]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/mptcp_opt.c
projects / apple / xnu.git / blob
? search:


a4ea96ef644fb54478181a5c40709b4dbbc8e879
[apple/xnu.git] / bsd / netinet / mptcp_opt.c
1 /*
2 * Copyright (c) 2012-2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <netinet/in_systm.h>
31 #include <sys/socket.h>
32 #include <sys/socketvar.h>
33
34 #include <net/route.h>
35 #include <netinet/in.h>
36 #include <net/if.h>
37
38 #include <netinet/ip.h>
39 #include <netinet/ip_var.h>
40 #include <netinet/in_var.h>
41 #include <netinet/tcp.h>
42 #include <netinet/tcp_var.h>
43 #include <netinet/tcp_seq.h>
44 #include <netinet/tcpip.h>
45 #include <netinet/tcp_fsm.h>
46 #include <netinet/mptcp_var.h>
47 #include <netinet/mptcp.h>
48 #include <netinet/mptcp_opt.h>
49 #include <netinet/mptcp_seq.h>
50
51 #include <libkern/crypto/sha1.h>
52 #include <netinet/mptcp_timer.h>
53
54 #include <mach/sdt.h>
55
56 static int mptcp_validate_join_hmac(struct tcpcb *, u_char*, int);
57 static int mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen);
58
59 /*
60 * MPTCP Options Output Processing
61 */
62
63 static unsigned
64 mptcp_setup_first_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
65 unsigned optlen)
66 {
67 struct tcpcb *tp = sototcpcb(so);
68 struct mptcb *mp_tp = NULL;
69 mp_tp = tptomptp(tp);
70
71 if (!(so->so_flags & SOF_MP_SUBFLOW))
72 return (optlen);
73
74 /*
75 * Avoid retransmitting the MP_CAPABLE option.
76 */
77 if (tp->t_rxtshift > mptcp_mpcap_retries)
78 return (optlen);
79
80 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
81 struct mptcp_mpcapable_opt_rsp mptcp_opt;
82 mptcp_key_t mp_localkey = 0;
83
84 mp_localkey = mptcp_get_localkey(mp_tp);
85 if (mp_localkey == 0) {
86 /* an embryonic connection was closed from above */
87 return (optlen);
88 }
89 bzero(&mptcp_opt,
90 sizeof (struct mptcp_mpcapable_opt_rsp));
91 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
92 mptcp_opt.mmc_common.mmco_len =
93 sizeof (struct mptcp_mpcapable_opt_rsp);
94 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
95 MPT_LOCK_SPIN(mp_tp);
96 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
97 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
98 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
99 mptcp_opt.mmc_common.mmco_flags |=
100 MPCAP_CHECKSUM_CBIT;
101 MPT_UNLOCK(mp_tp);
102 mptcp_opt.mmc_localkey = mp_localkey;
103 memcpy(opt + optlen, &mptcp_opt,
104 mptcp_opt.mmc_common.mmco_len);
105 optlen += mptcp_opt.mmc_common.mmco_len;
106 if (mptcp_dbg >= MP_VERBOSE_DEBUG_2) {
107 printf("%s: SYN_ACK localkey = %llx \n",
108 __func__, mp_localkey);
109 }
110 } else {
111 /* Only the SYN flag is set */
112 struct mptcp_mpcapable_opt_common mptcp_opt;
113 mptcp_key_t mp_localkey = 0;
114 mp_localkey = mptcp_get_localkey(mp_tp);
115 so->so_flags |= SOF_MPTCP_CLIENT;
116 if (mp_localkey == 0) {
117 /* an embryonic connection was closed */
118 return (optlen);
119 }
120 bzero(&mptcp_opt,
121 sizeof (struct mptcp_mpcapable_opt_common));
122 mptcp_opt.mmco_kind = TCPOPT_MULTIPATH;
123 mptcp_opt.mmco_len =
124 sizeof (struct mptcp_mpcapable_opt_common) +
125 sizeof (mptcp_key_t);
126 mptcp_opt.mmco_subtype = MPO_CAPABLE;
127 MPT_LOCK_SPIN(mp_tp);
128 mptcp_opt.mmco_version = mp_tp->mpt_version;
129 mptcp_opt.mmco_flags |= MPCAP_PROPOSAL_SBIT;
130 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
131 mptcp_opt.mmco_flags |= MPCAP_CHECKSUM_CBIT;
132 MPT_UNLOCK(mp_tp);
133 (void) memcpy(opt + optlen, &mptcp_opt,
134 sizeof (struct mptcp_mpcapable_opt_common));
135 optlen += sizeof (struct mptcp_mpcapable_opt_common);
136 (void) memcpy(opt + optlen, &mp_localkey,
137 sizeof (mptcp_key_t));
138 optlen += sizeof (mptcp_key_t);
139 }
140
141 return (optlen);
142 }
143
144 static unsigned
145 mptcp_setup_join_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
146 unsigned optlen)
147 {
148 struct inpcb *inp = sotoinpcb(so);
149 struct tcpcb *tp = NULL;
150
151 if (!inp)
152 return (optlen);
153
154 tp = intotcpcb(inp);
155 if (!tp)
156 return (optlen);
157
158 if (!tp->t_mptcb)
159 return (optlen);
160
161 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
162 struct mptcp_mpjoin_opt_rsp mpjoin_rsp;
163 bzero(&mpjoin_rsp, sizeof (mpjoin_rsp));
164 mpjoin_rsp.mmjo_kind = TCPOPT_MULTIPATH;
165 mpjoin_rsp.mmjo_len = sizeof (mpjoin_rsp);
166 mpjoin_rsp.mmjo_subtype_bkp = MPO_JOIN << 4;
167 if (tp->t_mpflags & TMPF_BACKUP_PATH)
168 mpjoin_rsp.mmjo_subtype_bkp |= MPTCP_BACKUP;
169 mpjoin_rsp.mmjo_addr_id = tp->t_local_aid;
170 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
171 &mpjoin_rsp.mmjo_rand, NULL);
172 mpjoin_rsp.mmjo_mac = mptcp_get_trunced_hmac(tp->t_local_aid,
173 tptomptp(tp));
174 memcpy(opt + optlen, &mpjoin_rsp, mpjoin_rsp.mmjo_len);
175 optlen += mpjoin_rsp.mmjo_len;
176 } else {
177 struct mptcp_mpjoin_opt_req mpjoin_req;
178 bzero(&mpjoin_req, sizeof (mpjoin_req));
179 mpjoin_req.mmjo_kind = TCPOPT_MULTIPATH;
180 mpjoin_req.mmjo_len = sizeof (mpjoin_req);
181 mpjoin_req.mmjo_subtype_bkp = MPO_JOIN << 4;
182 /* A secondary subflow is started off as backup */
183 mpjoin_req.mmjo_subtype_bkp |= MPTCP_BACKUP;
184 tp->t_mpflags |= TMPF_BACKUP_PATH;
185 mpjoin_req.mmjo_addr_id = tp->t_local_aid;
186 mpjoin_req.mmjo_peer_token = mptcp_get_remotetoken(tp->t_mptcb);
187 if (mpjoin_req.mmjo_peer_token == 0) {
188 if (mptcp_dbg >= MP_ERR_DEBUG)
189 printf("%s: zero peer token \n", __func__);
190 }
191 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
192 &mpjoin_req.mmjo_rand, NULL);
193 memcpy(opt + optlen, &mpjoin_req, mpjoin_req.mmjo_len);
194 optlen += mpjoin_req.mmjo_len;
195 }
196 return (optlen);
197 }
198
199 unsigned
200 mptcp_setup_join_ack_opts(struct tcpcb *tp, u_char *opt, unsigned optlen)
201 {
202 unsigned new_optlen;
203 struct mptcp_mpjoin_opt_rsp2 join_rsp2;
204
205 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpjoin_opt_rsp2)) {
206 printf("%s: no space left %d \n", __func__, optlen);
207 return (optlen);
208 }
209
210 bzero(&join_rsp2, sizeof (struct mptcp_mpjoin_opt_rsp2));
211 join_rsp2.mmjo_kind = TCPOPT_MULTIPATH;
212 join_rsp2.mmjo_len = sizeof (struct mptcp_mpjoin_opt_rsp2);
213 join_rsp2.mmjo_subtype = MPO_JOIN;
214 mptcp_get_hmac(tp->t_local_aid, tptomptp(tp),
215 (u_char*)&join_rsp2.mmjo_mac,
216 sizeof (join_rsp2.mmjo_mac));
217 memcpy(opt + optlen, &join_rsp2, join_rsp2.mmjo_len);
218 new_optlen = optlen + join_rsp2.mmjo_len;
219 return (new_optlen);
220 }
221
222 unsigned
223 mptcp_setup_syn_opts(struct socket *so, int flags, u_char *opt, unsigned optlen)
224 {
225 unsigned new_optlen;
226
227 if (mptcp_enable == 0) {
228 /* do nothing */
229 return (optlen);
230 }
231
232 if (!(so->so_flags & SOF_MP_SEC_SUBFLOW)) {
233 new_optlen = mptcp_setup_first_subflow_syn_opts(so, flags, opt,
234 optlen);
235 } else {
236 /*
237 * To simulate SYN_ACK with no join opt, comment this line on
238 * OS X server side. This serves as a testing hook.
