * since pr_protosw is to be used instead, which points to the | |
341 | * real protocol; if they do, it is a bug and we should panic. | |
342 | */ | |
343 | mptcp_subflow_protosw6.pr_filter_head.tqh_first = | |
344 | (struct socket_filter *)(uintptr_t)0xdeadbeefdeadbeef; | |
345 | mptcp_subflow_protosw6.pr_filter_head.tqh_last = | |
346 | (struct socket_filter **)(uintptr_t)0xdeadbeefdeadbeef; | |
347 | #endif /* INET6 */ | |
348 | ||
349 | bzero(&mtcbinfo, sizeof (mtcbinfo)); | |
350 | TAILQ_INIT(&mtcbinfo.mppi_pcbs); | |
351 | mtcbinfo.mppi_size = sizeof (struct mpp_mtp); | |
352 | if ((mtcbinfo.mppi_zone = zinit(mtcbinfo.mppi_size, | |
353 | 1024 * mtcbinfo.mppi_size, 8192, "mptcb")) == NULL) { | |
354 | panic("%s: unable to allocate MPTCP PCB zone\n", __func__); | |
355 | /* NOTREACHED */ | |
356 | } | |
357 | zone_change(mtcbinfo.mppi_zone, Z_CALLERACCT, FALSE); | |
358 | zone_change(mtcbinfo.mppi_zone, Z_EXPAND, TRUE); | |
359 | ||
360 | mtcbinfo.mppi_lock_grp_attr = lck_grp_attr_alloc_init(); | |
361 | mtcbinfo.mppi_lock_grp = lck_grp_alloc_init("mppcb", | |
362 | mtcbinfo.mppi_lock_grp_attr); | |
363 | mtcbinfo.mppi_lock_attr = lck_attr_alloc_init(); | |
364 | lck_mtx_init(&mtcbinfo.mppi_lock, mtcbinfo.mppi_lock_grp, | |
365 | mtcbinfo.mppi_lock_attr); | |
366 | ||
367 | mtcbinfo.mppi_gc = mptcp_gc; | |
368 | mtcbinfo.mppi_timer = mptcp_timer; | |
369 | ||
370 | /* attach to MP domain for garbage collection to take place */ | |
371 | mp_pcbinfo_attach(&mtcbinfo); | |
372 | ||
373 | mptsub_zone_size = sizeof (struct mptsub); | |
374 | if ((mptsub_zone = zinit(mptsub_zone_size, 1024 * mptsub_zone_size, | |
375 | 8192, "mptsub")) == NULL) { | |
376 | panic("%s: unable to allocate MPTCP subflow zone\n", __func__); | |
377 | /* NOTREACHED */ | |
378 | } | |
379 | zone_change(mptsub_zone, Z_CALLERACCT, FALSE); | |
380 | zone_change(mptsub_zone, Z_EXPAND, TRUE); | |
381 | ||
382 | mptopt_zone_size = sizeof (struct mptopt); | |
383 | if ((mptopt_zone = zinit(mptopt_zone_size, 128 * mptopt_zone_size, | |
384 | 1024, "mptopt")) == NULL) { | |
385 | panic("%s: unable to allocate MPTCP option zone\n", __func__); | |
386 | /* NOTREACHED */ | |
387 | } | |
388 | zone_change(mptopt_zone, Z_CALLERACCT, FALSE); | |
389 | zone_change(mptopt_zone, Z_EXPAND, TRUE); | |
390 | ||
391 | mpt_subauth_entry_size = sizeof (struct mptcp_subf_auth_entry); | |
392 | if ((mpt_subauth_zone = zinit(mpt_subauth_entry_size, | |
393 | 1024 * mpt_subauth_entry_size, 8192, "mptauth")) == NULL) { | |
394 | panic("%s: unable to allocate MPTCP address auth zone \n", | |
395 | __func__); | |
396 | /* NOTREACHED */ | |
397 | } | |
398 | zone_change(mpt_subauth_zone, Z_CALLERACCT, FALSE); | |
399 | zone_change(mpt_subauth_zone, Z_EXPAND, TRUE); | |
400 | ||
401 | mptcp_last_cellicon_set = tcp_now; | |
402 | ||
403 | mptcp_log_handle = os_log_create("com.apple.xnu.net.mptcp", "mptcp"); | |
404 | } | |
405 | ||
406 | int | |
407 | mptcp_get_statsindex(struct mptcp_itf_stats *stats, const struct mptsub *mpts) | |
408 | { | |
409 | const struct ifnet *ifp = sotoinpcb(mpts->mpts_socket)->inp_last_outifp; | |
410 | ||
411 | int i, index = -1; | |
412 | ||
413 | if (ifp == NULL) { | |
414 | mptcplog((LOG_ERR, "%s: no ifp on subflow\n", __func__), | |
415 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
416 | return (-1); | |
417 | } | |
418 | ||
419 | for (i = 0; i < MPTCP_ITFSTATS_SIZE; i++) { | |
420 | if (stats[i].ifindex == IFSCOPE_NONE) { | |
421 | if (index < 0) | |
422 | index = i; | |
423 | continue; | |
424 | } | |
425 | ||
426 | if (stats[i].ifindex == ifp->if_index) { | |
427 | index = i; | |
428 | return (index); | |
429 | } | |
430 | } | |
431 | ||
432 | if (index != -1) { | |
433 | stats[index].ifindex = ifp->if_index; | |
434 | if (stats[index].is_expensive == 0) | |
435 | stats[index].is_expensive = IFNET_IS_CELLULAR(ifp); | |
436 | } | |
437 | ||
438 | return (index); | |
439 | } | |
440 | ||
441 | void | |
442 | mptcpstats_inc_switch(struct mptses *mpte, const struct mptsub *mpts) | |
443 | { | |
444 | int index; | |
445 | ||
446 | tcpstat.tcps_mp_switches++; | |
447 | mpte->mpte_subflow_switches++; | |
448 | ||
449 | index = mptcp_get_statsindex(mpte->mpte_itfstats, mpts); | |
450 | ||
451 | if (index != -1) | |
452 | mpte->mpte_itfstats[index].switches++; | |
453 | } | |
454 | ||
455 | /* | |
456 | * Flushes all recorded socket options from an MP socket. | |
457 | */ | |
458 | static void | |
459 | mptcp_flush_sopts(struct mptses *mpte) | |
460 | { | |
461 | struct mptopt *mpo, *tmpo; | |
462 | ||
463 | TAILQ_FOREACH_SAFE(mpo, &mpte->mpte_sopts, mpo_entry, tmpo) { | |
464 | mptcp_sopt_remove(mpte, mpo); | |
465 | mptcp_sopt_free(mpo); | |
466 | } | |
467 | VERIFY(TAILQ_EMPTY(&mpte->mpte_sopts)); | |
468 | } | |
469 | ||
470 | /* | |
471 | * Create an MPTCP session, called as a result of opening a MPTCP socket. | |
472 | */ | |
473 | int | |
474 | mptcp_sescreate(struct mppcb *mpp) | |
475 | { | |
476 | struct mppcbinfo *mppi; | |
477 | struct mptses *mpte; | |
478 | struct mptcb *mp_tp; | |
479 | ||
480 | VERIFY(mpp != NULL); | |
481 | mppi = mpp->mpp_pcbinfo; | |
482 | VERIFY(mppi != NULL); | |
483 | ||
484 | __IGNORE_WCASTALIGN(mpte = &((struct mpp_mtp *)mpp)->mpp_ses); | |
485 | __IGNORE_WCASTALIGN(mp_tp = &((struct mpp_mtp *)mpp)->mtcb); | |
486 | ||
487 | /* MPTCP Multipath PCB Extension */ | |
488 | bzero(mpte, sizeof (*mpte)); | |
489 | VERIFY(mpp->mpp_pcbe == NULL); | |
490 | mpp->mpp_pcbe = mpte; | |
491 | mpte->mpte_mppcb = mpp; | |
492 | mpte->mpte_mptcb = mp_tp; | |
493 | ||
494 | TAILQ_INIT(&mpte->mpte_sopts); | |
495 | TAILQ_INIT(&mpte->mpte_subflows); | |
496 | mpte->mpte_associd = SAE_ASSOCID_ANY; | |
497 | mpte->mpte_connid_last = SAE_CONNID_ANY; | |
498 | ||
499 | mpte->mpte_itfinfo = &mpte->_mpte_itfinfo[0]; | |
500 | mpte->mpte_itfinfo_size = MPTE_ITFINFO_SIZE; | |
501 | ||
502 | if (mptcp_alternate_port) | |
503 | mpte->mpte_alternate_port = htons(mptcp_alternate_port); | |
504 | ||
505 | /* MPTCP Protocol Control Block */ | |
506 | bzero(mp_tp, sizeof (*mp_tp)); | |
507 | mp_tp->mpt_mpte = mpte; | |
508 | mp_tp->mpt_state = MPTCPS_CLOSED; | |
509 | ||
510 | DTRACE_MPTCP1(session__create, struct mppcb *, mpp); | |
511 | ||
512 | return (0); | |
513 | } | |
514 | ||
515 | static void | |
516 | mptcpstats_get_bytes(struct mptses *mpte, boolean_t initial_cell, | |
517 | uint64_t *cellbytes, uint64_t *allbytes) | |
518 | { | |
519 | int64_t mycellbytes = 0; | |
520 | uint64_t myallbytes = 0; | |
521 | int i; | |
522 | ||
523 | for (i = 0; i < MPTCP_ITFSTATS_SIZE; i++) { | |
524 | if (mpte->mpte_itfstats[i].is_expensive) { | |
525 | mycellbytes += mpte->mpte_itfstats[i].mpis_txbytes; | |
526 | mycellbytes += mpte->mpte_itfstats[i].mpis_rxbytes; | |
527 | } | |
528 | ||
529 | myallbytes += mpte->mpte_itfstats[i].mpis_txbytes; | |
530 | myallbytes += mpte->mpte_itfstats[i].mpis_rxbytes; | |
531 | } | |
532 | ||
533 | if (initial_cell) { | |
534 | mycellbytes -= mpte->mpte_init_txbytes; | |
535 | mycellbytes -= mpte->mpte_init_txbytes; | |
536 | } | |
537 | ||
538 | if (mycellbytes < 0) { | |
539 | mptcplog((LOG_ERR, "%s cellbytes is %d\n", __func__, mycellbytes), | |
540 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
541 | *cellbytes = 0; | |
542 | *allbytes = 0; | |
543 | } else { | |
544 | *cellbytes = mycellbytes; | |
545 | *allbytes = myallbytes; | |
546 | } | |
547 | } | |
548 | ||
549 | static void | |
550 | mptcpstats_session_wrapup(struct mptses *mpte) | |
551 | { | |
552 | boolean_t cell = mpte->mpte_initial_cell; | |
553 | ||
554 | switch (mpte->mpte_svctype) { | |
555 | case MPTCP_SVCTYPE_HANDOVER: | |
556 | if (mpte->mpte_flags & MPTE_FIRSTPARTY) { | |
557 | tcpstat.tcps_mptcp_fp_handover_attempt++; | |
558 | ||
559 | if (cell && mpte->mpte_handshake_success) { | |
560 | tcpstat.tcps_mptcp_fp_handover_success_cell++; | |
561 | ||
562 | if (mpte->mpte_used_wifi) | |
563 | tcpstat.tcps_mptcp_handover_wifi_from_cell++; | |
564 | } else if (mpte->mpte_handshake_success) { | |
565 | tcpstat.tcps_mptcp_fp_handover_success_wifi++; | |
566 | ||
567 | if (mpte->mpte_used_cell) | |
568 | tcpstat.tcps_mptcp_handover_cell_from_wifi++; | |
569 | } | |
570 | } else { | |
571 | tcpstat.tcps_mptcp_handover_attempt++; | |
572 | ||
573 | if (cell && mpte->mpte_handshake_success) { | |
574 | tcpstat.tcps_mptcp_handover_success_cell++; | |
575 | ||
576 | if (mpte->mpte_used_wifi) | |
577 | tcpstat.tcps_mptcp_handover_wifi_from_cell++; | |
578 | } else if (mpte->mpte_handshake_success) { | |
579 | tcpstat.tcps_mptcp_handover_success_wifi++; | |
580 | ||
581 | if (mpte->mpte_used_cell) | |
582 | tcpstat.tcps_mptcp_handover_cell_from_wifi++; | |
583 | } | |
584 | } | |
585 | ||
586 | if (mpte->mpte_handshake_success) { | |
587 | uint64_t cellbytes; | |
588 | uint64_t allbytes; | |
589 | ||
590 | mptcpstats_get_bytes(mpte, cell, &cellbytes, &allbytes); | |
591 | ||
592 | tcpstat.tcps_mptcp_handover_cell_bytes += cellbytes; | |
593 | tcpstat.tcps_mptcp_handover_all_bytes += allbytes; | |
594 | } | |
595 | break; | |
596 | case MPTCP_SVCTYPE_INTERACTIVE: | |
597 | if (mpte->mpte_flags & MPTE_FIRSTPARTY) { | |
598 | tcpstat.tcps_mptcp_fp_interactive_attempt++; | |
599 | ||
600 | if (mpte->mpte_handshake_success) { | |
601 | tcpstat.tcps_mptcp_fp_interactive_success++; | |
602 | ||
603 | if (!cell && mpte->mpte_used_cell) | |
604 | tcpstat.tcps_mptcp_interactive_cell_from_wifi++; | |
605 | } | |
606 | } else { | |
607 | tcpstat.tcps_mptcp_interactive_attempt++; | |
608 | ||
609 | if (mpte->mpte_handshake_success) { | |
610 | tcpstat.tcps_mptcp_interactive_success++; | |
611 | ||
612 | if (!cell && mpte->mpte_used_cell) | |
613 | tcpstat.tcps_mptcp_interactive_cell_from_wifi++; | |
614 | } | |
615 | } | |
616 | ||
617 | if (mpte->mpte_handshake_success) { | |
618 | uint64_t cellbytes; | |
619 | uint64_t allbytes; | |
620 | ||
621 | mptcpstats_get_bytes(mpte, cell, &cellbytes, &allbytes); | |
622 | ||
623 | tcpstat.tcps_mptcp_interactive_cell_bytes += cellbytes; | |
624 | tcpstat.tcps_mptcp_interactive_all_bytes += allbytes; | |
625 | } | |
626 | break; | |
627 | case MPTCP_SVCTYPE_AGGREGATE: | |
628 | if (mpte->mpte_flags & MPTE_FIRSTPARTY) { | |
629 | tcpstat.tcps_mptcp_fp_aggregate_attempt++; | |
630 | ||
631 | if (mpte->mpte_handshake_success) | |
632 | tcpstat.tcps_mptcp_fp_aggregate_success++; | |
633 | } else { | |
634 | tcpstat.tcps_mptcp_aggregate_attempt++; | |
635 | ||
636 | if (mpte->mpte_handshake_success) { | |
637 | tcpstat.tcps_mptcp_aggregate_success++; | |
638 | } | |
639 | } | |
640 | ||
641 | if (mpte->mpte_handshake_success) { | |
642 | uint64_t cellbytes; | |
643 | uint64_t allbytes; | |
644 | ||
645 | mptcpstats_get_bytes(mpte, cell, &cellbytes, &allbytes); | |
646 | ||
647 | tcpstat.tcps_mptcp_aggregate_cell_bytes += cellbytes; | |
648 | tcpstat.tcps_mptcp_aggregate_all_bytes += allbytes; | |
649 | } | |
650 | break; | |
651 | } | |
652 | ||
653 | if (cell && mpte->mpte_handshake_success && mpte->mpte_used_wifi) | |
654 | tcpstat.tcps_mptcp_back_to_wifi++; | |
655 | } | |
656 | ||
657 | /* | |
658 | * Destroy an MPTCP session. | |
659 | */ | |
660 | static void | |
661 | mptcp_session_destroy(struct mptses *mpte) | |
662 | { | |
663 | struct mptcb *mp_tp; | |
664 | ||
665 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
666 | ||
667 | mp_tp = mpte->mpte_mptcb; | |
668 | VERIFY(mp_tp != NULL); | |
669 | ||
670 | mptcpstats_session_wrapup(mpte); | |
671 | ||
672 | mptcp_unset_cellicon(); | |
673 | ||
674 | /* | |
675 | * MPTCP Multipath PCB Extension section | |
676 | */ | |
677 | mptcp_flush_sopts(mpte); | |
678 | VERIFY(TAILQ_EMPTY(&mpte->mpte_subflows) && mpte->mpte_numflows == 0); | |
679 | ||
680 | if (mpte->mpte_itfinfo_size > MPTE_ITFINFO_SIZE) | |
681 | _FREE(mpte->mpte_itfinfo, M_TEMP); | |
682 | ||
683 | mpte->mpte_itfinfo = NULL; | |
684 | ||
685 | m_freem_list(mpte->mpte_reinjectq); | |
686 | ||
687 | /* | |
688 | * MPTCP Protocol Control Block section | |
689 | */ | |
690 | DTRACE_MPTCP2(session__destroy, struct mptses *, mpte, | |
691 | struct mptcb *, mp_tp); | |
692 | } | |
693 | ||
694 | static boolean_t | |
695 | mptcp_ok_to_create_subflows(struct mptcb *mp_tp) | |
696 | { | |
697 | return (mp_tp->mpt_state >= MPTCPS_ESTABLISHED && | |
698 | mp_tp->mpt_state < MPTCPS_TIME_WAIT && | |
699 | !(mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP)); | |
700 | } | |
701 | ||
702 | static int | |
703 | mptcp_synthesize_nat64(struct in6_addr *addr, uint32_t len, struct in_addr *addrv4) | |
704 | { | |
705 | static const struct in6_addr well_known_prefix = { | |
706 | .__u6_addr.__u6_addr8 = {0x00, 0x64, 0xff, 0x9b, 0x00, 0x00, | |
707 | 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, | |
708 | 0x00, 0x00, 0x00, 0x00}, | |
709 | }; | |
710 | char buf[MAX_IPv6_STR_LEN]; | |
711 | char *ptrv4 = (char *)addrv4; | |
712 | char *ptr = (char *)addr; | |
713 | ||
714 | if (IN_ZERONET(addrv4->s_addr) || // 0.0.0.0/8 Source hosts on local network | |
715 | IN_LOOPBACK(addrv4->s_addr) || // 127.0.0.0/8 Loopback | |
716 | IN_LINKLOCAL(addrv4->s_addr) || // 169.254.0.0/16 Link Local | |
717 | IN_DS_LITE(addrv4->s_addr) || // 192.0.0.0/29 DS-Lite | |
718 | IN_6TO4_RELAY_ANYCAST(addrv4->s_addr) || // 192.88.99.0/24 6to4 Relay Anycast | |
719 | IN_MULTICAST(addrv4->s_addr) || // 224.0.0.0/4 Multicast | |
720 | INADDR_BROADCAST == addrv4->s_addr) { // 255.255.255.255/32 Limited Broadcast | |
721 | return (-1); | |
722 | } | |
723 | ||
724 | /* Check for the well-known prefix */ | |
725 | if (len == NAT64_PREFIX_LEN_96 && | |
726 | IN6_ARE_ADDR_EQUAL(addr, &well_known_prefix)) { | |
727 | if (IN_PRIVATE(addrv4->s_addr) || // 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 Private-Use | |
728 | IN_SHARED_ADDRESS_SPACE(addrv4->s_addr)) // 100.64.0.0/10 Shared Address Space | |
729 | return (-1); | |
730 | } | |
731 | ||
732 | switch (len) { | |
733 | case NAT64_PREFIX_LEN_96: | |
734 | memcpy(ptr + 12, ptrv4, 4); | |
735 | break; | |
736 | case NAT64_PREFIX_LEN_64: | |
737 | memcpy(ptr + 9, ptrv4, 4); | |
738 | break; | |
739 | case NAT64_PREFIX_LEN_56: | |
740 | memcpy(ptr + 7, ptrv4, 1); | |
741 | memcpy(ptr + 9, ptrv4 + 1, 3); | |
742 | break; | |
743 | case NAT64_PREFIX_LEN_48: | |
744 | memcpy(ptr + 6, ptrv4, 2); | |
745 | memcpy(ptr + 9, ptrv4 + 2, 2); | |
746 | break; | |
747 | case NAT64_PREFIX_LEN_40: | |
748 | memcpy(ptr + 5, ptrv4, 3); | |
749 | memcpy(ptr + 9, ptrv4 + 3, 1); | |
750 | break; | |
751 | case NAT64_PREFIX_LEN_32: | |
752 | memcpy(ptr + 4, ptrv4, 4); | |
753 | break; | |
754 | default: | |
755 | panic("NAT64-prefix len is wrong: %u\n", len); | |
756 | } | |
757 | ||
758 | os_log_info(mptcp_log_handle, "%s: nat64prefix-len %u synthesized %s\n", | |
759 | __func__, len, | |
760 | inet_ntop(AF_INET6, (void *)addr, buf, sizeof(buf))); | |
761 | ||
762 | return (0); | |
763 | } | |
764 | ||
765 | void | |
766 | mptcp_check_subflows_and_add(struct mptses *mpte) | |
767 | { | |
768 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
769 | uint32_t i; | |
770 | ||
771 | if (!mptcp_ok_to_create_subflows(mp_tp)) | |
772 | return; | |
773 | ||
774 | for (i = 0; i < mpte->mpte_itfinfo_size; i++) { | |
775 | struct mpt_itf_info *info; | |
776 | struct mptsub *mpts; | |
777 | uint32_t ifindex; | |
778 | int found = 0; | |
779 | ||
780 | info = &mpte->mpte_itfinfo[i]; | |
781 | ||
782 | if (info->no_mptcp_support) | |
783 | continue; | |
784 | ||
785 | ifindex = info->ifindex; | |
786 | if (ifindex == IFSCOPE_NONE) | |
787 | continue; | |
788 | ||
789 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
790 | const struct ifnet *ifp = sotoinpcb(mpts->mpts_socket)->inp_last_outifp; | |
791 | ||
792 | if (ifp == NULL) | |
793 | continue; | |
794 | ||
795 | if (ifp->if_index == ifindex && | |
796 | !(mpts->mpts_socket->so_state & SS_ISDISCONNECTED) && | |
797 | sototcpcb(mpts->mpts_socket)->t_state != TCPS_CLOSED) { | |
798 | /* | |
799 | * We found a subflow on this interface. | |
800 | * No need to create a new one. | |
801 | */ | |
802 | found = 1; | |
803 | break; | |
804 | } | |
805 | ||
806 | /* | |
807 | * In Handover mode, only create cell subflow if | |
808 | * 1. Wi-Fi Assist is active | |
809 | * 2. Symptoms marked WiFi as weak | |
810 | * 3. We are experiencing RTOs or we are not sending data. | |
811 | * | |
812 | * This covers the scenario, where: | |
813 | * 1. We send and get retransmission timeouts (thus, | |
814 | * we confirmed that WiFi is indeed bad). | |
815 | * 2. We are not sending and the server tries to send. | |
816 | * Establshing a cell-subflow gives the server a | |
817 | * chance to send us some data over cell if WiFi | |
818 | * is dead. We establish the subflow with the | |
819 | * backup-bit set, so the server is not allowed to | |
820 | * send on this subflow as long as WiFi is providing | |
821 | * good performance. | |
822 | */ | |
823 | if (mpte->mpte_svctype == MPTCP_SVCTYPE_HANDOVER && | |
824 | !IFNET_IS_CELLULAR(ifp) && | |
825 | !(mpts->mpts_flags & (MPTSF_DISCONNECTING | MPTSF_DISCONNECTED | MPTSF_CLOSE_REQD)) && | |
826 | (!mptcp_is_wifi_unusable() || | |
827 | (sototcpcb(mpts->mpts_socket)->t_rxtshift < mptcp_fail_thresh && | |
828 | mptetoso(mpte)->so_snd.sb_cc))) { | |
829 | mptcplog((LOG_DEBUG, "%s handover, wifi state %u rxt %u ifindex %u this %u\n", | |
830 | __func__, mptcp_is_wifi_unusable(), sototcpcb(mpts->mpts_socket)->t_rxtshift, ifindex, | |
831 | ifp->if_index), | |
832 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
833 | found = 1; | |
834 | break; | |
835 | } | |
836 | } | |
837 | ||
838 | if (!found && !(mpte->mpte_flags & MPTE_FIRSTPARTY) && | |
839 | !(mpte->mpte_flags & MPTE_ACCESS_GRANTED) && | |
840 | mptcp_developer_mode == 0) { | |
841 | mptcp_ask_symptoms(mpte); | |
842 | return; | |
843 | } | |
844 | ||
845 | if (!found) { | |
846 | struct sockaddr *dst = &mpte->mpte_dst; | |
847 | struct sockaddr_in6 nat64pre; | |
848 | ||
849 | if (mpte->mpte_dst.sa_family == AF_INET && | |
850 | !info->has_v4_conn && info->has_v6_conn) { | |
851 | struct ipv6_prefix nat64prefixes[NAT64_MAX_NUM_PREFIXES]; | |
852 | struct ifnet *ifp; | |
853 | int error, j; | |
854 | ||
855 | bzero(&nat64pre, sizeof(struct sockaddr_in6)); | |
856 | ||
857 | ifnet_head_lock_shared(); | |
858 | ifp = ifindex2ifnet[ifindex]; | |
859 | ifnet_head_done(); | |
860 | ||
861 | error = ifnet_get_nat64prefix(ifp, nat64prefixes); | |
862 | if (error) { | |
863 | mptcplog((LOG_ERR, "%s: no NAT64-prefix on itf %s, error %d\n", | |
864 | __func__, ifp->if_name, error), | |
865 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
866 | continue; | |
867 | } | |
868 | ||
869 | for (j = 0; j < NAT64_MAX_NUM_PREFIXES; j++) { | |
870 | if (nat64prefixes[j].prefix_len != 0) | |
871 | break; | |
872 | } | |
873 | ||
874 | VERIFY(j < NAT64_MAX_NUM_PREFIXES); | |
875 | ||
876 | error = mptcp_synthesize_nat64(&nat64prefixes[j].ipv6_prefix, | |
877 | nat64prefixes[j].prefix_len, | |
878 | &mpte->__mpte_dst_v4.sin_addr); | |
879 | if (error != 0) { | |
880 | mptcplog((LOG_INFO, "%s: cannot synthesize this addr\n", __func__), | |
881 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG); | |
882 | continue; | |
883 | } | |
884 | ||
885 | memcpy(&nat64pre.sin6_addr, | |
886 | &nat64prefixes[j].ipv6_prefix, | |
887 | sizeof(nat64pre.sin6_addr)); | |
888 | nat64pre.sin6_len = sizeof(struct sockaddr_in6); | |
889 | nat64pre.sin6_family = AF_INET6; | |
890 | nat64pre.sin6_port = mpte->__mpte_dst_v6.sin6_port; | |
891 | nat64pre.sin6_flowinfo = 0; | |
892 | nat64pre.sin6_scope_id = 0; | |
893 | ||
894 | dst = (struct sockaddr *)&nat64pre; | |
895 | } | |
896 | ||
897 | /* Initial subflow started on a NAT64'd address? */ | |
898 | if (mpte->mpte_dst.sa_family == AF_INET6 && | |
899 | mpte->mpte_dst_v4_nat64.sin_family == AF_INET) { | |
900 | dst = (struct sockaddr *)&mpte->mpte_dst_v4_nat64; | |
901 | } | |
902 | ||
903 | if (dst->sa_family == AF_INET && !info->has_v4_conn) | |
904 | continue; | |
905 | if (dst->sa_family == AF_INET6 && !info->has_v6_conn) | |
906 | continue; | |
907 | ||
908 | mptcp_subflow_add(mpte, NULL, dst, ifindex, NULL); | |
909 | } | |
910 | } | |
911 | } | |
912 | ||
913 | /* | |
914 | * Based on the MPTCP Service-type and the state of the subflows, we | |
915 | * will destroy subflows here. | |
916 | */ | |
917 | static void | |
918 | mptcp_check_subflows_and_remove(struct mptses *mpte) | |
919 | { | |
920 | struct mptsub *mpts, *tmpts; | |
921 | int found_working_subflow = 0, removed_some = 0; | |
922 | int wifi_unusable = mptcp_is_wifi_unusable(); | |
923 | ||
924 | if (mpte->mpte_svctype != MPTCP_SVCTYPE_HANDOVER) | |
925 | return; | |
926 | ||
927 | /* | |
928 | * Look for a subflow that is on a non-cellular interface | |
929 | * and actually works (aka, no retransmission timeout). | |
930 | */ | |
931 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
932 | const struct ifnet *ifp = sotoinpcb(mpts->mpts_socket)->inp_last_outifp; | |
933 | struct socket *so; | |
934 | struct tcpcb *tp; | |
935 | ||
936 | if (ifp == NULL || IFNET_IS_CELLULAR(ifp)) | |
937 | continue; | |
938 | ||
939 | so = mpts->mpts_socket; | |
940 | tp = sototcpcb(so); | |
941 | ||
942 | if (!(mpts->mpts_flags & MPTSF_CONNECTED) || | |
943 | tp->t_state != TCPS_ESTABLISHED) | |
944 | continue; | |
945 | ||
946 | /* Either this subflow is in good condition while we try to send */ | |
947 | if (tp->t_rxtshift == 0 && mptetoso(mpte)->so_snd.sb_cc) | |
948 | found_working_subflow = 1; | |
949 | ||
950 | /* Or WiFi is fine */ | |
951 | if (!wifi_unusable) | |
952 | found_working_subflow = 1; | |
953 | } | |
954 | ||
955 | /* | |
956 | * Couldn't find a working subflow, let's not remove those on a cellular | |
957 | * interface. | |
958 | */ | |
959 | if (!found_working_subflow) | |
960 | return; | |
961 | ||
962 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
963 | const struct ifnet *ifp = sotoinpcb(mpts->mpts_socket)->inp_last_outifp; | |
964 | ||
965 | /* Only remove cellular subflows */ | |
966 | if (ifp == NULL || !IFNET_IS_CELLULAR(ifp)) | |
967 | continue; | |
968 | ||
969 | soevent(mpts->mpts_socket, SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); | |
970 | removed_some = 1; | |
971 | } | |
972 | ||
973 | if (removed_some) | |
974 | mptcp_unset_cellicon(); | |
975 | } | |
976 | ||
977 | static void | |
978 | mptcp_remove_subflows(struct mptses *mpte) | |
979 | { | |
980 | struct mptsub *mpts, *tmpts; | |
981 | ||
982 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
983 | if (mpts->mpts_flags & MPTSF_CLOSE_REQD) { | |
984 | mpts->mpts_flags &= ~MPTSF_CLOSE_REQD; | |
985 | ||
986 | soevent(mpts->mpts_socket, | |
987 | SO_FILT_HINT_LOCKED | SO_FILT_HINT_NOSRCADDR); | |
988 | } | |
989 | } | |
990 | } | |
991 | ||
992 | static void | |
993 | mptcp_create_subflows(__unused void *arg) | |
994 | { | |
995 | struct mppcb *mpp; | |
996 | ||
997 | /* | |
998 | * Start with clearing, because we might be processing connections | |
999 | * while a new event comes in. | |
1000 | */ | |
1001 | if (OSTestAndClear(0x01, &mptcp_create_subflows_scheduled)) | |
1002 | mptcplog((LOG_ERR, "%s: bit was already cleared!\n", __func__), | |
1003 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1004 | ||
1005 | /* Iterate over all MPTCP connections */ | |
1006 | ||
1007 | lck_mtx_lock(&mtcbinfo.mppi_lock); | |
1008 | ||
1009 | TAILQ_FOREACH(mpp, &mtcbinfo.mppi_pcbs, mpp_entry) { | |
1010 | struct mptses *mpte; | |
1011 | struct socket *mp_so; | |
1012 | ||
1013 | if (!(mpp->mpp_flags & MPP_CREATE_SUBFLOWS)) | |
1014 | continue; | |
1015 | ||
1016 | mpp_lock(mpp); | |
1017 | ||
1018 | mpp->mpp_flags &= ~MPP_CREATE_SUBFLOWS; | |
1019 | ||
1020 | mpte = mpp->mpp_pcbe; | |
1021 | mp_so = mpp->mpp_socket; | |
1022 | ||
1023 | VERIFY(mp_so->so_usecount > 0); | |
1024 | ||
1025 | mptcp_check_subflows_and_add(mpte); | |
1026 | mptcp_remove_subflows(mpte); | |
1027 | ||
1028 | mp_so->so_usecount--; /* See mptcp_sched_create_subflows */ | |
1029 | mpp_unlock(mpp); | |
1030 | } | |
1031 | ||
1032 | lck_mtx_unlock(&mtcbinfo.mppi_lock); | |
1033 | } | |
1034 | ||
1035 | /* | |
1036 | * We need this because we are coming from an NECP-event. This event gets posted | |
1037 | * while holding NECP-locks. The creation of the subflow however leads us back | |
1038 | * into NECP (e.g., to add the necp_cb and also from tcp_connect). | |
1039 | * So, we would deadlock there as we already hold the NECP-lock. | |
1040 | * | |
1041 | * So, let's schedule this separately. It also gives NECP the chance to make | |
1042 | * progress, without having to wait for MPTCP to finish its subflow creation. | |
1043 | */ | |
1044 | void | |
1045 | mptcp_sched_create_subflows(struct mptses *mpte) | |
1046 | { | |
1047 | struct mppcb *mpp = mpte->mpte_mppcb; | |
1048 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
1049 | struct socket *mp_so = mpp->mpp_socket; | |
1050 | ||
1051 | if (!mptcp_ok_to_create_subflows(mp_tp)) { | |
1052 | mptcplog((LOG_DEBUG, "%s: not a good time for subflows, state %u flags %#x", | |
1053 | __func__, mp_tp->mpt_state, mp_tp->mpt_flags), | |
1054 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
1055 | return; | |
1056 | } | |
1057 | ||
1058 | if (!(mpp->mpp_flags & MPP_CREATE_SUBFLOWS)) { | |
1059 | mp_so->so_usecount++; /* To prevent it from being free'd in-between */ | |
1060 | mpp->mpp_flags |= MPP_CREATE_SUBFLOWS; | |
1061 | } | |
1062 | ||
1063 | if (OSTestAndSet(0x01, &mptcp_create_subflows_scheduled)) | |
