1 // SPDX-License-Identifier: GPL-2.0
4 * Copyright (c) 2017 - 2019, Intel Corporation.
7 #define pr_fmt(fmt) "MPTCP: " fmt
9 #include <linux/kernel.h>
10 #include <linux/module.h>
11 #include <linux/netdevice.h>
12 #include <linux/sched/signal.h>
13 #include <linux/atomic.h>
15 #include <net/inet_common.h>
16 #include <net/inet_hashtables.h>
17 #include <net/protocol.h>
19 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
20 #include <net/transp_v6.h>
22 #include <net/mptcp.h>
26 #define MPTCP_SAME_STATE TCP_MAX_STATES
28 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
30 struct mptcp_sock msk;
39 #define MPTCP_SKB_CB(__skb) ((struct mptcp_skb_cb *)&((__skb)->cb[0]))
41 static struct percpu_counter mptcp_sockets_allocated;
43 /* If msk has an initial subflow socket, and the MP_CAPABLE handshake has not
44 * completed yet or has failed, return the subflow socket.
45 * Otherwise return NULL.
47 static struct socket *__mptcp_nmpc_socket(const struct mptcp_sock *msk)
49 if (!msk->subflow || READ_ONCE(msk->can_ack))
55 static bool mptcp_is_tcpsk(struct sock *sk)
57 struct socket *sock = sk->sk_socket;
59 if (unlikely(sk->sk_prot == &tcp_prot)) {
60 /* we are being invoked after mptcp_accept() has
61 * accepted a non-mp-capable flow: sk is a tcp_sk,
64 * Hand the socket over to tcp so all further socket ops
67 sock->ops = &inet_stream_ops;
69 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
70 } else if (unlikely(sk->sk_prot == &tcpv6_prot)) {
71 sock->ops = &inet6_stream_ops;
79 static struct sock *__mptcp_tcp_fallback(struct mptcp_sock *msk)
81 sock_owned_by_me((const struct sock *)msk);
83 if (likely(!__mptcp_check_fallback(msk)))
89 static int __mptcp_socket_create(struct mptcp_sock *msk)
91 struct mptcp_subflow_context *subflow;
92 struct sock *sk = (struct sock *)msk;
96 err = mptcp_subflow_create_socket(sk, &ssock);
100 msk->first = ssock->sk;
101 msk->subflow = ssock;
102 subflow = mptcp_subflow_ctx(ssock->sk);
103 list_add(&subflow->node, &msk->conn_list);
104 subflow->request_mptcp = 1;
106 /* accept() will wait on first subflow sk_wq, and we always wakes up
109 RCU_INIT_POINTER(msk->first->sk_wq, &sk->sk_socket->wq);
114 static void __mptcp_move_skb(struct mptcp_sock *msk, struct sock *ssk,
116 unsigned int offset, size_t copy_len)
118 struct sock *sk = (struct sock *)msk;
119 struct sk_buff *tail;
121 __skb_unlink(skb, &ssk->sk_receive_queue);
125 msk->ack_seq += copy_len;
127 tail = skb_peek_tail(&sk->sk_receive_queue);
128 if (offset == 0 && tail) {
132 if (skb_try_coalesce(tail, skb, &fragstolen, &delta)) {
133 kfree_skb_partial(skb, fragstolen);
134 atomic_add(delta, &sk->sk_rmem_alloc);
135 sk_mem_charge(sk, delta);
140 skb_set_owner_r(skb, sk);
141 __skb_queue_tail(&sk->sk_receive_queue, skb);
142 MPTCP_SKB_CB(skb)->offset = offset;
145 /* both sockets must be locked */
146 static bool mptcp_subflow_dsn_valid(const struct mptcp_sock *msk,
149 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
150 u64 dsn = mptcp_subflow_get_mapped_dsn(subflow);
152 /* revalidate data sequence number.
154 * mptcp_subflow_data_available() is usually called
155 * without msk lock. Its unlikely (but possible)
156 * that msk->ack_seq has been advanced since the last
157 * call found in-sequence data.
159 if (likely(dsn == msk->ack_seq))
162 subflow->data_avail = 0;
163 return mptcp_subflow_data_available(ssk);
166 static bool __mptcp_move_skbs_from_subflow(struct mptcp_sock *msk,
170 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
171 struct sock *sk = (struct sock *)msk;
172 unsigned int moved = 0;
173 bool more_data_avail;
177 if (!mptcp_subflow_dsn_valid(msk, ssk)) {
184 u32 map_remaining, offset;
185 u32 seq = tp->copied_seq;
189 /* try to move as much data as available */
190 map_remaining = subflow->map_data_len -
191 mptcp_subflow_get_map_offset(subflow);
193 skb = skb_peek(&ssk->sk_receive_queue);
197 if (__mptcp_check_fallback(msk)) {
198 /* if we are running under the workqueue, TCP could have
199 * collapsed skbs between dummy map creation and now
200 * be sure to adjust the size
202 map_remaining = skb->len;
203 subflow->map_data_len = skb->len;
206 offset = seq - TCP_SKB_CB(skb)->seq;
207 fin = TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN;
213 if (offset < skb->len) {
214 size_t len = skb->len - offset;
219 __mptcp_move_skb(msk, ssk, skb, offset, len);
223 if (WARN_ON_ONCE(map_remaining < len))
227 sk_eat_skb(ssk, skb);
231 WRITE_ONCE(tp->copied_seq, seq);
232 more_data_avail = mptcp_subflow_data_available(ssk);
234 if (atomic_read(&sk->sk_rmem_alloc) > READ_ONCE(sk->sk_rcvbuf)) {
238 } while (more_data_avail);
245 /* In most cases we will be able to lock the mptcp socket. If its already
246 * owned, we need to defer to the work queue to avoid ABBA deadlock.
248 static bool move_skbs_to_msk(struct mptcp_sock *msk, struct sock *ssk)
250 struct sock *sk = (struct sock *)msk;
251 unsigned int moved = 0;
253 if (READ_ONCE(sk->sk_lock.owned))
256 if (unlikely(!spin_trylock_bh(&sk->sk_lock.slock)))
259 /* must re-check after taking the lock */
260 if (!READ_ONCE(sk->sk_lock.owned))
261 __mptcp_move_skbs_from_subflow(msk, ssk, &moved);
263 spin_unlock_bh(&sk->sk_lock.slock);
268 void mptcp_data_ready(struct sock *sk, struct sock *ssk)
270 struct mptcp_sock *msk = mptcp_sk(sk);
272 set_bit(MPTCP_DATA_READY, &msk->flags);
274 if (atomic_read(&sk->sk_rmem_alloc) < READ_ONCE(sk->sk_rcvbuf) &&
275 move_skbs_to_msk(msk, ssk))
278 /* don't schedule if mptcp sk is (still) over limit */
279 if (atomic_read(&sk->sk_rmem_alloc) > READ_ONCE(sk->sk_rcvbuf))
282 /* mptcp socket is owned, release_cb should retry */
283 if (!test_and_set_bit(TCP_DELACK_TIMER_DEFERRED,
284 &sk->sk_tsq_flags)) {
287 /* need to try again, its possible release_cb() has already
288 * been called after the test_and_set_bit() above.
