]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet/mptcp_opt.c
projects / apple / xnu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
xnu-3248.50.21.tar.gz
[apple/xnu.git] / bsd / netinet / mptcp_opt.c
1 /*
2 * Copyright (c) 2012-2014 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28 #include <sys/param.h>
29 #include <sys/systm.h>
30 #include <netinet/in_systm.h>
31 #include <sys/socket.h>
32 #include <sys/socketvar.h>
33 #include <sys/syslog.h>
34 #include <net/route.h>
35 #include <netinet/in.h>
36 #include <net/if.h>
37
38 #include <netinet/ip.h>
39 #include <netinet/ip_var.h>
40 #include <netinet/in_var.h>
41 #include <netinet/tcp.h>
42 #include <netinet/tcp_var.h>
43 #include <netinet/tcp_seq.h>
44 #include <netinet/tcpip.h>
45 #include <netinet/tcp_fsm.h>
46 #include <netinet/mptcp_var.h>
47 #include <netinet/mptcp.h>
48 #include <netinet/mptcp_opt.h>
49 #include <netinet/mptcp_seq.h>
50
51 #include <libkern/crypto/sha1.h>
52 #include <netinet/mptcp_timer.h>
53
54 #include <mach/sdt.h>
55
56 /*
57 * SYSCTL for enforcing 64 bit dsn
58 */
59 int32_t force_64bit_dsn = 0;
60 SYSCTL_INT(_net_inet_mptcp, OID_AUTO, force_64bit_dsn,
61 CTLFLAG_RW|CTLFLAG_LOCKED, &force_64bit_dsn, 0,
62 "Force MPTCP 64bit dsn");
63
64
65 static int mptcp_validate_join_hmac(struct tcpcb *, u_char*, int);
66 static int mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen);
67
68 /*
69 * MPTCP Options Output Processing
70 */
71
72 static unsigned
73 mptcp_setup_first_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
74 unsigned optlen)
75 {
76 struct tcpcb *tp = sototcpcb(so);
77 struct mptcb *mp_tp = NULL;
78 mp_tp = tptomptp(tp);
79
80 if (!(so->so_flags & SOF_MP_SUBFLOW))
81 return (optlen);
82
83 /*
84 * Avoid retransmitting the MP_CAPABLE option.
85 */
86 if (tp->t_rxtshift > mptcp_mpcap_retries)
87 return (optlen);
88
89 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
90 struct mptcp_mpcapable_opt_rsp mptcp_opt;
91 mptcp_key_t mp_localkey = 0;
92
93 mp_localkey = mptcp_get_localkey(mp_tp);
94 if (mp_localkey == 0) {
95 /* an embryonic connection was closed from above */
96 return (optlen);
97 }
98 bzero(&mptcp_opt,
99 sizeof (struct mptcp_mpcapable_opt_rsp));
100 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
101 mptcp_opt.mmc_common.mmco_len =
102 sizeof (struct mptcp_mpcapable_opt_rsp);
103 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
104 MPT_LOCK_SPIN(mp_tp);
105 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
106 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
107 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
108 mptcp_opt.mmc_common.mmco_flags |=
109 MPCAP_CHECKSUM_CBIT;
110 MPT_UNLOCK(mp_tp);
111 mptcp_opt.mmc_localkey = mp_localkey;
112 memcpy(opt + optlen, &mptcp_opt,
113 mptcp_opt.mmc_common.mmco_len);
114 optlen += mptcp_opt.mmc_common.mmco_len;
115 } else {
116 /* Only the SYN flag is set */
117 struct mptcp_mpcapable_opt_common mptcp_opt;
118 mptcp_key_t mp_localkey = 0;
119 mp_localkey = mptcp_get_localkey(mp_tp);
120 so->so_flags |= SOF_MPTCP_CLIENT;
121 if (mp_localkey == 0) {
122 /* an embryonic connection was closed */
123 return (optlen);
124 }
125 bzero(&mptcp_opt,
126 sizeof (struct mptcp_mpcapable_opt_common));
127 mptcp_opt.mmco_kind = TCPOPT_MULTIPATH;
128 mptcp_opt.mmco_len =
129 sizeof (struct mptcp_mpcapable_opt_common) +
130 sizeof (mptcp_key_t);
131 mptcp_opt.mmco_subtype = MPO_CAPABLE;
132 MPT_LOCK_SPIN(mp_tp);
133 mptcp_opt.mmco_version = mp_tp->mpt_version;
134 mptcp_opt.mmco_flags |= MPCAP_PROPOSAL_SBIT;
135 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
136 mptcp_opt.mmco_flags |= MPCAP_CHECKSUM_CBIT;
137 MPT_UNLOCK(mp_tp);
138 (void) memcpy(opt + optlen, &mptcp_opt,
139 sizeof (struct mptcp_mpcapable_opt_common));
140 optlen += sizeof (struct mptcp_mpcapable_opt_common);
141 (void) memcpy(opt + optlen, &mp_localkey,
142 sizeof (mptcp_key_t));
143 optlen += sizeof (mptcp_key_t);
144 }
145
146 return (optlen);
147 }
148
149 static unsigned
150 mptcp_setup_join_subflow_syn_opts(struct socket *so, int flags, u_char *opt,
151 unsigned optlen)
152 {
153 struct inpcb *inp = sotoinpcb(so);
154 struct tcpcb *tp = NULL;
155
156 if (!inp)
157 return (optlen);
158
159 tp = intotcpcb(inp);
160 if (!tp)
161 return (optlen);
162
163 if (!tp->t_mptcb)
164 return (optlen);
165
166 if ((flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
167 struct mptcp_mpjoin_opt_rsp mpjoin_rsp;
168 struct mptcb *mp_tp = tptomptp(tp);
169
170 if (mp_tp == NULL)
171 return (optlen);
172
173 MPT_LOCK(mp_tp);
174 if (mptcp_get_localkey(mp_tp) == 0) {
175 MPT_UNLOCK(mp_tp);
176 return (optlen);
177 }
178 MPT_UNLOCK(mp_tp);
179 bzero(&mpjoin_rsp, sizeof (mpjoin_rsp));
180 mpjoin_rsp.mmjo_kind = TCPOPT_MULTIPATH;
181 mpjoin_rsp.mmjo_len = sizeof (mpjoin_rsp);
182 mpjoin_rsp.mmjo_subtype_bkp = MPO_JOIN << 4;
183 if (tp->t_mpflags & TMPF_BACKUP_PATH)
184 mpjoin_rsp.mmjo_subtype_bkp |= MPTCP_BACKUP;
185 mpjoin_rsp.mmjo_addr_id = tp->t_local_aid;
186 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
187 &mpjoin_rsp.mmjo_rand, NULL);
188 mpjoin_rsp.mmjo_mac = mptcp_get_trunced_hmac(tp->t_local_aid,
189 mp_tp);
190 memcpy(opt + optlen, &mpjoin_rsp, mpjoin_rsp.mmjo_len);
191 optlen += mpjoin_rsp.mmjo_len;
192 } else {
193 struct mptcp_mpjoin_opt_req mpjoin_req;
194 bzero(&mpjoin_req, sizeof (mpjoin_req));
195 mpjoin_req.mmjo_kind = TCPOPT_MULTIPATH;
196 mpjoin_req.mmjo_len = sizeof (mpjoin_req);
197 mpjoin_req.mmjo_subtype_bkp = MPO_JOIN << 4;
198 /* A secondary subflow is started off as backup */
199 mpjoin_req.mmjo_subtype_bkp |= MPTCP_BACKUP;
200 tp->t_mpflags |= TMPF_BACKUP_PATH;
201 mpjoin_req.mmjo_addr_id = tp->t_local_aid;
202 mpjoin_req.mmjo_peer_token = mptcp_get_remotetoken(tp->t_mptcb);
203 if (mpjoin_req.mmjo_peer_token == 0) {
204 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: peer token 0",
205 __func__),
206 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
207 }
208 mptcp_get_rands(tp->t_local_aid, tptomptp(tp),
209 &mpjoin_req.mmjo_rand, NULL);
210 memcpy(opt + optlen, &mpjoin_req, mpjoin_req.mmjo_len);
211 optlen += mpjoin_req.mmjo_len;
212 /* send an event up, if Fast Join is requested */
213 if (mptcp_zerortt_fastjoin &&
214 (so->so_flags & SOF_MPTCP_FASTJOIN)) {
215 soevent(so,
216 (SO_FILT_HINT_LOCKED | SO_FILT_HINT_MPFASTJ));
217 }
218 }
219 return (optlen);
220 }
221
222 unsigned
223 mptcp_setup_join_ack_opts(struct tcpcb *tp, u_char *opt, unsigned optlen)
224 {
225 unsigned new_optlen;
226 struct mptcp_mpjoin_opt_rsp2 join_rsp2;
227
228 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpjoin_opt_rsp2)) {
229 printf("%s: no space left %d \n", __func__, optlen);
230 return (optlen);
231 }
232
233 bzero(&join_rsp2, sizeof (struct mptcp_mpjoin_opt_rsp2));
234 join_rsp2.mmjo_kind = TCPOPT_MULTIPATH;
235 join_rsp2.mmjo_len = sizeof (struct mptcp_mpjoin_opt_rsp2);
236 join_rsp2.mmjo_subtype = MPO_JOIN;
237 mptcp_get_hmac(tp->t_local_aid, tptomptp(tp),
238 (u_char*)&join_rsp2.mmjo_mac,
239 sizeof (join_rsp2.mmjo_mac));
240 memcpy(opt + optlen, &join_rsp2, join_rsp2.mmjo_len);
241 new_optlen = optlen + join_rsp2.mmjo_len;
242 tp->t_mpflags |= TMPF_FASTJOINBY2_SEND;
243 return (new_optlen);
244 }
245
246 unsigned
247 mptcp_setup_syn_opts(struct socket *so, int flags, u_char *opt, unsigned optlen)
248 {
249 unsigned new_optlen;
250
251 if (mptcp_enable == 0) {
252 /* do nothing */
253 return (optlen);
254 }
255
256 if (!(so->so_flags & SOF_MP_SEC_SUBFLOW)) {
257 new_optlen = mptcp_setup_first_subflow_syn_opts(so, flags, opt,
258 optlen);
259 } else {
260 /*
261 * To simulate SYN_ACK with no join opt, comment this line on
262 * OS X server side. This serves as a testing hook.
