1 // SPDX-License-Identifier: GPL-2.0
4 * Copyright (c) 2017 - 2019, Intel Corporation.
7 #define pr_fmt(fmt) "MPTCP: " fmt
9 #include <linux/kernel.h>
10 #include <crypto/sha2.h>
12 #include <net/mptcp.h>
16 static bool mptcp_cap_flag_sha256(u8 flags)
18 return (flags & MPTCP_CAP_FLAG_MASK) == MPTCP_CAP_HMAC_SHA256;
21 static void mptcp_parse_option(const struct sk_buff *skb,
22 const unsigned char *ptr, int opsize,
23 struct mptcp_options_received *mp_opt)
25 u8 subtype = *ptr >> 4;
31 case MPTCPOPT_MP_CAPABLE:
32 /* strict size checking */
33 if (!(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)) {
34 if (skb->len > tcp_hdr(skb)->doff << 2)
35 expected_opsize = TCPOLEN_MPTCP_MPC_ACK_DATA;
37 expected_opsize = TCPOLEN_MPTCP_MPC_ACK;
39 if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_ACK)
40 expected_opsize = TCPOLEN_MPTCP_MPC_SYNACK;
42 expected_opsize = TCPOLEN_MPTCP_MPC_SYN;
44 if (opsize != expected_opsize)
47 /* try to be gentle vs future versions on the initial syn */
48 version = *ptr++ & MPTCP_VERSION_MASK;
49 if (opsize != TCPOLEN_MPTCP_MPC_SYN) {
50 if (version != MPTCP_SUPPORTED_VERSION)
52 } else if (version < MPTCP_SUPPORTED_VERSION) {
57 if (!mptcp_cap_flag_sha256(flags) ||
58 (flags & MPTCP_CAP_EXTENSIBILITY))
61 /* RFC 6824, Section 3.1:
62 * "For the Checksum Required bit (labeled "A"), if either
63 * host requires the use of checksums, checksums MUST be used.
64 * In other words, the only way for checksums not to be used
65 * is if both hosts in their SYNs set A=0."
68 * "If a checksum is not present when its use has been
69 * negotiated, the receiver MUST close the subflow with a RST as
70 * it is considered broken."
72 * We don't implement DSS checksum - fall back to TCP.
74 if (flags & MPTCP_CAP_CHECKSUM_REQD)
77 mp_opt->mp_capable = 1;
78 if (opsize >= TCPOLEN_MPTCP_MPC_SYNACK) {
79 mp_opt->sndr_key = get_unaligned_be64(ptr);
82 if (opsize >= TCPOLEN_MPTCP_MPC_ACK) {
83 mp_opt->rcvr_key = get_unaligned_be64(ptr);
86 if (opsize == TCPOLEN_MPTCP_MPC_ACK_DATA) {
88 * "the data parameters in a MP_CAPABLE are semantically
89 * equivalent to those in a DSS option and can be used
95 mp_opt->data_len = get_unaligned_be16(ptr);
98 pr_debug("MP_CAPABLE version=%x, flags=%x, optlen=%d sndr=%llu, rcvr=%llu len=%d",
99 version, flags, opsize, mp_opt->sndr_key,
100 mp_opt->rcvr_key, mp_opt->data_len);
103 case MPTCPOPT_MP_JOIN:
105 if (opsize == TCPOLEN_MPTCP_MPJ_SYN) {
106 mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP;
107 mp_opt->join_id = *ptr++;
108 mp_opt->token = get_unaligned_be32(ptr);
110 mp_opt->nonce = get_unaligned_be32(ptr);
112 pr_debug("MP_JOIN bkup=%u, id=%u, token=%u, nonce=%u",
113 mp_opt->backup, mp_opt->join_id,
114 mp_opt->token, mp_opt->nonce);
115 } else if (opsize == TCPOLEN_MPTCP_MPJ_SYNACK) {
116 mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP;
117 mp_opt->join_id = *ptr++;
118 mp_opt->thmac = get_unaligned_be64(ptr);
120 mp_opt->nonce = get_unaligned_be32(ptr);
122 pr_debug("MP_JOIN bkup=%u, id=%u, thmac=%llu, nonce=%u",
123 mp_opt->backup, mp_opt->join_id,
124 mp_opt->thmac, mp_opt->nonce);
125 } else if (opsize == TCPOLEN_MPTCP_MPJ_ACK) {
127 memcpy(mp_opt->hmac, ptr, MPTCPOPT_HMAC_LEN);
128 pr_debug("MP_JOIN hmac");
130 pr_warn("MP_JOIN bad option size");
139 /* we must clear 'mpc_map' be able to detect MP_CAPABLE
140 * map vs DSS map in mptcp_incoming_options(), and reconstruct
141 * map info accordingly
144 flags = (*ptr++) & MPTCP_DSS_FLAG_MASK;
145 mp_opt->data_fin = (flags & MPTCP_DSS_DATA_FIN) != 0;
146 mp_opt->dsn64 = (flags & MPTCP_DSS_DSN64) != 0;
147 mp_opt->use_map = (flags & MPTCP_DSS_HAS_MAP) != 0;
148 mp_opt->ack64 = (flags & MPTCP_DSS_ACK64) != 0;
149 mp_opt->use_ack = (flags & MPTCP_DSS_HAS_ACK);
151 pr_debug("data_fin=%d dsn64=%d use_map=%d ack64=%d use_ack=%d",
152 mp_opt->data_fin, mp_opt->dsn64,
153 mp_opt->use_map, mp_opt->ack64,
156 expected_opsize = TCPOLEN_MPTCP_DSS_BASE;
158 if (mp_opt->use_ack) {
160 expected_opsize += TCPOLEN_MPTCP_DSS_ACK64;
162 expected_opsize += TCPOLEN_MPTCP_DSS_ACK32;
165 if (mp_opt->use_map) {
167 expected_opsize += TCPOLEN_MPTCP_DSS_MAP64;
169 expected_opsize += TCPOLEN_MPTCP_DSS_MAP32;
172 /* RFC 6824, Section 3.3:
173 * If a checksum is present, but its use had
174 * not been negotiated in the MP_CAPABLE handshake,
175 * the checksum field MUST be ignored.
