]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/tcp_usrreq.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3789.31.2.tar.gz
[apple/xnu.git] / bsd / netinet / tcp_usrreq.c
1 /*
2 * Copyright (c) 2000-2016 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 /*
29 * Copyright (c) 1982, 1986, 1988, 1993
30 * The Regents of the University of California. All rights reserved.
31 *
32 * Redistribution and use in source and binary forms, with or without
33 * modification, are permitted provided that the following conditions
34 * are met:
35 * 1. Redistributions of source code must retain the above copyright
36 * notice, this list of conditions and the following disclaimer.
37 * 2. Redistributions in binary form must reproduce the above copyright
38 * notice, this list of conditions and the following disclaimer in the
39 * documentation and/or other materials provided with the distribution.
40 * 3. All advertising materials mentioning features or use of this software
41 * must display the following acknowledgement:
42 * This product includes software developed by the University of
43 * California, Berkeley and its contributors.
44 * 4. Neither the name of the University nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 *
60 * From: @(#)tcp_usrreq.c 8.2 (Berkeley) 1/3/94
61 * $FreeBSD: src/sys/netinet/tcp_usrreq.c,v 1.51.2.9 2001/08/22 00:59:12 silby Exp $
62 */
63
64
65 #include <sys/param.h>
66 #include <sys/systm.h>
67 #include <sys/kernel.h>
68 #include <sys/sysctl.h>
69 #include <sys/mbuf.h>
70 #if INET6
71 #include <sys/domain.h>
72 #endif /* INET6 */
73 #include <sys/kasl.h>
74 #include <sys/socket.h>
75 #include <sys/socketvar.h>
76 #include <sys/protosw.h>
77 #include <sys/syslog.h>
78
79 #include <net/if.h>
80 #include <net/route.h>
81 #include <net/ntstat.h>
82 #include <net/content_filter.h>
83
84 #include <netinet/in.h>
85 #include <netinet/in_systm.h>
86 #if INET6
87 #include <netinet/ip6.h>
88 #endif
89 #include <netinet/in_pcb.h>
90 #if INET6
91 #include <netinet6/in6_pcb.h>
92 #endif
93 #include <netinet/in_var.h>
94 #include <netinet/ip_var.h>
95 #if INET6
96 #include <netinet6/ip6_var.h>
97 #endif
98 #include <netinet/tcp.h>
99 #include <netinet/tcp_fsm.h>
100 #include <netinet/tcp_seq.h>
101 #include <netinet/tcp_timer.h>
102 #include <netinet/tcp_var.h>
103 #include <netinet/tcpip.h>
104 #include <mach/sdt.h>
105 #if TCPDEBUG
106 #include <netinet/tcp_debug.h>
107 #endif
108 #if MPTCP
109 #include <netinet/mptcp_var.h>
110 #endif /* MPTCP */
111
112 #if IPSEC
113 #include <netinet6/ipsec.h>
114 #endif /*IPSEC*/
115
116 #if FLOW_DIVERT
117 #include <netinet/flow_divert.h>
118 #endif /* FLOW_DIVERT */
119
120 void tcp_fill_info(struct tcpcb *, struct tcp_info *);
121 errno_t tcp_fill_info_for_info_tuple(struct info_tuple *, struct tcp_info *);
122
123 int tcp_sysctl_info(struct sysctl_oid *, void *, int , struct sysctl_req *);
124 static void tcp_connection_fill_info(struct tcpcb *tp,
125 struct tcp_connection_info *tci);
126
127 /*
128 * TCP protocol interface to socket abstraction.
129 */
130 extern char *tcpstates[]; /* XXX ??? */
131
132 static int tcp_attach(struct socket *, struct proc *);
133 static int tcp_connect(struct tcpcb *, struct sockaddr *, struct proc *);
134 #if INET6
135 static int tcp6_connect(struct tcpcb *, struct sockaddr *, struct proc *);
136 static int tcp6_usr_connect(struct socket *, struct sockaddr *,
137 struct proc *);
138 #endif /* INET6 */
139 static struct tcpcb *tcp_disconnect(struct tcpcb *);
140 static struct tcpcb *tcp_usrclosed(struct tcpcb *);
141 extern void tcp_sbrcv_trim(struct tcpcb *tp, struct sockbuf *sb);
142
143 #if TCPDEBUG
144 #define TCPDEBUG0 int ostate = 0
145 #define TCPDEBUG1() ostate = tp ? tp->t_state : 0
146 #define TCPDEBUG2(req) if (tp && (so->so_options & SO_DEBUG)) \
147 tcp_trace(TA_USER, ostate, tp, 0, 0, req)
148 #else
149 #define TCPDEBUG0
150 #define TCPDEBUG1()
151 #define TCPDEBUG2(req)
152 #endif
153
154 SYSCTL_PROC(_net_inet_tcp, OID_AUTO, info,
155 CTLFLAG_RW | CTLFLAG_LOCKED | CTLFLAG_ANYBODY | CTLFLAG_KERN,
156 0 , 0, tcp_sysctl_info, "S", "TCP info per tuple");
157
158 /*
159 * TCP attaches to socket via pru_attach(), reserving space,
160 * and an internet control block.
161 *
162 * Returns: 0 Success
163 * EISCONN
164 * tcp_attach:ENOBUFS
165 * tcp_attach:ENOMEM
166 * tcp_attach:??? [IPSEC specific]
167 */
168 static int
169 tcp_usr_attach(struct socket *so, __unused int proto, struct proc *p)
170 {
171 int error;
172 struct inpcb *inp = sotoinpcb(so);
173 struct tcpcb *tp = 0;
174 TCPDEBUG0;
175
176 TCPDEBUG1();
177 if (inp) {
178 error = EISCONN;
179 goto out;
180 }
181
182 error = tcp_attach(so, p);
183 if (error)
184 goto out;
185
186 if ((so->so_options & SO_LINGER) && so->so_linger == 0)
187 so->so_linger = TCP_LINGERTIME * hz;
188 tp = sototcpcb(so);
189 out:
190 TCPDEBUG2(PRU_ATTACH);
191 return error;
192 }
193
194 /*
195 * pru_detach() detaches the TCP protocol from the socket.
196 * If the protocol state is non-embryonic, then can't
197 * do this directly: have to initiate a pru_disconnect(),
198 * which may finish later; embryonic TCB's can just
199 * be discarded here.
200 */
201 static int
202 tcp_usr_detach(struct socket *so)
203 {
204 int error = 0;
205 struct inpcb *inp = sotoinpcb(so);
206 struct tcpcb *tp;
207 TCPDEBUG0;
208
209 if (inp == 0 || (inp->inp_state == INPCB_STATE_DEAD)) {
210 return EINVAL; /* XXX */
211 }
212 lck_mtx_assert(&((struct inpcb *)so->so_pcb)->inpcb_mtx, LCK_MTX_ASSERT_OWNED);
213 tp = intotcpcb(inp);
214 /* In case we got disconnected from the peer */
215 if (tp == NULL)
216 goto out;
217 TCPDEBUG1();
218
219 calculate_tcp_clock();
220
221 tp = tcp_disconnect(tp);
222 out:
223 TCPDEBUG2(PRU_DETACH);
224 return error;
225 }
226
227 #if NECP
228 #define COMMON_START() TCPDEBUG0; \
229 do { \
230 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) \
231 return (EINVAL); \
232 if (necp_socket_should_use_flow_divert(inp)) \
233 return (EPROTOTYPE); \
234 tp = intotcpcb(inp); \
235 TCPDEBUG1(); \
236 calculate_tcp_clock(); \
237 } while (0)
238 #else /* NECP */
239 #define COMMON_START() TCPDEBUG0; \
240 do { \
241 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD) \
242 return (EINVAL); \
243 tp = intotcpcb(inp); \
244 TCPDEBUG1(); \
245 calculate_tcp_clock(); \
246 } while (0)
247 #endif /* !NECP */
248
249 #define COMMON_END(req) out: TCPDEBUG2(req); return error; goto out
250
251
252 /*
253 * Give the socket an address.
254 *
255 * Returns: 0 Success
256 * EINVAL Invalid argument [COMMON_START]
257 * EAFNOSUPPORT Address family not supported
258 * in_pcbbind:EADDRNOTAVAIL Address not available.
259 * in_pcbbind:EINVAL Invalid argument
260 * in_pcbbind:EAFNOSUPPORT Address family not supported [notdef]
261 * in_pcbbind:EACCES Permission denied
262 * in_pcbbind:EADDRINUSE Address in use
263 * in_pcbbind:EAGAIN Resource unavailable, try again
264 * in_pcbbind:EPERM Operation not permitted
265 */
266 static int
267 tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
268 {
269 int error = 0;
270 struct inpcb *inp = sotoinpcb(so);
271 struct tcpcb *tp;
272 struct sockaddr_in *sinp;
273
274 COMMON_START();
275
276 if (nam->sa_family != 0 && nam->sa_family != AF_INET) {
277 error = EAFNOSUPPORT;
278 goto out;
279 }
280
281 /*
282 * Must check for multicast addresses and disallow binding
283 * to them.
284 */
285 sinp = (struct sockaddr_in *)(void *)nam;
286 if (sinp->sin_family == AF_INET &&
287 IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) {
288 error = EAFNOSUPPORT;
289 goto out;
290 }
291 error = in_pcbbind(inp, nam, p);
292 if (error)
293 goto out;
294 COMMON_END(PRU_BIND);
295
296 }
297
298 #if INET6
299 static int
300 tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct proc *p)
301 {
302 int error = 0;
303 struct inpcb *inp = sotoinpcb(so);
304 struct tcpcb *tp;
305 struct sockaddr_in6 *sin6p;
306
307 COMMON_START();
308
309 if (nam->sa_family != 0 && nam->sa_family != AF_INET6) {
310 error = EAFNOSUPPORT;
311 goto out;
312 }
313
314 /*
315 * Must check for multicast addresses and disallow binding
316 * to them.
317 */
318 sin6p = (struct sockaddr_in6 *)(void *)nam;
319 if (sin6p->sin6_family == AF_INET6 &&
320 IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) {
321 error = EAFNOSUPPORT;
322 goto out;
323 }
324 inp->inp_vflag &= ~INP_IPV4;
325 inp->inp_vflag |= INP_IPV6;
326 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) {
327 if (IN6_IS_ADDR_UNSPECIFIED(&sin6p->sin6_addr))
328 inp->inp_vflag |= INP_IPV4;
329 else if (IN6_IS_ADDR_V4MAPPED(&sin6p->sin6_addr)) {
330 struct sockaddr_in sin;
331
332 in6_sin6_2_sin(&sin, sin6p);
333 inp->inp_vflag |= INP_IPV4;
334 inp->inp_vflag &= ~INP_IPV6;
335 error = in_pcbbind(inp, (struct sockaddr *)&sin, p);
336 goto out;
337 }
338 }
339 error = in6_pcbbind(inp, nam, p);
340 if (error)
341 goto out;
342 COMMON_END(PRU_BIND);
343 }
344 #endif /* INET6 */
345
346 /*
347 * Prepare to accept connections.
348 *
349 * Returns: 0 Success
350 * EINVAL [COMMON_START]
351 * in_pcbbind:EADDRNOTAVAIL Address not available.
352 * in_pcbbind:EINVAL Invalid argument
353 * in_pcbbind:EAFNOSUPPORT Address family not supported [notdef]
354 * in_pcbbind:EACCES Permission denied
355 * in_pcbbind:EADDRINUSE Address in use
356 * in_pcbbind:EAGAIN Resource unavailable, try again
357 * in_pcbbind:EPERM Operation not permitted
358 */
359 static int
360 tcp_usr_listen(struct socket *so, struct proc *p)
361 {
362 int error = 0;
363 struct inpcb *inp = sotoinpcb(so);
364 struct tcpcb *tp;
365
366 COMMON_START();
367 if (inp->inp_lport == 0)
368 error = in_pcbbind(inp, NULL, p);
369 if (error == 0)
370 tp->t_state = TCPS_LISTEN;
371 COMMON_END(PRU_LISTEN);
372 }
373
374 #if INET6
375 static int
376 tcp6_usr_listen(struct socket *so, struct proc *p)
377 {
378 int error = 0;
379 struct inpcb *inp = sotoinpcb(so);
380 struct tcpcb *tp;
381
382 COMMON_START();
383 if (inp->inp_lport == 0) {
384 inp->inp_vflag &= ~INP_IPV4;
385 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0)
386 inp->inp_vflag |= INP_IPV4;
387 error = in6_pcbbind(inp, NULL, p);
388 }
389 if (error == 0)
390 tp->t_state = TCPS_LISTEN;
391 COMMON_END(PRU_LISTEN);
392 }
393 #endif /* INET6 */
394
395 static int
396 tcp_connect_complete(struct socket *so)
397 {
398 struct tcpcb *tp = sototcpcb(so);
399 int error = 0;
400
401 /* TFO delays the tcp_output until later, when the app calls write() */
402 if (so->so_flags1 & SOF1_PRECONNECT_DATA) {
403 if (!necp_socket_is_allowed_to_send_recv(sotoinpcb(so), NULL, NULL))
404 return (EHOSTUNREACH);
405
406 /* Initialize enough state so that we can actually send data */
407 tcp_mss(tp, -1, IFSCOPE_NONE);
408 tp->snd_wnd = tp->t_maxseg;
409 } else {
410 error = tcp_output(tp);
411 }
412
413 return (error);
414 }
415
416 /*
417 * Initiate connection to peer.
418 * Create a template for use in transmissions on this connection.
419 * Enter SYN_SENT state, and mark socket as connecting.
420 * Start keep-alive timer, and seed output sequence space.
421 * Send initial segment on connection.