263 */
264 new_optlen = mptcp_setup_join_subflow_syn_opts(so, flags, opt,
265 optlen);
266 }
267 return (new_optlen);
268 }
269
270 static int
271 mptcp_send_mpfail(struct tcpcb *tp, u_char *opt, unsigned int optlen)
272 {
273 #pragma unused(tp, opt, optlen)
274
275 struct mptcb *mp_tp = NULL;
276 struct mptcp_mpfail_opt fail_opt;
277 uint64_t dsn;
278 int len = sizeof (struct mptcp_mpfail_opt);
279
280 mp_tp = tptomptp(tp);
281 if (mp_tp == NULL) {
282 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
283 return (optlen);
284 }
285
286 /* if option space low give up */
287 if ((MAX_TCPOPTLEN - optlen) < sizeof (struct mptcp_mpfail_opt)) {
288 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
289 return (optlen);
290 }
291
292 MPT_LOCK(mp_tp);
293 dsn = mp_tp->mpt_rcvnxt;
294 MPT_UNLOCK(mp_tp);
295
296 bzero(&fail_opt, sizeof (fail_opt));
297 fail_opt.mfail_kind = TCPOPT_MULTIPATH;
298 fail_opt.mfail_len = len;
299 fail_opt.mfail_subtype = MPO_FAIL;
300 fail_opt.mfail_dsn = mptcp_hton64(dsn);
301 memcpy(opt + optlen, &fail_opt, len);
302 optlen += len;
303 tp->t_mpflags &= ~TMPF_SND_MPFAIL;
304 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: %d \n", __func__,
305 tp->t_local_aid), (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
306 MPTCP_LOGLVL_LOG);
307 return (optlen);
308 }
309
310 static int
311 mptcp_send_infinite_mapping(struct tcpcb *tp, u_char *opt, unsigned int optlen)
312 {
313 struct mptcp_dsn_opt infin_opt;
314 struct mptcb *mp_tp = NULL;
315 size_t len = sizeof (struct mptcp_dsn_opt);
316 struct socket *so = tp->t_inpcb->inp_socket;
317 int error = 0;
318 int csum_len = 0;
319
320 if (!so)
321 return (optlen);
322
323 mp_tp = tptomptp(tp);
324 if (mp_tp == NULL)
325 return (optlen);
326
327 MPT_LOCK(mp_tp);
328 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
329 csum_len = 2;
330
331 /* try later */
332 if ((MAX_TCPOPTLEN - optlen) < (len + csum_len)) {
333 MPT_UNLOCK(mp_tp);
334 return (optlen);
335 }
336 bzero(&infin_opt, sizeof (infin_opt));
337 infin_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
338 infin_opt.mdss_copt.mdss_len = len + csum_len;
339 infin_opt.mdss_copt.mdss_subtype = MPO_DSS;
340 infin_opt.mdss_copt.mdss_flags |= MDSS_M;
341 if (mp_tp->mpt_flags & MPTCPF_RECVD_MPFAIL) {
342 infin_opt.mdss_dsn = (u_int32_t)
343 MPTCP_DATASEQ_LOW32(mp_tp->mpt_dsn_at_csum_fail);
344 infin_opt.mdss_subflow_seqn = mp_tp->mpt_ssn_at_csum_fail;
345 } else {
346 /*
347 * If MPTCP fallback happens, but TFO succeeds, the data on the
348 * SYN does not belong to the MPTCP data sequence space.
349 */
350 if ((tp->t_tfo_stats & TFO_S_SYN_DATA_ACKED) &&
351 ((mp_tp->mpt_local_idsn + 1) == mp_tp->mpt_snduna)) {
352 infin_opt.mdss_subflow_seqn = 1;
353
354 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: idsn %llu"
355 "snduna %llu \n", __func__, mp_tp->mpt_local_idsn,
356 mp_tp->mpt_snduna),
357 (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
358 MPTCP_LOGLVL_LOG);
359 } else {
360 infin_opt.mdss_subflow_seqn = tp->snd_una - tp->iss;
361 }
362 infin_opt.mdss_dsn = (u_int32_t)
363 MPTCP_DATASEQ_LOW32(mp_tp->mpt_snduna);
364 }
365 MPT_UNLOCK(mp_tp);
366 if (error != 0)
367 return (optlen);
368 if ((infin_opt.mdss_dsn == 0) || (infin_opt.mdss_subflow_seqn == 0)) {
369 return (optlen);
370 }
371 infin_opt.mdss_dsn = htonl(infin_opt.mdss_dsn);
372 infin_opt.mdss_subflow_seqn = htonl(infin_opt.mdss_subflow_seqn);
373 infin_opt.mdss_data_len = 0;
374
375 memcpy(opt + optlen, &infin_opt, len);
376 optlen += len;
377 if (csum_len != 0) {
378 /* The checksum field is set to 0 for infinite mapping */
379 uint16_t csum = 0;
380 memcpy(opt + optlen, &csum, csum_len);
381 optlen += csum_len;
382 }
383
384 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: dsn = %x, seq = %x len = %x\n",
385 __func__,
386 ntohl(infin_opt.mdss_dsn),
387 ntohl(infin_opt.mdss_subflow_seqn),
388 ntohs(infin_opt.mdss_data_len)),
389 (MPTCP_SOCKET_DBG | MPTCP_SENDER_DBG),
390 MPTCP_LOGLVL_LOG);
391
392 /* so->so_flags &= ~SOF_MPTCP_CLIENT; */
393 tp->t_mpflags |= TMPF_INFIN_SENT;
394 tcpstat.tcps_estab_fallback++;
395 return (optlen);
396 }
397
398
399 static int
400 mptcp_ok_to_fin(struct tcpcb *tp, u_int64_t dsn, u_int32_t datalen)
401 {
402 struct mptcb *mp_tp = NULL;
403 mp_tp = tptomptp(tp);
404
405 MPT_LOCK(mp_tp);
406 dsn = (mp_tp->mpt_sndmax & MPTCP_DATASEQ_LOW32_MASK) | dsn;
407 if ((dsn + datalen) == mp_tp->mpt_sndmax) {
408 MPT_UNLOCK(mp_tp);
409 return (1);
410 }
411 MPT_UNLOCK(mp_tp);
412 return (0);
413 }
414
415
416 /* Must be called from tcp_output to fill in the fast close option */
417 static int
418 mptcp_send_fastclose(struct tcpcb *tp, u_char *opt, unsigned int optlen,
419 int flags)
420 {
421 struct mptcp_fastclose_opt fastclose_opt;
422 struct mptcb *mp_tp = tptomptp(tp);
423
424 /* Only ACK flag should be set */
425 if (flags != TH_ACK)
426 return (optlen);
427
428 if ((MAX_TCPOPTLEN - optlen) <
429 sizeof (struct mptcp_fastclose_opt)) {
430 return (optlen);
431 }
432
433 bzero(&fastclose_opt, sizeof (struct mptcp_fastclose_opt));
434 fastclose_opt.mfast_kind = TCPOPT_MULTIPATH;
435 fastclose_opt.mfast_len = sizeof (struct mptcp_fastclose_opt);
436 fastclose_opt.mfast_subtype = MPO_FASTCLOSE;
437 MPT_LOCK_SPIN(mp_tp);
438 fastclose_opt.mfast_key = mptcp_get_remotekey(mp_tp);
439 MPT_UNLOCK(mp_tp);
440 memcpy(opt + optlen, &fastclose_opt, fastclose_opt.mfast_len);
441 optlen += fastclose_opt.mfast_len;
442
443 return (optlen);
444 }
445
446 unsigned int
447 mptcp_setup_opts(struct tcpcb *tp, int32_t off, u_char *opt,
448 unsigned int optlen, int flags, int datalen,
449 unsigned int **dss_lenp, u_int8_t **finp, u_int64_t *dss_valp,
450 u_int32_t **sseqp, boolean_t *p_mptcp_acknow)
451 {
452 struct inpcb *inp = (struct inpcb *)tp->t_inpcb;
453 struct socket *so = inp->inp_socket;
454 struct mptcb *mp_tp = tptomptp(tp);
455 boolean_t do_csum = FALSE;
456 boolean_t send_64bit_dsn = FALSE;
457 boolean_t send_64bit_ack = FALSE;
458 u_int32_t old_mpt_flags = tp->t_mpflags &
459 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
460 TMPF_MPCAP_RETRANSMIT);
461
462 if ((mptcp_enable == 0) ||
463 (mp_tp == NULL) ||
464 (mp_tp->mpt_flags & MPTCPF_PEEL_OFF) ||
465 (tp->t_state == TCPS_CLOSED)) {
466 /* do nothing */
467 goto ret_optlen;
468 }
469
470 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM) {
471 do_csum = TRUE;
472 }
473
474 /* tcp_output handles the SYN path separately */
475 if (flags & TH_SYN) {
476 goto ret_optlen;
477 }
478
479 if ((MAX_TCPOPTLEN - optlen) <
480 sizeof (struct mptcp_mpcapable_opt_common)) {
481 mptcplog((LOG_ERR, "MPTCP Socket: "
482 "%s: no space left %d flags %x "
483 "tp->t_mpflags %x "
484 "len %d\n", __func__, optlen, flags, tp->t_mpflags,
485 datalen), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
486 goto ret_optlen;
487 }
488
489 if (tp->t_mpflags & TMPF_FASTCLOSE) {
490 optlen = mptcp_send_fastclose(tp, opt, optlen, flags);
491 VERIFY(datalen == 0);
492 goto ret_optlen;
493 }
494
495 if (tp->t_mpflags & TMPF_TCP_FALLBACK) {
496 if (tp->t_mpflags & TMPF_SND_MPFAIL)
497 optlen = mptcp_send_mpfail(tp, opt, optlen);
498 else if (!(tp->t_mpflags & TMPF_INFIN_SENT))
499 optlen = mptcp_send_infinite_mapping(tp, opt, optlen);
500 goto ret_optlen;
501 }
502
503 if (tp->t_mpflags & TMPF_SND_MPPRIO) {
504 optlen = mptcp_snd_mpprio(tp, opt, optlen);
505 goto ret_optlen;
506 }
507
508 if (((tp->t_mpflags & TMPF_FASTJOINBY2_SEND) ||
509 (tp->t_mpflags & TMPF_FASTJOIN_SEND )) &&
510 (datalen > 0)) {
511 tp->t_mpflags &= ~TMPF_FASTJOINBY2_SEND;
512 tp->t_mpflags &= ~TMPF_FASTJOIN_SEND;
513 goto fastjoin_send;
514 }
515
516 if (((tp->t_mpflags & TMPF_PREESTABLISHED) &&
517 (!(tp->t_mpflags & TMPF_SENT_KEYS)) &&
518 (!(tp->t_mpflags & TMPF_JOINED_FLOW))) ||
519 (tp->t_mpflags & TMPF_MPCAP_RETRANSMIT)) {
520 struct mptcp_mpcapable_opt_rsp1 mptcp_opt;
521 if ((MAX_TCPOPTLEN - optlen) <
522 sizeof (struct mptcp_mpcapable_opt_rsp1))
523 goto ret_optlen;
524 bzero(&mptcp_opt, sizeof (struct mptcp_mpcapable_opt_rsp1));
525 mptcp_opt.mmc_common.mmco_kind = TCPOPT_MULTIPATH;
526 mptcp_opt.mmc_common.mmco_len =
527 sizeof (struct mptcp_mpcapable_opt_rsp1);
528 mptcp_opt.mmc_common.mmco_subtype = MPO_CAPABLE;
529 mptcp_opt.mmc_common.mmco_version = mp_tp->mpt_version;
530 /* HMAC-SHA1 is the proposal */
531 mptcp_opt.mmc_common.mmco_flags |= MPCAP_PROPOSAL_SBIT;
532 MPT_LOCK(mp_tp);
533 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
534 mptcp_opt.mmc_common.mmco_flags |= MPCAP_CHECKSUM_CBIT;
535 mptcp_opt.mmc_localkey = mptcp_get_localkey(mp_tp);