177 if (opsize != expected_opsize &&
178 opsize != expected_opsize + TCPOLEN_MPTCP_DSS_CHECKSUM)
183 if (mp_opt->use_ack) {
185 mp_opt->data_ack = get_unaligned_be64(ptr);
188 mp_opt->data_ack = get_unaligned_be32(ptr);
192 pr_debug("data_ack=%llu", mp_opt->data_ack);
195 if (mp_opt->use_map) {
197 mp_opt->data_seq = get_unaligned_be64(ptr);
200 mp_opt->data_seq = get_unaligned_be32(ptr);
204 mp_opt->subflow_seq = get_unaligned_be32(ptr);
207 mp_opt->data_len = get_unaligned_be16(ptr);
210 pr_debug("data_seq=%llu subflow_seq=%u data_len=%u",
211 mp_opt->data_seq, mp_opt->subflow_seq,
217 case MPTCPOPT_ADD_ADDR:
218 mp_opt->echo = (*ptr++) & MPTCP_ADDR_ECHO;
220 if (opsize == TCPOLEN_MPTCP_ADD_ADDR ||
221 opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT)
222 mp_opt->family = MPTCP_ADDR_IPVERSION_4;
223 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
224 else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6 ||
225 opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT)
226 mp_opt->family = MPTCP_ADDR_IPVERSION_6;
231 if (opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE ||
232 opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT)
233 mp_opt->family = MPTCP_ADDR_IPVERSION_4;
234 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
235 else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE ||
236 opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT)
237 mp_opt->family = MPTCP_ADDR_IPVERSION_6;
243 mp_opt->add_addr = 1;
244 mp_opt->addr_id = *ptr++;
245 if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) {
246 memcpy((u8 *)&mp_opt->addr.s_addr, (u8 *)ptr, 4);
248 if (opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT ||
249 opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT) {
250 mp_opt->port = get_unaligned_be16(ptr);
254 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
256 memcpy(mp_opt->addr6.s6_addr, (u8 *)ptr, 16);
258 if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT ||
259 opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT) {
260 mp_opt->port = get_unaligned_be16(ptr);
266 mp_opt->ahmac = get_unaligned_be64(ptr);
269 pr_debug("ADD_ADDR%s: id=%d, ahmac=%llu, echo=%d, port=%d",
270 (mp_opt->family == MPTCP_ADDR_IPVERSION_6) ? "6" : "",
271 mp_opt->addr_id, mp_opt->ahmac, mp_opt->echo, mp_opt->port);
274 case MPTCPOPT_RM_ADDR:
275 if (opsize != TCPOLEN_MPTCP_RM_ADDR_BASE)
281 mp_opt->rm_id = *ptr++;
282 pr_debug("RM_ADDR: id=%d", mp_opt->rm_id);
285 case MPTCPOPT_MP_FASTCLOSE:
286 if (opsize != TCPOLEN_MPTCP_FASTCLOSE)
290 mp_opt->rcvr_key = get_unaligned_be64(ptr);
292 mp_opt->fastclose = 1;
300 void mptcp_get_options(const struct sk_buff *skb,
301 struct mptcp_options_received *mp_opt)
303 const struct tcphdr *th = tcp_hdr(skb);
304 const unsigned char *ptr;
307 /* initialize option status */
308 mp_opt->mp_capable = 0;
310 mp_opt->add_addr = 0;
312 mp_opt->fastclose = 0;
317 length = (th->doff * 4) - sizeof(struct tcphdr);
318 ptr = (const unsigned char *)(th + 1);
327 case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */
332 if (opsize < 2) /* "silly options" */
335 return; /* don't parse partial options */
336 if (opcode == TCPOPT_MPTCP)
337 mptcp_parse_option(skb, ptr, opsize, mp_opt);
344 bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb,
345 unsigned int *size, struct mptcp_out_options *opts)
347 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
349 /* we will use snd_isn to detect first pkt [re]transmission
350 * in mptcp_established_options_mp()
352 subflow->snd_isn = TCP_SKB_CB(skb)->end_seq;
353 if (subflow->request_mptcp) {
354 opts->suboptions = OPTION_MPTCP_MPC_SYN;
355 *size = TCPOLEN_MPTCP_MPC_SYN;
357 } else if (subflow->request_join) {
358 pr_debug("remote_token=%u, nonce=%u", subflow->remote_token,
359 subflow->local_nonce);
360 opts->suboptions = OPTION_MPTCP_MPJ_SYN;
361 opts->join_id = subflow->local_id;
362 opts->token = subflow->remote_token;
363 opts->nonce = subflow->local_nonce;
364 opts->backup = subflow->request_bkup;
365 *size = TCPOLEN_MPTCP_MPJ_SYN;
371 /* MP_JOIN client subflow must wait for 4th ack before sending any data:
372 * TCP can't schedule delack timer before the subflow is fully established.