1064 | return; | |
1065 | ||
1066 | /* Do the call in 100ms to allow NECP to schedule it on all sockets */ | |
1067 | timeout(mptcp_create_subflows, NULL, hz/10); | |
1068 | } | |
1069 | ||
1070 | /* | |
1071 | * Allocate an MPTCP socket option structure. | |
1072 | */ | |
1073 | struct mptopt * | |
1074 | mptcp_sopt_alloc(int how) | |
1075 | { | |
1076 | struct mptopt *mpo; | |
1077 | ||
1078 | mpo = (how == M_WAITOK) ? zalloc(mptopt_zone) : | |
1079 | zalloc_noblock(mptopt_zone); | |
1080 | if (mpo != NULL) { | |
1081 | bzero(mpo, mptopt_zone_size); | |
1082 | } | |
1083 | ||
1084 | return (mpo); | |
1085 | } | |
1086 | ||
1087 | /* | |
1088 | * Free an MPTCP socket option structure. | |
1089 | */ | |
1090 | void | |
1091 | mptcp_sopt_free(struct mptopt *mpo) | |
1092 | { | |
1093 | VERIFY(!(mpo->mpo_flags & MPOF_ATTACHED)); | |
1094 | ||
1095 | zfree(mptopt_zone, mpo); | |
1096 | } | |
1097 | ||
1098 | /* | |
1099 | * Add a socket option to the MPTCP socket option list. | |
1100 | */ | |
1101 | void | |
1102 | mptcp_sopt_insert(struct mptses *mpte, struct mptopt *mpo) | |
1103 | { | |
1104 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
1105 | VERIFY(!(mpo->mpo_flags & MPOF_ATTACHED)); | |
1106 | mpo->mpo_flags |= MPOF_ATTACHED; | |
1107 | TAILQ_INSERT_TAIL(&mpte->mpte_sopts, mpo, mpo_entry); | |
1108 | } | |
1109 | ||
1110 | /* | |
1111 | * Remove a socket option from the MPTCP socket option list. | |
1112 | */ | |
1113 | void | |
1114 | mptcp_sopt_remove(struct mptses *mpte, struct mptopt *mpo) | |
1115 | { | |
1116 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
1117 | VERIFY(mpo->mpo_flags & MPOF_ATTACHED); | |
1118 | mpo->mpo_flags &= ~MPOF_ATTACHED; | |
1119 | TAILQ_REMOVE(&mpte->mpte_sopts, mpo, mpo_entry); | |
1120 | } | |
1121 | ||
1122 | /* | |
1123 | * Search for an existing <sopt_level,sopt_name> socket option. | |
1124 | */ | |
1125 | struct mptopt * | |
1126 | mptcp_sopt_find(struct mptses *mpte, struct sockopt *sopt) | |
1127 | { | |
1128 | struct mptopt *mpo; | |
1129 | ||
1130 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
1131 | ||
1132 | TAILQ_FOREACH(mpo, &mpte->mpte_sopts, mpo_entry) { | |
1133 | if (mpo->mpo_level == sopt->sopt_level && | |
1134 | mpo->mpo_name == sopt->sopt_name) | |
1135 | break; | |
1136 | } | |
1137 | VERIFY(mpo == NULL || sopt->sopt_valsize == sizeof (int)); | |
1138 | ||
1139 | return (mpo); | |
1140 | } | |
1141 | ||
1142 | /* | |
1143 | * Allocate a MPTCP subflow structure. | |
1144 | */ | |
1145 | static struct mptsub * | |
1146 | mptcp_subflow_alloc(void) | |
1147 | { | |
1148 | struct mptsub *mpts = zalloc(mptsub_zone); | |
1149 | ||
1150 | if (mpts == NULL) | |
1151 | return (NULL); | |
1152 | ||
1153 | bzero(mpts, mptsub_zone_size); | |
1154 | return (mpts); | |
1155 | } | |
1156 | ||
1157 | /* | |
1158 | * Deallocate a subflow structure, called when all of the references held | |
1159 | * on it have been released. This implies that the subflow has been deleted. | |
1160 | */ | |
1161 | static void | |
1162 | mptcp_subflow_free(struct mptsub *mpts) | |
1163 | { | |
1164 | VERIFY(mpts->mpts_refcnt == 0); | |
1165 | VERIFY(!(mpts->mpts_flags & MPTSF_ATTACHED)); | |
1166 | VERIFY(mpts->mpts_mpte == NULL); | |
1167 | VERIFY(mpts->mpts_socket == NULL); | |
1168 | ||
1169 | if (mpts->mpts_src != NULL) { | |
1170 | FREE(mpts->mpts_src, M_SONAME); | |
1171 | mpts->mpts_src = NULL; | |
1172 | } | |
1173 | ||
1174 | zfree(mptsub_zone, mpts); | |
1175 | } | |
1176 | ||
1177 | static void | |
1178 | mptcp_subflow_addref(struct mptsub *mpts) | |
1179 | { | |
1180 | if (++mpts->mpts_refcnt == 0) | |
1181 | panic("%s: mpts %p wraparound refcnt\n", __func__, mpts); | |
1182 | /* NOTREACHED */ | |
1183 | } | |
1184 | ||
1185 | static void | |
1186 | mptcp_subflow_remref(struct mptsub *mpts) | |
1187 | { | |
1188 | if (mpts->mpts_refcnt == 0) { | |
1189 | panic("%s: mpts %p negative refcnt\n", __func__, mpts); | |
1190 | /* NOTREACHED */ | |
1191 | } | |
1192 | if (--mpts->mpts_refcnt > 0) | |
1193 | return; | |
1194 | ||
1195 | /* callee will unlock and destroy lock */ | |
1196 | mptcp_subflow_free(mpts); | |
1197 | } | |
1198 | ||
1199 | static void | |
1200 | mptcp_subflow_attach(struct mptses *mpte, struct mptsub *mpts, struct socket *so) | |
1201 | { | |
1202 | struct socket *mp_so = mpte->mpte_mppcb->mpp_socket; | |
1203 | struct tcpcb *tp = sototcpcb(so); | |
1204 | ||
1205 | /* | |
1206 | * From this moment on, the subflow is linked to the MPTCP-connection. | |
1207 | * Locking,... happens now at the MPTCP-layer | |
1208 | */ | |
1209 | tp->t_mptcb = mpte->mpte_mptcb; | |
1210 | so->so_flags |= SOF_MP_SUBFLOW; | |
1211 | mp_so->so_usecount++; | |
1212 | ||
1213 | /* | |
1214 | * Insert the subflow into the list, and associate the MPTCP PCB | |
1215 | * as well as the the subflow socket. From this point on, removing | |
1216 | * the subflow needs to be done via mptcp_subflow_del(). | |
1217 | */ | |
1218 | TAILQ_INSERT_TAIL(&mpte->mpte_subflows, mpts, mpts_entry); | |
1219 | mpte->mpte_numflows++; | |
1220 | ||
1221 | atomic_bitset_32(&mpts->mpts_flags, MPTSF_ATTACHED); | |
1222 | mpts->mpts_mpte = mpte; | |
1223 | mpts->mpts_socket = so; | |
1224 | tp->t_mpsub = mpts; | |
1225 | mptcp_subflow_addref(mpts); /* for being in MPTCP subflow list */ | |
1226 | mptcp_subflow_addref(mpts); /* for subflow socket */ | |
1227 | } | |
1228 | ||
1229 | static void | |
1230 | mptcp_subflow_necp_cb(void *handle, __unused int action, | |
1231 | __unused struct necp_client_flow *flow) | |
1232 | { | |
1233 | struct inpcb *inp = (struct inpcb *)handle; | |
1234 | struct socket *so = inp->inp_socket; | |
1235 | struct mptsub *mpts; | |
1236 | struct mptses *mpte; | |
1237 | ||
1238 | if (action != NECP_CLIENT_CBACTION_NONVIABLE) | |
1239 | return; | |
1240 | ||
1241 | /* | |
1242 | * The socket is being garbage-collected. There is nothing to be done | |
1243 | * here. | |
1244 | */ | |
1245 | if (so->so_usecount == 0) | |
1246 | return; | |
1247 | ||
1248 | socket_lock(so, 1); | |
1249 | ||
1250 | /* Check again after we acquired the lock. */ | |
1251 | if (so->so_usecount == 0) | |
1252 | goto out; | |
1253 | ||
1254 | mpte = tptomptp(sototcpcb(so))->mpt_mpte; | |
1255 | mpts = sototcpcb(so)->t_mpsub; | |
1256 | ||
1257 | mptcplog((LOG_DEBUG, "%s: Subflow became non-viable", __func__), | |
1258 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_VERBOSE); | |
1259 | ||
1260 | mpts->mpts_flags |= MPTSF_CLOSE_REQD; | |
1261 | ||
1262 | mptcp_sched_create_subflows(mpte); | |
1263 | ||
1264 | if (mpte->mpte_svctype == MPTCP_SVCTYPE_HANDOVER) | |
1265 | flow->viable = 1; | |
1266 | ||
1267 | out: | |
1268 | socket_unlock(so, 1); | |
1269 | } | |
1270 | ||
1271 | /* | |
1272 | * Create an MPTCP subflow socket. | |
1273 | */ | |
1274 | static int | |
1275 | mptcp_subflow_socreate(struct mptses *mpte, struct mptsub *mpts, int dom, | |
1276 | struct socket **so) | |
1277 | { | |
1278 | lck_mtx_t *subflow_mtx; | |
1279 | struct mptopt smpo, *mpo, *tmpo; | |
1280 | struct proc *p; | |
1281 | struct socket *mp_so; | |
1282 | int error; | |
1283 | ||
1284 | *so = NULL; | |
1285 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
1286 | mp_so = mptetoso(mpte); | |
1287 | ||
1288 | p = proc_find(mp_so->last_pid); | |
1289 | if (p == PROC_NULL) { | |
1290 | mptcplog((LOG_ERR, "%s: Couldn't find proc for pid %u\n", __func__, mp_so->last_pid), | |
1291 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1292 | ||
1293 | return (ESRCH); | |
1294 | } | |
1295 | ||
1296 | /* | |
1297 | * Create the subflow socket (multipath subflow, non-blocking.) | |
1298 | * | |
1299 | * This will cause SOF_MP_SUBFLOW socket flag to be set on the subflow | |
1300 | * socket; it will be cleared when the socket is peeled off or closed. | |
1301 | * It also indicates to the underlying TCP to handle MPTCP options. | |
1302 | * A multipath subflow socket implies SS_NOFDREF state. | |
1303 | */ | |
1304 | ||
1305 | /* | |
1306 | * Unlock, because tcp_usr_attach ends up in in_pcballoc, which takes | |
1307 | * the ipi-lock. We cannot hold the socket-lock at that point. | |
1308 | */ | |
1309 | mpte_unlock(mpte); | |
1310 | error = socreate_internal(dom, so, SOCK_STREAM, IPPROTO_TCP, p, | |
1311 | SOCF_ASYNC, PROC_NULL); | |
1312 | mpte_lock(mpte); | |
1313 | if (error) { | |
1314 | mptcplog((LOG_ERR, "%s: subflow socreate mp_so 0x%llx unable to create subflow socket error %d\n", | |
1315 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), error), | |
1316 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1317 | ||
1318 | proc_rele(p); | |
1319 | ||
1320 | mptcp_subflow_free(mpts); | |
1321 | return (error); | |
1322 | } | |
1323 | ||
1324 | /* | |
1325 | * We need to protect the setting of SOF_MP_SUBFLOW with a lock, because | |
1326 | * this marks the moment of lock-switch from the TCP-lock to the MPTCP-lock. | |
1327 | * Which is why we also need to get the lock with pr_getlock, as after | |
1328 | * setting the flag, socket_unlock will work on the MPTCP-level lock. | |
1329 | */ | |
1330 | subflow_mtx = ((*so)->so_proto->pr_getlock)(*so, 0); | |
1331 | lck_mtx_lock(subflow_mtx); | |
1332 | ||
1333 | /* | |
1334 | * Must be the first thing we do, to make sure all pointers for this | |
1335 | * subflow are set. | |
1336 | */ | |
1337 | mptcp_subflow_attach(mpte, mpts, *so); | |
1338 | ||
1339 | /* | |
1340 | * A multipath subflow socket is used internally in the kernel, | |
1341 | * therefore it does not have a file desciptor associated by | |
1342 | * default. | |
1343 | */ | |
1344 | (*so)->so_state |= SS_NOFDREF; | |
1345 | ||
1346 | lck_mtx_unlock(subflow_mtx); | |
1347 | ||
1348 | /* prevent the socket buffers from being compressed */ | |
1349 | (*so)->so_rcv.sb_flags |= SB_NOCOMPRESS; | |
1350 | (*so)->so_snd.sb_flags |= SB_NOCOMPRESS; | |
1351 | ||
1352 | /* Inherit preconnect and TFO data flags */ | |
1353 | if (mp_so->so_flags1 & SOF1_PRECONNECT_DATA) | |
1354 | (*so)->so_flags1 |= SOF1_PRECONNECT_DATA; | |
1355 | if (mp_so->so_flags1 & SOF1_DATA_IDEMPOTENT) | |
1356 | (*so)->so_flags1 |= SOF1_DATA_IDEMPOTENT; | |
1357 | ||
1358 | /* Inherit uuid and create the related flow. */ | |
1359 | if (!uuid_is_null(mpsotomppcb(mp_so)->necp_client_uuid)) { | |
1360 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
1361 | ||
1362 | sotoinpcb(*so)->necp_cb = mptcp_subflow_necp_cb; | |
1363 | ||
1364 | /* | |
1365 | * A note on the unlock: With MPTCP, we do multiple times a | |
1366 | * necp_client_register_socket_flow. This is problematic, | |
1367 | * because now the lock-ordering guarantee (first necp-locks, | |
1368 | * then socket-locks) is no more respected. So, we need to | |
1369 | * unlock here. | |
1370 | */ | |
1371 | mpte_unlock(mpte); | |
1372 | error = necp_client_register_socket_flow(mp_so->last_pid, | |
1373 | mpsotomppcb(mp_so)->necp_client_uuid, sotoinpcb(*so)); | |
1374 | mpte_lock(mpte); | |
1375 | ||
1376 | if (error) | |
1377 | goto out_err; | |
1378 | ||
1379 | /* Possible state-change during the unlock above */ | |
1380 | if (mp_tp->mpt_state >= MPTCPS_TIME_WAIT || | |
1381 | (mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP)) | |
1382 | goto out_err; | |
1383 | ||
1384 | uuid_copy(sotoinpcb(*so)->necp_client_uuid, mpsotomppcb(mp_so)->necp_client_uuid); | |
1385 | } else { | |
1386 | mptcplog((LOG_NOTICE, "%s: uuid is not set!\n"), | |
1387 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG); | |
1388 | } | |
1389 | ||
1390 | /* inherit the other socket options */ | |
1391 | bzero(&smpo, sizeof (smpo)); | |
1392 | smpo.mpo_flags |= MPOF_SUBFLOW_OK; | |
1393 | smpo.mpo_level = SOL_SOCKET; | |
1394 | smpo.mpo_intval = 1; | |
1395 | ||
1396 | /* disable SIGPIPE */ | |
1397 | smpo.mpo_name = SO_NOSIGPIPE; | |
1398 | if ((error = mptcp_subflow_sosetopt(mpte, mpts, &smpo)) != 0) | |
1399 | goto out_err; | |
1400 | ||
1401 | /* find out if the subflow's source address goes away */ | |
1402 | smpo.mpo_name = SO_NOADDRERR; | |
1403 | if ((error = mptcp_subflow_sosetopt(mpte, mpts, &smpo)) != 0) | |
1404 | goto out_err; | |
1405 | ||
1406 | /* enable keepalive */ | |
1407 | smpo.mpo_name = SO_KEEPALIVE; | |
1408 | if ((error = mptcp_subflow_sosetopt(mpte, mpts, &smpo)) != 0) | |
1409 | goto out_err; | |
1410 | ||
1411 | smpo.mpo_level = IPPROTO_TCP; | |
1412 | smpo.mpo_intval = mptcp_subflow_keeptime; | |
1413 | smpo.mpo_name = TCP_KEEPALIVE; | |
1414 | if ((error = mptcp_subflow_sosetopt(mpte, mpts, &smpo)) != 0) | |
1415 | goto out_err; | |
1416 | ||
1417 | if (mpte->mpte_mptcb->mpt_state >= MPTCPS_ESTABLISHED) { | |
1418 | /* | |
1419 | * On secondary subflows we might need to set the cell-fallback | |
1420 | * flag (see conditions in mptcp_subflow_sosetopt). | |
1421 | */ | |
1422 | smpo.mpo_level = SOL_SOCKET; | |
1423 | smpo.mpo_name = SO_MARK_CELLFALLBACK; | |
1424 | smpo.mpo_intval = 1; | |
1425 | if ((error = mptcp_subflow_sosetopt(mpte, mpts, &smpo)) != 0) | |
1426 | goto out_err; | |
1427 | } | |
1428 | ||
1429 | /* replay setsockopt(2) on the subflow sockets for eligible options */ | |
1430 | TAILQ_FOREACH_SAFE(mpo, &mpte->mpte_sopts, mpo_entry, tmpo) { | |
1431 | int interim; | |
1432 | ||
1433 | if (!(mpo->mpo_flags & MPOF_SUBFLOW_OK)) | |
1434 | continue; | |
1435 | ||
1436 | /* | |
1437 | * Skip those that are handled internally; these options | |
1438 | * should not have been recorded and marked with the | |
1439 | * MPOF_SUBFLOW_OK by mptcp_setopt(), but just in case. | |
1440 | */ | |
1441 | if (mpo->mpo_level == SOL_SOCKET && | |
1442 | (mpo->mpo_name == SO_NOSIGPIPE || | |
1443 | mpo->mpo_name == SO_NOADDRERR || | |
1444 | mpo->mpo_name == SO_KEEPALIVE)) | |
1445 | continue; | |
1446 | ||
1447 | interim = (mpo->mpo_flags & MPOF_INTERIM); | |
1448 | if (mptcp_subflow_sosetopt(mpte, mpts, mpo) != 0 && interim) { | |
1449 | mptcplog((LOG_ERR, "%s: subflow socreate mp_so 0x%llx" | |
1450 | " sopt %s val %d interim record removed\n", __func__, | |
1451 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
1452 | mptcp_sopt2str(mpo->mpo_level, mpo->mpo_name), | |
1453 | mpo->mpo_intval), | |
1454 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1455 | mptcp_sopt_remove(mpte, mpo); | |
1456 | mptcp_sopt_free(mpo); | |
1457 | continue; | |
1458 | } | |
1459 | } | |
1460 | ||
1461 | /* | |
1462 | * We need to receive everything that the subflow socket has, | |
1463 | * so use a customized socket receive function. We will undo | |
1464 | * this when the socket is peeled off or closed. | |
1465 | */ | |
1466 | switch (dom) { | |
1467 | case PF_INET: | |
1468 | (*so)->so_proto = &mptcp_subflow_protosw; | |
1469 | break; | |
1470 | #if INET6 | |
1471 | case PF_INET6: | |
1472 | (*so)->so_proto = (struct protosw *)&mptcp_subflow_protosw6; | |
1473 | break; | |
1474 | #endif /* INET6 */ | |
1475 | default: | |
1476 | VERIFY(0); | |
1477 | /* NOTREACHED */ | |
1478 | } | |
1479 | ||
1480 | proc_rele(p); | |
1481 | ||
1482 | DTRACE_MPTCP3(subflow__create, struct mptses *, mpte, | |
1483 | int, dom, int, error); | |
1484 | ||
1485 | return (0); | |
1486 | ||
1487 | out_err: | |
1488 | mptcp_subflow_abort(mpts, error); | |
1489 | ||
1490 | proc_rele(p); | |
1491 | ||
1492 | mptcplog((LOG_ERR, "%s: subflow socreate failed with error %d\n", | |
1493 | __func__, error), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1494 | ||
1495 | return (error); | |
1496 | } | |
1497 | ||
1498 | /* | |
1499 | * Close an MPTCP subflow socket. | |
1500 | * | |
1501 | * Note that this may be called on an embryonic subflow, and the only | |
1502 | * thing that is guaranteed valid is the protocol-user request. | |
1503 | */ | |
1504 | static void | |
1505 | mptcp_subflow_soclose(struct mptsub *mpts) | |
1506 | { | |
1507 | struct socket *so = mpts->mpts_socket; | |
1508 | ||
1509 | if (mpts->mpts_flags & MPTSF_CLOSED) | |
1510 | return; | |
1511 | ||
1512 | VERIFY(so != NULL); | |
1513 | VERIFY(so->so_flags & SOF_MP_SUBFLOW); | |
1514 | VERIFY((so->so_state & (SS_NBIO|SS_NOFDREF)) == (SS_NBIO|SS_NOFDREF)); | |
1515 | ||
1516 | DTRACE_MPTCP5(subflow__close, struct mptsub *, mpts, | |
1517 | struct socket *, so, | |
1518 | struct sockbuf *, &so->so_rcv, | |
1519 | struct sockbuf *, &so->so_snd, | |
1520 | struct mptses *, mpts->mpts_mpte); | |
1521 | ||
1522 | mpts->mpts_flags |= MPTSF_CLOSED; | |
1523 | ||
1524 | if (so->so_retaincnt == 0) { | |
1525 | soclose_locked(so); | |
1526 | ||
1527 | return; | |
1528 | } else { | |
1529 | VERIFY(so->so_usecount > 0); | |
1530 | so->so_usecount--; | |
1531 | } | |
1532 | ||
1533 | return; | |
1534 | } | |
1535 | ||
1536 | /* | |
1537 | * Connect an MPTCP subflow socket. | |
1538 | * | |
1539 | * Note that in the pending connect case, the subflow socket may have been | |
1540 | * bound to an interface and/or a source IP address which may no longer be | |
1541 | * around by the time this routine is called; in that case the connect attempt | |
1542 | * will most likely fail. | |
1543 | */ | |
1544 | static int | |
1545 | mptcp_subflow_soconnectx(struct mptses *mpte, struct mptsub *mpts) | |
1546 | { | |
1547 | char dbuf[MAX_IPv6_STR_LEN]; | |
1548 | struct socket *mp_so, *so; | |
1549 | struct mptcb *mp_tp; | |
1550 | struct sockaddr *dst; | |
1551 | struct proc *p; | |
1552 | int af, error, dport; | |
1553 | ||
1554 | mp_so = mptetoso(mpte); | |
1555 | mp_tp = mpte->mpte_mptcb; | |
1556 | so = mpts->mpts_socket; | |
1557 | af = mpts->mpts_dst.sa_family; | |
1558 | dst = &mpts->mpts_dst; | |
1559 | ||
1560 | VERIFY((mpts->mpts_flags & (MPTSF_CONNECTING|MPTSF_CONNECTED)) == MPTSF_CONNECTING); | |
1561 | VERIFY(mpts->mpts_socket != NULL); | |
1562 | VERIFY(af == AF_INET || af == AF_INET6); | |
1563 | ||
1564 | if (af == AF_INET) { | |
1565 | inet_ntop(af, &SIN(dst)->sin_addr.s_addr, dbuf, sizeof (dbuf)); | |
1566 | dport = ntohs(SIN(dst)->sin_port); | |
1567 | } else { | |
1568 | inet_ntop(af, &SIN6(dst)->sin6_addr, dbuf, sizeof (dbuf)); | |
1569 | dport = ntohs(SIN6(dst)->sin6_port); | |
1570 | } | |
1571 | ||
1572 | os_log_info(mptcp_log_handle, | |
1573 | "%s: ifindex %u dst %s:%d pended %u\n", __func__, mpts->mpts_ifscope, | |
1574 | dbuf, dport, !!(mpts->mpts_flags & MPTSF_CONNECT_PENDING)); | |
1575 | ||
1576 | p = proc_find(mp_so->last_pid); | |
1577 | if (p == PROC_NULL) { | |
1578 | mptcplog((LOG_ERR, "%s: Couldn't find proc for pid %u\n", __func__, mp_so->last_pid), | |
1579 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1580 | ||
1581 | return (ESRCH); | |
1582 | } | |
1583 | ||
1584 | mpts->mpts_flags &= ~MPTSF_CONNECT_PENDING; | |
1585 | ||
1586 | mptcp_attach_to_subf(so, mpte->mpte_mptcb, mpte->mpte_addrid_last); | |
1587 | ||
1588 | /* connect the subflow socket */ | |
1589 | error = soconnectxlocked(so, mpts->mpts_src, &mpts->mpts_dst, | |
1590 | p, mpts->mpts_ifscope, | |
1591 | mpte->mpte_associd, NULL, 0, NULL, 0, NULL, NULL); | |
1592 | ||
1593 | mpts->mpts_iss = sototcpcb(so)->iss; | |
1594 | ||
1595 | /* See tcp_connect_complete */ | |
1596 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED && | |
1597 | (mp_so->so_flags1 & SOF1_PRECONNECT_DATA)) { | |
1598 | mp_tp->mpt_sndwnd = sototcpcb(so)->snd_wnd; | |
1599 | } | |
1600 | ||
1601 | /* Allocate a unique address id per subflow */ | |
1602 | mpte->mpte_addrid_last++; | |
1603 | if (mpte->mpte_addrid_last == 0) | |
1604 | mpte->mpte_addrid_last++; | |
1605 | ||
1606 | proc_rele(p); | |
1607 | ||
1608 | DTRACE_MPTCP3(subflow__connect, struct mptses *, mpte, | |
1609 | struct mptsub *, mpts, int, error); | |
1610 | if (error) | |
1611 | mptcplog((LOG_ERR, "%s: connectx failed with error %d ifscope %u\n", | |
1612 | __func__, error, mpts->mpts_ifscope), | |
1613 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1614 | ||
1615 | return (error); | |
1616 | } | |
1617 | ||
1618 | /* | |
1619 | * MPTCP subflow socket receive routine, derived from soreceive(). | |
1620 | */ | |
1621 | static int | |
1622 | mptcp_subflow_soreceive(struct socket *so, struct sockaddr **psa, | |
1623 | struct uio *uio, struct mbuf **mp0, struct mbuf **controlp, int *flagsp) | |
1624 | { | |
1625 | #pragma unused(uio) | |
1626 | struct socket *mp_so = mptetoso(tptomptp(sototcpcb(so))->mpt_mpte); | |
1627 | int flags, error = 0; | |
1628 | struct proc *p = current_proc(); | |
1629 | struct mbuf *m, **mp = mp0; | |
1630 | boolean_t proc_held = FALSE; | |
1631 | ||
1632 | mpte_lock_assert_held(tptomptp(sototcpcb(so))->mpt_mpte); | |
1633 | VERIFY(so->so_proto->pr_flags & PR_CONNREQUIRED); | |
1634 | ||
1635 | #ifdef MORE_LOCKING_DEBUG | |
1636 | if (so->so_usecount == 1) { | |
1637 | panic("%s: so=%x no other reference on socket\n", __func__, so); | |
1638 | /* NOTREACHED */ | |
1639 | } | |
1640 | #endif | |
1641 | /* | |
1642 | * We return all that is there in the subflow's socket receive buffer | |
1643 | * to the MPTCP layer, so we require that the caller passes in the | |
1644 | * expected parameters. | |
1645 | */ | |
1646 | if (mp == NULL || controlp != NULL) | |
1647 | return (EINVAL); | |
1648 | ||
1649 | *mp = NULL; | |
1650 | if (psa != NULL) | |
1651 | *psa = NULL; | |
1652 | if (flagsp != NULL) | |
1653 | flags = *flagsp &~ MSG_EOR; | |
1654 | else | |
1655 | flags = 0; | |
1656 | ||
1657 | if (flags & (MSG_PEEK|MSG_OOB|MSG_NEEDSA|MSG_WAITALL|MSG_WAITSTREAM)) | |
1658 | return (EOPNOTSUPP); | |
1659 | ||
1660 | flags |= (MSG_DONTWAIT|MSG_NBIO); | |
1661 | ||
1662 | /* | |
1663 | * If a recv attempt is made on a previously-accepted socket | |
1664 | * that has been marked as inactive (disconnected), reject | |
1665 | * the request. | |
1666 | */ | |
1667 | if (so->so_flags & SOF_DEFUNCT) { | |
1668 | struct sockbuf *sb = &so->so_rcv; | |
1669 | ||
1670 | error = ENOTCONN; | |
1671 | /* | |
1672 | * This socket should have been disconnected and flushed | |
1673 | * prior to being returned from sodefunct(); there should | |
1674 | * be no data on its receive list, so panic otherwise. | |
1675 | */ | |
1676 | if (so->so_state & SS_DEFUNCT) | |
1677 | sb_empty_assert(sb, __func__); | |
1678 | return (error); | |
1679 | } | |
1680 | ||
1681 | /* | |
1682 | * See if the socket has been closed (SS_NOFDREF|SS_CANTRCVMORE) | |
1683 | * and if so just return to the caller. This could happen when | |
1684 | * soreceive() is called by a socket upcall function during the | |
1685 | * time the socket is freed. The socket buffer would have been | |
1686 | * locked across the upcall, therefore we cannot put this thread | |
1687 | * to sleep (else we will deadlock) or return EWOULDBLOCK (else | |
1688 | * we may livelock), because the lock on the socket buffer will | |
1689 | * only be released when the upcall routine returns to its caller. | |
1690 | * Because the socket has been officially closed, there can be | |
1691 | * no further read on it. | |
1692 | * | |
1693 | * A multipath subflow socket would have its SS_NOFDREF set by | |
1694 | * default, so check for SOF_MP_SUBFLOW socket flag; when the | |
1695 | * socket is closed for real, SOF_MP_SUBFLOW would be cleared. | |
1696 | */ | |
1697 | if ((so->so_state & (SS_NOFDREF | SS_CANTRCVMORE)) == | |
1698 | (SS_NOFDREF | SS_CANTRCVMORE) && !(so->so_flags & SOF_MP_SUBFLOW)) | |
1699 | return (0); | |
1700 | ||
1701 | /* | |
1702 | * For consistency with soreceive() semantics, we need to obey | |
1703 | * SB_LOCK in case some other code path has locked the buffer. | |
1704 | */ | |
1705 | error = sblock(&so->so_rcv, 0); | |
1706 | if (error != 0) | |
1707 | return (error); | |
1708 | ||
1709 | m = so->so_rcv.sb_mb; | |
1710 | if (m == NULL) { | |
1711 | /* | |
1712 | * Panic if we notice inconsistencies in the socket's | |
1713 | * receive list; both sb_mb and sb_cc should correctly | |
1714 | * reflect the contents of the list, otherwise we may | |
1715 | * end up with false positives during select() or poll() | |
1716 | * which could put the application in a bad state. | |
1717 | */ | |
1718 | SB_MB_CHECK(&so->so_rcv); | |
1719 | ||
1720 | if (so->so_error != 0) { | |
1721 | error = so->so_error; | |
1722 | so->so_error = 0; | |
1723 | goto release; | |
1724 | } | |
1725 | ||
1726 | if (so->so_state & SS_CANTRCVMORE) { | |
1727 | goto release; | |
1728 | } | |
1729 | ||
1730 | if (!(so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING))) { | |
1731 | error = ENOTCONN; | |
1732 | goto release; | |
1733 | } | |
1734 | ||
1735 | /* | |
1736 | * MSG_DONTWAIT is implicitly defined and this routine will | |
1737 | * never block, so return EWOULDBLOCK when there is nothing. | |
1738 | */ | |
1739 | error = EWOULDBLOCK; | |
1740 | goto release; | |
1741 | } | |
1742 | ||
1743 | mptcp_update_last_owner(so, mp_so); | |
1744 | ||
1745 | if (mp_so->last_pid != proc_pid(p)) { | |
1746 | p = proc_find(mp_so->last_pid); | |
1747 | if (p == PROC_NULL) { | |
1748 | p = current_proc(); | |
1749 | } else { | |
1750 | proc_held = TRUE; | |
1751 | } | |
1752 | } | |
1753 | ||
1754 | OSIncrementAtomicLong(&p->p_stats->p_ru.ru_msgrcv); | |
1755 | SBLASTRECORDCHK(&so->so_rcv, "mptcp_subflow_soreceive 1"); | |
1756 | SBLASTMBUFCHK(&so->so_rcv, "mptcp_subflow_soreceive 1"); | |
1757 | ||
1758 | while (m != NULL) { | |
1759 | int dlen = 0, dfin = 0, error_out = 0; | |
1760 | struct mbuf *start = m; | |
1761 | uint64_t dsn; | |
1762 | uint32_t sseq; | |
1763 | uint16_t orig_dlen; | |
1764 | uint16_t csum; | |
1765 | ||
1766 | VERIFY(m->m_nextpkt == NULL); | |
1767 | ||
1768 | if ((m->m_flags & M_PKTHDR) && (m->m_pkthdr.pkt_flags & PKTF_MPTCP)) { | |
1769 | orig_dlen = dlen = m->m_pkthdr.mp_rlen; | |