239 */
240 new_optlen = mptcp_setup_join_subflow_syn_opts(so, flags, opt,
241 optlen);
242 }
243 return (new_optlen);
244 }
245
246 static int
247 mptcp_send_mpfail(struct tcpcb *tp, u_char *opt, unsigned int optlen)
248 {
249 #pragma unused(tp, opt, optlen)
250
251 struct mptcb *mp_tp = NULL;
252 struct mptcp_mpfail_opt fail_opt;
253 uint64_t dsn;
254 int len = sizeof (struct mptcp_mpfail_opt);
255
256 mp_tp = tptomptp(tp);
257 if (mp_tp == NULL) {
258 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
259 return (optlen);
260 }
261
262 /* if option space low give up */
263 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpfail_opt)) {
264 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
265 return (optlen);
266 }
267
268 MPT_LOCK(mp_tp);
269 dsn = mp_tp->mpt_rcvnxt;
270 MPT_UNLOCK(mp_tp);
271
272 bzero(&fail_opt, sizeof (fail_opt));
273 fail_opt.mfail_kind = TCPOPT_MULTIPATH;
274 fail_opt.mfail_len = len;
275 fail_opt.mfail_subtype = MPO_FAIL;
276 fail_opt.mfail_dsn = mptcp_hton64(dsn);
277 memcpy(opt + optlen, &fail_opt, len);
278 optlen += len;
279 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
280 if (mptcp_dbg >= MP_ERR_DEBUG)
281 printf("%s: %d \n", __func__, tp->t_local_aid);
282 return (optlen);
283 }
284
285 static int
286 mptcp_send_infinite_mapping(struct tcpcb *tp, u_char *opt, unsigned int optlen)
287 {
288 struct mptcp_dsn_opt infin_opt;
289 struct mptcb *mp_tp = NULL;
290 size_t len = sizeof (struct mptcp_dsn_opt);
291 struct socket *so = tp->t_inpcb->inp_socket;
292 int error = 0;
293 int csum_len = 0;
294
295 if (!so)
296 return (optlen);
297
298 mp_tp = tptomptp(tp);
299 if (mp_tp == NULL)
300 return (optlen);
301
302 MPT_LOCK(mp_tp);
303 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
304 csum_len = 2;
305
306 /* try later */
307 if ((MAX_TCPOPTLEN - optlen) < (len + csum_len)) {
308 MPT_UNLOCK(mp_tp);
309 return (optlen);
310 }
311 bzero(&infin_opt, sizeof (infin_opt));
312 infin_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
313 infin_opt.mdss_copt.mdss_len = len + csum_len;
314 infin_opt.mdss_copt.mdss_subtype = MPO_DSS;
315 infin_opt.mdss_copt.mdss_flags |= MDSS_M;
316 if (mp_tp->mpt_flags & MPTCPF_RECVD_MPFAIL) {
317 infin_opt.mdss_dsn = (u_int32_t)
318 MPTCP_DATASEQ_LOW32(mp_tp->mpt_dsn_at_csum_fail);
319 error = mptcp_get_map_for_dsn(so, mp_tp->mpt_dsn_at_csum_fail,
320 &infin_opt.mdss_subflow_seqn);
321 } else {
322 infin_opt.mdss_dsn = (u_int32_t)
323 MPTCP_DATASEQ_LOW32(mp_tp->mpt_snduna);
324 infin_opt.mdss_subflow_seqn = tp->snd_una - tp->iss;
325 }
326 MPT_UNLOCK(mp_tp);
327 if (error != 0)
328 return (optlen);
329 if ((infin_opt.mdss_dsn == 0) || (infin_opt.mdss_subflow_seqn == 0)) {
330 return (optlen);
331 }
332 infin_opt.mdss_dsn = htonl(infin_opt.mdss_dsn);
333 infin_opt.mdss_subflow_seqn = htonl(infin_opt.mdss_subflow_seqn);
334 infin_opt.mdss_data_len = 0;
335
336 memcpy(opt + optlen, &infin_opt, len);
337 optlen += len;
338 if (csum_len != 0) {
339 /* The checksum field is set to 0 for infinite mapping */
340 uint16_t csum = 0;
341 memcpy(opt + optlen, &csum, csum_len);
342 optlen += csum_len;
343 }
344
345 if (mptcp_dbg == MP_VERBOSE_DEBUG_1) {
346 printf("%s: dsn = %x, seq = %x len = %x\n", __func__,
347 ntohl(infin_opt.mdss_dsn),
348 ntohl(infin_opt.mdss_subflow_seqn),
349 ntohs(infin_opt.mdss_data_len));
350 }
351
352 /* so->so_flags &= ~SOF_MPTCP_CLIENT; */
353 tp->t_mpflags |= TMPF_INFIN_SENT;
354 tcpstat.tcps_estab_fallback++;
355 return (optlen);
356 }
357
358
359 static int
360 mptcp_ok_to_fin(struct tcpcb *tp, u_int64_t dsn, u_int32_t datalen)
361 {
362 struct mptcb *mp_tp = NULL;
363 mp_tp = tptomptp(tp);
364
365 MPT_LOCK(mp_tp);
366 dsn = (mp_tp->mpt_sndmax & MPTCP_DATASEQ_LOW32_MASK) | dsn;
367 if ((dsn + datalen) == mp_tp->mpt_sndmax) {
368 MPT_UNLOCK(mp_tp);
369 return (1);
370 }
371 MPT_UNLOCK(mp_tp);
372 return (0);
373 }
374
375
376 /* Must be called from tcp_output to fill in the fast close option */
377 static int
378 mptcp_send_fastclose(struct tcpcb *tp, u_char *opt, unsigned int optlen,
379 int flags)
380 {
381 struct mptcp_fastclose_opt fastclose_opt;
382 struct mptcb *mp_tp = tptomptp(tp);
383
384 /* Only ACK flag should be set */
385 if (flags != TH_ACK)
386 return (optlen);
387
388 if ((MAX_TCPOPTLEN - optlen) <
389 sizeof (struct mptcp_fastclose_opt)) {
390 return (optlen);
391 }
392
393 bzero(&fastclose_opt, sizeof (struct mptcp_fastclose_opt));
394 fastclose_opt.mfast_kind = TCPOPT_MULTIPATH;
395 fastclose_opt.mfast_len = sizeof (struct mptcp_fastclose_opt);
396 fastclose_opt.mfast_subtype = MPO_FASTCLOSE;
397 MPT_LOCK_SPIN(mp_tp);
398 fastclose_opt.mfast_key = mptcp_get_remotekey(mp_tp);
399 MPT_UNLOCK(mp_tp);
400 memcpy(opt + optlen, &fastclose_opt, fastclose_opt.mfast_len);
401 optlen += fastclose_opt.mfast_len;
402
403 return (optlen);
404 }
405
406 unsigned int
407 mptcp_setup_opts(struct tcpcb *tp, int32_t off, u_char *opt,
408 unsigned int optlen, int flags, int datalen,
409 unsigned int **dss_lenp, u_int8_t **finp, u_int64_t *dss_valp,
410 u_int32_t **sseqp)
411 {
412 struct inpcb *inp = (struct inpcb *)tp->t_inpcb;
413 struct socket *so = inp->inp_socket;
414 struct mptcb *mp_tp = tptomptp(tp);
415 boolean_t do_csum = FALSE;
416 boolean_t send_64bit_dsn = FALSE;
417 boolean_t send_64bit_ack = FALSE;
418
419 if (mptcp_enable == 0) {
420 /* do nothing */
421 return (optlen);
422 }
423
424 if (mp_tp == NULL) {
425 return (optlen);
426 }
427
428 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
429 do_csum = TRUE;
430
431 /* tcp_output handles the SYN path separately */
432 if (flags & TH_SYN)
433 return (optlen);
434
435 if ((MAX_TCPOPTLEN - optlen) <
436 sizeof (struct mptcp_mpcapable_opt_common)) {
437 if (mptcp_dbg >= MP_ERR_DEBUG) {
438 printf("MPTCP ERROR %s: no space left %d flags %x "
439 "tp->t_mpflags %x"
440 "len %d\n", __func__, optlen, flags, tp->t_mpflags,
441 datalen);
442 }
443 return (optlen);
444 }
445
446 if (tp->t_mpflags & TMPF_FASTCLOSE) {
447 optlen = mptcp_send_fastclose(tp, opt, optlen, flags);
448 VERIFY(datalen == 0);
449 return (optlen);
450 }
451
452 if (tp->t_mpflags & TMPF_TCP_FALLBACK) {
453 if (tp->t_mpflags & TMPF_SND_MPFAIL)
454 optlen = mptcp_send_mpfail(tp, opt, optlen);
455 else if (!(tp->t_mpflags & TMPF_INFIN_SENT))
456 optlen = mptcp_send_infinite_mapping(tp, opt, optlen);
457 return (optlen);
458 }
459
460 if (tp->t_mpflags & TMPF_SND_MPPRIO) {
461 optlen = mptcp_snd_mpprio(tp, opt, optlen);
462 return (optlen);
463 }
464
465 if ((tp->t_mpflags & TMPF_PREESTABLISHED) &&
466 (!(tp->t_mpflags & TMPF_SENT_KEYS)) &&
467 (!(tp->t_mpflags & TMPF_JOINED_FLOW))) {
468 struct mptcp_mpcapable_opt_rsp1 mptcp_opt;
469 if ((MAX_TCPOPTLEN - optlen) <
470 sizeof (struct mptcp_mpcapable_opt_rsp1))
471 return (optlen);
472 bzero(&mptcp_opt, sizeof (struct mptcp_mpcapable_opt_rsp1));
473 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
474 mptcp_opt.mmc_common.mmco_len =
475 sizeof (struct mptcp_mpcapable_opt_rsp1);
476 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
477 mptcp_opt.mmc_common.mmco_version = MP_DRAFT_VERSION_12;
478 /* HMAC-SHA1 is the proposal */
479 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
480 MPT_LOCK(mp_tp);
481 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
482 mptcp_opt.mmc_common.mmco_flags |= MPCAP_CHECKSUM_CBIT;
483 mptcp_opt.mmc_localkey = mptcp_get_localkey(mp_tp);
484 mptcp_opt.mmc_remotekey = mptcp_get_remotekey(mp_tp);
485 MPT_UNLOCK(mp_tp);
486 memcpy(opt + optlen, &mptcp_opt, mptcp_opt.mmc_common.mmco_len);
487 optlen += mptcp_opt.mmc_common.mmco_len;
488 tp->t_mpflags |= TMPF_SENT_KEYS;
489 so->so_flags |= SOF_MPTCP_TRUE;
490 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
491 tp->t_mpflags |= TMPF_MPTCP_TRUE;
492
493 if (!tp->t_mpuna) {
494 tp->t_mpuna = tp->snd_una;
495 } else {
496 /* its a retransmission of the MP_CAPABLE ACK */
497 }