373 * MPTCP uses the delack timer to do 3rd ack retransmissions
375 static void schedule_3rdack_retransmission(struct sock *sk)
377 struct inet_connection_sock *icsk = inet_csk(sk);
378 struct tcp_sock *tp = tcp_sk(sk);
379 unsigned long timeout;
381 /* reschedule with a timeout above RTT, as we must look only for drop */
383 timeout = tp->srtt_us << 1;
385 timeout = TCP_TIMEOUT_INIT;
387 WARN_ON_ONCE(icsk->icsk_ack.pending & ICSK_ACK_TIMER);
388 icsk->icsk_ack.pending |= ICSK_ACK_SCHED | ICSK_ACK_TIMER;
389 icsk->icsk_ack.timeout = timeout;
390 sk_reset_timer(sk, &icsk->icsk_delack_timer, timeout);
393 static void clear_3rdack_retransmission(struct sock *sk)
395 struct inet_connection_sock *icsk = inet_csk(sk);
397 sk_stop_timer(sk, &icsk->icsk_delack_timer);
398 icsk->icsk_ack.timeout = 0;
399 icsk->icsk_ack.ato = 0;
400 icsk->icsk_ack.pending &= ~(ICSK_ACK_SCHED | ICSK_ACK_TIMER);
403 static bool mptcp_established_options_mp(struct sock *sk, struct sk_buff *skb,
405 unsigned int remaining,
406 struct mptcp_out_options *opts)
408 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
409 struct mptcp_ext *mpext;
410 unsigned int data_len;
412 /* When skb is not available, we better over-estimate the emitted
413 * options len. A full DSS option (28 bytes) is longer than
414 * TCPOLEN_MPTCP_MPC_ACK_DATA(22) or TCPOLEN_MPTCP_MPJ_ACK(24), so
415 * tell the caller to defer the estimate to
416 * mptcp_established_options_dss(), which will reserve enough space.
421 /* MPC/MPJ needed only on 3rd ack packet */
422 if (subflow->fully_established ||
423 subflow->snd_isn != TCP_SKB_CB(skb)->seq)
426 if (subflow->mp_capable) {
427 mpext = mptcp_get_ext(skb);
428 data_len = mpext ? mpext->data_len : 0;
430 /* we will check ext_copy.data_len in mptcp_write_options() to
431 * discriminate between TCPOLEN_MPTCP_MPC_ACK_DATA and
432 * TCPOLEN_MPTCP_MPC_ACK
434 opts->ext_copy.data_len = data_len;
435 opts->suboptions = OPTION_MPTCP_MPC_ACK;
436 opts->sndr_key = subflow->local_key;
437 opts->rcvr_key = subflow->remote_key;
440 * The MP_CAPABLE option is carried on the SYN, SYN/ACK, and ACK
441 * packets that start the first subflow of an MPTCP connection,
442 * as well as the first packet that carries data
445 *size = ALIGN(TCPOLEN_MPTCP_MPC_ACK_DATA, 4);
447 *size = TCPOLEN_MPTCP_MPC_ACK;
449 pr_debug("subflow=%p, local_key=%llu, remote_key=%llu map_len=%d",
450 subflow, subflow->local_key, subflow->remote_key,
454 } else if (subflow->mp_join) {
455 opts->suboptions = OPTION_MPTCP_MPJ_ACK;
456 memcpy(opts->hmac, subflow->hmac, MPTCPOPT_HMAC_LEN);
457 *size = TCPOLEN_MPTCP_MPJ_ACK;
458 pr_debug("subflow=%p", subflow);
460 schedule_3rdack_retransmission(sk);
466 static void mptcp_write_data_fin(struct mptcp_subflow_context *subflow,
467 struct sk_buff *skb, struct mptcp_ext *ext)
469 /* The write_seq value has already been incremented, so the actual
470 * sequence number for the DATA_FIN is one less.
