]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/mptcp_opt.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3789.1.32.tar.gz
[apple/xnu.git] / bsd / netinet / mptcp_opt.c
1 /*
2 * Copyright (c) 2012-2016 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <netinet/in_systm.h>
31 #include <sys/socket.h>
32 #include <sys/socketvar.h>
33 #include <sys/syslog.h>
34 #include <net/route.h>
35 #include <netinet/in.h>
36 #include <net/if.h>
37
38 #include <netinet/ip.h>
39 #include <netinet/ip_var.h>
40 #include <netinet/in_var.h>
41 #include <netinet/tcp.h>
42 #include <netinet/tcp_cache.h>
43 #include <netinet/tcp_seq.h>
44 #include <netinet/tcpip.h>
45 #include <netinet/tcp_fsm.h>
46 #include <netinet/mptcp_var.h>
47 #include <netinet/mptcp.h>
48 #include <netinet/mptcp_opt.h>
49 #include <netinet/mptcp_seq.h>
50
51 #include <libkern/crypto/sha1.h>
52 #include <netinet/mptcp_timer.h>
53
54 #include <mach/sdt.h>
55
56 /*
57 * SYSCTL for enforcing 64 bit dsn
58 */
59 int32_t force_64bit_dsn = 0;
60 SYSCTL_INT(_net_inet_mptcp, OID_AUTO, force_64bit_dsn,
61 CTLFLAG_RW|CTLFLAG_LOCKED, &force_64bit_dsn, 0,
62 "Force MPTCP 64bit dsn");
63
64
65 static int mptcp_validate_join_hmac(struct tcpcb *, u_char*, int);
66 static int mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen);
67
68 /*
69 * MPTCP Options Output Processing
70 */
71
72 static unsigned
73 mptcp_setup_first_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
74 unsigned optlen)
75 {
76 struct tcpcb *tp = sototcpcb(so);
77 struct mptcb *mp_tp = NULL;
78 mp_tp = tptomptp(tp);
79
80 /*
81 * Avoid retransmitting the MP_CAPABLE option.
82 */
83 if (tp->t_rxtshift > mptcp_mpcap_retries) {
84 if (!(mp_tp->mpt_flags & (MPTCPF_FALLBACK_HEURISTIC | MPTCPF_HEURISTIC_TRAC))) {
85 mp_tp->mpt_flags |= MPTCPF_HEURISTIC_TRAC;
86 tcp_heuristic_mptcp_loss(tp);
87 }
88 return (optlen);
89 }
90
91 if (!tcp_heuristic_do_mptcp(tp)) {
92 mp_tp->mpt_flags |= MPTCPF_FALLBACK_HEURISTIC;
93 return (optlen);
94 }
95
96 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
97 struct mptcp_mpcapable_opt_rsp mptcp_opt;
98 mptcp_key_t mp_localkey = 0;
99
100 mp_localkey = mptcp_get_localkey(mp_tp);
101 if (mp_localkey == 0) {
102 /* an embryonic connection was closed from above */
103 return (optlen);
104 }
105 bzero(&mptcp_opt,
106 sizeof (struct mptcp_mpcapable_opt_rsp));
107 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
108 mptcp_opt.mmc_common.mmco_len =
109 sizeof (struct mptcp_mpcapable_opt_rsp);
110 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
111 MPT_LOCK_SPIN(mp_tp);
112 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
113 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
114 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
115 mptcp_opt.mmc_common.mmco_flags |=
116 MPCAP_CHECKSUM_CBIT;
117 MPT_UNLOCK(mp_tp);
118 mptcp_opt.mmc_localkey = mp_localkey;
119 memcpy(opt + optlen, &mptcp_opt,
120 mptcp_opt.mmc_common.mmco_len);
121 optlen += mptcp_opt.mmc_common.mmco_len;
122 } else {
123 /* Only the SYN flag is set */
124 struct mptcp_mpcapable_opt_common mptcp_opt;
125 mptcp_key_t mp_localkey = 0;
126 mp_localkey = mptcp_get_localkey(mp_tp);
127 so->so_flags |= SOF_MPTCP_CLIENT;
128 if (mp_localkey == 0) {
129 /* an embryonic connection was closed */
130 return (optlen);
131 }
132 bzero(&mptcp_opt,
133 sizeof (struct mptcp_mpcapable_opt_common));
134 mptcp_opt.mmco_kind = TCPOPT_MULTIPATH;
135 mptcp_opt.mmco_len =
136 sizeof (struct mptcp_mpcapable_opt_common) +
137 sizeof (mptcp_key_t);
138 mptcp_opt.mmco_subtype = MPO_CAPABLE;
139 MPT_LOCK_SPIN(mp_tp);
140 mptcp_opt.mmco_version = mp_tp->mpt_version;
141 mptcp_opt.mmco_flags |= MPCAP_PROPOSAL_SBIT;
142 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
143 mptcp_opt.mmco_flags |= MPCAP_CHECKSUM_CBIT;
144 MPT_UNLOCK(mp_tp);
145 (void) memcpy(opt + optlen, &mptcp_opt,
146 sizeof (struct mptcp_mpcapable_opt_common));
147 optlen += sizeof (struct mptcp_mpcapable_opt_common);
148 (void) memcpy(opt + optlen, &mp_localkey,
149 sizeof (mptcp_key_t));
150 optlen += sizeof (mptcp_key_t);
151 }
152
153 return (optlen);
154 }
155
156 static unsigned
157 mptcp_setup_join_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
158 unsigned optlen)
159 {
160 struct inpcb *inp = sotoinpcb(so);
161 struct tcpcb *tp = NULL;
162
163 if (!inp)
164 return (optlen);
165
166 tp = intotcpcb(inp);
167 if (!tp)
168 return (optlen);
169
170 if (!tp->t_mptcb)
171 return (optlen);
172
173 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
174 struct mptcp_mpjoin_opt_rsp mpjoin_rsp;
175 struct mptcb *mp_tp = tptomptp(tp);
176
177 if (mp_tp == NULL)
178 return (optlen);
179
180 MPT_LOCK(mp_tp);
181 if (mptcp_get_localkey(mp_tp) == 0) {
182 MPT_UNLOCK(mp_tp);
183 return (optlen);
184 }
185 MPT_UNLOCK(mp_tp);
186 bzero(&mpjoin_rsp, sizeof (mpjoin_rsp));
187 mpjoin_rsp.mmjo_kind = TCPOPT_MULTIPATH;
188 mpjoin_rsp.mmjo_len = sizeof (mpjoin_rsp);
189 mpjoin_rsp.mmjo_subtype_bkp = MPO_JOIN << 4;
190 if (tp->t_mpflags & TMPF_BACKUP_PATH)
191 mpjoin_rsp.mmjo_subtype_bkp |= MPTCP_BACKUP;
192 mpjoin_rsp.mmjo_addr_id = tp->t_local_aid;
193 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
194 &mpjoin_rsp.mmjo_rand, NULL);
195 mpjoin_rsp.mmjo_mac = mptcp_get_trunced_hmac(tp->t_local_aid,
196 mp_tp);
197 memcpy(opt + optlen, &mpjoin_rsp, mpjoin_rsp.mmjo_len);
198 optlen += mpjoin_rsp.mmjo_len;
199 } else {
200 struct mptcp_mpjoin_opt_req mpjoin_req;
201
202 bzero(&mpjoin_req, sizeof (mpjoin_req));
203 mpjoin_req.mmjo_kind = TCPOPT_MULTIPATH;
204 mpjoin_req.mmjo_len = sizeof (mpjoin_req);
205 mpjoin_req.mmjo_subtype_bkp = MPO_JOIN << 4;
206 if (tp->t_mpflags & TMPF_BACKUP_PATH)
207 mpjoin_req.mmjo_subtype_bkp |= MPTCP_BACKUP;
208 mpjoin_req.mmjo_addr_id = tp->t_local_aid;
209 mpjoin_req.mmjo_peer_token = mptcp_get_remotetoken(tp->t_mptcb);
210 if (mpjoin_req.mmjo_peer_token == 0) {
211 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: peer token 0",
212 __func__),
213 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
214 }
215 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
216 &mpjoin_req.mmjo_rand, NULL);
217 memcpy(opt + optlen, &mpjoin_req, mpjoin_req.mmjo_len);
218 optlen += mpjoin_req.mmjo_len;
219 /* send an event up, if Fast Join is requested */
220 if (mptcp_zerortt_fastjoin &&
221 (so->so_flags & SOF_MPTCP_FASTJOIN)) {
222 soevent(so, (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPFASTJ));
223 }
224 }
225 return (optlen);
226 }
227
228 unsigned
229 mptcp_setup_join_ack_opts(struct tcpcb *tp, u_char *opt, unsigned optlen)
230 {
231 unsigned new_optlen;
232 struct mptcp_mpjoin_opt_rsp2 join_rsp2;
233
234 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpjoin_opt_rsp2)) {
235 printf("%s: no space left %d \n", __func__, optlen);
236 return (optlen);
237 }
238
239 bzero(&join_rsp2, sizeof (struct mptcp_mpjoin_opt_rsp2));
240 join_rsp2.mmjo_kind = TCPOPT_MULTIPATH;
241 join_rsp2.mmjo_len = sizeof (struct mptcp_mpjoin_opt_rsp2);
242 join_rsp2.mmjo_subtype = MPO_JOIN;
243 mptcp_get_hmac(tp->t_local_aid, tptomptp(tp),
244 (u_char*)&join_rsp2.mmjo_mac,
245 sizeof (join_rsp2.mmjo_mac));
246 memcpy(opt + optlen, &join_rsp2, join_rsp2.mmjo_len);
247 new_optlen = optlen + join_rsp2.mmjo_len;
248 tp->t_mpflags |= TMPF_FASTJOINBY2_SEND;
249 return (new_optlen);
250 }
251
252 unsigned
253 mptcp_setup_syn_opts(struct socket *so, int flags, u_char *opt, unsigned optlen)
254 {
255 unsigned new_optlen;
256
257 if (!(so->so_flags & SOF_MP_SEC_SUBFLOW)) {
258 new_optlen = mptcp_setup_first_subflow_syn_opts(so, flags, opt,
259 optlen);
260 } else {
261 /*
262 * To simulate SYN_ACK with no join opt, comment this line on
263 * OS X server side. This serves as a testing hook.