290 move_skbs_to_msk(msk, ssk);
293 sk->sk_data_ready(sk);
296 static void __mptcp_flush_join_list(struct mptcp_sock *msk)
298 if (likely(list_empty(&msk->join_list)))
301 spin_lock_bh(&msk->join_list_lock);
302 list_splice_tail_init(&msk->join_list, &msk->conn_list);
303 spin_unlock_bh(&msk->join_list_lock);
306 static void mptcp_set_timeout(const struct sock *sk, const struct sock *ssk)
308 long tout = ssk && inet_csk(ssk)->icsk_pending ?
309 inet_csk(ssk)->icsk_timeout - jiffies : 0;
312 tout = mptcp_sk(sk)->timer_ival;
313 mptcp_sk(sk)->timer_ival = tout > 0 ? tout : TCP_RTO_MIN;
316 static bool mptcp_timer_pending(struct sock *sk)
318 return timer_pending(&inet_csk(sk)->icsk_retransmit_timer);
321 static void mptcp_reset_timer(struct sock *sk)
323 struct inet_connection_sock *icsk = inet_csk(sk);
326 /* should never be called with mptcp level timer cleared */
327 tout = READ_ONCE(mptcp_sk(sk)->timer_ival);
328 if (WARN_ON_ONCE(!tout))
330 sk_reset_timer(sk, &icsk->icsk_retransmit_timer, jiffies + tout);
333 void mptcp_data_acked(struct sock *sk)
335 mptcp_reset_timer(sk);
337 if (!sk_stream_is_writeable(sk) &&
338 schedule_work(&mptcp_sk(sk)->work))
342 void mptcp_subflow_eof(struct sock *sk)
344 struct mptcp_sock *msk = mptcp_sk(sk);
346 if (!test_and_set_bit(MPTCP_WORK_EOF, &msk->flags) &&
347 schedule_work(&msk->work))
351 static void mptcp_check_for_eof(struct mptcp_sock *msk)
353 struct mptcp_subflow_context *subflow;
354 struct sock *sk = (struct sock *)msk;
357 mptcp_for_each_subflow(msk, subflow)
358 receivers += !subflow->rx_eof;
360 if (!receivers && !(sk->sk_shutdown & RCV_SHUTDOWN)) {
361 /* hopefully temporary hack: propagate shutdown status
362 * to msk, when all subflows agree on it
364 sk->sk_shutdown |= RCV_SHUTDOWN;
366 smp_mb__before_atomic(); /* SHUTDOWN must be visible first */
367 set_bit(MPTCP_DATA_READY, &msk->flags);
368 sk->sk_data_ready(sk);
372 static void mptcp_stop_timer(struct sock *sk)
374 struct inet_connection_sock *icsk = inet_csk(sk);
376 sk_stop_timer(sk, &icsk->icsk_retransmit_timer);
377 mptcp_sk(sk)->timer_ival = 0;
380 static bool mptcp_ext_cache_refill(struct mptcp_sock *msk)
382 const struct sock *sk = (const struct sock *)msk;
384 if (!msk->cached_ext)
385 msk->cached_ext = __skb_ext_alloc(sk->sk_allocation);
387 return !!msk->cached_ext;
390 static struct sock *mptcp_subflow_recv_lookup(const struct mptcp_sock *msk)
392 struct mptcp_subflow_context *subflow;
393 struct sock *sk = (struct sock *)msk;
395 sock_owned_by_me(sk);
397 mptcp_for_each_subflow(msk, subflow) {
398 if (subflow->data_avail)
399 return mptcp_subflow_tcp_sock(subflow);
405 static bool mptcp_skb_can_collapse_to(u64 write_seq,
406 const struct sk_buff *skb,
407 const struct mptcp_ext *mpext)
409 if (!tcp_skb_can_collapse_to(skb))
412 /* can collapse only if MPTCP level sequence is in order */
413 return mpext && mpext->data_seq + mpext->data_len == write_seq;
416 static bool mptcp_frag_can_collapse_to(const struct mptcp_sock *msk,
417 const struct page_frag *pfrag,
418 const struct mptcp_data_frag *df)
420 return df && pfrag->page == df->page &&
421 df->data_seq + df->data_len == msk->write_seq;
424 static void dfrag_uncharge(struct sock *sk, int len)
426 sk_mem_uncharge(sk, len);
427 sk_wmem_queued_add(sk, -len);
430 static void dfrag_clear(struct sock *sk, struct mptcp_data_frag *dfrag)
432 int len = dfrag->data_len + dfrag->overhead;
434 list_del(&dfrag->list);
435 dfrag_uncharge(sk, len);
436 put_page(dfrag->page);
439 static void mptcp_clean_una(struct sock *sk)
441 struct mptcp_sock *msk = mptcp_sk(sk);
442 struct mptcp_data_frag *dtmp, *dfrag;
443 bool cleaned = false;
446 /* on fallback we just need to ignore snd_una, as this is really
449 if (__mptcp_check_fallback(msk))
450 atomic64_set(&msk->snd_una, msk->write_seq);
451 snd_una = atomic64_read(&msk->snd_una);
453 list_for_each_entry_safe(dfrag, dtmp, &msk->rtx_queue, list) {
454 if (after64(dfrag->data_seq + dfrag->data_len, snd_una))
457 dfrag_clear(sk, dfrag);
461 dfrag = mptcp_rtx_head(sk);
462 if (dfrag && after64(snd_una, dfrag->data_seq)) {
463 u64 delta = snd_una - dfrag->data_seq;
465 if (WARN_ON_ONCE(delta > dfrag->data_len))
468 dfrag->data_seq += delta;
469 dfrag->offset += delta;
470 dfrag->data_len -= delta;
472 dfrag_uncharge(sk, delta);
478 sk_mem_reclaim_partial(sk);
480 /* Only wake up writers if a subflow is ready */
481 if (test_bit(MPTCP_SEND_SPACE, &msk->flags))
482 sk_stream_write_space(sk);
486 /* ensure we get enough memory for the frag hdr, beyond some minimal amount of
489 static bool mptcp_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
491 if (likely(skb_page_frag_refill(32U + sizeof(struct mptcp_data_frag),
492 pfrag, sk->sk_allocation)))
495 sk->sk_prot->enter_memory_pressure(sk);
496 sk_stream_moderate_sndbuf(sk);
500 static struct mptcp_data_frag *
501 mptcp_carve_data_frag(const struct mptcp_sock *msk, struct page_frag *pfrag,
504 int offset = ALIGN(orig_offset, sizeof(long));
505 struct mptcp_data_frag *dfrag;
507 dfrag = (struct mptcp_data_frag *)(page_to_virt(pfrag->page) + offset);
509 dfrag->data_seq = msk->write_seq;
510 dfrag->overhead = offset - orig_offset + sizeof(struct mptcp_data_frag);
511 dfrag->offset = offset + sizeof(struct mptcp_data_frag);
512 dfrag->page = pfrag->page;
517 static int mptcp_sendmsg_frag(struct sock *sk, struct sock *ssk,
518 struct msghdr *msg, struct mptcp_data_frag *dfrag,
519 long *timeo, int *pmss_now,
522 int mss_now, avail_size, size_goal, offset, ret, frag_truesize = 0;
523 bool dfrag_collapsed, can_collapse = false;
524 struct mptcp_sock *msk = mptcp_sk(sk);
525 struct mptcp_ext *mpext = NULL;
526 bool retransmission = !!dfrag;
527 struct sk_buff *skb, *tail;
528 struct page_frag *pfrag;
533 /* use the mptcp page cache so that we can easily move the data
534 * from one substream to another, but do per subflow memory accounting
535 * Note: pfrag is used only !retransmission, but the compiler if
536 * fooled into a warning if we don't init here
538 pfrag = sk_page_frag(sk);
539 if (!retransmission) {
540 write_seq = &msk->write_seq;
543 write_seq = &dfrag->data_seq;
547 /* compute copy limit */
548 mss_now = tcp_send_mss(ssk, &size_goal, msg->msg_flags);
550 *ps_goal = size_goal;
551 avail_size = size_goal;
552 skb = tcp_write_queue_tail(ssk);
554 mpext = skb_ext_find(skb, SKB_EXT_MPTCP);
556 /* Limit the write to the size available in the
557 * current skb, if any, so that we create at most a new skb.