472 u64 data_fin_tx_seq = READ_ONCE(mptcp_sk(subflow->conn)->write_seq) - 1;
474 if (!ext->use_map || !skb->len) {
475 /* RFC6824 requires a DSS mapping with specific values
476 * if DATA_FIN is set but no data payload is mapped
481 ext->data_seq = data_fin_tx_seq;
482 ext->subflow_seq = 0;
484 } else if (ext->data_seq + ext->data_len == data_fin_tx_seq) {
485 /* If there's an existing DSS mapping and it is the
486 * final mapping, DATA_FIN consumes 1 additional byte of
494 static bool mptcp_established_options_dss(struct sock *sk, struct sk_buff *skb,
496 unsigned int remaining,
497 struct mptcp_out_options *opts)
499 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
500 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
501 u64 snd_data_fin_enable, ack_seq;
502 unsigned int dss_size = 0;
503 struct mptcp_ext *mpext;
504 unsigned int ack_size;
507 mpext = skb ? mptcp_get_ext(skb) : NULL;
508 snd_data_fin_enable = mptcp_data_fin_enabled(msk);
510 if (!skb || (mpext && mpext->use_map) || snd_data_fin_enable) {
511 unsigned int map_size;
513 map_size = TCPOLEN_MPTCP_DSS_BASE + TCPOLEN_MPTCP_DSS_MAP64;
515 remaining -= map_size;
518 opts->ext_copy = *mpext;
520 if (skb && snd_data_fin_enable)
521 mptcp_write_data_fin(subflow, skb, &opts->ext_copy);
525 /* passive sockets msk will set the 'can_ack' after accept(), even
526 * if the first subflow may have the already the remote key handy
528 opts->ext_copy.use_ack = 0;
529 if (!READ_ONCE(msk->can_ack)) {
530 *size = ALIGN(dss_size, 4);
534 ack_seq = READ_ONCE(msk->ack_seq);
535 if (READ_ONCE(msk->use_64bit_ack)) {
536 ack_size = TCPOLEN_MPTCP_DSS_ACK64;
537 opts->ext_copy.data_ack = ack_seq;
538 opts->ext_copy.ack64 = 1;
540 ack_size = TCPOLEN_MPTCP_DSS_ACK32;
541 opts->ext_copy.data_ack32 = (uint32_t)ack_seq;
542 opts->ext_copy.ack64 = 0;
544 opts->ext_copy.use_ack = 1;
545 WRITE_ONCE(msk->old_wspace, __mptcp_space((struct sock *)msk));
547 /* Add kind/length/subtype/flag overhead if mapping is not populated */
549 ack_size += TCPOLEN_MPTCP_DSS_BASE;
551 dss_size += ack_size;
553 *size = ALIGN(dss_size, 4);
557 static u64 add_addr_generate_hmac(u64 key1, u64 key2, u8 addr_id,
558 struct in_addr *addr)
560 u8 hmac[SHA256_DIGEST_SIZE];
564 memcpy(&msg[1], &addr->s_addr, 4);
568 mptcp_crypto_hmac_sha(key1, key2, msg, 7, hmac);
570 return get_unaligned_be64(&hmac[SHA256_DIGEST_SIZE - sizeof(u64)]);
573 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
574 static u64 add_addr6_generate_hmac(u64 key1, u64 key2, u8 addr_id,
575 struct in6_addr *addr)
577 u8 hmac[SHA256_DIGEST_SIZE];
581 memcpy(&msg[1], &addr->s6_addr, 16);
585 mptcp_crypto_hmac_sha(key1, key2, msg, 19, hmac);
587 return get_unaligned_be64(&hmac[SHA256_DIGEST_SIZE - sizeof(u64)]);
591 static bool mptcp_established_options_add_addr(struct sock *sk, struct sk_buff *skb,
593 unsigned int remaining,
594 struct mptcp_out_options *opts)
596 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
597 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
598 bool drop_other_suboptions = false;
599 unsigned int opt_size = *size;
600 struct mptcp_addr_info saddr;
605 if ((mptcp_pm_should_add_signal_ipv6(msk) ||
606 mptcp_pm_should_add_signal_port(msk)) &&
607 skb && skb_is_tcp_pure_ack(skb)) {
608 pr_debug("drop other suboptions");
609 opts->suboptions = 0;
610 opts->ext_copy.use_ack = 0;
611 opts->ext_copy.use_map = 0;
612 remaining += opt_size;
613 drop_other_suboptions = true;
616 if (!mptcp_pm_should_add_signal(msk) ||
617 !(mptcp_pm_add_addr_signal(msk, remaining, &saddr, &echo, &port)))
620 len = mptcp_add_addr_len(saddr.family, echo, port);
625 if (drop_other_suboptions)
627 opts->addr_id = saddr.id;
629 opts->port = ntohs(saddr.port);
630 if (saddr.family == AF_INET) {
631 opts->suboptions |= OPTION_MPTCP_ADD_ADDR;