264 */
265 new_optlen = mptcp_setup_join_subflow_syn_opts(so, flags, opt,
266 optlen);
267 }
268 return (new_optlen);
269 }
270
271 static int
272 mptcp_send_mpfail(struct tcpcb *tp, u_char *opt, unsigned int optlen)
273 {
274 #pragma unused(tp, opt, optlen)
275
276 struct mptcb *mp_tp = NULL;
277 struct mptcp_mpfail_opt fail_opt;
278 uint64_t dsn;
279 int len = sizeof (struct mptcp_mpfail_opt);
280
281 mp_tp = tptomptp(tp);
282 if (mp_tp == NULL) {
283 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
284 return (optlen);
285 }
286
287 /* if option space low give up */
288 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpfail_opt)) {
289 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
290 return (optlen);
291 }
292
293 MPT_LOCK(mp_tp);
294 dsn = mp_tp->mpt_rcvnxt;
295 MPT_UNLOCK(mp_tp);
296
297 bzero(&fail_opt, sizeof (fail_opt));
298 fail_opt.mfail_kind = TCPOPT_MULTIPATH;
299 fail_opt.mfail_len = len;
300 fail_opt.mfail_subtype = MPO_FAIL;
301 fail_opt.mfail_dsn = mptcp_hton64(dsn);
302 memcpy(opt + optlen, &fail_opt, len);
303 optlen += len;
304 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
305 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: %d \n", __func__,
306 tp->t_local_aid), (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
307 MPTCP_LOGLVL_LOG);
308 return (optlen);
309 }
310
311 static int
312 mptcp_send_infinite_mapping(struct tcpcb *tp, u_char *opt, unsigned int optlen)
313 {
314 struct mptcp_dsn_opt infin_opt;
315 struct mptcb *mp_tp = NULL;
316 size_t len = sizeof (struct mptcp_dsn_opt);
317 struct socket *so = tp->t_inpcb->inp_socket;
318 int error = 0;
319 int csum_len = 0;
320
321 if (!so)
322 return (optlen);
323
324 mp_tp = tptomptp(tp);
325 if (mp_tp == NULL)
326 return (optlen);
327
328 MPT_LOCK(mp_tp);
329 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
330 csum_len = 2;
331
332 /* try later */
333 if ((MAX_TCPOPTLEN - optlen) < (len + csum_len)) {
334 MPT_UNLOCK(mp_tp);
335 return (optlen);
336 }
337 bzero(&infin_opt, sizeof (infin_opt));
338 infin_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
339 infin_opt.mdss_copt.mdss_len = len + csum_len;
340 infin_opt.mdss_copt.mdss_subtype = MPO_DSS;
341 infin_opt.mdss_copt.mdss_flags |= MDSS_M;
342 if (mp_tp->mpt_flags & MPTCPF_RECVD_MPFAIL) {
343 infin_opt.mdss_dsn = (u_int32_t)
344 MPTCP_DATASEQ_LOW32(mp_tp->mpt_dsn_at_csum_fail);
345 infin_opt.mdss_subflow_seqn = mp_tp->mpt_ssn_at_csum_fail;
346 } else {
347 /*
348 * If MPTCP fallback happens, but TFO succeeds, the data on the
349 * SYN does not belong to the MPTCP data sequence space.
350 */
351 if ((tp->t_tfo_stats & TFO_S_SYN_DATA_ACKED) &&
352 ((mp_tp->mpt_local_idsn + 1) == mp_tp->mpt_snduna)) {
353 infin_opt.mdss_subflow_seqn = 1;
354
355 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: idsn %llu"
356 "snduna %llu \n", __func__, mp_tp->mpt_local_idsn,
357 mp_tp->mpt_snduna),
358 (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
359 MPTCP_LOGLVL_LOG);
360 } else {
361 infin_opt.mdss_subflow_seqn = tp->snd_una - tp->iss;
362 }
363 infin_opt.mdss_dsn = (u_int32_t)
364 MPTCP_DATASEQ_LOW32(mp_tp->mpt_snduna);
365 }
366 MPT_UNLOCK(mp_tp);
367 if (error != 0)
368 return (optlen);
369 if ((infin_opt.mdss_dsn == 0) || (infin_opt.mdss_subflow_seqn == 0)) {
370 return (optlen);
371 }
372 infin_opt.mdss_dsn = htonl(infin_opt.mdss_dsn);
373 infin_opt.mdss_subflow_seqn = htonl(infin_opt.mdss_subflow_seqn);
374 infin_opt.mdss_data_len = 0;
375
376 memcpy(opt + optlen, &infin_opt, len);
377 optlen += len;
378 if (csum_len != 0) {
379 /* The checksum field is set to 0 for infinite mapping */
380 uint16_t csum = 0;
381 memcpy(opt + optlen, &csum, csum_len);
382 optlen += csum_len;
383 }
384
385 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: dsn = %x, seq = %x len = %x\n",
386 __func__,
387 ntohl(infin_opt.mdss_dsn),
388 ntohl(infin_opt.mdss_subflow_seqn),
389 ntohs(infin_opt.mdss_data_len)),
390 (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
391 MPTCP_LOGLVL_LOG);
392
393 /* so->so_flags &= ~SOF_MPTCP_CLIENT; */
394 tp->t_mpflags |= TMPF_INFIN_SENT;
395 tcpstat.tcps_estab_fallback++;
396 return (optlen);
397 }
398
399
400 static int
401 mptcp_ok_to_fin(struct tcpcb *tp, u_int64_t dsn, u_int32_t datalen)
402 {
403 struct mptcb *mp_tp = NULL;
404 mp_tp = tptomptp(tp);
405
406 MPT_LOCK(mp_tp);
407 dsn = (mp_tp->mpt_sndmax & MPTCP_DATASEQ_LOW32_MASK) | dsn;
408 if ((dsn + datalen) == mp_tp->mpt_sndmax) {
409 MPT_UNLOCK(mp_tp);
410 return (1);
411 }
412 MPT_UNLOCK(mp_tp);
413 return (0);
414 }
415
416 unsigned int
417 mptcp_setup_opts(struct tcpcb *tp, int32_t off, u_char *opt,
418 unsigned int optlen, int flags, int datalen,
419 unsigned int **dss_lenp, u_int8_t **finp, u_int64_t *dss_valp,
420 u_int32_t **sseqp, boolean_t *p_mptcp_acknow)
421 {
422 struct inpcb *inp = (struct inpcb *)tp->t_inpcb;
423 struct socket *so = inp->inp_socket;
424 struct mptcb *mp_tp = tptomptp(tp);
425 boolean_t do_csum = FALSE;
426 boolean_t send_64bit_dsn = FALSE;
427 boolean_t send_64bit_ack = FALSE;
428 u_int32_t old_mpt_flags = tp->t_mpflags &
429 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
430 TMPF_MPCAP_RETRANSMIT);
431
432 if ((mptcp_enable == 0) ||
433 (mp_tp == NULL) ||
434 (mp_tp->mpt_flags & MPTCPF_PEEL_OFF) ||
435 (tp->t_state == TCPS_CLOSED)) {
436 /* do nothing */
437 goto ret_optlen;
438 }
439
440 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM) {
441 do_csum = TRUE;
442 }
443
444 /* tcp_output handles the SYN path separately */
445 if (flags & TH_SYN) {