1770 | dsn = m->m_pkthdr.mp_dsn; | |
1771 | sseq = m->m_pkthdr.mp_rseq; | |
1772 | csum = m->m_pkthdr.mp_csum; | |
1773 | } else { | |
1774 | /* We did fallback */ | |
1775 | mptcp_adj_rmap(so, m, 0, 0, 0, 0); | |
1776 | ||
1777 | sbfree(&so->so_rcv, m); | |
1778 | ||
1779 | if (mp != NULL) { | |
1780 | *mp = m; | |
1781 | mp = &m->m_next; | |
1782 | so->so_rcv.sb_mb = m = m->m_next; | |
1783 | *mp = NULL; | |
1784 | ||
1785 | } | |
1786 | ||
1787 | if (m != NULL) { | |
1788 | so->so_rcv.sb_lastrecord = m; | |
1789 | } else { | |
1790 | SB_EMPTY_FIXUP(&so->so_rcv); | |
1791 | } | |
1792 | ||
1793 | continue; | |
1794 | } | |
1795 | ||
1796 | if (m->m_pkthdr.pkt_flags & PKTF_MPTCP_DFIN) | |
1797 | dfin = 1; | |
1798 | ||
1799 | /* | |
1800 | * Check if the full mapping is now present | |
1801 | */ | |
1802 | if ((int)so->so_rcv.sb_cc < dlen - dfin) { | |
1803 | mptcplog((LOG_INFO, "%s not enough data (%u) need %u\n", | |
1804 | __func__, so->so_rcv.sb_cc, dlen), | |
1805 | MPTCP_RECEIVER_DBG, MPTCP_LOGLVL_LOG); | |
1806 | ||
1807 | if (*mp0 == NULL) | |
1808 | error = EWOULDBLOCK; | |
1809 | goto release; | |
1810 | } | |
1811 | ||
1812 | /* Now, get the full mapping */ | |
1813 | while (dlen > 0) { | |
1814 | if (mptcp_adj_rmap(so, m, orig_dlen - dlen, dsn, sseq, orig_dlen)) { | |
1815 | error_out = 1; | |
1816 | error = EIO; | |
1817 | dlen = 0; | |
1818 | soevent(so, SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); | |
1819 | break; | |
1820 | } | |
1821 | ||
1822 | dlen -= m->m_len; | |
1823 | sbfree(&so->so_rcv, m); | |
1824 | ||
1825 | if (mp != NULL) { | |
1826 | *mp = m; | |
1827 | mp = &m->m_next; | |
1828 | so->so_rcv.sb_mb = m = m->m_next; | |
1829 | *mp = NULL; | |
1830 | } | |
1831 | ||
1832 | if (dlen - dfin == 0) | |
1833 | dlen = 0; | |
1834 | ||
1835 | VERIFY(dlen <= 0 || m); | |
1836 | } | |
1837 | ||
1838 | VERIFY(dlen == 0); | |
1839 | ||
1840 | if (m != NULL) { | |
1841 | so->so_rcv.sb_lastrecord = m; | |
1842 | } else { | |
1843 | SB_EMPTY_FIXUP(&so->so_rcv); | |
1844 | } | |
1845 | ||
1846 | if (error_out) | |
1847 | goto release; | |
1848 | ||
1849 | ||
1850 | if (mptcp_validate_csum(sototcpcb(so), start, dsn, sseq, orig_dlen, csum, dfin)) { | |
1851 | error = EIO; | |
1852 | *mp0 = NULL; | |
1853 | goto release; | |
1854 | } | |
1855 | ||
1856 | SBLASTRECORDCHK(&so->so_rcv, "mptcp_subflow_soreceive 2"); | |
1857 | SBLASTMBUFCHK(&so->so_rcv, "mptcp_subflow_soreceive 2"); | |
1858 | } | |
1859 | ||
1860 | DTRACE_MPTCP3(subflow__receive, struct socket *, so, | |
1861 | struct sockbuf *, &so->so_rcv, struct sockbuf *, &so->so_snd); | |
1862 | ||
1863 | if (flagsp != NULL) | |
1864 | *flagsp |= flags; | |
1865 | ||
1866 | release: | |
1867 | sbunlock(&so->so_rcv, TRUE); | |
1868 | ||
1869 | if (proc_held) | |
1870 | proc_rele(p); | |
1871 | ||
1872 | return (error); | |
1873 | ||
1874 | } | |
1875 | ||
1876 | /* | |
1877 | * MPTCP subflow socket send routine, derived from sosend(). | |
1878 | */ | |
1879 | static int | |
1880 | mptcp_subflow_sosend(struct socket *so, struct sockaddr *addr, struct uio *uio, | |
1881 | struct mbuf *top, struct mbuf *control, int flags) | |
1882 | { | |
1883 | struct socket *mp_so = mptetoso(tptomptp(sototcpcb(so))->mpt_mpte); | |
1884 | struct proc *p = current_proc(); | |
1885 | boolean_t en_tracing = FALSE, proc_held = FALSE; | |
1886 | int en_tracing_val; | |
1887 | int sblocked = 1; /* Pretend as if it is already locked, so we won't relock it */ | |
1888 | int error; | |
1889 | ||
1890 | VERIFY(control == NULL); | |
1891 | VERIFY(addr == NULL); | |
1892 | VERIFY(uio == NULL); | |
1893 | VERIFY(flags == 0); | |
1894 | VERIFY((so->so_flags & SOF_CONTENT_FILTER) == 0); | |
1895 | ||
1896 | VERIFY(top->m_pkthdr.len > 0 && top->m_pkthdr.len <= UINT16_MAX); | |
1897 | VERIFY(top->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
1898 | ||
1899 | /* | |
1900 | * trace if tracing & network (vs. unix) sockets & and | |
1901 | * non-loopback | |
1902 | */ | |
1903 | if (ENTR_SHOULDTRACE && | |
1904 | (SOCK_CHECK_DOM(so, AF_INET) || SOCK_CHECK_DOM(so, AF_INET6))) { | |
1905 | struct inpcb *inp = sotoinpcb(so); | |
1906 | if (inp->inp_last_outifp != NULL && | |
1907 | !(inp->inp_last_outifp->if_flags & IFF_LOOPBACK)) { | |
1908 | en_tracing = TRUE; | |
1909 | en_tracing_val = top->m_pkthdr.len; | |
1910 | KERNEL_ENERGYTRACE(kEnTrActKernSockWrite, DBG_FUNC_START, | |
1911 | VM_KERNEL_ADDRPERM(so), | |
1912 | ((so->so_state & SS_NBIO) ? kEnTrFlagNonBlocking : 0), | |
1913 | (int64_t)en_tracing_val); | |
1914 | } | |
1915 | } | |
1916 | ||
1917 | mptcp_update_last_owner(so, mp_so); | |
1918 | ||
1919 | if (mp_so->last_pid != proc_pid(p)) { | |
1920 | p = proc_find(mp_so->last_pid); | |
1921 | if (p == PROC_NULL) { | |
1922 | p = current_proc(); | |
1923 | } else { | |
1924 | proc_held = TRUE; | |
1925 | } | |
1926 | } | |
1927 | ||
1928 | #if NECP | |
1929 | inp_update_necp_policy(sotoinpcb(so), NULL, NULL, 0); | |
1930 | #endif /* NECP */ | |
1931 | ||
1932 | OSIncrementAtomicLong(&p->p_stats->p_ru.ru_msgsnd); | |
1933 | ||
1934 | error = sosendcheck(so, NULL, top->m_pkthdr.len, 0, 1, 0, &sblocked, NULL); | |
1935 | if (error) | |
1936 | goto out; | |
1937 | ||
1938 | error = (*so->so_proto->pr_usrreqs->pru_send)(so, 0, top, NULL, NULL, p); | |
1939 | top = NULL; | |
1940 | ||
1941 | out: | |
1942 | if (top != NULL) | |
1943 | m_freem(top); | |
1944 | ||
1945 | if (proc_held) | |
1946 | proc_rele(p); | |
1947 | ||
1948 | soclearfastopen(so); | |
1949 | ||
1950 | if (en_tracing) { | |
1951 | KERNEL_ENERGYTRACE(kEnTrActKernSockWrite, DBG_FUNC_END, | |
1952 | VM_KERNEL_ADDRPERM(so), | |
1953 | ((error == EWOULDBLOCK) ? kEnTrFlagNoWork : 0), | |
1954 | (int64_t)en_tracing_val); | |
1955 | } | |
1956 | ||
1957 | return (error); | |
1958 | ||
1959 | } | |
1960 | ||
1961 | /* | |
1962 | * Establish an initial MPTCP connection (if first subflow and not yet | |
1963 | * connected), or add a subflow to an existing MPTCP connection. | |
1964 | */ | |
1965 | int | |
1966 | mptcp_subflow_add(struct mptses *mpte, struct sockaddr *src, | |
1967 | struct sockaddr *dst, uint32_t ifscope, sae_connid_t *pcid) | |
1968 | { | |
1969 | struct socket *mp_so, *so = NULL; | |
1970 | struct mptcb *mp_tp; | |
1971 | struct mptsub *mpts = NULL; | |
1972 | int af, error = 0; | |
1973 | ||
1974 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
1975 | mp_so = mptetoso(mpte); | |
1976 | mp_tp = mpte->mpte_mptcb; | |
1977 | ||
1978 | if (mp_tp->mpt_state >= MPTCPS_CLOSE_WAIT) { | |
1979 | /* If the remote end sends Data FIN, refuse subflow adds */ | |
1980 | mptcplog((LOG_ERR, "%s state %u\n", __func__, mp_tp->mpt_state), | |
1981 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1982 | error = ENOTCONN; | |
1983 | goto out_err; | |
1984 | } | |
1985 | ||
1986 | mpts = mptcp_subflow_alloc(); | |
1987 | if (mpts == NULL) { | |
1988 | mptcplog((LOG_ERR, "%s malloc subflow failed\n", __func__), | |
1989 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
1990 | error = ENOMEM; | |
1991 | goto out_err; | |
1992 | } | |
1993 | ||
1994 | if (src != NULL) { | |
1995 | int len = src->sa_len; | |
1996 | ||
1997 | MALLOC(mpts->mpts_src, struct sockaddr *, len, M_SONAME, | |
1998 | M_WAITOK | M_ZERO); | |
1999 | if (mpts->mpts_src == NULL) { | |
2000 | mptcplog((LOG_ERR, "%s malloc mpts_src failed", __func__), | |
2001 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
2002 | error = ENOMEM; | |
2003 | goto out_err; | |
2004 | } | |
2005 | bcopy(src, mpts->mpts_src, len); | |
2006 | } | |
2007 | ||
2008 | memcpy(&mpts->mpts_dst, dst, dst->sa_len); | |
2009 | ||
2010 | af = mpts->mpts_dst.sa_family; | |
2011 | ||
2012 | mpts->mpts_ifscope = ifscope; | |
2013 | ||
2014 | /* create the subflow socket */ | |
2015 | if ((error = mptcp_subflow_socreate(mpte, mpts, af, &so)) != 0) | |
2016 | /* | |
2017 | * Returning (error) and not cleaning up, because up to here | |
2018 | * all we did is creating mpts. | |
2019 | * | |
2020 | * And the contract is that the call to mptcp_subflow_socreate, | |
2021 | * moves ownership of mpts to mptcp_subflow_socreate. | |
2022 | */ | |
2023 | return (error); | |
2024 | ||
2025 | /* | |
2026 | * We may be called from within the kernel. Still need to account this | |
2027 | * one to the real app. | |
2028 | */ | |
2029 | mptcp_update_last_owner(mpts->mpts_socket, mp_so); | |
2030 | ||
2031 | /* | |
2032 | * Increment the counter, while avoiding 0 (SAE_CONNID_ANY) and | |
2033 | * -1 (SAE_CONNID_ALL). | |
2034 | */ | |
2035 | mpte->mpte_connid_last++; | |
2036 | if (mpte->mpte_connid_last == SAE_CONNID_ALL || | |
2037 | mpte->mpte_connid_last == SAE_CONNID_ANY) | |
2038 | mpte->mpte_connid_last++; | |
2039 | ||
2040 | mpts->mpts_connid = mpte->mpte_connid_last; | |
2041 | ||
2042 | mpts->mpts_rel_seq = 1; | |
2043 | ||
2044 | /* Allocate a unique address id per subflow */ | |
2045 | mpte->mpte_addrid_last++; | |
2046 | if (mpte->mpte_addrid_last == 0) | |
2047 | mpte->mpte_addrid_last++; | |
2048 | ||
2049 | /* register for subflow socket read/write events */ | |
2050 | sock_setupcalls_locked(so, mptcp_subflow_rupcall, mpts, mptcp_subflow_wupcall, mpts, 1); | |
2051 | ||
2052 | /* Register for subflow socket control events */ | |
2053 | sock_catchevents_locked(so, mptcp_subflow_eupcall1, mpts, | |
2054 | SO_FILT_HINT_CONNRESET | SO_FILT_HINT_CANTRCVMORE | | |
2055 | SO_FILT_HINT_TIMEOUT | SO_FILT_HINT_NOSRCADDR | | |
2056 | SO_FILT_HINT_IFDENIED | SO_FILT_HINT_CONNECTED | | |
2057 | SO_FILT_HINT_DISCONNECTED | SO_FILT_HINT_MPFAILOVER | | |
2058 | SO_FILT_HINT_MPSTATUS | SO_FILT_HINT_MUSTRST | | |
2059 | SO_FILT_HINT_MPCANTRCVMORE | SO_FILT_HINT_ADAPTIVE_RTIMO | | |
2060 | SO_FILT_HINT_ADAPTIVE_WTIMO); | |
2061 | ||
2062 | /* sanity check */ | |
2063 | VERIFY(!(mpts->mpts_flags & | |
2064 | (MPTSF_CONNECTING|MPTSF_CONNECTED|MPTSF_CONNECT_PENDING))); | |
2065 | ||
2066 | /* | |
2067 | * Indicate to the TCP subflow whether or not it should establish | |
2068 | * the initial MPTCP connection, or join an existing one. Fill | |
2069 | * in the connection request structure with additional info needed | |
2070 | * by the underlying TCP (to be used in the TCP options, etc.) | |
2071 | */ | |
2072 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED && mpte->mpte_numflows == 1) { | |
2073 | mpts->mpts_flags |= MPTSF_INITIAL_SUB; | |
2074 | ||
2075 | if (mp_tp->mpt_state == MPTCPS_CLOSED) { | |
2076 | mptcp_init_local_parms(mpte); | |
2077 | } | |
2078 | soisconnecting(mp_so); | |
2079 | ||
2080 | /* If fastopen is requested, set state in mpts */ | |
2081 | if (so->so_flags1 & SOF1_PRECONNECT_DATA) | |
2082 | mpts->mpts_flags |= MPTSF_TFO_REQD; | |
2083 | } else { | |
2084 | if (!(mp_tp->mpt_flags & MPTCPF_JOIN_READY)) | |
2085 | mpts->mpts_flags |= MPTSF_CONNECT_PENDING; | |
2086 | } | |
2087 | ||
2088 | mpts->mpts_flags |= MPTSF_CONNECTING; | |
2089 | ||
2090 | if (af == AF_INET || af == AF_INET6) { | |
2091 | char dbuf[MAX_IPv6_STR_LEN]; | |
2092 | ||
2093 | mptcplog((LOG_DEBUG, "MPTCP Socket: %s " | |
2094 | "mp_so 0x%llx dst %s[%d] cid %d " | |
2095 | "[pending %s]\n", __func__, | |
2096 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
2097 | inet_ntop(af, ((af == AF_INET) ? | |
2098 | (void *)&SIN(&mpts->mpts_dst)->sin_addr.s_addr : | |
2099 | (void *)&SIN6(&mpts->mpts_dst)->sin6_addr), | |
2100 | dbuf, sizeof (dbuf)), ((af == AF_INET) ? | |
2101 | ntohs(SIN(&mpts->mpts_dst)->sin_port) : | |
2102 | ntohs(SIN6(&mpts->mpts_dst)->sin6_port)), | |
2103 | mpts->mpts_connid, | |
2104 | ((mpts->mpts_flags & MPTSF_CONNECT_PENDING) ? | |
2105 | "YES" : "NO")), | |
2106 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2107 | } | |
2108 | ||
2109 | /* connect right away if first attempt, or if join can be done now */ | |
2110 | if (!(mpts->mpts_flags & MPTSF_CONNECT_PENDING)) | |
2111 | error = mptcp_subflow_soconnectx(mpte, mpts); | |
2112 | ||
2113 | if (error) | |
2114 | goto out_err_close; | |
2115 | ||
2116 | if (pcid) | |
2117 | *pcid = mpts->mpts_connid; | |
2118 | ||
2119 | return (0); | |
2120 | ||
2121 | out_err_close: | |
2122 | mptcp_subflow_abort(mpts, error); | |
2123 | ||
2124 | return (error); | |
2125 | ||
2126 | out_err: | |
2127 | if (mpts) | |
2128 | mptcp_subflow_free(mpts); | |
2129 | ||
2130 | return (error); | |
2131 | } | |
2132 | ||
2133 | void | |
2134 | mptcpstats_update(struct mptcp_itf_stats *stats, struct mptsub *mpts) | |
2135 | { | |
2136 | int index = mptcp_get_statsindex(stats, mpts); | |
2137 | ||
2138 | if (index != -1) { | |
2139 | struct inpcb *inp = sotoinpcb(mpts->mpts_socket); | |
2140 | ||
2141 | stats[index].mpis_txbytes += inp->inp_stat->txbytes; | |
2142 | stats[index].mpis_rxbytes += inp->inp_stat->rxbytes; | |
2143 | } | |
2144 | } | |
2145 | ||
2146 | /* | |
2147 | * Delete/remove a subflow from an MPTCP. The underlying subflow socket | |
2148 | * will no longer be accessible after a subflow is deleted, thus this | |
2149 | * should occur only after the subflow socket has been disconnected. | |
2150 | */ | |
2151 | void | |
2152 | mptcp_subflow_del(struct mptses *mpte, struct mptsub *mpts) | |
2153 | { | |
2154 | struct socket *mp_so = mptetoso(mpte); | |
2155 | struct socket *so = mpts->mpts_socket; | |
2156 | struct tcpcb *tp = sototcpcb(so); | |
2157 | ||
2158 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
2159 | VERIFY(mpts->mpts_mpte == mpte); | |
2160 | VERIFY(mpts->mpts_flags & MPTSF_ATTACHED); | |
2161 | VERIFY(mpte->mpte_numflows != 0); | |
2162 | VERIFY(mp_so->so_usecount > 0); | |
2163 | ||
2164 | mptcplog((LOG_DEBUG, "%s: mp_so 0x%llx [u=%d,r=%d] cid %d %x error %d\n", | |
2165 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
2166 | mp_so->so_usecount, mp_so->so_retaincnt, mpts->mpts_connid, | |
2167 | mpts->mpts_flags, mp_so->so_error), | |
2168 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2169 | ||
2170 | mptcpstats_update(mpte->mpte_itfstats, mpts); | |
2171 | mpte->mpte_init_rxbytes = sotoinpcb(so)->inp_stat->rxbytes; | |
2172 | mpte->mpte_init_txbytes = sotoinpcb(so)->inp_stat->txbytes; | |
2173 | ||
2174 | atomic_bitclear_32(&mpts->mpts_flags, MPTSF_ATTACHED); | |
2175 | TAILQ_REMOVE(&mpte->mpte_subflows, mpts, mpts_entry); | |
2176 | mpte->mpte_numflows--; | |
2177 | if (mpte->mpte_active_sub == mpts) | |
2178 | mpte->mpte_active_sub = NULL; | |
2179 | ||
2180 | /* | |
2181 | * Drop references held by this subflow socket; there | |
2182 | * will be no further upcalls made from this point. | |
2183 | */ | |
2184 | sock_setupcalls_locked(so, NULL, NULL, NULL, NULL, 0); | |
2185 | sock_catchevents_locked(so, NULL, NULL, 0); | |
2186 | ||
2187 | mptcp_detach_mptcb_from_subf(mpte->mpte_mptcb, so); | |
2188 | ||
2189 | mp_so->so_usecount--; /* for subflow socket */ | |
2190 | mpts->mpts_mpte = NULL; | |
2191 | mpts->mpts_socket = NULL; | |
2192 | ||
2193 | mptcp_subflow_remref(mpts); /* for MPTCP subflow list */ | |
2194 | mptcp_subflow_remref(mpts); /* for subflow socket */ | |
2195 | ||
2196 | so->so_flags &= ~SOF_MP_SUBFLOW; | |
2197 | tp->t_mptcb = NULL; | |
2198 | tp->t_mpsub = NULL; | |
2199 | } | |
2200 | ||
2201 | void | |
2202 | mptcp_subflow_shutdown(struct mptses *mpte, struct mptsub *mpts) | |
2203 | { | |
2204 | struct socket *so = mpts->mpts_socket; | |
2205 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
2206 | int send_dfin = 0; | |
2207 | ||
2208 | if (mp_tp->mpt_state > MPTCPS_CLOSE_WAIT) | |
2209 | send_dfin = 1; | |
2210 | ||
2211 | if (!(so->so_state & (SS_ISDISCONNECTING | SS_ISDISCONNECTED)) && | |
2212 | (so->so_state & SS_ISCONNECTED)) { | |
2213 | mptcplog((LOG_DEBUG, "MPTCP subflow shutdown %s: cid %d fin %d\n", | |
2214 | __func__, mpts->mpts_connid, send_dfin), | |
2215 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2216 | ||
2217 | if (send_dfin) | |
2218 | mptcp_send_dfin(so); | |
2219 | soshutdownlock(so, SHUT_WR); | |
2220 | } | |
2221 | ||
2222 | } | |
2223 | ||
2224 | static void | |
2225 | mptcp_subflow_abort(struct mptsub *mpts, int error) | |
2226 | { | |
2227 | struct socket *so = mpts->mpts_socket; | |
2228 | struct tcpcb *tp = sototcpcb(so); | |
2229 | ||
2230 | if (mpts->mpts_flags & MPTSF_DISCONNECTED) | |
2231 | return; | |
2232 | ||
2233 | mptcplog((LOG_DEBUG, "%s aborting connection state %u\n", __func__, tp->t_state), | |
2234 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2235 | ||
2236 | if (tp->t_state != TCPS_CLOSED) | |
2237 | tcp_drop(tp, error); | |
2238 | ||
2239 | mptcp_subflow_eupcall1(so, mpts, SO_FILT_HINT_DISCONNECTED); | |
2240 | } | |
2241 | ||
2242 | /* | |
2243 | * Disconnect a subflow socket. | |
2244 | */ | |
2245 | void | |
2246 | mptcp_subflow_disconnect(struct mptses *mpte, struct mptsub *mpts) | |
2247 | { | |
2248 | struct socket *so; | |
2249 | struct mptcb *mp_tp; | |
2250 | int send_dfin = 0; | |
2251 | ||
2252 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
2253 | ||
2254 | VERIFY(mpts->mpts_mpte == mpte); | |
2255 | VERIFY(mpts->mpts_socket != NULL); | |
2256 | ||
2257 | if (mpts->mpts_flags & (MPTSF_DISCONNECTING|MPTSF_DISCONNECTED)) | |
2258 | return; | |
2259 | ||
2260 | mpts->mpts_flags |= MPTSF_DISCONNECTING; | |
2261 | ||
2262 | so = mpts->mpts_socket; | |
2263 | mp_tp = mpte->mpte_mptcb; | |
2264 | if (mp_tp->mpt_state > MPTCPS_CLOSE_WAIT) | |
2265 | send_dfin = 1; | |
2266 | ||
2267 | if (!(so->so_state & (SS_ISDISCONNECTING | SS_ISDISCONNECTED)) && | |
2268 | (so->so_state & SS_ISCONNECTED)) { | |
2269 | mptcplog((LOG_DEBUG, "%s: cid %d fin %d\n", | |
2270 | __func__, mpts->mpts_connid, send_dfin), | |
2271 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2272 | ||
2273 | if (send_dfin) | |
2274 | mptcp_send_dfin(so); | |
2275 | (void) soshutdownlock(so, SHUT_RD); | |
2276 | (void) soshutdownlock(so, SHUT_WR); | |
2277 | (void) sodisconnectlocked(so); | |
2278 | } | |
2279 | /* | |
2280 | * Generate a disconnect event for this subflow socket, in case | |
2281 | * the lower layer doesn't do it; this is needed because the | |
2282 | * subflow socket deletion relies on it. | |
2283 | */ | |
2284 | mptcp_subflow_eupcall1(so, mpts, SO_FILT_HINT_DISCONNECTED); | |
2285 | } | |
2286 | ||
2287 | /* | |
2288 | * Called when the associated subflow socket posted a read event. | |
2289 | */ | |
2290 | static void | |
2291 | mptcp_subflow_rupcall(struct socket *so, void *arg, int waitf) | |
2292 | { | |
2293 | #pragma unused(so, waitf) | |
2294 | struct mptsub *mpts = arg, *tmpts; | |
2295 | struct mptses *mpte = mpts->mpts_mpte; | |
2296 | ||
2297 | VERIFY(mpte != NULL); | |
2298 | ||
2299 | if (mptcp_should_defer_upcall(mpte->mpte_mppcb)) { | |
2300 | if (!(mpte->mpte_mppcb->mpp_flags & MPP_RUPCALL)) | |
2301 | mpte->mpte_mppcb->mpp_flags |= MPP_SHOULD_RWAKEUP; | |
2302 | return; | |
2303 | } | |
2304 | ||
2305 | mpte->mpte_mppcb->mpp_flags |= MPP_RUPCALL; | |
2306 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
2307 | if (mpts->mpts_socket->so_usecount == 0) { | |
2308 | /* Will be removed soon by tcp_garbage_collect */ | |
2309 | continue; | |
2310 | } | |
2311 | ||
2312 | mptcp_subflow_addref(mpts); | |
2313 | mpts->mpts_socket->so_usecount++; | |
2314 | ||
2315 | mptcp_subflow_input(mpte, mpts); | |
2316 | ||
2317 | mptcp_subflow_remref(mpts); /* ours */ | |
2318 | ||
2319 | VERIFY(mpts->mpts_socket->so_usecount != 0); | |
2320 | mpts->mpts_socket->so_usecount--; | |
2321 | } | |
2322 | ||
2323 | mptcp_handle_deferred_upcalls(mpte->mpte_mppcb, MPP_RUPCALL); | |
2324 | } | |
2325 | ||
2326 | /* | |
2327 | * Subflow socket input. | |
2328 | */ | |
2329 | static void | |
2330 | mptcp_subflow_input(struct mptses *mpte, struct mptsub *mpts) | |
2331 | { | |
2332 | struct socket *mp_so = mptetoso(mpte); | |
2333 | struct mbuf *m = NULL; | |
2334 | struct socket *so; | |
2335 | int error, wakeup = 0; | |
2336 | ||
2337 | VERIFY(!(mpte->mpte_mppcb->mpp_flags & MPP_INSIDE_INPUT)); | |
2338 | mpte->mpte_mppcb->mpp_flags |= MPP_INSIDE_INPUT; | |
2339 | ||
2340 | DTRACE_MPTCP2(subflow__input, struct mptses *, mpte, | |
2341 | struct mptsub *, mpts); | |
2342 | ||
2343 | if (!(mpts->mpts_flags & MPTSF_CONNECTED)) | |
2344 | goto out; | |
2345 | ||
2346 | so = mpts->mpts_socket; | |
2347 | ||
2348 | error = sock_receive_internal(so, NULL, &m, 0, NULL); | |
2349 | if (error != 0 && error != EWOULDBLOCK) { | |
2350 | mptcplog((LOG_ERR, "%s: cid %d error %d\n", | |
2351 | __func__, mpts->mpts_connid, error), | |
2352 | MPTCP_RECEIVER_DBG, MPTCP_LOGLVL_ERR); | |
2353 | if (error == ENODATA) { | |
2354 | /* | |
2355 | * Don't ignore ENODATA so as to discover | |
2356 | * nasty middleboxes. | |
2357 | */ | |
2358 | mp_so->so_error = ENODATA; | |
2359 | ||
2360 | wakeup = 1; | |
2361 | goto out; | |
2362 | } | |
2363 | } else if (error == 0) { | |
2364 | mptcplog((LOG_DEBUG, "%s: cid %d \n", __func__, mpts->mpts_connid), | |
2365 | MPTCP_RECEIVER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2366 | } | |
2367 | ||
2368 | /* In fallback, make sure to accept data on all but one subflow */ | |
2369 | if (m && (mpts->mpts_flags & MPTSF_MP_DEGRADED) && | |
2370 | !(mpts->mpts_flags & MPTSF_ACTIVE)) { | |
2371 | mptcplog((LOG_DEBUG, "%s: degraded and got data on non-active flow\n", | |
2372 | __func__), MPTCP_RECEIVER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2373 | m_freem(m); | |
2374 | goto out; | |
2375 | } | |
2376 | ||
2377 | if (m != NULL) { | |
2378 | if (IFNET_IS_CELLULAR(sotoinpcb(so)->inp_last_outifp)) { | |
2379 | mpte->mpte_mppcb->mpp_flags |= MPP_SET_CELLICON; | |
2380 | ||
2381 | mpte->mpte_used_cell = 1; | |
2382 | } else { | |
2383 | mpte->mpte_mppcb->mpp_flags |= MPP_UNSET_CELLICON; | |
2384 | ||
2385 | mpte->mpte_used_wifi = 1; | |
2386 | } | |
2387 | ||
2388 | mptcp_input(mpte, m); | |
2389 | } | |
2390 | ||
2391 | /* notify protocol that we drained all the data */ | |
2392 | if (error == 0 && m != NULL && | |
2393 | (so->so_proto->pr_flags & PR_WANTRCVD) && so->so_pcb != NULL) | |
2394 | (*so->so_proto->pr_usrreqs->pru_rcvd)(so, 0); | |
2395 | ||
2396 | out: | |
2397 | if (wakeup) | |
2398 | mpte->mpte_mppcb->mpp_flags |= MPP_SHOULD_RWAKEUP; | |
2399 | ||
2400 | mptcp_handle_deferred_upcalls(mpte->mpte_mppcb, MPP_INSIDE_INPUT); | |
2401 | } | |
2402 | ||
2403 | /* | |
2404 | * Subflow socket write upcall. | |
2405 | * | |
2406 | * Called when the associated subflow socket posted a read event. | |
2407 | */ | |
2408 | static void | |
2409 | mptcp_subflow_wupcall(struct socket *so, void *arg, int waitf) | |
2410 | { | |
2411 | #pragma unused(so, waitf) | |
2412 | struct mptsub *mpts = arg; | |
2413 | struct mptses *mpte = mpts->mpts_mpte; | |
2414 | ||
2415 | VERIFY(mpte != NULL); | |
2416 | ||
2417 | if (mptcp_should_defer_upcall(mpte->mpte_mppcb)) { | |
2418 | if (!(mpte->mpte_mppcb->mpp_flags & MPP_WUPCALL)) | |
2419 | mpte->mpte_mppcb->mpp_flags |= MPP_SHOULD_WWAKEUP; | |
2420 | return; | |
2421 | } | |
2422 | ||
2423 | mptcp_output(mpte); | |
2424 | } | |
2425 | ||
2426 | static boolean_t | |
2427 | mptcp_search_seq_in_sub(struct mbuf *m, struct socket *so) | |
2428 | { | |
2429 | struct mbuf *so_m = so->so_snd.sb_mb; | |
2430 | uint64_t dsn = m->m_pkthdr.mp_dsn; | |
2431 | ||
2432 | while (so_m) { | |
2433 | VERIFY(so_m->m_flags & M_PKTHDR); | |
2434 | VERIFY(so_m->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
2435 | ||
2436 | /* Part of the segment is covered, don't reinject here */ | |
2437 | if (so_m->m_pkthdr.mp_dsn <= dsn && | |
2438 | so_m->m_pkthdr.mp_dsn + so_m->m_pkthdr.mp_rlen > dsn) | |
2439 | return TRUE; | |
2440 | ||
2441 | so_m = so_m->m_next; | |
2442 | } | |
2443 | ||
2444 | return FALSE; | |
2445 | } | |
2446 | ||
2447 | /* | |
2448 | * Subflow socket output. | |
2449 | * | |
2450 | * Called for sending data from MPTCP to the underlying subflow socket. | |
2451 | */ | |
2452 | int | |
2453 | mptcp_subflow_output(struct mptses *mpte, struct mptsub *mpts, int flags) | |
2454 | { | |
2455 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
2456 | struct mbuf *sb_mb, *m, *mpt_mbuf = NULL, *head, *tail; | |
2457 | struct socket *mp_so, *so; | |
2458 | struct tcpcb *tp; | |
2459 | uint64_t mpt_dsn = 0, off = 0; | |
2460 | int sb_cc = 0, error = 0, wakeup = 0; | |
2461 | uint32_t dss_csum; | |
2462 | uint16_t tot_sent = 0; | |
2463 | boolean_t reinjected = FALSE; | |
2464 | ||
2465 | mpte_lock_assert_held(mpte); | |
2466 | ||
2467 | mp_so = mptetoso(mpte); | |
2468 | so = mpts->mpts_socket; | |
2469 | tp = sototcpcb(so); | |
2470 | ||
2471 | VERIFY(!(mpte->mpte_mppcb->mpp_flags & MPP_INSIDE_OUTPUT)); | |
2472 | mpte->mpte_mppcb->mpp_flags |= MPP_INSIDE_OUTPUT; | |
2473 | ||
2474 | VERIFY(!INP_WAIT_FOR_IF_FEEDBACK(sotoinpcb(so))); | |
2475 | VERIFY((mpts->mpts_flags & MPTSF_MP_CAPABLE) || | |
2476 | (mpts->mpts_flags & MPTSF_MP_DEGRADED) || | |
2477 | (mpts->mpts_flags & MPTSF_TFO_REQD)); | |
2478 | VERIFY(mptcp_subflow_cwnd_space(mpts->mpts_socket) > 0); | |
2479 | ||
2480 | mptcplog((LOG_DEBUG, "%s mpts_flags %#x, mpte_flags %#x cwnd_space %u\n", | |
2481 | __func__, mpts->mpts_flags, mpte->mpte_flags, | |
2482 | mptcp_subflow_cwnd_space(so)), | |
2483 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2484 | DTRACE_MPTCP2(subflow__output, struct mptses *, mpte, | |
2485 | struct mptsub *, mpts); | |
2486 | ||
2487 | /* Remove Addr Option is not sent reliably as per I-D */ | |
2488 | if (mpte->mpte_flags & MPTE_SND_REM_ADDR) { | |
2489 | tp->t_rem_aid = mpte->mpte_lost_aid; | |
2490 | tp->t_mpflags |= TMPF_SND_REM_ADDR; | |
2491 | mpte->mpte_flags &= ~MPTE_SND_REM_ADDR; | |