536 mptcp_opt.mmc_remotekey = mptcp_get_remotekey(mp_tp);
537 MPT_UNLOCK(mp_tp);
538 memcpy(opt + optlen, &mptcp_opt, mptcp_opt.mmc_common.mmco_len);
539 optlen += mptcp_opt.mmc_common.mmco_len;
540 tp->t_mpflags |= TMPF_SENT_KEYS | TMPF_MPTCP_TRUE;
541 so->so_flags |= SOF_MPTCP_TRUE;
542 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
543 tp->t_mpflags &= ~TMPF_MPCAP_RETRANSMIT;
544
545 if (!tp->t_mpuna) {
546 tp->t_mpuna = tp->snd_una;
547 } else {
548 /* its a retransmission of the MP_CAPABLE ACK */
549 }
550 goto ret_optlen;
551 } else if (tp->t_mpflags & TMPF_MPTCP_TRUE) {
552 if (tp->t_mpflags & TMPF_SND_REM_ADDR) {
553 int rem_opt_len = sizeof (struct mptcp_remaddr_opt);
554 if ((optlen + rem_opt_len) <= MAX_TCPOPTLEN) {
555 mptcp_send_remaddr_opt(tp,
556 (struct mptcp_remaddr_opt *)(opt + optlen));
557 optlen += rem_opt_len;
558 goto ret_optlen;
559 } else {
560 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
561 }
562 }
563 }
564
565 if ((tp->t_mpflags & TMPF_JOINED_FLOW) &&
566 (tp->t_mpflags & TMPF_PREESTABLISHED) &&
567 (!(tp->t_mpflags & TMPF_RECVD_JOIN)) &&
568 (tp->t_mpflags & TMPF_SENT_JOIN) &&
569 (!(tp->t_mpflags & TMPF_MPTCP_TRUE))) {
570 MPT_LOCK(mp_tp);
571 if (mptcp_get_localkey(mp_tp) == 0) {
572 MPT_UNLOCK(mp_tp);
573 goto ret_optlen;
574 }
575 MPT_UNLOCK(mp_tp);
576 /* Do the ACK part */
577 optlen = mptcp_setup_join_ack_opts(tp, opt, optlen);
578 if (!tp->t_mpuna) {
579 tp->t_mpuna = tp->snd_una;
580 }
581 /* Start a timer to retransmit the ACK */
582 tp->t_timer[TCPT_JACK_RXMT] =
583 OFFSET_FROM_START(tp, tcp_jack_rxmt);
584 goto ret_optlen;
585 }
586
587 if (!(tp->t_mpflags & TMPF_MPTCP_TRUE))
588 goto ret_optlen;
589 fastjoin_send:
590 /*
591 * From here on, all options are sent only if MPTCP_TRUE
592 * or when data is sent early on as in Fast Join
593 */
594
595 MPT_LOCK(mp_tp);
596 if ((mp_tp->mpt_flags & MPTCPF_SND_64BITDSN) || force_64bit_dsn) {
597 send_64bit_dsn = TRUE;
598 }
599 if (mp_tp->mpt_flags & MPTCPF_SND_64BITACK) {
600 send_64bit_ack = TRUE;
601 }
602 MPT_UNLOCK(mp_tp);
603
604 #define CHECK_OPTLEN { \
605 if ((MAX_TCPOPTLEN - optlen) < len) { \
606 mptcplog((LOG_ERR, "MPTCP Socket: " \
607 "%s: len %d optlen %d \n", __func__, len, optlen), \
608 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
609 goto ret_optlen; \
610 } \
611 }
612
613 #define DO_FIN(dsn_opt) { \
614 int sndfin = 0; \
615 sndfin = mptcp_ok_to_fin(tp, dsn_opt.mdss_dsn, datalen); \
616 if (sndfin) { \
617 dsn_opt.mdss_copt.mdss_flags |= MDSS_F; \
618 *finp = opt + optlen + offsetof(struct mptcp_dss_copt, \
619 mdss_flags); \
620 dsn_opt.mdss_data_len += 1; \
621 } \
622 }
623
624 #define CHECK_DATALEN { \
625 /* MPTCP socket does not support IP options */ \
626 if ((datalen + optlen + len) > tp->t_maxopd) { \
627 mptcplog((LOG_ERR, "MPTCP Socket: " \
628 "%s: nosp %d len %d opt %d %d %d\n", \
629 __func__, datalen, len, optlen, \
630 tp->t_maxseg, tp->t_maxopd), \
631 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR); \
632 /* remove option length from payload len */ \
633 datalen = tp->t_maxopd - optlen - len; \
634 } \
635 }
636
637 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
638 (send_64bit_dsn)) {
639 /*
640 * If there was the need to send 64-bit Data ACK along
641 * with 64-bit DSN, then 26 or 28 bytes would be used.
642 * With timestamps and NOOP padding that will cause
643 * overflow. Hence, in the rare event that both 64-bit
644 * DSN and 64-bit ACK have to be sent, delay the send of
645 * 64-bit ACK until our 64-bit DSN is acked with a 64-bit ack.
646 * XXX If this delay causes issue, remove the 2-byte padding.
647 */
648 struct mptcp_dss64_ack32_opt dsn_ack_opt;
649 unsigned int len = sizeof (dsn_ack_opt);
650
651 if (do_csum) {
652 len += 2;
653 }
654
655 CHECK_OPTLEN;
656
657 bzero(&dsn_ack_opt, sizeof (dsn_ack_opt));
658 dsn_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
659 dsn_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
660 dsn_ack_opt.mdss_copt.mdss_len = len;
661 dsn_ack_opt.mdss_copt.mdss_flags |=
662 MDSS_M | MDSS_m | MDSS_A;
663
664 CHECK_DATALEN;
665
666 mptcp_output_getm_dsnmap64(so, off, (u_int32_t)datalen,
667 &dsn_ack_opt.mdss_dsn,
668 &dsn_ack_opt.mdss_subflow_seqn,
669 &dsn_ack_opt.mdss_data_len);
670
671 *dss_valp = dsn_ack_opt.mdss_dsn;
672
673 if ((dsn_ack_opt.mdss_data_len == 0) ||
674 (dsn_ack_opt.mdss_dsn == 0)) {
675 goto ret_optlen;
676 }
677
678 if (tp->t_mpflags & TMPF_SEND_DFIN) {
679 DO_FIN(dsn_ack_opt);
680 }
681
682 MPT_LOCK(mp_tp);
683 dsn_ack_opt.mdss_ack =
684 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
685 MPT_UNLOCK(mp_tp);
686
687 dsn_ack_opt.mdss_dsn = mptcp_hton64(dsn_ack_opt.mdss_dsn);
688 dsn_ack_opt.mdss_subflow_seqn = htonl(
689 dsn_ack_opt.mdss_subflow_seqn);
690 dsn_ack_opt.mdss_data_len = htons(
691 dsn_ack_opt.mdss_data_len);
692 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
693 offsetof(struct mptcp_dss64_ack32_opt, mdss_data_len));
694
695 memcpy(opt + optlen, &dsn_ack_opt, sizeof (dsn_ack_opt));
696
697 if (do_csum) {
698 *sseqp = (u_int32_t *)(void *)(opt + optlen +
699 offsetof(struct mptcp_dss64_ack32_opt,
700 mdss_subflow_seqn));
701 }
702 optlen += len;
703 mptcplog((LOG_DEBUG,"MPTCP Socket: "
704 "%s: long DSS = %llx ACK = %llx \n",
705 __func__,
706 mptcp_ntoh64(dsn_ack_opt.mdss_dsn),
707 mptcp_ntoh64(dsn_ack_opt.mdss_ack)),
708 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_LOG);
709
710 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
711 goto ret_optlen;
712 }
713
714 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
715 (!send_64bit_dsn) &&
716 !(tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
717 struct mptcp_dsn_opt dsn_opt;
718 unsigned int len = sizeof (struct mptcp_dsn_opt);
719
720 if (do_csum) {
721 len += 2;
722 }
723
724 CHECK_OPTLEN;
725
726 bzero(&dsn_opt, sizeof (dsn_opt));
727 dsn_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
728 dsn_opt.mdss_copt.mdss_subtype = MPO_DSS;
729 dsn_opt.mdss_copt.mdss_len = len;
730 dsn_opt.mdss_copt.mdss_flags |= MDSS_M;
731
732 CHECK_DATALEN;
733
734 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
735 &dsn_opt.mdss_dsn,
736 &dsn_opt.mdss_subflow_seqn, &dsn_opt.mdss_data_len,
737 dss_valp);
738
739 if ((dsn_opt.mdss_data_len == 0) ||
740 (dsn_opt.mdss_dsn == 0)) {
741 goto ret_optlen;
742 }
743
744 if (tp->t_mpflags & TMPF_SEND_DFIN) {
745 DO_FIN(dsn_opt);
746 }
747
748 dsn_opt.mdss_dsn = htonl(dsn_opt.mdss_dsn);
749 dsn_opt.mdss_subflow_seqn = htonl(dsn_opt.mdss_subflow_seqn);
750 dsn_opt.mdss_data_len = htons(dsn_opt.mdss_data_len);
751 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
752 offsetof(struct mptcp_dsn_opt, mdss_data_len));
753 memcpy(opt + optlen, &dsn_opt, sizeof (dsn_opt));
754 if (do_csum) {
755 *sseqp = (u_int32_t *)(void *)(opt + optlen +
756 offsetof(struct mptcp_dsn_opt, mdss_subflow_seqn));
757 }
758 optlen += len;
759 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
760 goto ret_optlen;
761 }
762
763 /* 32-bit Data ACK option */
764 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
765 (!send_64bit_ack) &&
766 !(tp->t_mpflags & TMPF_SEND_DSN) &&
767 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
768
769 struct mptcp_data_ack_opt dack_opt;
770 unsigned int len = 0;
771 do_ack32_only:
772 len = sizeof (dack_opt);
773
774 CHECK_OPTLEN;
775
776 bzero(&dack_opt, len);
777 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
778 dack_opt.mdss_copt.mdss_len = len;
779 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
780 dack_opt.mdss_copt.mdss_flags |= MDSS_A;
781 MPT_LOCK_SPIN(mp_tp);
782 dack_opt.mdss_ack =
783 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
784 MPT_UNLOCK(mp_tp);
785 memcpy(opt + optlen, &dack_opt, len);
786 optlen += len;
787 VERIFY(optlen <= MAX_TCPOPTLEN);
788 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
789 goto ret_optlen;
790 }
791
792 /* 64-bit Data ACK option */
793 if ((tp->t_mpflags & TMPF_MPTCP_ACKNOW) &&
794 (send_64bit_ack) &&
795 !(tp->t_mpflags & TMPF_SEND_DSN) &&
796 !(tp->t_mpflags & TMPF_SEND_DFIN)) {
797 struct mptcp_data_ack64_opt dack_opt;
798 unsigned int len = 0;
799 do_ack64_only:
800 len = sizeof (dack_opt);
801
802 CHECK_OPTLEN;
803
804 bzero(&dack_opt, len);
805 dack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
806 dack_opt.mdss_copt.mdss_len = len;
807 dack_opt.mdss_copt.mdss_subtype = MPO_DSS;
808 dack_opt.mdss_copt.mdss_flags |= (MDSS_A | MDSS_a);
809 MPT_LOCK_SPIN(mp_tp);
810 dack_opt.mdss_ack = mptcp_hton64(mp_tp->mpt_rcvnxt);
811 /*
812 * The other end should retransmit 64-bit DSN until it
813 * receives a 64-bit ACK.