446 goto ret_optlen;
447 }
448
449 if ((MAX_TCPOPTLEN - optlen) <
450 sizeof (struct mptcp_mpcapable_opt_common)) {
451 mptcplog((LOG_ERR, "MPTCP Socket: "
452 "%s: no space left %d flags %x "
453 "tp->t_mpflags %x "
454 "len %d\n", __func__, optlen, flags, tp->t_mpflags,
455 datalen), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
456 goto ret_optlen;
457 }
458
459 if (tp->t_mpflags & TMPF_TCP_FALLBACK) {
460 if (tp->t_mpflags & TMPF_SND_MPFAIL)
461 optlen = mptcp_send_mpfail(tp, opt, optlen);
462 else if (!(tp->t_mpflags & TMPF_INFIN_SENT))
463 optlen = mptcp_send_infinite_mapping(tp, opt, optlen);
464 goto ret_optlen;
465 }
466
467 if (((tp->t_mpflags & TMPF_FASTJOINBY2_SEND) ||
468 (tp->t_mpflags & TMPF_FASTJOIN_SEND )) &&
469 (datalen > 0)) {
470 tp->t_mpflags &= ~TMPF_FASTJOINBY2_SEND;
471 tp->t_mpflags &= ~TMPF_FASTJOIN_SEND;
472 goto fastjoin_send;
473 }
474
475 if (((tp->t_mpflags & TMPF_PREESTABLISHED) &&
476 (!(tp->t_mpflags & TMPF_SENT_KEYS)) &&
477 (!(tp->t_mpflags & TMPF_JOINED_FLOW))) ||
478 (tp->t_mpflags & TMPF_MPCAP_RETRANSMIT)) {
479 struct mptcp_mpcapable_opt_rsp1 mptcp_opt;
480 if ((MAX_TCPOPTLEN - optlen) <
481 sizeof (struct mptcp_mpcapable_opt_rsp1))
482 goto ret_optlen;
483 bzero(&mptcp_opt, sizeof (struct mptcp_mpcapable_opt_rsp1));
484 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
485 mptcp_opt.mmc_common.mmco_len =
486 sizeof (struct mptcp_mpcapable_opt_rsp1);
487 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
488 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
489 /* HMAC-SHA1 is the proposal */
490 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
491 MPT_LOCK(mp_tp);
492 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
493 mptcp_opt.mmc_common.mmco_flags |= MPCAP_CHECKSUM_CBIT;
494 mptcp_opt.mmc_localkey = mptcp_get_localkey(mp_tp);
495 mptcp_opt.mmc_remotekey = mptcp_get_remotekey(mp_tp);
496 MPT_UNLOCK(mp_tp);
497 memcpy(opt + optlen, &mptcp_opt, mptcp_opt.mmc_common.mmco_len);
498 optlen += mptcp_opt.mmc_common.mmco_len;
499 tp->t_mpflags |= TMPF_SENT_KEYS | TMPF_MPTCP_TRUE;
500 so->so_flags |= SOF_MPTCP_TRUE;
501 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
502 tp->t_mpflags &= ~TMPF_MPCAP_RETRANSMIT;
503
504 if (!tp->t_mpuna) {
505 tp->t_mpuna = tp->snd_una;
506 } else {
507 /* its a retransmission of the MP_CAPABLE ACK */
508 }
509 goto ret_optlen;
510 }
511
512 if ((tp->t_mpflags & TMPF_JOINED_FLOW) &&
513 (tp->t_mpflags & TMPF_PREESTABLISHED) &&
514 (!(tp->t_mpflags & TMPF_RECVD_JOIN)) &&
515 (tp->t_mpflags & TMPF_SENT_JOIN) &&
516 (!(tp->t_mpflags & TMPF_MPTCP_TRUE))) {
517 MPT_LOCK(mp_tp);
518 if (mptcp_get_localkey(mp_tp) == 0) {
519 MPT_UNLOCK(mp_tp);
520 goto ret_optlen;
521 }
522 MPT_UNLOCK(mp_tp);
523 /* Do the ACK part */
524 optlen = mptcp_setup_join_ack_opts(tp, opt, optlen);
525 if (!tp->t_mpuna) {
526 tp->t_mpuna = tp->snd_una;
527 }
528 /* Start a timer to retransmit the ACK */
529 tp->t_timer[TCPT_JACK_RXMT] =
530 OFFSET_FROM_START(tp, tcp_jack_rxmt);
531 goto ret_optlen;
532 }
533
534 if (!(tp->t_mpflags & TMPF_MPTCP_TRUE))
535 goto ret_optlen;
536 fastjoin_send:
537 /*
538 * From here on, all options are sent only if MPTCP_TRUE
539 * or when data is sent early on as in Fast Join
540 */
541
542 if ((tp->t_mpflags & TMPF_MPTCP_TRUE) &&
543 (tp->t_mpflags & TMPF_SND_REM_ADDR)) {
544 int rem_opt_len = sizeof (struct mptcp_remaddr_opt);
545 if ((optlen + rem_opt_len) <= MAX_TCPOPTLEN) {
546 mptcp_send_remaddr_opt(tp,
547 (struct mptcp_remaddr_opt *)(opt + optlen));
548 optlen += rem_opt_len;
549 } else {
550 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
551 }
552 }
553
554 if (tp->t_mpflags & TMPF_SND_MPPRIO) {
555 optlen = mptcp_snd_mpprio(tp, opt, optlen);
556 }
557
558 MPT_LOCK(mp_tp);
559 if ((mp_tp->mpt_flags & MPTCPF_SND_64BITDSN) || force_64bit_dsn) {
560 send_64bit_dsn = TRUE;
561 }
562 if (mp_tp->mpt_flags & MPTCPF_SND_64BITACK)
563 send_64bit_ack = TRUE;
564
565 MPT_UNLOCK(mp_tp);
566
567 #define CHECK_OPTLEN { \
568 if ((MAX_TCPOPTLEN - optlen) < len) { \
569 mptcplog((LOG_ERR, "MPTCP Socket: " \
570 "%s: len %d optlen %d \n", __func__, len, optlen), \
571 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
572 goto ret_optlen; \
573 } \
574 }
575
576 #define DO_FIN(dsn_opt) { \
577 int sndfin = 0; \
578 sndfin = mptcp_ok_to_fin(tp, dsn_opt.mdss_dsn, datalen); \
579 if (sndfin) { \
580 dsn_opt.mdss_copt.mdss_flags |= MDSS_F; \
581 *finp = opt + optlen + offsetof(struct mptcp_dss_copt, \
582 mdss_flags); \
583 dsn_opt.mdss_data_len += 1; \
584 } \
585 }
586
587 #define CHECK_DATALEN { \
588 /* MPTCP socket does not support IP options */ \
589 if ((datalen + optlen + len) > tp->t_maxopd) { \
590 mptcplog((LOG_ERR, "MPTCP Socket: " \
591 "%s: nosp %d len %d opt %d %d %d\n", \
592 __func__, datalen, len, optlen, \
593 tp->t_maxseg, tp->t_maxopd), \
594 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
595 /* remove option length from payload len */ \
596 datalen = tp->t_maxopd - optlen - len; \
597 } \
598 }
599
600 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
601 (send_64bit_dsn)) {
602 /*
603 * If there was the need to send 64-bit Data ACK along
604 * with 64-bit DSN, then 26 or 28 bytes would be used.
605 * With timestamps and NOOP padding that will cause
606 * overflow. Hence, in the rare event that both 64-bit
607 * DSN and 64-bit ACK have to be sent, delay the send of
608 * 64-bit ACK until our 64-bit DSN is acked with a 64-bit ack.
609 * XXX If this delay causes issue, remove the 2-byte padding.