558 * Explicitly tells TCP internals to avoid collapsing on later
559 * queue management operation, to avoid breaking the ext <->
560 * SSN association set here
562 can_collapse = (size_goal - skb->len > 0) &&
563 mptcp_skb_can_collapse_to(*write_seq, skb, mpext);
565 TCP_SKB_CB(skb)->eor = 1;
567 avail_size = size_goal - skb->len;
570 if (!retransmission) {
571 /* reuse tail pfrag, if possible, or carve a new one from the
574 dfrag = mptcp_rtx_tail(sk);
575 offset = pfrag->offset;
576 dfrag_collapsed = mptcp_frag_can_collapse_to(msk, pfrag, dfrag);
577 if (!dfrag_collapsed) {
578 dfrag = mptcp_carve_data_frag(msk, pfrag, offset);
579 offset = dfrag->offset;
580 frag_truesize = dfrag->overhead;
582 psize = min_t(size_t, pfrag->size - offset, avail_size);
585 pr_debug("left=%zu", msg_data_left(msg));
586 psize = copy_page_from_iter(pfrag->page, offset,
587 min_t(size_t, msg_data_left(msg),
590 pr_debug("left=%zu", msg_data_left(msg));
594 if (!sk_wmem_schedule(sk, psize + dfrag->overhead))
597 offset = dfrag->offset;
598 psize = min_t(size_t, dfrag->data_len, avail_size);
601 /* tell the TCP stack to delay the push so that we can safely
602 * access the skb after the sendpages call
604 ret = do_tcp_sendpages(ssk, page, offset, psize,
605 msg->msg_flags | MSG_SENDPAGE_NOTLAST | MSG_DONTWAIT);
609 frag_truesize += ret;
610 if (!retransmission) {
611 if (unlikely(ret < psize))
612 iov_iter_revert(&msg->msg_iter, psize - ret);
614 /* send successful, keep track of sent data for mptcp-level
617 dfrag->data_len += ret;
618 if (!dfrag_collapsed) {
619 get_page(dfrag->page);
620 list_add_tail(&dfrag->list, &msk->rtx_queue);
621 sk_wmem_queued_add(sk, frag_truesize);
623 sk_wmem_queued_add(sk, ret);
626 /* charge data on mptcp rtx queue to the master socket
627 * Note: we charge such data both to sk and ssk
629 sk->sk_forward_alloc -= frag_truesize;
632 /* if the tail skb extension is still the cached one, collapsing
633 * really happened. Note: we can't check for 'same skb' as the sk_buff
634 * hdr on tail can be transmitted, freed and re-allocated by the
635 * do_tcp_sendpages() call
637 tail = tcp_write_queue_tail(ssk);
638 if (mpext && tail && mpext == skb_ext_find(tail, SKB_EXT_MPTCP)) {
639 WARN_ON_ONCE(!can_collapse);
640 mpext->data_len += ret;
644 skb = tcp_write_queue_tail(ssk);
645 mpext = __skb_ext_set(skb, SKB_EXT_MPTCP, msk->cached_ext);
646 msk->cached_ext = NULL;
648 memset(mpext, 0, sizeof(*mpext));
649 mpext->data_seq = *write_seq;
650 mpext->subflow_seq = mptcp_subflow_ctx(ssk)->rel_write_seq;
651 mpext->data_len = ret;
655 pr_debug("data_seq=%llu subflow_seq=%u data_len=%u dsn64=%d",
656 mpext->data_seq, mpext->subflow_seq, mpext->data_len,
661 pfrag->offset += frag_truesize;
663 mptcp_subflow_ctx(ssk)->rel_write_seq += ret;
668 static void mptcp_nospace(struct mptcp_sock *msk, struct socket *sock)
670 clear_bit(MPTCP_SEND_SPACE, &msk->flags);
671 smp_mb__after_atomic(); /* msk->flags is changed by write_space cb */
673 /* enables sk->write_space() callbacks */
674 set_bit(SOCK_NOSPACE, &sock->flags);
677 static struct sock *mptcp_subflow_get_send(struct mptcp_sock *msk)
679 struct mptcp_subflow_context *subflow;
680 struct sock *backup = NULL;
682 sock_owned_by_me((const struct sock *)msk);
684 if (!mptcp_ext_cache_refill(msk))
687 mptcp_for_each_subflow(msk, subflow) {
688 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
690 if (!sk_stream_memory_free(ssk)) {
691 struct socket *sock = ssk->sk_socket;
694 mptcp_nospace(msk, sock);
699 if (subflow->backup) {
712 static void ssk_check_wmem(struct mptcp_sock *msk, struct sock *ssk)
716 if (likely(sk_stream_is_writeable(ssk)))
719 sock = READ_ONCE(ssk->sk_socket);
721 mptcp_nospace(msk, sock);
724 static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
726 int mss_now = 0, size_goal = 0, ret = 0;
727 struct mptcp_sock *msk = mptcp_sk(sk);
728 struct page_frag *pfrag;
734 if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL))
739 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
741 if ((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) {
742 ret = sk_stream_wait_connect(sk, &timeo);
747 pfrag = sk_page_frag(sk);
751 if (sk->sk_err || (sk->sk_shutdown & SEND_SHUTDOWN)) {
757 __mptcp_flush_join_list(msk);
758 ssk = mptcp_subflow_get_send(msk);
759 while (!sk_stream_memory_free(sk) ||
761 !mptcp_page_frag_refill(ssk, pfrag)) {
763 /* make sure retransmit timer is
764 * running before we wait for memory.