814 */
815 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITACK;
816 MPT_UNLOCK(mp_tp);
817 memcpy(opt + optlen, &dack_opt, len);
818 optlen += len;
819 VERIFY(optlen <= MAX_TCPOPTLEN);
820 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
821 goto ret_optlen;
822 }
823
824 /* 32-bit DSS+Data ACK option */
825 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
826 (!send_64bit_dsn) &&
827 (!send_64bit_ack) &&
828 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
829 struct mptcp_dss_ack_opt dss_ack_opt;
830 unsigned int len = sizeof (dss_ack_opt);
831
832 if (do_csum)
833 len += 2;
834
835 CHECK_OPTLEN;
836
837 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
838 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
839 dss_ack_opt.mdss_copt.mdss_len = len;
840 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
841 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M;
842 MPT_LOCK_SPIN(mp_tp);
843 dss_ack_opt.mdss_ack =
844 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
845 MPT_UNLOCK(mp_tp);
846
847 CHECK_DATALEN;
848
849 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
850 &dss_ack_opt.mdss_dsn,
851 &dss_ack_opt.mdss_subflow_seqn,
852 &dss_ack_opt.mdss_data_len,
853 dss_valp);
854
855 if ((dss_ack_opt.mdss_data_len == 0) ||
856 (dss_ack_opt.mdss_dsn == 0)) {
857 goto do_ack32_only;
858 }
859
860 if (tp->t_mpflags & TMPF_SEND_DFIN) {
861 DO_FIN(dss_ack_opt);
862 }
863
864 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
865 dss_ack_opt.mdss_subflow_seqn =
866 htonl(dss_ack_opt.mdss_subflow_seqn);
867 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
868 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
869 offsetof(struct mptcp_dss_ack_opt, mdss_data_len));
870 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
871 if (do_csum) {
872 *sseqp = (u_int32_t *)(void *)(opt + optlen +
873 offsetof(struct mptcp_dss_ack_opt,
874 mdss_subflow_seqn));
875 }
876
877 optlen += len;
878
879 if (optlen > MAX_TCPOPTLEN)
880 panic("optlen too large");
881 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
882 goto ret_optlen;
883 }
884
885 /* 32-bit DSS + 64-bit DACK option */
886 if ((tp->t_mpflags & TMPF_SEND_DSN) &&
887 (!send_64bit_dsn) &&
888 (send_64bit_ack) &&
889 (tp->t_mpflags & TMPF_MPTCP_ACKNOW)) {
890 struct mptcp_dss32_ack64_opt dss_ack_opt;
891 unsigned int len = sizeof (dss_ack_opt);
892
893 if (do_csum)
894 len += 2;
895
896 CHECK_OPTLEN;
897
898 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
899 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
900 dss_ack_opt.mdss_copt.mdss_len = len;
901 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
902 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_M | MDSS_A | MDSS_a;
903 MPT_LOCK_SPIN(mp_tp);
904 dss_ack_opt.mdss_ack =
905 mptcp_hton64(mp_tp->mpt_rcvnxt);
906 MPT_UNLOCK(mp_tp);
907
908 CHECK_DATALEN;
909
910 mptcp_output_getm_dsnmap32(so, off, (u_int32_t)datalen,
911 &dss_ack_opt.mdss_dsn, &dss_ack_opt.mdss_subflow_seqn,
912 &dss_ack_opt.mdss_data_len, dss_valp);
913
914 if ((dss_ack_opt.mdss_data_len == 0) ||
915 (dss_ack_opt.mdss_dsn == 0)) {
916 goto do_ack64_only;
917 }
918
919 if (tp->t_mpflags & TMPF_SEND_DFIN) {
920 DO_FIN(dss_ack_opt);
921 }
922
923 dss_ack_opt.mdss_dsn = htonl(dss_ack_opt.mdss_dsn);
924 dss_ack_opt.mdss_subflow_seqn =
925 htonl(dss_ack_opt.mdss_subflow_seqn);
926 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
927 *dss_lenp = (unsigned int *)(void *)(opt + optlen +
928 offsetof(struct mptcp_dss32_ack64_opt, mdss_data_len));
929 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
930 if (do_csum) {
931 *sseqp = (u_int32_t *)(void *)(opt + optlen +
932 offsetof(struct mptcp_dss32_ack64_opt,
933 mdss_subflow_seqn));
934 }
935
936 optlen += len;
937
938 if (optlen > MAX_TCPOPTLEN)
939 panic("optlen too large");
940 tp->t_mpflags &= ~TMPF_MPTCP_ACKNOW;
941 goto ret_optlen;
942 }
943
944 if (tp->t_mpflags & TMPF_SEND_DFIN) {
945 struct mptcp_dss_ack_opt dss_ack_opt;
946 unsigned int len = sizeof (struct mptcp_dss_ack_opt);
947
948 if (do_csum)
949 len += 2;
950
951 CHECK_OPTLEN;
952
953 bzero(&dss_ack_opt, sizeof (dss_ack_opt));
954
955 MPT_LOCK(mp_tp);
956 /*
957 * Data FIN occupies one sequence space.
958 * Don't send it if it has been Acked.
959 */
960 if (((mp_tp->mpt_sndnxt + 1) != mp_tp->mpt_sndmax) ||
961 (mp_tp->mpt_snduna == mp_tp->mpt_sndmax)) {
962 MPT_UNLOCK(mp_tp);
963 goto ret_optlen;
964 }
965
966 dss_ack_opt.mdss_copt.mdss_kind = TCPOPT_MULTIPATH;
967 dss_ack_opt.mdss_copt.mdss_len = len;
968 dss_ack_opt.mdss_copt.mdss_subtype = MPO_DSS;
969 dss_ack_opt.mdss_copt.mdss_flags |= MDSS_A | MDSS_M | MDSS_F;
970 dss_ack_opt.mdss_ack =
971 htonl(MPTCP_DATAACK_LOW32(mp_tp->mpt_rcvnxt));
972 dss_ack_opt.mdss_dsn =
973 htonl(MPTCP_DATASEQ_LOW32(mp_tp->mpt_sndnxt));
974 MPT_UNLOCK(mp_tp);
975 dss_ack_opt.mdss_subflow_seqn = 0;
976 dss_ack_opt.mdss_data_len = 1;
977 dss_ack_opt.mdss_data_len = htons(dss_ack_opt.mdss_data_len);
978 memcpy(opt + optlen, &dss_ack_opt, sizeof (dss_ack_opt));
979 if (do_csum) {
980 *dss_valp = mp_tp->mpt_sndnxt;
981 *sseqp = (u_int32_t *)(void *)(opt + optlen +
982 offsetof(struct mptcp_dss_ack_opt,
983 mdss_subflow_seqn));
984 }
985 optlen += len;
986 }
987
988 ret_optlen:
989 if (TRUE == *p_mptcp_acknow ) {
990 VERIFY(old_mpt_flags != 0);
991 u_int32_t new_mpt_flags = tp->t_mpflags &
992 (TMPF_SND_MPPRIO | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
993 TMPF_MPCAP_RETRANSMIT);
994
995 /*
996 * If none of the above mpflags were acted on by
997 * this routine, reset these flags and set p_mptcp_acknow
998 * to false.
999 * XXX The reset value of p_mptcp_acknow can be used
1000 * to communicate tcp_output to NOT send a pure ack without any
1001 * MPTCP options as it will be treated as a dup ack.
1002 * Since the instances of mptcp_setup_opts not acting on
1003 * these options are mostly corner cases and sending a dup
1004 * ack here would only have an impact if the system
1005 * has sent consecutive dup acks before this false one,
1006 * we haven't modified the logic in tcp_output to avoid
1007 * that.