610 */
611 struct mptcp_dss64_ack32_opt dsn_ack_opt;
612 unsigned int len = sizeof (dsn_ack_opt);
613
614 if (do_csum) {
615 len += 2;
616 }
617
618 CHECK_OPTLEN;
619
620 bzero(&dsn_ack_opt, sizeof (dsn_ack_opt));
621 dsn_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
622 dsn_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
623 dsn_ack_opt.mdss_copt.mdss_len = len;
624 dsn_ack_opt.mdss_copt.mdss_flags |=
625 MDSS_M | MDSS_m | MDSS_A;
626
627 CHECK_DATALEN;
628
629 mptcp_output_getm_dsnmap64(so, off, (u_int32_t)datalen,
630 &dsn_ack_opt.mdss_dsn,
631 &dsn_ack_opt.mdss_subflow_seqn,
632 &dsn_ack_opt.mdss_data_len);
633
634 *dss_valp = dsn_ack_opt.mdss_dsn;
635
636 if ((dsn_ack_opt.mdss_data_len == 0) ||
637 (dsn_ack_opt.mdss_dsn == 0)) {
638 goto ret_optlen;
639 }
640
641 if (tp->t_mpflags & TMPF_SEND_DFIN) {
642 DO_FIN(dsn_ack_opt);
643 }
644
645 MPT_LOCK(mp_tp);
646 dsn_ack_opt.mdss_ack =
647 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
648 MPT_UNLOCK(mp_tp);
649
650 dsn_ack_opt.mdss_dsn = mptcp_hton64(dsn_ack_opt.mdss_dsn);
651 dsn_ack_opt.mdss_subflow_seqn = htonl(
652 dsn_ack_opt.mdss_subflow_seqn);
653 dsn_ack_opt.mdss_data_len = htons(
654 dsn_ack_opt.mdss_data_len);
655 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
656 offsetof(struct mptcp_dss64_ack32_opt, mdss_data_len));
657
658 memcpy(opt + optlen, &dsn_ack_opt, sizeof (dsn_ack_opt));
659
660 if (do_csum) {
661 *sseqp = (u_int32_t *)(void *)(opt + optlen +
662 offsetof(struct mptcp_dss64_ack32_opt,
663 mdss_subflow_seqn));
664 }
665 optlen += len;
666 mptcplog((LOG_DEBUG,"MPTCP Socket: "
667 "%s: long DSS = %llx ACK = %llx \n",
668 __func__,
669 mptcp_ntoh64(dsn_ack_opt.mdss_dsn),
670 mptcp_ntoh64(dsn_ack_opt.mdss_ack)),
671 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG);
672
673 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
674 goto ret_optlen;
675 }
676
677 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
678 (!send_64bit_dsn) &&
679 !(tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
680 struct mptcp_dsn_opt dsn_opt;
681 unsigned int len = sizeof (struct mptcp_dsn_opt);
682
683 if (do_csum) {
684 len += 2;
685 }
686
687 CHECK_OPTLEN;
688
689 bzero(&dsn_opt, sizeof (dsn_opt));
690 dsn_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
691 dsn_opt.mdss_copt.mdss_subtype = MPO_DSS;
692 dsn_opt.mdss_copt.mdss_len = len;
693 dsn_opt.mdss_copt.mdss_flags |= MDSS_M;
694
695 CHECK_DATALEN;
696
697 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
698 &dsn_opt.mdss_dsn,
699 &dsn_opt.mdss_subflow_seqn, &dsn_opt.mdss_data_len,
700 dss_valp);
701
702 if ((dsn_opt.mdss_data_len == 0) ||
703 (dsn_opt.mdss_dsn == 0)) {
704 goto ret_optlen;
705 }
706
707 if (tp->t_mpflags & TMPF_SEND_DFIN) {
708 DO_FIN(dsn_opt);
709 }
710
711 dsn_opt.mdss_dsn = htonl(dsn_opt.mdss_dsn);
712 dsn_opt.mdss_subflow_seqn = htonl(dsn_opt.mdss_subflow_seqn);
713 dsn_opt.mdss_data_len = htons(dsn_opt.mdss_data_len);
714 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
715 offsetof(struct mptcp_dsn_opt, mdss_data_len));
716 memcpy(opt + optlen, &dsn_opt, sizeof (dsn_opt));
717 if (do_csum) {
718 *sseqp = (u_int32_t *)(void *)(opt + optlen +
719 offsetof(struct mptcp_dsn_opt, mdss_subflow_seqn));
720 }
721 optlen += len;
722 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
723 goto ret_optlen;
724 }
725
726 /* 32-bit Data ACK option */
727 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
728 (!send_64bit_ack) &&
729 !(tp->t_mpflags & TMPF_SEND_DSN) &&
730 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
731
732 struct mptcp_data_ack_opt dack_opt;
733 unsigned int len = 0;
734 do_ack32_only:
735 len = sizeof (dack_opt);
736
737 CHECK_OPTLEN;
738
739 bzero(&dack_opt, len);
740 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
741 dack_opt.mdss_copt.mdss_len = len;
742 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
743 dack_opt.mdss_copt.mdss_flags |= MDSS_A;
744 MPT_LOCK_SPIN(mp_tp);
745 dack_opt.mdss_ack =
746 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
747 MPT_UNLOCK(mp_tp);
748 memcpy(opt + optlen, &dack_opt, len);
749 optlen += len;
750 VERIFY(optlen <= MAX_TCPOPTLEN);
751 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
752 goto ret_optlen;
753 }
754
755 /* 64-bit Data ACK option */
756 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
757 (send_64bit_ack) &&
758 !(tp->t_mpflags & TMPF_SEND_DSN) &&
759 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
760 struct mptcp_data_ack64_opt dack_opt;
761 unsigned int len = 0;
762 do_ack64_only:
763 len = sizeof (dack_opt);
764
765 CHECK_OPTLEN;
766
767 bzero(&dack_opt, len);
768 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
769 dack_opt.mdss_copt.mdss_len = len;
770 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
771 dack_opt.mdss_copt.mdss_flags |= (MDSS_A | MDSS_a);
772 MPT_LOCK_SPIN(mp_tp);
773 dack_opt.mdss_ack = mptcp_hton64(mp_tp->mpt_rcvnxt);
774 /*
775 * The other end should retransmit 64-bit DSN until it
776 * receives a 64-bit ACK.
777 */
778 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITACK;
779 MPT_UNLOCK(mp_tp);
780 memcpy(opt + optlen, &dack_opt, len);
781 optlen += len;
782 VERIFY(optlen <= MAX_TCPOPTLEN);
783 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
784 goto ret_optlen;
785 }
786
787 /* 32-bit DSS+Data ACK option */
788 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
789 (!send_64bit_dsn) &&
790 (!send_64bit_ack) &&
791 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
792 struct mptcp_dss_ack_opt dss_ack_opt;
793 unsigned int len = sizeof (dss_ack_opt);
794
795 if (do_csum)
796 len += 2;
797
798 CHECK_OPTLEN;
799
800 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
801 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
802 dss_ack_opt.mdss_copt.mdss_len = len;
803 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
804 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M;
805 MPT_LOCK_SPIN(mp_tp);
806 dss_ack_opt.mdss_ack =
807 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
808 MPT_UNLOCK(mp_tp);
809
810 CHECK_DATALEN;
811
812 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
813 &dss_ack_opt.mdss_dsn,
814 &dss_ack_opt.mdss_subflow_seqn,
815 &dss_ack_opt.mdss_data_len,
816 dss_valp);
817
818 if ((dss_ack_opt.mdss_data_len == 0) ||
819 (dss_ack_opt.mdss_dsn == 0)) {
820 goto do_ack32_only;
821 }
822
823 if (tp->t_mpflags & TMPF_SEND_DFIN) {
824 DO_FIN(dss_ack_opt);
825 }
826
827 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
828 dss_ack_opt.mdss_subflow_seqn =
829 htonl(dss_ack_opt.mdss_subflow_seqn);
830 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
831 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
832 offsetof(struct mptcp_dss_ack_opt, mdss_data_len));
833 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
834 if (do_csum) {
835 *sseqp = (u_int32_t *)(void *)(opt + optlen +
836 offsetof(struct mptcp_dss_ack_opt,
837 mdss_subflow_seqn));
838 }
839
840 optlen += len;
841
842 if (optlen > MAX_TCPOPTLEN)
843 panic("optlen too large");
844 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
845 goto ret_optlen;
846 }
847
848 /* 32-bit DSS + 64-bit DACK option */
849 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
850 (!send_64bit_dsn) &&
851 (send_64bit_ack) &&
852 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
853 struct mptcp_dss32_ack64_opt dss_ack_opt;
854 unsigned int len = sizeof (dss_ack_opt);
855
856 if (do_csum)
857 len += 2;
858
859 CHECK_OPTLEN;
860
861 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
862 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
863 dss_ack_opt.mdss_copt.mdss_len = len;
864 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
865 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_M | MDSS_A | MDSS_a;
866 MPT_LOCK_SPIN(mp_tp);
867 dss_ack_opt.mdss_ack =
868 mptcp_hton64(mp_tp->mpt_rcvnxt);
869 MPT_UNLOCK(mp_tp);
870
871 CHECK_DATALEN;
872
873 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
874 &dss_ack_opt.mdss_dsn, &dss_ack_opt.mdss_subflow_seqn,
875 &dss_ack_opt.mdss_data_len, dss_valp);
876
877 if ((dss_ack_opt.mdss_data_len == 0) ||
878 (dss_ack_opt.mdss_dsn == 0)) {
879 goto do_ack64_only;
880 }
881
882 if (tp->t_mpflags & TMPF_SEND_DFIN) {
883 DO_FIN(dss_ack_opt);
884 }
885
886 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
887 dss_ack_opt.mdss_subflow_seqn =
888 htonl(dss_ack_opt.mdss_subflow_seqn);
889 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
890 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
891 offsetof(struct mptcp_dss32_ack64_opt, mdss_data_len));
892 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
893 if (do_csum) {
894 *sseqp = (u_int32_t *)(void *)(opt + optlen +
895 offsetof(struct mptcp_dss32_ack64_opt,
896 mdss_subflow_seqn));
897 }
898
899 optlen += len;
900
901 if (optlen > MAX_TCPOPTLEN)
902 panic("optlen too large");
903 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
904 goto ret_optlen;
905 }
906
907 if (tp->t_mpflags & TMPF_SEND_DFIN) {
908 struct mptcp_dss_ack_opt dss_ack_opt;
909 unsigned int len = sizeof (struct mptcp_dss_ack_opt);
910
911 if (do_csum)
912 len += 2;
913
914 CHECK_OPTLEN;
915
916 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
917
918 MPT_LOCK(mp_tp);
919 /*
920 * Data FIN occupies one sequence space.