766 * The retransmit timer might be needed
767 * to make the peer send an up-to-date
770 mptcp_set_timeout(sk, ssk);
771 if (!mptcp_timer_pending(sk))
772 mptcp_reset_timer(sk);
775 ret = sk_stream_wait_memory(sk, &timeo);
781 ssk = mptcp_subflow_get_send(msk);
782 if (list_empty(&msk->conn_list)) {
788 pr_debug("conn_list->subflow=%p", ssk);
791 tx_ok = msg_data_left(msg);
793 ret = mptcp_sendmsg_frag(sk, ssk, msg, NULL, &timeo, &mss_now,
796 if (ret == -EAGAIN && timeo > 0) {
797 mptcp_set_timeout(sk, ssk);
806 tx_ok = msg_data_left(msg);
810 if (!sk_stream_memory_free(ssk) ||
811 !mptcp_page_frag_refill(ssk, pfrag) ||
812 !mptcp_ext_cache_refill(msk)) {
813 set_bit(SOCK_NOSPACE, &sk->sk_socket->flags);
814 tcp_push(ssk, msg->msg_flags, mss_now,
815 tcp_sk(ssk)->nonagle, size_goal);
816 mptcp_set_timeout(sk, ssk);
821 /* memory is charged to mptcp level socket as well, i.e.
822 * if msg is very large, mptcp socket may run out of buffer
823 * space. mptcp_clean_una() will release data that has
824 * been acked at mptcp level in the mean time, so there is
825 * a good chance we can continue sending data right away.
827 * Normally, when the tcp subflow can accept more data, then
828 * so can the MPTCP socket. However, we need to cope with
829 * peers that might lag behind in their MPTCP-level
830 * acknowledgements, i.e. data might have been acked at
831 * tcp level only. So, we must also check the MPTCP socket
832 * limits before we send more data.
834 if (unlikely(!sk_stream_memory_free(sk))) {
835 tcp_push(ssk, msg->msg_flags, mss_now,
836 tcp_sk(ssk)->nonagle, size_goal);
838 if (!sk_stream_memory_free(sk)) {
839 /* can't send more for now, need to wait for
840 * MPTCP-level ACKs from peer.
842 * Wakeup will happen via mptcp_clean_una().
844 mptcp_set_timeout(sk, ssk);
846 goto wait_for_sndbuf;
851 mptcp_set_timeout(sk, ssk);
854 tcp_push(ssk, msg->msg_flags, mss_now, tcp_sk(ssk)->nonagle,
857 /* start the timer, if it's not pending */
858 if (!mptcp_timer_pending(sk))
859 mptcp_reset_timer(sk);
862 ssk_check_wmem(msk, ssk);
869 static void mptcp_wait_data(struct sock *sk, long *timeo)
871 DEFINE_WAIT_FUNC(wait, woken_wake_function);
872 struct mptcp_sock *msk = mptcp_sk(sk);
874 add_wait_queue(sk_sleep(sk), &wait);
875 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
877 sk_wait_event(sk, timeo,
878 test_and_clear_bit(MPTCP_DATA_READY, &msk->flags), &wait);
880 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
881 remove_wait_queue(sk_sleep(sk), &wait);
884 static int __mptcp_recvmsg_mskq(struct mptcp_sock *msk,
888 struct sock *sk = (struct sock *)msk;
892 while ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) {
893 u32 offset = MPTCP_SKB_CB(skb)->offset;
894 u32 data_len = skb->len - offset;
895 u32 count = min_t(size_t, len - copied, data_len);
898 err = skb_copy_datagram_msg(skb, offset, msg, count);
899 if (unlikely(err < 0)) {
907 if (count < data_len) {
908 MPTCP_SKB_CB(skb)->offset += count;
912 __skb_unlink(skb, &sk->sk_receive_queue);
922 /* receive buffer autotuning. See tcp_rcv_space_adjust for more information.
924 * Only difference: Use highest rtt estimate of the subflows in use.
926 static void mptcp_rcv_space_adjust(struct mptcp_sock *msk, int copied)
928 struct mptcp_subflow_context *subflow;
929 struct sock *sk = (struct sock *)msk;
930 u32 time, advmss = 1;
933 sock_owned_by_me(sk);
938 msk->rcvq_space.copied += copied;
940 mstamp = div_u64(tcp_clock_ns(), NSEC_PER_USEC);
941 time = tcp_stamp_us_delta(mstamp, msk->rcvq_space.time);
943 rtt_us = msk->rcvq_space.rtt_us;
944 if (rtt_us && time < (rtt_us >> 3))
948 mptcp_for_each_subflow(msk, subflow) {
949 const struct tcp_sock *tp;
953 tp = tcp_sk(mptcp_subflow_tcp_sock(subflow));
955 sf_rtt_us = READ_ONCE(tp->rcv_rtt_est.rtt_us);
956 sf_advmss = READ_ONCE(tp->advmss);
958 rtt_us = max(sf_rtt_us, rtt_us);
959 advmss = max(sf_advmss, advmss);
962 msk->rcvq_space.rtt_us = rtt_us;
963 if (time < (rtt_us >> 3) || rtt_us == 0)
966 if (msk->rcvq_space.copied <= msk->rcvq_space.space)
969 if (sock_net(sk)->ipv4.sysctl_tcp_moderate_rcvbuf &&
970 !(sk->sk_userlocks & SOCK_RCVBUF_LOCK)) {
974 rcvwin = ((u64)msk->rcvq_space.copied << 1) + 16 * advmss;
976 grow = rcvwin * (msk->rcvq_space.copied - msk->rcvq_space.space);
978 do_div(grow, msk->rcvq_space.space);
979 rcvwin += (grow << 1);
981 rcvmem = SKB_TRUESIZE(advmss + MAX_TCP_HEADER);
982 while (tcp_win_from_space(sk, rcvmem) < advmss)
985 do_div(rcvwin, advmss);
986 rcvbuf = min_t(u64, rcvwin * rcvmem,
987 sock_net(sk)->ipv4.sysctl_tcp_rmem[2]);
989 if (rcvbuf > sk->sk_rcvbuf) {
992 window_clamp = tcp_win_from_space(sk, rcvbuf);
993 WRITE_ONCE(sk->sk_rcvbuf, rcvbuf);
995 /* Make subflows follow along. If we do not do this, we
996 * get drops at subflow level if skbs can't be moved to
997 * the mptcp rx queue fast enough (announced rcv_win can
998 * exceed ssk->sk_rcvbuf).