422 */
423 static int
424 tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
425 {
426 int error = 0;
427 struct inpcb *inp = sotoinpcb(so);
428 struct tcpcb *tp;
429 struct sockaddr_in *sinp;
430
431 TCPDEBUG0;
432 if (inp == NULL) {
433 return EINVAL;
434 } else if (inp->inp_state == INPCB_STATE_DEAD) {
435 if (so->so_error) {
436 error = so->so_error;
437 so->so_error = 0;
438 return error;
439 } else
440 return EINVAL;
441 }
442 #if NECP
443 #if FLOW_DIVERT
444 else if (necp_socket_should_use_flow_divert(inp)) {
445 uint32_t fd_ctl_unit = necp_socket_get_flow_divert_control_unit(inp);
446 if (fd_ctl_unit > 0) {
447 error = flow_divert_pcb_init(so, fd_ctl_unit);
448 if (error == 0) {
449 error = flow_divert_connect_out(so, nam, p);
450 }
451 } else {
452 error = ENETDOWN;
453 }
454
455 return error;
456 }
457 #endif /* FLOW_DIVERT */
458 #if CONTENT_FILTER
459 error = cfil_sock_attach(so);
460 if (error != 0)
461 return error;
462 #endif /* CONTENT_FILTER */
463 #endif /* NECP */
464 tp = intotcpcb(inp);
465 TCPDEBUG1();
466
467 calculate_tcp_clock();
468
469 if (nam->sa_family != 0 && nam->sa_family != AF_INET) {
470 error = EAFNOSUPPORT;
471 goto out;
472 }
473 /*
474 * Must disallow TCP ``connections'' to multicast addresses.
475 */
476 sinp = (struct sockaddr_in *)(void *)nam;
477 if (sinp->sin_family == AF_INET
478 && IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) {
479 error = EAFNOSUPPORT;
480 goto out;
481 }
482
483 if ((error = tcp_connect(tp, nam, p)) != 0)
484 goto out;
485
486 error = tcp_connect_complete(so);
487
488 COMMON_END(PRU_CONNECT);
489 }
490
491 static int
492 tcp_usr_connectx_common(struct socket *so, int af,
493 struct sockaddr_list **src_sl, struct sockaddr_list **dst_sl,
494 struct proc *p, uint32_t ifscope, sae_associd_t aid, sae_connid_t *pcid,
495 uint32_t flags, void *arg, uint32_t arglen, struct uio *auio,
496 user_ssize_t *bytes_written)
497 {
498 #pragma unused(aid)
499 #if !MPTCP
500 #pragma unused(flags, arg, arglen)
501 #endif /* !MPTCP */
502 struct sockaddr_entry *src_se = NULL, *dst_se = NULL;
503 struct inpcb *inp = sotoinpcb(so);
504 int error;
505 user_ssize_t datalen = 0;
506
507 if (inp == NULL)
508 return (EINVAL);
509
510 VERIFY(dst_sl != NULL);
511
512 /* select source (if specified) and destination addresses */
513 error = in_selectaddrs(af, src_sl, &src_se, dst_sl, &dst_se);
514 if (error != 0)
515 return (error);
516
517 VERIFY(*dst_sl != NULL && dst_se != NULL);
518 VERIFY(src_se == NULL || *src_sl != NULL);
519 VERIFY(dst_se->se_addr->sa_family == af);
520 VERIFY(src_se == NULL || src_se->se_addr->sa_family == af);
521
522 #if NECP
523 inp_update_necp_policy(inp, src_se ? src_se->se_addr : NULL, dst_se ? dst_se->se_addr : NULL, ifscope);
524 #endif /* NECP */
525
526 if ((so->so_flags1 & SOF1_DATA_IDEMPOTENT) &&
527 (tcp_fastopen & TCP_FASTOPEN_CLIENT))
528 sototcpcb(so)->t_flagsext |= TF_FASTOPEN;
529
530 /*
531 * We get here for 2 cases:
532 *
533 * a. From MPTCP, to connect a subflow. There is no need to
534 * bind the socket to the source address and/or interface,
535 * since everything has been taken care of by MPTCP. We
536 * simply check whether or not this is for the initial
537 * MPTCP connection attempt, or to join an existing one.
538 *
539 * b. From the socket layer, to connect a TCP. Perform the
540 * bind to source address and/or interface as necessary.
541 */
542 #if MPTCP
543 if (flags & CONNREQF_MPTCP) {
544 struct mptsub_connreq *mpcr = arg;
545
546 /* Check to make sure this came down from MPTCP */
547 if (arg == NULL || arglen != sizeof (*mpcr))
548 return (EOPNOTSUPP);
549
550 switch (mpcr->mpcr_type) {
551 case MPTSUB_CONNREQ_MP_ENABLE:
552 break;
553 case MPTSUB_CONNREQ_MP_ADD:
554 break;
555 default:
556 return (EOPNOTSUPP);
557 }
558 } else
559 #endif /* MPTCP */
560 {
561 /* bind socket to the specified interface, if requested */
562 if (ifscope != IFSCOPE_NONE &&
563 (error = inp_bindif(inp, ifscope, NULL)) != 0)
564 return (error);
565
566 /* if source address and/or port is specified, bind to it */
567 if (src_se != NULL) {
568 struct sockaddr *sa = src_se->se_addr;
569 error = sobindlock(so, sa, 0); /* already locked */
570 if (error != 0)
571 return (error);
572 }
573 }
574
575 switch (af) {
576 case AF_INET:
577 error = tcp_usr_connect(so, dst_se->se_addr, p);
578 break;
579 #if INET6
580 case AF_INET6:
581 error = tcp6_usr_connect(so, dst_se->se_addr, p);
582 break;
583 #endif /* INET6 */
584 default:
585 VERIFY(0);
586 /* NOTREACHED */
587 }
588
589 if (error != 0)
590 return (error);
591
592 /* if there is data, copy it */
593 if (auio != NULL) {
594 socket_unlock(so, 0);
595
596 VERIFY(bytes_written != NULL);
597
598 datalen = uio_resid(auio);
599 error = so->so_proto->pr_usrreqs->pru_sosend(so, NULL,
600 (uio_t)auio, NULL, NULL, 0);
601 socket_lock(so, 0);
602
603 if (error == 0 || error == EWOULDBLOCK)
604 *bytes_written = datalen - uio_resid(auio);
605
606 /*
607 * sosend returns EWOULDBLOCK if it's a non-blocking
608 * socket or a timeout occured (this allows to return
609 * the amount of queued data through sendit()).
610 *
611 * However, connectx() returns EINPROGRESS in case of a
612 * blocking socket. So we change the return value here.
613 */
614 if (error == EWOULDBLOCK)
615 error = EINPROGRESS;
616 }
617
618 if (error == 0 && pcid != NULL)
619 *pcid = 1; /* there is only one connection in regular TCP */
620
621 return (error);
622 }
623
624 static int
625 tcp_usr_connectx(struct socket *so, struct sockaddr_list **src_sl,
626 struct sockaddr_list **dst_sl, struct proc *p, uint32_t ifscope,
627 sae_associd_t aid, sae_connid_t *pcid, uint32_t flags, void *arg,
628 uint32_t arglen, struct uio *uio, user_ssize_t *bytes_written)
629 {
630 return (tcp_usr_connectx_common(so, AF_INET, src_sl, dst_sl,
631 p, ifscope, aid, pcid, flags, arg, arglen, uio,
632 bytes_written));
633 }
634
635 #if INET6
636 static int
637 tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct proc *p)
638 {
639 int error = 0;
640 struct inpcb *inp = sotoinpcb(so);
641 struct tcpcb *tp;
642 struct sockaddr_in6 *sin6p;
643
644 TCPDEBUG0;
645 if (inp == NULL) {
646 return EINVAL;
647 } else if (inp->inp_state == INPCB_STATE_DEAD) {
648 if (so->so_error) {
649 error = so->so_error;
650 so->so_error = 0;
651 return error;
652 } else
653 return EINVAL;
654 }
655 #if NECP
656 #if FLOW_DIVERT
657 else if (necp_socket_should_use_flow_divert(inp)) {
658 uint32_t fd_ctl_unit = necp_socket_get_flow_divert_control_unit(inp);
659 if (fd_ctl_unit > 0) {
660 error = flow_divert_pcb_init(so, fd_ctl_unit);
661 if (error == 0) {
662 error = flow_divert_connect_out(so, nam, p);
663 }
664 } else {
665 error = ENETDOWN;
666 }
667
668 return error;
669 }
670 #endif /* FLOW_DIVERT */
671 #if CONTENT_FILTER
672 error = cfil_sock_attach(so);
673 if (error != 0)
674 return error;
675 #endif /* CONTENT_FILTER */
676 #endif /* NECP */
677
678 tp = intotcpcb(inp);
679 TCPDEBUG1();
680
681 calculate_tcp_clock();
682
683 if (nam->sa_family != 0 && nam->sa_family != AF_INET6) {
684 error = EAFNOSUPPORT;
685 goto out;
686 }
687
688 /*
689 * Must disallow TCP ``connections'' to multicast addresses.
690 */
691 sin6p = (struct sockaddr_in6 *)(void *)nam;
692 if (sin6p->sin6_family == AF_INET6
693 && IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) {
694 error = EAFNOSUPPORT;
695 goto out;
696 }
697
698 if (IN6_IS_ADDR_V4MAPPED(&sin6p->sin6_addr)) {
699 struct sockaddr_in sin;
700
701 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0)
702 return (EINVAL);
703
704 in6_sin6_2_sin(&sin, sin6p);
705 inp->inp_vflag |= INP_IPV4;
706 inp->inp_vflag &= ~INP_IPV6;
707 if ((error = tcp_connect(tp, (struct sockaddr *)&sin, p)) != 0)
708 goto out;
709
710 error = tcp_connect_complete(so);
711 goto out;
712 }
713 inp->inp_vflag &= ~INP_IPV4;
714 inp->inp_vflag |= INP_IPV6;
715 if ((error = tcp6_connect(tp, nam, p)) != 0)
716 goto out;
717
718 error = tcp_connect_complete(so);
719 COMMON_END(PRU_CONNECT);
720 }
721
722 static int
723 tcp6_usr_connectx(struct socket *so, struct sockaddr_list **src_sl,
724 struct sockaddr_list **dst_sl, struct proc *p, uint32_t ifscope,
725 sae_associd_t aid, sae_connid_t *pcid, uint32_t flags, void *arg,
726 uint32_t arglen, struct uio *uio, user_ssize_t *bytes_written)
727 {
728 return (tcp_usr_connectx_common(so, AF_INET6, src_sl, dst_sl,
729 p, ifscope, aid, pcid, flags, arg, arglen, uio,
730 bytes_written));
731 }
732 #endif /* INET6 */
733
734 /*
735 * Initiate disconnect from peer.
736 * If connection never passed embryonic stage, just drop;
737 * else if don't need to let data drain, then can just drop anyways,
738 * else have to begin TCP shutdown process: mark socket disconnecting,
739 * drain unread data, state switch to reflect user close, and
740 * send segment (e.g. FIN) to peer. Socket will be really disconnected
741 * when peer sends FIN and acks ours.
742 *
743 * SHOULD IMPLEMENT LATER PRU_CONNECT VIA REALLOC TCPCB.
744 */
745 static int
746 tcp_usr_disconnect(struct socket *so)
747 {
748 int error = 0;
749 struct inpcb *inp = sotoinpcb(so);
750 struct tcpcb *tp;
751
752 lck_mtx_assert(&((struct inpcb *)so->so_pcb)->inpcb_mtx,
753 LCK_MTX_ASSERT_OWNED);
754 COMMON_START();
755 /* In case we got disconnected from the peer */
756 if (tp == NULL)
757 goto out;
758 tp = tcp_disconnect(tp);
759 COMMON_END(PRU_DISCONNECT);
760 }
761
762 /*
763 * User-protocol pru_disconnectx callback.
764 */
765 static int
766 tcp_usr_disconnectx(struct socket *so, sae_associd_t aid, sae_connid_t cid)
767 {
768 #pragma unused(cid)
769 if (aid != SAE_ASSOCID_ANY && aid != SAE_ASSOCID_ALL)
770 return (EINVAL);
771
772 return (tcp_usr_disconnect(so));
773 }
774
775 /*
776 * Accept a connection. Essentially all the work is
777 * done at higher levels; just return the address
778 * of the peer, storing through addr.
779 */
780 static int
781 tcp_usr_accept(struct socket *so, struct sockaddr **nam)
782 {
783 int error = 0;
784 struct inpcb *inp = sotoinpcb(so);
785 struct tcpcb *tp = NULL;
786 TCPDEBUG0;
787
788 in_getpeeraddr(so, nam);
789
790 if (so->so_state & SS_ISDISCONNECTED) {
791 error = ECONNABORTED;
792 goto out;
793 }
794 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
795 return (EINVAL);
796 #if NECP
797 else if (necp_socket_should_use_flow_divert(inp))
798 return (EPROTOTYPE);
799 #if CONTENT_FILTER
800 error = cfil_sock_attach(so);
801 if (error != 0)
802 return (error);
803 #endif /* CONTENT_FILTER */
804 #endif /* NECP */
805
806 tp = intotcpcb(inp);
807 TCPDEBUG1();
808
809 calculate_tcp_clock();
810
811 COMMON_END(PRU_ACCEPT);
812 }
813
814 #if INET6
815 static int
816 tcp6_usr_accept(struct socket *so, struct sockaddr **nam)
817 {
818 int error = 0;
819 struct inpcb *inp = sotoinpcb(so);
820 struct tcpcb *tp = NULL;
821 TCPDEBUG0;
822
823 if (so->so_state & SS_ISDISCONNECTED) {
824 error = ECONNABORTED;
825 goto out;
826 }
827 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
828 return (EINVAL);
829 #if NECP
830 else if (necp_socket_should_use_flow_divert(inp))
831 return (EPROTOTYPE);
832 #if CONTENT_FILTER
833 error = cfil_sock_attach(so);
834 if (error != 0)
835 return (error);
836 #endif /* CONTENT_FILTER */
837 #endif /* NECP */
838
839 tp = intotcpcb(inp);
840 TCPDEBUG1();
841
842 calculate_tcp_clock();
843
844 in6_mapped_peeraddr(so, nam);
845 COMMON_END(PRU_ACCEPT);
846 }
847 #endif /* INET6 */
848
849 /*
850 * Mark the connection as being incapable of further output.