921 * Don't send it if it has been Acked.
922 */
923 if (((mp_tp->mpt_sndnxt + 1) != mp_tp->mpt_sndmax) ||
924 (mp_tp->mpt_snduna == mp_tp->mpt_sndmax)) {
925 MPT_UNLOCK(mp_tp);
926 goto ret_optlen;
927 }
928
929 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
930 dss_ack_opt.mdss_copt.mdss_len = len;
931 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
932 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M | MDSS_F;
933 dss_ack_opt.mdss_ack =
934 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
935 dss_ack_opt.mdss_dsn =
936 htonl(MPTCP_DATASEQ_LOW32(mp_tp->mpt_sndnxt));
937 MPT_UNLOCK(mp_tp);
938 dss_ack_opt.mdss_subflow_seqn = 0;
939 dss_ack_opt.mdss_data_len = 1;
940 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
941 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
942 if (do_csum) {
943 *dss_valp = mp_tp->mpt_sndnxt;
944 *sseqp = (u_int32_t *)(void *)(opt + optlen +
945 offsetof(struct mptcp_dss_ack_opt,
946 mdss_subflow_seqn));
947 }
948 optlen += len;
949 }
950
951 ret_optlen:
952 if (TRUE == *p_mptcp_acknow ) {
953 VERIFY(old_mpt_flags != 0);
954 u_int32_t new_mpt_flags = tp->t_mpflags &
955 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
956 TMPF_MPCAP_RETRANSMIT);
957
958 /*
959 * If none of the above mpflags were acted on by
960 * this routine, reset these flags and set p_mptcp_acknow
961 * to false.
962 * XXX The reset value of p_mptcp_acknow can be used
963 * to communicate tcp_output to NOT send a pure ack without any
964 * MPTCP options as it will be treated as a dup ack.
965 * Since the instances of mptcp_setup_opts not acting on
966 * these options are mostly corner cases and sending a dup
967 * ack here would only have an impact if the system
968 * has sent consecutive dup acks before this false one,
969 * we haven't modified the logic in tcp_output to avoid
970 * that.
971 */
972 if ((old_mpt_flags == new_mpt_flags) || (new_mpt_flags == 0)) {
973 tp->t_mpflags &= ~(TMPF_SND_MPPRIO
974 | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
975 TMPF_MPCAP_RETRANSMIT);
976 *p_mptcp_acknow = FALSE;
977 mptcplog((LOG_DEBUG, "MPTCP Sender: %s: no action \n",
978 __func__), MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
979 } else {
980 mptcplog((LOG_DEBUG, "MPTCP Sender: acknow set, "
981 "old flags %x new flags %x \n",
982 old_mpt_flags, new_mpt_flags),
983 MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
984 }
985 }
986
987 return optlen;
988 }
989
990 /*
991 * MPTCP Options Input Processing
992 */
993
994 static int
995 mptcp_sanitize_option(struct tcpcb *tp, int mptcp_subtype)
996 {
997 struct mptcb *mp_tp = tptomptp(tp);
998 int ret = 1;
999
1000 if (mp_tp == NULL) {
1001 mptcplog((LOG_ERR, "MPTCP Socket: %s: NULL mpsocket \n",
1002 __func__), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1003 return (0);
1004 }
1005
1006 switch (mptcp_subtype) {
1007 case MPO_CAPABLE:
1008 break;
1009 case MPO_JOIN: /* fall through */
1010 case MPO_DSS: /* fall through */
1011 case MPO_FASTCLOSE: /* fall through */
1012 case MPO_FAIL: /* fall through */
1013 case MPO_REMOVE_ADDR: /* fall through */
1014 case MPO_ADD_ADDR: /* fall through */
1015 case MPO_PRIO: /* fall through */
1016 if (mp_tp->mpt_state < MPTCPS_ESTABLISHED)
1017 ret = 0;
1018 break;
1019 default:
1020 ret = 0;
1021 mptcplog((LOG_ERR, "MPTCP Socket: "
1022 "%s: type = %d \n", __func__,
1023 mptcp_subtype),
1024 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1025 break;
1026 }
1027 return (ret);
1028 }
1029
1030 static int
1031 mptcp_valid_mpcapable_common_opt(u_char *cp)
1032 {
1033 struct mptcp_mpcapable_opt_common *rsp =
1034 (struct mptcp_mpcapable_opt_common *)cp;
1035
1036 /* mmco_kind, mmco_len and mmco_subtype are validated before */
1037
1038 if (!(rsp->mmco_flags & MPCAP_PROPOSAL_SBIT))
1039 return (0);
1040
1041 if (rsp->mmco_flags & (MPCAP_BBIT | MPCAP_CBIT | MPCAP_DBIT |
1042 MPCAP_EBIT | MPCAP_FBIT | MPCAP_GBIT))
1043 return (0);
1044
1045 return (1);
1046 }
1047
1048
1049 static void
1050 mptcp_do_mpcapable_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1051 int optlen)
1052 {
1053 struct mptcp_mpcapable_opt_rsp *rsp = NULL;
1054 struct mptcb *mp_tp = tptomptp(tp);
1055
1056 /* Only valid on SYN/ACK */
1057 if ((th->th_flags & (TH_SYN | TH_ACK)) != (TH_SYN | TH_ACK))
1058 return;
1059
1060 /* Validate the kind, len, flags */
1061 if (mptcp_valid_mpcapable_common_opt(cp) != 1) {
1062 tcpstat.tcps_invalid_mpcap++;
1063 return;
1064 }
1065
1066 /* Handle old duplicate SYN/ACK retransmission */
1067 if (SEQ_GT(tp->rcv_nxt, (tp->irs + 1)))
1068 return;
1069
1070 /* handle SYN/ACK retransmission by acknowledging with ACK */
1071 if (mp_tp->mpt_state >= MPTCPS_ESTABLISHED) {
1072 tp->t_mpflags |= TMPF_MPCAP_RETRANSMIT;
1073 return;
1074 }
1075
1076 /* A SYN/ACK contains peer's key and flags */
1077 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp)) {
1078 /* complain */
1079 mptcplog((LOG_ERR, "MPTCP Socket: "
1080 "%s: SYN_ACK optlen = %d, sizeof mp opt = %lu \n",
1081 __func__, optlen,
1082 sizeof (struct mptcp_mpcapable_opt_rsp)),
1083 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1084 tcpstat.tcps_invalid_mpcap++;
1085 return;
1086 }
1087
1088 /*
1089 * If checksum flag is set, enable MPTCP checksum, even if
1090 * it was not negotiated on the first SYN.