1008 */
1009 if ((old_mpt_flags == new_mpt_flags) || (new_mpt_flags == 0)) {
1010 tp->t_mpflags &= ~(TMPF_SND_MPPRIO
1011 | TMPF_SND_REM_ADDR | TMPF_SND_MPFAIL |
1012 TMPF_MPCAP_RETRANSMIT);
1013 *p_mptcp_acknow = FALSE;
1014 mptcplog((LOG_DEBUG, "MPTCP Sender: %s: no action \n",
1015 __func__), MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
1016 } else {
1017 mptcplog((LOG_DEBUG, "MPTCP Sender: acknow set, "
1018 "old flags %x new flags %x \n",
1019 old_mpt_flags, new_mpt_flags),
1020 MPTCP_SENDER_DBG, MPTCP_LOGLVL_LOG);
1021 }
1022 }
1023
1024 return optlen;
1025 }
1026
1027 /*
1028 * MPTCP Options Input Processing
1029 */
1030
1031 static int
1032 mptcp_sanitize_option(struct tcpcb *tp, int mptcp_subtype)
1033 {
1034 struct mptcb *mp_tp = tptomptp(tp);
1035 int ret = 1;
1036
1037 if (mp_tp == NULL) {
1038 mptcplog((LOG_ERR, "MPTCP Socket: %s: NULL mpsocket \n",
1039 __func__), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1040 return (0);
1041 }
1042
1043 switch (mptcp_subtype) {
1044 case MPO_CAPABLE:
1045 break;
1046 case MPO_JOIN: /* fall through */
1047 case MPO_DSS: /* fall through */
1048 case MPO_FASTCLOSE: /* fall through */
1049 case MPO_FAIL: /* fall through */
1050 case MPO_REMOVE_ADDR: /* fall through */
1051 case MPO_ADD_ADDR: /* fall through */
1052 case MPO_PRIO: /* fall through */
1053 if (mp_tp->mpt_state < MPTCPS_ESTABLISHED)
1054 ret = 0;
1055 break;
1056 default:
1057 ret = 0;
1058 mptcplog((LOG_ERR, "MPTCP Socket: "
1059 "%s: type = %d \n", __func__,
1060 mptcp_subtype),
1061 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1062 break;
1063 }
1064 return (ret);
1065 }
1066
1067 static int
1068 mptcp_valid_mpcapable_common_opt(u_char *cp)
1069 {
1070 struct mptcp_mpcapable_opt_common *rsp =
1071 (struct mptcp_mpcapable_opt_common *)cp;
1072
1073 /* mmco_kind, mmco_len and mmco_subtype are validated before */
1074
1075 if (!(rsp->mmco_flags & MPCAP_PROPOSAL_SBIT))
1076 return (0);
1077
1078 if (rsp->mmco_flags & (MPCAP_BBIT | MPCAP_CBIT | MPCAP_DBIT |
1079 MPCAP_EBIT | MPCAP_FBIT | MPCAP_GBIT))
1080 return (0);
1081
1082 return (1);
1083 }
1084
1085
1086 static void
1087 mptcp_do_mpcapable_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1088 int optlen)
1089 {
1090 struct mptcp_mpcapable_opt_rsp1 *rsp1 = NULL;
1091 struct mptcp_mpcapable_opt_rsp *rsp = NULL;
1092 struct mptcb *mp_tp = tptomptp(tp);
1093
1094 #define MPTCP_OPT_ERROR_PATH(tp) { \
1095 tp->t_mpflags |= TMPF_RESET; \
1096 tcpstat.tcps_invalid_mpcap++; \
1097 if (tp->t_inpcb->inp_socket != NULL) { \
1098 soevent(tp->t_inpcb->inp_socket, \
1099 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1100 } \
1101 }
1102
1103 /* Validate the kind, len, flags */
1104 if (mptcp_valid_mpcapable_common_opt(cp) != 1) {
1105 tcpstat.tcps_invalid_mpcap++;
1106 return;
1107 }
1108
1109 /* A SYN contains only the MP_CAPABLE option */
1110 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1111 /* XXX passive side not supported yet */
1112 return;
1113 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1114
1115 /* Handle old duplicate SYN/ACK retransmission */
1116 if (SEQ_GT(tp->rcv_nxt, (tp->irs + 1)))
1117 return;
1118
1119 /* handle SYN/ACK retransmission by acknowledging with ACK */
1120 if (mp_tp->mpt_state >= MPTCPS_ESTABLISHED) {
1121 tp->t_mpflags |= TMPF_MPCAP_RETRANSMIT;
1122 return;
1123 }
1124
1125 /* A SYN/ACK contains peer's key and flags */
1126 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp)) {
1127 /* complain */
1128 mptcplog((LOG_ERR, "MPTCP Socket: "
1129 "%s: SYN_ACK optlen = %d, sizeof mp opt = %lu \n",
1130 __func__, optlen,
1131 sizeof (struct mptcp_mpcapable_opt_rsp)),
1132 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1133 tcpstat.tcps_invalid_mpcap++;
1134 return;
1135 }
1136
1137 /*
1138 * If checksum flag is set, enable MPTCP checksum, even if
1139 * it was not negotiated on the first SYN.
1140 */
1141 if (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1142 MPCAP_CHECKSUM_CBIT)
1143 mp_tp->mpt_flags |= MPTCPF_CHECKSUM;
1144
1145 rsp = (struct mptcp_mpcapable_opt_rsp *)cp;
1146 MPT_LOCK(mp_tp);
1147 mp_tp->mpt_remotekey = rsp->mmc_localkey;
1148 /* For now just downgrade to the peer's version */
1149 mp_tp->mpt_peer_version = rsp->mmc_common.mmco_version;
1150 if (rsp->mmc_common.mmco_version < mp_tp->mpt_version) {
1151 mp_tp->mpt_version = rsp->mmc_common.mmco_version;
1152 tcpstat.tcps_mp_verdowngrade++;
1153 }
1154 if (mptcp_init_remote_parms(mp_tp) != 0) {
1155 tcpstat.tcps_invalid_mpcap++;
1156 MPT_UNLOCK(mp_tp);
1157 return;
1158 }
1159 MPT_UNLOCK(mp_tp);
1160 tp->t_mpflags |= TMPF_PREESTABLISHED;
1161
1162 } else if ((th->th_flags & TH_ACK) &&
1163 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1164
1165 /*
1166 * Verify checksum flag is set, if we initially negotiated
1167 * checksum.
1168 */
1169 if ((mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1170 !(((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1171 MPCAP_CHECKSUM_CBIT)) {
1172 mptcplog((LOG_ERR, "MPTCP Socket: "
1173 "%s: checksum negotiation failure \n", __func__),
1174 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1175 MPTCP_OPT_ERROR_PATH(tp);
1176 return;
1177 }
1178
1179 if (!(mp_tp->mpt_flags & MPTCPF_CHECKSUM) &&
1180 (((struct mptcp_mpcapable_opt_common *)cp)->mmco_flags &
1181 MPCAP_CHECKSUM_CBIT)) {
1182 mptcplog((LOG_ERR, "MPTCP Socket: "
1183 "%s: checksum negotiation failure 2.\n", __func__),
1184 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1185 MPTCP_OPT_ERROR_PATH(tp);
1186 return;
1187 }
1188
1189 /*
1190 * The ACK of a three way handshake contains peer's key and
1191 * flags.
1192 */
1193 if (optlen != sizeof (struct mptcp_mpcapable_opt_rsp1)) {
1194 /* complain */
1195 mptcplog((LOG_ERR, "MPTCP Socket: "
1196 "%s: ACK optlen = %d , sizeof mp option = %lu, "
1197 " state = %d \n", __func__, optlen,
1198 sizeof (struct mptcp_mpcapable_opt_rsp1),
1199 tp->t_state), MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1200 MPTCP_OPT_ERROR_PATH(tp);
1201 return;
1202 }
1203
1204 rsp1 = (struct mptcp_mpcapable_opt_rsp1 *)cp;
1205
1206 /* Skipping MPT_LOCK for invariant key */
1207 if (rsp1->mmc_remotekey != *mp_tp->mpt_localkey) {
1208 mptcplog((LOG_ERR, "MPTCP Socket: "
1209 "%s: key mismatch locally stored key. "
1210 "rsp = %llx local = %llx \n", __func__,
1211 rsp1->mmc_remotekey, *mp_tp->mpt_localkey),
1212 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1213 MPTCP_OPT_ERROR_PATH(tp);
1214 return;
1215 } else {
1216 /* We received both keys. Almost an MPTCP connection */
1217 /* Skipping MPT_LOCK for invariant key */
1218 if (mp_tp->mpt_remotekey != rsp1->mmc_localkey) {
1219 mptcplog((LOG_ERR, "MPTCP Socket: "
1220 "%s: keys don't match\n", __func__),
1221 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1222 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1223 MPTCP_OPT_ERROR_PATH(tp);
1224 return;
1225 }
1226 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1227 tp->t_mpflags |= TMPF_MPTCP_RCVD_KEY;
1228 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1229 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1230 MPT_LOCK(mp_tp);
1231 DTRACE_MPTCP2(state__change, struct mptcb *, mp_tp,