1000 mptcp_for_each_subflow(msk, subflow) {
1003 ssk = mptcp_subflow_tcp_sock(subflow);
1004 WRITE_ONCE(ssk->sk_rcvbuf, rcvbuf);
1005 tcp_sk(ssk)->window_clamp = window_clamp;
1010 msk->rcvq_space.space = msk->rcvq_space.copied;
1012 msk->rcvq_space.copied = 0;
1013 msk->rcvq_space.time = mstamp;
1016 static bool __mptcp_move_skbs(struct mptcp_sock *msk)
1018 unsigned int moved = 0;
1022 struct sock *ssk = mptcp_subflow_recv_lookup(msk);
1028 done = __mptcp_move_skbs_from_subflow(msk, ssk, &moved);
1035 static int mptcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
1036 int nonblock, int flags, int *addr_len)
1038 struct mptcp_sock *msk = mptcp_sk(sk);
1043 if (msg->msg_flags & ~(MSG_WAITALL | MSG_DONTWAIT))
1047 timeo = sock_rcvtimeo(sk, nonblock);
1049 len = min_t(size_t, len, INT_MAX);
1050 target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
1051 __mptcp_flush_join_list(msk);
1053 while (len > (size_t)copied) {
1056 bytes_read = __mptcp_recvmsg_mskq(msk, msg, len - copied);
1057 if (unlikely(bytes_read < 0)) {
1059 copied = bytes_read;
1063 copied += bytes_read;
1065 if (skb_queue_empty(&sk->sk_receive_queue) &&
1066 __mptcp_move_skbs(msk))
1069 /* only the master socket status is relevant here. The exit
1070 * conditions mirror closely tcp_recvmsg()
1072 if (copied >= target)
1077 sk->sk_state == TCP_CLOSE ||
1078 (sk->sk_shutdown & RCV_SHUTDOWN) ||
1080 signal_pending(current))
1084 copied = sock_error(sk);
1088 if (test_and_clear_bit(MPTCP_WORK_EOF, &msk->flags))
1089 mptcp_check_for_eof(msk);
1091 if (sk->sk_shutdown & RCV_SHUTDOWN)
1094 if (sk->sk_state == TCP_CLOSE) {
1104 if (signal_pending(current)) {
1105 copied = sock_intr_errno(timeo);
1110 pr_debug("block timeout %ld", timeo);
1111 mptcp_wait_data(sk, &timeo);
1114 if (skb_queue_empty(&sk->sk_receive_queue)) {
1115 /* entire backlog drained, clear DATA_READY. */
1116 clear_bit(MPTCP_DATA_READY, &msk->flags);
1118 /* .. race-breaker: ssk might have gotten new data
1119 * after last __mptcp_move_skbs() returned false.
1121 if (unlikely(__mptcp_move_skbs(msk)))
1122 set_bit(MPTCP_DATA_READY, &msk->flags);
1123 } else if (unlikely(!test_bit(MPTCP_DATA_READY, &msk->flags))) {
1124 /* data to read but mptcp_wait_data() cleared DATA_READY */
1125 set_bit(MPTCP_DATA_READY, &msk->flags);
1128 mptcp_rcv_space_adjust(msk, copied);
1134 static void mptcp_retransmit_handler(struct sock *sk)
1136 struct mptcp_sock *msk = mptcp_sk(sk);
1138 if (atomic64_read(&msk->snd_una) == msk->write_seq) {
1139 mptcp_stop_timer(sk);
1141 set_bit(MPTCP_WORK_RTX, &msk->flags);
1142 if (schedule_work(&msk->work))
1147 static void mptcp_retransmit_timer(struct timer_list *t)
1149 struct inet_connection_sock *icsk = from_timer(icsk, t,
1150 icsk_retransmit_timer);
1151 struct sock *sk = &icsk->icsk_inet.sk;
1154 if (!sock_owned_by_user(sk)) {
1155 mptcp_retransmit_handler(sk);
1157 /* delegate our work to tcp_release_cb() */
1158 if (!test_and_set_bit(TCP_WRITE_TIMER_DEFERRED,
1166 /* Find an idle subflow. Return NULL if there is unacked data at tcp
1169 * A backup subflow is returned only if that is the only kind available.
1171 static struct sock *mptcp_subflow_get_retrans(const struct mptcp_sock *msk)
1173 struct mptcp_subflow_context *subflow;
1174 struct sock *backup = NULL;
1176 sock_owned_by_me((const struct sock *)msk);
1178 mptcp_for_each_subflow(msk, subflow) {
1179 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
1181 /* still data outstanding at TCP level? Don't retransmit. */
1182 if (!tcp_write_queue_empty(ssk))
1185 if (subflow->backup) {
1197 /* subflow sockets can be either outgoing (connect) or incoming
1200 * Outgoing subflows use in-kernel sockets.
1201 * Incoming subflows do not have their own 'struct socket' allocated,
1202 * so we need to use tcp_close() after detaching them from the mptcp
1205 static void __mptcp_close_ssk(struct sock *sk, struct sock *ssk,
1206 struct mptcp_subflow_context *subflow,
1209 struct socket *sock = READ_ONCE(ssk->sk_socket);
1211 list_del(&subflow->node);
1213 if (sock && sock != sk->sk_socket) {
1214 /* outgoing subflow */
1217 /* incoming subflow */
1218 tcp_close(ssk, timeout);
1222 static unsigned int mptcp_sync_mss(struct sock *sk, u32 pmtu)
1227 static void pm_work(struct mptcp_sock *msk)
1229 struct mptcp_pm_data *pm = &msk->pm;
1231 spin_lock_bh(&msk->pm.lock);
1233 pr_debug("msk=%p status=%x", msk, pm->status);
1234 if (pm->status & BIT(MPTCP_PM_ADD_ADDR_RECEIVED)) {
1235 pm->status &= ~BIT(MPTCP_PM_ADD_ADDR_RECEIVED);
1236 mptcp_pm_nl_add_addr_received(msk);
1238 if (pm->status & BIT(MPTCP_PM_ESTABLISHED)) {
1239 pm->status &= ~BIT(MPTCP_PM_ESTABLISHED);
1240 mptcp_pm_nl_fully_established(msk);
1242 if (pm->status & BIT(MPTCP_PM_SUBFLOW_ESTABLISHED)) {
1243 pm->status &= ~BIT(MPTCP_PM_SUBFLOW_ESTABLISHED);
1244 mptcp_pm_nl_subflow_established(msk);
1247 spin_unlock_bh(&msk->pm.lock);
1250 static void mptcp_worker(struct work_struct *work)
1252 struct mptcp_sock *msk = container_of(work, struct mptcp_sock, work);
1253 struct sock *ssk, *sk = &msk->sk.icsk_inet.sk;