632 opts->addr = saddr.addr;
634 opts->ahmac = add_addr_generate_hmac(msk->local_key,
640 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
641 else if (saddr.family == AF_INET6) {
642 opts->suboptions |= OPTION_MPTCP_ADD_ADDR6;
643 opts->addr6 = saddr.addr6;
645 opts->ahmac = add_addr6_generate_hmac(msk->local_key,
652 pr_debug("addr_id=%d, ahmac=%llu, echo=%d, port=%d",
653 opts->addr_id, opts->ahmac, echo, opts->port);
658 static bool mptcp_established_options_rm_addr(struct sock *sk,
660 unsigned int remaining,
661 struct mptcp_out_options *opts)
663 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
664 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
667 if (!mptcp_pm_should_rm_signal(msk) ||
668 !(mptcp_pm_rm_addr_signal(msk, remaining, &rm_id)))
671 if (remaining < TCPOLEN_MPTCP_RM_ADDR_BASE)
674 *size = TCPOLEN_MPTCP_RM_ADDR_BASE;
675 opts->suboptions |= OPTION_MPTCP_RM_ADDR;
678 pr_debug("rm_id=%d", opts->rm_id);
683 bool mptcp_established_options(struct sock *sk, struct sk_buff *skb,
684 unsigned int *size, unsigned int remaining,
685 struct mptcp_out_options *opts)
687 unsigned int opt_size = 0;
690 opts->suboptions = 0;
692 if (unlikely(mptcp_check_fallback(sk)))
695 /* prevent adding of any MPTCP related options on reset packet
696 * until we support MP_TCPRST/MP_FASTCLOSE
698 if (unlikely(skb && TCP_SKB_CB(skb)->tcp_flags & TCPHDR_RST))
701 if (mptcp_established_options_mp(sk, skb, &opt_size, remaining, opts))
703 else if (mptcp_established_options_dss(sk, skb, &opt_size, remaining,
707 /* we reserved enough space for the above options, and exceeding the
708 * TCP option space would be fatal
710 if (WARN_ON_ONCE(opt_size > remaining))
714 remaining -= opt_size;
715 if (mptcp_established_options_add_addr(sk, skb, &opt_size, remaining, opts)) {
717 remaining -= opt_size;
719 } else if (mptcp_established_options_rm_addr(sk, &opt_size, remaining, opts)) {
721 remaining -= opt_size;
728 bool mptcp_synack_options(const struct request_sock *req, unsigned int *size,
729 struct mptcp_out_options *opts)
731 struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
733 if (subflow_req->mp_capable) {
734 opts->suboptions = OPTION_MPTCP_MPC_SYNACK;
735 opts->sndr_key = subflow_req->local_key;
736 *size = TCPOLEN_MPTCP_MPC_SYNACK;
737 pr_debug("subflow_req=%p, local_key=%llu",
738 subflow_req, subflow_req->local_key);
740 } else if (subflow_req->mp_join) {
741 opts->suboptions = OPTION_MPTCP_MPJ_SYNACK;
742 opts->backup = subflow_req->backup;
743 opts->join_id = subflow_req->local_id;
744 opts->thmac = subflow_req->thmac;
745 opts->nonce = subflow_req->local_nonce;
746 pr_debug("req=%p, bkup=%u, id=%u, thmac=%llu, nonce=%u",
747 subflow_req, opts->backup, opts->join_id,
748 opts->thmac, opts->nonce);
749 *size = TCPOLEN_MPTCP_MPJ_SYNACK;
755 static bool check_fully_established(struct mptcp_sock *msk, struct sock *ssk,
756 struct mptcp_subflow_context *subflow,
758 struct mptcp_options_received *mp_opt)
760 /* here we can process OoO, in-window pkts, only in-sequence 4th ack
761 * will make the subflow fully established
763 if (likely(subflow->fully_established)) {
764 /* on passive sockets, check for 3rd ack retransmission
765 * note that msk is always set by subflow_syn_recv_sock()
766 * for mp_join subflows
768 if (TCP_SKB_CB(skb)->seq == subflow->ssn_offset + 1 &&
769 TCP_SKB_CB(skb)->end_seq == TCP_SKB_CB(skb)->seq &&
770 subflow->mp_join && mp_opt->mp_join &&
771 READ_ONCE(msk->pm.server_side))
773 goto fully_established;
776 /* we must process OoO packets before the first subflow is fully
777 * established. OoO packets are instead a protocol violation
778 * for MP_JOIN subflows as the peer must not send any data
779 * before receiving the forth ack - cfr. RFC 8684 section 3.2.