851 *
852 * Returns: 0 Success
853 * EINVAL [COMMON_START]
854 * tcp_output:EADDRNOTAVAIL
855 * tcp_output:ENOBUFS
856 * tcp_output:EMSGSIZE
857 * tcp_output:EHOSTUNREACH
858 * tcp_output:ENETUNREACH
859 * tcp_output:ENETDOWN
860 * tcp_output:ENOMEM
861 * tcp_output:EACCES
862 * tcp_output:EMSGSIZE
863 * tcp_output:ENOBUFS
864 * tcp_output:??? [ignorable: mostly IPSEC/firewall/DLIL]
865 */
866 static int
867 tcp_usr_shutdown(struct socket *so)
868 {
869 int error = 0;
870 struct inpcb *inp = sotoinpcb(so);
871 struct tcpcb *tp;
872
873 TCPDEBUG0;
874 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD)
875 return (EINVAL);
876
877 socantsendmore(so);
878
879 /*
880 * In case we got disconnected from the peer, or if this is
881 * a socket that is to be flow-diverted (but not yet).
882 */
883 tp = intotcpcb(inp);
884 TCPDEBUG1();
885
886 if (tp == NULL
887 #if NECP
888 || (necp_socket_should_use_flow_divert(inp))
889 #endif /* NECP */
890 ) {
891 if (tp != NULL)
892 error = EPROTOTYPE;
893 goto out;
894 }
895
896 calculate_tcp_clock();
897
898 tp = tcp_usrclosed(tp);
899 #if MPTCP
900 /* A reset has been sent but socket exists, do not send FIN */
901 if ((so->so_flags & SOF_MP_SUBFLOW) &&
902 (tp) && (tp->t_mpflags & TMPF_RESET)) {
903 goto out;
904 }
905 #endif
906 #if CONTENT_FILTER
907 /* Don't send a FIN yet */
908 if (tp && !(so->so_state & SS_ISDISCONNECTED) &&
909 cfil_sock_data_pending(&so->so_snd))
910 goto out;
911 #endif /* CONTENT_FILTER */
912 if (tp)
913 error = tcp_output(tp);
914 COMMON_END(PRU_SHUTDOWN);
915 }
916
917 /*
918 * After a receive, possibly send window update to peer.
919 */
920 static int
921 tcp_usr_rcvd(struct socket *so, __unused int flags)
922 {
923 int error = 0;
924 struct inpcb *inp = sotoinpcb(so);
925 struct tcpcb *tp;
926
927 COMMON_START();
928 /* In case we got disconnected from the peer */
929 if (tp == NULL)
930 goto out;
931 tcp_sbrcv_trim(tp, &so->so_rcv);
932
933 /*
934 * This tcp_output is solely there to trigger window-updates.
935 * However, we really do not want these window-updates while we
936 * are still in SYN_SENT or SYN_RECEIVED.
937 */
938 if (TCPS_HAVEESTABLISHED(tp->t_state))
939 tcp_output(tp);
940
941 #if CONTENT_FILTER
942 cfil_sock_buf_update(&so->so_rcv);
943 #endif /* CONTENT_FILTER */
944
945 COMMON_END(PRU_RCVD);
946 }
947
948 /*
949 * Do a send by putting data in output queue and updating urgent
950 * marker if URG set. Possibly send more data. Unlike the other
951 * pru_*() routines, the mbuf chains are our responsibility. We
952 * must either enqueue them or free them. The other pru_* routines
953 * generally are caller-frees.
954 *
955 * Returns: 0 Success
956 * ECONNRESET
957 * EINVAL
958 * ENOBUFS
959 * tcp_connect:EADDRINUSE Address in use
960 * tcp_connect:EADDRNOTAVAIL Address not available.
961 * tcp_connect:EINVAL Invalid argument
962 * tcp_connect:EAFNOSUPPORT Address family not supported [notdef]
963 * tcp_connect:EACCES Permission denied
964 * tcp_connect:EAGAIN Resource unavailable, try again
965 * tcp_connect:EPERM Operation not permitted
966 * tcp_output:EADDRNOTAVAIL
967 * tcp_output:ENOBUFS
968 * tcp_output:EMSGSIZE
969 * tcp_output:EHOSTUNREACH
970 * tcp_output:ENETUNREACH
971 * tcp_output:ENETDOWN
972 * tcp_output:ENOMEM
973 * tcp_output:EACCES
974 * tcp_output:EMSGSIZE
975 * tcp_output:ENOBUFS
976 * tcp_output:??? [ignorable: mostly IPSEC/firewall/DLIL]
977 * tcp6_connect:??? [IPV6 only]
978 */
979 static int
980 tcp_usr_send(struct socket *so, int flags, struct mbuf *m,
981 struct sockaddr *nam, struct mbuf *control, struct proc *p)
982 {
983 int error = 0;
984 struct inpcb *inp = sotoinpcb(so);
985 struct tcpcb *tp;
986 uint32_t msgpri = MSG_PRI_DEFAULT;
987 #if INET6
988 int isipv6;
989 #endif
990 TCPDEBUG0;
991
992 if (inp == NULL || inp->inp_state == INPCB_STATE_DEAD
993 #if NECP
994 || (necp_socket_should_use_flow_divert(inp))
995 #endif /* NECP */
996 ) {
997 /*
998 * OOPS! we lost a race, the TCP session got reset after
999 * we checked SS_CANTSENDMORE, eg: while doing uiomove or a
1000 * network interrupt in the non-splnet() section of sosend().
1001 */
1002 if (m != NULL)
1003 m_freem(m);
1004 if (control != NULL) {
1005 m_freem(control);
1006 control = NULL;
1007 }
1008
1009 if (inp == NULL)
1010 error = ECONNRESET; /* XXX EPIPE? */
1011 else
1012 error = EPROTOTYPE;
1013 tp = NULL;
1014 TCPDEBUG1();
1015 goto out;
1016 }
1017 #if INET6
1018 isipv6 = nam && nam->sa_family == AF_INET6;
1019 #endif /* INET6 */
1020 tp = intotcpcb(inp);
1021 TCPDEBUG1();
1022
1023 calculate_tcp_clock();
1024
1025 if (control != NULL) {
1026 if (so->so_flags & SOF_ENABLE_MSGS) {
1027 /* Get the msg priority from control mbufs */
1028 error = tcp_get_msg_priority(control, &msgpri);
1029 if (error) {
1030 m_freem(control);
1031 if (m != NULL)
1032 m_freem(m);
1033 control = NULL;
1034 m = NULL;
1035 goto out;
1036 }
1037 m_freem(control);
1038 control = NULL;
1039 } else if (control->m_len) {
1040 /*
1041 * if not unordered, TCP should not have
1042 * control mbufs
1043 */
1044 m_freem(control);
1045 if (m != NULL)
1046 m_freem(m);
1047 control = NULL;
1048 m = NULL;
1049 error = EINVAL;
1050 goto out;
1051 }
1052 }
1053
1054 if (so->so_flags & SOF_ENABLE_MSGS) {
1055 VERIFY(m->m_flags & M_PKTHDR);
1056 m->m_pkthdr.msg_pri = msgpri;
1057 }
1058
1059 /* MPTCP sublow socket buffers must not be compressed */
1060 VERIFY(!(so->so_flags & SOF_MP_SUBFLOW) ||
1061 (so->so_snd.sb_flags & SB_NOCOMPRESS));
1062
1063 if(!(flags & PRUS_OOB) || (so->so_flags1 & SOF1_PRECONNECT_DATA)) {
1064 /* Call msg send if message delivery is enabled */
1065 if (so->so_flags & SOF_ENABLE_MSGS)
1066 sbappendmsg_snd(&so->so_snd, m);
1067 else
1068 sbappendstream(&so->so_snd, m);
1069
1070 if (nam && tp->t_state < TCPS_SYN_SENT) {
1071
1072 /*
1073 * Do implied connect if not yet connected,
1074 * initialize window to default value, and
1075 * initialize maxseg/maxopd using peer's cached
1076 * MSS.
1077 */
1078 #if INET6
1079 if (isipv6)
1080 error = tcp6_connect(tp, nam, p);
1081 else
1082 #endif /* INET6 */
1083 error = tcp_connect(tp, nam, p);
1084 if (error)
1085 goto out;
1086 tp->snd_wnd = TTCP_CLIENT_SND_WND;
1087 tcp_mss(tp, -1, IFSCOPE_NONE);
1088 }
1089
1090 if (flags & PRUS_EOF) {
1091 /*
1092 * Close the send side of the connection after
1093 * the data is sent.
1094 */
1095 socantsendmore(so);
1096 tp = tcp_usrclosed(tp);
1097 }
1098 if (tp != NULL) {
1099 if (flags & PRUS_MORETOCOME)
1100 tp->t_flags |= TF_MORETOCOME;
1101 error = tcp_output(tp);
1102 if (flags & PRUS_MORETOCOME)
1103 tp->t_flags &= ~TF_MORETOCOME;
1104 }
1105 } else {
1106 if (sbspace(&so->so_snd) == 0) {
1107 /* if no space is left in sockbuf,
1108 * do not try to squeeze in OOB traffic */
1109 m_freem(m);
1110 error = ENOBUFS;
1111 goto out;
1112 }
1113 /*
1114 * According to RFC961 (Assigned Protocols),
1115 * the urgent pointer points to the last octet
1116 * of urgent data. We continue, however,
1117 * to consider it to indicate the first octet
1118 * of data past the urgent section.
1119 * Otherwise, snd_up should be one lower.
1120 */
1121 sbappendstream(&so->so_snd, m);
1122 if (nam && tp->t_state < TCPS_SYN_SENT) {
1123 /*
1124 * Do implied connect if not yet connected,
1125 * initialize window to default value, and
1126 * initialize maxseg/maxopd using peer's cached
1127 * MSS.
1128 */
1129 #if INET6
1130 if (isipv6)
1131 error = tcp6_connect(tp, nam, p);
1132 else
1133 #endif /* INET6 */
1134 error = tcp_connect(tp, nam, p);
1135 if (error)
1136 goto out;
1137 tp->snd_wnd = TTCP_CLIENT_SND_WND;
1138 tcp_mss(tp, -1, IFSCOPE_NONE);
1139 }
1140 tp->snd_up = tp->snd_una + so->so_snd.sb_cc;
1141 tp->t_flagsext |= TF_FORCE;
1142 error = tcp_output(tp);
1143 tp->t_flagsext &= ~TF_FORCE;
1144 }
1145
1146
1147 /*
1148 * We wait for the socket to successfully connect before returning.
1149 * This allows us to signal a timeout to the application.
1150 */
1151 if (so->so_state & SS_ISCONNECTING) {
1152 if (so->so_state & SS_NBIO)
1153 error = EWOULDBLOCK;
1154 else
1155 error = sbwait(&so->so_snd);
1156 }
1157
1158 COMMON_END((flags & PRUS_OOB) ? PRU_SENDOOB :
1159 ((flags & PRUS_EOF) ? PRU_SEND_EOF : PRU_SEND));
1160 }
1161
1162 /*
1163 * Abort the TCP.
1164 */
1165 static int
1166 tcp_usr_abort(struct socket *so)
1167 {
1168 int error = 0;
1169 struct inpcb *inp = sotoinpcb(so);
1170 struct tcpcb *tp;
1171
1172 COMMON_START();
1173 /* In case we got disconnected from the peer */
1174 if (tp == NULL)
1175 goto out;
1176 tp = tcp_drop(tp, ECONNABORTED);
1177 VERIFY(so->so_usecount > 0);
1178 so->so_usecount--;
1179 COMMON_END(PRU_ABORT);
1180 }
1181
1182 /*
1183 * Receive out-of-band data.
1184 *
1185 * Returns: 0 Success
1186 * EINVAL [COMMON_START]
1187 * EINVAL
1188 * EWOULDBLOCK
1189 */
1190 static int
1191 tcp_usr_rcvoob(struct socket *so, struct mbuf *m, int flags)
1192 {
1193 int error = 0;
1194 struct inpcb *inp = sotoinpcb(so);
1195 struct tcpcb *tp;
1196
1197 COMMON_START();
1198 if ((so->so_oobmark == 0 &&
1199 (so->so_state & SS_RCVATMARK) == 0) ||
1200 so->so_options & SO_OOBINLINE ||
1201 tp->t_oobflags & TCPOOB_HADDATA) {
1202 error = EINVAL;
1203 goto out;
1204 }
1205 if ((tp->t_oobflags & TCPOOB_HAVEDATA) == 0) {
1206 error = EWOULDBLOCK;
1207 goto out;
1208 }
1209 m->m_len = 1;
1210 *mtod(m, caddr_t) = tp->t_iobc;
1211 so->so_state &= ~SS_RCVATMARK;
1212 if ((flags & MSG_PEEK) == 0)
1213 tp->t_oobflags ^= (TCPOOB_HAVEDATA | TCPOOB_HADDATA);
1214 COMMON_END(PRU_RCVOOB);
1215 }
1216
1217 static int
1218 tcp_usr_preconnect(struct socket *so)
1219 {
1220 struct inpcb *inp = sotoinpcb(so);
1221 int error = 0;
1222
1223 #if NECP
1224 if (necp_socket_should_use_flow_divert(inp)) {
1225 /* May happen, if in tcp_usr_connect we did not had a chance
1226 * to set the usrreqs (due to some error). So, let's get out
1227 * of here.