1254 int orig_len, orig_offset, mss_now = 0, size_goal = 0;
1255 struct mptcp_data_frag *dfrag;
1262 mptcp_clean_una(sk);
1263 __mptcp_flush_join_list(msk);
1264 __mptcp_move_skbs(msk);
1269 if (test_and_clear_bit(MPTCP_WORK_EOF, &msk->flags))
1270 mptcp_check_for_eof(msk);
1272 if (!test_and_clear_bit(MPTCP_WORK_RTX, &msk->flags))
1275 dfrag = mptcp_rtx_head(sk);
1279 if (!mptcp_ext_cache_refill(msk))
1282 ssk = mptcp_subflow_get_retrans(msk);
1288 msg.msg_flags = MSG_DONTWAIT;
1289 orig_len = dfrag->data_len;
1290 orig_offset = dfrag->offset;
1291 orig_write_seq = dfrag->data_seq;
1292 while (dfrag->data_len > 0) {
1293 int ret = mptcp_sendmsg_frag(sk, ssk, &msg, dfrag, &timeo,
1294 &mss_now, &size_goal);
1298 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_RETRANSSEGS);
1300 dfrag->data_len -= ret;
1301 dfrag->offset += ret;
1303 if (!mptcp_ext_cache_refill(msk))
1307 tcp_push(ssk, msg.msg_flags, mss_now, tcp_sk(ssk)->nonagle,
1310 dfrag->data_seq = orig_write_seq;
1311 dfrag->offset = orig_offset;
1312 dfrag->data_len = orig_len;
1314 mptcp_set_timeout(sk, ssk);
1318 if (!mptcp_timer_pending(sk))
1319 mptcp_reset_timer(sk);
1326 static int __mptcp_init_sock(struct sock *sk)
1328 struct mptcp_sock *msk = mptcp_sk(sk);
1330 spin_lock_init(&msk->join_list_lock);
1332 INIT_LIST_HEAD(&msk->conn_list);
1333 INIT_LIST_HEAD(&msk->join_list);
1334 INIT_LIST_HEAD(&msk->rtx_queue);
1335 __set_bit(MPTCP_SEND_SPACE, &msk->flags);
1336 INIT_WORK(&msk->work, mptcp_worker);
1339 inet_csk(sk)->icsk_sync_mss = mptcp_sync_mss;
1341 mptcp_pm_data_init(msk);
1343 /* re-use the csk retrans timer for MPTCP-level retrans */
1344 timer_setup(&msk->sk.icsk_retransmit_timer, mptcp_retransmit_timer, 0);
1349 static int mptcp_init_sock(struct sock *sk)
1351 struct net *net = sock_net(sk);
1354 if (!mptcp_is_enabled(net))
1355 return -ENOPROTOOPT;
1357 if (unlikely(!net->mib.mptcp_statistics) && !mptcp_mib_alloc(net))
1360 ret = __mptcp_init_sock(sk);
1364 ret = __mptcp_socket_create(mptcp_sk(sk));
1368 sk_sockets_allocated_inc(sk);
1369 sk->sk_rcvbuf = sock_net(sk)->ipv4.sysctl_tcp_rmem[1];
1370 sk->sk_sndbuf = sock_net(sk)->ipv4.sysctl_tcp_wmem[2];
1375 static void __mptcp_clear_xmit(struct sock *sk)
1377 struct mptcp_sock *msk = mptcp_sk(sk);
1378 struct mptcp_data_frag *dtmp, *dfrag;
1380 sk_stop_timer(sk, &msk->sk.icsk_retransmit_timer);
1382 list_for_each_entry_safe(dfrag, dtmp, &msk->rtx_queue, list)
1383 dfrag_clear(sk, dfrag);
1386 static void mptcp_cancel_work(struct sock *sk)
1388 struct mptcp_sock *msk = mptcp_sk(sk);
1390 if (cancel_work_sync(&msk->work))
1394 static void mptcp_subflow_shutdown(struct sock *ssk, int how,
1395 bool data_fin_tx_enable, u64 data_fin_tx_seq)
1399 switch (ssk->sk_state) {
1401 if (!(how & RCV_SHUTDOWN))
1405 tcp_disconnect(ssk, O_NONBLOCK);
1408 if (data_fin_tx_enable) {
1409 struct mptcp_subflow_context *subflow;
1411 subflow = mptcp_subflow_ctx(ssk);
1412 subflow->data_fin_tx_seq = data_fin_tx_seq;
1413 subflow->data_fin_tx_enable = 1;
1416 ssk->sk_shutdown |= how;
1417 tcp_shutdown(ssk, how);
1424 /* Called with msk lock held, releases such lock before returning */
1425 static void mptcp_close(struct sock *sk, long timeout)
1427 struct mptcp_subflow_context *subflow, *tmp;
1428 struct mptcp_sock *msk = mptcp_sk(sk);
1429 LIST_HEAD(conn_list);
1430 u64 data_fin_tx_seq;
1434 inet_sk_state_store(sk, TCP_CLOSE);
1436 /* be sure to always acquire the join list lock, to sync vs
1437 * mptcp_finish_join().
1439 spin_lock_bh(&msk->join_list_lock);
1440 list_splice_tail_init(&msk->join_list, &msk->conn_list);
1441 spin_unlock_bh(&msk->join_list_lock);
1442 list_splice_init(&msk->conn_list, &conn_list);
1444 data_fin_tx_seq = msk->write_seq;
1446 __mptcp_clear_xmit(sk);
1450 list_for_each_entry_safe(subflow, tmp, &conn_list, node) {
1451 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
1453 subflow->data_fin_tx_seq = data_fin_tx_seq;
1454 subflow->data_fin_tx_enable = 1;
1455 __mptcp_close_ssk(sk, ssk, subflow, timeout);
1458 mptcp_cancel_work(sk);
1460 __skb_queue_purge(&sk->sk_receive_queue);
1462 sk_common_release(sk);
1465 static void mptcp_copy_inaddrs(struct sock *msk, const struct sock *ssk)
1467 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1468 const struct ipv6_pinfo *ssk6 = inet6_sk(ssk);
1469 struct ipv6_pinfo *msk6 = inet6_sk(msk);
1471 msk->sk_v6_daddr = ssk->sk_v6_daddr;
1472 msk->sk_v6_rcv_saddr = ssk->sk_v6_rcv_saddr;
1475 msk6->saddr = ssk6->saddr;
1476 msk6->flow_label = ssk6->flow_label;
1480 inet_sk(msk)->inet_num = inet_sk(ssk)->inet_num;
1481 inet_sk(msk)->inet_dport = inet_sk(ssk)->inet_dport;
1482 inet_sk(msk)->inet_sport = inet_sk(ssk)->inet_sport;
1483 inet_sk(msk)->inet_daddr = inet_sk(ssk)->inet_daddr;
1484 inet_sk(msk)->inet_saddr = inet_sk(ssk)->inet_saddr;
1485 inet_sk(msk)->inet_rcv_saddr = inet_sk(ssk)->inet_rcv_saddr;
1488 static int mptcp_disconnect(struct sock *sk, int flags)
1490 /* Should never be called.
1491 * inet_stream_connect() calls ->disconnect, but that
1492 * refers to the subflow socket, not the mptcp one.