781 if (TCP_SKB_CB(skb)->seq != subflow->ssn_offset + 1) {
782 if (subflow->mp_join)
784 return subflow->mp_capable;
787 if (mp_opt->dss && mp_opt->use_ack) {
788 /* subflows are fully established as soon as we get any
791 subflow->fully_established = 1;
792 WRITE_ONCE(msk->fully_established, true);
793 goto fully_established;
796 if (mp_opt->add_addr) {
797 WRITE_ONCE(msk->fully_established, true);
801 /* If the first established packet does not contain MP_CAPABLE + data
802 * then fallback to TCP. Fallback scenarios requires a reset for
805 if (!mp_opt->mp_capable) {
806 if (subflow->mp_join)
808 subflow->mp_capable = 0;
810 __mptcp_do_fallback(msk);
814 if (unlikely(!READ_ONCE(msk->pm.server_side)))
815 pr_warn_once("bogus mpc option on established client sk");
816 mptcp_subflow_fully_established(subflow, mp_opt);
819 /* if the subflow is not already linked into the conn_list, we can't
820 * notify the PM: this subflow is still on the listener queue
821 * and the PM possibly acquiring the subflow lock could race with
824 if (likely(subflow->pm_notified) || list_empty(&subflow->node))
827 subflow->pm_notified = 1;
828 if (subflow->mp_join) {
829 clear_3rdack_retransmission(ssk);
830 mptcp_pm_subflow_established(msk, subflow);
832 mptcp_pm_fully_established(msk);
837 mptcp_subflow_reset(ssk);
841 static u64 expand_ack(u64 old_ack, u64 cur_ack, bool use_64bit)
843 u32 old_ack32, cur_ack32;
848 old_ack32 = (u32)old_ack;
849 cur_ack32 = (u32)cur_ack;
850 cur_ack = (old_ack & GENMASK_ULL(63, 32)) + cur_ack32;
851 if (unlikely(before(cur_ack32, old_ack32)))
852 return cur_ack + (1LL << 32);
856 static void ack_update_msk(struct mptcp_sock *msk,
858 struct mptcp_options_received *mp_opt)
860 u64 new_wnd_end, new_snd_una, snd_nxt = READ_ONCE(msk->snd_nxt);
861 struct sock *sk = (struct sock *)msk;
866 /* avoid ack expansion on update conflict, to reduce the risk of
867 * wrongly expanding to a future ack sequence number, which is way
868 * more dangerous than missing an ack
870 old_snd_una = msk->snd_una;
871 new_snd_una = expand_ack(old_snd_una, mp_opt->data_ack, mp_opt->ack64);
873 /* ACK for data not even sent yet? Ignore. */
874 if (after64(new_snd_una, snd_nxt))
875 new_snd_una = old_snd_una;
877 new_wnd_end = new_snd_una + tcp_sk(ssk)->snd_wnd;
879 if (after64(new_wnd_end, msk->wnd_end))
880 msk->wnd_end = new_wnd_end;
882 /* this assumes mptcp_incoming_options() is invoked after tcp_ack() */
883 if (after64(msk->wnd_end, READ_ONCE(msk->snd_nxt)) &&
884 sk_stream_memory_free(ssk))
885 __mptcp_check_push(sk, ssk);
887 if (after64(new_snd_una, old_snd_una)) {
888 msk->snd_una = new_snd_una;
889 __mptcp_data_acked(sk);
891 mptcp_data_unlock(sk);
894 bool mptcp_update_rcv_data_fin(struct mptcp_sock *msk, u64 data_fin_seq, bool use_64bit)
896 /* Skip if DATA_FIN was already received.
897 * If updating simultaneously with the recvmsg loop, values
898 * should match. If they mismatch, the peer is misbehaving and
899 * we will prefer the most recent information.