1228 */
1229 goto out;
1230 }
1231 #endif /* NECP */
1232
1233 error = tcp_output(sototcpcb(so));
1234
1235 /* One read has been done. This was enough. Get back to "normal" behavior. */
1236 so->so_flags1 &= ~SOF1_PRECONNECT_DATA;
1237
1238 COMMON_END(PRU_PRECONNECT);
1239 }
1240
1241 /* xxx - should be const */
1242 struct pr_usrreqs tcp_usrreqs = {
1243 .pru_abort = tcp_usr_abort,
1244 .pru_accept = tcp_usr_accept,
1245 .pru_attach = tcp_usr_attach,
1246 .pru_bind = tcp_usr_bind,
1247 .pru_connect = tcp_usr_connect,
1248 .pru_connectx = tcp_usr_connectx,
1249 .pru_control = in_control,
1250 .pru_detach = tcp_usr_detach,
1251 .pru_disconnect = tcp_usr_disconnect,
1252 .pru_disconnectx = tcp_usr_disconnectx,
1253 .pru_listen = tcp_usr_listen,
1254 .pru_peeraddr = in_getpeeraddr,
1255 .pru_rcvd = tcp_usr_rcvd,
1256 .pru_rcvoob = tcp_usr_rcvoob,
1257 .pru_send = tcp_usr_send,
1258 .pru_shutdown = tcp_usr_shutdown,
1259 .pru_sockaddr = in_getsockaddr,
1260 .pru_sosend = sosend,
1261 .pru_soreceive = soreceive,
1262 .pru_preconnect = tcp_usr_preconnect,
1263 };
1264
1265 #if INET6
1266 struct pr_usrreqs tcp6_usrreqs = {
1267 .pru_abort = tcp_usr_abort,
1268 .pru_accept = tcp6_usr_accept,
1269 .pru_attach = tcp_usr_attach,
1270 .pru_bind = tcp6_usr_bind,
1271 .pru_connect = tcp6_usr_connect,
1272 .pru_connectx = tcp6_usr_connectx,
1273 .pru_control = in6_control,
1274 .pru_detach = tcp_usr_detach,
1275 .pru_disconnect = tcp_usr_disconnect,
1276 .pru_disconnectx = tcp_usr_disconnectx,
1277 .pru_listen = tcp6_usr_listen,
1278 .pru_peeraddr = in6_mapped_peeraddr,
1279 .pru_rcvd = tcp_usr_rcvd,
1280 .pru_rcvoob = tcp_usr_rcvoob,
1281 .pru_send = tcp_usr_send,
1282 .pru_shutdown = tcp_usr_shutdown,
1283 .pru_sockaddr = in6_mapped_sockaddr,
1284 .pru_sosend = sosend,
1285 .pru_soreceive = soreceive,
1286 .pru_preconnect = tcp_usr_preconnect,
1287 };
1288 #endif /* INET6 */
1289
1290 /*
1291 * Common subroutine to open a TCP connection to remote host specified
1292 * by struct sockaddr_in in mbuf *nam. Call in_pcbbind to assign a local
1293 * port number if needed. Call in_pcbladdr to do the routing and to choose
1294 * a local host address (interface). If there is an existing incarnation
1295 * of the same connection in TIME-WAIT state and if the remote host was
1296 * sending CC options and if the connection duration was < MSL, then
1297 * truncate the previous TIME-WAIT state and proceed.
1298 * Initialize connection parameters and enter SYN-SENT state.
1299 *
1300 * Returns: 0 Success
1301 * EADDRINUSE
1302 * EINVAL
1303 * in_pcbbind:EADDRNOTAVAIL Address not available.
1304 * in_pcbbind:EINVAL Invalid argument
1305 * in_pcbbind:EAFNOSUPPORT Address family not supported [notdef]
1306 * in_pcbbind:EACCES Permission denied
1307 * in_pcbbind:EADDRINUSE Address in use
1308 * in_pcbbind:EAGAIN Resource unavailable, try again
1309 * in_pcbbind:EPERM Operation not permitted
1310 * in_pcbladdr:EINVAL Invalid argument
1311 * in_pcbladdr:EAFNOSUPPORT Address family not supported
1312 * in_pcbladdr:EADDRNOTAVAIL Address not available
1313 */
1314 static int
1315 tcp_connect(struct tcpcb *tp, struct sockaddr *nam, struct proc *p)
1316 {
1317 struct inpcb *inp = tp->t_inpcb, *oinp;
1318 struct socket *so = inp->inp_socket;
1319 struct tcpcb *otp;
1320 struct sockaddr_in *sin = (struct sockaddr_in *)(void *)nam;
1321 struct in_addr laddr;
1322 int error = 0;
1323 struct ifnet *outif = NULL;
1324
1325 if (inp->inp_lport == 0) {
1326 error = in_pcbbind(inp, NULL, p);
1327 if (error)
1328 goto done;
1329 }
1330
1331 /*
1332 * Cannot simply call in_pcbconnect, because there might be an
1333 * earlier incarnation of this same connection still in
1334 * TIME_WAIT state, creating an ADDRINUSE error.
1335 */
1336 error = in_pcbladdr(inp, nam, &laddr, IFSCOPE_NONE, &outif, 0);
1337 if (error)
1338 goto done;
1339
1340 tcp_unlock(inp->inp_socket, 0, 0);
1341 oinp = in_pcblookup_hash(inp->inp_pcbinfo,
1342 sin->sin_addr, sin->sin_port,
1343 inp->inp_laddr.s_addr != INADDR_ANY ? inp->inp_laddr : laddr,
1344 inp->inp_lport, 0, NULL);
1345
1346 tcp_lock(inp->inp_socket, 0, 0);
1347 if (oinp) {
1348 if (oinp != inp) /* 4143933: avoid deadlock if inp == oinp */
1349 tcp_lock(oinp->inp_socket, 1, 0);
1350 if (in_pcb_checkstate(oinp, WNT_RELEASE, 1) == WNT_STOPUSING) {
1351 if (oinp != inp)
1352 tcp_unlock(oinp->inp_socket, 1, 0);
1353 goto skip_oinp;
1354 }
1355
1356 if (oinp != inp && (otp = intotcpcb(oinp)) != NULL &&
1357 otp->t_state == TCPS_TIME_WAIT &&
1358 ((int)(tcp_now - otp->t_starttime)) < tcp_msl &&
1359 (otp->t_flags & TF_RCVD_CC)) {
1360 otp = tcp_close(otp);
1361 } else {
1362 printf("tcp_connect: inp=0x%llx err=EADDRINUSE\n",
1363 (uint64_t)VM_KERNEL_ADDRPERM(inp));
1364 if (oinp != inp)
1365 tcp_unlock(oinp->inp_socket, 1, 0);
1366 error = EADDRINUSE;
1367 goto done;
1368 }
1369 if (oinp != inp)
1370 tcp_unlock(oinp->inp_socket, 1, 0);
1371 }
1372 skip_oinp:
1373 if ((inp->inp_laddr.s_addr == INADDR_ANY ? laddr.s_addr :
1374 inp->inp_laddr.s_addr) == sin->sin_addr.s_addr &&
1375 inp->inp_lport == sin->sin_port) {
1376 error = EINVAL;
1377 goto done;
1378 }
1379 if (!lck_rw_try_lock_exclusive(inp->inp_pcbinfo->ipi_lock)) {
1380 /*lock inversion issue, mostly with udp multicast packets */
1381 socket_unlock(inp->inp_socket, 0);
1382 lck_rw_lock_exclusive(inp->inp_pcbinfo->ipi_lock);
1383 socket_lock(inp->inp_socket, 0);
1384 }
1385 if (inp->inp_laddr.s_addr == INADDR_ANY) {
1386 inp->inp_laddr = laddr;
1387 /* no reference needed */
1388 inp->inp_last_outifp = outif;
1389 inp->inp_flags |= INP_INADDR_ANY;
1390 }
1391 inp->inp_faddr = sin->sin_addr;
1392 inp->inp_fport = sin->sin_port;
1393 in_pcbrehash(inp);
1394 lck_rw_done(inp->inp_pcbinfo->ipi_lock);
1395
1396 if (inp->inp_flowhash == 0)
1397 inp->inp_flowhash = inp_calc_flowhash(inp);
1398
1399 tcp_set_max_rwinscale(tp, so, TCP_AUTORCVBUF_MAX(outif));
1400
1401 soisconnecting(so);
1402 tcpstat.tcps_connattempt++;
1403 tp->t_state = TCPS_SYN_SENT;
1404 tp->t_timer[TCPT_KEEP] = OFFSET_FROM_START(tp, TCP_CONN_KEEPINIT(tp));
1405 tp->iss = tcp_new_isn(tp);
1406 tcp_sendseqinit(tp);
1407 if (nstat_collect)
1408 nstat_route_connect_attempt(inp->inp_route.ro_rt);
1409
1410 done:
1411 if (outif != NULL)
1412 ifnet_release(outif);
1413
1414 return (error);
1415 }
1416
1417 #if INET6
1418 static int
1419 tcp6_connect(struct tcpcb *tp, struct sockaddr *nam, struct proc *p)
1420 {
1421 struct inpcb *inp = tp->t_inpcb, *oinp;
1422 struct socket *so = inp->inp_socket;
1423 struct tcpcb *otp;
1424 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)(void *)nam;
1425 struct in6_addr addr6;
1426 int error = 0;
1427 struct ifnet *outif = NULL;
1428
1429 if (inp->inp_lport == 0) {
1430 error = in6_pcbbind(inp, NULL, p);
1431 if (error)
1432 goto done;
1433 }
1434
1435 /*
1436 * Cannot simply call in_pcbconnect, because there might be an
1437 * earlier incarnation of this same connection still in
1438 * TIME_WAIT state, creating an ADDRINUSE error.
1439 *
1440 * in6_pcbladdr() might return an ifp with its reference held
1441 * even in the error case, so make sure that it's released
1442 * whenever it's non-NULL.
1443 */
1444 error = in6_pcbladdr(inp, nam, &addr6, &outif);
1445 if (error)
1446 goto done;
1447 tcp_unlock(inp->inp_socket, 0, 0);
1448 oinp = in6_pcblookup_hash(inp->inp_pcbinfo,
1449 &sin6->sin6_addr, sin6->sin6_port,
1450 IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)
1451 ? &addr6
1452 : &inp->in6p_laddr,
1453 inp->inp_lport, 0, NULL);
1454 tcp_lock(inp->inp_socket, 0, 0);
1455 if (oinp) {
1456 if (oinp != inp && (otp = intotcpcb(oinp)) != NULL &&
1457 otp->t_state == TCPS_TIME_WAIT &&
1458 ((int)(tcp_now - otp->t_starttime)) < tcp_msl &&
1459 (otp->t_flags & TF_RCVD_CC)) {
1460 otp = tcp_close(otp);
1461 } else {
1462 error = EADDRINUSE;
1463 goto done;
1464 }
1465 }
1466 if (!lck_rw_try_lock_exclusive(inp->inp_pcbinfo->ipi_lock)) {
1467 /*lock inversion issue, mostly with udp multicast packets */
1468 socket_unlock(inp->inp_socket, 0);
1469 lck_rw_lock_exclusive(inp->inp_pcbinfo->ipi_lock);
1470 socket_lock(inp->inp_socket, 0);
1471 }
1472 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) {
1473 inp->in6p_laddr = addr6;
1474 inp->in6p_last_outifp = outif; /* no reference needed */
1475 inp->in6p_flags |= INP_IN6ADDR_ANY;
1476 }
1477 inp->in6p_faddr = sin6->sin6_addr;
1478 inp->inp_fport = sin6->sin6_port;
1479 if ((sin6->sin6_flowinfo & IPV6_FLOWINFO_MASK) != 0)
1480 inp->inp_flow = sin6->sin6_flowinfo;
1481 in_pcbrehash(inp);
1482 lck_rw_done(inp->inp_pcbinfo->ipi_lock);
1483
1484 if (inp->inp_flowhash == 0)
1485 inp->inp_flowhash = inp_calc_flowhash(inp);
1486 /* update flowinfo - RFC 6437 */
1487 if (inp->inp_flow == 0 && inp->in6p_flags & IN6P_AUTOFLOWLABEL) {
1488 inp->inp_flow &= ~IPV6_FLOWLABEL_MASK;
1489 inp->inp_flow |=