2492 | } | |
2493 | ||
2494 | /* | |
2495 | * The mbuf chains containing the metadata (as well as pointing to | |
2496 | * the user data sitting at the MPTCP output queue) would then be | |
2497 | * sent down to the subflow socket. | |
2498 | * | |
2499 | * Some notes on data sequencing: | |
2500 | * | |
2501 | * a. Each mbuf must be a M_PKTHDR. | |
2502 | * b. MPTCP metadata is stored in the mptcp_pktinfo structure | |
2503 | * in the mbuf pkthdr structure. | |
2504 | * c. Each mbuf containing the MPTCP metadata must have its | |
2505 | * pkt_flags marked with the PKTF_MPTCP flag. | |
2506 | */ | |
2507 | ||
2508 | if (mpte->mpte_reinjectq) | |
2509 | sb_mb = mpte->mpte_reinjectq; | |
2510 | else | |
2511 | sb_mb = mp_so->so_snd.sb_mb; | |
2512 | ||
2513 | if (sb_mb == NULL) { | |
2514 | mptcplog((LOG_ERR, "%s: No data in MPTCP-sendbuffer! smax %u snxt %u suna %u state %u flags %#x\n", | |
2515 | __func__, (uint32_t)mp_tp->mpt_sndmax, (uint32_t)mp_tp->mpt_sndnxt, | |
2516 | (uint32_t)mp_tp->mpt_snduna, mp_tp->mpt_state, mp_so->so_flags1), | |
2517 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2518 | ||
2519 | /* Fix it to prevent looping */ | |
2520 | if (MPTCP_SEQ_LT(mp_tp->mpt_sndnxt, mp_tp->mpt_snduna)) | |
2521 | mp_tp->mpt_sndnxt = mp_tp->mpt_snduna; | |
2522 | goto out; | |
2523 | } | |
2524 | ||
2525 | VERIFY(sb_mb->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
2526 | ||
2527 | if (sb_mb->m_pkthdr.mp_rlen == 0 && | |
2528 | !(so->so_state & SS_ISCONNECTED) && | |
2529 | (so->so_flags1 & SOF1_PRECONNECT_DATA)) { | |
2530 | tp->t_mpflags |= TMPF_TFO_REQUEST; | |
2531 | goto zero_len_write; | |
2532 | } | |
2533 | ||
2534 | mpt_dsn = sb_mb->m_pkthdr.mp_dsn; | |
2535 | ||
2536 | /* First, drop acknowledged data */ | |
2537 | if (MPTCP_SEQ_LT(mpt_dsn, mp_tp->mpt_snduna)) { | |
2538 | mptcplog((LOG_ERR, "%s: dropping data, should have been done earlier " | |
2539 | "dsn %u suna %u reinject? %u\n", | |
2540 | __func__, (uint32_t)mpt_dsn, | |
2541 | (uint32_t)mp_tp->mpt_snduna, !!mpte->mpte_reinjectq), | |
2542 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2543 | if (mpte->mpte_reinjectq) { | |
2544 | mptcp_clean_reinjectq(mpte); | |
2545 | } else { | |
2546 | uint64_t len = 0; | |
2547 | len = mp_tp->mpt_snduna - mpt_dsn; | |
2548 | sbdrop(&mp_so->so_snd, (int)len); | |
2549 | wakeup = 1; | |
2550 | } | |
2551 | } | |
2552 | ||
2553 | /* Check again because of above sbdrop */ | |
2554 | if (mp_so->so_snd.sb_mb == NULL && mpte->mpte_reinjectq == NULL) { | |
2555 | mptcplog((LOG_ERR, "%s send-buffer is empty\n", __func__), | |
2556 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2557 | goto out; | |
2558 | } | |
2559 | ||
2560 | /* | |
2561 | * In degraded mode, we don't receive data acks, so force free | |
2562 | * mbufs less than snd_nxt | |
2563 | */ | |
2564 | if ((mpts->mpts_flags & MPTSF_MP_DEGRADED) && | |
2565 | (mp_tp->mpt_flags & MPTCPF_POST_FALLBACK_SYNC) && | |
2566 | mp_so->so_snd.sb_mb) { | |
2567 | mpt_dsn = mp_so->so_snd.sb_mb->m_pkthdr.mp_dsn; | |
2568 | if (MPTCP_SEQ_LT(mpt_dsn, mp_tp->mpt_snduna)) { | |
2569 | uint64_t len = 0; | |
2570 | len = mp_tp->mpt_snduna - mpt_dsn; | |
2571 | sbdrop(&mp_so->so_snd, (int)len); | |
2572 | wakeup = 1; | |
2573 | ||
2574 | mptcplog((LOG_ERR, "%s: dropping data in degraded mode, should have been done earlier dsn %u sndnxt %u suna %u\n", | |
2575 | __func__, (uint32_t)mpt_dsn, (uint32_t)mp_tp->mpt_sndnxt, (uint32_t)mp_tp->mpt_snduna), | |
2576 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2577 | } | |
2578 | } | |
2579 | ||
2580 | if ((mpts->mpts_flags & MPTSF_MP_DEGRADED) && | |
2581 | !(mp_tp->mpt_flags & MPTCPF_POST_FALLBACK_SYNC)) { | |
2582 | mp_tp->mpt_flags |= MPTCPF_POST_FALLBACK_SYNC; | |
2583 | so->so_flags1 |= SOF1_POST_FALLBACK_SYNC; | |
2584 | } | |
2585 | ||
2586 | /* | |
2587 | * Adjust the top level notion of next byte used for retransmissions | |
2588 | * and sending FINs. | |
2589 | */ | |
2590 | if (MPTCP_SEQ_LT(mp_tp->mpt_sndnxt, mp_tp->mpt_snduna)) | |
2591 | mp_tp->mpt_sndnxt = mp_tp->mpt_snduna; | |
2592 | ||
2593 | /* Now determine the offset from which to start transmitting data */ | |
2594 | if (mpte->mpte_reinjectq) | |
2595 | sb_mb = mpte->mpte_reinjectq; | |
2596 | else | |
2597 | dont_reinject: | |
2598 | sb_mb = mp_so->so_snd.sb_mb; | |
2599 | if (sb_mb == NULL) { | |
2600 | mptcplog((LOG_ERR, "%s send-buffer is still empty\n", __func__), | |
2601 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2602 | goto out; | |
2603 | } | |
2604 | ||
2605 | if (sb_mb == mpte->mpte_reinjectq) { | |
2606 | sb_cc = sb_mb->m_pkthdr.mp_rlen; | |
2607 | off = 0; | |
2608 | ||
2609 | if (mptcp_search_seq_in_sub(sb_mb, so)) { | |
2610 | if (mptcp_can_send_more(mp_tp, TRUE)) { | |
2611 | goto dont_reinject; | |
2612 | } | |
2613 | ||
2614 | error = ECANCELED; | |
2615 | goto out; | |
2616 | } | |
2617 | ||
2618 | reinjected = TRUE; | |
2619 | } else if (flags & MPTCP_SUBOUT_PROBING) { | |
2620 | sb_cc = sb_mb->m_pkthdr.mp_rlen; | |
2621 | off = 0; | |
2622 | } else { | |
2623 | sb_cc = min(mp_so->so_snd.sb_cc, mp_tp->mpt_sndwnd); | |
2624 | ||
2625 | /* | |
2626 | * With TFO, there might be no data at all, thus still go into this | |
2627 | * code-path here. | |
2628 | */ | |
2629 | if ((mp_so->so_flags1 & SOF1_PRECONNECT_DATA) || | |
2630 | MPTCP_SEQ_LT(mp_tp->mpt_sndnxt, mp_tp->mpt_sndmax)) { | |
2631 | off = mp_tp->mpt_sndnxt - mp_tp->mpt_snduna; | |
2632 | sb_cc -= off; | |
2633 | } else { | |
2634 | mptcplog((LOG_ERR, "%s this should not happen: sndnxt %u sndmax %u\n", | |
2635 | __func__, (uint32_t)mp_tp->mpt_sndnxt, | |
2636 | (uint32_t)mp_tp->mpt_sndmax), | |
2637 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2638 | ||
2639 | goto out; | |
2640 | } | |
2641 | } | |
2642 | ||
2643 | sb_cc = min(sb_cc, mptcp_subflow_cwnd_space(so)); | |
2644 | if (sb_cc <= 0) { | |
2645 | mptcplog((LOG_ERR, "%s sb_cc is %d, mp_so->sb_cc %u, sndwnd %u,sndnxt %u sndmax %u cwnd %u\n", | |
2646 | __func__, sb_cc, mp_so->so_snd.sb_cc, mp_tp->mpt_sndwnd, | |
2647 | (uint32_t)mp_tp->mpt_sndnxt, (uint32_t)mp_tp->mpt_sndmax, | |
2648 | mptcp_subflow_cwnd_space(so)), | |
2649 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2650 | } | |
2651 | ||
2652 | sb_cc = min(sb_cc, UINT16_MAX); | |
2653 | ||
2654 | /* | |
2655 | * Create a DSN mapping for the data we are about to send. It all | |
2656 | * has the same mapping. | |
2657 | */ | |
2658 | if (reinjected) | |
2659 | mpt_dsn = sb_mb->m_pkthdr.mp_dsn; | |
2660 | else | |
2661 | mpt_dsn = mp_tp->mpt_snduna + off; | |
2662 | ||
2663 | mpt_mbuf = sb_mb; | |
2664 | while (mpt_mbuf && reinjected == FALSE && | |
2665 | (mpt_mbuf->m_pkthdr.mp_rlen == 0 || | |
2666 | mpt_mbuf->m_pkthdr.mp_rlen <= (uint32_t)off)) { | |
2667 | off -= mpt_mbuf->m_pkthdr.mp_rlen; | |
2668 | mpt_mbuf = mpt_mbuf->m_next; | |
2669 | } | |
2670 | if (mpts->mpts_flags & MPTSF_MP_DEGRADED) | |
2671 | mptcplog((LOG_DEBUG, "%s: %u snduna = %u sndnxt = %u probe %d\n", | |
2672 | __func__, mpts->mpts_connid, (uint32_t)mp_tp->mpt_snduna, (uint32_t)mp_tp->mpt_sndnxt, | |
2673 | mpts->mpts_probecnt), | |
2674 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2675 | ||
2676 | VERIFY((mpt_mbuf == NULL) || (mpt_mbuf->m_pkthdr.pkt_flags & PKTF_MPTCP)); | |
2677 | ||
2678 | head = tail = NULL; | |
2679 | ||
2680 | while (tot_sent < sb_cc) { | |
2681 | ssize_t mlen; | |
2682 | ||
2683 | mlen = mpt_mbuf->m_len; | |
2684 | mlen -= off; | |
2685 | mlen = min(mlen, sb_cc - tot_sent); | |
2686 | ||
2687 | if (mlen < 0) { | |
2688 | mptcplog((LOG_ERR, "%s mlen %d mp_rlen %u off %u sb_cc %u tot_sent %u\n", | |
2689 | __func__, (int)mlen, mpt_mbuf->m_pkthdr.mp_rlen, | |
2690 | (uint32_t)off, sb_cc, tot_sent), | |
2691 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2692 | goto out; | |
2693 | } | |
2694 | ||
2695 | if (mlen == 0) | |
2696 | goto next; | |
2697 | ||
2698 | m = m_copym_mode(mpt_mbuf, (int)off, mlen, M_DONTWAIT, | |
2699 | M_COPYM_MUST_COPY_HDR); | |
2700 | if (m == NULL) { | |
2701 | mptcplog((LOG_ERR, "%s m_copym_mode failed\n", __func__), | |
2702 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2703 | error = ENOBUFS; | |
2704 | break; | |
2705 | } | |
2706 | ||
2707 | /* Create a DSN mapping for the data (m_copym does it) */ | |
2708 | VERIFY(m->m_flags & M_PKTHDR); | |
2709 | VERIFY(m->m_next == NULL); | |
2710 | ||
2711 | m->m_pkthdr.pkt_flags |= PKTF_MPTCP; | |
2712 | m->m_pkthdr.pkt_flags &= ~PKTF_MPSO; | |
2713 | m->m_pkthdr.mp_dsn = mpt_dsn; | |
2714 | m->m_pkthdr.mp_rseq = mpts->mpts_rel_seq; | |
2715 | m->m_pkthdr.len = mlen; | |
2716 | ||
2717 | if (head == NULL) { | |
2718 | head = tail = m; | |
2719 | } else { | |
2720 | tail->m_next = m; | |
2721 | tail = m; | |
2722 | } | |
2723 | ||
2724 | tot_sent += mlen; | |
2725 | off = 0; | |
2726 | next: | |
2727 | mpt_mbuf = mpt_mbuf->m_next; | |
2728 | } | |
2729 | ||
2730 | if (reinjected) { | |
2731 | if (sb_cc < sb_mb->m_pkthdr.mp_rlen) { | |
2732 | struct mbuf *n = sb_mb; | |
2733 | ||
2734 | while (n) { | |
2735 | n->m_pkthdr.mp_dsn += sb_cc; | |
2736 | n->m_pkthdr.mp_rlen -= sb_cc; | |
2737 | n = n->m_next; | |
2738 | } | |
2739 | m_adj(sb_mb, sb_cc); | |
2740 | } else { | |
2741 | mpte->mpte_reinjectq = sb_mb->m_nextpkt; | |
2742 | m_freem(sb_mb); | |
2743 | } | |
2744 | } | |
2745 | ||
2746 | mptcplog((LOG_DEBUG, "%s: Queued dsn %u ssn %u len %u on sub %u\n", | |
2747 | __func__, (uint32_t)mpt_dsn, mpts->mpts_rel_seq, | |
2748 | tot_sent, mpts->mpts_connid), MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2749 | ||
2750 | if (head && (mp_tp->mpt_flags & MPTCPF_CHECKSUM)) { | |
2751 | dss_csum = mptcp_output_csum(head, mpt_dsn, mpts->mpts_rel_seq, | |
2752 | tot_sent); | |
2753 | } | |
2754 | ||
2755 | /* Now, let's update rel-seq and the data-level length */ | |
2756 | mpts->mpts_rel_seq += tot_sent; | |
2757 | m = head; | |
2758 | while (m) { | |
2759 | if (mp_tp->mpt_flags & MPTCPF_CHECKSUM) | |
2760 | m->m_pkthdr.mp_csum = dss_csum; | |
2761 | m->m_pkthdr.mp_rlen = tot_sent; | |
2762 | m = m->m_next; | |
2763 | } | |
2764 | ||
2765 | if (head != NULL) { | |
2766 | if ((mpts->mpts_flags & MPTSF_TFO_REQD) && | |
2767 | (tp->t_tfo_stats == 0)) | |
2768 | tp->t_mpflags |= TMPF_TFO_REQUEST; | |
2769 | ||
2770 | error = sock_sendmbuf(so, NULL, head, 0, NULL); | |
2771 | ||
2772 | DTRACE_MPTCP7(send, struct mbuf *, m, struct socket *, so, | |
2773 | struct sockbuf *, &so->so_rcv, | |
2774 | struct sockbuf *, &so->so_snd, | |
2775 | struct mptses *, mpte, struct mptsub *, mpts, | |
2776 | size_t, tot_sent); | |
2777 | } | |
2778 | ||
2779 | done_sending: | |
2780 | if (error == 0 || | |
2781 | (error == EWOULDBLOCK && (tp->t_mpflags & TMPF_TFO_REQUEST))) { | |
2782 | uint64_t new_sndnxt = mp_tp->mpt_sndnxt + tot_sent; | |
2783 | ||
2784 | if (mpts->mpts_probesoon && mpts->mpts_maxseg && tot_sent) { | |
2785 | tcpstat.tcps_mp_num_probes++; | |
2786 | if ((uint32_t)tot_sent < mpts->mpts_maxseg) | |
2787 | mpts->mpts_probecnt += 1; | |
2788 | else | |
2789 | mpts->mpts_probecnt += | |
2790 | tot_sent/mpts->mpts_maxseg; | |
2791 | } | |
2792 | ||
2793 | if (!reinjected && !(flags & MPTCP_SUBOUT_PROBING)) { | |
2794 | if (MPTCP_DATASEQ_HIGH32(new_sndnxt) > | |
2795 | MPTCP_DATASEQ_HIGH32(mp_tp->mpt_sndnxt)) | |
2796 | mp_tp->mpt_flags |= MPTCPF_SND_64BITDSN; | |
2797 | mp_tp->mpt_sndnxt = new_sndnxt; | |
2798 | } | |
2799 | ||
2800 | mptcp_cancel_timer(mp_tp, MPTT_REXMT); | |
2801 | ||
2802 | /* Must be here as mptcp_can_send_more() checks for this */ | |
2803 | soclearfastopen(mp_so); | |
2804 | ||
2805 | if ((mpts->mpts_flags & MPTSF_MP_DEGRADED) || | |
2806 | (mpts->mpts_probesoon != 0)) | |
2807 | mptcplog((LOG_DEBUG, "%s %u degraded %u wrote %d %d probe %d probedelta %d\n", | |
2808 | __func__, mpts->mpts_connid, | |
2809 | !!(mpts->mpts_flags & MPTSF_MP_DEGRADED), | |
2810 | tot_sent, (int) sb_cc, mpts->mpts_probecnt, | |
2811 | (tcp_now - mpts->mpts_probesoon)), | |
2812 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
2813 | ||
2814 | if (IFNET_IS_CELLULAR(sotoinpcb(so)->inp_last_outifp)) { | |
2815 | mpte->mpte_mppcb->mpp_flags |= MPP_SET_CELLICON; | |
2816 | ||
2817 | mpte->mpte_used_cell = 1; | |
2818 | } else { | |
2819 | mpte->mpte_mppcb->mpp_flags |= MPP_UNSET_CELLICON; | |
2820 | ||
2821 | mpte->mpte_used_wifi = 1; | |
2822 | } | |
2823 | ||
2824 | /* | |
2825 | * Don't propagate EWOULDBLOCK - it's already taken care of | |
2826 | * in mptcp_usr_send for TFO. | |
2827 | */ | |
2828 | error = 0; | |
2829 | } else { | |
2830 | mptcplog((LOG_ERR, "%s: %u error %d len %d subflags %#x sostate %#x soerror %u hiwat %u lowat %u\n", | |
2831 | __func__, mpts->mpts_connid, error, tot_sent, so->so_flags, so->so_state, so->so_error, so->so_snd.sb_hiwat, so->so_snd.sb_lowat), | |
2832 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_ERR); | |
2833 | } | |
2834 | out: | |
2835 | ||
2836 | if (wakeup) | |
2837 | mpte->mpte_mppcb->mpp_flags |= MPP_SHOULD_WWAKEUP; | |
2838 | ||
2839 | mptcp_handle_deferred_upcalls(mpte->mpte_mppcb, MPP_INSIDE_OUTPUT); | |
2840 | return (error); | |
2841 | ||
2842 | zero_len_write: | |
2843 | /* Opting to call pru_send as no mbuf at subflow level */ | |
2844 | error = (*so->so_proto->pr_usrreqs->pru_send)(so, 0, NULL, NULL, | |
2845 | NULL, current_proc()); | |
2846 | ||
2847 | goto done_sending; | |
2848 | } | |
2849 | ||
2850 | static void | |
2851 | mptcp_add_reinjectq(struct mptses *mpte, struct mbuf *m) | |
2852 | { | |
2853 | struct mbuf *n, *prev = NULL; | |
2854 | ||
2855 | mptcplog((LOG_DEBUG, "%s reinjecting dsn %u dlen %u rseq %u\n", | |
2856 | __func__, (uint32_t)m->m_pkthdr.mp_dsn, m->m_pkthdr.mp_rlen, | |
2857 | m->m_pkthdr.mp_rseq), | |
2858 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2859 | ||
2860 | n = mpte->mpte_reinjectq; | |
2861 | ||
2862 | /* First, look for an mbuf n, whose data-sequence-number is bigger or | |
2863 | * equal than m's sequence number. | |
2864 | */ | |
2865 | while (n) { | |
2866 | if (MPTCP_SEQ_GEQ(n->m_pkthdr.mp_dsn, m->m_pkthdr.mp_dsn)) | |
2867 | break; | |
2868 | ||
2869 | prev = n; | |
2870 | ||
2871 | n = n->m_nextpkt; | |
2872 | } | |
2873 | ||
2874 | if (n) { | |
2875 | /* m is already fully covered by the next mbuf in the queue */ | |
2876 | if (n->m_pkthdr.mp_dsn == m->m_pkthdr.mp_dsn && | |
2877 | n->m_pkthdr.mp_rlen >= m->m_pkthdr.mp_rlen) { | |
2878 | mptcplog((LOG_DEBUG, "%s fully covered with len %u\n", | |
2879 | __func__, n->m_pkthdr.mp_rlen), | |
2880 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2881 | goto dont_queue; | |
2882 | } | |
2883 | ||
2884 | /* m is covering the next mbuf entirely, thus we remove this guy */ | |
2885 | if (m->m_pkthdr.mp_dsn + m->m_pkthdr.mp_rlen >= n->m_pkthdr.mp_dsn + n->m_pkthdr.mp_rlen) { | |
2886 | struct mbuf *tmp = n->m_nextpkt; | |
2887 | ||
2888 | mptcplog((LOG_DEBUG, "%s m is covering that guy dsn %u len %u dsn %u len %u\n", | |
2889 | __func__, m->m_pkthdr.mp_dsn, m->m_pkthdr.mp_rlen, | |
2890 | n->m_pkthdr.mp_dsn, n->m_pkthdr.mp_rlen), | |
2891 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2892 | ||
2893 | m->m_nextpkt = NULL; | |
2894 | if (prev == NULL) | |
2895 | mpte->mpte_reinjectq = tmp; | |
2896 | else | |
2897 | prev->m_nextpkt = tmp; | |
2898 | ||
2899 | m_freem(n); | |
2900 | n = tmp; | |
2901 | } | |
2902 | ||
2903 | } | |
2904 | ||
2905 | if (prev) { | |
2906 | /* m is already fully covered by the previous mbuf in the queue */ | |
2907 | if (prev->m_pkthdr.mp_dsn + prev->m_pkthdr.mp_rlen >= m->m_pkthdr.mp_dsn + m->m_pkthdr.len) { | |
2908 | mptcplog((LOG_DEBUG, "%s prev covers us from %u with len %u\n", | |
2909 | __func__, prev->m_pkthdr.mp_dsn, prev->m_pkthdr.mp_rlen), | |
2910 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
2911 | goto dont_queue; | |
2912 | } | |
2913 | } | |
2914 | ||
2915 | if (prev == NULL) | |
2916 | mpte->mpte_reinjectq = m; | |
2917 | else | |
2918 | prev->m_nextpkt = m; | |
2919 | ||
2920 | m->m_nextpkt = n; | |
2921 | ||
2922 | return; | |
2923 | ||
2924 | dont_queue: | |
2925 | m_freem(m); | |
2926 | return; | |
2927 | } | |
2928 | ||
2929 | static struct mbuf * | |
2930 | mptcp_lookup_dsn(struct mptses *mpte, uint64_t dsn) | |
2931 | { | |
2932 | struct socket *mp_so = mptetoso(mpte); | |
2933 | struct mbuf *m; | |
2934 | ||
2935 | m = mp_so->so_snd.sb_mb; | |
2936 | ||
2937 | while (m) { | |
2938 | /* If this segment covers what we are looking for, return it. */ | |
2939 | if (MPTCP_SEQ_LEQ(m->m_pkthdr.mp_dsn, dsn) && | |
2940 | MPTCP_SEQ_GT(m->m_pkthdr.mp_dsn + m->m_pkthdr.mp_rlen, dsn)) | |
2941 | break; | |
2942 | ||
2943 | ||
2944 | /* Segment is no more in the queue */ | |
2945 | if (MPTCP_SEQ_GT(m->m_pkthdr.mp_dsn, dsn)) | |
2946 | return NULL; | |
2947 | ||
2948 | m = m->m_next; | |
2949 | } | |
2950 | ||
2951 | return m; | |
2952 | } | |
2953 | ||
2954 | static struct mbuf * | |
2955 | mptcp_copy_mbuf_list(struct mbuf *m, int len) | |
2956 | { | |
2957 | struct mbuf *top = NULL, *tail = NULL; | |
2958 | uint64_t dsn; | |
2959 | uint32_t dlen, rseq; | |
2960 | ||
2961 | dsn = m->m_pkthdr.mp_dsn; | |
2962 | dlen = m->m_pkthdr.mp_rlen; | |
2963 | rseq = m->m_pkthdr.mp_rseq; | |
2964 | ||
2965 | while (len > 0) { | |
2966 | struct mbuf *n; | |
2967 | ||
2968 | VERIFY((m->m_flags & M_PKTHDR) && (m->m_pkthdr.pkt_flags & PKTF_MPTCP)); | |
2969 | ||
2970 | n = m_copym_mode(m, 0, m->m_len, M_DONTWAIT, M_COPYM_MUST_COPY_HDR); | |
2971 | if (n == NULL) { | |
2972 | mptcplog((LOG_ERR, "%s m_copym_mode returned NULL\n", __func__), | |
2973 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
2974 | goto err; | |
2975 | } | |
2976 | ||
2977 | VERIFY(n->m_flags & M_PKTHDR); | |
2978 | VERIFY(n->m_next == NULL); | |
2979 | VERIFY(n->m_pkthdr.mp_dsn == dsn); | |
2980 | VERIFY(n->m_pkthdr.mp_rlen == dlen); | |
2981 | VERIFY(n->m_pkthdr.mp_rseq == rseq); | |
2982 | VERIFY(n->m_len == m->m_len); | |
2983 | ||
2984 | n->m_pkthdr.pkt_flags |= (PKTF_MPSO | PKTF_MPTCP); | |
2985 | ||
2986 | if (top == NULL) | |
2987 | top = n; | |
2988 | ||
2989 | if (tail != NULL) | |
2990 | tail->m_next = n; | |
2991 | ||
2992 | tail = n; | |
2993 | ||
2994 | len -= m->m_len; | |
2995 | m = m->m_next; | |
2996 | } | |
2997 | ||
2998 | return top; | |
2999 | ||
3000 | err: | |
3001 | if (top) | |
3002 | m_freem(top); | |
3003 | ||
3004 | return NULL; | |
3005 | } | |
3006 | ||
3007 | static void | |
3008 | mptcp_reinject_mbufs(struct socket *so) | |
3009 | { | |
3010 | struct tcpcb *tp = sototcpcb(so); | |
3011 | struct mptsub *mpts = tp->t_mpsub; | |
3012 | struct mptcb *mp_tp = tptomptp(tp); | |
3013 | struct mptses *mpte = mp_tp->mpt_mpte;; | |
3014 | struct sockbuf *sb = &so->so_snd; | |
3015 | struct mbuf *m; | |
3016 | ||
3017 | m = sb->sb_mb; | |
3018 | while (m) { | |
3019 | struct mbuf *n = m->m_next, *orig = m; | |
3020 | ||
3021 | mptcplog((LOG_DEBUG, "%s working on suna %u relseq %u iss %u len %u pktflags %#x\n", | |
3022 | __func__, tp->snd_una, m->m_pkthdr.mp_rseq, mpts->mpts_iss, | |
3023 | m->m_pkthdr.mp_rlen, m->m_pkthdr.pkt_flags), | |
3024 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
3025 | ||
3026 | VERIFY((m->m_flags & M_PKTHDR) && (m->m_pkthdr.pkt_flags & PKTF_MPTCP)); | |
3027 | ||
3028 | if (m->m_pkthdr.pkt_flags & PKTF_MPTCP_REINJ) | |
3029 | goto next; | |
3030 | ||
3031 | /* Has it all already been acknowledged at the data-level? */ | |
3032 | if (MPTCP_SEQ_GEQ(mp_tp->mpt_snduna, m->m_pkthdr.mp_dsn + m->m_pkthdr.mp_rlen)) | |
3033 | goto next; | |
3034 | ||
3035 | /* Part of this has already been acknowledged - lookup in the | |
3036 | * MPTCP-socket for the segment. | |
3037 | */ | |
3038 | if (SEQ_GT(tp->snd_una - mpts->mpts_iss, m->m_pkthdr.mp_rseq)) { | |
3039 | m = mptcp_lookup_dsn(mpte, m->m_pkthdr.mp_dsn); | |
3040 | if (m == NULL) | |
3041 | goto next; | |
3042 | } | |
3043 | ||
3044 | /* Copy the mbuf with headers (aka, DSN-numbers) */ | |
3045 | m = mptcp_copy_mbuf_list(m, m->m_pkthdr.mp_rlen); | |
3046 | if (m == NULL) | |
3047 | break; | |
3048 | ||
3049 | VERIFY(m->m_nextpkt == NULL); | |
3050 | ||
3051 | /* Now, add to the reinject-queue, eliminating overlapping | |
3052 | * segments | |
3053 | */ | |
3054 | mptcp_add_reinjectq(mpte, m); | |
3055 | ||
3056 | orig->m_pkthdr.pkt_flags |= PKTF_MPTCP_REINJ; | |
3057 | ||
3058 | next: | |
3059 | /* mp_rlen can cover multiple mbufs, so advance to the end of it. */ | |
3060 | while (n) { | |
3061 | VERIFY((n->m_flags & M_PKTHDR) && (n->m_pkthdr.pkt_flags & PKTF_MPTCP)); | |
3062 | ||
3063 | if (n->m_pkthdr.mp_dsn != orig->m_pkthdr.mp_dsn) | |
3064 | break; | |
3065 | ||
3066 | n->m_pkthdr.pkt_flags |= PKTF_MPTCP_REINJ; | |
3067 | n = n->m_next; | |
3068 | } | |
3069 | ||
3070 | m = n; | |
3071 | } | |
3072 | } | |
3073 | ||
3074 | void | |
3075 | mptcp_clean_reinjectq(struct mptses *mpte) | |
3076 | { | |
3077 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
3078 | ||
3079 | mpte_lock_assert_held(mpte); | |
3080 | ||
3081 | while (mpte->mpte_reinjectq) { | |
3082 | struct mbuf *m = mpte->mpte_reinjectq; | |
3083 | ||
3084 | if (MPTCP_SEQ_GEQ(m->m_pkthdr.mp_dsn, mp_tp->mpt_snduna) || | |
3085 | MPTCP_SEQ_GT(m->m_pkthdr.mp_dsn + m->m_pkthdr.mp_rlen, mp_tp->mpt_snduna)) | |
3086 | break; | |
3087 | ||
3088 | mpte->mpte_reinjectq = m->m_nextpkt; | |
3089 | m->m_nextpkt = NULL; | |
3090 | m_freem(m); | |
3091 | } | |
3092 | } | |
3093 | ||
3094 | /* | |
3095 | * Subflow socket control event upcall. | |
3096 | */ | |
3097 | static void | |
3098 | mptcp_subflow_eupcall1(struct socket *so, void *arg, uint32_t events) | |
3099 | { | |
3100 | #pragma unused(so) | |
3101 | struct mptsub *mpts = arg; | |
3102 | struct mptses *mpte = mpts->mpts_mpte; | |
3103 | ||
3104 | VERIFY(mpte != NULL); | |
3105 | mpte_lock_assert_held(mpte); | |
3106 | ||
3107 | if ((mpts->mpts_evctl & events) == events) | |
3108 | return; | |
3109 | ||
3110 | mpts->mpts_evctl |= events; | |
3111 | ||
3112 | if (mptcp_should_defer_upcall(mpte->mpte_mppcb)) { | |
3113 | mpte->mpte_mppcb->mpp_flags |= MPP_SHOULD_WORKLOOP; | |
3114 | return; | |
3115 | } | |
3116 | ||
3117 | mptcp_subflow_workloop(mpte); | |
3118 | } | |
3119 | ||
3120 | /* | |
3121 | * Subflow socket control events. | |
3122 | * | |
3123 | * Called for handling events related to the underlying subflow socket. | |
3124 | */ | |
3125 | static ev_ret_t | |
3126 | mptcp_subflow_events(struct mptses *mpte, struct mptsub *mpts, | |
3127 | uint64_t *p_mpsofilt_hint) | |
3128 | { | |
3129 | ev_ret_t ret = MPTS_EVRET_OK; | |
3130 | int i, mpsub_ev_entry_count = sizeof(mpsub_ev_entry_tbl) / | |
3131 | sizeof(mpsub_ev_entry_tbl[0]); | |
3132 | ||
3133 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3134 | ||
3135 | /* bail if there's nothing to process */ | |
3136 | if (!mpts->mpts_evctl) | |
3137 | return (ret); | |
3138 | ||
3139 | if (mpts->mpts_evctl & (SO_FILT_HINT_CONNRESET|SO_FILT_HINT_MUSTRST| | |
3140 | SO_FILT_HINT_CANTSENDMORE|SO_FILT_HINT_TIMEOUT| | |
3141 | SO_FILT_HINT_NOSRCADDR|SO_FILT_HINT_IFDENIED| | |
3142 | SO_FILT_HINT_DISCONNECTED)) { | |
3143 | mpts->mpts_evctl |= SO_FILT_HINT_MPFAILOVER; | |
3144 | } | |
3145 | ||
3146 | DTRACE_MPTCP3(subflow__events, struct mptses *, mpte, | |
3147 | struct mptsub *, mpts, uint32_t, mpts->mpts_evctl); | |
3148 | ||
3149 | mptcplog((LOG_DEBUG, "%s cid %d events=%b\n", __func__, | |
3150 | mpts->mpts_connid, mpts->mpts_evctl, SO_FILT_HINT_BITS), | |
3151 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_VERBOSE); | |
3152 | ||
3153 | /* | |
3154 | * Process all the socket filter hints and reset the hint | |
3155 | * once it is handled | |
3156 | */ | |
3157 | for (i = 0; i < mpsub_ev_entry_count && mpts->mpts_evctl; i++) { | |
3158 | /* | |
3159 | * Always execute the DISCONNECTED event, because it will wakeup | |
3160 | * the app. | |
3161 | */ | |
3162 | if ((mpts->mpts_evctl & mpsub_ev_entry_tbl[i].sofilt_hint_mask) && | |
3163 | (ret >= MPTS_EVRET_OK || | |
3164 | mpsub_ev_entry_tbl[i].sofilt_hint_mask == SO_FILT_HINT_DISCONNECTED)) { | |
3165 | mpts->mpts_evctl &= ~mpsub_ev_entry_tbl[i].sofilt_hint_mask; | |
3166 | ev_ret_t error = | |
3167 | mpsub_ev_entry_tbl[i].sofilt_hint_ev_hdlr(mpte, mpts, p_mpsofilt_hint, mpsub_ev_entry_tbl[i].sofilt_hint_mask); | |
3168 | ret = ((error >= MPTS_EVRET_OK) ? MAX(error, ret) : error); | |
3169 | } | |
3170 | } | |
3171 | ||
3172 | /* | |
3173 | * We should be getting only events specified via sock_catchevents(), | |
3174 | * so loudly complain if we have any unprocessed one(s). | |
3175 | */ | |
3176 | if (mpts->mpts_evctl || ret < MPTS_EVRET_OK) | |
3177 | mptcplog((LOG_WARNING, "%s%s: cid %d evret %s (%d) unhandled events=%b\n", __func__, | |
3178 | (mpts->mpts_evctl && ret == MPTS_EVRET_OK) ? "MPTCP_ERROR " : "", | |
3179 | mpts->mpts_connid, | |
3180 | mptcp_evret2str(ret), ret, mpts->mpts_evctl, SO_FILT_HINT_BITS), | |
3181 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3182 | else | |
3183 | mptcplog((LOG_DEBUG, "%s: Done, events %b\n", __func__, | |
3184 | mpts->mpts_evctl, SO_FILT_HINT_BITS), | |
3185 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_VERBOSE); | |
3186 | ||
3187 | return (ret); | |
3188 | } | |
3189 | ||
3190 | static ev_ret_t | |
3191 | mptcp_subflow_propagate_ev(struct mptses *mpte, struct mptsub *mpts, | |
3192 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3193 | { | |
3194 | struct socket *mp_so, *so; | |
3195 | struct mptcb *mp_tp; | |
3196 | ||
3197 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3198 | VERIFY(mpte->mpte_mppcb != NULL); | |