1091 */
1092 if (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1093 MPCAP_CHECKSUM_CBIT)
1094 mp_tp->mpt_flags |= MPTCPF_CHECKSUM;
1095
1096 rsp = (struct mptcp_mpcapable_opt_rsp *)cp;
1097 MPT_LOCK(mp_tp);
1098 mp_tp->mpt_remotekey = rsp->mmc_localkey;
1099 /* For now just downgrade to the peer's version */
1100 mp_tp->mpt_peer_version = rsp->mmc_common.mmco_version;
1101 if (rsp->mmc_common.mmco_version < mp_tp->mpt_version) {
1102 mp_tp->mpt_version = rsp->mmc_common.mmco_version;
1103 tcpstat.tcps_mp_verdowngrade++;
1104 }
1105 if (mptcp_init_remote_parms(mp_tp) != 0) {
1106 tcpstat.tcps_invalid_mpcap++;
1107 MPT_UNLOCK(mp_tp);
1108 return;
1109 }
1110 MPT_UNLOCK(mp_tp);
1111 tcp_heuristic_mptcp_success(tp);
1112 tp->t_mpflags |= TMPF_PREESTABLISHED;
1113 }
1114
1115
1116 static void
1117 mptcp_do_mpjoin_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1118 {
1119 #define MPTCP_JOPT_ERROR_PATH(tp) { \
1120 tp->t_mpflags |= TMPF_RESET; \
1121 tcpstat.tcps_invalid_joins++; \
1122 if (tp->t_inpcb->inp_socket != NULL) { \
1123 soevent(tp->t_inpcb->inp_socket, \
1124 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1125 } \
1126 }
1127 int error = 0;
1128 struct mptcp_mpjoin_opt_rsp *join_rsp =
1129 (struct mptcp_mpjoin_opt_rsp *)cp;
1130
1131 /* Only valid on SYN/ACK */
1132 if ((th->th_flags & (TH_SYN | TH_ACK)) != (TH_SYN | TH_ACK))
1133 return;
1134
1135 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp)) {
1136 mptcplog((LOG_ERR, "MPTCP Socket: "
1137 "SYN_ACK: unexpected optlen = %d mp "
1138 "option = %lu\n", optlen,
1139 sizeof (struct mptcp_mpjoin_opt_rsp)),
1140 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1141 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1142 /* send RST and close */
1143 MPTCP_JOPT_ERROR_PATH(tp);
1144 return;
1145 }
1146
1147 mptcp_set_raddr_rand(tp->t_local_aid, tptomptp(tp),
1148 join_rsp->mmjo_addr_id, join_rsp->mmjo_rand);
1149 error = mptcp_validate_join_hmac(tp,
1150 (u_char*)&join_rsp->mmjo_mac, SHA1_TRUNCATED);
1151 if (error) {
1152 mptcplog((LOG_ERR, "MPTCP Socket: %s: "
1153 "SYN_ACK error = %d \n", __func__, error),
1154 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1155 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1156 /* send RST and close */
1157 MPTCP_JOPT_ERROR_PATH(tp);
1158 return;
1159 }
1160 tp->t_mpflags |= TMPF_SENT_JOIN;
1161 }
1162
1163 static int
1164 mptcp_validate_join_hmac(struct tcpcb *tp, u_char* hmac, int mac_len)
1165 {
1166 u_char digest[SHA1_RESULTLEN] = {0};
1167 struct mptcb *mp_tp = NULL;
1168 mptcp_key_t rem_key, loc_key;
1169 u_int32_t rem_rand, loc_rand;
1170
1171 mp_tp = tp->t_mptcb;
1172
1173 rem_rand = loc_rand = 0;
1174
1175 MPT_LOCK(mp_tp);
1176 rem_key = mp_tp->mpt_remotekey;
1177
1178 /*
1179 * Can happen if the MPTCP-connection is about to be closed and we
1180 * receive an MP_JOIN in-between the events are being handled by the
1181 * worker thread.
1182 */
1183 if (mp_tp->mpt_localkey == NULL) {
1184 MPT_UNLOCK(mp_tp);
1185 return (-1);
1186 }
1187
1188 loc_key = *mp_tp->mpt_localkey;
1189 MPT_UNLOCK(mp_tp);
1190
1191 mptcp_get_rands(tp->t_local_aid, mp_tp, &loc_rand, &rem_rand);
1192 if ((rem_rand == 0) || (loc_rand == 0))
1193 return (-1);
1194
1195 mptcp_hmac_sha1(rem_key, loc_key, rem_rand, loc_rand,
1196 digest, sizeof (digest));
1197
1198 if (bcmp(digest, hmac, mac_len) == 0)
1199 return (0); /* matches */
1200 else {
1201 printf("%s: remote key %llx local key %llx remote rand %x "
1202 "local rand %x \n", __func__, rem_key, loc_key,
1203 rem_rand, loc_rand);
1204 return (-1);
1205 }
1206 }
1207
1208 static void
1209 mptcp_do_dss_opt_ack_meat(u_int64_t full_dack, struct tcpcb *tp)
1210 {
1211 struct mptcb *mp_tp = tptomptp(tp);
1212 int close_notify = 0;
1213
1214 tp->t_mpflags |= TMPF_RCVD_DACK;
1215
1216 MPT_LOCK(mp_tp);
1217 if (MPTCP_SEQ_LEQ(full_dack, mp_tp->mpt_sndmax) &&
1218 MPTCP_SEQ_GEQ(full_dack, mp_tp->mpt_snduna)) {
1219 mptcp_data_ack_rcvd(mp_tp, tp, full_dack);
1220 if (mp_tp->mpt_state > MPTCPS_FIN_WAIT_2)
1221 close_notify = 1;
1222 MPT_UNLOCK(mp_tp);
1223 if (mp_tp->mpt_flags & MPTCPF_RCVD_64BITACK) {
1224 mp_tp->mpt_flags &= ~MPTCPF_RCVD_64BITACK;
1225 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITDSN;
1226 }
1227 mptcp_notify_mpready(tp->t_inpcb->inp_socket);
1228 if (close_notify)
1229 mptcp_notify_close(tp->t_inpcb->inp_socket);
1230 } else {
1231 MPT_UNLOCK(mp_tp);
1232 mptcplog((LOG_ERR,"MPTCP Socket: "
1233 "%s: unexpected dack %llx snduna %llx "
1234 "sndmax %llx\n", __func__, full_dack,
1235 mp_tp->mpt_snduna, mp_tp->mpt_sndmax),
1236 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1237 MPTCP_LOGLVL_LOG);
1238 }
1239 }
1240
1241 static void
1242 mptcp_do_dss_opt_meat(u_char *cp, struct tcpcb *tp)
1243 {
1244 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1245 u_int64_t full_dack = 0;
1246 struct mptcb *mp_tp = tptomptp(tp);
1247 int csum_len = 0;
1248
1249 #define MPTCP_DSS_OPT_SZ_CHK(len, expected_len) { \
1250 if (len != expected_len) { \
1251 mptcplog((LOG_ERR, "MPTCP Socket: " \
1252 "%s: bad len = %d dss: %x \n", __func__, \
1253 len, dss_rsp->mdss_flags), \
1254 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), \
1255 MPTCP_LOGLVL_LOG); \
1256 return; \
1257 } \
1258 }
1259
1260 /*
1261 * mp_tp might become NULL after the call to mptcp_do_fin_opt().
1262 * Review after rdar://problem/24083886
1263 */
1264 if (!mp_tp)
1265 return;
1266
1267 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
1268 csum_len = 2;
1269
1270 dss_rsp->mdss_flags &= (MDSS_A|MDSS_a|MDSS_M|MDSS_m);
1271 switch (dss_rsp->mdss_flags) {
1272 case (MDSS_M):
1273 {
1274 /* 32-bit DSS, No Data ACK */
1275 struct mptcp_dsn_opt *dss_rsp1;
1276 dss_rsp1 = (struct mptcp_dsn_opt *)cp;
1277
1278 MPTCP_DSS_OPT_SZ_CHK(dss_rsp1->mdss_copt.mdss_len,
1279 sizeof (struct mptcp_dsn_opt) + csum_len);
1280 if (csum_len == 0)
1281 mptcp_update_dss_rcv_state(dss_rsp1, tp, 0);
1282 else
1283 mptcp_update_dss_rcv_state(dss_rsp1, tp,
1284 *(uint16_t *)(void *)(cp +
1285 (dss_rsp1->mdss_copt.mdss_len - csum_len)));
1286 break;
1287 }
1288 case (MDSS_A):
1289 {
1290 /* 32-bit Data ACK, no DSS */
1291 struct mptcp_data_ack_opt *dack_opt;
1292 dack_opt = (struct mptcp_data_ack_opt *)cp;
1293
1294 MPTCP_DSS_OPT_SZ_CHK(dack_opt->mdss_copt.mdss_len,
1295 sizeof (struct mptcp_data_ack_opt));
1296
1297 u_int32_t dack = dack_opt->mdss_ack;
1298 NTOHL(dack);
1299 MPT_LOCK_SPIN(mp_tp);
1300 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1301 MPT_UNLOCK(mp_tp);
1302 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1303 break;
1304 }
1305 case (MDSS_M | MDSS_A):
1306 {
1307 /* 32-bit Data ACK + 32-bit DSS */
1308 struct mptcp_dss_ack_opt *dss_ack_rsp;
1309 dss_ack_rsp = (struct mptcp_dss_ack_opt *)cp;
1310
1311 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1312 sizeof (struct mptcp_dss_ack_opt) + csum_len);
1313
1314 u_int32_t dack = dss_ack_rsp->mdss_ack;
1315 NTOHL(dack);
1316 MPT_LOCK_SPIN(mp_tp);
1317 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1318 MPT_UNLOCK(mp_tp);
1319 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1320 if (csum_len == 0)
1321 mptcp_update_rcv_state_f(dss_ack_rsp, tp, 0);
1322 else
1323 mptcp_update_rcv_state_f(dss_ack_rsp, tp,
1324 *(uint16_t *)(void *)(cp +
1325 (dss_ack_rsp->mdss_copt.mdss_len -
1326 csum_len)));
1327 break;
1328 }
1329 case (MDSS_M | MDSS_m):
1330 {
1331 /* 64-bit DSS , No Data ACK */
1332 struct mptcp_dsn64_opt *dsn64;
1333 dsn64 = (struct mptcp_dsn64_opt *)cp;
1334 u_int64_t full_dsn;
1335
1336 MPTCP_DSS_OPT_SZ_CHK(dsn64->mdss_copt.mdss_len,
1337 sizeof (struct mptcp_dsn64_opt) + csum_len);
1338
1339 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1340 "%s: 64-bit M present.\n", __func__),
1341 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1342 MPTCP_LOGLVL_LOG);
1343
1344 MPT_LOCK_SPIN(mp_tp);