1498 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1499 static struct ipv6_pinfo *mptcp_inet6_sk(const struct sock *sk)
1501 unsigned int offset = sizeof(struct mptcp6_sock) - sizeof(struct ipv6_pinfo);
1503 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
1507 struct sock *mptcp_sk_clone(const struct sock *sk,
1508 const struct mptcp_options_received *mp_opt,
1509 struct request_sock *req)
1511 struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
1512 struct sock *nsk = sk_clone_lock(sk, GFP_ATOMIC);
1513 struct mptcp_sock *msk;
1519 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1520 if (nsk->sk_family == AF_INET6)
1521 inet_sk(nsk)->pinet6 = mptcp_inet6_sk(nsk);
1524 __mptcp_init_sock(nsk);
1526 msk = mptcp_sk(nsk);
1527 msk->local_key = subflow_req->local_key;
1528 msk->token = subflow_req->token;
1529 msk->subflow = NULL;
1530 WRITE_ONCE(msk->fully_established, false);
1532 msk->write_seq = subflow_req->idsn + 1;
1533 atomic64_set(&msk->snd_una, msk->write_seq);
1534 if (mp_opt->mp_capable) {
1535 msk->can_ack = true;
1536 msk->remote_key = mp_opt->sndr_key;
1537 mptcp_crypto_key_sha(msk->remote_key, NULL, &ack_seq);
1539 msk->ack_seq = ack_seq;
1542 sock_reset_flag(nsk, SOCK_RCU_FREE);
1543 /* will be fully established after successful MPC subflow creation */
1544 inet_sk_state_store(nsk, TCP_SYN_RECV);
1545 bh_unlock_sock(nsk);
1547 /* keep a single reference */
1552 void mptcp_rcv_space_init(struct mptcp_sock *msk, const struct sock *ssk)
1554 const struct tcp_sock *tp = tcp_sk(ssk);
1556 msk->rcvq_space.copied = 0;
1557 msk->rcvq_space.rtt_us = 0;
1559 msk->rcvq_space.time = tp->tcp_mstamp;
1561 /* initial rcv_space offering made to peer */
1562 msk->rcvq_space.space = min_t(u32, tp->rcv_wnd,
1563 TCP_INIT_CWND * tp->advmss);
1564 if (msk->rcvq_space.space == 0)
1565 msk->rcvq_space.space = TCP_INIT_CWND * TCP_MSS_DEFAULT;
1568 static struct sock *mptcp_accept(struct sock *sk, int flags, int *err,
1571 struct mptcp_sock *msk = mptcp_sk(sk);
1572 struct socket *listener;
1575 listener = __mptcp_nmpc_socket(msk);
1576 if (WARN_ON_ONCE(!listener)) {
1581 pr_debug("msk=%p, listener=%p", msk, mptcp_subflow_ctx(listener->sk));
1582 newsk = inet_csk_accept(listener->sk, flags, err, kern);
1586 pr_debug("msk=%p, subflow is mptcp=%d", msk, sk_is_mptcp(newsk));
1587 if (sk_is_mptcp(newsk)) {
1588 struct mptcp_subflow_context *subflow;
1589 struct sock *new_mptcp_sock;
1590 struct sock *ssk = newsk;
1592 subflow = mptcp_subflow_ctx(newsk);
1593 new_mptcp_sock = subflow->conn;
1595 /* is_mptcp should be false if subflow->conn is missing, see
1596 * subflow_syn_recv_sock()
1598 if (WARN_ON_ONCE(!new_mptcp_sock)) {
1599 tcp_sk(newsk)->is_mptcp = 0;
1603 /* acquire the 2nd reference for the owning socket */
1604 sock_hold(new_mptcp_sock);
1607 bh_lock_sock(new_mptcp_sock);
1608 msk = mptcp_sk(new_mptcp_sock);
1611 newsk = new_mptcp_sock;
1612 mptcp_copy_inaddrs(newsk, ssk);
1613 list_add(&subflow->node, &msk->conn_list);
1615 mptcp_rcv_space_init(msk, ssk);
1616 bh_unlock_sock(new_mptcp_sock);
1618 __MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPCAPABLEPASSIVEACK);
1621 MPTCP_INC_STATS(sock_net(sk),
1622 MPTCP_MIB_MPCAPABLEPASSIVEFALLBACK);
1628 static void mptcp_destroy(struct sock *sk)
1630 struct mptcp_sock *msk = mptcp_sk(sk);
1632 mptcp_token_destroy(msk);
1633 if (msk->cached_ext)
1634 __skb_ext_put(msk->cached_ext);
1636 sk_sockets_allocated_dec(sk);
1639 static int mptcp_setsockopt_sol_socket(struct mptcp_sock *msk, int optname,
1640 sockptr_t optval, unsigned int optlen)
1642 struct sock *sk = (struct sock *)msk;
1643 struct socket *ssock;
1650 ssock = __mptcp_nmpc_socket(msk);
1656 ret = sock_setsockopt(ssock, SOL_SOCKET, optname, optval, optlen);
1658 if (optname == SO_REUSEPORT)
1659 sk->sk_reuseport = ssock->sk->sk_reuseport;
1660 else if (optname == SO_REUSEADDR)
1661 sk->sk_reuse = ssock->sk->sk_reuse;
1667 return sock_setsockopt(sk->sk_socket, SOL_SOCKET, optname, optval, optlen);
1670 static int mptcp_setsockopt_v6(struct mptcp_sock *msk, int optname,
1671 sockptr_t optval, unsigned int optlen)
1673 struct sock *sk = (struct sock *)msk;
1674 int ret = -EOPNOTSUPP;
1675 struct socket *ssock;
1680 ssock = __mptcp_nmpc_socket(msk);
1686 ret = tcp_setsockopt(ssock->sk, SOL_IPV6, optname, optval, optlen);
1688 sk->sk_ipv6only = ssock->sk->sk_ipv6only;
1697 static int mptcp_setsockopt(struct sock *sk, int level, int optname,
1698 sockptr_t optval, unsigned int optlen)
1700 struct mptcp_sock *msk = mptcp_sk(sk);
1703 pr_debug("msk=%p", msk);
1705 if (level == SOL_SOCKET)
1706 return mptcp_setsockopt_sol_socket(msk, optname, optval, optlen);
1708 /* @@ the meaning of setsockopt() when the socket is connected and
1709 * there are multiple subflows is not yet defined. It is up to the
1710 * MPTCP-level socket to configure the subflows until the subflow
1711 * is in TCP fallback, when TCP socket options are passed through
1712 * to the one remaining subflow.
1715 ssk = __mptcp_tcp_fallback(msk);
1718 return tcp_setsockopt(ssk, level, optname, optval, optlen);
1720 if (level == SOL_IPV6)
1721 return mptcp_setsockopt_v6(msk, optname, optval, optlen);
1726 static int mptcp_getsockopt(struct sock *sk, int level, int optname,
1727 char __user *optval, int __user *option)
1729 struct mptcp_sock *msk = mptcp_sk(sk);
1732 pr_debug("msk=%p", msk);
1734 /* @@ the meaning of setsockopt() when the socket is connected and
1735 * there are multiple subflows is not yet defined. It is up to the
1736 * MPTCP-level socket to configure the subflows until the subflow
1737 * is in TCP fallback, when socket options are passed through
1738 * to the one remaining subflow.