498 if (mptcp_dbg >= MP_ERR_DEBUG) {
499 printf("MPTCP SUCCESS %s: established.\n", __func__);
500 }
501 return (optlen);
502 } else if (tp->t_mpflags & TMPF_MPTCP_TRUE) {
503 if (tp->t_mpflags & TMPF_SND_REM_ADDR) {
504 int rem_opt_len = sizeof (struct mptcp_remaddr_opt);
505 if ((optlen + rem_opt_len) <= MAX_TCPOPTLEN) {
506 mptcp_send_remaddr_opt(tp,
507 (struct mptcp_remaddr_opt *)(opt + optlen));
508 optlen += rem_opt_len;
509 return (optlen);
510 } else {
511 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
512 }
513 }
514 }
515
516 if ((tp->t_mpflags & TMPF_JOINED_FLOW) &&
517 (tp->t_mpflags & TMPF_PREESTABLISHED) &&
518 (!(tp->t_mpflags & TMPF_RECVD_JOIN)) &&
519 (tp->t_mpflags & TMPF_SENT_JOIN) &&
520 (!(tp->t_mpflags & TMPF_MPTCP_TRUE))) {
521 /* Do the ACK part */
522 optlen = mptcp_setup_join_ack_opts(tp, opt, optlen);
523 if (!tp->t_mpuna) {
524 tp->t_mpuna = tp->snd_una;
525 }
526 /* Start a timer to retransmit the ACK */
527 tp->t_timer[TCPT_JACK_RXMT] =
528 OFFSET_FROM_START(tp, tcp_jack_rxmt);
529 return (optlen);
530 }
531
532 if (!(tp->t_mpflags & TMPF_MPTCP_TRUE))
533 return (optlen);
534
535 /* From here on, all options are sent only if MPTCP_TRUE */
536
537 MPT_LOCK(mp_tp);
538 if (mp_tp->mpt_flags & MPTCPF_SND_64BITDSN) {
539 send_64bit_dsn = TRUE;
540 }
541 if (mp_tp->mpt_flags & MPTCPF_SND_64BITACK) {
542 send_64bit_ack = TRUE;
543 }
544 MPT_UNLOCK(mp_tp);
545
546 #define CHECK_OPTLEN { \
547 if ((MAX_TCPOPTLEN - optlen) < len) { \
548 if (mptcp_dbg >= MP_ERR_DEBUG) { \
549 printf("MPTCP ERROR %s: len %d optlen %d \n", \
550 __func__, \
551 len, optlen); \
552 } \
553 return (optlen); \
554 } \
555 }
556
557 #define DO_FIN(dsn_opt) { \
558 int sndfin = 0; \
559 sndfin = mptcp_ok_to_fin(tp, dsn_opt.mdss_dsn, datalen); \
560 if (sndfin) { \
561 dsn_opt.mdss_copt.mdss_flags |= MDSS_F; \
562 *finp = opt + optlen + offsetof(struct mptcp_dss_copt, \
563 mdss_flags); \
564 dsn_opt.mdss_data_len += 1; \
565 } \
566 }
567
568 #define CHECK_DATALEN { \
569 /* MPTCP socket does not support IP options */ \
570 if ((datalen + optlen + len) > tp->t_maxopd) { \
571 if (mptcp_dbg >= MP_VERBOSE_DEBUG_2) \
572 printf("%s: nosp %d len %d opt %d %d %d\n", \
573 __func__, datalen, len, optlen, \
574 tp->t_maxseg, tp->t_maxopd); \
575 /* remove option length from payload len */ \
576 datalen = tp->t_maxopd - optlen - len; \
577 } \
578 }
579
580 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
581 (send_64bit_dsn)) {
582 /*
583 * If there was the need to send 64-bit Data ACK along
584 * with 64-bit DSN, then 26 or 28 bytes would be used.
585 * With timestamps and NOOP padding that will cause
586 * overflow. Hence, in the rare event that both 64-bit
587 * DSN and 64-bit ACK have to be sent, delay the send of
588 * 64-bit ACK until our 64-bit DSN is acked with a 64-bit ack.
589 * XXX If this delay causes issue, remove the 2-byte padding.
590 */
591 struct mptcp_dss64_ack32_opt dsn_ack_opt;
592 unsigned int len = sizeof (dsn_ack_opt);
593
594 if (do_csum) {
595 len += 2;
596 }
597
598 CHECK_OPTLEN;
599
600 bzero(&dsn_ack_opt, sizeof (dsn_ack_opt));
601 dsn_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
602 dsn_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
603 dsn_ack_opt.mdss_copt.mdss_len = len;
604 dsn_ack_opt.mdss_copt.mdss_flags |=
605 MDSS_M | MDSS_m | MDSS_A;
606
607 CHECK_DATALEN;
608
609 mptcp_output_getm_dsnmap64(so, off, (u_int32_t)datalen,
610 &dsn_ack_opt.mdss_dsn,
611 &dsn_ack_opt.mdss_subflow_seqn,
612 &dsn_ack_opt.mdss_data_len);
613
614 *dss_valp = dsn_ack_opt.mdss_dsn;
615
616 if ((dsn_ack_opt.mdss_data_len == 0) ||
617 (dsn_ack_opt.mdss_dsn == 0)) {
618 return (optlen);
619 }
620
621 if (tp->t_mpflags & TMPF_SEND_DFIN) {
622 DO_FIN(dsn_ack_opt);
623 }
624
625 MPT_LOCK(mp_tp);
626 dsn_ack_opt.mdss_ack =
627 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
628 MPT_UNLOCK(mp_tp);
629
630 dsn_ack_opt.mdss_dsn = mptcp_hton64(dsn_ack_opt.mdss_dsn);
631 dsn_ack_opt.mdss_subflow_seqn = htonl(
632 dsn_ack_opt.mdss_subflow_seqn);
633 dsn_ack_opt.mdss_data_len = htons(
634 dsn_ack_opt.mdss_data_len);
635 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
636 offsetof(struct mptcp_dss64_ack32_opt, mdss_data_len));
637
638 memcpy(opt + optlen, &dsn_ack_opt, sizeof (dsn_ack_opt));
639
640 if (do_csum) {
641 *sseqp = (u_int32_t *)(void *)(opt + optlen +
642 offsetof(struct mptcp_dss64_ack32_opt,
643 mdss_subflow_seqn));
644 }
645 optlen += len;
646 if (mptcp_dbg == MP_VERBOSE_DEBUG_2) {
647 printf("%s: long DSS = %llx ACK = %llx \n",
648 __func__,
649 mptcp_ntoh64(dsn_ack_opt.mdss_dsn),
650 mptcp_ntoh64(dsn_ack_opt.mdss_ack));
651 }
652 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
653 return (optlen);
654 }
655
656 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
657 (!send_64bit_dsn) &&
658 !(tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
659 struct mptcp_dsn_opt dsn_opt;
660 unsigned int len = sizeof (struct mptcp_dsn_opt);
661
662 if (do_csum) {
663 len += 2;
664 }
665
666 CHECK_OPTLEN;
667
668 bzero(&dsn_opt, sizeof (dsn_opt));
669 dsn_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
670 dsn_opt.mdss_copt.mdss_subtype = MPO_DSS;
671 dsn_opt.mdss_copt.mdss_len = len;
672 dsn_opt.mdss_copt.mdss_flags |= MDSS_M;
673
674 CHECK_DATALEN;
675
676 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
677 &dsn_opt.mdss_dsn,
678 &dsn_opt.mdss_subflow_seqn, &dsn_opt.mdss_data_len,
679 dss_valp);
680
681 if ((dsn_opt.mdss_data_len == 0) ||
682 (dsn_opt.mdss_dsn == 0)) {
683 return (optlen);
684 }
685
686 if (tp->t_mpflags & TMPF_SEND_DFIN) {
687 DO_FIN(dsn_opt);
688 }
689
690 dsn_opt.mdss_dsn = htonl(dsn_opt.mdss_dsn);
691 dsn_opt.mdss_subflow_seqn = htonl(dsn_opt.mdss_subflow_seqn);
692 dsn_opt.mdss_data_len = htons(dsn_opt.mdss_data_len);
693 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
694 offsetof(struct mptcp_dsn_opt, mdss_data_len));
695 memcpy(opt + optlen, &dsn_opt, sizeof (dsn_opt));
696 if (do_csum) {
697 *sseqp = (u_int32_t *)(void *)(opt + optlen +
698 offsetof(struct mptcp_dsn_opt, mdss_subflow_seqn));
699 }
700 optlen += len;
701 if (mptcp_dbg == MP_VERBOSE_DEBUG_2) {
702 printf("%s: DSS option. dsn = %x, seq = %x len = %x\n",
703 __func__,
704 ntohl(dsn_opt.mdss_dsn),
705 ntohl(dsn_opt.mdss_subflow_seqn),
706 ntohs(dsn_opt.mdss_data_len));
707 }
708 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
709 return (optlen);
710 }
711
712 /* 32-bit Data ACK option */
713 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
714 (!send_64bit_ack) &&
715 !(tp->t_mpflags & TMPF_SEND_DSN) &&
716 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
717
718 struct mptcp_data_ack_opt dack_opt;
719 unsigned int len = 0;
720 do_ack32_only:
721 len = sizeof (dack_opt);
722
723 CHECK_OPTLEN;
724
725 bzero(&dack_opt, len);
726 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
727 dack_opt.mdss_copt.mdss_len = len;
728 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
729 dack_opt.mdss_copt.mdss_flags |= MDSS_A;
730 MPT_LOCK_SPIN(mp_tp);
731 dack_opt.mdss_ack =
732 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
733 MPT_UNLOCK(mp_tp);
734 memcpy(opt + optlen, &dack_opt, len);
735 optlen += len;
736 VERIFY(optlen <= MAX_TCPOPTLEN);
737 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
738 return (optlen);
739 }
740
741 /* 64-bit Data ACK option */
742 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
743 (send_64bit_ack) &&
744 !(tp->t_mpflags & TMPF_SEND_DSN) &&
745 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
746 struct mptcp_data_ack64_opt dack_opt;
747 unsigned int len = 0;
748 do_ack64_only:
749 len = sizeof (dack_opt);
750
751 CHECK_OPTLEN;
752
753 bzero(&dack_opt, len);
754 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
755 dack_opt.mdss_copt.mdss_len = len;
756 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