1490 (htonl(inp->inp_flowhash) & IPV6_FLOWLABEL_MASK);
1491 }
1492
1493 tcp_set_max_rwinscale(tp, so, TCP_AUTORCVBUF_MAX(outif));
1494
1495 soisconnecting(so);
1496 tcpstat.tcps_connattempt++;
1497 tp->t_state = TCPS_SYN_SENT;
1498 tp->t_timer[TCPT_KEEP] = OFFSET_FROM_START(tp,
1499 TCP_CONN_KEEPINIT(tp));
1500 tp->iss = tcp_new_isn(tp);
1501 tcp_sendseqinit(tp);
1502 if (nstat_collect)
1503 nstat_route_connect_attempt(inp->inp_route.ro_rt);
1504
1505 done:
1506 if (outif != NULL)
1507 ifnet_release(outif);
1508
1509 return (error);
1510 }
1511 #endif /* INET6 */
1512
1513 /*
1514 * Export TCP internal state information via a struct tcp_info
1515 */
1516 __private_extern__ void
1517 tcp_fill_info(struct tcpcb *tp, struct tcp_info *ti)
1518 {
1519 struct inpcb *inp = tp->t_inpcb;
1520
1521 bzero(ti, sizeof(*ti));
1522
1523 ti->tcpi_state = tp->t_state;
1524 ti->tcpi_flowhash = inp->inp_flowhash;
1525
1526 if (tp->t_state > TCPS_LISTEN) {
1527 if (TSTMP_SUPPORTED(tp))
1528 ti->tcpi_options |= TCPI_OPT_TIMESTAMPS;
1529 if (SACK_ENABLED(tp))
1530 ti->tcpi_options |= TCPI_OPT_SACK;
1531 if (TCP_WINDOW_SCALE_ENABLED(tp)) {
1532 ti->tcpi_options |= TCPI_OPT_WSCALE;
1533 ti->tcpi_snd_wscale = tp->snd_scale;
1534 ti->tcpi_rcv_wscale = tp->rcv_scale;
1535 }
1536 if (TCP_ECN_ENABLED(tp))
1537 ti->tcpi_options |= TCPI_OPT_ECN;
1538
1539 /* Are we in retranmission episode */
1540 if (IN_FASTRECOVERY(tp) || tp->t_rxtshift > 0)
1541 ti->tcpi_flags |= TCPI_FLAG_LOSSRECOVERY;
1542
1543 if (tp->t_flags & TF_STREAMING_ON)
1544 ti->tcpi_flags |= TCPI_FLAG_STREAMING_ON;
1545
1546 ti->tcpi_rto = tp->t_timer[TCPT_REXMT] ? tp->t_rxtcur : 0;
1547 ti->tcpi_snd_mss = tp->t_maxseg;
1548 ti->tcpi_rcv_mss = tp->t_maxseg;
1549
1550 ti->tcpi_rttcur = tp->t_rttcur;
1551 ti->tcpi_srtt = tp->t_srtt >> TCP_RTT_SHIFT;
1552 ti->tcpi_rttvar = tp->t_rttvar >> TCP_RTTVAR_SHIFT;
1553 ti->tcpi_rttbest = tp->t_rttbest >> TCP_RTT_SHIFT;
1554
1555 ti->tcpi_snd_ssthresh = tp->snd_ssthresh;
1556 ti->tcpi_snd_cwnd = tp->snd_cwnd;
1557 ti->tcpi_snd_sbbytes = inp->inp_socket->so_snd.sb_cc;
1558
1559 ti->tcpi_rcv_space = tp->rcv_wnd;
1560
1561 ti->tcpi_snd_wnd = tp->snd_wnd;
1562 ti->tcpi_snd_nxt = tp->snd_nxt;
1563 ti->tcpi_rcv_nxt = tp->rcv_nxt;
1564
1565 /* convert bytes/msec to bits/sec */
1566 if ((tp->t_flagsext & TF_MEASURESNDBW) != 0 &&
1567 tp->t_bwmeas != NULL) {
1568 ti->tcpi_snd_bw = (tp->t_bwmeas->bw_sndbw * 8000);
1569 }
1570
1571 ti->tcpi_last_outif = (tp->t_inpcb->inp_last_outifp == NULL) ? 0 :
1572 tp->t_inpcb->inp_last_outifp->if_index;
1573
1574 //atomic_get_64(ti->tcpi_txbytes, &inp->inp_stat->txbytes);
1575 ti->tcpi_txpackets = inp->inp_stat->txpackets;
1576 ti->tcpi_txbytes = inp->inp_stat->txbytes;
1577 ti->tcpi_txretransmitbytes = tp->t_stat.txretransmitbytes;
1578 ti->tcpi_txunacked = tp->snd_max - tp->snd_una;
1579
1580 //atomic_get_64(ti->tcpi_rxbytes, &inp->inp_stat->rxbytes);
1581 ti->tcpi_rxpackets = inp->inp_stat->rxpackets;
1582 ti->tcpi_rxbytes = inp->inp_stat->rxbytes;
1583 ti->tcpi_rxduplicatebytes = tp->t_stat.rxduplicatebytes;
1584 ti->tcpi_rxoutoforderbytes = tp->t_stat.rxoutoforderbytes;
1585
1586 if (tp->t_state > TCPS_LISTEN) {
1587 ti->tcpi_synrexmits = tp->t_stat.synrxtshift;
1588 }
1589 ti->tcpi_cell_rxpackets = inp->inp_cstat->rxpackets;
1590 ti->tcpi_cell_rxbytes = inp->inp_cstat->rxbytes;
1591 ti->tcpi_cell_txpackets = inp->inp_cstat->txpackets;
1592 ti->tcpi_cell_txbytes = inp->inp_cstat->txbytes;
1593
1594 ti->tcpi_wifi_rxpackets = inp->inp_wstat->rxpackets;
1595 ti->tcpi_wifi_rxbytes = inp->inp_wstat->rxbytes;
1596 ti->tcpi_wifi_txpackets = inp->inp_wstat->txpackets;
1597 ti->tcpi_wifi_txbytes = inp->inp_wstat->txbytes;
1598
1599 ti->tcpi_wired_rxpackets = inp->inp_Wstat->rxpackets;
1600 ti->tcpi_wired_rxbytes = inp->inp_Wstat->rxbytes;
1601 ti->tcpi_wired_txpackets = inp->inp_Wstat->txpackets;
1602 ti->tcpi_wired_txbytes = inp->inp_Wstat->txbytes;
1603 tcp_get_connectivity_status(tp, &ti->tcpi_connstatus);
1604
1605 ti->tcpi_tfo_syn_data_rcv = !!(tp->t_tfo_stats & TFO_S_SYNDATA_RCV);
1606 ti->tcpi_tfo_cookie_req_rcv = !!(tp->t_tfo_stats & TFO_S_COOKIEREQ_RECV);
1607 ti->tcpi_tfo_cookie_sent = !!(tp->t_tfo_stats & TFO_S_COOKIE_SENT);
1608 ti->tcpi_tfo_cookie_invalid = !!(tp->t_tfo_stats & TFO_S_COOKIE_INVALID);
1609
1610 ti->tcpi_tfo_cookie_req = !!(tp->t_tfo_stats & TFO_S_COOKIE_REQ);
1611 ti->tcpi_tfo_cookie_rcv = !!(tp->t_tfo_stats & TFO_S_COOKIE_RCV);
1612 ti->tcpi_tfo_syn_data_sent = !!(tp->t_tfo_stats & TFO_S_SYN_DATA_SENT);
1613 ti->tcpi_tfo_syn_data_acked = !!(tp->t_tfo_stats & TFO_S_SYN_DATA_ACKED);
1614 ti->tcpi_tfo_syn_loss = !!(tp->t_tfo_stats & TFO_S_SYN_LOSS);
1615 ti->tcpi_tfo_cookie_wrong = !!(tp->t_tfo_stats & TFO_S_COOKIE_WRONG);
1616 ti->tcpi_tfo_no_cookie_rcv = !!(tp->t_tfo_stats & TFO_S_NO_COOKIE_RCV);
1617 ti->tcpi_tfo_heuristics_disable = !!(tp->t_tfo_stats & TFO_S_HEURISTICS_DISABLE);
1618 ti->tcpi_tfo_send_blackhole = !!(tp->t_tfo_stats & TFO_S_SEND_BLACKHOLE);
1619 ti->tcpi_tfo_recv_blackhole = !!(tp->t_tfo_stats & TFO_S_RECV_BLACKHOLE);
1620
1621 ti->tcpi_ecn_client_setup = !!(tp->ecn_flags & TE_SETUPSENT);
1622 ti->tcpi_ecn_server_setup = !!(tp->ecn_flags & TE_SETUPRECEIVED);
1623 ti->tcpi_ecn_success = (tp->ecn_flags & TE_ECN_ON) == TE_ECN_ON ? 1 : 0;
1624 ti->tcpi_ecn_lost_syn = !!(tp->ecn_flags & TE_LOST_SYN);
1625 ti->tcpi_ecn_lost_synack = !!(tp->ecn_flags & TE_LOST_SYNACK);
1626
1627 ti->tcpi_local_peer = !!(tp->t_flags & TF_LOCAL);
1628
1629 if (tp->t_inpcb->inp_last_outifp != NULL) {
1630 if (IFNET_IS_CELLULAR(tp->t_inpcb->inp_last_outifp))
1631 ti->tcpi_if_cell = 1;
1632 else if (IFNET_IS_WIFI(tp->t_inpcb->inp_last_outifp))
1633 ti->tcpi_if_wifi = 1;
1634 }
1635
1636 ti->tcpi_ecn_recv_ce = tp->t_ecn_recv_ce;
1637 ti->tcpi_ecn_recv_cwr = tp->t_ecn_recv_cwr;
1638
1639 ti->tcpi_rcvoopack = tp->t_rcvoopack;
1640 ti->tcpi_pawsdrop = tp->t_pawsdrop;
1641 ti->tcpi_sack_recovery_episode = tp->t_sack_recovery_episode;
1642 ti->tcpi_reordered_pkts = tp->t_reordered_pkts;
1643 ti->tcpi_dsack_sent = tp->t_dsack_sent;
1644 ti->tcpi_dsack_recvd = tp->t_dsack_recvd;
1645 }
1646 }
1647
1648 __private_extern__ errno_t
1649 tcp_fill_info_for_info_tuple(struct info_tuple *itpl, struct tcp_info *ti)
1650 {
1651 struct inpcbinfo *pcbinfo = NULL;
1652 struct inpcb *inp = NULL;
1653 struct socket *so;
1654 struct tcpcb *tp;
1655
1656 if (itpl->itpl_proto == IPPROTO_TCP)
1657 pcbinfo = &tcbinfo;
1658 else
1659 return EINVAL;
1660
1661 if (itpl->itpl_local_sa.sa_family == AF_INET &&
1662 itpl->itpl_remote_sa.sa_family == AF_INET) {
1663 inp = in_pcblookup_hash(pcbinfo,
1664 itpl->itpl_remote_sin.sin_addr,
1665 itpl->itpl_remote_sin.sin_port,
1666 itpl->itpl_local_sin.sin_addr,
1667 itpl->itpl_local_sin.sin_port,
1668 0, NULL);
1669 } else if (itpl->itpl_local_sa.sa_family == AF_INET6 &&
1670 itpl->itpl_remote_sa.sa_family == AF_INET6) {
1671 struct in6_addr ina6_local;
1672 struct in6_addr ina6_remote;
1673
1674 ina6_local = itpl->itpl_local_sin6.sin6_addr;
1675 if (IN6_IS_SCOPE_LINKLOCAL(&ina6_local) &&
1676 itpl->itpl_local_sin6.sin6_scope_id)
1677 ina6_local.s6_addr16[1] = htons(itpl->itpl_local_sin6.sin6_scope_id);
1678
1679 ina6_remote = itpl->itpl_remote_sin6.sin6_addr;
1680 if (IN6_IS_SCOPE_LINKLOCAL(&ina6_remote) &&
1681 itpl->itpl_remote_sin6.sin6_scope_id)
1682 ina6_remote.s6_addr16[1] = htons(itpl->itpl_remote_sin6.sin6_scope_id);
1683
1684 inp = in6_pcblookup_hash(pcbinfo,
1685 &ina6_remote,
1686 itpl->itpl_remote_sin6.sin6_port,
1687 &ina6_local,
1688 itpl->itpl_local_sin6.sin6_port,
1689 0, NULL);
1690 } else {
1691 return EINVAL;
1692 }
1693 if (inp == NULL || (so = inp->inp_socket) == NULL)
1694 return ENOENT;
1695
1696 socket_lock(so, 0);
1697 if (in_pcb_checkstate(inp, WNT_RELEASE, 1) == WNT_STOPUSING) {
1698 socket_unlock(so, 0);
1699 return ENOENT;
1700 }
1701 tp = intotcpcb(inp);
1702
1703 tcp_fill_info(tp, ti);
1704 socket_unlock(so, 0);
1705
1706 return 0;
1707 }
1708
1709 static void
1710 tcp_connection_fill_info(struct tcpcb *tp, struct tcp_connection_info *tci)
1711 {
1712 struct inpcb *inp = tp->t_inpcb;
1713
1714 bzero(tci, sizeof(*tci));
1715 tci->tcpi_state = tp->t_state;
1716 if (tp->t_state > TCPS_LISTEN) {
1717 if (TSTMP_SUPPORTED(tp))
1718 tci->tcpi_options |= TCPCI_OPT_TIMESTAMPS;
1719 if (SACK_ENABLED(tp))
1720 tci->tcpi_options |= TCPCI_OPT_SACK;
1721 if (TCP_WINDOW_SCALE_ENABLED(tp)) {
1722 tci->tcpi_options |= TCPCI_OPT_WSCALE;
1723 tci->tcpi_snd_wscale = tp->snd_scale;
1724 tci->tcpi_rcv_wscale = tp->rcv_scale;
1725 }
1726 if (TCP_ECN_ENABLED(tp))
1727 tci->tcpi_options |= TCPCI_OPT_ECN;
1728 if (IN_FASTRECOVERY(tp) || tp->t_rxtshift > 0)
1729 tci->tcpi_flags |= TCPCI_FLAG_LOSSRECOVERY;
1730 if (tp->t_flagsext & TF_PKTS_REORDERED)
1731 tci->tcpi_flags |= TCPCI_FLAG_REORDERING_DETECTED;
1732 tci->tcpi_rto = (tp->t_timer[TCPT_REXMT] > 0) ?