1345 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1346 MPT_UNLOCK(mp_tp);
1347
1348 full_dsn = mptcp_ntoh64(dsn64->mdss_dsn);
1349 NTOHL(dsn64->mdss_subflow_seqn);
1350 NTOHS(dsn64->mdss_data_len);
1351 if (csum_len == 0)
1352 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1353 dsn64->mdss_subflow_seqn,
1354 dsn64->mdss_data_len,
1355 0);
1356 else
1357 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1358 dsn64->mdss_subflow_seqn,
1359 dsn64->mdss_data_len,
1360 *(uint16_t *)(void *)(cp +
1361 dsn64->mdss_copt.mdss_len - csum_len));
1362 break;
1363 }
1364 case (MDSS_A | MDSS_a):
1365 {
1366 /* 64-bit Data ACK, no DSS */
1367 struct mptcp_data_ack64_opt *dack64;
1368 dack64 = (struct mptcp_data_ack64_opt *)cp;
1369
1370 MPTCP_DSS_OPT_SZ_CHK(dack64->mdss_copt.mdss_len,
1371 sizeof (struct mptcp_data_ack64_opt));
1372
1373 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1374 "%s: 64-bit A present. \n", __func__),
1375 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1376 MPTCP_LOGLVL_LOG);
1377
1378 MPT_LOCK_SPIN(mp_tp);
1379 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1380 MPT_UNLOCK(mp_tp);
1381
1382 full_dack = mptcp_ntoh64(dack64->mdss_ack);
1383 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1384 break;
1385 }
1386 case (MDSS_M | MDSS_m | MDSS_A):
1387 {
1388 /* 64-bit DSS + 32-bit Data ACK */
1389 struct mptcp_dss64_ack32_opt *dss_ack_rsp;
1390 dss_ack_rsp = (struct mptcp_dss64_ack32_opt *)cp;
1391
1392 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1393 sizeof (struct mptcp_dss64_ack32_opt) + csum_len);
1394
1395 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1396 "%s: 64-bit M and 32-bit A present.\n", __func__),
1397 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1398 MPTCP_LOGLVL_LOG);
1399
1400 u_int32_t dack = dss_ack_rsp->mdss_ack;
1401 NTOHL(dack);
1402 MPT_LOCK_SPIN(mp_tp);
1403 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1404 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1405 MPT_UNLOCK(mp_tp);
1406 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1407 if (csum_len == 0)
1408 mptcp_update_rcv_state_g(dss_ack_rsp, tp, 0);
1409 else
1410 mptcp_update_rcv_state_g(dss_ack_rsp, tp,
1411 *(uint16_t *)(void *)(cp +
1412 dss_ack_rsp->mdss_copt.mdss_len -
1413 csum_len));
1414 break;
1415 }
1416 case (MDSS_M | MDSS_A | MDSS_a):
1417 {
1418 /* 32-bit DSS + 64-bit Data ACK */
1419 struct mptcp_dss32_ack64_opt *dss32_ack64_opt;
1420 dss32_ack64_opt = (struct mptcp_dss32_ack64_opt *)cp;
1421 u_int64_t full_dsn;
1422
1423 MPTCP_DSS_OPT_SZ_CHK(
1424 dss32_ack64_opt->mdss_copt.mdss_len,
1425 sizeof (struct mptcp_dss32_ack64_opt) + csum_len);
1426
1427 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1428 "%s: 32-bit M and 64-bit A present.\n", __func__),
1429 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1430 MPTCP_LOGLVL_LOG);
1431
1432 full_dack = mptcp_ntoh64(dss32_ack64_opt->mdss_ack);
1433 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1434 NTOHL(dss32_ack64_opt->mdss_dsn);
1435 MPT_LOCK_SPIN(mp_tp);
1436 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1437 MPTCP_EXTEND_DSN(mp_tp->mpt_rcvnxt,
1438 dss32_ack64_opt->mdss_dsn, full_dsn);
1439 MPT_UNLOCK(mp_tp);
1440 NTOHL(dss32_ack64_opt->mdss_subflow_seqn);
1441 NTOHS(dss32_ack64_opt->mdss_data_len);
1442 if (csum_len == 0)
1443 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1444 dss32_ack64_opt->mdss_subflow_seqn,
1445 dss32_ack64_opt->mdss_data_len, 0);
1446 else
1447 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1448 dss32_ack64_opt->mdss_subflow_seqn,
1449 dss32_ack64_opt->mdss_data_len,
1450 *(uint16_t *)(void *)(cp +
1451 dss32_ack64_opt->mdss_copt.mdss_len -
1452 csum_len));
1453 break;
1454 }
1455 case (MDSS_M | MDSS_m | MDSS_A | MDSS_a):
1456 {
1457 /* 64-bit DSS + 64-bit Data ACK */
1458 struct mptcp_dss64_ack64_opt *dss64_ack64;
1459 dss64_ack64 = (struct mptcp_dss64_ack64_opt *)cp;
1460 u_int64_t full_dsn;
1461
1462 MPTCP_DSS_OPT_SZ_CHK(dss64_ack64->mdss_copt.mdss_len,
1463 sizeof (struct mptcp_dss64_ack64_opt) + csum_len);
1464
1465 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1466 "%s: 64-bit M and 64-bit A present.\n", __func__),
1467 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1468 MPTCP_LOGLVL_LOG);
1469
1470 MPT_LOCK_SPIN(mp_tp);
1471 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1472 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1473 MPT_UNLOCK(mp_tp);
1474 full_dsn = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1475 full_dack = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1476 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1477 NTOHL(dss64_ack64->mdss_subflow_seqn);
1478 NTOHS(dss64_ack64->mdss_data_len);
1479 if (csum_len == 0)
1480 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1481 dss64_ack64->mdss_subflow_seqn,
1482 dss64_ack64->mdss_data_len, 0);
1483 else
1484 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1485 dss64_ack64->mdss_subflow_seqn,
1486 dss64_ack64->mdss_data_len,
1487 *(uint16_t *)(void *)(cp +
1488 dss64_ack64->mdss_copt.mdss_len -
1489 csum_len));
1490 break;
1491 }
1492 default:
1493 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1494 "%s: File bug, DSS flags = %x\n", __func__,
1495 dss_rsp->mdss_flags),
1496 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1497 MPTCP_LOGLVL_LOG);
1498 break;
1499 }
1500 }
1501
1502
1503 static void
1504 mptcp_do_fin_opt(struct tcpcb *tp)
1505 {
1506 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1507
1508 mptcplog((LOG_DEBUG,"MPTCP Socket: %s \n", __func__),
1509 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1510 MPTCP_LOGLVL_LOG);
1511
1512 if (!(tp->t_mpflags & TMPF_RECV_DFIN)) {
1513 if (mp_tp != NULL) {
1514 MPT_LOCK(mp_tp);
1515 mptcp_close_fsm(mp_tp, MPCE_RECV_DATA_FIN);
1516 MPT_UNLOCK(mp_tp);
1517
1518 if (tp->t_inpcb->inp_socket != NULL) {
1519 soevent(tp->t_inpcb->inp_socket,
1520 SO_FILT_HINT_LOCKED |
1521 SO_FILT_HINT_MPCANTRCVMORE);
1522 }
1523
1524 }
1525 tp->t_mpflags |= TMPF_RECV_DFIN;
1526 }
1527
1528 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1529 /*
1530 * Since this is a data level FIN, TCP needs to be explicitly told
1531 * to send back an ACK on which the Data ACK is piggybacked.
1532 */
1533 tp->t_flags |= TF_ACKNOW;
1534 }
1535
1536 static void
1537 mptcp_do_dss_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1538 {
1539 #pragma unused(th, optlen)
1540 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1541
1542 if (!mp_tp)
1543 return;
1544
1545 /* We may get Data ACKs just during fallback, so don't ignore those */
1546 if ((tp->t_mpflags & TMPF_MPTCP_TRUE) ||
1547 (tp->t_mpflags & TMPF_TCP_FALLBACK)) {
1548 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1549
1550 if (dss_rsp->mdss_subtype == MPO_DSS) {
1551 if (dss_rsp->mdss_flags & MDSS_F) {
1552 mptcp_do_fin_opt(tp);
1553 }
1554
1555 mptcp_do_dss_opt_meat(cp, tp);
1556 }
1557 }
1558 }
1559
1560 static void
1561 mptcp_do_fastclose_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1562 {
1563 struct mptcb *mp_tp = NULL;
1564 struct mptcp_fastclose_opt *fc_opt = (struct mptcp_fastclose_opt *)cp;
1565
1566 if (th->th_flags != TH_ACK)
1567 return;
1568
1569 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: \n", __func__),
1570 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1571 MPTCP_LOGLVL_LOG);
1572
1573 if (fc_opt->mfast_len != sizeof (struct mptcp_fastclose_opt)) {
1574 tcpstat.tcps_invalid_opt++;
1575 return;
1576 }
1577
1578 mp_tp = (struct mptcb *)tp->t_mptcb;
1579 if (!mp_tp)
1580 return;
1581
1582 if (fc_opt->mfast_key != mptcp_get_localkey(mp_tp)) {
1583 tcpstat.tcps_invalid_opt++;
1584 return;
1585 }
1586
1587 /*
1588 * fastclose could make us more vulnerable to attacks, hence
1589 * accept only those that are at the next expected sequence number.