901 if (READ_ONCE(msk->rcv_data_fin) || !READ_ONCE(msk->first))
904 WRITE_ONCE(msk->rcv_data_fin_seq,
905 expand_ack(READ_ONCE(msk->ack_seq), data_fin_seq, use_64bit));
906 WRITE_ONCE(msk->rcv_data_fin, 1);
911 static bool add_addr_hmac_valid(struct mptcp_sock *msk,
912 struct mptcp_options_received *mp_opt)
919 if (mp_opt->family == MPTCP_ADDR_IPVERSION_4)
920 hmac = add_addr_generate_hmac(msk->remote_key,
922 mp_opt->addr_id, &mp_opt->addr);
923 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
925 hmac = add_addr6_generate_hmac(msk->remote_key,
927 mp_opt->addr_id, &mp_opt->addr6);
930 pr_debug("msk=%p, ahmac=%llu, mp_opt->ahmac=%llu\n",
931 msk, (unsigned long long)hmac,
932 (unsigned long long)mp_opt->ahmac);
934 return hmac == mp_opt->ahmac;
937 void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb)
939 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
940 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
941 struct mptcp_options_received mp_opt;
942 struct mptcp_ext *mpext;
944 if (__mptcp_check_fallback(msk)) {
945 /* Keep it simple and unconditionally trigger send data cleanup and
946 * pending queue spooling. We will need to acquire the data lock
947 * for more accurate checks, and once the lock is acquired, such
950 mptcp_data_lock(subflow->conn);
951 if (sk_stream_memory_free(sk))
952 __mptcp_check_push(subflow->conn, sk);
953 __mptcp_data_acked(subflow->conn);
954 mptcp_data_unlock(subflow->conn);
958 mptcp_get_options(skb, &mp_opt);
959 if (!check_fully_established(msk, sk, subflow, skb, &mp_opt))
962 if (mp_opt.fastclose &&
963 msk->local_key == mp_opt.rcvr_key) {
964 WRITE_ONCE(msk->rcv_fastclose, true);
965 mptcp_schedule_work((struct sock *)msk);
968 if (mp_opt.add_addr && add_addr_hmac_valid(msk, &mp_opt)) {
969 struct mptcp_addr_info addr;
971 addr.port = htons(mp_opt.port);
972 addr.id = mp_opt.addr_id;
973 if (mp_opt.family == MPTCP_ADDR_IPVERSION_4) {
974 addr.family = AF_INET;
975 addr.addr = mp_opt.addr;
977 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
978 else if (mp_opt.family == MPTCP_ADDR_IPVERSION_6) {
979 addr.family = AF_INET6;
980 addr.addr6 = mp_opt.addr6;
984 mptcp_pm_add_addr_received(msk, &addr);
985 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ADDADDR);
987 mptcp_pm_del_add_timer(msk, &addr);
988 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ECHOADD);
993 if (mp_opt.rm_addr) {
994 mptcp_pm_rm_addr_received(msk, mp_opt.rm_id);
1001 /* we can't wait for recvmsg() to update the ack_seq, otherwise
1002 * monodirectional flows will stuck
1005 ack_update_msk(msk, sk, &mp_opt);
1007 /* Zero-data-length packets are dropped by the caller and not
1008 * propagated to the MPTCP layer, so the skb extension does not
1009 * need to be allocated or populated. DATA_FIN information, if
1010 * present, needs to be updated here before the skb is freed.
1012 if (TCP_SKB_CB(skb)->seq == TCP_SKB_CB(skb)->end_seq) {
1013 if (mp_opt.data_fin && mp_opt.data_len == 1 &&
1014 mptcp_update_rcv_data_fin(msk, mp_opt.data_seq, mp_opt.dsn64) &&
1015 schedule_work(&msk->work))
1016 sock_hold(subflow->conn);
1021 mpext = skb_ext_add(skb, SKB_EXT_MPTCP);
1025 memset(mpext, 0, sizeof(*mpext));
1027 if (mp_opt.use_map) {
1028 if (mp_opt.mpc_map) {
1029 /* this is an MP_CAPABLE carrying MPTCP data
1030 * we know this map the first chunk of data
1032 mptcp_crypto_key_sha(subflow->remote_key, NULL,
1035 mpext->subflow_seq = 1;
1038 mpext->data_fin = 0;
1040 mpext->data_seq = mp_opt.data_seq;
1041 mpext->subflow_seq = mp_opt.subflow_seq;
1042 mpext->dsn64 = mp_opt.dsn64;
1043 mpext->data_fin = mp_opt.data_fin;
1045 mpext->data_len = mp_opt.data_len;
1050 static void mptcp_set_rwin(const struct tcp_sock *tp)
1052 const struct sock *ssk = (const struct sock *)tp;
1053 const struct mptcp_subflow_context *subflow;
1054 struct mptcp_sock *msk;
1057 subflow = mptcp_subflow_ctx(ssk);
1058 msk = mptcp_sk(subflow->conn);
1060 ack_seq = READ_ONCE(msk->ack_seq) + tp->rcv_wnd;
1062 if (after64(ack_seq, READ_ONCE(msk->rcv_wnd_sent)))