1232 uint32_t, 0 /* event */);
1233 mptcplog((LOG_DEBUG, "MPTCP State: "
1234 "MPTCPS_ESTABLISHED \n"),
1235 MPTCP_STATE_DBG, MPTCP_LOGLVL_LOG);
1236
1237 mp_tp->mpt_state = MPTCPS_ESTABLISHED;
1238 MPT_UNLOCK(mp_tp);
1239 }
1240 if (tp->t_mpuna) {
1241 tp->t_mpuna = 0;
1242 }
1243 }
1244 }
1245
1246
1247 static void
1248 mptcp_do_mpjoin_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1249 {
1250 #define MPTCP_JOPT_ERROR_PATH(tp) { \
1251 tp->t_mpflags |= TMPF_RESET; \
1252 tcpstat.tcps_invalid_joins++; \
1253 if (tp->t_inpcb->inp_socket != NULL) { \
1254 soevent(tp->t_inpcb->inp_socket, \
1255 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST); \
1256 } \
1257 }
1258 int error = 0;
1259
1260 if ((th->th_flags & (TH_SYN | TH_ACK)) == TH_SYN) {
1261 /* We won't accept join requests as an active opener */
1262 if (tp->t_inpcb->inp_socket->so_flags & SOF_MPTCP_CLIENT) {
1263 MPTCP_JOPT_ERROR_PATH(tp);
1264 return;
1265 }
1266
1267 if (optlen != sizeof (struct mptcp_mpjoin_opt_req)) {
1268 mptcplog((LOG_ERR, "MPTCP Socket: "
1269 "%s: SYN: unexpected optlen = %d, mp option"
1270 "= %lu\n", __func__, optlen,
1271 sizeof (struct mptcp_mpjoin_opt_req)),
1272 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1273 /* send RST and close */
1274 MPTCP_JOPT_ERROR_PATH(tp);
1275 return;
1276 }
1277 /* not supported yet */
1278 return;
1279 #ifdef MPTCP_NOTYET
1280 struct mptcp_mpjoin_opt_req *join_req =
1281 (struct mptcp_mpjoin_opt_req *)cp;
1282 mp_so = mptcp_find_mpso(join_req->mmjo_peer_token);
1283 if (!mp_so) {
1284 mptcplog((LOG_ERR, "MPTCP Socket: "
1285 "%s: cannot find mp_so token = %x\n",
1286 __func__, join_req->mmjo_peer_token),
1287 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1288 /* send RST */
1289 MPTCP_JOPT_ERROR_PATH(tp);
1290 return;
1291 }
1292 if (tp->t_mpflags & TMPF_PREESTABLISHED) {
1293 return;
1294 }
1295 mp_so->ms_remote_addr_id = join_req->mmjo_addr_id;
1296 mp_so->ms_remote_rand = join_req->mmjo_rand;
1297 tp->t_mpflags |= TMPF_PREESTABLISHED | TMPF_JOINED_FLOW;
1298 tp->t_mpflags |= TMPF_RECVD_JOIN;
1299 tp->t_inpcb->inp_socket->so_flags |= SOF_MP_SEC_SUBFLOW;
1300 if (join_req->mmjo_subtype & MPTCP_BACKUP) {
1301 tp->t_mpflags |= TMPF_BACKUP_PATH;
1302 }
1303 #endif
1304 } else if ((th->th_flags & (TH_SYN | TH_ACK)) == (TH_SYN | TH_ACK)) {
1305 struct mptcp_mpjoin_opt_rsp *join_rsp =
1306 (struct mptcp_mpjoin_opt_rsp *)cp;
1307
1308 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp)) {
1309 mptcplog((LOG_ERR, "MPTCP Socket: "
1310 "SYN_ACK: unexpected optlen = %d mp "
1311 "option = %lu\n", optlen,
1312 sizeof (struct mptcp_mpjoin_opt_rsp)),
1313 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1314 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1315 /* send RST and close */
1316 MPTCP_JOPT_ERROR_PATH(tp);
1317 return;
1318 }
1319
1320 mptcp_set_raddr_rand(tp->t_local_aid,
1321 tptomptp(tp),
1322 join_rsp->mmjo_addr_id, join_rsp->mmjo_rand);
1323 error = mptcp_validate_join_hmac(tp,
1324 (u_char*)&join_rsp->mmjo_mac, SHA1_TRUNCATED);
1325 if (error) {
1326 mptcplog((LOG_ERR, "MPTCP Socket: %s: "
1327 "SYN_ACK error = %d \n", __func__, error),
1328 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1329 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1330 /* send RST and close */
1331 MPTCP_JOPT_ERROR_PATH(tp);
1332 return;
1333 }
1334 tp->t_mpflags |= TMPF_SENT_JOIN;
1335 } else if ((th->th_flags & TH_ACK) &&
1336 (tp->t_mpflags & TMPF_PREESTABLISHED)) {
1337 struct mptcp_mpjoin_opt_rsp2 *join_rsp2 =
1338 (struct mptcp_mpjoin_opt_rsp2 *)cp;
1339
1340 if (optlen != sizeof (struct mptcp_mpjoin_opt_rsp2)) {
1341 mptcplog((LOG_ERR, "MPTCP Socket: "
1342 "ACK: unexpected optlen = %d mp option "
1343 "= %lu \n", optlen,
1344 sizeof (struct mptcp_mpjoin_opt_rsp2)),
1345 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1346
1347 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1348 /* send RST and close */
1349 MPTCP_JOPT_ERROR_PATH(tp);
1350 return;
1351 }
1352
1353 error = mptcp_validate_join_hmac(tp, join_rsp2->mmjo_mac,
1354 SHA1_RESULTLEN);
1355 if (error) {
1356 mptcplog((LOG_ERR, "MPTCP Socket: "
1357 "%s: ACK error = %d\n", __func__, error),
1358 MPTCP_SOCKET_DBG, MPTCP_LOGLVL_ERR);
1359 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1360 MPTCP_JOPT_ERROR_PATH(tp);
1361 return;
1362 }
1363 tp->t_mpflags |= TMPF_MPTCP_TRUE;
1364 tp->t_mpflags &= ~TMPF_PREESTABLISHED;
1365 tp->t_flags |= TF_ACKNOW;
1366 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1367 tp->t_inpcb->inp_socket->so_flags |= SOF_MPTCP_TRUE;
1368 }
1369 }
1370
1371 static int
1372 mptcp_validate_join_hmac(struct tcpcb *tp, u_char* hmac, int mac_len)
1373 {
1374 u_char digest[SHA1_RESULTLEN] = {0};
1375 struct mptcb *mp_tp = NULL;
1376 mptcp_key_t rem_key, loc_key;
1377 u_int32_t rem_rand, loc_rand;
1378
1379 mp_tp = tp->t_mptcb;
1380
1381 rem_rand = loc_rand = 0;
1382
1383 MPT_LOCK(mp_tp);
1384 rem_key = mp_tp->mpt_remotekey;
1385 loc_key = *mp_tp->mpt_localkey;
1386 MPT_UNLOCK(mp_tp);
1387
1388 mptcp_get_rands(tp->t_local_aid, mp_tp, &loc_rand, &rem_rand);
1389 if ((rem_rand == 0) || (loc_rand == 0))
1390 return (-1);
1391
1392 mptcp_hmac_sha1(rem_key, loc_key, rem_rand, loc_rand,
1393 digest, sizeof (digest));
1394
1395 if (bcmp(digest, hmac, mac_len) == 0)
1396 return (0); /* matches */
1397 else {
1398 printf("%s: remote key %llx local key %llx remote rand %x "
1399 "local rand %x \n", __func__, rem_key, loc_key,
1400 rem_rand, loc_rand);
1401 return (-1);
1402 }
1403 }
1404
1405 static void
1406 mptcp_do_dss_opt_ack_meat(u_int64_t full_dack, struct tcpcb *tp)
1407 {
1408 struct mptcb *mp_tp = tptomptp(tp);
1409 int close_notify = 0;
1410
1411 MPT_LOCK(mp_tp);
1412 if (MPTCP_SEQ_LEQ(full_dack, mp_tp->mpt_sndmax) &&
1413 MPTCP_SEQ_GEQ(full_dack, mp_tp->mpt_snduna)) {
1414 mptcp_data_ack_rcvd(mp_tp, tp, full_dack);
1415 if (mp_tp->mpt_state > MPTCPS_FIN_WAIT_2)
1416 close_notify = 1;
1417 MPT_UNLOCK(mp_tp);
1418 if (mp_tp->mpt_flags & MPTCPF_RCVD_64BITACK) {
1419 mp_tp->mpt_flags &= ~MPTCPF_RCVD_64BITACK;
1420 mp_tp->mpt_flags &= ~MPTCPF_SND_64BITDSN;
1421 }
1422 mptcp_notify_mpready(tp->t_inpcb->inp_socket);
1423 if (close_notify)
1424 mptcp_notify_close(tp->t_inpcb->inp_socket);
1425 } else {
1426 MPT_UNLOCK(mp_tp);
1427 mptcplog((LOG_ERR,"MPTCP Socket: "
1428 "%s: unexpected dack %llx snduna %llx "
1429 "sndmax %llx\n", __func__, full_dack,
1430 mp_tp->mpt_snduna, mp_tp->mpt_sndmax),
1431 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1432 MPTCP_LOGLVL_LOG);
1433 }
1434 }
1435
1436 static void
1437 mptcp_do_dss_opt_meat(u_char *cp, struct tcpcb *tp)
1438 {
1439 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1440 u_int64_t full_dack = 0;
1441 struct mptcb *mp_tp = tptomptp(tp);
1442 int csum_len = 0;
1443
1444 #define MPTCP_DSS_OPT_SZ_CHK(len, expected_len) { \
1445 if (len != expected_len) { \
1446 mptcplog((LOG_ERR, "MPTCP Socket: " \
1447 "%s: bad len = %d dss: %x \n", __func__, \
1448 len, dss_rsp->mdss_flags), \
1449 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), \
1450 MPTCP_LOGLVL_LOG); \
1451 return; \
1452 } \
1453 }
1454
1455 /*
1456 * mp_tp might become NULL after the call to mptcp_do_fin_opt().