3199 | mp_so = mptetoso(mpte); | |
3200 | mp_tp = mpte->mpte_mptcb; | |
3201 | so = mpts->mpts_socket; | |
3202 | ||
3203 | mptcplog((LOG_DEBUG, "%s: cid %d event %d\n", __func__, | |
3204 | mpts->mpts_connid, event), | |
3205 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3206 | ||
3207 | /* | |
3208 | * We got an event for this subflow that might need to be propagated, | |
3209 | * based on the state of the MPTCP connection. | |
3210 | */ | |
3211 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED || | |
3212 | ((mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP) && (mpts->mpts_flags & MPTSF_ACTIVE))) { | |
3213 | mp_so->so_error = so->so_error; | |
3214 | *p_mpsofilt_hint |= event; | |
3215 | } | |
3216 | ||
3217 | return (MPTS_EVRET_OK); | |
3218 | } | |
3219 | ||
3220 | /* | |
3221 | * Handle SO_FILT_HINT_NOSRCADDR subflow socket event. | |
3222 | */ | |
3223 | static ev_ret_t | |
3224 | mptcp_subflow_nosrcaddr_ev(struct mptses *mpte, struct mptsub *mpts, | |
3225 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3226 | { | |
3227 | #pragma unused(p_mpsofilt_hint, event) | |
3228 | struct socket *mp_so; | |
3229 | struct tcpcb *tp; | |
3230 | ||
3231 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3232 | ||
3233 | VERIFY(mpte->mpte_mppcb != NULL); | |
3234 | mp_so = mptetoso(mpte); | |
3235 | tp = intotcpcb(sotoinpcb(mpts->mpts_socket)); | |
3236 | ||
3237 | /* | |
3238 | * This overwrites any previous mpte_lost_aid to avoid storing | |
3239 | * too much state when the typical case has only two subflows. | |
3240 | */ | |
3241 | mpte->mpte_flags |= MPTE_SND_REM_ADDR; | |
3242 | mpte->mpte_lost_aid = tp->t_local_aid; | |
3243 | ||
3244 | mptcplog((LOG_DEBUG, "%s cid %d\n", __func__, mpts->mpts_connid), | |
3245 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3246 | ||
3247 | /* | |
3248 | * The subflow connection has lost its source address. | |
3249 | */ | |
3250 | mptcp_subflow_abort(mpts, EADDRNOTAVAIL); | |
3251 | ||
3252 | if (mp_so->so_flags & SOF_NOADDRAVAIL) | |
3253 | mptcp_subflow_propagate_ev(mpte, mpts, p_mpsofilt_hint, event); | |
3254 | ||
3255 | return (MPTS_EVRET_DELETE); | |
3256 | } | |
3257 | ||
3258 | /* | |
3259 | * Handle SO_FILT_HINT_MPCANTRCVMORE subflow socket event that | |
3260 | * indicates that the remote side sent a Data FIN | |
3261 | */ | |
3262 | static ev_ret_t | |
3263 | mptcp_subflow_mpcantrcvmore_ev(struct mptses *mpte, struct mptsub *mpts, | |
3264 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3265 | { | |
3266 | #pragma unused(event) | |
3267 | struct mptcb *mp_tp; | |
3268 | ||
3269 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3270 | mp_tp = mpte->mpte_mptcb; | |
3271 | ||
3272 | mptcplog((LOG_DEBUG, "%s: cid %d\n", __func__, mpts->mpts_connid), | |
3273 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3274 | ||
3275 | /* | |
3276 | * We got a Data FIN for the MPTCP connection. | |
3277 | * The FIN may arrive with data. The data is handed up to the | |
3278 | * mptcp socket and the user is notified so that it may close | |
3279 | * the socket if needed. | |
3280 | */ | |
3281 | if (mp_tp->mpt_state == MPTCPS_CLOSE_WAIT) | |
3282 | *p_mpsofilt_hint |= SO_FILT_HINT_CANTRCVMORE; | |
3283 | ||
3284 | return (MPTS_EVRET_OK); /* keep the subflow socket around */ | |
3285 | } | |
3286 | ||
3287 | /* | |
3288 | * Handle SO_FILT_HINT_MPFAILOVER subflow socket event | |
3289 | */ | |
3290 | static ev_ret_t | |
3291 | mptcp_subflow_failover_ev(struct mptses *mpte, struct mptsub *mpts, | |
3292 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3293 | { | |
3294 | #pragma unused(event, p_mpsofilt_hint) | |
3295 | struct mptsub *mpts_alt = NULL; | |
3296 | struct socket *alt_so = NULL; | |
3297 | struct socket *mp_so; | |
3298 | int altpath_exists = 0; | |
3299 | ||
3300 | mpte_lock_assert_held(mpte); | |
3301 | mp_so = mptetoso(mpte); | |
3302 | mptcplog((LOG_NOTICE, "%s: mp_so 0x%llx\n", __func__, | |
3303 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so)), | |
3304 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3305 | ||
3306 | mptcp_reinject_mbufs(mpts->mpts_socket); | |
3307 | ||
3308 | mpts_alt = mptcp_get_subflow(mpte, mpts, NULL); | |
3309 | /* | |
3310 | * If there is no alternate eligible subflow, ignore the | |
3311 | * failover hint. | |
3312 | */ | |
3313 | if (mpts_alt == NULL) { | |
3314 | mptcplog((LOG_WARNING, "%s: no alternate path\n", __func__), | |
3315 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3316 | ||
3317 | goto done; | |
3318 | } | |
3319 | ||
3320 | altpath_exists = 1; | |
3321 | alt_so = mpts_alt->mpts_socket; | |
3322 | if (mpts_alt->mpts_flags & MPTSF_FAILINGOVER) { | |
3323 | /* All data acknowledged and no RTT spike */ | |
3324 | if (alt_so->so_snd.sb_cc == 0 && mptcp_no_rto_spike(alt_so)) { | |
3325 | mpts_alt->mpts_flags &= ~MPTSF_FAILINGOVER; | |
3326 | } else { | |
3327 | /* no alternate path available */ | |
3328 | altpath_exists = 0; | |
3329 | } | |
3330 | } | |
3331 | ||
3332 | if (altpath_exists) { | |
3333 | mpts_alt->mpts_flags |= MPTSF_ACTIVE; | |
3334 | ||
3335 | mpte->mpte_active_sub = mpts_alt; | |
3336 | mpts->mpts_flags |= MPTSF_FAILINGOVER; | |
3337 | mpts->mpts_flags &= ~MPTSF_ACTIVE; | |
3338 | ||
3339 | mptcplog((LOG_NOTICE, "%s: switched from %d to %d\n", | |
3340 | __func__, mpts->mpts_connid, mpts_alt->mpts_connid), | |
3341 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3342 | ||
3343 | mptcpstats_inc_switch(mpte, mpts); | |
3344 | ||
3345 | sowwakeup(alt_so); | |
3346 | } else { | |
3347 | mptcplog((LOG_DEBUG, "%s: no alt cid = %d\n", __func__, | |
3348 | mpts->mpts_connid), | |
3349 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3350 | done: | |
3351 | mpts->mpts_socket->so_flags &= ~SOF_MP_TRYFAILOVER; | |
3352 | } | |
3353 | ||
3354 | return (MPTS_EVRET_OK); | |
3355 | } | |
3356 | ||
3357 | /* | |
3358 | * Handle SO_FILT_HINT_IFDENIED subflow socket event. | |
3359 | */ | |
3360 | static ev_ret_t | |
3361 | mptcp_subflow_ifdenied_ev(struct mptses *mpte, struct mptsub *mpts, | |
3362 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3363 | { | |
3364 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3365 | VERIFY(mpte->mpte_mppcb != NULL); | |
3366 | ||
3367 | mptcplog((LOG_DEBUG, "%s: cid %d\n", __func__, | |
3368 | mpts->mpts_connid), MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3369 | ||
3370 | /* | |
3371 | * The subflow connection cannot use the outgoing interface, let's | |
3372 | * close this subflow. | |
3373 | */ | |
3374 | mptcp_subflow_abort(mpts, EPERM); | |
3375 | ||
3376 | mptcp_subflow_propagate_ev(mpte, mpts, p_mpsofilt_hint, event); | |
3377 | ||
3378 | return (MPTS_EVRET_DELETE); | |
3379 | } | |
3380 | ||
3381 | /* | |
3382 | * https://tools.ietf.org/html/rfc6052#section-2 | |
3383 | * https://tools.ietf.org/html/rfc6147#section-5.2 | |
3384 | */ | |
3385 | static boolean_t | |
3386 | mptcp_desynthesize_ipv6_addr(const struct in6_addr *addr, | |
3387 | const struct ipv6_prefix *prefix, | |
3388 | struct in_addr *addrv4) | |
3389 | { | |
3390 | char buf[MAX_IPv4_STR_LEN]; | |
3391 | char *ptrv4 = (char *)addrv4; | |
3392 | const char *ptr = (const char *)addr; | |
3393 | ||
3394 | if (memcmp(addr, &prefix->ipv6_prefix, prefix->prefix_len) != 0) | |
3395 | return false; | |
3396 | ||
3397 | switch (prefix->prefix_len) { | |
3398 | case NAT64_PREFIX_LEN_96: | |
3399 | memcpy(ptrv4, ptr + 12, 4); | |
3400 | break; | |
3401 | case NAT64_PREFIX_LEN_64: | |
3402 | memcpy(ptrv4, ptr + 9, 4); | |
3403 | break; | |
3404 | case NAT64_PREFIX_LEN_56: | |
3405 | memcpy(ptrv4, ptr + 7, 1); | |
3406 | memcpy(ptrv4 + 1, ptr + 9, 3); | |
3407 | break; | |
3408 | case NAT64_PREFIX_LEN_48: | |
3409 | memcpy(ptrv4, ptr + 6, 2); | |
3410 | memcpy(ptrv4 + 2, ptr + 9, 2); | |
3411 | break; | |
3412 | case NAT64_PREFIX_LEN_40: | |
3413 | memcpy(ptrv4, ptr + 5, 3); | |
3414 | memcpy(ptrv4 + 3, ptr + 9, 1); | |
3415 | break; | |
3416 | case NAT64_PREFIX_LEN_32: | |
3417 | memcpy(ptrv4, ptr + 4, 4); | |
3418 | break; | |
3419 | default: | |
3420 | panic("NAT64-prefix len is wrong: %u\n", | |
3421 | prefix->prefix_len); | |
3422 | } | |
3423 | ||
3424 | os_log_info(mptcp_log_handle, "%s desynthesized to %s\n", __func__, | |
3425 | inet_ntop(AF_INET, (void *)addrv4, buf, sizeof(buf))); | |
3426 | ||
3427 | return true; | |
3428 | } | |
3429 | ||
3430 | static void | |
3431 | mptcp_handle_ipv6_connection(struct mptses *mpte, const struct mptsub *mpts) | |
3432 | { | |
3433 | struct ipv6_prefix nat64prefixes[NAT64_MAX_NUM_PREFIXES]; | |
3434 | struct socket *so = mpts->mpts_socket; | |
3435 | struct ifnet *ifp; | |
3436 | int j; | |
3437 | ||
3438 | ifp = sotoinpcb(so)->inp_last_outifp; | |
3439 | ||
3440 | if (ifnet_get_nat64prefix(ifp, nat64prefixes) == ENOENT) { | |
3441 | mptcp_ask_for_nat64(ifp); | |
3442 | return; | |
3443 | } | |
3444 | ||
3445 | ||
3446 | for (j = 0; j < NAT64_MAX_NUM_PREFIXES; j++) { | |
3447 | int success; | |
3448 | ||
3449 | if (nat64prefixes[j].prefix_len == 0) | |
3450 | continue; | |
3451 | ||
3452 | success = mptcp_desynthesize_ipv6_addr(&mpte->__mpte_dst_v6.sin6_addr, | |
3453 | &nat64prefixes[j], | |
3454 | &mpte->mpte_dst_v4_nat64.sin_addr); | |
3455 | if (success) { | |
3456 | mpte->mpte_dst_v4_nat64.sin_len = sizeof(mpte->mpte_dst_v4_nat64); | |
3457 | mpte->mpte_dst_v4_nat64.sin_family = AF_INET; | |
3458 | mpte->mpte_dst_v4_nat64.sin_port = mpte->__mpte_dst_v6.sin6_port; | |
3459 | break; | |
3460 | } | |
3461 | } | |
3462 | } | |
3463 | ||
3464 | /* | |
3465 | * Handle SO_FILT_HINT_CONNECTED subflow socket event. | |
3466 | */ | |
3467 | static ev_ret_t | |
3468 | mptcp_subflow_connected_ev(struct mptses *mpte, struct mptsub *mpts, | |
3469 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3470 | { | |
3471 | #pragma unused(event, p_mpsofilt_hint) | |
3472 | struct socket *mp_so, *so; | |
3473 | struct inpcb *inp; | |
3474 | struct tcpcb *tp; | |
3475 | struct mptcb *mp_tp; | |
3476 | int af; | |
3477 | boolean_t mpok = FALSE; | |
3478 | ||
3479 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3480 | VERIFY(mpte->mpte_mppcb != NULL); | |
3481 | ||
3482 | mp_so = mptetoso(mpte); | |
3483 | mp_tp = mpte->mpte_mptcb; | |
3484 | so = mpts->mpts_socket; | |
3485 | tp = sototcpcb(so); | |
3486 | af = mpts->mpts_dst.sa_family; | |
3487 | ||
3488 | if (mpts->mpts_flags & MPTSF_CONNECTED) | |
3489 | return (MPTS_EVRET_OK); | |
3490 | ||
3491 | if ((mpts->mpts_flags & MPTSF_DISCONNECTED) || | |
3492 | (mpts->mpts_flags & MPTSF_DISCONNECTING)) { | |
3493 | if (!(so->so_state & (SS_ISDISCONNECTING | SS_ISDISCONNECTED)) && | |
3494 | (so->so_state & SS_ISCONNECTED)) { | |
3495 | mptcplog((LOG_DEBUG, "%s: cid %d disconnect before tcp connect\n", | |
3496 | __func__, mpts->mpts_connid), | |
3497 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3498 | (void) soshutdownlock(so, SHUT_RD); | |
3499 | (void) soshutdownlock(so, SHUT_WR); | |
3500 | (void) sodisconnectlocked(so); | |
3501 | } | |
3502 | return (MPTS_EVRET_OK); | |
3503 | } | |
3504 | ||
3505 | /* | |
3506 | * The subflow connection has been connected. Find out whether it | |
3507 | * is connected as a regular TCP or as a MPTCP subflow. The idea is: | |
3508 | * | |
3509 | * a. If MPTCP connection is not yet established, then this must be | |
3510 | * the first subflow connection. If MPTCP failed to negotiate, | |
3511 | * fallback to regular TCP by degrading this subflow. | |
3512 | * | |
3513 | * b. If MPTCP connection has been established, then this must be | |
3514 | * one of the subsequent subflow connections. If MPTCP failed | |
3515 | * to negotiate, disconnect the connection. | |
3516 | * | |
3517 | * Right now, we simply unblock any waiters at the MPTCP socket layer | |
3518 | * if the MPTCP connection has not been established. | |
3519 | */ | |
3520 | ||
3521 | if (so->so_state & SS_ISDISCONNECTED) { | |
3522 | /* | |
3523 | * With MPTCP joins, a connection is connected at the subflow | |
3524 | * level, but the 4th ACK from the server elevates the MPTCP | |
3525 | * subflow to connected state. So there is a small window | |
3526 | * where the subflow could get disconnected before the | |
3527 | * connected event is processed. | |
3528 | */ | |
3529 | return (MPTS_EVRET_OK); | |
3530 | } | |
3531 | ||
3532 | if (mpts->mpts_flags & MPTSF_TFO_REQD) | |
3533 | mptcp_drop_tfo_data(mpte, mpts); | |
3534 | ||
3535 | mpts->mpts_flags &= ~(MPTSF_CONNECTING | MPTSF_TFO_REQD); | |
3536 | mpts->mpts_flags |= MPTSF_CONNECTED; | |
3537 | ||
3538 | if (tp->t_mpflags & TMPF_MPTCP_TRUE) | |
3539 | mpts->mpts_flags |= MPTSF_MP_CAPABLE; | |
3540 | ||
3541 | tp->t_mpflags &= ~TMPF_TFO_REQUEST; | |
3542 | ||
3543 | /* get/verify the outbound interface */ | |
3544 | inp = sotoinpcb(so); | |
3545 | ||
3546 | mpts->mpts_maxseg = tp->t_maxseg; | |
3547 | ||
3548 | mptcplog((LOG_DEBUG, "%s: cid %d outif %s is %s\n", __func__, mpts->mpts_connid, | |
3549 | ((inp->inp_last_outifp != NULL) ? inp->inp_last_outifp->if_xname : "NULL"), | |
3550 | ((mpts->mpts_flags & MPTSF_MP_CAPABLE) ? "MPTCP capable" : "a regular TCP")), | |
3551 | (MPTCP_SOCKET_DBG | MPTCP_EVENTS_DBG), MPTCP_LOGLVL_LOG); | |
3552 | ||
3553 | mpok = (mpts->mpts_flags & MPTSF_MP_CAPABLE); | |
3554 | ||
3555 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED) { | |
3556 | mp_tp->mpt_state = MPTCPS_ESTABLISHED; | |
3557 | mpte->mpte_associd = mpts->mpts_connid; | |
3558 | DTRACE_MPTCP2(state__change, | |
3559 | struct mptcb *, mp_tp, | |
3560 | uint32_t, 0 /* event */); | |
3561 | ||
3562 | if (SOCK_DOM(so) == AF_INET) { | |
3563 | in_getsockaddr_s(so, &mpte->__mpte_src_v4); | |
3564 | } else { | |
3565 | in6_getsockaddr_s(so, &mpte->__mpte_src_v6); | |
3566 | } | |
3567 | ||
3568 | mpts->mpts_flags |= MPTSF_ACTIVE; | |
3569 | ||
3570 | /* case (a) above */ | |
3571 | if (!mpok) { | |
3572 | tcpstat.tcps_mpcap_fallback++; | |
3573 | ||
3574 | tp->t_mpflags |= TMPF_INFIN_SENT; | |
3575 | mptcp_notify_mpfail(so); | |
3576 | } else { | |
3577 | if (IFNET_IS_CELLULAR(inp->inp_last_outifp) && | |
3578 | mpte->mpte_svctype != MPTCP_SVCTYPE_AGGREGATE) { | |
3579 | tp->t_mpflags |= (TMPF_BACKUP_PATH | TMPF_SND_MPPRIO); | |
3580 | } else { | |
3581 | mpts->mpts_flags |= MPTSF_PREFERRED; | |
3582 | } | |
3583 | mpts->mpts_flags |= MPTSF_MPCAP_CTRSET; | |
3584 | mpte->mpte_nummpcapflows++; | |
3585 | ||
3586 | if (SOCK_DOM(so) == AF_INET6) | |
3587 | mptcp_handle_ipv6_connection(mpte, mpts); | |
3588 | ||
3589 | mptcp_check_subflows_and_add(mpte); | |
3590 | ||
3591 | if (IFNET_IS_CELLULAR(inp->inp_last_outifp)) | |
3592 | mpte->mpte_initial_cell = 1; | |
3593 | ||
3594 | mpte->mpte_handshake_success = 1; | |
3595 | } | |
3596 | ||
3597 | mp_tp->mpt_sndwnd = tp->snd_wnd; | |
3598 | mp_tp->mpt_sndwl1 = mp_tp->mpt_rcvnxt; | |
3599 | mp_tp->mpt_sndwl2 = mp_tp->mpt_snduna; | |
3600 | soisconnected(mp_so); | |
3601 | ||
3602 | mptcplog((LOG_DEBUG, "%s: MPTCPS_ESTABLISHED for mp_so 0x%llx mpok %u\n", | |
3603 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), mpok), | |
3604 | MPTCP_STATE_DBG, MPTCP_LOGLVL_LOG); | |
3605 | } else if (mpok) { | |
3606 | /* | |
3607 | * case (b) above | |
3608 | * In case of additional flows, the MPTCP socket is not | |
3609 | * MPTSF_MP_CAPABLE until an ACK is received from server | |
3610 | * for 3-way handshake. TCP would have guaranteed that this | |
3611 | * is an MPTCP subflow. | |
3612 | */ | |
3613 | if (IFNET_IS_CELLULAR(inp->inp_last_outifp) && | |
3614 | !(tp->t_mpflags & TMPF_BACKUP_PATH) && | |
3615 | mpte->mpte_svctype != MPTCP_SVCTYPE_AGGREGATE) { | |
3616 | tp->t_mpflags |= (TMPF_BACKUP_PATH | TMPF_SND_MPPRIO); | |
3617 | mpts->mpts_flags &= ~MPTSF_PREFERRED; | |
3618 | } else { | |
3619 | mpts->mpts_flags |= MPTSF_PREFERRED; | |
3620 | } | |
3621 | ||
3622 | mpts->mpts_flags |= MPTSF_MPCAP_CTRSET; | |
3623 | mpte->mpte_nummpcapflows++; | |
3624 | ||
3625 | mpts->mpts_rel_seq = 1; | |
3626 | ||
3627 | mptcp_check_subflows_and_remove(mpte); | |
3628 | } else { | |
3629 | unsigned int i; | |
3630 | ||
3631 | /* Should we try the alternate port? */ | |
3632 | if (mpte->mpte_alternate_port && | |
3633 | inp->inp_fport != mpte->mpte_alternate_port) { | |
3634 | union sockaddr_in_4_6 dst; | |
3635 | struct sockaddr_in *dst_in = (struct sockaddr_in *)&dst; | |
3636 | ||
3637 | memcpy(&dst, &mpts->mpts_dst, mpts->mpts_dst.sa_len); | |
3638 | ||
3639 | dst_in->sin_port = mpte->mpte_alternate_port; | |
3640 | ||
3641 | mptcp_subflow_add(mpte, NULL, (struct sockaddr *)&dst, | |
3642 | mpts->mpts_ifscope , NULL); | |
3643 | } else { /* Else, we tried all we could, mark this interface as non-MPTCP */ | |
3644 | for (i = 0; i < mpte->mpte_itfinfo_size; i++) { | |
3645 | struct mpt_itf_info *info = &mpte->mpte_itfinfo[i]; | |
3646 | ||
3647 | if (inp->inp_last_outifp->if_index == info->ifindex) { | |
3648 | info->no_mptcp_support = 1; | |
3649 | break; | |
3650 | } | |
3651 | } | |
3652 | } | |
3653 | ||
3654 | tcpstat.tcps_join_fallback++; | |
3655 | if (IFNET_IS_CELLULAR(inp->inp_last_outifp)) | |
3656 | tcpstat.tcps_mptcp_cell_proxy++; | |
3657 | else | |
3658 | tcpstat.tcps_mptcp_wifi_proxy++; | |
3659 | ||
3660 | soevent(mpts->mpts_socket, SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); | |
3661 | ||
3662 | return (MPTS_EVRET_OK); | |
3663 | } | |
3664 | ||
3665 | /* This call, just to "book" an entry in the stats-table for this ifindex */ | |
3666 | mptcp_get_statsindex(mpte->mpte_itfstats, mpts); | |
3667 | ||
3668 | mptcp_output(mpte); | |
3669 | ||
3670 | return (MPTS_EVRET_OK); /* keep the subflow socket around */ | |
3671 | } | |
3672 | ||
3673 | /* | |
3674 | * Handle SO_FILT_HINT_DISCONNECTED subflow socket event. | |
3675 | */ | |
3676 | static ev_ret_t | |
3677 | mptcp_subflow_disconnected_ev(struct mptses *mpte, struct mptsub *mpts, | |
3678 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3679 | { | |
3680 | #pragma unused(event, p_mpsofilt_hint) | |
3681 | struct socket *mp_so, *so; | |
3682 | struct mptcb *mp_tp; | |
3683 | ||
3684 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3685 | VERIFY(mpte->mpte_mppcb != NULL); | |
3686 | mp_so = mptetoso(mpte); | |
3687 | mp_tp = mpte->mpte_mptcb; | |
3688 | so = mpts->mpts_socket; | |
3689 | ||
3690 | mptcplog((LOG_DEBUG, "%s: cid %d, so_err %d, mpt_state %u fallback %u active %u flags %#x\n", | |
3691 | __func__, mpts->mpts_connid, so->so_error, mp_tp->mpt_state, | |
3692 | !!(mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP), | |
3693 | !!(mpts->mpts_flags & MPTSF_ACTIVE), sototcpcb(so)->t_mpflags), | |
3694 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3695 | ||
3696 | if (mpts->mpts_flags & MPTSF_DISCONNECTED) | |
3697 | return (MPTS_EVRET_DELETE); | |
3698 | ||
3699 | mpts->mpts_flags |= MPTSF_DISCONNECTED; | |
3700 | ||
3701 | /* The subflow connection has been disconnected. */ | |
3702 | ||
3703 | if (mpts->mpts_flags & MPTSF_MPCAP_CTRSET) { | |
3704 | mpte->mpte_nummpcapflows--; | |
3705 | if (mpte->mpte_active_sub == mpts) { | |
3706 | mpte->mpte_active_sub = NULL; | |
3707 | mptcplog((LOG_DEBUG, "%s: resetting active subflow \n", | |
3708 | __func__), MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3709 | } | |
3710 | mpts->mpts_flags &= ~MPTSF_MPCAP_CTRSET; | |
3711 | } | |
3712 | ||
3713 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED || | |
3714 | ((mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP) && (mpts->mpts_flags & MPTSF_ACTIVE)) || | |
3715 | (sototcpcb(so)->t_mpflags & TMPF_FASTCLOSERCV)) { | |
3716 | mptcp_drop(mpte, mp_tp, so->so_error); | |
3717 | } | |
3718 | ||
3719 | /* | |
3720 | * Clear flags that are used by getconninfo to return state. | |
3721 | * Retain like MPTSF_DELETEOK for internal purposes. | |
3722 | */ | |
3723 | mpts->mpts_flags &= ~(MPTSF_CONNECTING|MPTSF_CONNECT_PENDING| | |
3724 | MPTSF_CONNECTED|MPTSF_DISCONNECTING|MPTSF_PREFERRED| | |
3725 | MPTSF_MP_CAPABLE|MPTSF_MP_READY|MPTSF_MP_DEGRADED|MPTSF_ACTIVE); | |
3726 | ||
3727 | return (MPTS_EVRET_DELETE); | |
3728 | } | |
3729 | ||
3730 | /* | |
3731 | * Handle SO_FILT_HINT_MPSTATUS subflow socket event | |
3732 | */ | |
3733 | static ev_ret_t | |
3734 | mptcp_subflow_mpstatus_ev(struct mptses *mpte, struct mptsub *mpts, | |
3735 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3736 | { | |
3737 | #pragma unused(event, p_mpsofilt_hint) | |
3738 | struct socket *mp_so, *so; | |
3739 | struct mptcb *mp_tp; | |
3740 | ev_ret_t ret = MPTS_EVRET_OK; | |
3741 | ||
3742 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3743 | VERIFY(mpte->mpte_mppcb != NULL); | |
3744 | mp_so = mptetoso(mpte); | |
3745 | mp_tp = mpte->mpte_mptcb; | |
3746 | so = mpts->mpts_socket; | |
3747 | ||
3748 | if (sototcpcb(so)->t_mpflags & TMPF_MPTCP_TRUE) | |
3749 | mpts->mpts_flags |= MPTSF_MP_CAPABLE; | |
3750 | else | |
3751 | mpts->mpts_flags &= ~MPTSF_MP_CAPABLE; | |
3752 | ||
3753 | if (sototcpcb(so)->t_mpflags & TMPF_TCP_FALLBACK) { | |
3754 | if (mpts->mpts_flags & MPTSF_MP_DEGRADED) | |
3755 | goto done; | |
3756 | mpts->mpts_flags |= MPTSF_MP_DEGRADED; | |
3757 | } | |
3758 | else | |
3759 | mpts->mpts_flags &= ~MPTSF_MP_DEGRADED; | |
3760 | ||
3761 | if (sototcpcb(so)->t_mpflags & TMPF_MPTCP_READY) | |
3762 | mpts->mpts_flags |= MPTSF_MP_READY; | |
3763 | else | |
3764 | mpts->mpts_flags &= ~MPTSF_MP_READY; | |
3765 | ||
3766 | if (mpts->mpts_flags & MPTSF_MP_DEGRADED) { | |
3767 | mp_tp->mpt_flags |= MPTCPF_FALLBACK_TO_TCP; | |
3768 | mp_tp->mpt_flags &= ~MPTCPF_JOIN_READY; | |
3769 | } | |
3770 | ||
3771 | if (mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP) { | |
3772 | VERIFY(!(mp_tp->mpt_flags & MPTCPF_JOIN_READY)); | |
3773 | ret = MPTS_EVRET_DISCONNECT_FALLBACK; | |
3774 | } else if (mpts->mpts_flags & MPTSF_MP_READY) { | |
3775 | mp_tp->mpt_flags |= MPTCPF_JOIN_READY; | |
3776 | ret = MPTS_EVRET_CONNECT_PENDING; | |
3777 | } | |
3778 | ||
3779 | mptcplog((LOG_DEBUG, "%s: mp_so 0x%llx mpt_flags=%b cid %d mptsf=%b\n", | |
3780 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
3781 | mp_tp->mpt_flags, MPTCPF_BITS, mpts->mpts_connid, | |
3782 | mpts->mpts_flags, MPTSF_BITS), | |
3783 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3784 | ||
3785 | done: | |
3786 | return (ret); | |
3787 | } | |
3788 | ||
3789 | /* | |
3790 | * Handle SO_FILT_HINT_MUSTRST subflow socket event | |
3791 | */ | |
3792 | static ev_ret_t | |
3793 | mptcp_subflow_mustrst_ev(struct mptses *mpte, struct mptsub *mpts, | |
3794 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3795 | { | |
3796 | #pragma unused(event) | |
3797 | struct socket *mp_so, *so; | |
3798 | struct mptcb *mp_tp; | |
3799 | boolean_t is_fastclose; | |
3800 | ||
3801 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
3802 | VERIFY(mpte->mpte_mppcb != NULL); | |
3803 | mp_so = mptetoso(mpte); | |
3804 | mp_tp = mpte->mpte_mptcb; | |
3805 | so = mpts->mpts_socket; | |
3806 | ||
3807 | /* We got an invalid option or a fast close */ | |
3808 | struct tcptemp *t_template; | |
3809 | struct inpcb *inp = sotoinpcb(so); | |
3810 | struct tcpcb *tp = NULL; | |
3811 | ||
3812 | tp = intotcpcb(inp); | |
3813 | so->so_error = ECONNABORTED; | |
3814 | ||
3815 | is_fastclose = !!(tp->t_mpflags & TMPF_FASTCLOSERCV); | |
3816 | ||
3817 | t_template = tcp_maketemplate(tp); | |
3818 | if (t_template) { | |
3819 | struct tcp_respond_args tra; | |
3820 | ||
3821 | bzero(&tra, sizeof(tra)); | |
3822 | if (inp->inp_flags & INP_BOUND_IF) | |
3823 | tra.ifscope = inp->inp_boundifp->if_index; | |
3824 | else | |
3825 | tra.ifscope = IFSCOPE_NONE; | |
3826 | tra.awdl_unrestricted = 1; | |
3827 | ||
3828 | tcp_respond(tp, t_template->tt_ipgen, | |
3829 | &t_template->tt_t, (struct mbuf *)NULL, | |
3830 | tp->rcv_nxt, tp->snd_una, TH_RST, &tra); | |
3831 | (void) m_free(dtom(t_template)); | |
3832 | mptcplog((LOG_DEBUG, "MPTCP Events: " | |
3833 | "%s: mp_so 0x%llx cid %d \n", | |
3834 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
3835 | so, mpts->mpts_connid), | |
3836 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_LOG); | |
3837 | } | |
3838 | mptcp_subflow_abort(mpts, ECONNABORTED); | |
3839 | ||
3840 | if (!(mp_tp->mpt_flags & MPTCPF_FALLBACK_TO_TCP) && is_fastclose) { | |
3841 | *p_mpsofilt_hint |= SO_FILT_HINT_CONNRESET; | |
3842 | ||
3843 | if (mp_tp->mpt_state < MPTCPS_ESTABLISHED) | |
3844 | mp_so->so_error = ECONNABORTED; | |
3845 | else | |
3846 | mp_so->so_error = ECONNRESET; | |
3847 | ||
3848 | /* | |
3849 | * mptcp_drop is being called after processing the events, to fully | |
3850 | * close the MPTCP connection | |
3851 | */ | |
3852 | } | |
3853 | ||
3854 | if (mp_tp->mpt_gc_ticks == MPT_GC_TICKS) | |
3855 | mp_tp->mpt_gc_ticks = MPT_GC_TICKS_FAST; | |
3856 | ||
3857 | return (MPTS_EVRET_DELETE); | |
3858 | } | |
3859 | ||
3860 | static ev_ret_t | |
3861 | mptcp_subflow_adaptive_rtimo_ev(struct mptses *mpte, struct mptsub *mpts, | |
3862 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3863 | { | |
3864 | #pragma unused(event) | |
3865 | bool found_active = false; | |
3866 | ||
3867 | mpts->mpts_flags |= MPTSF_READ_STALL; | |
3868 | ||
3869 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
3870 | struct tcpcb *tp = sototcpcb(mpts->mpts_socket); | |
3871 | ||
3872 | if (!TCPS_HAVEESTABLISHED(tp->t_state) || | |
3873 | TCPS_HAVERCVDFIN2(tp->t_state)) | |
3874 | continue; | |
3875 | ||
3876 | if (!(mpts->mpts_flags & MPTSF_READ_STALL)) { | |
3877 | found_active = true; | |
3878 | break; | |
3879 | } | |
3880 | } | |
3881 | ||