1063 WRITE_ONCE(msk->rcv_wnd_sent, ack_seq);
1066 void mptcp_write_options(__be32 *ptr, const struct tcp_sock *tp,
1067 struct mptcp_out_options *opts)
1069 if ((OPTION_MPTCP_MPC_SYN | OPTION_MPTCP_MPC_SYNACK |
1070 OPTION_MPTCP_MPC_ACK) & opts->suboptions) {
1073 if (OPTION_MPTCP_MPC_SYN & opts->suboptions)
1074 len = TCPOLEN_MPTCP_MPC_SYN;
1075 else if (OPTION_MPTCP_MPC_SYNACK & opts->suboptions)
1076 len = TCPOLEN_MPTCP_MPC_SYNACK;
1077 else if (opts->ext_copy.data_len)
1078 len = TCPOLEN_MPTCP_MPC_ACK_DATA;
1080 len = TCPOLEN_MPTCP_MPC_ACK;
1082 *ptr++ = mptcp_option(MPTCPOPT_MP_CAPABLE, len,
1083 MPTCP_SUPPORTED_VERSION,
1084 MPTCP_CAP_HMAC_SHA256);
1086 if (!((OPTION_MPTCP_MPC_SYNACK | OPTION_MPTCP_MPC_ACK) &
1088 goto mp_capable_done;
1090 put_unaligned_be64(opts->sndr_key, ptr);
1092 if (!((OPTION_MPTCP_MPC_ACK) & opts->suboptions))
1093 goto mp_capable_done;
1095 put_unaligned_be64(opts->rcvr_key, ptr);
1097 if (!opts->ext_copy.data_len)
1098 goto mp_capable_done;
1100 put_unaligned_be32(opts->ext_copy.data_len << 16 |
1101 TCPOPT_NOP << 8 | TCPOPT_NOP, ptr);
1106 if ((OPTION_MPTCP_ADD_ADDR
1107 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1108 | OPTION_MPTCP_ADD_ADDR6
1110 ) & opts->suboptions) {
1111 u8 len = TCPOLEN_MPTCP_ADD_ADDR_BASE;
1112 u8 echo = MPTCP_ADDR_ECHO;
1114 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1115 if (OPTION_MPTCP_ADD_ADDR6 & opts->suboptions)
1116 len = TCPOLEN_MPTCP_ADD_ADDR6_BASE;
1120 len += TCPOLEN_MPTCP_PORT_LEN;
1123 len += sizeof(opts->ahmac);
1127 *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR,
1128 len, echo, opts->addr_id);
1129 if (OPTION_MPTCP_ADD_ADDR & opts->suboptions) {
1130 memcpy((u8 *)ptr, (u8 *)&opts->addr.s_addr, 4);
1133 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1134 else if (OPTION_MPTCP_ADD_ADDR6 & opts->suboptions) {
1135 memcpy((u8 *)ptr, opts->addr6.s6_addr, 16);
1142 put_unaligned_be64(opts->ahmac, ptr);
1147 u8 *bptr = (u8 *)ptr;
1149 put_unaligned_be16(opts->port, bptr);
1151 put_unaligned_be64(opts->ahmac, bptr);
1153 put_unaligned_be16(TCPOPT_NOP << 8 |
1158 put_unaligned_be32(opts->port << 16 |
1166 if (OPTION_MPTCP_RM_ADDR & opts->suboptions) {
1167 *ptr++ = mptcp_option(MPTCPOPT_RM_ADDR,
1168 TCPOLEN_MPTCP_RM_ADDR_BASE,
1172 if (OPTION_MPTCP_MPJ_SYN & opts->suboptions) {
1173 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
1174 TCPOLEN_MPTCP_MPJ_SYN,
1175 opts->backup, opts->join_id);
1176 put_unaligned_be32(opts->token, ptr);
1178 put_unaligned_be32(opts->nonce, ptr);
1182 if (OPTION_MPTCP_MPJ_SYNACK & opts->suboptions) {
1183 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
1184 TCPOLEN_MPTCP_MPJ_SYNACK,
1185 opts->backup, opts->join_id);
1186 put_unaligned_be64(opts->thmac, ptr);
1188 put_unaligned_be32(opts->nonce, ptr);
1192 if (OPTION_MPTCP_MPJ_ACK & opts->suboptions) {
1193 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN,
1194 TCPOLEN_MPTCP_MPJ_ACK, 0, 0);
1195 memcpy(ptr, opts->hmac, MPTCPOPT_HMAC_LEN);
1199 if (opts->ext_copy.use_ack || opts->ext_copy.use_map) {
1200 struct mptcp_ext *mpext = &opts->ext_copy;
1201 u8 len = TCPOLEN_MPTCP_DSS_BASE;
1204 if (mpext->use_ack) {
1205 flags = MPTCP_DSS_HAS_ACK;
1207 len += TCPOLEN_MPTCP_DSS_ACK64;
1208 flags |= MPTCP_DSS_ACK64;
1210 len += TCPOLEN_MPTCP_DSS_ACK32;
1214 if (mpext->use_map) {
1215 len += TCPOLEN_MPTCP_DSS_MAP64;
1217 /* Use only 64-bit mapping flags for now, add
1218 * support for optional 32-bit mappings later.
1220 flags |= MPTCP_DSS_HAS_MAP | MPTCP_DSS_DSN64;
1221 if (mpext->data_fin)
1222 flags |= MPTCP_DSS_DATA_FIN;
1225 *ptr++ = mptcp_option(MPTCPOPT_DSS, len, 0, flags);
1227 if (mpext->use_ack) {
1229 put_unaligned_be64(mpext->data_ack, ptr);
1232 put_unaligned_be32(mpext->data_ack32, ptr);
1237 if (mpext->use_map) {
1238 put_unaligned_be64(mpext->data_seq, ptr);
1240 put_unaligned_be32(mpext->subflow_seq, ptr);
1242 put_unaligned_be32(mpext->data_len << 16 |
1243 TCPOPT_NOP << 8 | TCPOPT_NOP, ptr);
projects / linux-2.6-microblaze.git / blob