757 dack_opt.mdss_copt.mdss_flags |= (MDSS_A | MDSS_a);
758 MPT_LOCK_SPIN(mp_tp);
759 dack_opt.mdss_ack = mptcp_hton64(mp_tp->mpt_rcvnxt);
760 /*
761 * The other end should retransmit 64-bit DSN until it
762 * receives a 64-bit ACK.
763 */
764 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITACK;
765 MPT_UNLOCK(mp_tp);
766 memcpy(opt + optlen, &dack_opt, len);
767 optlen += len;
768 VERIFY(optlen <= MAX_TCPOPTLEN);
769 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
770 return (optlen);
771 }
772
773 /* 32-bit DSS+Data ACK option */
774 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
775 (!send_64bit_dsn) &&
776 (!send_64bit_ack) &&
777 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
778 struct mptcp_dss_ack_opt dss_ack_opt;
779 unsigned int len = sizeof (dss_ack_opt);
780
781 if (do_csum)
782 len += 2;
783
784 CHECK_OPTLEN;
785
786 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
787 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
788 dss_ack_opt.mdss_copt.mdss_len = len;
789 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
790 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M;
791 MPT_LOCK_SPIN(mp_tp);
792 dss_ack_opt.mdss_ack =
793 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
794 MPT_UNLOCK(mp_tp);
795
796 CHECK_DATALEN;
797
798 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
799 &dss_ack_opt.mdss_dsn,
800 &dss_ack_opt.mdss_subflow_seqn,
801 &dss_ack_opt.mdss_data_len,
802 dss_valp);
803
804 if ((dss_ack_opt.mdss_data_len == 0) ||
805 (dss_ack_opt.mdss_dsn == 0)) {
806 goto do_ack32_only;
807 }
808
809 if (tp->t_mpflags & TMPF_SEND_DFIN) {
810 DO_FIN(dss_ack_opt);
811 }
812
813 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
814 dss_ack_opt.mdss_subflow_seqn =
815 htonl(dss_ack_opt.mdss_subflow_seqn);
816 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
817 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
818 offsetof(struct mptcp_dss_ack_opt, mdss_data_len));
819 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
820 if (do_csum) {
821 *sseqp = (u_int32_t *)(void *)(opt + optlen +
822 offsetof(struct mptcp_dss_ack_opt,
823 mdss_subflow_seqn));
824 }
825
826 optlen += len;
827
828 if (optlen > MAX_TCPOPTLEN)
829 panic("optlen too large");
830 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
831 return (optlen);
832 }
833
834 /* 32-bit DSS + 64-bit DACK option */
835 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
836 (!send_64bit_dsn) &&
837 (send_64bit_ack) &&
838 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
839 struct mptcp_dss32_ack64_opt dss_ack_opt;
840 unsigned int len = sizeof (dss_ack_opt);
841
842 if (do_csum)
843 len += 2;
844
845 CHECK_OPTLEN;
846
847 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
848 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
849 dss_ack_opt.mdss_copt.mdss_len = len;
850 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
851 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_M | MDSS_A | MDSS_a;
852 MPT_LOCK_SPIN(mp_tp);
853 dss_ack_opt.mdss_ack =
854 mptcp_hton64(mp_tp->mpt_rcvnxt);
855 MPT_UNLOCK(mp_tp);
856
857 CHECK_DATALEN;
858
859 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
860 &dss_ack_opt.mdss_dsn, &dss_ack_opt.mdss_subflow_seqn,
861 &dss_ack_opt.mdss_data_len, dss_valp);
862
863 if ((dss_ack_opt.mdss_data_len == 0) ||
864 (dss_ack_opt.mdss_dsn == 0)) {
865 goto do_ack64_only;
866 }
867
868 if (tp->t_mpflags & TMPF_SEND_DFIN) {
869 DO_FIN(dss_ack_opt);
870 }
871
872 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
873 dss_ack_opt.mdss_subflow_seqn =
874 htonl(dss_ack_opt.mdss_subflow_seqn);
875 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
876 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
877 offsetof(struct mptcp_dss32_ack64_opt, mdss_data_len));
878 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
879 if (do_csum) {
880 *sseqp = (u_int32_t *)(void *)(opt + optlen +
881 offsetof(struct mptcp_dss32_ack64_opt,
882 mdss_subflow_seqn));
883 }
884
885 optlen += len;
886
887 if (optlen > MAX_TCPOPTLEN)
888 panic("optlen too large");
889 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
890 return (optlen);
891 }
892
893 if (tp->t_mpflags & TMPF_SEND_DFIN) {
894 struct mptcp_dss_ack_opt dss_ack_opt;
895 unsigned int len = sizeof (struct mptcp_dss_ack_opt);
896
897 if (do_csum)
898 len += 2;
899
900 CHECK_OPTLEN;
901
902 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
903
904 MPT_LOCK(mp_tp);
905 /* Data FIN occupies one sequence space */
906 if ((mp_tp->mpt_sndnxt + 1) != mp_tp->mpt_sndmax) {
907 MPT_UNLOCK(mp_tp);
908 if (mptcp_dbg == MP_VERBOSE_DEBUG_2)
909 printf("%s: Fin state %d %llu %llu\n", __func__,
910 mp_tp->mpt_state, mp_tp->mpt_sndnxt,
911 mp_tp->mpt_sndmax);
912 return (optlen);
913 }
914
915 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
916 dss_ack_opt.mdss_copt.mdss_len = len;
917 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
918 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M | MDSS_F;
919 dss_ack_opt.mdss_ack =
920 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
921 dss_ack_opt.mdss_dsn =
922 htonl(MPTCP_DATASEQ_LOW32(mp_tp->mpt_sndnxt));
923 MPT_UNLOCK(mp_tp);
924 dss_ack_opt.mdss_subflow_seqn = 0;
925 dss_ack_opt.mdss_data_len = 1;
926 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
927 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
928 if (do_csum) {
929 *dss_valp = mp_tp->mpt_sndnxt;
930 *sseqp = (u_int32_t *)(void *)(opt + optlen +
931 offsetof(struct mptcp_dss_ack_opt,
932 mdss_subflow_seqn));
933 }
934 optlen += len;
935 }
936
937 return (optlen);
938 }
939
940 /*
941 * MPTCP Options Input Processing
942 */
943
944
945 static int
946 mptcp_valid_mpcapable_common_opt(u_char *cp, u_int32_t mptcp_version)
947 {
948 struct mptcp_mpcapable_opt_common *rsp =
949 (struct mptcp_mpcapable_opt_common *)cp;
950
951 /* mmco_kind, mmco_len and mmco_subtype are validated before */
952
953 /* In future, there can be more than one version supported */
954 if (rsp->mmco_version != mptcp_version)
955 return (0);
956
957 if (!(rsp->mmco_flags & MPCAP_PROPOSAL_SBIT))
958 return (0);
959
960 if (rsp->mmco_flags & (MPCAP_BBIT | MPCAP_CBIT | MPCAP_DBIT |
961 MPCAP_EBIT | MPCAP_FBIT | MPCAP_GBIT))
962 return (0);
963
964 return (1);
965 }
966
967
968 static void
969 mptcp_do_mpcapable_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
970 int optlen)
971 {
972 struct mptcp_mpcapable_opt_rsp1 *rsp1 = NULL;
973 struct mptcp_mpcapable_opt_rsp *rsp = NULL;
974 struct mptcb *mp_tp = tptomptp(tp);
975
976 #define MPTCP_OPT_ERROR_PATH(tp) { \
977 tp->t_mpflags |= TMPF_RESET; \
978 tcpstat.tcps_invalid_mpcap++; \
979 if (tp->t_inpcb->inp_socket != NULL) { \
980 soevent(tp->t_inpcb->inp_socket, \
981 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
982 } \
983 }
984
985 if (mp_tp == NULL) {
986 if (mptcp_dbg == MP_ERR_DEBUG)
987 printf("MPTCP ERROR %s: NULL mpsocket \n", __func__);
988 tcpstat.tcps_invalid_mpcap++;
989 return;
990 }
991
992 /* Validate the kind, len, flags */
993 if (mptcp_valid_mpcapable_common_opt(cp, mp_tp->mpt_version) != 1) {
994 tcpstat.tcps_invalid_mpcap++;
995 return;
996 }
997
998 /* A SYN contains only the MP_CAPABLE option */
999 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1000 /* XXX passive side not supported yet */
1001 return;
1002 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1003
1004 /* A SYN/ACK contains peer's key and flags */
1005 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp)) {
1006 /* complain */
1007 if (mptcp_dbg == MP_ERR_DEBUG) {
1008 printf("%s: SYN_ACK optlen = %d, sizeof mp opt \
1009 = %lu \n", __func__, optlen,
1010 sizeof (struct mptcp_mpcapable_opt_rsp));
1011 }
1012 tcpstat.tcps_invalid_mpcap++;
1013 return;
1014 }
1015
1016 /*
1017 * If checksum flag is set, enable MPTCP checksum, even if
1018 * it was not negotiated on the first SYN.