1733 tp->t_rxtcur : 0;
1734 tci->tcpi_maxseg = tp->t_maxseg;
1735 tci->tcpi_snd_ssthresh = tp->snd_ssthresh;
1736 tci->tcpi_snd_cwnd = tp->snd_cwnd;
1737 tci->tcpi_snd_wnd = tp->snd_wnd;
1738 tci->tcpi_snd_sbbytes = inp->inp_socket->so_snd.sb_cc;
1739 tci->tcpi_rcv_wnd = tp->rcv_wnd;
1740 tci->tcpi_rttcur = tp->t_rttcur;
1741 tci->tcpi_srtt = (tp->t_srtt >> TCP_RTT_SHIFT);
1742 tci->tcpi_rttvar = (tp->t_rttvar >> TCP_RTTVAR_SHIFT);
1743 tci->tcpi_txpackets = inp->inp_stat->txpackets;
1744 tci->tcpi_txbytes = inp->inp_stat->txbytes;
1745 tci->tcpi_txretransmitbytes = tp->t_stat.txretransmitbytes;
1746 tci->tcpi_rxpackets = inp->inp_stat->rxpackets;
1747 tci->tcpi_rxbytes = inp->inp_stat->rxbytes;
1748 tci->tcpi_rxoutoforderbytes = tp->t_stat.rxoutoforderbytes;
1749
1750 tci->tcpi_tfo_syn_data_rcv = !!(tp->t_tfo_stats & TFO_S_SYNDATA_RCV);
1751 tci->tcpi_tfo_cookie_req_rcv = !!(tp->t_tfo_stats & TFO_S_COOKIEREQ_RECV);
1752 tci->tcpi_tfo_cookie_sent = !!(tp->t_tfo_stats & TFO_S_COOKIE_SENT);
1753 tci->tcpi_tfo_cookie_invalid = !!(tp->t_tfo_stats & TFO_S_COOKIE_INVALID);
1754 tci->tcpi_tfo_cookie_req = !!(tp->t_tfo_stats & TFO_S_COOKIE_REQ);
1755 tci->tcpi_tfo_cookie_rcv = !!(tp->t_tfo_stats & TFO_S_COOKIE_RCV);
1756 tci->tcpi_tfo_syn_data_sent = !!(tp->t_tfo_stats & TFO_S_SYN_DATA_SENT);
1757 tci->tcpi_tfo_syn_data_acked = !!(tp->t_tfo_stats & TFO_S_SYN_DATA_ACKED);
1758 tci->tcpi_tfo_syn_loss = !!(tp->t_tfo_stats & TFO_S_SYN_LOSS);
1759 tci->tcpi_tfo_cookie_wrong = !!(tp->t_tfo_stats & TFO_S_COOKIE_WRONG);
1760 tci->tcpi_tfo_no_cookie_rcv = !!(tp->t_tfo_stats & TFO_S_NO_COOKIE_RCV);
1761 tci->tcpi_tfo_heuristics_disable = !!(tp->t_tfo_stats & TFO_S_HEURISTICS_DISABLE);
1762 tci->tcpi_tfo_send_blackhole = !!(tp->t_tfo_stats & TFO_S_SEND_BLACKHOLE);
1763 tci->tcpi_tfo_recv_blackhole = !!(tp->t_tfo_stats & TFO_S_RECV_BLACKHOLE);
1764 }
1765 }
1766
1767
1768 __private_extern__ int
1769 tcp_sysctl_info(__unused struct sysctl_oid *oidp, __unused void *arg1, __unused int arg2, struct sysctl_req *req)
1770 {
1771 int error;
1772 struct tcp_info ti;
1773 struct info_tuple itpl;
1774 proc_t caller = PROC_NULL;
1775 proc_t caller_parent = PROC_NULL;
1776 char command_name[MAXCOMLEN + 1] = "";
1777 char parent_name[MAXCOMLEN + 1] = "";
1778
1779 if ((caller = proc_self()) != PROC_NULL) {
1780 /* get process name */
1781 strlcpy(command_name, caller->p_comm, sizeof(command_name));
1782
1783 /* get parent process name if possible */
1784 if ((caller_parent = proc_find(caller->p_ppid)) != PROC_NULL) {
1785 strlcpy(parent_name, caller_parent->p_comm,
1786 sizeof(parent_name));
1787 proc_rele(caller_parent);
1788 }
1789
1790 if ((escape_str(command_name, strlen(command_name),
1791 sizeof(command_name)) == 0) &&
1792 (escape_str(parent_name, strlen(parent_name),
1793 sizeof(parent_name)) == 0)) {
1794 kern_asl_msg(LOG_DEBUG, "messagetracer",
1795 5,
1796 "com.apple.message.domain",
1797 "com.apple.kernel.tcpstat", /* 1 */
1798 "com.apple.message.signature",
1799 "tcpinfo", /* 2 */
1800 "com.apple.message.signature2", command_name, /* 3 */
1801 "com.apple.message.signature3", parent_name, /* 4 */
1802 "com.apple.message.summarize", "YES", /* 5 */
1803 NULL);
1804 }
1805 }
1806
1807 if (caller != PROC_NULL)
1808 proc_rele(caller);
1809
1810 if (req->newptr == USER_ADDR_NULL) {
1811 return EINVAL;
1812 }
1813 if (req->newlen < sizeof(struct info_tuple)) {
1814 return EINVAL;
1815 }
1816 error = SYSCTL_IN(req, &itpl, sizeof(struct info_tuple));
1817 if (error != 0) {
1818 return error;
1819 }
1820 error = tcp_fill_info_for_info_tuple(&itpl, &ti);
1821 if (error != 0) {
1822 return error;
1823 }
1824 error = SYSCTL_OUT(req, &ti, sizeof(struct tcp_info));
1825 if (error != 0) {
1826 return error;
1827 }
1828
1829 return 0;
1830 }
1831
1832 static int
1833 tcp_lookup_peer_pid_locked(struct socket *so, pid_t *out_pid)
1834 {
1835 int error = EHOSTUNREACH;
1836 *out_pid = -1;
1837 if ((so->so_state & SS_ISCONNECTED) == 0) return ENOTCONN;
1838
1839 struct inpcb *inp = (struct inpcb*)so->so_pcb;
1840 uint16_t lport = inp->inp_lport;
1841 uint16_t fport = inp->inp_fport;
1842 struct inpcb *finp = NULL;
1843
1844 if (inp->inp_vflag & INP_IPV6) {
1845 struct in6_addr laddr6 = inp->in6p_laddr;
1846 struct in6_addr faddr6 = inp->in6p_faddr;
1847 socket_unlock(so, 0);
1848 finp = in6_pcblookup_hash(&tcbinfo, &laddr6, lport, &faddr6, fport, 0, NULL);
1849 socket_lock(so, 0);
1850 } else if (inp->inp_vflag & INP_IPV4) {
1851 struct in_addr laddr4 = inp->inp_laddr;
1852 struct in_addr faddr4 = inp->inp_faddr;
1853 socket_unlock(so, 0);
1854 finp = in_pcblookup_hash(&tcbinfo, laddr4, lport, faddr4, fport, 0, NULL);
1855 socket_lock(so, 0);
1856 }
1857
1858 if (finp) {
1859 *out_pid = finp->inp_socket->last_pid;
1860 error = 0;
1861 in_pcb_checkstate(finp, WNT_RELEASE, 0);
1862 }
1863
1864 return error;
1865 }
1866
1867 void
1868 tcp_getconninfo(struct socket *so, struct conninfo_tcp *tcp_ci)
1869 {
1870 (void) tcp_lookup_peer_pid_locked(so, &tcp_ci->tcpci_peer_pid);
1871 tcp_fill_info(sototcpcb(so), &tcp_ci->tcpci_tcp_info);
1872 }
1873
1874 /*
1875 * The new sockopt interface makes it possible for us to block in the
1876 * copyin/out step (if we take a page fault). Taking a page fault at
1877 * splnet() is probably a Bad Thing. (Since sockets and pcbs both now
1878 * use TSM, there probably isn't any need for this function to run at
1879 * splnet() any more. This needs more examination.)
1880 */
1881 int
1882 tcp_ctloutput(struct socket *so, struct sockopt *sopt)
1883 {
1884 int error, opt, optval;
1885 struct inpcb *inp;
1886 struct tcpcb *tp;
1887
1888 error = 0;
1889 inp = sotoinpcb(so);
1890 if (inp == NULL) {
1891 return (ECONNRESET);
1892 }
1893 /* Allow <SOL_SOCKET,SO_FLUSH/SO_TRAFFIC_MGT_BACKGROUND> at this level */
1894 if (sopt->sopt_level != IPPROTO_TCP &&
1895 !(sopt->sopt_level == SOL_SOCKET && (sopt->sopt_name == SO_FLUSH ||
1896 sopt->sopt_name == SO_TRAFFIC_MGT_BACKGROUND))) {
1897 #if INET6
1898 if (SOCK_CHECK_DOM(so, PF_INET6))
1899 error = ip6_ctloutput(so, sopt);
1900 else
1901 #endif /* INET6 */
1902 error = ip_ctloutput(so, sopt);
1903 return (error);
1904 }
1905 tp = intotcpcb(inp);
1906 if (tp == NULL) {
1907 return (ECONNRESET);
1908 }
1909
1910 calculate_tcp_clock();
1911
1912 switch (sopt->sopt_dir) {
1913 case SOPT_SET:
1914 switch (sopt->sopt_name) {
1915 case TCP_NODELAY:
1916 case TCP_NOOPT:
1917 case TCP_NOPUSH:
1918 error = sooptcopyin(sopt, &optval, sizeof optval,
1919 sizeof optval);
1920 if (error)
1921 break;
1922
1923 switch (sopt->sopt_name) {
1924 case TCP_NODELAY:
1925 opt = TF_NODELAY;
1926 break;
1927 case TCP_NOOPT:
1928 opt = TF_NOOPT;
1929 break;
1930 case TCP_NOPUSH:
1931 opt = TF_NOPUSH;
1932 break;
1933 default:
1934 opt = 0; /* dead code to fool gcc */
1935 break;
1936 }
1937
1938 if (optval)
1939 tp->t_flags |= opt;
1940 else
1941 tp->t_flags &= ~opt;
1942 break;
1943 case TCP_RXT_FINDROP:
1944 case TCP_NOTIMEWAIT:
1945 error = sooptcopyin(sopt, &optval, sizeof optval,
1946 sizeof optval);
1947 if (error)
1948 break;
1949 switch (sopt->sopt_name) {
1950 case TCP_RXT_FINDROP:
1951 opt = TF_RXTFINDROP;
1952 break;
1953 case TCP_NOTIMEWAIT:
1954 opt = TF_NOTIMEWAIT;
1955 break;
1956 default:
1957 opt = 0;
1958 break;
1959 }
1960 if (optval)
1961 tp->t_flagsext |= opt;
1962 else
1963 tp->t_flagsext &= ~opt;
1964 break;
1965 case TCP_MEASURE_SND_BW:
1966 error = sooptcopyin(sopt, &optval, sizeof optval,
1967 sizeof optval);
1968 if (error)
1969 break;
1970 opt = TF_MEASURESNDBW;
1971 if (optval) {
1972 if (tp->t_bwmeas == NULL) {
1973 tp->t_bwmeas = tcp_bwmeas_alloc(tp);
1974 if (tp->t_bwmeas == NULL) {
1975 error = ENOMEM;
1976 break;
1977 }
1978 }
1979 tp->t_flagsext |= opt;
1980 } else {
1981 tp->t_flagsext &= ~opt;
1982 /* Reset snd bw measurement state */
1983 tp->t_flagsext &= ~(TF_BWMEAS_INPROGRESS);
1984 if (tp->t_bwmeas != NULL) {
1985 tcp_bwmeas_free(tp);
1986 }
1987 }
1988 break;
1989 case TCP_MEASURE_BW_BURST: {
1990 struct tcp_measure_bw_burst in;
1991 uint32_t minpkts, maxpkts;
1992 bzero(&in, sizeof(in));
1993
1994 error = sooptcopyin(sopt, &in, sizeof(in),
1995 sizeof(in));
1996 if (error)
1997 break;
1998 if ((tp->t_flagsext & TF_MEASURESNDBW) == 0 ||
1999 tp->t_bwmeas == NULL) {
2000 error = EINVAL;
2001 break;
2002 }
2003 minpkts = (in.min_burst_size != 0) ? in.min_burst_size :
2004 tp->t_bwmeas->bw_minsizepkts;
2005 maxpkts = (in.max_burst_size != 0) ? in.max_burst_size :
2006 tp->t_bwmeas->bw_maxsizepkts;
2007 if (minpkts > maxpkts) {
2008 error = EINVAL;
2009 break;
2010 }
2011 tp->t_bwmeas->bw_minsizepkts = minpkts;
2012 tp->t_bwmeas->bw_maxsizepkts = maxpkts;
2013 tp->t_bwmeas->bw_minsize = (minpkts * tp->t_maxseg);
2014 tp->t_bwmeas->bw_maxsize = (maxpkts * tp->t_maxseg);
2015 break;
2016 }
2017 case TCP_MAXSEG:
2018 error = sooptcopyin(sopt, &optval, sizeof optval,
2019 sizeof optval);
2020 if (error)
2021 break;
2022
2023 if (optval > 0 && optval <= tp->t_maxseg &&
2024 optval + 40 >= tcp_minmss)
2025 tp->t_maxseg = optval;
2026 else
2027 error = EINVAL;
2028 break;
2029
2030 case TCP_KEEPALIVE:
2031 error = sooptcopyin(sopt, &optval, sizeof optval,
2032 sizeof optval);
2033 if (error)
2034 break;
2035 if (optval < 0 || optval > UINT32_MAX/TCP_RETRANSHZ) {
2036 error = EINVAL;
2037 } else {
2038 tp->t_keepidle = optval * TCP_RETRANSHZ;
2039 /* reset the timer to new value */
2040 tp->t_timer[TCPT_KEEP] = OFFSET_FROM_START(tp,
2041 TCP_CONN_KEEPIDLE(tp));
2042 tcp_check_timer_state(tp);
2043 }
2044 break;
2045
2046 case TCP_CONNECTIONTIMEOUT:
2047 error = sooptcopyin(sopt, &optval, sizeof optval,
2048 sizeof optval);
2049 if (error)
2050 break;
2051 if (optval < 0 || optval > UINT32_MAX/TCP_RETRANSHZ) {
2052 error = EINVAL;
2053 } else {
2054 tp->t_keepinit = optval * TCP_RETRANSHZ;
2055 if (tp->t_state == TCPS_SYN_RECEIVED ||
2056 tp->t_state == TCPS_SYN_SENT) {
2057 tp->t_timer[TCPT_KEEP] = OFFSET_FROM_START(tp,
2058 TCP_CONN_KEEPINIT(tp));
2059 tcp_check_timer_state(tp);
2060 }
2061 }
2062 break;
2063
2064 case TCP_KEEPINTVL:
2065 error = sooptcopyin(sopt, &optval, sizeof(optval),
2066 sizeof(optval));
2067 if (error)
2068 break;
2069 if (optval < 0 || optval > UINT32_MAX/TCP_RETRANSHZ) {
2070 error = EINVAL;
2071 } else {
2072 tp->t_keepintvl = optval * TCP_RETRANSHZ;
2073 if (tp->t_state == TCPS_FIN_WAIT_2 &&
2074 TCP_CONN_MAXIDLE(tp) > 0) {
2075 tp->t_timer[TCPT_2MSL] = OFFSET_FROM_START(tp,
2076 TCP_CONN_MAXIDLE(tp));
2077 tcp_check_timer_state(tp);
2078 }
2079 }
2080 break;
2081
2082 case TCP_KEEPCNT:
2083 error = sooptcopyin(sopt, &optval, sizeof(optval),
2084 sizeof(optval));
2085 if (error)
2086 break;
2087 if (optval < 0 || optval > INT32_MAX) {
2088 error = EINVAL;
2089 } else {
2090 tp->t_keepcnt = optval;
2091 if (tp->t_state == TCPS_FIN_WAIT_2 &&
2092 TCP_CONN_MAXIDLE(tp) > 0) {
2093 tp->t_timer[TCPT_2MSL] = OFFSET_FROM_START(tp,
2094 TCP_CONN_MAXIDLE(tp));
2095 tcp_check_timer_state(tp);
2096 }
2097 }
2098 break;
2099
2100 case TCP_KEEPALIVE_OFFLOAD:
2101 error = sooptcopyin(sopt, &optval, sizeof(optval),
2102 sizeof(optval));
2103 if (error)
2104 break;
2105 if (optval < 0 || optval > INT32_MAX) {
2106 error = EINVAL;
2107 break;
2108 }
2109 if (optval != 0)
2110 inp->inp_flags2 |= INP2_KEEPALIVE_OFFLOAD;
2111 else
2112 inp->inp_flags2 &= ~INP2_KEEPALIVE_OFFLOAD;
2113 break;
2114
2115 case PERSIST_TIMEOUT:
2116 error = sooptcopyin(sopt, &optval, sizeof optval,
2117 sizeof optval);
2118 if (error)
2119 break;
2120 if (optval < 0)
2121 error = EINVAL;
2122 else
2123 tp->t_persist_timeout = optval * TCP_RETRANSHZ;
2124 break;
2125 case TCP_RXT_CONNDROPTIME:
2126 error = sooptcopyin(sopt, &optval, sizeof(optval),
2127 sizeof(optval));
2128 if (error)
2129 break;
2130 if (optval < 0)
2131 error = EINVAL;
2132 else
2133 tp->t_rxt_conndroptime = optval * TCP_RETRANSHZ;
2134 break;
2135 case TCP_NOTSENT_LOWAT:
2136 error = sooptcopyin(sopt, &optval, sizeof(optval),
2137 sizeof(optval));
2138 if (error)
2139 break;
2140 if (optval < 0) {
2141 error = EINVAL;
2142 break;
2143 } else {
2144 if (optval == 0) {
2145 so->so_flags &= ~(SOF_NOTSENT_LOWAT);
2146 tp->t_notsent_lowat = 0;
2147 } else {
2148 so->so_flags |= SOF_NOTSENT_LOWAT;
2149 tp->t_notsent_lowat = optval;
2150 }
2151 }
2152 break;
2153 case TCP_ADAPTIVE_READ_TIMEOUT:
2154 error = sooptcopyin(sopt, &optval, sizeof (optval),
2155 sizeof(optval));
2156 if (error)
2157 break;
2158 if (optval < 0 ||
2159 optval > TCP_ADAPTIVE_TIMEOUT_MAX) {
2160 error = EINVAL;
2161 break;
2162 } else if (optval == 0) {
2163 tp->t_adaptive_rtimo = 0;
2164 tcp_keepalive_reset(tp);
2165 } else {
2166 tp->t_adaptive_rtimo = optval;
2167 }
2168 break;
2169 case TCP_ADAPTIVE_WRITE_TIMEOUT:
2170 error = sooptcopyin(sopt, &optval, sizeof (optval),
2171 sizeof (optval));
2172 if (error)
2173 break;
2174 if (optval < 0 ||
2175 optval > TCP_ADAPTIVE_TIMEOUT_MAX) {
2176 error = EINVAL;
2177 break;
2178 } else {
2179 tp->t_adaptive_wtimo = optval;
2180 }
2181 break;
2182 case TCP_ENABLE_MSGS:
2183 error = sooptcopyin(sopt, &optval, sizeof(optval),
2184 sizeof(optval));
2185 if (error)
2186 break;
2187 if (optval < 0 || optval > 1) {
2188 error = EINVAL;
2189 } else if (optval == 1) {
2190 /*
2191 * Check if messages option is already
2192 * enabled, if so return.
2193 */
2194 if (so->so_flags & SOF_ENABLE_MSGS) {
2195 VERIFY(so->so_msg_state != NULL);
2196 break;
2197 }
2198
2199 /*
2200 * allocate memory for storing message
2201 * related state
2202 */
2203 VERIFY(so->so_msg_state == NULL);
2204 MALLOC(so->so_msg_state,
2205 struct msg_state *,
2206 sizeof(struct msg_state),
2207 M_TEMP, M_WAITOK | M_ZERO);
2208 if (so->so_msg_state == NULL) {
2209 error = ENOMEM;
2210 break;
2211 }
2212
2213 /* Enable message delivery */
2214 so->so_flags |= SOF_ENABLE_MSGS;
2215 } else {
2216 /*
2217 * Can't disable message delivery on socket
2218 * because of restrictions imposed by
2219 * encoding/decoding
2220 */
2221 error = EINVAL;
2222 }
2223 break;
2224 case TCP_SENDMOREACKS:
2225 error = sooptcopyin(sopt, &optval, sizeof(optval),
2226 sizeof(optval));
2227 if (error)
2228 break;
2229 if (optval < 0 || optval > 1) {
2230 error = EINVAL;
2231 } else if (optval == 0) {
2232 tp->t_flagsext &= ~(TF_NOSTRETCHACK);
2233 } else {
2234 tp->t_flagsext |= TF_NOSTRETCHACK;
2235 }
2236 break;
2237 case TCP_DISABLE_BLACKHOLE_DETECTION:
2238 error = sooptcopyin(sopt, &optval, sizeof(optval),
2239 sizeof(optval));
2240 if (error)
2241 break;
2242 if (optval < 0 || optval > 1) {
2243 error = EINVAL;
2244 } else if (optval == 0) {
2245 tp->t_flagsext &= ~TF_NOBLACKHOLE_DETECTION;
2246 } else {
2247 tp->t_flagsext |= TF_NOBLACKHOLE_DETECTION;
2248 if ((tp->t_flags & TF_BLACKHOLE) &&
2249 tp->t_pmtud_saved_maxopd > 0)
2250 tcp_pmtud_revert_segment_size(tp);
2251 }
2252 break;
2253 case TCP_FASTOPEN:
2254 if (!(tcp_fastopen & TCP_FASTOPEN_SERVER)) {
2255 error = ENOTSUP;
2256 break;
2257 }
2258
2259 error = sooptcopyin(sopt, &optval, sizeof(optval),
2260 sizeof(optval));
2261 if (error)
2262 break;
2263 if (optval < 0 || optval > 1) {
2264 error = EINVAL;
2265 break;
2266 }
2267 if (tp->t_state != TCPS_LISTEN) {
2268 error = EINVAL;
2269 break;
2270 }
2271 if (optval)
2272 tp->t_flagsext |= TF_FASTOPEN;
2273 else
2274 tcp_disable_tfo(tp);
2275 break;
2276 case TCP_ENABLE_ECN:
2277 error = sooptcopyin(sopt, &optval, sizeof optval,
2278 sizeof optval);
2279 if (error)
2280 break;
2281 if (optval) {
2282 tp->ecn_flags |= TE_ECN_MODE_ENABLE;
2283 tp->ecn_flags &= ~TE_ECN_MODE_DISABLE;
2284 } else {
2285 tp->ecn_flags &= ~TE_ECN_MODE_ENABLE;
2286 }
2287 break;
2288 case TCP_ECN_MODE:
2289 error = sooptcopyin(sopt, &optval, sizeof optval,
2290 sizeof optval);
2291 if (error)
2292 break;
2293 if (optval == ECN_MODE_DEFAULT) {
2294 tp->ecn_flags &= ~TE_ECN_MODE_ENABLE;
2295 tp->ecn_flags &= ~TE_ECN_MODE_DISABLE;
2296 } else if (optval == ECN_MODE_ENABLE) {
2297 tp->ecn_flags |= TE_ECN_MODE_ENABLE;
2298 tp->ecn_flags &= ~TE_ECN_MODE_DISABLE;
2299 } else if (optval == ECN_MODE_DISABLE) {
2300 tp->ecn_flags &= ~TE_ECN_MODE_ENABLE;
2301 tp->ecn_flags |= TE_ECN_MODE_DISABLE;
2302 } else {
2303 error = EINVAL;
2304 }
2305 break;
2306 case TCP_NOTIFY_ACKNOWLEDGEMENT:
2307 error = sooptcopyin(sopt, &optval,
2308 sizeof(optval), sizeof(optval));
2309 if (error)
2310 break;
2311 if (optval <= 0) {
2312 error = EINVAL;
2313 break;
2314 }
2315 if (tp->t_notify_ack_count >= TCP_MAX_NOTIFY_ACK) {
2316 error = ETOOMANYREFS;
2317 break;
2318 }
2319
2320 /*
2321 * validate that the given marker id is not
2322 * a duplicate to avoid ambiguity
2323 */
2324 if ((error = tcp_notify_ack_id_valid(tp, so,
2325 optval)) != 0) {
2326 break;
2327 }
2328 error = tcp_add_notify_ack_marker(tp, optval);
2329 break;
2330 case SO_FLUSH:
2331 if ((error = sooptcopyin(sopt, &optval, sizeof (optval),
2332 sizeof (optval))) != 0)
2333 break;
2334
2335 error = inp_flush(inp, optval);
2336 break;
2337
2338 case SO_TRAFFIC_MGT_BACKGROUND:
2339 if ((error = sooptcopyin(sopt, &optval, sizeof (optval),
2340 sizeof (optval))) != 0)
2341 break;
2342
2343 if (optval) {
2344 socket_set_traffic_mgt_flags_locked(so,
2345 TRAFFIC_MGT_SO_BACKGROUND);
2346 } else {
2347 socket_clear_traffic_mgt_flags_locked(so,
2348 TRAFFIC_MGT_SO_BACKGROUND);
2349 }
2350 break;
2351
2352 default:
2353 error = ENOPROTOOPT;
2354 break;
2355 }
2356 break;
2357
2358 case SOPT_GET:
2359 switch (sopt->sopt_name) {
2360 case TCP_NODELAY:
2361 optval = tp->t_flags & TF_NODELAY;
2362 break;
2363 case TCP_MAXSEG:
2364 optval = tp->t_maxseg;
2365 break;
2366 case TCP_KEEPALIVE:
2367 if (tp->t_keepidle > 0)
2368 optval = tp->t_keepidle / TCP_RETRANSHZ;
2369 else
2370 optval = tcp_keepidle / TCP_RETRANSHZ;
2371 break;
2372 case TCP_KEEPINTVL:
2373 if (tp->t_keepintvl > 0)
2374 optval = tp->t_keepintvl / TCP_RETRANSHZ;
2375 else
2376 optval = tcp_keepintvl / TCP_RETRANSHZ;
2377 break;
2378 case TCP_KEEPCNT:
2379 if (tp->t_keepcnt > 0)
2380 optval = tp->t_keepcnt;
2381 else
2382 optval = tcp_keepcnt;
2383 break;
2384 case TCP_KEEPALIVE_OFFLOAD:
2385 optval = !!(inp->inp_flags2 & INP2_KEEPALIVE_OFFLOAD);
2386 break;
2387 case TCP_NOOPT:
2388 optval = tp->t_flags & TF_NOOPT;
2389 break;
2390 case TCP_NOPUSH:
2391 optval = tp->t_flags & TF_NOPUSH;
2392 break;
2393 case TCP_ENABLE_ECN:
2394 optval = (tp->ecn_flags & TE_ECN_MODE_ENABLE) ? 1 : 0;
2395 break;
2396 case TCP_ECN_MODE:
2397 if (tp->ecn_flags & TE_ECN_MODE_ENABLE)
2398 optval = ECN_MODE_ENABLE;
2399 else if (tp->ecn_flags & TE_ECN_MODE_DISABLE)
2400 optval = ECN_MODE_DISABLE;
2401 else
2402 optval = ECN_MODE_DEFAULT;
2403 break;
2404 case TCP_CONNECTIONTIMEOUT:
2405 optval = tp->t_keepinit / TCP_RETRANSHZ;
2406 break;
2407 case PERSIST_TIMEOUT:
2408 optval = tp->t_persist_timeout / TCP_RETRANSHZ;
2409 break;
2410 case TCP_RXT_CONNDROPTIME:
2411 optval = tp->t_rxt_conndroptime / TCP_RETRANSHZ;
2412 break;
2413 case TCP_RXT_FINDROP:
2414 optval = tp->t_flagsext & TF_RXTFINDROP;
2415 break;
2416 case TCP_NOTIMEWAIT:
2417 optval = (tp->t_flagsext & TF_NOTIMEWAIT) ? 1 : 0;
2418 break;
2419 case TCP_FASTOPEN:
2420 if (tp->t_state != TCPS_LISTEN ||
2421 !(tcp_fastopen & TCP_FASTOPEN_SERVER)) {
2422 error = ENOTSUP;
2423 break;
2424 }
2425 optval = tfo_enabled(tp);
2426 break;
2427 case TCP_MEASURE_SND_BW:
2428 optval = tp->t_flagsext & TF_MEASURESNDBW;
2429 break;
2430 case TCP_INFO: {
2431 struct tcp_info ti;
2432
2433 tcp_fill_info(tp, &ti);
2434 error = sooptcopyout(sopt, &ti, sizeof(struct tcp_info));
2435 goto done;
2436 /* NOT REACHED */
2437 }
2438 case TCP_CONNECTION_INFO: {
2439 struct tcp_connection_info tci;
2440 tcp_connection_fill_info(tp, &tci);
2441 error = sooptcopyout(sopt, &tci,
2442 sizeof(struct tcp_connection_info));
2443 goto done;
2444 }
2445 case TCP_MEASURE_BW_BURST: {
2446 struct tcp_measure_bw_burst out;
2447 if ((tp->t_flagsext & TF_MEASURESNDBW) == 0 ||
2448 tp->t_bwmeas == NULL) {
2449 error = EINVAL;
2450 break;
2451 }
2452 out.min_burst_size = tp->t_bwmeas->bw_minsizepkts;
2453 out.max_burst_size = tp->t_bwmeas->bw_maxsizepkts;
2454 error = sooptcopyout(sopt, &out, sizeof(out));
2455 goto done;
2456 }
2457 case TCP_NOTSENT_LOWAT:
2458 if ((so->so_flags & SOF_NOTSENT_LOWAT) != 0) {
2459 optval = tp->t_notsent_lowat;
2460 } else {
2461 optval = 0;
2462 }
2463 break;
2464
2465 case TCP_ENABLE_MSGS:
2466 if (so->so_flags & SOF_ENABLE_MSGS) {
2467 optval = 1;
2468 } else {
2469 optval = 0;
2470 }
2471 break;
2472 case TCP_SENDMOREACKS:
2473 if (tp->t_flagsext & TF_NOSTRETCHACK)
2474 optval = 1;
2475 else
2476 optval = 0;
2477 break;
2478 case TCP_DISABLE_BLACKHOLE_DETECTION:
2479 if (tp->t_flagsext & TF_NOBLACKHOLE_DETECTION)
2480 optval = 1;
2481 else
2482 optval = 0;
2483 break;
2484 case TCP_PEER_PID: {
2485 pid_t pid;
2486 error = tcp_lookup_peer_pid_locked(so, &pid);
2487 if (error == 0)
2488 error = sooptcopyout(sopt, &pid, sizeof(pid));
2489 goto done;
2490 }
2491 case TCP_ADAPTIVE_READ_TIMEOUT:
2492 optval = tp->t_adaptive_rtimo;
2493 break;
2494 case TCP_ADAPTIVE_WRITE_TIMEOUT:
2495 optval = tp->t_adaptive_wtimo;
2496 break;
2497 case SO_TRAFFIC_MGT_BACKGROUND:
2498 optval = (so->so_flags1 &
2499 SOF1_TRAFFIC_MGT_SO_BACKGROUND) ? 1 : 0;
2500 break;
2501 case TCP_NOTIFY_ACKNOWLEDGEMENT: {
2502 struct tcp_notify_ack_complete retid;
2503
2504 if (sopt->sopt_valsize != sizeof (retid)) {
2505 error = EINVAL;
2506 break;
2507 }
2508 bzero(&retid, sizeof (retid));
2509 tcp_get_notify_ack_count(tp, &retid);
2510 if (retid.notify_complete_count > 0)
2511 tcp_get_notify_ack_ids(tp, &retid);
2512
2513 error = sooptcopyout(sopt, &retid, sizeof (retid));
2514 goto done;
2515 }
2516 default:
2517 error = ENOPROTOOPT;
2518 break;
2519 }
2520 if (error == 0)
2521 error = sooptcopyout(sopt, &optval, sizeof optval);
2522 break;
2523 }
2524 done:
2525 return (error);
2526 }
2527
2528 /*
2529 * tcp_sendspace and tcp_recvspace are the default send and receive window
2530 * sizes, respectively. These are obsolescent (this information should
2531 * be set by the route).