3882 | if (!found_active) | |
3883 | *p_mpsofilt_hint |= SO_FILT_HINT_ADAPTIVE_RTIMO; | |
3884 | ||
3885 | return (MPTS_EVRET_OK); | |
3886 | } | |
3887 | ||
3888 | static ev_ret_t | |
3889 | mptcp_subflow_adaptive_wtimo_ev(struct mptses *mpte, struct mptsub *mpts, | |
3890 | uint64_t *p_mpsofilt_hint, uint64_t event) | |
3891 | { | |
3892 | #pragma unused(event) | |
3893 | bool found_active = false; | |
3894 | ||
3895 | mpts->mpts_flags |= MPTSF_WRITE_STALL; | |
3896 | ||
3897 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
3898 | struct tcpcb *tp = sototcpcb(mpts->mpts_socket); | |
3899 | ||
3900 | if (!TCPS_HAVEESTABLISHED(tp->t_state) || | |
3901 | tp->t_state > TCPS_CLOSE_WAIT) | |
3902 | continue; | |
3903 | ||
3904 | if (!(mpts->mpts_flags & MPTSF_WRITE_STALL)) { | |
3905 | found_active = true; | |
3906 | break; | |
3907 | } | |
3908 | } | |
3909 | ||
3910 | if (!found_active) | |
3911 | *p_mpsofilt_hint |= SO_FILT_HINT_ADAPTIVE_WTIMO; | |
3912 | ||
3913 | return (MPTS_EVRET_OK); | |
3914 | } | |
3915 | ||
3916 | static const char * | |
3917 | mptcp_evret2str(ev_ret_t ret) | |
3918 | { | |
3919 | const char *c = "UNKNOWN"; | |
3920 | ||
3921 | switch (ret) { | |
3922 | case MPTS_EVRET_DELETE: | |
3923 | c = "MPTS_EVRET_DELETE"; | |
3924 | break; | |
3925 | case MPTS_EVRET_CONNECT_PENDING: | |
3926 | c = "MPTS_EVRET_CONNECT_PENDING"; | |
3927 | break; | |
3928 | case MPTS_EVRET_DISCONNECT_FALLBACK: | |
3929 | c = "MPTS_EVRET_DISCONNECT_FALLBACK"; | |
3930 | break; | |
3931 | case MPTS_EVRET_OK: | |
3932 | c = "MPTS_EVRET_OK"; | |
3933 | break; | |
3934 | default: | |
3935 | break; | |
3936 | } | |
3937 | return (c); | |
3938 | } | |
3939 | ||
3940 | /* | |
3941 | * Issues SOPT_SET on an MPTCP subflow socket; socket must already be locked, | |
3942 | * caller must ensure that the option can be issued on subflow sockets, via | |
3943 | * MPOF_SUBFLOW_OK flag. | |
3944 | */ | |
3945 | int | |
3946 | mptcp_subflow_sosetopt(struct mptses *mpte, struct mptsub *mpts, struct mptopt *mpo) | |
3947 | { | |
3948 | struct socket *mp_so, *so; | |
3949 | struct sockopt sopt; | |
3950 | int error; | |
3951 | ||
3952 | VERIFY(mpo->mpo_flags & MPOF_SUBFLOW_OK); | |
3953 | mpte_lock_assert_held(mpte); | |
3954 | ||
3955 | mp_so = mptetoso(mpte); | |
3956 | so = mpts->mpts_socket; | |
3957 | ||
3958 | if (mpte->mpte_mptcb->mpt_state >= MPTCPS_ESTABLISHED && | |
3959 | mpo->mpo_level == SOL_SOCKET && | |
3960 | mpo->mpo_name == SO_MARK_CELLFALLBACK) { | |
3961 | mptcplog((LOG_DEBUG, "%s Setting CELL_FALLBACK, mpte_flags %#x, svctype %u wifi unusable %u lastcell? %d boundcell? %d\n", | |
3962 | __func__, mpte->mpte_flags, mpte->mpte_svctype, mptcp_is_wifi_unusable(), | |
3963 | sotoinpcb(so)->inp_last_outifp ? IFNET_IS_CELLULAR(sotoinpcb(so)->inp_last_outifp) : -1, | |
3964 | mpts->mpts_ifscope != IFSCOPE_NONE ? IFNET_IS_CELLULAR(ifindex2ifnet[mpts->mpts_ifscope]) : -1), | |
3965 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
3966 | ||
3967 | /* | |
3968 | * When we open a new subflow, mark it as cell fallback, if | |
3969 | * this subflow goes over cell. | |
3970 | * | |
3971 | * (except for first-party apps) | |
3972 | */ | |
3973 | ||
3974 | if (mpte->mpte_flags & MPTE_FIRSTPARTY) | |
3975 | return (0); | |
3976 | ||
3977 | if (sotoinpcb(so)->inp_last_outifp && | |
3978 | !IFNET_IS_CELLULAR(sotoinpcb(so)->inp_last_outifp)) | |
3979 | return (0); | |
3980 | ||
3981 | /* | |
3982 | * This here is an OR, because if the app is not binding to the | |
3983 | * interface, then it definitely is not a cell-fallback | |
3984 | * connection. | |
3985 | */ | |
3986 | if (mpts->mpts_ifscope == IFSCOPE_NONE || | |
3987 | !IFNET_IS_CELLULAR(ifindex2ifnet[mpts->mpts_ifscope])) | |
3988 | return (0); | |
3989 | } | |
3990 | ||
3991 | mpo->mpo_flags &= ~MPOF_INTERIM; | |
3992 | ||
3993 | bzero(&sopt, sizeof (sopt)); | |
3994 | sopt.sopt_dir = SOPT_SET; | |
3995 | sopt.sopt_level = mpo->mpo_level; | |
3996 | sopt.sopt_name = mpo->mpo_name; | |
3997 | sopt.sopt_val = CAST_USER_ADDR_T(&mpo->mpo_intval); | |
3998 | sopt.sopt_valsize = sizeof (int); | |
3999 | sopt.sopt_p = kernproc; | |
4000 | ||
4001 | error = sosetoptlock(so, &sopt, 0); | |
4002 | if (error == 0) { | |
4003 | mptcplog((LOG_INFO, "%s: mp_so 0x%llx sopt %s " | |
4004 | "val %d set successful\n", __func__, | |
4005 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4006 | mptcp_sopt2str(mpo->mpo_level, mpo->mpo_name), | |
4007 | mpo->mpo_intval), | |
4008 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG); | |
4009 | } else { | |
4010 | mptcplog((LOG_ERR, "%s:mp_so 0x%llx sopt %s " | |
4011 | "val %d set error %d\n", __func__, | |
4012 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4013 | mptcp_sopt2str(mpo->mpo_level, mpo->mpo_name), | |
4014 | mpo->mpo_intval, error), | |
4015 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
4016 | } | |
4017 | return (error); | |
4018 | } | |
4019 | ||
4020 | /* | |
4021 | * Issues SOPT_GET on an MPTCP subflow socket; socket must already be locked, | |
4022 | * caller must ensure that the option can be issued on subflow sockets, via | |
4023 | * MPOF_SUBFLOW_OK flag. | |
4024 | */ | |
4025 | int | |
4026 | mptcp_subflow_sogetopt(struct mptses *mpte, struct socket *so, | |
4027 | struct mptopt *mpo) | |
4028 | { | |
4029 | struct socket *mp_so; | |
4030 | struct sockopt sopt; | |
4031 | int error; | |
4032 | ||
4033 | VERIFY(mpo->mpo_flags & MPOF_SUBFLOW_OK); | |
4034 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
4035 | mp_so = mptetoso(mpte); | |
4036 | ||
4037 | bzero(&sopt, sizeof (sopt)); | |
4038 | sopt.sopt_dir = SOPT_GET; | |
4039 | sopt.sopt_level = mpo->mpo_level; | |
4040 | sopt.sopt_name = mpo->mpo_name; | |
4041 | sopt.sopt_val = CAST_USER_ADDR_T(&mpo->mpo_intval); | |
4042 | sopt.sopt_valsize = sizeof (int); | |
4043 | sopt.sopt_p = kernproc; | |
4044 | ||
4045 | error = sogetoptlock(so, &sopt, 0); /* already locked */ | |
4046 | if (error == 0) { | |
4047 | mptcplog((LOG_DEBUG, "MPTCP Socket: " | |
4048 | "%s: mp_so 0x%llx sopt %s " | |
4049 | "val %d get successful\n", __func__, | |
4050 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4051 | mptcp_sopt2str(mpo->mpo_level, mpo->mpo_name), | |
4052 | mpo->mpo_intval), | |
4053 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4054 | } else { | |
4055 | mptcplog((LOG_ERR, "MPTCP Socket: " | |
4056 | "%s: mp_so 0x%llx sopt %s get error %d\n", | |
4057 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4058 | mptcp_sopt2str(mpo->mpo_level, mpo->mpo_name), error), | |
4059 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
4060 | } | |
4061 | return (error); | |
4062 | } | |
4063 | ||
4064 | ||
4065 | /* | |
4066 | * MPTCP garbage collector. | |
4067 | * | |
4068 | * This routine is called by the MP domain on-demand, periodic callout, | |
4069 | * which is triggered when a MPTCP socket is closed. The callout will | |
4070 | * repeat as long as this routine returns a non-zero value. | |
4071 | */ | |
4072 | static uint32_t | |
4073 | mptcp_gc(struct mppcbinfo *mppi) | |
4074 | { | |
4075 | struct mppcb *mpp, *tmpp; | |
4076 | uint32_t active = 0; | |
4077 | ||
4078 | LCK_MTX_ASSERT(&mppi->mppi_lock, LCK_MTX_ASSERT_OWNED); | |
4079 | ||
4080 | TAILQ_FOREACH_SAFE(mpp, &mppi->mppi_pcbs, mpp_entry, tmpp) { | |
4081 | struct socket *mp_so; | |
4082 | struct mptses *mpte; | |
4083 | struct mptcb *mp_tp; | |
4084 | ||
4085 | VERIFY(mpp->mpp_flags & MPP_ATTACHED); | |
4086 | mp_so = mpp->mpp_socket; | |
4087 | VERIFY(mp_so != NULL); | |
4088 | mpte = mptompte(mpp); | |
4089 | VERIFY(mpte != NULL); | |
4090 | mp_tp = mpte->mpte_mptcb; | |
4091 | VERIFY(mp_tp != NULL); | |
4092 | ||
4093 | mptcplog((LOG_DEBUG, "MPTCP Socket: " | |
4094 | "%s: mp_so 0x%llx found " | |
4095 | "(u=%d,r=%d,s=%d)\n", __func__, | |
4096 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), mp_so->so_usecount, | |
4097 | mp_so->so_retaincnt, mpp->mpp_state), | |
4098 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4099 | ||
4100 | if (!mpte_try_lock(mpte)) { | |
4101 | mptcplog((LOG_DEBUG, "MPTCP Socket: " | |
4102 | "%s: mp_so 0x%llx skipped lock " | |
4103 | "(u=%d,r=%d)\n", __func__, | |
4104 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4105 | mp_so->so_usecount, mp_so->so_retaincnt), | |
4106 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4107 | active++; | |
4108 | continue; | |
4109 | } | |
4110 | ||
4111 | /* check again under the lock */ | |
4112 | if (mp_so->so_usecount > 0) { | |
4113 | boolean_t wakeup = FALSE; | |
4114 | struct mptsub *mpts, *tmpts; | |
4115 | ||
4116 | mptcplog((LOG_DEBUG, "MPTCP Socket: " | |
4117 | "%s: mp_so 0x%llx skipped usecount " | |
4118 | "[u=%d,r=%d] %d %d\n", __func__, | |
4119 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4120 | mp_so->so_usecount, mp_so->so_retaincnt, | |
4121 | mp_tp->mpt_gc_ticks, | |
4122 | mp_tp->mpt_state), | |
4123 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4124 | ||
4125 | if (mp_tp->mpt_state >= MPTCPS_FIN_WAIT_1) { | |
4126 | if (mp_tp->mpt_gc_ticks > 0) | |
4127 | mp_tp->mpt_gc_ticks--; | |
4128 | if (mp_tp->mpt_gc_ticks == 0) { | |
4129 | wakeup = TRUE; | |
4130 | } | |
4131 | } | |
4132 | if (wakeup) { | |
4133 | TAILQ_FOREACH_SAFE(mpts, | |
4134 | &mpte->mpte_subflows, mpts_entry, tmpts) { | |
4135 | mptcp_subflow_eupcall1(mpts->mpts_socket, | |
4136 | mpts, SO_FILT_HINT_DISCONNECTED); | |
4137 | } | |
4138 | } | |
4139 | mpte_unlock(mpte); | |
4140 | active++; | |
4141 | continue; | |
4142 | } | |
4143 | ||
4144 | if (mpp->mpp_state != MPPCB_STATE_DEAD) { | |
4145 | panic("MPTCP Socket: %s: mp_so 0x%llx skipped state " | |
4146 | "[u=%d,r=%d,s=%d]\n", __func__, | |
4147 | (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4148 | mp_so->so_usecount, mp_so->so_retaincnt, | |
4149 | mpp->mpp_state); | |
4150 | } | |
4151 | ||
4152 | if (mp_tp->mpt_state == MPTCPS_TIME_WAIT) | |
4153 | mptcp_close(mpte, mp_tp); | |
4154 | ||
4155 | mptcp_session_destroy(mpte); | |
4156 | ||
4157 | mptcplog((LOG_DEBUG, "MPTCP Socket: " | |
4158 | "%s: mp_so 0x%llx destroyed [u=%d,r=%d]\n", | |
4159 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
4160 | mp_so->so_usecount, mp_so->so_retaincnt), | |
4161 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4162 | ||
4163 | DTRACE_MPTCP4(dispose, struct socket *, mp_so, | |
4164 | struct sockbuf *, &mp_so->so_rcv, | |
4165 | struct sockbuf *, &mp_so->so_snd, | |
4166 | struct mppcb *, mpp); | |
4167 | ||
4168 | mp_pcbdispose(mpp); | |
4169 | sodealloc(mp_so); | |
4170 | } | |
4171 | ||
4172 | return (active); | |
4173 | } | |
4174 | ||
4175 | /* | |
4176 | * Drop a MPTCP connection, reporting the specified error. | |
4177 | */ | |
4178 | struct mptses * | |
4179 | mptcp_drop(struct mptses *mpte, struct mptcb *mp_tp, int errno) | |
4180 | { | |
4181 | struct socket *mp_so; | |
4182 | ||
4183 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
4184 | VERIFY(mpte->mpte_mptcb == mp_tp); | |
4185 | mp_so = mptetoso(mpte); | |
4186 | ||
4187 | DTRACE_MPTCP2(state__change, struct mptcb *, mp_tp, | |
4188 | uint32_t, 0 /* event */); | |
4189 | ||
4190 | if (errno == ETIMEDOUT && mp_tp->mpt_softerror != 0) | |
4191 | errno = mp_tp->mpt_softerror; | |
4192 | mp_so->so_error = errno; | |
4193 | ||
4194 | return (mptcp_close(mpte, mp_tp)); | |
4195 | } | |
4196 | ||
4197 | /* | |
4198 | * Close a MPTCP control block. | |
4199 | */ | |
4200 | struct mptses * | |
4201 | mptcp_close(struct mptses *mpte, struct mptcb *mp_tp) | |
4202 | { | |
4203 | struct socket *mp_so = NULL; | |
4204 | struct mptsub *mpts = NULL, *tmpts = NULL; | |
4205 | ||
4206 | mpte_lock_assert_held(mpte); /* same as MP socket lock */ | |
4207 | VERIFY(mpte->mpte_mptcb == mp_tp); | |
4208 | mp_so = mptetoso(mpte); | |
4209 | ||
4210 | mp_tp->mpt_state = MPTCPS_TERMINATE; | |
4211 | ||
4212 | mptcp_freeq(mp_tp); | |
4213 | ||
4214 | soisdisconnected(mp_so); | |
4215 | ||
4216 | /* Clean up all subflows */ | |
4217 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
4218 | mptcp_subflow_disconnect(mpte, mpts); | |
4219 | } | |
4220 | ||
4221 | return (NULL); | |
4222 | } | |
4223 | ||
4224 | void | |
4225 | mptcp_notify_close(struct socket *so) | |
4226 | { | |
4227 | soevent(so, (SO_FILT_HINT_LOCKED | SO_FILT_HINT_DISCONNECTED)); | |
4228 | } | |
4229 | ||
4230 | /* | |
4231 | * MPTCP workloop. | |
4232 | */ | |
4233 | void | |
4234 | mptcp_subflow_workloop(struct mptses *mpte) | |
4235 | { | |
4236 | struct socket *mp_so; | |
4237 | struct mptsub *mpts, *tmpts; | |
4238 | boolean_t connect_pending = FALSE, disconnect_fallback = FALSE; | |
4239 | uint64_t mpsofilt_hint_mask = SO_FILT_HINT_LOCKED; | |
4240 | ||
4241 | mpte_lock_assert_held(mpte); | |
4242 | VERIFY(mpte->mpte_mppcb != NULL); | |
4243 | mp_so = mptetoso(mpte); | |
4244 | VERIFY(mp_so != NULL); | |
4245 | ||
4246 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
4247 | ev_ret_t ret; | |
4248 | ||
4249 | if (mpts->mpts_socket->so_usecount == 0) { | |
4250 | /* Will be removed soon by tcp_garbage_collect */ | |
4251 | continue; | |
4252 | } | |
4253 | ||
4254 | mptcp_subflow_addref(mpts); | |
4255 | mpts->mpts_socket->so_usecount++; | |
4256 | ||
4257 | ret = mptcp_subflow_events(mpte, mpts, &mpsofilt_hint_mask); | |
4258 | ||
4259 | /* | |
4260 | * If MPTCP socket is closed, disconnect all subflows. | |
4261 | * This will generate a disconnect event which will | |
4262 | * be handled during the next iteration, causing a | |
4263 | * non-zero error to be returned above. | |
4264 | */ | |
4265 | if (mp_so->so_flags & SOF_PCBCLEARING) | |
4266 | mptcp_subflow_disconnect(mpte, mpts); | |
4267 | ||
4268 | switch (ret) { | |
4269 | case MPTS_EVRET_OK: | |
4270 | /* nothing to do */ | |
4271 | break; | |
4272 | case MPTS_EVRET_DELETE: | |
4273 | mptcp_subflow_soclose(mpts); | |
4274 | break; | |
4275 | case MPTS_EVRET_CONNECT_PENDING: | |
4276 | connect_pending = TRUE; | |
4277 | break; | |
4278 | case MPTS_EVRET_DISCONNECT_FALLBACK: | |
4279 | disconnect_fallback = TRUE; | |
4280 | break; | |
4281 | default: | |
4282 | mptcplog((LOG_DEBUG, | |
4283 | "MPTCP Socket: %s: mptcp_subflow_events " | |
4284 | "returned invalid value: %d\n", __func__, | |
4285 | ret), | |
4286 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4287 | break; | |
4288 | } | |
4289 | mptcp_subflow_remref(mpts); /* ours */ | |
4290 | ||
4291 | VERIFY(mpts->mpts_socket->so_usecount != 0); | |
4292 | mpts->mpts_socket->so_usecount--; | |
4293 | } | |
4294 | ||
4295 | if (mpsofilt_hint_mask != SO_FILT_HINT_LOCKED) { | |
4296 | VERIFY(mpsofilt_hint_mask & SO_FILT_HINT_LOCKED); | |
4297 | ||
4298 | soevent(mp_so, mpsofilt_hint_mask); | |
4299 | } | |
4300 | ||
4301 | if (!connect_pending && !disconnect_fallback) | |
4302 | return; | |
4303 | ||
4304 | TAILQ_FOREACH_SAFE(mpts, &mpte->mpte_subflows, mpts_entry, tmpts) { | |
4305 | if (disconnect_fallback) { | |
4306 | struct socket *so = NULL; | |
4307 | struct inpcb *inp = NULL; | |
4308 | struct tcpcb *tp = NULL; | |
4309 | ||
4310 | if (mpts->mpts_flags & MPTSF_MP_DEGRADED) | |
4311 | continue; | |
4312 | ||
4313 | mpts->mpts_flags |= MPTSF_MP_DEGRADED; | |
4314 | ||
4315 | if (mpts->mpts_flags & (MPTSF_DISCONNECTING| | |
4316 | MPTSF_DISCONNECTED|MPTSF_CONNECT_PENDING)) | |
4317 | continue; | |
4318 | ||
4319 | so = mpts->mpts_socket; | |
4320 | ||
4321 | /* | |
4322 | * The MPTCP connection has degraded to a fallback | |
4323 | * mode, so there is no point in keeping this subflow | |
4324 | * regardless of its MPTCP-readiness state, unless it | |
4325 | * is the primary one which we use for fallback. This | |
4326 | * assumes that the subflow used for fallback is the | |
4327 | * ACTIVE one. | |
4328 | */ | |
4329 | ||
4330 | inp = sotoinpcb(so); | |
4331 | tp = intotcpcb(inp); | |
4332 | tp->t_mpflags &= | |
4333 | ~(TMPF_MPTCP_READY|TMPF_MPTCP_TRUE); | |
4334 | tp->t_mpflags |= TMPF_TCP_FALLBACK; | |
4335 | ||
4336 | if (mpts->mpts_flags & MPTSF_ACTIVE) { | |
4337 | continue; | |
4338 | } | |
4339 | tp->t_mpflags |= TMPF_RESET; | |
4340 | soevent(so, SO_FILT_HINT_MUSTRST); | |
4341 | } else if (connect_pending) { | |
4342 | /* | |
4343 | * The MPTCP connection has progressed to a state | |
4344 | * where it supports full multipath semantics; allow | |
4345 | * additional joins to be attempted for all subflows | |
4346 | * that are in the PENDING state. | |
4347 | */ | |
4348 | if (mpts->mpts_flags & MPTSF_CONNECT_PENDING) { | |
4349 | int error = mptcp_subflow_soconnectx(mpte, mpts); | |
4350 | ||
4351 | if (error) | |
4352 | mptcp_subflow_abort(mpts, error); | |
4353 | } | |
4354 | } | |
4355 | } | |
4356 | } | |
4357 | ||
4358 | /* | |
4359 | * Protocol pr_lock callback. | |
4360 | */ | |
4361 | int | |
4362 | mptcp_lock(struct socket *mp_so, int refcount, void *lr) | |
4363 | { | |
4364 | struct mppcb *mpp = mpsotomppcb(mp_so); | |
4365 | void *lr_saved; | |
4366 | ||
4367 | if (lr == NULL) | |
4368 | lr_saved = __builtin_return_address(0); | |
4369 | else | |
4370 | lr_saved = lr; | |
4371 | ||
4372 | if (mpp == NULL) { | |
4373 | panic("%s: so=%p NO PCB! lr=%p lrh= %s\n", __func__, | |
4374 | mp_so, lr_saved, solockhistory_nr(mp_so)); | |
4375 | /* NOTREACHED */ | |
4376 | } | |
4377 | mpp_lock(mpp); | |
4378 | ||
4379 | if (mp_so->so_usecount < 0) { | |
4380 | panic("%s: so=%p so_pcb=%p lr=%p ref=%x lrh= %s\n", __func__, | |
4381 | mp_so, mp_so->so_pcb, lr_saved, mp_so->so_usecount, | |
4382 | solockhistory_nr(mp_so)); | |
4383 | /* NOTREACHED */ | |
4384 | } | |
4385 | if (refcount != 0) | |
4386 | mp_so->so_usecount++; | |
4387 | mp_so->lock_lr[mp_so->next_lock_lr] = lr_saved; | |
4388 | mp_so->next_lock_lr = (mp_so->next_lock_lr + 1) % SO_LCKDBG_MAX; | |
4389 | ||
4390 | return (0); | |
4391 | } | |
4392 | ||
4393 | /* | |
4394 | * Protocol pr_unlock callback. | |
4395 | */ | |
4396 | int | |
4397 | mptcp_unlock(struct socket *mp_so, int refcount, void *lr) | |
4398 | { | |
4399 | struct mppcb *mpp = mpsotomppcb(mp_so); | |
4400 | void *lr_saved; | |
4401 | ||
4402 | if (lr == NULL) | |
4403 | lr_saved = __builtin_return_address(0); | |
4404 | else | |
4405 | lr_saved = lr; | |
4406 | ||
4407 | if (mpp == NULL) { | |
4408 | panic("%s: so=%p NO PCB usecount=%x lr=%p lrh= %s\n", __func__, | |
4409 | mp_so, mp_so->so_usecount, lr_saved, | |
4410 | solockhistory_nr(mp_so)); | |
4411 | /* NOTREACHED */ | |
4412 | } | |
4413 | mpp_lock_assert_held(mpp); | |
4414 | ||
4415 | if (refcount != 0) | |
4416 | mp_so->so_usecount--; | |
4417 | ||
4418 | if (mp_so->so_usecount < 0) { | |
4419 | panic("%s: so=%p usecount=%x lrh= %s\n", __func__, | |
4420 | mp_so, mp_so->so_usecount, solockhistory_nr(mp_so)); | |
4421 | /* NOTREACHED */ | |
4422 | } | |
4423 | mp_so->unlock_lr[mp_so->next_unlock_lr] = lr_saved; | |
4424 | mp_so->next_unlock_lr = (mp_so->next_unlock_lr + 1) % SO_LCKDBG_MAX; | |
4425 | mpp_unlock(mpp); | |
4426 | ||
4427 | return (0); | |
4428 | } | |
4429 | ||
4430 | /* | |
4431 | * Protocol pr_getlock callback. | |
4432 | */ | |
4433 | lck_mtx_t * | |
4434 | mptcp_getlock(struct socket *mp_so, int flags) | |
4435 | { | |
4436 | struct mppcb *mpp = mpsotomppcb(mp_so); | |
4437 | ||
4438 | if (mpp == NULL) { | |
4439 | panic("%s: so=%p NULL so_pcb %s\n", __func__, mp_so, | |
4440 | solockhistory_nr(mp_so)); | |
4441 | /* NOTREACHED */ | |
4442 | } | |
4443 | if (mp_so->so_usecount < 0) { | |
4444 | panic("%s: so=%p usecount=%x lrh= %s\n", __func__, | |
4445 | mp_so, mp_so->so_usecount, solockhistory_nr(mp_so)); | |
4446 | /* NOTREACHED */ | |
4447 | } | |
4448 | return (mpp_getlock(mpp, flags)); | |
4449 | } | |
4450 | ||
4451 | /* | |
4452 | * MPTCP Join support | |
4453 | */ | |
4454 | ||
4455 | static void | |
4456 | mptcp_attach_to_subf(struct socket *so, struct mptcb *mp_tp, | |
4457 | uint8_t addr_id) | |
4458 | { | |
4459 | struct tcpcb *tp = sototcpcb(so); | |
4460 | struct mptcp_subf_auth_entry *sauth_entry; | |
4461 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4462 | ||
4463 | /* | |
4464 | * The address ID of the first flow is implicitly 0. | |
4465 | */ | |
4466 | if (mp_tp->mpt_state == MPTCPS_CLOSED) { | |
4467 | tp->t_local_aid = 0; | |
4468 | } else { | |
4469 | tp->t_local_aid = addr_id; | |
4470 | tp->t_mpflags |= (TMPF_PREESTABLISHED | TMPF_JOINED_FLOW); | |
4471 | so->so_flags |= SOF_MP_SEC_SUBFLOW; | |
4472 | } | |
4473 | sauth_entry = zalloc(mpt_subauth_zone); | |
4474 | sauth_entry->msae_laddr_id = tp->t_local_aid; | |
4475 | sauth_entry->msae_raddr_id = 0; | |
4476 | sauth_entry->msae_raddr_rand = 0; | |
4477 | try_again: | |
4478 | sauth_entry->msae_laddr_rand = RandomULong(); | |
4479 | if (sauth_entry->msae_laddr_rand == 0) | |
4480 | goto try_again; | |
4481 | LIST_INSERT_HEAD(&mp_tp->mpt_subauth_list, sauth_entry, msae_next); | |
4482 | } | |
4483 | ||
4484 | static void | |
4485 | mptcp_detach_mptcb_from_subf(struct mptcb *mp_tp, struct socket *so) | |
4486 | { | |
4487 | struct mptcp_subf_auth_entry *sauth_entry; | |
4488 | struct tcpcb *tp = NULL; | |
4489 | int found = 0; | |
4490 | ||
4491 | tp = sototcpcb(so); | |
4492 | if (tp == NULL) | |
4493 | return; | |
4494 | ||
4495 | LIST_FOREACH(sauth_entry, &mp_tp->mpt_subauth_list, msae_next) { | |
4496 | if (sauth_entry->msae_laddr_id == tp->t_local_aid) { | |
4497 | found = 1; | |
4498 | break; | |
4499 | } | |
4500 | } | |
4501 | if (found) { | |
4502 | LIST_REMOVE(sauth_entry, msae_next); | |
4503 | } | |
4504 | ||
4505 | if (found) | |
4506 | zfree(mpt_subauth_zone, sauth_entry); | |
4507 | } | |
4508 | ||
4509 | void | |
4510 | mptcp_get_rands(mptcp_addr_id addr_id, struct mptcb *mp_tp, u_int32_t *lrand, | |
4511 | u_int32_t *rrand) | |
4512 | { | |
4513 | struct mptcp_subf_auth_entry *sauth_entry; | |
4514 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4515 | ||
4516 | LIST_FOREACH(sauth_entry, &mp_tp->mpt_subauth_list, msae_next) { | |
4517 | if (sauth_entry->msae_laddr_id == addr_id) { | |
4518 | if (lrand) | |
4519 | *lrand = sauth_entry->msae_laddr_rand; | |
4520 | if (rrand) | |
4521 | *rrand = sauth_entry->msae_raddr_rand; | |
4522 | break; | |
4523 | } | |
4524 | } | |
4525 | } | |
4526 | ||
4527 | void | |
4528 | mptcp_set_raddr_rand(mptcp_addr_id laddr_id, struct mptcb *mp_tp, | |
4529 | mptcp_addr_id raddr_id, u_int32_t raddr_rand) | |
4530 | { | |
4531 | struct mptcp_subf_auth_entry *sauth_entry; | |
4532 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4533 | ||
4534 | LIST_FOREACH(sauth_entry, &mp_tp->mpt_subauth_list, msae_next) { | |
4535 | if (sauth_entry->msae_laddr_id == laddr_id) { | |
4536 | if ((sauth_entry->msae_raddr_id != 0) && | |
4537 | (sauth_entry->msae_raddr_id != raddr_id)) { | |
4538 | mptcplog((LOG_ERR, "MPTCP Socket: %s mismatched" | |
4539 | " address ids %d %d \n", __func__, raddr_id, | |
4540 | sauth_entry->msae_raddr_id), | |
4541 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG); | |
4542 | return; | |
4543 | } | |
4544 | sauth_entry->msae_raddr_id = raddr_id; | |
4545 | if ((sauth_entry->msae_raddr_rand != 0) && | |
4546 | (sauth_entry->msae_raddr_rand != raddr_rand)) { | |
4547 | mptcplog((LOG_ERR, "MPTCP Socket: " | |
4548 | "%s: dup SYN_ACK %d %d \n", | |
4549 | __func__, raddr_rand, | |
4550 | sauth_entry->msae_raddr_rand), | |
4551 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG); | |
4552 | return; | |
4553 | } | |
4554 | sauth_entry->msae_raddr_rand = raddr_rand; | |
4555 | return; | |
4556 | } | |
4557 | } | |
4558 | } | |
4559 | ||
4560 | /* | |
4561 | * SHA1 support for MPTCP | |
4562 | */ | |
4563 | static void | |
4564 | mptcp_do_sha1(mptcp_key_t *key, char *sha_digest) | |
4565 | { | |
4566 | SHA1_CTX sha1ctxt; | |
4567 | const unsigned char *sha1_base; | |
4568 | int sha1_size; | |
4569 | ||
4570 | sha1_base = (const unsigned char *) key; | |
4571 | sha1_size = sizeof (mptcp_key_t); | |
4572 | SHA1Init(&sha1ctxt); | |
4573 | SHA1Update(&sha1ctxt, sha1_base, sha1_size); | |
4574 | SHA1Final(sha_digest, &sha1ctxt); | |
4575 | } | |
4576 | ||
4577 | void | |
4578 | mptcp_hmac_sha1(mptcp_key_t key1, mptcp_key_t key2, | |
4579 | u_int32_t rand1, u_int32_t rand2, u_char *digest) | |
4580 | { | |
4581 | SHA1_CTX sha1ctxt; | |
4582 | mptcp_key_t key_ipad[8] = {0}; /* key XOR'd with inner pad */ | |
4583 | mptcp_key_t key_opad[8] = {0}; /* key XOR'd with outer pad */ | |
4584 | u_int32_t data[2]; | |
4585 | int i; | |
4586 | ||
4587 | bzero(digest, SHA1_RESULTLEN); | |
4588 | ||
4589 | /* Set up the Key for HMAC */ | |
4590 | key_ipad[0] = key1; | |
4591 | key_ipad[1] = key2; | |
4592 | ||
4593 | key_opad[0] = key1; | |
4594 | key_opad[1] = key2; | |
4595 | ||
4596 | /* Set up the message for HMAC */ | |
4597 | data[0] = rand1; | |
4598 | data[1] = rand2; | |
4599 | ||
4600 | /* Key is 512 block length, so no need to compute hash */ | |
4601 | ||
4602 | /* Compute SHA1(Key XOR opad, SHA1(Key XOR ipad, data)) */ | |
4603 | ||
4604 | for (i = 0; i < 8; i++) { | |
4605 | key_ipad[i] ^= 0x3636363636363636; | |
4606 | key_opad[i] ^= 0x5c5c5c5c5c5c5c5c; | |
4607 | } | |
4608 | ||
4609 | /* Perform inner SHA1 */ | |
4610 | SHA1Init(&sha1ctxt); | |
4611 | SHA1Update(&sha1ctxt, (unsigned char *)key_ipad, sizeof (key_ipad)); | |
4612 | SHA1Update(&sha1ctxt, (unsigned char *)data, sizeof (data)); | |
4613 | SHA1Final(digest, &sha1ctxt); | |
4614 | ||
4615 | /* Perform outer SHA1 */ | |
4616 | SHA1Init(&sha1ctxt); | |
4617 | SHA1Update(&sha1ctxt, (unsigned char *)key_opad, sizeof (key_opad)); | |
4618 | SHA1Update(&sha1ctxt, (unsigned char *)digest, SHA1_RESULTLEN); | |