1019 */
1020 if (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1021 MPCAP_CHECKSUM_CBIT)
1022 mp_tp->mpt_flags |= MPTCPF_CHECKSUM;
1023
1024 rsp = (struct mptcp_mpcapable_opt_rsp *)cp;
1025 MPT_LOCK_SPIN(mp_tp);
1026 mp_tp->mpt_remotekey = rsp->mmc_localkey;
1027 MPT_UNLOCK(mp_tp);
1028 tp->t_mpflags |= TMPF_PREESTABLISHED;
1029
1030 if (mptcp_dbg > MP_VERBOSE_DEBUG_1) {
1031 printf("SYN_ACK pre established, optlen = %d, tp \
1032 state = %d sport = %x dport = %x key = %llx \n",
1033 optlen, tp->t_state, th->th_sport, th->th_dport,
1034 mp_tp->mpt_remotekey);
1035 }
1036
1037 } else if ((th->th_flags & TH_ACK) &&
1038 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1039
1040 /*
1041 * Verify checksum flag is set, if we initially negotiated
1042 * checksum.
1043 */
1044 if ((mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1045 !(((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1046 MPCAP_CHECKSUM_CBIT)) {
1047 if (mptcp_dbg == MP_ERR_DEBUG) {
1048 printf("%s: checksum negotiation failure \n",
1049 __func__);
1050 }
1051 MPTCP_OPT_ERROR_PATH(tp);
1052 return;
1053 }
1054
1055 if (!(mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1056 (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1057 MPCAP_CHECKSUM_CBIT)) {
1058 if (mptcp_dbg == MP_ERR_DEBUG) {
1059 printf("%s: checksum negotiation failure 2.\n",
1060 __func__);
1061 }
1062 MPTCP_OPT_ERROR_PATH(tp);
1063 return;
1064 }
1065
1066 /*
1067 * The ACK of a three way handshake contains peer's key and
1068 * flags.
1069 */
1070 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp1)) {
1071 /* complain */
1072 if (mptcp_dbg == MP_ERR_DEBUG) {
1073 printf("%s: ACK optlen = %d , sizeof mp option \
1074 = %lu, state = %d \n",
1075 __func__,
1076 optlen,
1077 sizeof (struct mptcp_mpcapable_opt_rsp1),
1078 tp->t_state);
1079 }
1080 MPTCP_OPT_ERROR_PATH(tp);
1081 return;
1082 }
1083
1084 rsp1 = (struct mptcp_mpcapable_opt_rsp1 *)cp;
1085 /* Skipping MPT_LOCK for invariant key */
1086 if (rsp1->mmc_remotekey != *mp_tp->mpt_localkey) {
1087 if (mptcp_dbg == MP_ERR_DEBUG) {
1088 printf("MPTCP ERROR %s: key mismatch locally "
1089 "stored key. rsp = %llx local = %llx \n",
1090 __func__, rsp1->mmc_remotekey,
1091 *mp_tp->mpt_localkey);
1092 }
1093 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1094 MPTCP_OPT_ERROR_PATH(tp);
1095 return;
1096 } else {
1097 /* We received both keys. Almost an MPTCP connection */
1098 /* Skipping MPT_LOCK for invariant key */
1099 if (mp_tp->mpt_remotekey != rsp1->mmc_localkey) {
1100 if (mptcp_dbg == MP_ERR_DEBUG) {
1101 printf("MPTCP ERROR %s: keys don't"
1102 " match\n", __func__);
1103 }
1104 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1105 MPTCP_OPT_ERROR_PATH(tp);
1106 return;
1107 }
1108 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1109 tp->t_mpflags |= TMPF_MPTCP_RCVD_KEY;
1110 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1111 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1112 MPT_LOCK(mp_tp);
1113 DTRACE_MPTCP2(state__change, struct mptcb *, mp_tp,
1114 uint32_t, 0 /* event */);
1115 mp_tp->mpt_state = MPTCPS_ESTABLISHED;
1116 MPT_UNLOCK(mp_tp);
1117 if (mptcp_dbg >= MP_VERBOSE_DEBUG_2) {
1118 printf("MPTCP SUCCESS %s: rem key = %llx local \
1119 key = %llx \n",
1120 __func__, mp_tp->mpt_remotekey,
1121 *mp_tp->mpt_localkey);
1122 }
1123 }
1124 if (tp->t_mpuna) {
1125 tp->t_mpuna = 0;
1126 }
1127 }
1128 }
1129
1130
1131 static void
1132 mptcp_do_mpjoin_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1133 {
1134 #define MPTCP_JOPT_ERROR_PATH(tp) { \
1135 tp->t_mpflags |= TMPF_RESET; \
1136 tcpstat.tcps_invalid_joins++; \
1137 if (tp->t_inpcb->inp_socket != NULL) { \
1138 soevent(tp->t_inpcb->inp_socket, \
1139 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1140 } \
1141 }
1142 int error = 0;
1143 struct mptcb *mp_tp = tptomptp(tp);
1144
1145 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1146 /* We won't accept join requests as an active opener */
1147 if (tp->t_inpcb->inp_socket->so_flags & SOF_MPTCP_CLIENT) {
1148 MPTCP_JOPT_ERROR_PATH(tp);
1149 return;
1150 }
1151
1152 if (optlen != sizeof (struct mptcp_mpjoin_opt_req)) {
1153 if (mptcp_dbg == MP_ERR_DEBUG) {
1154 printf("SYN: unexpected optlen = %d, mp option"
1155 "= %lu\n",
1156 optlen,
1157 sizeof (struct mptcp_mpjoin_opt_req));
1158 }
1159 /* send RST and close */
1160 MPTCP_JOPT_ERROR_PATH(tp);
1161 return;
1162 }
1163 /* not supported yet */
1164 return;
1165 #ifdef MPTCP_NOTYET
1166 struct mptcp_mpjoin_opt_req *join_req =
1167 (struct mptcp_mpjoin_opt_req *)cp;
1168 mp_so = mptcp_find_mpso(join_req->mmjo_peer_token);
1169 if (!mp_so) {
1170 if (mptcp_dbg >= MP_ERR_DEBUG)
1171 printf("%s: cannot find mp_so token = %x\n",
1172 __func__, join_req->mmjo_peer_token);
1173 /* send RST */
1174 MPTCP_JOPT_ERROR_PATH(tp);
1175 return;
1176 }
1177 if (tp->t_mpflags & TMPF_PREESTABLISHED) {
1178 return;
1179 }
1180 mp_so->ms_remote_addr_id = join_req->mmjo_addr_id;
1181 mp_so->ms_remote_rand = join_req->mmjo_rand;
1182 tp->t_mpflags |= TMPF_PREESTABLISHED | TMPF_JOINED_FLOW;
1183 tp->t_mpflags |= TMPF_RECVD_JOIN;
1184 tp->t_inpcb->inp_socket->so_flags |= SOF_MP_SEC_SUBFLOW;
1185 if (join_req->mmjo_subtype & MPTCP_BACKUP) {
1186 tp->t_mpflags |= TMPF_BACKUP_PATH;
1187 }
1188 #endif
1189 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1190 struct mptcp_mpjoin_opt_rsp *join_rsp =
1191 (struct mptcp_mpjoin_opt_rsp *)cp;
1192
1193 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp)) {
1194 if (mptcp_dbg >= MP_ERR_DEBUG) {
1195 printf("SYN_ACK: unexpected optlen = %d mp "
1196 "option = %lu\n", optlen,
1197 sizeof (struct mptcp_mpjoin_opt_rsp));
1198 }
1199 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1200 /* send RST and close */
1201 MPTCP_JOPT_ERROR_PATH(tp);
1202 return;
1203 }
1204
1205 if (mp_tp == NULL) {
1206 if (mptcp_dbg >= MP_ERR_DEBUG)
1207 printf("%s: cannot find mp_tp in SYN_ACK\n",
1208 __func__);
1209 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1210 /* send RST and close */
1211 MPTCP_JOPT_ERROR_PATH(tp);
1212 return;
1213 }
1214
1215 mptcp_set_raddr_rand(tp->t_local_aid,
1216 tptomptp(tp),
1217 join_rsp->mmjo_addr_id, join_rsp->mmjo_rand);
1218 error = mptcp_validate_join_hmac(tp,