1457 * Review after rdar://problem/24083886
1458 */
1459 if (!mp_tp)
1460 return;
1461
1462 if (mp_tp->mpt_flags & MPTCPF_CHECKSUM)
1463 csum_len = 2;
1464
1465 dss_rsp->mdss_flags &= (MDSS_A|MDSS_a|MDSS_M|MDSS_m);
1466 switch (dss_rsp->mdss_flags) {
1467 case (MDSS_M):
1468 {
1469 /* 32-bit DSS, No Data ACK */
1470 struct mptcp_dsn_opt *dss_rsp1;
1471 dss_rsp1 = (struct mptcp_dsn_opt *)cp;
1472
1473 MPTCP_DSS_OPT_SZ_CHK(dss_rsp1->mdss_copt.mdss_len,
1474 sizeof (struct mptcp_dsn_opt) + csum_len);
1475 if (csum_len == 0)
1476 mptcp_update_dss_rcv_state(dss_rsp1, tp, 0);
1477 else
1478 mptcp_update_dss_rcv_state(dss_rsp1, tp,
1479 *(uint16_t *)(void *)(cp +
1480 (dss_rsp1->mdss_copt.mdss_len - csum_len)));
1481 break;
1482 }
1483 case (MDSS_A):
1484 {
1485 /* 32-bit Data ACK, no DSS */
1486 struct mptcp_data_ack_opt *dack_opt;
1487 dack_opt = (struct mptcp_data_ack_opt *)cp;
1488
1489 MPTCP_DSS_OPT_SZ_CHK(dack_opt->mdss_copt.mdss_len,
1490 sizeof (struct mptcp_data_ack_opt));
1491
1492 u_int32_t dack = dack_opt->mdss_ack;
1493 NTOHL(dack);
1494 MPT_LOCK_SPIN(mp_tp);
1495 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1496 MPT_UNLOCK(mp_tp);
1497 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1498 break;
1499 }
1500 case (MDSS_M | MDSS_A):
1501 {
1502 /* 32-bit Data ACK + 32-bit DSS */
1503 struct mptcp_dss_ack_opt *dss_ack_rsp;
1504 dss_ack_rsp = (struct mptcp_dss_ack_opt *)cp;
1505
1506 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1507 sizeof (struct mptcp_dss_ack_opt) + csum_len);
1508
1509 u_int32_t dack = dss_ack_rsp->mdss_ack;
1510 NTOHL(dack);
1511 MPT_LOCK_SPIN(mp_tp);
1512 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1513 MPT_UNLOCK(mp_tp);
1514 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1515 if (csum_len == 0)
1516 mptcp_update_rcv_state_f(dss_ack_rsp, tp, 0);
1517 else
1518 mptcp_update_rcv_state_f(dss_ack_rsp, tp,
1519 *(uint16_t *)(void *)(cp +
1520 (dss_ack_rsp->mdss_copt.mdss_len -
1521 csum_len)));
1522 break;
1523 }
1524 case (MDSS_M | MDSS_m):
1525 {
1526 /* 64-bit DSS , No Data ACK */
1527 struct mptcp_dsn64_opt *dsn64;
1528 dsn64 = (struct mptcp_dsn64_opt *)cp;
1529 u_int64_t full_dsn;
1530
1531 MPTCP_DSS_OPT_SZ_CHK(dsn64->mdss_copt.mdss_len,
1532 sizeof (struct mptcp_dsn64_opt) + csum_len);
1533
1534 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1535 "%s: 64-bit M present.\n", __func__),
1536 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1537 MPTCP_LOGLVL_LOG);
1538
1539 MPT_LOCK_SPIN(mp_tp);
1540 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1541 MPT_UNLOCK(mp_tp);
1542
1543 full_dsn = mptcp_ntoh64(dsn64->mdss_dsn);
1544 NTOHL(dsn64->mdss_subflow_seqn);
1545 NTOHS(dsn64->mdss_data_len);
1546 if (csum_len == 0)
1547 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1548 dsn64->mdss_subflow_seqn,
1549 dsn64->mdss_data_len,
1550 0);
1551 else
1552 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1553 dsn64->mdss_subflow_seqn,
1554 dsn64->mdss_data_len,
1555 *(uint16_t *)(void *)(cp +
1556 dsn64->mdss_copt.mdss_len - csum_len));
1557 break;
1558 }
1559 case (MDSS_A | MDSS_a):
1560 {
1561 /* 64-bit Data ACK, no DSS */
1562 struct mptcp_data_ack64_opt *dack64;
1563 dack64 = (struct mptcp_data_ack64_opt *)cp;
1564
1565 MPTCP_DSS_OPT_SZ_CHK(dack64->mdss_copt.mdss_len,
1566 sizeof (struct mptcp_data_ack64_opt));
1567
1568 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1569 "%s: 64-bit A present. \n", __func__),
1570 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1571 MPTCP_LOGLVL_LOG);
1572
1573 MPT_LOCK_SPIN(mp_tp);
1574 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1575 MPT_UNLOCK(mp_tp);
1576
1577 full_dack = mptcp_ntoh64(dack64->mdss_ack);
1578 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1579 break;
1580 }
1581 case (MDSS_M | MDSS_m | MDSS_A):
1582 {
1583 /* 64-bit DSS + 32-bit Data ACK */
1584 struct mptcp_dss64_ack32_opt *dss_ack_rsp;
1585 dss_ack_rsp = (struct mptcp_dss64_ack32_opt *)cp;
1586
1587 MPTCP_DSS_OPT_SZ_CHK(dss_ack_rsp->mdss_copt.mdss_len,
1588 sizeof (struct mptcp_dss64_ack32_opt) + csum_len);
1589
1590 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1591 "%s: 64-bit M and 32-bit A present.\n", __func__),
1592 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1593 MPTCP_LOGLVL_LOG);
1594
1595 u_int32_t dack = dss_ack_rsp->mdss_ack;
1596 NTOHL(dack);
1597 MPT_LOCK_SPIN(mp_tp);
1598 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1599 MPTCP_EXTEND_DSN(mp_tp->mpt_snduna, dack, full_dack);
1600 MPT_UNLOCK(mp_tp);
1601 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1602 if (csum_len == 0)
1603 mptcp_update_rcv_state_g(dss_ack_rsp, tp, 0);
1604 else
1605 mptcp_update_rcv_state_g(dss_ack_rsp, tp,
1606 *(uint16_t *)(void *)(cp +
1607 dss_ack_rsp->mdss_copt.mdss_len -
1608 csum_len));
1609 break;
1610 }
1611 case (MDSS_M | MDSS_A | MDSS_a):
1612 {
1613 /* 32-bit DSS + 64-bit Data ACK */
1614 struct mptcp_dss32_ack64_opt *dss32_ack64_opt;
1615 dss32_ack64_opt = (struct mptcp_dss32_ack64_opt *)cp;
1616 u_int64_t full_dsn;
1617
1618 MPTCP_DSS_OPT_SZ_CHK(
1619 dss32_ack64_opt->mdss_copt.mdss_len,
1620 sizeof (struct mptcp_dss32_ack64_opt) + csum_len);
1621
1622 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1623 "%s: 32-bit M and 64-bit A present.\n", __func__),
1624 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1625 MPTCP_LOGLVL_LOG);
1626
1627 full_dack = mptcp_ntoh64(dss32_ack64_opt->mdss_ack);
1628 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1629 NTOHL(dss32_ack64_opt->mdss_dsn);
1630 MPT_LOCK_SPIN(mp_tp);
1631 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1632 MPTCP_EXTEND_DSN(mp_tp->mpt_rcvnxt,
1633 dss32_ack64_opt->mdss_dsn, full_dsn);
1634 MPT_UNLOCK(mp_tp);
1635 NTOHL(dss32_ack64_opt->mdss_subflow_seqn);
1636 NTOHS(dss32_ack64_opt->mdss_data_len);
1637 if (csum_len == 0)
1638 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1639 dss32_ack64_opt->mdss_subflow_seqn,
1640 dss32_ack64_opt->mdss_data_len, 0);
1641 else
1642 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1643 dss32_ack64_opt->mdss_subflow_seqn,
1644 dss32_ack64_opt->mdss_data_len,
1645 *(uint16_t *)(void *)(cp +
1646 dss32_ack64_opt->mdss_copt.mdss_len -
1647 csum_len));
1648 break;
1649 }
1650 case (MDSS_M | MDSS_m | MDSS_A | MDSS_a):
1651 {
1652 /* 64-bit DSS + 64-bit Data ACK */
1653 struct mptcp_dss64_ack64_opt *dss64_ack64;
1654 dss64_ack64 = (struct mptcp_dss64_ack64_opt *)cp;
1655 u_int64_t full_dsn;
1656
1657 MPTCP_DSS_OPT_SZ_CHK(dss64_ack64->mdss_copt.mdss_len,
1658 sizeof (struct mptcp_dss64_ack64_opt) + csum_len);
1659
1660 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1661 "%s: 64-bit M and 64-bit A present.\n", __func__),
1662 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1663 MPTCP_LOGLVL_LOG);
1664
1665 MPT_LOCK_SPIN(mp_tp);
1666 mp_tp->mpt_flags |= MPTCPF_RCVD_64BITACK;
1667 mp_tp->mpt_flags |= MPTCPF_SND_64BITACK;
1668 MPT_UNLOCK(mp_tp);
1669 full_dsn = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1670 full_dack = mptcp_ntoh64(dss64_ack64->mdss_dsn);
1671 mptcp_do_dss_opt_ack_meat(full_dack, tp);
1672 NTOHL(dss64_ack64->mdss_subflow_seqn);
1673 NTOHS(dss64_ack64->mdss_data_len);
1674 if (csum_len == 0)
1675 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1676 dss64_ack64->mdss_subflow_seqn,
1677 dss64_ack64->mdss_data_len, 0);
1678 else
1679 mptcp_update_rcv_state_meat(mp_tp, tp, full_dsn,
1680 dss64_ack64->mdss_subflow_seqn,
1681 dss64_ack64->mdss_data_len,
1682 *(uint16_t *)(void *)(cp +
1683 dss64_ack64->mdss_copt.mdss_len -
1684 csum_len));
1685 break;
1686 }
1687 default:
1688 mptcplog((LOG_DEBUG,"MPTCP Socket: "
1689 "%s: File bug, DSS flags = %x\n", __func__,
1690 dss_rsp->mdss_flags),
1691 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1692 MPTCP_LOGLVL_LOG);
1693 break;
1694 }
1695 }
1696
1697
1698 static void
1699 mptcp_do_fin_opt(struct tcpcb *tp)
1700 {
1701 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1702
1703 mptcplog((LOG_DEBUG,"MPTCP Socket: %s \n", __func__),
1704 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1705 MPTCP_LOGLVL_LOG);
1706
1707 if (!(tp->t_mpflags & TMPF_RECV_DFIN)) {
1708 if (mp_tp != NULL) {
1709 MPT_LOCK(mp_tp);
1710 mptcp_close_fsm(mp_tp, MPCE_RECV_DATA_FIN);
1711 MPT_UNLOCK(mp_tp);
1712
1713 if (tp->t_inpcb->inp_socket != NULL) {
1714 soevent(tp->t_inpcb->inp_socket,
1715 SO_FILT_HINT_LOCKED |
1716 SO_FILT_HINT_MPCANTRCVMORE);
1717 }
1718
1719 }
1720 tp->t_mpflags |= TMPF_RECV_DFIN;
1721 }
1722
1723 tp->t_mpflags |= TMPF_MPTCP_ACKNOW;
1724 /*
1725 * Since this is a data level FIN, TCP needs to be explicitly told
1726 * to send back an ACK on which the Data ACK is piggybacked.