4619 | SHA1Final(digest, &sha1ctxt); | |
4620 | } | |
4621 | ||
4622 | /* | |
4623 | * corresponds to MAC-B = MAC (Key=(Key-B+Key-A), Msg=(R-B+R-A)) | |
4624 | * corresponds to MAC-A = MAC (Key=(Key-A+Key-B), Msg=(R-A+R-B)) | |
4625 | */ | |
4626 | void | |
4627 | mptcp_get_hmac(mptcp_addr_id aid, struct mptcb *mp_tp, u_char *digest) | |
4628 | { | |
4629 | uint32_t lrand, rrand; | |
4630 | ||
4631 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4632 | ||
4633 | lrand = rrand = 0; | |
4634 | mptcp_get_rands(aid, mp_tp, &lrand, &rrand); | |
4635 | mptcp_hmac_sha1(mp_tp->mpt_localkey, mp_tp->mpt_remotekey, lrand, rrand, | |
4636 | digest); | |
4637 | } | |
4638 | ||
4639 | /* | |
4640 | * Authentication data generation | |
4641 | */ | |
4642 | static void | |
4643 | mptcp_generate_token(char *sha_digest, int sha_digest_len, caddr_t token, | |
4644 | int token_len) | |
4645 | { | |
4646 | VERIFY(token_len == sizeof (u_int32_t)); | |
4647 | VERIFY(sha_digest_len == SHA1_RESULTLEN); | |
4648 | ||
4649 | /* Most significant 32 bits of the SHA1 hash */ | |
4650 | bcopy(sha_digest, token, sizeof (u_int32_t)); | |
4651 | return; | |
4652 | } | |
4653 | ||
4654 | static void | |
4655 | mptcp_generate_idsn(char *sha_digest, int sha_digest_len, caddr_t idsn, | |
4656 | int idsn_len) | |
4657 | { | |
4658 | VERIFY(idsn_len == sizeof (u_int64_t)); | |
4659 | VERIFY(sha_digest_len == SHA1_RESULTLEN); | |
4660 | ||
4661 | /* | |
4662 | * Least significant 64 bits of the SHA1 hash | |
4663 | */ | |
4664 | ||
4665 | idsn[7] = sha_digest[12]; | |
4666 | idsn[6] = sha_digest[13]; | |
4667 | idsn[5] = sha_digest[14]; | |
4668 | idsn[4] = sha_digest[15]; | |
4669 | idsn[3] = sha_digest[16]; | |
4670 | idsn[2] = sha_digest[17]; | |
4671 | idsn[1] = sha_digest[18]; | |
4672 | idsn[0] = sha_digest[19]; | |
4673 | return; | |
4674 | } | |
4675 | ||
4676 | static void | |
4677 | mptcp_conn_properties(struct mptcb *mp_tp) | |
4678 | { | |
4679 | /* There is only Version 0 at this time */ | |
4680 | mp_tp->mpt_version = MPTCP_STD_VERSION_0; | |
4681 | ||
4682 | /* Set DSS checksum flag */ | |
4683 | if (mptcp_dss_csum) | |
4684 | mp_tp->mpt_flags |= MPTCPF_CHECKSUM; | |
4685 | ||
4686 | /* Set up receive window */ | |
4687 | mp_tp->mpt_rcvwnd = mptcp_sbspace(mp_tp); | |
4688 | ||
4689 | /* Set up gc ticks */ | |
4690 | mp_tp->mpt_gc_ticks = MPT_GC_TICKS; | |
4691 | } | |
4692 | ||
4693 | static void | |
4694 | mptcp_init_local_parms(struct mptses *mpte) | |
4695 | { | |
4696 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
4697 | char key_digest[SHA1_RESULTLEN]; | |
4698 | ||
4699 | read_frandom(&mp_tp->mpt_localkey, sizeof(mp_tp->mpt_localkey)); | |
4700 | mptcp_do_sha1(&mp_tp->mpt_localkey, key_digest); | |
4701 | ||
4702 | mptcp_generate_token(key_digest, SHA1_RESULTLEN, | |
4703 | (caddr_t)&mp_tp->mpt_localtoken, sizeof (mp_tp->mpt_localtoken)); | |
4704 | mptcp_generate_idsn(key_digest, SHA1_RESULTLEN, | |
4705 | (caddr_t)&mp_tp->mpt_local_idsn, sizeof (u_int64_t)); | |
4706 | ||
4707 | /* The subflow SYN is also first MPTCP byte */ | |
4708 | mp_tp->mpt_snduna = mp_tp->mpt_sndmax = mp_tp->mpt_local_idsn + 1; | |
4709 | mp_tp->mpt_sndnxt = mp_tp->mpt_snduna; | |
4710 | ||
4711 | mptcp_conn_properties(mp_tp); | |
4712 | } | |
4713 | ||
4714 | int | |
4715 | mptcp_init_remote_parms(struct mptcb *mp_tp) | |
4716 | { | |
4717 | char remote_digest[SHA1_RESULTLEN]; | |
4718 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4719 | ||
4720 | /* Only Version 0 is supported for auth purposes */ | |
4721 | if (mp_tp->mpt_version != MPTCP_STD_VERSION_0) | |
4722 | return (-1); | |
4723 | ||
4724 | /* Setup local and remote tokens and Initial DSNs */ | |
4725 | mptcp_do_sha1(&mp_tp->mpt_remotekey, remote_digest); | |
4726 | mptcp_generate_token(remote_digest, SHA1_RESULTLEN, | |
4727 | (caddr_t)&mp_tp->mpt_remotetoken, sizeof (mp_tp->mpt_remotetoken)); | |
4728 | mptcp_generate_idsn(remote_digest, SHA1_RESULTLEN, | |
4729 | (caddr_t)&mp_tp->mpt_remote_idsn, sizeof (u_int64_t)); | |
4730 | mp_tp->mpt_rcvnxt = mp_tp->mpt_remote_idsn + 1; | |
4731 | ||
4732 | return (0); | |
4733 | } | |
4734 | ||
4735 | static void | |
4736 | mptcp_send_dfin(struct socket *so) | |
4737 | { | |
4738 | struct tcpcb *tp = NULL; | |
4739 | struct inpcb *inp = NULL; | |
4740 | ||
4741 | inp = sotoinpcb(so); | |
4742 | if (!inp) | |
4743 | return; | |
4744 | ||
4745 | tp = intotcpcb(inp); | |
4746 | if (!tp) | |
4747 | return; | |
4748 | ||
4749 | if (!(tp->t_mpflags & TMPF_RESET)) | |
4750 | tp->t_mpflags |= TMPF_SEND_DFIN; | |
4751 | } | |
4752 | ||
4753 | /* | |
4754 | * Data Sequence Mapping routines | |
4755 | */ | |
4756 | void | |
4757 | mptcp_insert_dsn(struct mppcb *mpp, struct mbuf *m) | |
4758 | { | |
4759 | struct mptcb *mp_tp; | |
4760 | ||
4761 | if (m == NULL) | |
4762 | return; | |
4763 | ||
4764 | __IGNORE_WCASTALIGN(mp_tp = &((struct mpp_mtp *)mpp)->mtcb); | |
4765 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
4766 | ||
4767 | while (m) { | |
4768 | VERIFY(m->m_flags & M_PKTHDR); | |
4769 | m->m_pkthdr.pkt_flags |= (PKTF_MPTCP | PKTF_MPSO); | |
4770 | m->m_pkthdr.mp_dsn = mp_tp->mpt_sndmax; | |
4771 | m->m_pkthdr.mp_rlen = m_pktlen(m); | |
4772 | mp_tp->mpt_sndmax += m_pktlen(m); | |
4773 | m = m->m_next; | |
4774 | } | |
4775 | } | |
4776 | ||
4777 | void | |
4778 | mptcp_fallback_sbdrop(struct socket *so, struct mbuf *m, int len) | |
4779 | { | |
4780 | struct mptcb *mp_tp = tptomptp(sototcpcb(so)); | |
4781 | uint64_t data_ack; | |
4782 | uint64_t dsn; | |
4783 | ||
4784 | if (!m || len == 0) | |
4785 | return; | |
4786 | ||
4787 | while (m && len > 0) { | |
4788 | VERIFY(m->m_flags & M_PKTHDR); | |
4789 | VERIFY(m->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
4790 | ||
4791 | data_ack = m->m_pkthdr.mp_dsn + m->m_pkthdr.mp_rlen; | |
4792 | dsn = m->m_pkthdr.mp_dsn; | |
4793 | ||
4794 | len -= m->m_len; | |
4795 | m = m->m_next; | |
4796 | } | |
4797 | ||
4798 | if (m && len == 0) { | |
4799 | /* | |
4800 | * If there is one more mbuf in the chain, it automatically means | |
4801 | * that up to m->mp_dsn has been ack'ed. | |
4802 | * | |
4803 | * This means, we actually correct data_ack back down (compared | |
4804 | * to what we set inside the loop - dsn + data_len). Because in | |
4805 | * the loop we are "optimistic" and assume that the full mapping | |
4806 | * will be acked. If that's not the case and we get out of the | |
4807 | * loop with m != NULL, it means only up to m->mp_dsn has been | |
4808 | * really acked. | |
4809 | */ | |
4810 | data_ack = m->m_pkthdr.mp_dsn; | |
4811 | } | |
4812 | ||
4813 | if (len < 0) { | |
4814 | /* | |
4815 | * If len is negative, meaning we acked in the middle of an mbuf, | |
4816 | * only up to this mbuf's data-sequence number has been acked | |
4817 | * at the MPTCP-level. | |
4818 | */ | |
4819 | data_ack = dsn; | |
4820 | } | |
4821 | ||
4822 | mptcplog((LOG_DEBUG, "%s inferred ack up to %u\n", __func__, (uint32_t)data_ack), | |
4823 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
4824 | mptcp_data_ack_rcvd(mp_tp, sototcpcb(so), data_ack); | |
4825 | } | |
4826 | ||
4827 | void | |
4828 | mptcp_preproc_sbdrop(struct socket *so, struct mbuf *m, unsigned int len) | |
4829 | { | |
4830 | int rewinding = 0; | |
4831 | ||
4832 | /* TFO makes things complicated. */ | |
4833 | if (so->so_flags1 & SOF1_TFO_REWIND) { | |
4834 | rewinding = 1; | |
4835 | so->so_flags1 &= ~SOF1_TFO_REWIND; | |
4836 | } | |
4837 | ||
4838 | while (m && (!(so->so_flags & SOF_MP_SUBFLOW) || rewinding)) { | |
4839 | u_int32_t sub_len; | |
4840 | VERIFY(m->m_flags & M_PKTHDR); | |
4841 | VERIFY(m->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
4842 | ||
4843 | sub_len = m->m_pkthdr.mp_rlen; | |
4844 | ||
4845 | if (sub_len < len) { | |
4846 | m->m_pkthdr.mp_dsn += sub_len; | |
4847 | if (!(m->m_pkthdr.pkt_flags & PKTF_MPSO)) { | |
4848 | m->m_pkthdr.mp_rseq += sub_len; | |
4849 | } | |
4850 | m->m_pkthdr.mp_rlen = 0; | |
4851 | len -= sub_len; | |
4852 | } else { | |
4853 | /* sub_len >= len */ | |
4854 | if (rewinding == 0) | |
4855 | m->m_pkthdr.mp_dsn += len; | |
4856 | if (!(m->m_pkthdr.pkt_flags & PKTF_MPSO)) { | |
4857 | if (rewinding == 0) | |
4858 | m->m_pkthdr.mp_rseq += len; | |
4859 | } | |
4860 | mptcplog((LOG_DEBUG, "%s: dsn %u ssn %u len %d %d\n", | |
4861 | __func__, (u_int32_t)m->m_pkthdr.mp_dsn, | |
4862 | m->m_pkthdr.mp_rseq, m->m_pkthdr.mp_rlen, len), | |
4863 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
4864 | m->m_pkthdr.mp_rlen -= len; | |
4865 | break; | |
4866 | } | |
4867 | m = m->m_next; | |
4868 | } | |
4869 | ||
4870 | if (so->so_flags & SOF_MP_SUBFLOW && | |
4871 | !(sototcpcb(so)->t_mpflags & TMPF_TFO_REQUEST) && | |
4872 | !(sototcpcb(so)->t_mpflags & TMPF_RCVD_DACK)) { | |
4873 | /* | |
4874 | * Received an ack without receiving a DATA_ACK. | |
4875 | * Need to fallback to regular TCP (or destroy this subflow). | |
4876 | */ | |
4877 | sototcpcb(so)->t_mpflags |= TMPF_INFIN_SENT; | |
4878 | mptcp_notify_mpfail(so); | |
4879 | } | |
4880 | } | |
4881 | ||
4882 | /* Obtain the DSN mapping stored in the mbuf */ | |
4883 | void | |
4884 | mptcp_output_getm_dsnmap32(struct socket *so, int off, | |
4885 | uint32_t *dsn, uint32_t *relseq, uint16_t *data_len, uint16_t *dss_csum) | |
4886 | { | |
4887 | u_int64_t dsn64; | |
4888 | ||
4889 | mptcp_output_getm_dsnmap64(so, off, &dsn64, relseq, data_len, dss_csum); | |
4890 | *dsn = (u_int32_t)MPTCP_DATASEQ_LOW32(dsn64); | |
4891 | } | |
4892 | ||
4893 | void | |
4894 | mptcp_output_getm_dsnmap64(struct socket *so, int off, uint64_t *dsn, | |
4895 | uint32_t *relseq, uint16_t *data_len, | |
4896 | uint16_t *dss_csum) | |
4897 | { | |
4898 | struct mbuf *m = so->so_snd.sb_mb; | |
4899 | int off_orig = off; | |
4900 | ||
4901 | VERIFY(off >= 0); | |
4902 | ||
4903 | /* | |
4904 | * In the subflow socket, the DSN sequencing can be discontiguous, | |
4905 | * but the subflow sequence mapping is contiguous. Use the subflow | |
4906 | * sequence property to find the right mbuf and corresponding dsn | |
4907 | * mapping. | |
4908 | */ | |
4909 | ||
4910 | while (m) { | |
4911 | VERIFY(m->m_flags & M_PKTHDR); | |
4912 | VERIFY(m->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
4913 | ||
4914 | if (off >= m->m_len) { | |
4915 | off -= m->m_len; | |
4916 | m = m->m_next; | |
4917 | } else { | |
4918 | break; | |
4919 | } | |
4920 | } | |
4921 | ||
4922 | VERIFY(m); | |
4923 | VERIFY(off >= 0); | |
4924 | VERIFY(m->m_pkthdr.mp_rlen <= UINT16_MAX); | |
4925 | ||
4926 | *dsn = m->m_pkthdr.mp_dsn; | |
4927 | *relseq = m->m_pkthdr.mp_rseq; | |
4928 | *data_len = m->m_pkthdr.mp_rlen; | |
4929 | *dss_csum = m->m_pkthdr.mp_csum; | |
4930 | ||
4931 | mptcplog((LOG_DEBUG, "%s: dsn %u ssn %u data_len %d off %d off_orig %d\n", | |
4932 | __func__, (u_int32_t)(*dsn), *relseq, *data_len, off, off_orig), | |
4933 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
4934 | } | |
4935 | ||
4936 | /* | |
4937 | * Note that this is called only from tcp_input() via mptcp_input_preproc() | |
4938 | * tcp_input() may trim data after the dsn mapping is inserted into the mbuf. | |
4939 | * When it trims data tcp_input calls m_adj() which does not remove the | |
4940 | * m_pkthdr even if the m_len becomes 0 as a result of trimming the mbuf. | |
4941 | * The dsn map insertion cannot be delayed after trim, because data can be in | |
4942 | * the reassembly queue for a while and the DSN option info in tp will be | |
4943 | * overwritten for every new packet received. | |
4944 | * The dsn map will be adjusted just prior to appending to subflow sockbuf | |
4945 | * with mptcp_adj_rmap() | |
4946 | */ | |
4947 | void | |
4948 | mptcp_insert_rmap(struct tcpcb *tp, struct mbuf *m, struct tcphdr *th) | |
4949 | { | |
4950 | VERIFY(m->m_flags & M_PKTHDR); | |
4951 | VERIFY(!(m->m_pkthdr.pkt_flags & PKTF_MPTCP)); | |
4952 | ||
4953 | if (tp->t_mpflags & TMPF_EMBED_DSN) { | |
4954 | m->m_pkthdr.mp_dsn = tp->t_rcv_map.mpt_dsn; | |
4955 | m->m_pkthdr.mp_rseq = tp->t_rcv_map.mpt_sseq; | |
4956 | m->m_pkthdr.mp_rlen = tp->t_rcv_map.mpt_len; | |
4957 | m->m_pkthdr.mp_csum = tp->t_rcv_map.mpt_csum; | |
4958 | if (tp->t_rcv_map.mpt_dfin) | |
4959 | m->m_pkthdr.pkt_flags |= PKTF_MPTCP_DFIN; | |
4960 | ||
4961 | m->m_pkthdr.pkt_flags |= PKTF_MPTCP; | |
4962 | ||
4963 | tp->t_mpflags &= ~TMPF_EMBED_DSN; | |
4964 | tp->t_mpflags |= TMPF_MPTCP_ACKNOW; | |
4965 | } else if (tp->t_mpflags & TMPF_TCP_FALLBACK) { | |
4966 | if (th->th_flags & TH_FIN) | |
4967 | m->m_pkthdr.pkt_flags |= PKTF_MPTCP_DFIN; | |
4968 | } | |
4969 | } | |
4970 | ||
4971 | int | |
4972 | mptcp_adj_rmap(struct socket *so, struct mbuf *m, int off, uint64_t dsn, | |
4973 | uint32_t rseq, uint16_t dlen) | |
4974 | { | |
4975 | struct mptsub *mpts = sototcpcb(so)->t_mpsub; | |
4976 | ||
4977 | if (m_pktlen(m) == 0) | |
4978 | return (0); | |
4979 | ||
4980 | if ((m->m_flags & M_PKTHDR) && (m->m_pkthdr.pkt_flags & PKTF_MPTCP)) { | |
4981 | if (off && (dsn != m->m_pkthdr.mp_dsn || | |
4982 | rseq != m->m_pkthdr.mp_rseq || | |
4983 | dlen != m->m_pkthdr.mp_rlen)) { | |
4984 | mptcplog((LOG_ERR, "%s: Received incorrect second mapping: %llu - %llu , %u - %u, %u - %u\n", | |
4985 | __func__, dsn, m->m_pkthdr.mp_dsn, | |
4986 | rseq, m->m_pkthdr.mp_rseq, | |
4987 | dlen, m->m_pkthdr.mp_rlen), | |
4988 | MPTCP_RECEIVER_DBG, MPTCP_LOGLVL_ERR); | |
4989 | return (-1); | |
4990 | } | |
4991 | m->m_pkthdr.mp_dsn += off; | |
4992 | m->m_pkthdr.mp_rseq += off; | |
4993 | m->m_pkthdr.mp_rlen = m->m_pkthdr.len; | |
4994 | } else { | |
4995 | if (!(mpts->mpts_flags & MPTSF_CONFIRMED)) { | |
4996 | /* data arrived without an DSS option mapping */ | |
4997 | ||
4998 | /* initial subflow can fallback right after SYN handshake */ | |
4999 | mptcp_notify_mpfail(so); | |
5000 | } | |
5001 | } | |
5002 | ||
5003 | mpts->mpts_flags |= MPTSF_CONFIRMED; | |
5004 | ||
5005 | return (0); | |
5006 | } | |
5007 | ||
5008 | /* | |
5009 | * Following routines help with failure detection and failover of data | |
5010 | * transfer from one subflow to another. | |
5011 | */ | |
5012 | void | |
5013 | mptcp_act_on_txfail(struct socket *so) | |
5014 | { | |
5015 | struct tcpcb *tp = NULL; | |
5016 | struct inpcb *inp = sotoinpcb(so); | |
5017 | ||
5018 | if (inp == NULL) | |
5019 | return; | |
5020 | ||
5021 | tp = intotcpcb(inp); | |
5022 | if (tp == NULL) | |
5023 | return; | |
5024 | ||
5025 | if (so->so_flags & SOF_MP_TRYFAILOVER) | |
5026 | return; | |
5027 | ||
5028 | so->so_flags |= SOF_MP_TRYFAILOVER; | |
5029 | soevent(so, (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPFAILOVER)); | |
5030 | } | |
5031 | ||
5032 | /* | |
5033 | * Support for MP_FAIL option | |
5034 | */ | |
5035 | int | |
5036 | mptcp_get_map_for_dsn(struct socket *so, u_int64_t dsn_fail, u_int32_t *tcp_seq) | |
5037 | { | |
5038 | struct mbuf *m = so->so_snd.sb_mb; | |
5039 | u_int64_t dsn; | |
5040 | int off = 0; | |
5041 | u_int32_t datalen; | |
5042 | ||
5043 | if (m == NULL) | |
5044 | return (-1); | |
5045 | ||
5046 | while (m != NULL) { | |
5047 | VERIFY(m->m_pkthdr.pkt_flags & PKTF_MPTCP); | |
5048 | VERIFY(m->m_flags & M_PKTHDR); | |
5049 | dsn = m->m_pkthdr.mp_dsn; | |
5050 | datalen = m->m_pkthdr.mp_rlen; | |
5051 | if (MPTCP_SEQ_LEQ(dsn, dsn_fail) && | |
5052 | (MPTCP_SEQ_GEQ(dsn + datalen, dsn_fail))) { | |
5053 | off = dsn_fail - dsn; | |
5054 | *tcp_seq = m->m_pkthdr.mp_rseq + off; | |
5055 | mptcplog((LOG_DEBUG, "%s: %llu %llu \n", __func__, dsn, | |
5056 | dsn_fail), MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG); | |
5057 | return (0); | |
5058 | } | |
5059 | ||
5060 | m = m->m_next; | |
5061 | } | |
5062 | ||
5063 | /* | |
5064 | * If there was no mbuf data and a fallback to TCP occurred, there's | |
5065 | * not much else to do. | |
5066 | */ | |
5067 | ||
5068 | mptcplog((LOG_ERR, "MPTCP Sender: " | |
5069 | "%s: %llu not found \n", __func__, dsn_fail), | |
5070 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG); | |
5071 | return (-1); | |
5072 | } | |
5073 | ||
5074 | /* | |
5075 | * Support for sending contiguous MPTCP bytes in subflow | |
5076 | * Also for preventing sending data with ACK in 3-way handshake | |
5077 | */ | |
5078 | int32_t | |
5079 | mptcp_adj_sendlen(struct socket *so, int32_t off) | |
5080 | { | |
5081 | struct tcpcb *tp = sototcpcb(so); | |
5082 | struct mptsub *mpts = tp->t_mpsub; | |
5083 | uint64_t mdss_dsn; | |
5084 | uint32_t mdss_subflow_seq; | |
5085 | int mdss_subflow_off; | |
5086 | uint16_t mdss_data_len; | |
5087 | uint16_t dss_csum; | |
5088 | ||
5089 | mptcp_output_getm_dsnmap64(so, off, &mdss_dsn, &mdss_subflow_seq, | |
5090 | &mdss_data_len, &dss_csum); | |
5091 | ||
5092 | /* | |
5093 | * We need to compute how much of the mapping still remains. | |
5094 | * So, we compute the offset in the send-buffer of the dss-sub-seq. | |
5095 | */ | |
5096 | mdss_subflow_off = (mdss_subflow_seq + mpts->mpts_iss) - tp->snd_una; | |
5097 | ||
5098 | /* | |
5099 | * When TFO is used, we are sending the mpts->mpts_iss although the relative | |
5100 | * seq has been set to 1 (while it should be 0). | |
5101 | */ | |
5102 | if (tp->t_mpflags & TMPF_TFO_REQUEST) | |
5103 | mdss_subflow_off--; | |
5104 | ||
5105 | if (off < mdss_subflow_off) | |
5106 | printf("%s off %d mdss_subflow_off %d mdss_subflow_seq %u iss %u suna %u\n", __func__, | |
5107 | off, mdss_subflow_off, mdss_subflow_seq, mpts->mpts_iss, tp->snd_una); | |
5108 | VERIFY(off >= mdss_subflow_off); | |
5109 | ||
5110 | mptcplog((LOG_DEBUG, "%s dlen %u off %d sub_off %d sub_seq %u iss %u suna %u\n", | |
5111 | __func__, mdss_data_len, off, mdss_subflow_off, mdss_subflow_seq, | |
5112 | mpts->mpts_iss, tp->snd_una), MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
5113 | return (mdss_data_len - (off - mdss_subflow_off)); | |
5114 | } | |
5115 | ||
5116 | static uint32_t | |
5117 | mptcp_get_maxseg(struct mptses *mpte) | |
5118 | { | |
5119 | struct mptsub *mpts; | |
5120 | uint32_t maxseg = 0; | |
5121 | ||
5122 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
5123 | struct tcpcb *tp = sototcpcb(mpts->mpts_socket); | |
5124 | ||
5125 | if (!TCPS_HAVEESTABLISHED(tp->t_state) || | |
5126 | TCPS_HAVERCVDFIN2(tp->t_state)) | |
5127 | continue; | |
5128 | ||
5129 | if (tp->t_maxseg > maxseg) | |
5130 | maxseg = tp->t_maxseg; | |
5131 | } | |
5132 | ||
5133 | return (maxseg); | |
5134 | } | |
5135 | ||
5136 | static uint8_t | |
5137 | mptcp_get_rcvscale(struct mptses *mpte) | |
5138 | { | |
5139 | struct mptsub *mpts; | |
5140 | uint8_t rcvscale = UINT8_MAX; | |
5141 | ||
5142 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
5143 | struct tcpcb *tp = sototcpcb(mpts->mpts_socket); | |
5144 | ||
5145 | if (!TCPS_HAVEESTABLISHED(tp->t_state) || | |
5146 | TCPS_HAVERCVDFIN2(tp->t_state)) | |
5147 | continue; | |
5148 | ||
5149 | if (tp->rcv_scale < rcvscale) | |
5150 | rcvscale = tp->rcv_scale; | |
5151 | } | |
5152 | ||
5153 | return (rcvscale); | |
5154 | } | |
5155 | ||
5156 | /* Similar to tcp_sbrcv_reserve */ | |
5157 | static void | |
5158 | mptcp_sbrcv_reserve(struct mptcb *mp_tp, struct sockbuf *sbrcv, | |
5159 | u_int32_t newsize, u_int32_t idealsize) | |
5160 | { | |
5161 | uint8_t rcvscale = mptcp_get_rcvscale(mp_tp->mpt_mpte); | |
5162 | ||
5163 | /* newsize should not exceed max */ | |
5164 | newsize = min(newsize, tcp_autorcvbuf_max); | |
5165 | ||
5166 | /* The receive window scale negotiated at the | |
5167 | * beginning of the connection will also set a | |
5168 | * limit on the socket buffer size | |
5169 | */ | |
5170 | newsize = min(newsize, TCP_MAXWIN << rcvscale); | |
5171 | ||
5172 | /* Set new socket buffer size */ | |
5173 | if (newsize > sbrcv->sb_hiwat && | |
5174 | (sbreserve(sbrcv, newsize) == 1)) { | |
5175 | sbrcv->sb_idealsize = min(max(sbrcv->sb_idealsize, | |
5176 | (idealsize != 0) ? idealsize : newsize), tcp_autorcvbuf_max); | |
5177 | ||
5178 | /* Again check the limit set by the advertised | |
5179 | * window scale | |
5180 | */ | |
5181 | sbrcv->sb_idealsize = min(sbrcv->sb_idealsize, | |
5182 | TCP_MAXWIN << rcvscale); | |
5183 | } | |
5184 | } | |
5185 | ||
5186 | void | |
5187 | mptcp_sbrcv_grow(struct mptcb *mp_tp) | |
5188 | { | |
5189 | struct mptses *mpte = mp_tp->mpt_mpte; | |
5190 | struct socket *mp_so = mpte->mpte_mppcb->mpp_socket; | |
5191 | struct sockbuf *sbrcv = &mp_so->so_rcv; | |
5192 | uint32_t hiwat_sum = 0; | |
5193 | uint32_t ideal_sum = 0; | |
5194 | struct mptsub *mpts; | |
5195 | ||
5196 | /* | |
5197 | * Do not grow the receive socket buffer if | |
5198 | * - auto resizing is disabled, globally or on this socket | |
5199 | * - the high water mark already reached the maximum | |
5200 | * - the stream is in background and receive side is being | |
5201 | * throttled | |
5202 | * - if there are segments in reassembly queue indicating loss, | |
5203 | * do not need to increase recv window during recovery as more | |
5204 | * data is not going to be sent. A duplicate ack sent during | |
5205 | * recovery should not change the receive window | |
5206 | */ | |
5207 | if (tcp_do_autorcvbuf == 0 || | |
5208 | (sbrcv->sb_flags & SB_AUTOSIZE) == 0 || | |
5209 | tcp_cansbgrow(sbrcv) == 0 || | |
5210 | sbrcv->sb_hiwat >= tcp_autorcvbuf_max || | |
5211 | (mp_so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) || | |
5212 | !LIST_EMPTY(&mp_tp->mpt_segq)) { | |
5213 | /* Can not resize the socket buffer, just return */ | |
5214 | return; | |
5215 | } | |
5216 | ||
5217 | /* | |
5218 | * Ideally, we want the rbuf to be (sum_i {bw_i} * rtt_max * 2) | |
5219 | * | |
5220 | * But, for this we first need accurate receiver-RTT estimations, which | |
5221 | * we currently don't have. | |
5222 | * | |
5223 | * Let's use a dummy algorithm for now, just taking the sum of all | |
5224 | * subflow's receive-buffers. It's too low, but that's all we can get | |
5225 | * for now. | |
5226 | */ | |
5227 | ||
5228 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
5229 | hiwat_sum += mpts->mpts_socket->so_rcv.sb_hiwat; | |
5230 | ideal_sum += mpts->mpts_socket->so_rcv.sb_idealsize; | |
5231 | } | |
5232 | ||
5233 | mptcp_sbrcv_reserve(mp_tp, sbrcv, hiwat_sum, ideal_sum); | |
5234 | } | |
5235 | ||
5236 | /* | |
5237 | * Determine if we can grow the recieve socket buffer to avoid sending | |
5238 | * a zero window update to the peer. We allow even socket buffers that | |
5239 | * have fixed size (set by the application) to grow if the resource | |
5240 | * constraints are met. They will also be trimmed after the application | |
5241 | * reads data. | |
5242 | * | |
5243 | * Similar to tcp_sbrcv_grow_rwin | |
5244 | */ | |
5245 | static void | |
5246 | mptcp_sbrcv_grow_rwin(struct mptcb *mp_tp, struct sockbuf *sb) | |
5247 | { | |
5248 | struct socket *mp_so = mp_tp->mpt_mpte->mpte_mppcb->mpp_socket; | |
5249 | u_int32_t rcvbufinc = mptcp_get_maxseg(mp_tp->mpt_mpte) << 4; | |
5250 | u_int32_t rcvbuf = sb->sb_hiwat; | |
5251 | ||
5252 | if (tcp_recv_bg == 1 || IS_TCP_RECV_BG(mp_so)) | |
5253 | return; | |
5254 | ||
5255 | if (tcp_do_autorcvbuf == 1 && | |
5256 | tcp_cansbgrow(sb) && | |
5257 | /* Diff to tcp_sbrcv_grow_rwin */ | |
5258 | (mp_so->so_flags1 & SOF1_EXTEND_BK_IDLE_WANTED) == 0 && | |
5259 | (rcvbuf - sb->sb_cc) < rcvbufinc && | |
5260 | rcvbuf < tcp_autorcvbuf_max && | |
5261 | (sb->sb_idealsize > 0 && | |
5262 | sb->sb_hiwat <= (sb->sb_idealsize + rcvbufinc))) { | |
5263 | sbreserve(sb, min((sb->sb_hiwat + rcvbufinc), tcp_autorcvbuf_max)); | |
5264 | } | |
5265 | } | |
5266 | ||
5267 | /* Similar to tcp_sbspace */ | |
5268 | int32_t | |
5269 | mptcp_sbspace(struct mptcb *mp_tp) | |
5270 | { | |
5271 | struct sockbuf *sb = &mp_tp->mpt_mpte->mpte_mppcb->mpp_socket->so_rcv; | |
5272 | uint32_t rcvbuf; | |
5273 | int32_t space; | |
5274 | int32_t pending = 0; | |
5275 | ||
5276 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
5277 | ||
5278 | mptcp_sbrcv_grow_rwin(mp_tp, sb); | |
5279 | ||
5280 | /* hiwat might have changed */ | |
5281 | rcvbuf = sb->sb_hiwat; | |
5282 | ||
5283 | space = ((int32_t) imin((rcvbuf - sb->sb_cc), | |
5284 | (sb->sb_mbmax - sb->sb_mbcnt))); | |
5285 | if (space < 0) | |
5286 | space = 0; | |
5287 | ||
5288 | #if CONTENT_FILTER | |
5289 | /* Compensate for data being processed by content filters */ | |
5290 | pending = cfil_sock_data_space(sb); | |
5291 | #endif /* CONTENT_FILTER */ | |
5292 | if (pending > space) | |
5293 | space = 0; | |
5294 | else | |
5295 | space -= pending; | |
5296 | ||
5297 | return (space); | |
5298 | } | |
5299 | ||
5300 | /* | |
5301 | * Support Fallback to Regular TCP | |
5302 | */ | |
5303 | void | |
5304 | mptcp_notify_mpready(struct socket *so) | |
5305 | { | |
5306 | struct tcpcb *tp = NULL; | |
5307 | ||
5308 | if (so == NULL) | |
5309 | return; | |
5310 | ||
5311 | tp = intotcpcb(sotoinpcb(so)); | |
5312 | ||
5313 | if (tp == NULL) | |
5314 | return; | |
5315 | ||
5316 | DTRACE_MPTCP4(multipath__ready, struct socket *, so, | |
5317 | struct sockbuf *, &so->so_rcv, struct sockbuf *, &so->so_snd, | |
5318 | struct tcpcb *, tp); | |
5319 | ||
5320 | if (!(tp->t_mpflags & TMPF_MPTCP_TRUE)) | |
5321 | return; | |
5322 | ||
5323 | if (tp->t_mpflags & TMPF_MPTCP_READY) | |
5324 | return; | |
5325 | ||
5326 | tp->t_mpflags &= ~TMPF_TCP_FALLBACK; | |
5327 | tp->t_mpflags |= TMPF_MPTCP_READY; | |
5328 | ||
5329 | soevent(so, (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPSTATUS)); | |
5330 | } | |
5331 | ||
5332 | void | |
5333 | mptcp_notify_mpfail(struct socket *so) | |