1219 (u_char*)&join_rsp->mmjo_mac, SHA1_TRUNCATED);
1220 if (error) {
1221 if (mptcp_dbg >= MP_ERR_DEBUG) {
1222 printf("%s: SYN_ACK error = %d \n", __func__,
1223 error);
1224 }
1225 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1226 /* send RST and close */
1227 MPTCP_JOPT_ERROR_PATH(tp);
1228 return;
1229 }
1230 tp->t_mpflags |= TMPF_SENT_JOIN;
1231 } else if ((th->th_flags & TH_ACK) &&
1232 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1233 struct mptcp_mpjoin_opt_rsp2 *join_rsp2 =
1234 (struct mptcp_mpjoin_opt_rsp2 *)cp;
1235
1236 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp2)) {
1237 if (mptcp_dbg >= MP_ERR_DEBUG) {
1238 printf("ACK: unexpected optlen = %d mp option "
1239 "= %lu \n", optlen,
1240 sizeof (struct mptcp_mpjoin_opt_rsp2));
1241 }
1242 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1243 /* send RST and close */
1244 MPTCP_JOPT_ERROR_PATH(tp);
1245 return;
1246 }
1247
1248 if (mp_tp == NULL) {
1249 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1250 MPTCP_JOPT_ERROR_PATH(tp);
1251 return;
1252 }
1253
1254 error = mptcp_validate_join_hmac(tp, join_rsp2->mmjo_mac,
1255 SHA1_RESULTLEN);
1256 if (error) {
1257 if (mptcp_dbg >= MP_ERR_DEBUG) {
1258 printf("%s: ACK error = %d\n", __func__,
1259 error);
1260 }
1261 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1262 MPTCP_JOPT_ERROR_PATH(tp);
1263 return;
1264 }
1265 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1266 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1267 tp->t_flags |= TF_ACKNOW;
1268 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1269 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1270 if (mptcp_dbg >= MP_ERR_DEBUG) {
1271 printf("MPTCP SUCCESS %s: join \n", __func__);
1272 }
1273 }
1274 }
1275
1276 static int
1277 mptcp_validate_join_hmac(struct tcpcb *tp, u_char* hmac, int mac_len)
1278 {
1279 u_char digest[SHA1_RESULTLEN] = {0};
1280 struct mptcb *mp_tp = NULL;
1281 mptcp_key_t rem_key, loc_key;
1282 u_int32_t rem_rand, loc_rand;
1283
1284 mp_tp = tp->t_mptcb;
1285 if (mp_tp == NULL)
1286 return (-1);
1287
1288 rem_rand = loc_rand = 0;
1289
1290 MPT_LOCK(mp_tp);
1291 rem_key = mp_tp->mpt_remotekey;
1292 loc_key = *mp_tp->mpt_localkey;
1293 MPT_UNLOCK(mp_tp);
1294
1295 mptcp_get_rands(tp->t_local_aid, mp_tp, &loc_rand, &rem_rand);
1296 if ((rem_rand == 0) || (loc_rand == 0))
1297 return (-1);
1298
1299 mptcp_hmac_sha1(rem_key, loc_key, rem_rand, loc_rand,
1300 digest, sizeof (digest));
1301
1302 if (bcmp(digest, hmac, mac_len) == 0)
1303 return (0); /* matches */
1304 else {
1305 printf("%s: remote key %llx local key %llx remote rand %x "
1306 "local rand %x \n", __func__, rem_key, loc_key,
1307 rem_rand, loc_rand);
1308 return (-1);
1309 }
1310 }
1311
1312 static void
1313 mptcp_do_dss_opt_ack_meat(u_int64_t full_dack, struct tcpcb *tp)
1314 {
1315 struct mptcb *mp_tp = tptomptp(tp);
1316 int close_notify = 0;
1317
1318 if (mp_tp == NULL)
1319 return;
1320
1321 MPT_LOCK(mp_tp);
1322 if (MPTCP_SEQ_LEQ(full_dack, mp_tp->mpt_sndmax) &&
1323 MPTCP_SEQ_GEQ(full_dack, mp_tp->mpt_snduna)) {
1324 mptcp_data_ack_rcvd(mp_tp, tp, full_dack);
1325 if ((mp_tp->mpt_state == MPTCPS_CLOSED) ||
1326 (mp_tp->mpt_state > MPTCPS_FIN_WAIT_2))
1327 close_notify = 1;
1328 MPT_UNLOCK(mp_tp);
1329 mptcp_notify_mpready(tp->t_inpcb->inp_socket);
1330 if (close_notify)
1331 mptcp_notify_close(tp->t_inpcb->inp_socket);
1332 if (mp_tp->mpt_flags & MPTCPF_RCVD_64BITACK) {
1333 mp_tp->mpt_flags &= ~MPTCPF_RCVD_64BITACK;
1334 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITDSN;
1335 }
1336 } else {
1337 MPT_UNLOCK(mp_tp);
1338 if (mptcp_dbg == MP_VERBOSE_DEBUG_2) {
1339 printf("%s: unexpected dack %llx snduna %llx "
1340 "sndmax %llx\n", __func__, full_dack,
1341 mp_tp->mpt_snduna, mp_tp->mpt_sndmax);
1342 }
1343 }
1344
1345 if (mptcp_dbg == MP_VERBOSE_DEBUG_2) {
1346 printf("%s: full_dack = %llu \n", __func__, full_dack);
1347 }
1348 }
1349
1350 static void
1351 mptcp_do_dss_opt_meat(u_char *cp, struct tcpcb *tp)
1352 {
1353 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1354 u_int64_t full_dack = 0;
1355 struct mptcb *mp_tp = tptomptp(tp);
1356 int csum_len = 0;
1357
1358 #define MPTCP_DSS_OPT_SZ_CHK(len, expected_len) { \
1359 if (len != expected_len) { \
1360 if (mptcp_dbg >= MP_ERR_DEBUG) { \
1361 printf("MPTCP ERROR %s: bad len = %d" \
1362 "dss: %x \n", __func__, \
1363 len, \
1364 dss_rsp->mdss_flags); \
1365 } \
1366 return; \
1367 } \
1368 }
1369 if (mp_tp == NULL)
1370 return;
1371
1372 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
1373 csum_len = 2;
1374
1375 dss_rsp->mdss_flags &= (MDSS_A|MDSS_a|MDSS_M|MDSS_m);
1376 switch (dss_rsp->mdss_flags) {
1377 case (MDSS_M):
1378 {
1379 /* 32-bit DSS, No Data ACK */
1380 struct mptcp_dsn_opt *dss_rsp1;
1381 dss_rsp1 = (struct mptcp_dsn_opt *)cp;
1382
1383 MPTCP_DSS_OPT_SZ_CHK(dss_rsp1->mdss_copt.mdss_len,
1384 sizeof (struct mptcp_dsn_opt) + csum_len);
1385 if (csum_len == 0)
1386 mptcp_update_dss_rcv_state(dss_rsp1, tp, 0);
1387 else
1388 mptcp_update_dss_rcv_state(dss_rsp1, tp,
1389 *(uint16_t *)(void *)(cp +
1390 (dss_rsp1->mdss_copt.mdss_len - csum_len)));
1391 break;
1392 }
1393 case (MDSS_A):
1394 {
1395 /* 32-bit Data ACK, no DSS */
1396 struct mptcp_data_ack_opt *dack_opt;
1397 dack_opt = (struct mptcp_data_ack_opt *)cp;
1398
1399 MPTCP_DSS_OPT_SZ_CHK(dack_opt->mdss_copt.mdss_len,
1400 sizeof (struct mptcp_data_ack_opt));
1401
1402 u_int32_t dack = dack_opt->mdss_ack;
1403 NTOHL(dack);
1404 MPT_LOCK_SPIN(mp_tp);
1405 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1406 MPT_UNLOCK(mp_tp);
1407 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1408 break;
1409 }
1410 case (MDSS_M | MDSS_A):
1411 {
1412 /* 32-bit Data ACK + 32-bit DSS */
1413 struct mptcp_dss_ack_opt *dss_ack_rsp;
1414 dss_ack_rsp = (struct mptcp_dss_ack_opt *)cp;
1415
1416 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1417 sizeof (struct mptcp_dss_ack_opt) + csum_len);
1418
1419 u_int32_t dack = dss_ack_rsp->mdss_ack;
1420 NTOHL(dack);
1421 MPT_LOCK_SPIN(mp_tp);
1422 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1423 MPT_UNLOCK(mp_tp);
1424 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1425 if (csum_len == 0)