2532 */
2533 u_int32_t tcp_sendspace = 1448*256;
2534 u_int32_t tcp_recvspace = 1448*384;
2535
2536 /* During attach, the size of socket buffer allocated is limited to
2537 * sb_max in sbreserve. Disallow setting the tcp send and recv space
2538 * to be more than sb_max because that will cause tcp_attach to fail
2539 * (see radar 5713060)
2540 */
2541 static int
2542 sysctl_tcp_sospace(struct sysctl_oid *oidp, __unused void *arg1,
2543 __unused int arg2, struct sysctl_req *req) {
2544 u_int32_t new_value = 0, *space_p = NULL;
2545 int changed = 0, error = 0;
2546 u_quad_t sb_effective_max = (sb_max / (MSIZE+MCLBYTES)) * MCLBYTES;
2547
2548 switch (oidp->oid_number) {
2549 case TCPCTL_SENDSPACE:
2550 space_p = &tcp_sendspace;
2551 break;
2552 case TCPCTL_RECVSPACE:
2553 space_p = &tcp_recvspace;
2554 break;
2555 default:
2556 return EINVAL;
2557 }
2558 error = sysctl_io_number(req, *space_p, sizeof(u_int32_t),
2559 &new_value, &changed);
2560 if (changed) {
2561 if (new_value > 0 && new_value <= sb_effective_max) {
2562 *space_p = new_value;
2563 } else {
2564 error = ERANGE;
2565 }
2566 }
2567 return error;
2568 }
2569
2570 SYSCTL_PROC(_net_inet_tcp, TCPCTL_SENDSPACE, sendspace, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_LOCKED,
2571 &tcp_sendspace , 0, &sysctl_tcp_sospace, "IU", "Maximum outgoing TCP datagram size");
2572 SYSCTL_PROC(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_LOCKED,
2573 &tcp_recvspace , 0, &sysctl_tcp_sospace, "IU", "Maximum incoming TCP datagram size");
2574
2575 /*
2576 * Attach TCP protocol to socket, allocating
2577 * internet protocol control block, tcp control block,
2578 * bufer space, and entering LISTEN state if to accept connections.
2579 *
2580 * Returns: 0 Success
2581 * in_pcballoc:ENOBUFS
2582 * in_pcballoc:ENOMEM
2583 * in_pcballoc:??? [IPSEC specific]
2584 * soreserve:ENOBUFS
2585 */
2586 static int
2587 tcp_attach(struct socket *so, struct proc *p)
2588 {
2589 struct tcpcb *tp;
2590 struct inpcb *inp;
2591 int error;
2592 #if INET6
2593 int isipv6 = SOCK_CHECK_DOM(so, PF_INET6) != 0;
2594 #endif
2595
2596 error = in_pcballoc(so, &tcbinfo, p);
2597 if (error)
2598 return (error);
2599
2600 inp = sotoinpcb(so);
2601
2602 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
2603 error = soreserve(so, tcp_sendspace, tcp_recvspace);
2604 if (error)
2605 return (error);
2606 }
2607
2608 if (so->so_snd.sb_preconn_hiwat == 0) {
2609 soreserve_preconnect(so, 2048);
2610 }
2611
2612 if ((so->so_rcv.sb_flags & SB_USRSIZE) == 0)
2613 so->so_rcv.sb_flags |= SB_AUTOSIZE;
2614 if ((so->so_snd.sb_flags & SB_USRSIZE) == 0)
2615 so->so_snd.sb_flags |= SB_AUTOSIZE;
2616
2617 #if INET6
2618 if (isipv6) {
2619 inp->inp_vflag |= INP_IPV6;
2620 inp->in6p_hops = -1; /* use kernel default */
2621 }
2622 else
2623 #endif /* INET6 */
2624 inp->inp_vflag |= INP_IPV4;
2625 tp = tcp_newtcpcb(inp);
2626 if (tp == NULL) {
2627 int nofd = so->so_state & SS_NOFDREF; /* XXX */
2628
2629 so->so_state &= ~SS_NOFDREF; /* don't free the socket yet */
2630 #if INET6
2631 if (isipv6)
2632 in6_pcbdetach(inp);
2633 else
2634 #endif /* INET6 */
2635 in_pcbdetach(inp);
2636 so->so_state |= nofd;
2637 return (ENOBUFS);
2638 }
2639 if (nstat_collect)
2640 nstat_tcp_new_pcb(inp);
2641 tp->t_state = TCPS_CLOSED;
2642 return (0);
2643 }
2644
2645 /*
2646 * Initiate (or continue) disconnect.
2647 * If embryonic state, just send reset (once).
2648 * If in ``let data drain'' option and linger null, just drop.
2649 * Otherwise (hard), mark socket disconnecting and drop
2650 * current input data; switch states based on user close, and
2651 * send segment to peer (with FIN).
2652 */
2653 static struct tcpcb *
2654 tcp_disconnect(struct tcpcb *tp)
2655 {
2656 struct socket *so = tp->t_inpcb->inp_socket;
2657
2658 if (tp->t_state < TCPS_ESTABLISHED)
2659 tp = tcp_close(tp);
2660 else if ((so->so_options & SO_LINGER) && so->so_linger == 0)
2661 tp = tcp_drop(tp, 0);
2662 else {
2663 soisdisconnecting(so);
2664 sbflush(&so->so_rcv);
2665 tp = tcp_usrclosed(tp);
2666 #if MPTCP
2667 /* A reset has been sent but socket exists, do not send FIN */
2668 if ((so->so_flags & SOF_MP_SUBFLOW) &&
2669 (tp) && (tp->t_mpflags & TMPF_RESET))
2670 return (tp);
2671 #endif
2672 if (tp)
2673 (void) tcp_output(tp);
2674 }
2675 return (tp);
2676 }
2677
2678 /*
2679 * User issued close, and wish to trail through shutdown states:
2680 * if never received SYN, just forget it. If got a SYN from peer,
2681 * but haven't sent FIN, then go to FIN_WAIT_1 state to send peer a FIN.
2682 * If already got a FIN from peer, then almost done; go to LAST_ACK
2683 * state. In all other cases, have already sent FIN to peer (e.g.
2684 * after PRU_SHUTDOWN), and just have to play tedious game waiting
2685 * for peer to send FIN or not respond to keep-alives, etc.
2686 * We can let the user exit from the close as soon as the FIN is acked.
2687 */
2688 static struct tcpcb *
2689 tcp_usrclosed(struct tcpcb *tp)
2690 {
2691 switch (tp->t_state) {
2692
2693 case TCPS_CLOSED:
2694 case TCPS_LISTEN:
2695 tp = tcp_close(tp);
2696 break;
2697
2698 case TCPS_SYN_SENT:
2699 case TCPS_SYN_RECEIVED:
2700 tp->t_flags |= TF_NEEDFIN;
2701 break;
2702
2703 case TCPS_ESTABLISHED:
2704 DTRACE_TCP4(state__change, void, NULL,
2705 struct inpcb *, tp->t_inpcb,
2706 struct tcpcb *, tp,
2707 int32_t, TCPS_FIN_WAIT_1);
2708 tp->t_state = TCPS_FIN_WAIT_1;
2709 break;
2710
2711 case TCPS_CLOSE_WAIT:
2712 DTRACE_TCP4(state__change, void, NULL,
2713 struct inpcb *, tp->t_inpcb,
2714 struct tcpcb *, tp,
2715 int32_t, TCPS_LAST_ACK);
2716 tp->t_state = TCPS_LAST_ACK;
2717 break;
2718 }
2719 if (tp && tp->t_state >= TCPS_FIN_WAIT_2) {
2720 soisdisconnected(tp->t_inpcb->inp_socket);
2721 /* To prevent the connection hanging in FIN_WAIT_2 forever. */
2722 if (tp->t_state == TCPS_FIN_WAIT_2)
2723 tp->t_timer[TCPT_2MSL] = OFFSET_FROM_START(tp,
2724 TCP_CONN_MAXIDLE(tp));
2725 }
2726 return (tp);
2727 }
2728
2729 void
2730 tcp_in_cksum_stats(u_int32_t len)
2731 {
2732 tcpstat.tcps_rcv_swcsum++;
2733 tcpstat.tcps_rcv_swcsum_bytes += len;
2734 }
2735
2736 void
2737 tcp_out_cksum_stats(u_int32_t len)
2738 {
2739 tcpstat.tcps_snd_swcsum++;
2740 tcpstat.tcps_snd_swcsum_bytes += len;
2741 }
2742
2743 #if INET6
2744 void
2745 tcp_in6_cksum_stats(u_int32_t len)
2746 {
2747 tcpstat.tcps_rcv6_swcsum++;
2748 tcpstat.tcps_rcv6_swcsum_bytes += len;
2749 }
2750
2751 void
2752 tcp_out6_cksum_stats(u_int32_t len)
2753 {
2754 tcpstat.tcps_snd6_swcsum++;
2755 tcpstat.tcps_snd6_swcsum_bytes += len;
2756 }
2757
2758 /*
2759 * When messages are enabled on a TCP socket, the message priority
2760 * is sent as a control message. This function will extract it.
2761 */
2762 int
2763 tcp_get_msg_priority(struct mbuf *control, uint32_t *msgpri)
2764 {
2765 struct cmsghdr *cm;
2766 if (control == NULL)
2767 return(EINVAL);
2768
2769 for (cm = M_FIRST_CMSGHDR(control); cm;
2770 cm = M_NXT_CMSGHDR(control, cm)) {
2771 if (cm->cmsg_len < sizeof(struct cmsghdr) ||
2772 cm->cmsg_len > control->m_len) {
2773 return (EINVAL);
2774 }
2775 if (cm->cmsg_level == SOL_SOCKET &&
2776 cm->cmsg_type == SCM_MSG_PRIORITY) {
2777 *msgpri = *(unsigned int *)(void *)CMSG_DATA(cm);
2778 break;
2779 }
2780 }
2781
2782 VERIFY(*msgpri >= MSG_PRI_MIN && *msgpri <= MSG_PRI_MAX);
2783 return (0);
2784 }
2785 #endif /* INET6 */
mirror of XNU