1590 */
1591 if (th->th_seq != tp->rcv_nxt) {
1592 tcpstat.tcps_invalid_opt++;
1593 return;
1594 }
1595
1596 /* Reset this flow */
1597 tp->t_mpflags |= (TMPF_RESET | TMPF_FASTCLOSERCV);
1598
1599 if (tp->t_inpcb->inp_socket != NULL) {
1600 soevent(tp->t_inpcb->inp_socket,
1601 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST);
1602 }
1603 }
1604
1605
1606 static void
1607 mptcp_do_mpfail_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1608 {
1609 struct mptcb *mp_tp = NULL;
1610 struct mptcp_mpfail_opt *fail_opt = (struct mptcp_mpfail_opt *)cp;
1611 u_int32_t mdss_subflow_seqn = 0;
1612 int error = 0;
1613
1614 /*
1615 * mpfail could make us more vulnerable to attacks. Hence accept
1616 * only those that are the next expected sequence number.
1617 */
1618 if (th->th_seq != tp->rcv_nxt) {
1619 tcpstat.tcps_invalid_opt++;
1620 return;
1621 }
1622
1623 /* A packet without RST, must atleast have the ACK bit set */
1624 if ((th->th_flags != TH_ACK) && (th->th_flags != TH_RST))
1625 return;
1626
1627 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: \n", __func__),
1628 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), MPTCP_LOGLVL_LOG);
1629
1630 if (fail_opt->mfail_len != sizeof (struct mptcp_mpfail_opt))
1631 return;
1632
1633 mp_tp = (struct mptcb *)tp->t_mptcb;
1634 MPT_LOCK(mp_tp);
1635 mp_tp->mpt_flags |= MPTCPF_RECVD_MPFAIL;
1636 mp_tp->mpt_dsn_at_csum_fail = mptcp_hton64(fail_opt->mfail_dsn);
1637 MPT_UNLOCK(mp_tp);
1638 error = mptcp_get_map_for_dsn(tp->t_inpcb->inp_socket,
1639 mp_tp->mpt_dsn_at_csum_fail, &mdss_subflow_seqn);
1640 if (error == 0) {
1641 mp_tp->mpt_ssn_at_csum_fail = mdss_subflow_seqn;
1642 }
1643
1644 mptcp_notify_mpfail(tp->t_inpcb->inp_socket);
1645 }
1646
1647 void
1648 tcp_do_mptcp_options(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1649 struct tcpopt *to, int optlen)
1650 {
1651 int mptcp_subtype;
1652
1653 /* All MPTCP options have atleast 4 bytes */
1654 if (optlen < 4)
1655 return;
1656
1657 mptcp_subtype = (cp[2] >> 4);
1658
1659 if (mptcp_sanitize_option(tp, mptcp_subtype) == 0)
1660 return;
1661
1662 switch (mptcp_subtype) {
1663 case MPO_CAPABLE:
1664 mptcp_do_mpcapable_opt(tp, cp, th, optlen);
1665 break;
1666 case MPO_JOIN:
1667 mptcp_do_mpjoin_opt(tp, cp, th, optlen);
1668 break;
1669 case MPO_DSS:
1670 mptcp_do_dss_opt(tp, cp, th, optlen);
1671 break;
1672 case MPO_FASTCLOSE:
1673 mptcp_do_fastclose_opt(tp, cp, th);
1674 break;
1675 case MPO_FAIL:
1676 mptcp_do_mpfail_opt(tp, cp, th);
1677 break;
1678 case MPO_ADD_ADDR: /* fall through */
1679 case MPO_REMOVE_ADDR: /* fall through */
1680 case MPO_PRIO:
1681 to->to_flags |= TOF_MPTCP;
1682 break;
1683 default:
1684 break;
1685 }
1686 return;
1687 }
1688
1689 /*
1690 * MPTCP ADD_ADDR and REMOVE_ADDR options
1691 */
1692
1693 /*
1694 * ADD_ADDR is only placeholder code - not sent on wire
1695 * The ADD_ADDR option is not sent on wire because of security issues
1696 * around connection hijacking.
1697 */
1698 void
1699 mptcp_send_addaddr_opt(struct tcpcb *tp, struct mptcp_addaddr_opt *opt)
1700 {
1701
1702 opt->ma_kind = TCPOPT_MULTIPATH;
1703 opt->ma_len = sizeof (struct mptcp_addaddr_opt);
1704 opt->ma_subtype = MPO_ADD_ADDR;
1705 opt->ma_addr_id = tp->t_local_aid;
1706 #ifdef MPTCP_NOTYET
1707 struct inpcb *inp = tp->t_inpcb;
1708 if (inp->inp_vflag == AF_INET) {
1709 opt->ma_ipver = MA_IPVer_V4;
1710 bcopy((char *)&sin->sin_addr.s_addr, (char *)opt + opt->ma_len,
1711 sizeof (in_addr_t));
1712 opt->ma_len += sizeof (in_addr_t);
1713 } else if (inp->inp_vflag == AF_INET6) {
1714 opt->ma_ipver = MA_IPVer_V6;
1715 bcopy((char *)&sin6->sin6_addr, (char *)opt + opt->ma_len,
1716 sizeof (struct in6_addr));
1717 opt->ma_len += sizeof (struct in6_addr);
1718 }
1719 #if 0
1720 if (tp->t_mp_port) {
1721 /* add ports XXX */
1722 }
1723 #endif
1724 #endif
1725 }
1726
1727 /* REMOVE_ADDR option is sent when a source address goes away */
1728 void
1729 mptcp_send_remaddr_opt(struct tcpcb *tp, struct mptcp_remaddr_opt *opt)
1730 {
1731 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: local id %d remove id %d \n",
1732 __func__, tp->t_local_aid, tp->t_rem_aid),
1733 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1734
1735 bzero(opt, sizeof (*opt));
1736 opt->mr_kind = TCPOPT_MULTIPATH;
1737 opt->mr_len = sizeof (*opt);
1738 opt->mr_subtype = MPO_REMOVE_ADDR;
1739 opt->mr_addr_id = tp->t_rem_aid;
1740 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
1741 }
1742
1743 /*
1744 * MPTCP MP_PRIO option
1745 */
1746
1747 #if 0
1748 /*
1749 * Current implementation drops incoming MP_PRIO option and this code is
1750 * just a placeholder. The option is dropped because only the mobile client can
1751 * decide which of the subflows is preferred (usually wifi is preferred
1752 * over Cellular).
1753 */
1754 void
1755 mptcp_do_mpprio_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1756 int optlen)
1757 {
1758 int bkp = 0;
1759 struct mptcp_mpprio_opt *mpprio = (struct mptcp_mpprio_opt *)cp;
1760
1761 if ((tp == NULL) || !(tp->t_mpflags & TMPF_MPTCP_TRUE))
1762 return;
1763
1764 if ((mpprio->mpprio_len != sizeof (struct mptcp_mpprio_addr_opt)) &&
1765 (mpprio->mpprio_len != sizeof (struct mptcp_mpprio_opt)))
1766 return;
1767 }
1768 #endif
1769
1770 /* We send MP_PRIO option based on the values set by the SIOCSCONNORDER ioctl */
1771 static int
1772 mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen)
1773 {
1774 struct mptcp_mpprio_addr_opt mpprio;
1775
1776 if (tp->t_state != TCPS_ESTABLISHED) {
1777 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1778 return (optlen);
1779 }
1780
1781 if (mptcp_mpprio_enable != 1) {
1782 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1783 return (optlen);
1784 }
1785
1786 if ((MAX_TCPOPTLEN - optlen) <
1787 (int)sizeof (mpprio))
1788 return (optlen);
1789
1790 bzero(&mpprio, sizeof (mpprio));
1791 mpprio.mpprio_kind = TCPOPT_MULTIPATH;
1792 mpprio.mpprio_len = sizeof (mpprio);
1793 mpprio.mpprio_subtype = MPO_PRIO;
1794 if (tp->t_mpflags & TMPF_BACKUP_PATH)
1795 mpprio.mpprio_flags |= MPTCP_MPPRIO_BKP;
1796 mpprio.mpprio_addrid = tp->t_local_aid;
1797 memcpy(cp + optlen, &mpprio, sizeof (mpprio));
1798 optlen += sizeof (mpprio);
1799 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1800 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: aid = %d \n", __func__,
1801 tp->t_local_aid),
1802 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1803 return (optlen);
1804 }
mirror of XNU