1426 mptcp_update_rcv_state_f(dss_ack_rsp, tp, 0);
1427 else
1428 mptcp_update_rcv_state_f(dss_ack_rsp, tp,
1429 *(uint16_t *)(void *)(cp +
1430 (dss_ack_rsp->mdss_copt.mdss_len -
1431 csum_len)));
1432 break;
1433 }
1434 case (MDSS_M | MDSS_m):
1435 {
1436 /* 64-bit DSS , No Data ACK */
1437 struct mptcp_dsn64_opt *dsn64;
1438 dsn64 = (struct mptcp_dsn64_opt *)cp;
1439 u_int64_t full_dsn;
1440
1441 MPTCP_DSS_OPT_SZ_CHK(dsn64->mdss_copt.mdss_len,
1442 sizeof (struct mptcp_dsn64_opt) + csum_len);
1443
1444 if (mptcp_dbg == MP_VERBOSE_DEBUG_4) {
1445 printf("%s: 64-bit M present.\n", __func__);
1446 }
1447
1448 MPT_LOCK_SPIN(mp_tp);
1449 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1450 MPT_UNLOCK(mp_tp);
1451
1452 full_dsn = mptcp_ntoh64(dsn64->mdss_dsn);
1453 NTOHL(dsn64->mdss_subflow_seqn);
1454 NTOHS(dsn64->mdss_data_len);
1455 if (csum_len == 0)
1456 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1457 dsn64->mdss_subflow_seqn,
1458 dsn64->mdss_data_len,
1459 0);
1460 else
1461 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1462 dsn64->mdss_subflow_seqn,
1463 dsn64->mdss_data_len,
1464 *(uint16_t *)(void *)(cp +
1465 dsn64->mdss_copt.mdss_len - csum_len));
1466 break;
1467 }
1468 case (MDSS_A | MDSS_a):
1469 {
1470 /* 64-bit Data ACK, no DSS */
1471 struct mptcp_data_ack64_opt *dack64;
1472 dack64 = (struct mptcp_data_ack64_opt *)cp;
1473
1474 MPTCP_DSS_OPT_SZ_CHK(dack64->mdss_copt.mdss_len,
1475 sizeof (struct mptcp_data_ack64_opt));
1476
1477
1478 if (mptcp_dbg == MP_VERBOSE_DEBUG_4) {
1479 printf("%s: 64-bit A present. \n", __func__);
1480 }
1481
1482 MPT_LOCK_SPIN(mp_tp);
1483 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1484 MPT_UNLOCK(mp_tp);
1485
1486 full_dack = mptcp_ntoh64(dack64->mdss_ack);
1487 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1488 break;
1489 }
1490 case (MDSS_M | MDSS_m | MDSS_A):
1491 {
1492 /* 64-bit DSS + 32-bit Data ACK */
1493 struct mptcp_dss64_ack32_opt *dss_ack_rsp;
1494 dss_ack_rsp = (struct mptcp_dss64_ack32_opt *)cp;
1495
1496 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1497 sizeof (struct mptcp_dss64_ack32_opt) + csum_len);
1498
1499 if (mptcp_dbg == MP_VERBOSE_DEBUG_4) {
1500 printf("%s: 64-bit M and 32-bit A present.\n",
1501 __func__);
1502 }
1503
1504 u_int32_t dack = dss_ack_rsp->mdss_ack;
1505 NTOHL(dack);
1506 MPT_LOCK_SPIN(mp_tp);
1507 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1508 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1509 MPT_UNLOCK(mp_tp);
1510 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1511 if (csum_len == 0)
1512 mptcp_update_rcv_state_g(dss_ack_rsp, tp, 0);
1513 else
1514 mptcp_update_rcv_state_g(dss_ack_rsp, tp,
1515 *(uint16_t *)(void *)(cp +
1516 dss_ack_rsp->mdss_copt.mdss_len -
1517 csum_len));
1518 break;
1519 }
1520 case (MDSS_M | MDSS_A | MDSS_a):
1521 {
1522 /* 32-bit DSS + 64-bit Data ACK */
1523 struct mptcp_dss32_ack64_opt *dss32_ack64_opt;
1524 dss32_ack64_opt = (struct mptcp_dss32_ack64_opt *)cp;
1525 u_int64_t full_dsn;
1526
1527 MPTCP_DSS_OPT_SZ_CHK(
1528 dss32_ack64_opt->mdss_copt.mdss_len,
1529 sizeof (struct mptcp_dss32_ack64_opt) + csum_len);
1530
1531 if (mptcp_dbg == MP_VERBOSE_DEBUG_4) {
1532 printf("%s: 32-bit M and 64-bit A present.\n",
1533 __func__);
1534 }
1535 full_dack = mptcp_ntoh64(dss32_ack64_opt->mdss_ack);
1536 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1537 NTOHL(dss32_ack64_opt->mdss_dsn);
1538 MPT_LOCK_SPIN(mp_tp);
1539 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1540 MPTCP_EXTEND_DSN(mp_tp->mpt_rcvnxt,
1541 dss32_ack64_opt->mdss_dsn, full_dsn);
1542 MPT_UNLOCK(mp_tp);
1543 NTOHL(dss32_ack64_opt->mdss_subflow_seqn);
1544 NTOHS(dss32_ack64_opt->mdss_data_len);
1545 if (csum_len == 0)
1546 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1547 dss32_ack64_opt->mdss_subflow_seqn,
1548 dss32_ack64_opt->mdss_data_len, 0);
1549 else
1550 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1551 dss32_ack64_opt->mdss_subflow_seqn,
1552 dss32_ack64_opt->mdss_data_len,
1553 *(uint16_t *)(void *)(cp +
1554 dss32_ack64_opt->mdss_copt.mdss_len -
1555 csum_len));
1556 break;
1557 }
1558 case (MDSS_M | MDSS_m | MDSS_A | MDSS_a):
1559 {
1560 /* 64-bit DSS + 64-bit Data ACK */
1561 struct mptcp_dss64_ack64_opt *dss64_ack64;
1562 dss64_ack64 = (struct mptcp_dss64_ack64_opt *)cp;
1563 u_int64_t full_dsn;
1564
1565 MPTCP_DSS_OPT_SZ_CHK(dss64_ack64->mdss_copt.mdss_len,
1566 sizeof (struct mptcp_dss64_ack64_opt) + csum_len);
1567
1568 if (mptcp_dbg == MP_VERBOSE_DEBUG_4) {
1569 printf("%s: 64-bit M and 64-bit A present.\n",
1570 __func__);
1571 }
1572 MPT_LOCK_SPIN(mp_tp);
1573 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1574 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1575 MPT_UNLOCK(mp_tp);
1576 full_dsn = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1577 full_dack = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1578 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1579 NTOHL(dss64_ack64->mdss_subflow_seqn);
1580 NTOHS(dss64_ack64->mdss_data_len);
1581 if (csum_len == 0)
1582 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1583 dss64_ack64->mdss_subflow_seqn,
1584 dss64_ack64->mdss_data_len, 0);
1585 else
1586 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1587 dss64_ack64->mdss_subflow_seqn,
1588 dss64_ack64->mdss_data_len,
1589 *(uint16_t *)(void *)(cp +
1590 dss64_ack64->mdss_copt.mdss_len -
1591 csum_len));
1592 break;
1593 }
1594 default:
1595 if (mptcp_dbg >= MP_ERR_DEBUG) {
1596 printf("MPTCP ERROR %s: File bug, DSS flags = %x\n",
1597 __func__, dss_rsp->mdss_flags);
1598 }
1599 break;
1600 }
1601 }
1602
1603
1604 static void
1605 mptcp_do_fin_opt(struct tcpcb *tp)
1606 {
1607 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1608
1609 if (!(tp->t_mpflags & TMPF_RECV_DFIN)) {
1610 if (mp_tp != NULL) {
1611 MPT_LOCK(mp_tp);
1612 mp_tp->mpt_rcvnxt += 1;
1613 mptcp_close_fsm(mp_tp, MPCE_RECV_DATA_FIN);
1614 MPT_UNLOCK(mp_tp);
1615 }
1616 tp->t_mpflags |= TMPF_RECV_DFIN;
1617 }
1618
1619 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1620 /*
1621 * Since this is a data level FIN, TCP needs to be explicitly told
1622 * to send back an ACK on which the Data ACK is piggybacked.