1727 */
1728 tp->t_flags |= TF_ACKNOW;
1729 }
1730
1731 static void
1732 mptcp_do_dss_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th, int optlen)
1733 {
1734 #pragma unused(th, optlen)
1735 struct mptcb *mp_tp = (struct mptcb *)tp->t_mptcb;
1736
1737 if (!mp_tp)
1738 return;
1739
1740 /* We may get Data ACKs just during fallback, so don't ignore those */
1741 if ((tp->t_mpflags & TMPF_MPTCP_TRUE) ||
1742 (tp->t_mpflags & TMPF_TCP_FALLBACK)) {
1743 struct mptcp_dss_copt *dss_rsp = (struct mptcp_dss_copt *)cp;
1744
1745 if (dss_rsp->mdss_subtype == MPO_DSS) {
1746 if (dss_rsp->mdss_flags & MDSS_F) {
1747 mptcp_do_fin_opt(tp);
1748 }
1749
1750 mptcp_do_dss_opt_meat(cp, tp);
1751 }
1752 }
1753 }
1754
1755 static void
1756 mptcp_do_fastclose_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1757 {
1758 struct mptcb *mp_tp = NULL;
1759 struct mptcp_fastclose_opt *fc_opt = (struct mptcp_fastclose_opt *)cp;
1760
1761 if (th->th_flags != TH_ACK)
1762 return;
1763
1764 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: \n", __func__),
1765 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG),
1766 MPTCP_LOGLVL_LOG);
1767
1768 if (fc_opt->mfast_len != sizeof (struct mptcp_fastclose_opt)) {
1769 tcpstat.tcps_invalid_opt++;
1770 return;
1771 }
1772
1773 mp_tp = (struct mptcb *)tp->t_mptcb;
1774 if (!mp_tp)
1775 return;
1776
1777 if (fc_opt->mfast_key != mptcp_get_localkey(mp_tp)) {
1778 tcpstat.tcps_invalid_opt++;
1779 return;
1780 }
1781
1782 /*
1783 * fastclose could make us more vulnerable to attacks, hence
1784 * accept only those that are at the next expected sequence number.
1785 */
1786 if (th->th_seq != tp->rcv_nxt) {
1787 tcpstat.tcps_invalid_opt++;
1788 return;
1789 }
1790
1791 /* Reset this flow */
1792 tp->t_mpflags |= TMPF_RESET;
1793
1794 if (tp->t_inpcb->inp_socket != NULL) {
1795 soevent(tp->t_inpcb->inp_socket,
1796 SO_FILT_HINT_LOCKED | SO_FILT_HINT_MUSTRST);
1797 }
1798 }
1799
1800
1801 static void
1802 mptcp_do_mpfail_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th)
1803 {
1804 struct mptcb *mp_tp = NULL;
1805 struct mptcp_mpfail_opt *fail_opt = (struct mptcp_mpfail_opt *)cp;
1806 u_int32_t mdss_subflow_seqn = 0;
1807 int error = 0;
1808
1809 /*
1810 * mpfail could make us more vulnerable to attacks. Hence accept
1811 * only those that are the next expected sequence number.
1812 */
1813 if (th->th_seq != tp->rcv_nxt) {
1814 tcpstat.tcps_invalid_opt++;
1815 return;
1816 }
1817
1818 /* A packet without RST, must atleast have the ACK bit set */
1819 if ((th->th_flags != TH_ACK) && (th->th_flags != TH_RST))
1820 return;
1821
1822 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: \n", __func__),
1823 (MPTCP_SOCKET_DBG|MPTCP_RECEIVER_DBG), MPTCP_LOGLVL_LOG);
1824
1825 if (fail_opt->mfail_len != sizeof (struct mptcp_mpfail_opt))
1826 return;
1827
1828 mp_tp = (struct mptcb *)tp->t_mptcb;
1829 MPT_LOCK(mp_tp);
1830 mp_tp->mpt_flags |= MPTCPF_RECVD_MPFAIL;
1831 mp_tp->mpt_dsn_at_csum_fail = mptcp_hton64(fail_opt->mfail_dsn);
1832 MPT_UNLOCK(mp_tp);
1833 error = mptcp_get_map_for_dsn(tp->t_inpcb->inp_socket,
1834 mp_tp->mpt_dsn_at_csum_fail, &mdss_subflow_seqn);
1835 if (error == 0) {
1836 mp_tp->mpt_ssn_at_csum_fail = mdss_subflow_seqn;
1837 }
1838
1839 mptcp_notify_mpfail(tp->t_inpcb->inp_socket);
1840 }
1841
1842 void
1843 tcp_do_mptcp_options(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1844 struct tcpopt *to, int optlen)
1845 {
1846 int mptcp_subtype;
1847
1848 /* All MPTCP options have atleast 4 bytes */
1849 if (optlen < 4)
1850 return;
1851
1852 mptcp_subtype = (cp[2] >> 4);
1853
1854 if (mptcp_sanitize_option(tp, mptcp_subtype) == 0)
1855 return;
1856
1857 switch (mptcp_subtype) {
1858 case MPO_CAPABLE:
1859 mptcp_do_mpcapable_opt(tp, cp, th, optlen);
1860 break;
1861 case MPO_JOIN:
1862 mptcp_do_mpjoin_opt(tp, cp, th, optlen);
1863 break;
1864 case MPO_DSS:
1865 mptcp_do_dss_opt(tp, cp, th, optlen);
1866 break;
1867 case MPO_FASTCLOSE:
1868 mptcp_do_fastclose_opt(tp, cp, th);
1869 break;
1870 case MPO_FAIL:
1871 mptcp_do_mpfail_opt(tp, cp, th);
1872 break;
1873 case MPO_ADD_ADDR: /* fall through */
1874 case MPO_REMOVE_ADDR: /* fall through */
1875 case MPO_PRIO:
1876 to->to_flags |= TOF_MPTCP;
1877 break;
1878 default:
1879 break;
1880 }
1881 return;
1882 }
1883
1884 /*
1885 * MPTCP ADD_ADDR and REMOVE_ADDR options
1886 */
1887
1888 /*
1889 * ADD_ADDR is only placeholder code - not sent on wire
1890 * The ADD_ADDR option is not sent on wire because of security issues
1891 * around connection hijacking.
1892 */
1893 void
1894 mptcp_send_addaddr_opt(struct tcpcb *tp, struct mptcp_addaddr_opt *opt)
1895 {
1896
1897 opt->ma_kind = TCPOPT_MULTIPATH;
1898 opt->ma_len = sizeof (struct mptcp_addaddr_opt);
1899 opt->ma_subtype = MPO_ADD_ADDR;
1900 opt->ma_addr_id = tp->t_local_aid;
1901 #ifdef MPTCP_NOTYET
1902 struct inpcb *inp = tp->t_inpcb;
1903 if (inp->inp_vflag == AF_INET) {
1904 opt->ma_ipver = MA_IPVer_V4;
1905 bcopy((char *)&sin->sin_addr.s_addr, (char *)opt + opt->ma_len,
1906 sizeof (in_addr_t));
1907 opt->ma_len += sizeof (in_addr_t);
1908 } else if (inp->inp_vflag == AF_INET6) {
1909 opt->ma_ipver = MA_IPVer_V6;
1910 bcopy((char *)&sin6->sin6_addr, (char *)opt + opt->ma_len,
1911 sizeof (struct in6_addr));
1912 opt->ma_len += sizeof (struct in6_addr);
1913 }
1914 #if 0
1915 if (tp->t_mp_port) {
1916 /* add ports XXX */
1917 }
1918 #endif
1919 #endif
1920 }
1921
1922 /* REMOVE_ADDR option is sent when a source address goes away */
1923 void
1924 mptcp_send_remaddr_opt(struct tcpcb *tp, struct mptcp_remaddr_opt *opt)
1925 {
1926 mptcplog((LOG_DEBUG,"MPTCP Socket: %s: local id %d remove id %d \n",
1927 __func__, tp->t_local_aid, tp->t_rem_aid),
1928 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1929
1930 bzero(opt, sizeof (*opt));
1931 opt->mr_kind = TCPOPT_MULTIPATH;
1932 opt->mr_len = sizeof (*opt);
1933 opt->mr_subtype = MPO_REMOVE_ADDR;
1934 opt->mr_addr_id = tp->t_rem_aid;
1935 tp->t_mpflags &= ~TMPF_SND_REM_ADDR;
1936 }
1937
1938 /*
1939 * MPTCP MP_PRIO option
1940 */
1941
1942 #if 0
1943 /*
1944 * Current implementation drops incoming MP_PRIO option and this code is
1945 * just a placeholder. The option is dropped because only the mobile client can
1946 * decide which of the subflows is preferred (usually wifi is preferred
1947 * over Cellular).
1948 */
1949 void
1950 mptcp_do_mpprio_opt(struct tcpcb *tp, u_char *cp, struct tcphdr *th,
1951 int optlen)
1952 {
1953 int bkp = 0;
1954 struct mptcp_mpprio_opt *mpprio = (struct mptcp_mpprio_opt *)cp;
1955
1956 if ((tp == NULL) || !(tp->t_mpflags & TMPF_MPTCP_TRUE))
1957 return;
1958
1959 if ((mpprio->mpprio_len != sizeof (struct mptcp_mpprio_addr_opt)) &&
1960 (mpprio->mpprio_len != sizeof (struct mptcp_mpprio_opt)))
1961 return;
1962 }
1963 #endif
1964
1965 /* We send MP_PRIO option based on the values set by the SIOCSCONNORDER ioctl */
1966 static int
1967 mptcp_snd_mpprio(struct tcpcb *tp, u_char *cp, int optlen)
1968 {
1969 struct mptcp_mpprio_addr_opt mpprio;
1970
1971 if (tp->t_state != TCPS_ESTABLISHED) {
1972 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1973 return (optlen);
1974 }
1975
1976 if (mptcp_mpprio_enable != 1) {
1977 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1978 return (optlen);
1979 }
1980
1981 if ((MAX_TCPOPTLEN - optlen) <
1982 (int)sizeof (mpprio))
1983 return (optlen);
1984
1985 bzero(&mpprio, sizeof (mpprio));
1986 mpprio.mpprio_kind = TCPOPT_MULTIPATH;
1987 mpprio.mpprio_len = sizeof (mpprio);
1988 mpprio.mpprio_subtype = MPO_PRIO;
1989 if (tp->t_mpflags & TMPF_BACKUP_PATH)
1990 mpprio.mpprio_flags |= MPTCP_MPPRIO_BKP;
1991 mpprio.mpprio_addrid = tp->t_local_aid;
1992 memcpy(cp + optlen, &mpprio, sizeof (mpprio));
1993 optlen += sizeof (mpprio);
1994 tp->t_mpflags &= ~TMPF_SND_MPPRIO;
1995 mptcplog((LOG_DEBUG, "MPTCP Socket: %s: aid = %d \n", __func__,
1996 tp->t_local_aid),
1997 (MPTCP_SOCKET_DBG|MPTCP_SENDER_DBG), MPTCP_LOGLVL_LOG);
1998 return (optlen);
1999 }
mirror of XNU