5334 | { | |
5335 | struct tcpcb *tp = NULL; | |
5336 | ||
5337 | if (so == NULL) | |
5338 | return; | |
5339 | ||
5340 | tp = intotcpcb(sotoinpcb(so)); | |
5341 | ||
5342 | if (tp == NULL) | |
5343 | return; | |
5344 | ||
5345 | DTRACE_MPTCP4(multipath__failed, struct socket *, so, | |
5346 | struct sockbuf *, &so->so_rcv, struct sockbuf *, &so->so_snd, | |
5347 | struct tcpcb *, tp); | |
5348 | ||
5349 | if (tp->t_mpflags & TMPF_TCP_FALLBACK) | |
5350 | return; | |
5351 | ||
5352 | tp->t_mpflags &= ~(TMPF_MPTCP_READY|TMPF_MPTCP_TRUE); | |
5353 | tp->t_mpflags |= TMPF_TCP_FALLBACK; | |
5354 | ||
5355 | soevent(so, (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPSTATUS)); | |
5356 | } | |
5357 | ||
5358 | /* | |
5359 | * Keepalive helper function | |
5360 | */ | |
5361 | boolean_t | |
5362 | mptcp_ok_to_keepalive(struct mptcb *mp_tp) | |
5363 | { | |
5364 | boolean_t ret = 1; | |
5365 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
5366 | ||
5367 | if (mp_tp->mpt_state >= MPTCPS_CLOSE_WAIT) { | |
5368 | ret = 0; | |
5369 | } | |
5370 | return (ret); | |
5371 | } | |
5372 | ||
5373 | /* | |
5374 | * MPTCP t_maxseg adjustment function | |
5375 | */ | |
5376 | int | |
5377 | mptcp_adj_mss(struct tcpcb *tp, boolean_t mtudisc) | |
5378 | { | |
5379 | int mss_lower = 0; | |
5380 | struct mptcb *mp_tp = tptomptp(tp); | |
5381 | ||
5382 | #define MPTCP_COMPUTE_LEN { \ | |
5383 | mss_lower = sizeof (struct mptcp_dss_ack_opt); \ | |
5384 | if (mp_tp->mpt_flags & MPTCPF_CHECKSUM) \ | |
5385 | mss_lower += 2; \ | |
5386 | else \ | |
5387 | /* adjust to 32-bit boundary + EOL */ \ | |
5388 | mss_lower += 2; \ | |
5389 | } | |
5390 | if (mp_tp == NULL) | |
5391 | return (0); | |
5392 | ||
5393 | mpte_lock_assert_held(mp_tp->mpt_mpte); | |
5394 | ||
5395 | /* | |
5396 | * For the first subflow and subsequent subflows, adjust mss for | |
5397 | * most common MPTCP option size, for case where tcp_mss is called | |
5398 | * during option processing and MTU discovery. | |
5399 | */ | |
5400 | if (!mtudisc) { | |
5401 | if (tp->t_mpflags & TMPF_MPTCP_TRUE && | |
5402 | !(tp->t_mpflags & TMPF_JOINED_FLOW)) { | |
5403 | MPTCP_COMPUTE_LEN; | |
5404 | } | |
5405 | ||
5406 | if (tp->t_mpflags & TMPF_PREESTABLISHED && | |
5407 | tp->t_mpflags & TMPF_SENT_JOIN) { | |
5408 | MPTCP_COMPUTE_LEN; | |
5409 | } | |
5410 | } else { | |
5411 | if (tp->t_mpflags & TMPF_MPTCP_TRUE) { | |
5412 | MPTCP_COMPUTE_LEN; | |
5413 | } | |
5414 | } | |
5415 | ||
5416 | return (mss_lower); | |
5417 | } | |
5418 | ||
5419 | /* | |
5420 | * Update the pid, upid, uuid of the subflow so, based on parent so | |
5421 | */ | |
5422 | void | |
5423 | mptcp_update_last_owner(struct socket *so, struct socket *mp_so) | |
5424 | { | |
5425 | if (so->last_pid != mp_so->last_pid || | |
5426 | so->last_upid != mp_so->last_upid) { | |
5427 | so->last_upid = mp_so->last_upid; | |
5428 | so->last_pid = mp_so->last_pid; | |
5429 | uuid_copy(so->last_uuid, mp_so->last_uuid); | |
5430 | } | |
5431 | so_update_policy(so); | |
5432 | } | |
5433 | ||
5434 | static void | |
5435 | fill_mptcp_subflow(struct socket *so, mptcp_flow_t *flow, struct mptsub *mpts) | |
5436 | { | |
5437 | struct inpcb *inp; | |
5438 | ||
5439 | tcp_getconninfo(so, &flow->flow_ci); | |
5440 | inp = sotoinpcb(so); | |
5441 | #if INET6 | |
5442 | if ((inp->inp_vflag & INP_IPV6) != 0) { | |
5443 | flow->flow_src.ss_family = AF_INET6; | |
5444 | flow->flow_dst.ss_family = AF_INET6; | |
5445 | flow->flow_src.ss_len = sizeof(struct sockaddr_in6); | |
5446 | flow->flow_dst.ss_len = sizeof(struct sockaddr_in6); | |
5447 | SIN6(&flow->flow_src)->sin6_port = inp->in6p_lport; | |
5448 | SIN6(&flow->flow_dst)->sin6_port = inp->in6p_fport; | |
5449 | SIN6(&flow->flow_src)->sin6_addr = inp->in6p_laddr; | |
5450 | SIN6(&flow->flow_dst)->sin6_addr = inp->in6p_faddr; | |
5451 | } else | |
5452 | #endif | |
5453 | if ((inp->inp_vflag & INP_IPV4) != 0) { | |
5454 | flow->flow_src.ss_family = AF_INET; | |
5455 | flow->flow_dst.ss_family = AF_INET; | |
5456 | flow->flow_src.ss_len = sizeof(struct sockaddr_in); | |
5457 | flow->flow_dst.ss_len = sizeof(struct sockaddr_in); | |
5458 | SIN(&flow->flow_src)->sin_port = inp->inp_lport; | |
5459 | SIN(&flow->flow_dst)->sin_port = inp->inp_fport; | |
5460 | SIN(&flow->flow_src)->sin_addr = inp->inp_laddr; | |
5461 | SIN(&flow->flow_dst)->sin_addr = inp->inp_faddr; | |
5462 | } | |
5463 | flow->flow_len = sizeof(*flow); | |
5464 | flow->flow_tcpci_offset = offsetof(mptcp_flow_t, flow_ci); | |
5465 | flow->flow_flags = mpts->mpts_flags; | |
5466 | flow->flow_cid = mpts->mpts_connid; | |
5467 | flow->flow_relseq = mpts->mpts_rel_seq; | |
5468 | flow->flow_soerror = mpts->mpts_socket->so_error; | |
5469 | flow->flow_probecnt = mpts->mpts_probecnt; | |
5470 | } | |
5471 | ||
5472 | static int | |
5473 | mptcp_pcblist SYSCTL_HANDLER_ARGS | |
5474 | { | |
5475 | #pragma unused(oidp, arg1, arg2) | |
5476 | int error = 0, f; | |
5477 | size_t len; | |
5478 | struct mppcb *mpp; | |
5479 | struct mptses *mpte; | |
5480 | struct mptcb *mp_tp; | |
5481 | struct mptsub *mpts; | |
5482 | struct socket *so; | |
5483 | conninfo_mptcp_t mptcpci; | |
5484 | mptcp_flow_t *flows = NULL; | |
5485 | ||
5486 | if (req->newptr != USER_ADDR_NULL) | |
5487 | return (EPERM); | |
5488 | ||
5489 | lck_mtx_lock(&mtcbinfo.mppi_lock); | |
5490 | if (req->oldptr == USER_ADDR_NULL) { | |
5491 | size_t n = mtcbinfo.mppi_count; | |
5492 | lck_mtx_unlock(&mtcbinfo.mppi_lock); | |
5493 | req->oldidx = (n + n/8) * sizeof(conninfo_mptcp_t) + | |
5494 | 4 * (n + n/8) * sizeof(mptcp_flow_t); | |
5495 | return (0); | |
5496 | } | |
5497 | TAILQ_FOREACH(mpp, &mtcbinfo.mppi_pcbs, mpp_entry) { | |
5498 | flows = NULL; | |
5499 | mpp_lock(mpp); | |
5500 | VERIFY(mpp->mpp_flags & MPP_ATTACHED); | |
5501 | mpte = mptompte(mpp); | |
5502 | VERIFY(mpte != NULL); | |
5503 | mpte_lock_assert_held(mpte); | |
5504 | mp_tp = mpte->mpte_mptcb; | |
5505 | VERIFY(mp_tp != NULL); | |
5506 | ||
5507 | bzero(&mptcpci, sizeof(mptcpci)); | |
5508 | mptcpci.mptcpci_state = mp_tp->mpt_state; | |
5509 | mptcpci.mptcpci_flags = mp_tp->mpt_flags; | |
5510 | mptcpci.mptcpci_ltoken = mp_tp->mpt_localtoken; | |
5511 | mptcpci.mptcpci_rtoken = mp_tp->mpt_remotetoken; | |
5512 | mptcpci.mptcpci_notsent_lowat = mp_tp->mpt_notsent_lowat; | |
5513 | mptcpci.mptcpci_snduna = mp_tp->mpt_snduna; | |
5514 | mptcpci.mptcpci_sndnxt = mp_tp->mpt_sndnxt; | |
5515 | mptcpci.mptcpci_sndmax = mp_tp->mpt_sndmax; | |
5516 | mptcpci.mptcpci_lidsn = mp_tp->mpt_local_idsn; | |
5517 | mptcpci.mptcpci_sndwnd = mp_tp->mpt_sndwnd; | |
5518 | mptcpci.mptcpci_rcvnxt = mp_tp->mpt_rcvnxt; | |
5519 | mptcpci.mptcpci_rcvatmark = mp_tp->mpt_rcvnxt; | |
5520 | mptcpci.mptcpci_ridsn = mp_tp->mpt_remote_idsn; | |
5521 | mptcpci.mptcpci_rcvwnd = mp_tp->mpt_rcvwnd; | |
5522 | ||
5523 | mptcpci.mptcpci_nflows = mpte->mpte_numflows; | |
5524 | mptcpci.mptcpci_mpte_flags = mpte->mpte_flags; | |
5525 | mptcpci.mptcpci_mpte_addrid = mpte->mpte_addrid_last; | |
5526 | mptcpci.mptcpci_flow_offset = | |
5527 | offsetof(conninfo_mptcp_t, mptcpci_flows); | |
5528 | ||
5529 | len = sizeof(*flows) * mpte->mpte_numflows; | |
5530 | if (mpte->mpte_numflows != 0) { | |
5531 | flows = _MALLOC(len, M_TEMP, M_WAITOK | M_ZERO); | |
5532 | if (flows == NULL) { | |
5533 | mpp_unlock(mpp); | |
5534 | break; | |
5535 | } | |
5536 | mptcpci.mptcpci_len = sizeof(mptcpci) + | |
5537 | sizeof(*flows) * (mptcpci.mptcpci_nflows - 1); | |
5538 | error = SYSCTL_OUT(req, &mptcpci, | |
5539 | sizeof(mptcpci) - sizeof(mptcp_flow_t)); | |
5540 | } else { | |
5541 | mptcpci.mptcpci_len = sizeof(mptcpci); | |
5542 | error = SYSCTL_OUT(req, &mptcpci, sizeof(mptcpci)); | |
5543 | } | |
5544 | if (error) { | |
5545 | mpp_unlock(mpp); | |
5546 | FREE(flows, M_TEMP); | |
5547 | break; | |
5548 | } | |
5549 | f = 0; | |
5550 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
5551 | so = mpts->mpts_socket; | |
5552 | fill_mptcp_subflow(so, &flows[f], mpts); | |
5553 | f++; | |
5554 | } | |
5555 | mpp_unlock(mpp); | |
5556 | if (flows) { | |
5557 | error = SYSCTL_OUT(req, flows, len); | |
5558 | FREE(flows, M_TEMP); | |
5559 | if (error) | |
5560 | break; | |
5561 | } | |
5562 | } | |
5563 | lck_mtx_unlock(&mtcbinfo.mppi_lock); | |
5564 | ||
5565 | return (error); | |
5566 | } | |
5567 | ||
5568 | SYSCTL_PROC(_net_inet_mptcp, OID_AUTO, pcblist, CTLFLAG_RD | CTLFLAG_LOCKED, | |
5569 | 0, 0, mptcp_pcblist, "S,conninfo_mptcp_t", | |
5570 | "List of active MPTCP connections"); | |
5571 | ||
5572 | /* | |
5573 | * Set notsent lowat mark on the MPTCB | |
5574 | */ | |
5575 | int | |
5576 | mptcp_set_notsent_lowat(struct mptses *mpte, int optval) | |
5577 | { | |
5578 | struct mptcb *mp_tp = NULL; | |
5579 | int error = 0; | |
5580 | ||
5581 | if (mpte->mpte_mppcb->mpp_flags & MPP_ATTACHED) | |
5582 | mp_tp = mpte->mpte_mptcb; | |
5583 | ||
5584 | if (mp_tp) | |
5585 | mp_tp->mpt_notsent_lowat = optval; | |
5586 | else | |
5587 | error = EINVAL; | |
5588 | ||
5589 | return (error); | |
5590 | } | |
5591 | ||
5592 | u_int32_t | |
5593 | mptcp_get_notsent_lowat(struct mptses *mpte) | |
5594 | { | |
5595 | struct mptcb *mp_tp = NULL; | |
5596 | ||
5597 | if (mpte->mpte_mppcb->mpp_flags & MPP_ATTACHED) | |
5598 | mp_tp = mpte->mpte_mptcb; | |
5599 | ||
5600 | if (mp_tp) | |
5601 | return (mp_tp->mpt_notsent_lowat); | |
5602 | else | |
5603 | return (0); | |
5604 | } | |
5605 | ||
5606 | int | |
5607 | mptcp_notsent_lowat_check(struct socket *so) | |
5608 | { | |
5609 | struct mptses *mpte; | |
5610 | struct mppcb *mpp; | |
5611 | struct mptcb *mp_tp; | |
5612 | struct mptsub *mpts; | |
5613 | ||
5614 | int notsent = 0; | |
5615 | ||
5616 | mpp = mpsotomppcb(so); | |
5617 | if (mpp == NULL || mpp->mpp_state == MPPCB_STATE_DEAD) { | |
5618 | return (0); | |
5619 | } | |
5620 | ||
5621 | mpte = mptompte(mpp); | |
5622 | mpte_lock_assert_held(mpte); | |
5623 | mp_tp = mpte->mpte_mptcb; | |
5624 | ||
5625 | notsent = so->so_snd.sb_cc; | |
5626 | ||
5627 | if ((notsent == 0) || | |
5628 | ((notsent - (mp_tp->mpt_sndnxt - mp_tp->mpt_snduna)) <= | |
5629 | mp_tp->mpt_notsent_lowat)) { | |
5630 | mptcplog((LOG_DEBUG, "MPTCP Sender: " | |
5631 | "lowat %d notsent %d actual %d \n", | |
5632 | mp_tp->mpt_notsent_lowat, notsent, | |
5633 | notsent - (mp_tp->mpt_sndnxt - mp_tp->mpt_snduna)), | |
5634 | MPTCP_SENDER_DBG , MPTCP_LOGLVL_VERBOSE); | |
5635 | return (1); | |
5636 | } | |
5637 | ||
5638 | /* When Nagle's algorithm is not disabled, it is better | |
5639 | * to wakeup the client even before there is atleast one | |
5640 | * maxseg of data to write. | |
5641 | */ | |
5642 | TAILQ_FOREACH(mpts, &mpte->mpte_subflows, mpts_entry) { | |
5643 | int retval = 0; | |
5644 | if (mpts->mpts_flags & MPTSF_ACTIVE) { | |
5645 | struct socket *subf_so = mpts->mpts_socket; | |
5646 | struct tcpcb *tp = intotcpcb(sotoinpcb(subf_so)); | |
5647 | ||
5648 | notsent = so->so_snd.sb_cc - | |
5649 | (tp->snd_nxt - tp->snd_una); | |
5650 | ||
5651 | if ((tp->t_flags & TF_NODELAY) == 0 && | |
5652 | notsent > 0 && (notsent <= (int)tp->t_maxseg)) { | |
5653 | retval = 1; | |
5654 | } | |
5655 | mptcplog((LOG_DEBUG, "MPTCP Sender: lowat %d notsent %d" | |
5656 | " nodelay false \n", | |
5657 | mp_tp->mpt_notsent_lowat, notsent), | |
5658 | MPTCP_SENDER_DBG , MPTCP_LOGLVL_VERBOSE); | |
5659 | return (retval); | |
5660 | } | |
5661 | } | |
5662 | return (0); | |
5663 | } | |
5664 | ||
5665 | /* Using Symptoms Advisory to detect poor WiFi or poor Cell */ | |
5666 | static kern_ctl_ref mptcp_kern_ctrl_ref = NULL; | |
5667 | static uint32_t mptcp_kern_skt_inuse = 0; | |
5668 | static uint32_t mptcp_kern_skt_unit; | |
5669 | symptoms_advisory_t mptcp_advisory; | |
5670 | ||
5671 | static errno_t | |
5672 | mptcp_symptoms_ctl_connect(kern_ctl_ref kctlref, struct sockaddr_ctl *sac, | |
5673 | void **unitinfo) | |
5674 | { | |
5675 | #pragma unused(kctlref, sac, unitinfo) | |
5676 | ||
5677 | if (OSIncrementAtomic(&mptcp_kern_skt_inuse) > 0) | |
5678 | mptcplog((LOG_ERR, "%s MPTCP kernel-control socket already open!", __func__), | |
5679 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
5680 | ||
5681 | mptcp_kern_skt_unit = sac->sc_unit; | |
5682 | ||
5683 | return (0); | |
5684 | } | |
5685 | ||
5686 | static void | |
5687 | mptcp_allow_uuid(uuid_t uuid) | |
5688 | { | |
5689 | struct mppcb *mpp; | |
5690 | ||
5691 | /* Iterate over all MPTCP connections */ | |
5692 | ||
5693 | lck_mtx_lock(&mtcbinfo.mppi_lock); | |
5694 | ||
5695 | TAILQ_FOREACH(mpp, &mtcbinfo.mppi_pcbs, mpp_entry) { | |
5696 | struct mptses *mpte; | |
5697 | struct socket *mp_so; | |
5698 | ||
5699 | mpp_lock(mpp); | |
5700 | ||
5701 | mpte = mpp->mpp_pcbe; | |
5702 | mp_so = mpp->mpp_socket; | |
5703 | ||
5704 | if (mp_so->so_flags & SOF_DELEGATED && | |
5705 | uuid_compare(uuid, mp_so->e_uuid)) | |
5706 | goto next; | |
5707 | else if (!(mp_so->so_flags & SOF_DELEGATED) && | |
5708 | uuid_compare(uuid, mp_so->last_uuid)) | |
5709 | goto next; | |
5710 | ||
5711 | mpte->mpte_flags |= MPTE_ACCESS_GRANTED; | |
5712 | ||
5713 | mptcp_check_subflows_and_add(mpte); | |
5714 | mptcp_remove_subflows(mpte); | |
5715 | ||
5716 | mpte->mpte_flags &= ~MPTE_ACCESS_GRANTED; | |
5717 | ||
5718 | next: | |
5719 | mpp_unlock(mpp); | |
5720 | } | |
5721 | ||
5722 | lck_mtx_unlock(&mtcbinfo.mppi_lock); | |
5723 | } | |
5724 | ||
5725 | static void | |
5726 | mptcp_wifi_status_changed(void) | |
5727 | { | |
5728 | struct mppcb *mpp; | |
5729 | ||
5730 | /* Iterate over all MPTCP connections */ | |
5731 | ||
5732 | lck_mtx_lock(&mtcbinfo.mppi_lock); | |
5733 | ||
5734 | TAILQ_FOREACH(mpp, &mtcbinfo.mppi_pcbs, mpp_entry) { | |
5735 | struct mptses *mpte; | |
5736 | struct socket *mp_so; | |
5737 | ||
5738 | mpp_lock(mpp); | |
5739 | ||
5740 | mpte = mpp->mpp_pcbe; | |
5741 | mp_so = mpp->mpp_socket; | |
5742 | ||
5743 | /* Only handover-mode is purely driven by Symptom's Wi-Fi status */ | |
5744 | if (mpte->mpte_svctype != MPTCP_SVCTYPE_HANDOVER) | |
5745 | goto next; | |
5746 | ||
5747 | mptcp_check_subflows_and_add(mpte); | |
5748 | mptcp_check_subflows_and_remove(mpte); | |
5749 | ||
5750 | next: | |
5751 | mpp_unlock(mpp); | |
5752 | } | |
5753 | ||
5754 | lck_mtx_unlock(&mtcbinfo.mppi_lock); | |
5755 | } | |
5756 | ||
5757 | void | |
5758 | mptcp_ask_symptoms(struct mptses *mpte) | |
5759 | { | |
5760 | struct mptcp_symptoms_ask_uuid ask; | |
5761 | struct socket *mp_so; | |
5762 | struct proc *p; | |
5763 | int pid, prio, err; | |
5764 | ||
5765 | if (mptcp_kern_skt_unit == 0) { | |
5766 | mptcplog((LOG_ERR, "%s skt_unit is still 0\n", __func__), | |
5767 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
5768 | return; | |
5769 | } | |
5770 | ||
5771 | mp_so = mptetoso(mpte); | |
5772 | ||
5773 | if (mp_so->so_flags & SOF_DELEGATED) | |
5774 | pid = mp_so->e_pid; | |
5775 | else | |
5776 | pid = mp_so->last_pid; | |
5777 | ||
5778 | p = proc_find(pid); | |
5779 | if (p == PROC_NULL) { | |
5780 | mptcplog((LOG_ERR, "%s Couldn't find proc for pid %u\n", __func__, | |
5781 | pid), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
5782 | return; | |
5783 | } | |
5784 | ||
5785 | ask.cmd = MPTCP_SYMPTOMS_ASK_UUID; | |
5786 | ||
5787 | if (mp_so->so_flags & SOF_DELEGATED) | |
5788 | uuid_copy(ask.uuid, mp_so->e_uuid); | |
5789 | else | |
5790 | uuid_copy(ask.uuid, mp_so->last_uuid); | |
5791 | ||
5792 | prio = proc_get_effective_task_policy(proc_task(p), TASK_POLICY_ROLE); | |
5793 | ||
5794 | if (prio == TASK_BACKGROUND_APPLICATION) | |
5795 | ask.priority = MPTCP_SYMPTOMS_BACKGROUND; | |
5796 | else if (prio == TASK_FOREGROUND_APPLICATION) | |
5797 | ask.priority = MPTCP_SYMPTOMS_FOREGROUND; | |
5798 | else | |
5799 | ask.priority = MPTCP_SYMPTOMS_UNKNOWN; | |
5800 | ||
5801 | mptcplog((LOG_DEBUG, "%s ask symptoms about pid %u, prio %u\n", __func__, | |
5802 | pid, ask.priority), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
5803 | ||
5804 | err = ctl_enqueuedata(mptcp_kern_ctrl_ref, mptcp_kern_skt_unit, | |
5805 | &ask, sizeof(ask), CTL_DATA_EOR); | |
5806 | if (err) | |
5807 | mptcplog((LOG_ERR, "%s ctl_enqueuedata failed %d\n", __func__, err), | |
5808 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
5809 | ||
5810 | proc_rele(p); | |
5811 | } | |
5812 | ||
5813 | static errno_t | |
5814 | mptcp_symptoms_ctl_disconnect(kern_ctl_ref kctlref, u_int32_t kcunit, | |
5815 | void *unitinfo) | |
5816 | { | |
5817 | #pragma unused(kctlref, kcunit, unitinfo) | |
5818 | ||
5819 | OSDecrementAtomic(&mptcp_kern_skt_inuse); | |
5820 | ||
5821 | return (0); | |
5822 | } | |
5823 | ||
5824 | static errno_t | |
5825 | mptcp_symptoms_ctl_send(kern_ctl_ref kctlref, u_int32_t kcunit, void *unitinfo, | |
5826 | mbuf_t m, int flags) | |
5827 | { | |
5828 | #pragma unused(kctlref, unitinfo, flags) | |
5829 | symptoms_advisory_t *sa = NULL; | |
5830 | ||
5831 | if (kcunit != mptcp_kern_skt_unit) | |
5832 | mptcplog((LOG_ERR, "%s kcunit %u is different from expected one %u\n", | |
5833 | __func__, kcunit, mptcp_kern_skt_unit), | |
5834 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
5835 | ||
5836 | if (mbuf_pkthdr_len(m) < sizeof(*sa)) { | |
5837 | mbuf_freem(m); | |
5838 | return (EINVAL); | |
5839 | } | |
5840 | ||
5841 | if (mbuf_len(m) >= sizeof(*sa)) | |
5842 | sa = mbuf_data(m); | |
5843 | else | |
5844 | return (EINVAL); | |
5845 | ||
5846 | if (sa->sa_nwk_status != SYMPTOMS_ADVISORY_NOCOMMENT && | |
5847 | sa->sa_nwk_status != SYMPTOMS_ADVISORY_USEAPP) { | |
5848 | uint8_t old_wifi_status = mptcp_advisory.sa_wifi_status; | |
5849 | ||
5850 | mptcplog((LOG_DEBUG, "%s: wifi %d,%d\n", | |
5851 | __func__, sa->sa_wifi_status, mptcp_advisory.sa_wifi_status), | |
5852 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_VERBOSE); | |
5853 | ||
5854 | if ((sa->sa_wifi_status & | |
5855 | (SYMPTOMS_ADVISORY_WIFI_BAD | SYMPTOMS_ADVISORY_WIFI_OK)) != | |
5856 | (SYMPTOMS_ADVISORY_WIFI_BAD | SYMPTOMS_ADVISORY_WIFI_OK)) | |
5857 | mptcp_advisory.sa_wifi_status = sa->sa_wifi_status; | |
5858 | ||
5859 | if (old_wifi_status != mptcp_advisory.sa_wifi_status) | |
5860 | mptcp_wifi_status_changed(); | |
5861 | } else if (sa->sa_nwk_status == SYMPTOMS_ADVISORY_NOCOMMENT) { | |
5862 | mptcplog((LOG_DEBUG, "%s: NOCOMMENT wifi %d\n", __func__, | |
5863 | mptcp_advisory.sa_wifi_status), | |
5864 | MPTCP_EVENTS_DBG, MPTCP_LOGLVL_VERBOSE); | |
5865 | } else if (sa->sa_nwk_status == SYMPTOMS_ADVISORY_USEAPP) { | |
5866 | uuid_t uuid; | |
5867 | ||
5868 | mptcplog((LOG_DEBUG, "%s Got response about useApp\n", __func__), | |
5869 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
5870 | ||
5871 | uuid_copy(uuid, (unsigned char *)(sa + 1)); | |
5872 | ||
5873 | mptcp_allow_uuid(uuid); | |
5874 | } | |
5875 | ||
5876 | return (0); | |
5877 | } | |
5878 | ||
5879 | void | |
5880 | mptcp_control_register(void) | |
5881 | { | |
5882 | /* Set up the advisory control socket */ | |
5883 | struct kern_ctl_reg mptcp_kern_ctl; | |
5884 | ||
5885 | bzero(&mptcp_kern_ctl, sizeof(mptcp_kern_ctl)); | |
5886 | strlcpy(mptcp_kern_ctl.ctl_name, MPTCP_KERN_CTL_NAME, | |
5887 | sizeof(mptcp_kern_ctl.ctl_name)); | |
5888 | mptcp_kern_ctl.ctl_connect = mptcp_symptoms_ctl_connect; | |
5889 | mptcp_kern_ctl.ctl_disconnect = mptcp_symptoms_ctl_disconnect; | |
5890 | mptcp_kern_ctl.ctl_send = mptcp_symptoms_ctl_send; | |
5891 | mptcp_kern_ctl.ctl_flags = CTL_FLAG_PRIVILEGED; | |
5892 | ||
5893 | (void)ctl_register(&mptcp_kern_ctl, &mptcp_kern_ctrl_ref); | |
5894 | } | |
5895 | ||
5896 | int | |
5897 | mptcp_is_wifi_unusable(void) | |
5898 | { | |
5899 | /* a false return val indicates there is no info or wifi is ok */ | |
5900 | return (mptcp_advisory.sa_wifi_status & SYMPTOMS_ADVISORY_WIFI_BAD); | |
5901 | } | |
5902 | ||
5903 | /* If TFO data is succesfully acked, it must be dropped from the mptcp so */ | |
5904 | static void | |
5905 | mptcp_drop_tfo_data(struct mptses *mpte, struct mptsub *mpts) | |
5906 | { | |
5907 | struct socket *mp_so = mptetoso(mpte); | |
5908 | struct socket *so = mpts->mpts_socket; | |
5909 | struct tcpcb *tp = intotcpcb(sotoinpcb(so)); | |
5910 | struct mptcb *mp_tp = mpte->mpte_mptcb; | |
5911 | ||
5912 | /* If data was sent with SYN, rewind state */ | |
5913 | if (tp->t_tfo_stats & TFO_S_SYN_DATA_ACKED) { | |
5914 | u_int64_t mp_droplen = mp_tp->mpt_sndnxt - mp_tp->mpt_snduna; | |
5915 | unsigned int tcp_droplen = tp->snd_una - tp->iss - 1; | |
5916 | ||
5917 | VERIFY(mp_droplen <= (UINT_MAX)); | |
5918 | VERIFY(mp_droplen >= tcp_droplen); | |
5919 | ||
5920 | mpts->mpts_flags &= ~MPTSF_TFO_REQD; | |
5921 | mpts->mpts_iss += tcp_droplen; | |
5922 | tp->t_mpflags &= ~TMPF_TFO_REQUEST; | |
5923 | ||
5924 | if (mp_droplen > tcp_droplen) { | |
5925 | /* handle partial TCP ack */ | |
5926 | mp_so->so_flags1 |= SOF1_TFO_REWIND; | |
5927 | mp_tp->mpt_sndnxt = mp_tp->mpt_snduna + (mp_droplen - tcp_droplen); | |
5928 | mp_droplen = tcp_droplen; | |
5929 | } else { | |
5930 | /* all data on SYN was acked */ | |
5931 | mpts->mpts_rel_seq = 1; | |
5932 | mp_tp->mpt_sndnxt = mp_tp->mpt_snduna; | |
5933 | } | |
5934 | mp_tp->mpt_sndmax -= tcp_droplen; | |
5935 | ||
5936 | if (mp_droplen != 0) { | |
5937 | VERIFY(mp_so->so_snd.sb_mb != NULL); | |
5938 | sbdrop(&mp_so->so_snd, (int)mp_droplen); | |
5939 | } | |
5940 | mptcplog((LOG_DEBUG, "%s: mp_so 0x%llx cid %d TFO tcp len %d mptcp len %d\n", | |
5941 | __func__, (u_int64_t)VM_KERNEL_ADDRPERM(mp_so), | |
5942 | mpts->mpts_connid, tcp_droplen, mp_droplen), | |
5943 | MPTCP_SENDER_DBG, MPTCP_LOGLVL_VERBOSE); | |
5944 | } | |
5945 | } | |
5946 | ||
5947 | int | |
5948 | mptcp_freeq(struct mptcb *mp_tp) | |
5949 | { | |
5950 | struct tseg_qent *q; | |
5951 | int rv = 0; | |
5952 | ||
5953 | while ((q = LIST_FIRST(&mp_tp->mpt_segq)) != NULL) { | |
5954 | LIST_REMOVE(q, tqe_q); | |
5955 | m_freem(q->tqe_m); | |
5956 | zfree(tcp_reass_zone, q); | |
5957 | rv = 1; | |
5958 | } | |
5959 | mp_tp->mpt_reassqlen = 0; | |
5960 | return (rv); | |
5961 | } | |
5962 | ||
5963 | static int | |
5964 | mptcp_post_event(u_int32_t event_code, int value) | |
5965 | { | |
5966 | struct kev_mptcp_data event_data; | |
5967 | struct kev_msg ev_msg; | |
5968 | ||
5969 | memset(&ev_msg, 0, sizeof(ev_msg)); | |
5970 | ||
5971 | ev_msg.vendor_code = KEV_VENDOR_APPLE; | |
5972 | ev_msg.kev_class = KEV_NETWORK_CLASS; | |
5973 | ev_msg.kev_subclass = KEV_MPTCP_SUBCLASS; | |
5974 | ev_msg.event_code = event_code; | |
5975 | ||
5976 | event_data.value = value; | |
5977 | ||
5978 | ev_msg.dv[0].data_ptr = &event_data; | |
5979 | ev_msg.dv[0].data_length = sizeof(event_data); | |
5980 | ||
5981 | return kev_post_msg(&ev_msg); | |
5982 | } | |
5983 | ||
5984 | void | |
5985 | mptcp_set_cellicon(struct mptses *mpte) | |
5986 | { | |
5987 | int error; | |
5988 | ||
5989 | /* First-party apps (Siri) don't flip the cellicon */ | |
5990 | if (mpte->mpte_flags & MPTE_FIRSTPARTY) | |
5991 | return; | |
5992 | ||
5993 | /* Remember the last time we set the cellicon (see mptcp_unset_cellicon) */ | |
5994 | mptcp_last_cellicon_set = tcp_now; | |
5995 | ||
5996 | /* If cellicon is already set, get out of here! */ | |
5997 | if (OSTestAndSet(7, &mptcp_cellicon_is_set)) | |
5998 | return; | |
5999 | ||
6000 | error = mptcp_post_event(KEV_MPTCP_CELLUSE, 1); | |
6001 | ||
6002 | if (error) | |
6003 | mptcplog((LOG_ERR, "%s: Setting cellicon failed with %d\n", | |
6004 | __func__, error), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
6005 | else | |
6006 | mptcplog((LOG_DEBUG, "%s successfully set the cellicon\n", __func__), | |
6007 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
6008 | } | |
6009 | ||
6010 | void | |
6011 | mptcp_unset_cellicon(void) | |
6012 | { | |
6013 | int error; | |
6014 | ||
6015 | /* If cellicon is already unset, get out of here! */ | |
6016 | if (OSTestAndClear(7, &mptcp_cellicon_is_set)) | |
6017 | return; | |
6018 | ||
6019 | /* | |
6020 | * If during the past MPTCP_CELLICON_TOGGLE_RATE seconds we didn't | |
6021 | * explicitly set the cellicon (see mptcp_set_cellicon()), then we unset | |
6022 | * it again. | |
6023 | */ | |
6024 | if (TSTMP_GT(mptcp_last_cellicon_set + MPTCP_CELLICON_TOGGLE_RATE, | |
6025 | tcp_now)) { | |
6026 | OSTestAndSet(7, &mptcp_cellicon_is_set); | |
6027 | return; | |
6028 | } | |
6029 | ||
6030 | error = mptcp_post_event(KEV_MPTCP_CELLUSE, 0); | |
6031 | ||
6032 | if (error) | |
6033 | mptcplog((LOG_ERR, "%s: Unsetting cellicon failed with %d\n", | |
6034 | __func__, error), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); | |
6035 | else | |
6036 | mptcplog((LOG_DEBUG, "%s successfully unset the cellicon\n", __func__), | |
6037 | MPTCP_SOCKET_DBG, MPTCP_LOGLVL_VERBOSE); | |
6038 | } | |
6039 | ||
6040 | void | |
6041 | mptcp_reset_rexmit_state(struct tcpcb *tp) | |
6042 | { | |
6043 | struct mptsub *mpts; | |
6044 | struct inpcb *inp; | |
6045 | struct socket *so; | |
6046 | ||
6047 | inp = tp->t_inpcb; | |
6048 | if (inp == NULL) | |
6049 | return; | |
6050 | ||
6051 | so = inp->inp_socket; | |
6052 | if (so == NULL) | |
6053 | return; | |
6054 | ||
6055 | if (!(so->so_flags & SOF_MP_SUBFLOW)) | |
6056 | return; | |
6057 | ||
6058 | mpts = tp->t_mpsub; | |
6059 | ||
6060 | mpts->mpts_flags &= ~MPTSF_WRITE_STALL; | |
6061 | so->so_flags &= ~SOF_MP_TRYFAILOVER; | |
6062 | } | |
6063 | ||
6064 | void | |
6065 | mptcp_reset_keepalive(struct tcpcb *tp) | |
6066 | { | |
6067 | struct mptsub *mpts = tp->t_mpsub; | |
6068 | ||
6069 | mpts->mpts_flags &= ~MPTSF_READ_STALL; | |
6070 | } | |
6071 |