1623 */
1624 tp->t_flags |= TF_ACKNOW;
1625 }
1626
1627 static void
1628 mptcp_do_dss_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1629 {
1630 #pragma unused(th, optlen)
1631 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1632
1633 if (!mp_tp)
1634 return;
1635
1636 if (tp->t_mpflags & TMPF_MPTCP_TRUE) {
1637 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1638
1639 if (dss_rsp->mdss_subtype == MPO_DSS) {
1640 if (mptcp_dbg > MP_VERBOSE_DEBUG_4) {
1641 printf("%s: DSS option received: %d ",
1642 __func__, dss_rsp->mdss_flags);
1643 }
1644 if (dss_rsp->mdss_flags & MDSS_F) {
1645 if (mptcp_dbg >= MP_VERBOSE_DEBUG_1)
1646 printf("%s: received FIN\n", __func__);
1647 mptcp_do_fin_opt(tp);
1648 }
1649
1650 mptcp_do_dss_opt_meat(cp, tp);
1651 }
1652 }
1653 }
1654
1655 static void
1656 mptcp_do_fastclose_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1657 {
1658 struct mptcb *mp_tp = NULL;
1659 struct mptcp_fastclose_opt *fc_opt = (struct mptcp_fastclose_opt *)cp;
1660
1661 if (th->th_flags != TH_ACK)
1662 return;
1663
1664 if (mptcp_dbg > MP_VERBOSE_DEBUG_2)
1665 printf("%s: received \n", __func__);
1666
1667 if (fc_opt->mfast_len != sizeof (struct mptcp_fastclose_opt)) {
1668 tcpstat.tcps_invalid_opt++;
1669 return;
1670 }
1671
1672 mp_tp = (struct mptcb *)tp->t_mptcb;
1673 if (!mp_tp)
1674 return;
1675
1676 if (fc_opt->mfast_key != mptcp_get_localkey(mp_tp)) {
1677 tcpstat.tcps_invalid_opt++;
1678 return;
1679 }
1680
1681 /*
1682 * fastclose could make us more vulnerable to attacks, hence
1683 * accept only those that are at the next expected sequence number.
1684 */
1685 if (th->th_seq != tp->rcv_nxt) {
1686 tcpstat.tcps_invalid_opt++;
1687 return;
1688 }
1689
1690 MPT_LOCK(mp_tp);
1691 if (mp_tp->mpt_state != MPTCPS_FASTCLOSE_WAIT) {
1692 mp_tp->mpt_state = MPTCPS_FASTCLOSE_WAIT;
1693 DTRACE_MPTCP2(state__change, struct mptcb *, mp_tp,
1694 uint32_t, 0 /* event */);
1695 mptcp_start_timer(mp_tp, MPTT_FASTCLOSE);
1696 }
1697 MPT_UNLOCK(mp_tp);
1698
1699 /* Reset this flow */
1700 tp->t_mpflags |= TMPF_RESET;
1701
1702 if (tp->t_inpcb->inp_socket != NULL) {
1703 soevent(tp->t_inpcb->inp_socket,
1704 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST);
1705 }
1706 }
1707
1708
1709 static void
1710 mptcp_do_mpfail_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1711 {
1712 struct mptcb *mp_tp = NULL;
1713 struct mptcp_mpfail_opt *fail_opt = (struct mptcp_mpfail_opt *)cp;
1714
1715 if ((th->th_flags != TH_ACK) || (th->th_flags != TH_RST))
1716 return;
1717
1718 if (fail_opt->mfail_len != sizeof (struct mptcp_mpfail_opt))
1719 return;
1720
1721 mp_tp = (struct mptcb *)tp->t_mptcb;
1722 if (mp_tp == NULL)
1723 return;
1724
1725 MPT_LOCK(mp_tp);
1726 mp_tp->mpt_flags |= MPTCPF_RECVD_MPFAIL;
1727 mp_tp->mpt_dsn_at_csum_fail = mptcp_hton64(fail_opt->mfail_dsn);
1728 MPT_UNLOCK(mp_tp);
1729
1730 mptcp_notify_mpfail(tp->t_inpcb->inp_socket);
1731 }
1732
1733 int
1734 tcp_do_mptcp_options(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1735 struct tcpopt *to, int optlen)
1736 {
1737 int mptcp_subtype;
1738
1739 /* All MPTCP options have atleast 4 bytes */
1740 if (optlen < 4)
1741 return (0);
1742
1743 mptcp_subtype = (cp[2] >> 4);
1744
1745 switch (mptcp_subtype) {
1746 case MPO_CAPABLE:
1747 mptcp_do_mpcapable_opt(tp, cp, th, optlen);
1748 break;
1749 case MPO_JOIN:
1750 mptcp_do_mpjoin_opt(tp, cp, th, optlen);
1751 break;
1752 case MPO_DSS:
1753 mptcp_do_dss_opt(tp, cp, th, optlen);
1754 break;
1755 case MPO_FASTCLOSE:
1756 mptcp_do_fastclose_opt(tp, cp, th);
1757 break;
1758 case MPO_FAIL:
1759 mptcp_do_mpfail_opt(tp, cp, th);
1760 break;
1761 case MPO_ADD_ADDR: /* fall through */
1762 case MPO_REMOVE_ADDR: /* fall through */
1763 case MPO_PRIO:
1764 to->to_flags |= TOF_MPTCP;
1765 break;
1766 default:
1767 printf("%s: type = %d\n", __func__, mptcp_subtype);
1768 break;
1769 }
1770 return (0);
1771 }
1772
1773 /*
1774 * MPTCP ADD_ADDR and REMOVE_ADDR options
1775 */
1776
1777 /*
1778 * ADD_ADDR is only placeholder code - not sent on wire
1779 * The ADD_ADDR option is not sent on wire because of security issues
1780 * around connection hijacking.
1781 */
1782 void
1783 mptcp_send_addaddr_opt(struct tcpcb *tp, struct mptcp_addaddr_opt *opt)
1784 {
1785
1786 opt->ma_kind = TCPOPT_MULTIPATH;
1787 opt->ma_len = sizeof (struct mptcp_addaddr_opt);
1788 opt->ma_subtype = MPO_ADD_ADDR;
1789 opt->ma_addr_id = tp->t_local_aid;
1790 #ifdef MPTCP_NOTYET
1791 struct inpcb *inp = tp->t_inpcb;
1792 if (inp->inp_vflag == AF_INET) {
1793 opt->ma_ipver = MA_IPVer_V4;
1794 bcopy((char *)&sin->sin_addr.s_addr, (char *)opt + opt->ma_len,
1795 sizeof (in_addr_t));
1796 opt->ma_len += sizeof (in_addr_t);
1797 } else if (inp->inp_vflag == AF_INET6) {
1798 opt->ma_ipver = MA_IPVer_V6;
1799 bcopy((char *)&sin6->sin6_addr, (char *)opt + opt->ma_len,
1800 sizeof (struct in6_addr));
1801 opt->ma_len += sizeof (struct in6_addr);
1802 }
1803 #if 0
1804 if (tp->t_mp_port) {
1805 /* add ports XXX */
1806 }
1807 #endif
1808 #endif
1809 }
1810
1811 /* REMOVE_ADDR option is sent when a source address goes away */
1812 void
1813 mptcp_send_remaddr_opt(struct tcpcb *tp, struct mptcp_remaddr_opt *opt)
1814 {
1815 if (mptcp_dbg >= MP_ERR_DEBUG)
1816 printf("%s: local id %d remove id %d \n", __func__,
1817 tp->t_local_aid, tp->t_rem_aid);
1818
1819 bzero(opt, sizeof (opt));
1820 opt->mr_kind = TCPOPT_MULTIPATH;
1821 opt->mr_len = sizeof (opt);
1822 opt->mr_subtype = MPO_REMOVE_ADDR;
1823 opt->mr_addr_id = tp->t_rem_aid;
1824 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
1825 }
1826
1827 /*
1828 * MPTCP MP_PRIO option
1829 */
1830
1831 #if 0
1832 /*
1833 * Current implementation drops incoming MP_PRIO option and this code is
1834 * just a placeholder. The option is dropped because only the mobile client can
1835 * decide which of the subflows is preferred (usually wifi is preferred
1836 * over Cellular).
1837 */
1838 void
1839 mptcp_do_mpprio_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1840 int optlen)
1841 {
1842 int bkp = 0;
1843 struct mptcp_mpprio_opt *mpprio = (struct mptcp_mpprio_opt *)cp;
1844
1845 if ((tp == NULL) || !(tp->t_mpflags & TMPF_MPTCP_TRUE))
1846 return;
1847
1848 if ((mpprio->mpprio_len != sizeof (struct mptcp_mpprio_addr_opt)) &&
1849 (mpprio->mpprio_len != sizeof (struct mptcp_mpprio_opt)))
1850 return;
1851 }
1852 #endif
1853
1854 /* We send MP_PRIO option based on the values set by the SIOCSCONNORDER ioctl */
1855 static int
1856 mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen)
1857 {
1858 struct mptcp_mpprio_addr_opt mpprio;
1859
1860 if (tp->t_state != TCPS_ESTABLISHED) {
1861 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1862 return (optlen);
1863 }
1864
1865 if (mptcp_mpprio_enable != 1) {
1866 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1867 return (optlen);
1868 }
1869
1870 if ((MAX_TCPOPTLEN - optlen) <
1871 (int)sizeof (mpprio))
1872 return (optlen);
1873
1874 bzero(&mpprio, sizeof (mpprio));
1875 mpprio.mpprio_kind = TCPOPT_MULTIPATH;
1876 mpprio.mpprio_len = sizeof (mpprio);
1877 mpprio.mpprio_subtype = MPO_PRIO;
1878 if (tp->t_mpflags & TMPF_BACKUP_PATH)
1879 mpprio.mpprio_flags |= MPTCP_MPPRIO_BKP;
1880 mpprio.mpprio_addrid = tp->t_local_aid;
1881 memcpy(cp + optlen, &mpprio, sizeof (mpprio));
1882 optlen += sizeof (mpprio);
1883 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1884 if (mptcp_dbg >= MP_ERR_DEBUG)
1885 printf("%s: aid = %d \n", __func__, tp->t_local_aid);
1886 return (optlen);
1887 }
mirror of XNU