1741 ssk = __mptcp_tcp_fallback(msk);
1744 return tcp_getsockopt(ssk, level, optname, optval, option);
1749 #define MPTCP_DEFERRED_ALL (TCPF_DELACK_TIMER_DEFERRED | \
1750 TCPF_WRITE_TIMER_DEFERRED)
1752 /* this is very alike tcp_release_cb() but we must handle differently a
1753 * different set of events
1755 static void mptcp_release_cb(struct sock *sk)
1757 unsigned long flags, nflags;
1760 flags = sk->sk_tsq_flags;
1761 if (!(flags & MPTCP_DEFERRED_ALL))
1763 nflags = flags & ~MPTCP_DEFERRED_ALL;
1764 } while (cmpxchg(&sk->sk_tsq_flags, flags, nflags) != flags);
1766 sock_release_ownership(sk);
1768 if (flags & TCPF_DELACK_TIMER_DEFERRED) {
1769 struct mptcp_sock *msk = mptcp_sk(sk);
1772 ssk = mptcp_subflow_recv_lookup(msk);
1773 if (!ssk || !schedule_work(&msk->work))
1777 if (flags & TCPF_WRITE_TIMER_DEFERRED) {
1778 mptcp_retransmit_handler(sk);
1783 static int mptcp_hash(struct sock *sk)
1785 /* should never be called,
1786 * we hash the TCP subflows not the master socket
1792 static void mptcp_unhash(struct sock *sk)
1794 /* called from sk_common_release(), but nothing to do here */
1797 static int mptcp_get_port(struct sock *sk, unsigned short snum)
1799 struct mptcp_sock *msk = mptcp_sk(sk);
1800 struct socket *ssock;
1802 ssock = __mptcp_nmpc_socket(msk);
1803 pr_debug("msk=%p, subflow=%p", msk, ssock);
1804 if (WARN_ON_ONCE(!ssock))
1807 return inet_csk_get_port(ssock->sk, snum);
1810 void mptcp_finish_connect(struct sock *ssk)
1812 struct mptcp_subflow_context *subflow;
1813 struct mptcp_sock *msk;
1817 subflow = mptcp_subflow_ctx(ssk);
1821 pr_debug("msk=%p, token=%u", sk, subflow->token);
1823 mptcp_crypto_key_sha(subflow->remote_key, NULL, &ack_seq);
1825 subflow->map_seq = ack_seq;
1826 subflow->map_subflow_seq = 1;
1828 /* the socket is not connected yet, no msk/subflow ops can access/race
1829 * accessing the field below
1831 WRITE_ONCE(msk->remote_key, subflow->remote_key);
1832 WRITE_ONCE(msk->local_key, subflow->local_key);
1833 WRITE_ONCE(msk->write_seq, subflow->idsn + 1);
1834 WRITE_ONCE(msk->ack_seq, ack_seq);
1835 WRITE_ONCE(msk->can_ack, 1);
1836 atomic64_set(&msk->snd_una, msk->write_seq);
1838 mptcp_pm_new_connection(msk, 0);
1840 mptcp_rcv_space_init(msk, ssk);
1843 static void mptcp_sock_graft(struct sock *sk, struct socket *parent)
1845 write_lock_bh(&sk->sk_callback_lock);
1846 rcu_assign_pointer(sk->sk_wq, &parent->wq);
1847 sk_set_socket(sk, parent);
1848 sk->sk_uid = SOCK_INODE(parent)->i_uid;
1849 write_unlock_bh(&sk->sk_callback_lock);
1852 bool mptcp_finish_join(struct sock *sk)
1854 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
1855 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
1856 struct sock *parent = (void *)msk;
1857 struct socket *parent_sock;
1860 pr_debug("msk=%p, subflow=%p", msk, subflow);
1862 /* mptcp socket already closing? */
1863 if (!mptcp_is_fully_established(parent))
1866 if (!msk->pm.server_side)
1869 if (!mptcp_pm_allow_new_subflow(msk))
1872 /* active connections are already on conn_list, and we can't acquire
1874 * use the join list lock as synchronization point and double-check
1875 * msk status to avoid racing with mptcp_close()
1877 spin_lock_bh(&msk->join_list_lock);
1878 ret = inet_sk_state_load(parent) == TCP_ESTABLISHED;
1879 if (ret && !WARN_ON_ONCE(!list_empty(&subflow->node)))
1880 list_add_tail(&subflow->node, &msk->join_list);
1881 spin_unlock_bh(&msk->join_list_lock);
1885 /* attach to msk socket only after we are sure he will deal with us
1888 parent_sock = READ_ONCE(parent->sk_socket);
1889 if (parent_sock && !sk->sk_socket)
1890 mptcp_sock_graft(sk, parent_sock);
1891 subflow->map_seq = msk->ack_seq;
1895 static bool mptcp_memory_free(const struct sock *sk, int wake)
1897 struct mptcp_sock *msk = mptcp_sk(sk);
1899 return wake ? test_bit(MPTCP_SEND_SPACE, &msk->flags) : true;
1902 static struct proto mptcp_prot = {
1904 .owner = THIS_MODULE,
1905 .init = mptcp_init_sock,
1906 .disconnect = mptcp_disconnect,
1907 .close = mptcp_close,
1908 .accept = mptcp_accept,
1909 .setsockopt = mptcp_setsockopt,
1910 .getsockopt = mptcp_getsockopt,
1911 .shutdown = tcp_shutdown,
1912 .destroy = mptcp_destroy,
1913 .sendmsg = mptcp_sendmsg,
1914 .recvmsg = mptcp_recvmsg,
1915 .release_cb = mptcp_release_cb,
1917 .unhash = mptcp_unhash,
1918 .get_port = mptcp_get_port,
1919 .sockets_allocated = &mptcp_sockets_allocated,
1920 .memory_allocated = &tcp_memory_allocated,
1921 .memory_pressure = &tcp_memory_pressure,
1922 .stream_memory_free = mptcp_memory_free,
1923 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1924 .sysctl_mem = sysctl_tcp_mem,
1925 .obj_size = sizeof(struct mptcp_sock),
1926 .slab_flags = SLAB_TYPESAFE_BY_RCU,
1927 .no_autobind = true,
1930 static int mptcp_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1932 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1933 struct socket *ssock;
1936 lock_sock(sock->sk);
1937 ssock = __mptcp_nmpc_socket(msk);
1943 err = ssock->ops->bind(ssock, uaddr, addr_len);
1945 mptcp_copy_inaddrs(sock->sk, ssock->sk);
1948 release_sock(sock->sk);
1952 static void mptcp_subflow_early_fallback(struct mptcp_sock *msk,
1953 struct mptcp_subflow_context *subflow)
1955 subflow->request_mptcp = 0;
1956 __mptcp_do_fallback(msk);
1959 static int mptcp_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1960 int addr_len, int flags)
1962 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1963 struct mptcp_subflow_context *subflow;
1964 struct socket *ssock;
1967 lock_sock(sock->sk);
1968 if (sock->state != SS_UNCONNECTED && msk->subflow) {
1969 /* pending connection or invalid state, let existing subflow
1972 ssock = msk->subflow;
1976 ssock = __mptcp_nmpc_socket(msk);
1982 mptcp_token_destroy(msk);
1983 inet_sk_state_store(sock->sk, TCP_SYN_SENT);
1984 subflow = mptcp_subflow_ctx(ssock->sk);
1985 #ifdef CONFIG_TCP_MD5SIG
1986 /* no MPTCP if MD5SIG is enabled on this socket or we may run out of
1989 if (rcu_access_pointer(tcp_sk(ssock->sk)->md5sig_info))
1990 mptcp_subflow_early_fallback(msk, subflow);
1992 if (subflow->request_mptcp && mptcp_token_new_connect(ssock->sk))
1993 mptcp_subflow_early_fallback(msk, subflow);
1996 err = ssock->ops->connect(ssock, uaddr, addr_len, flags);
1997 sock->state = ssock->state;
1999 /* on successful connect, the msk state will be moved to established by
2000 * subflow_finish_connect()
2002 if (!err || err == EINPROGRESS)
2003 mptcp_copy_inaddrs(sock->sk, ssock->sk);
2005 inet_sk_state_store(sock->sk, inet_sk_state_load(ssock->sk));
2008 release_sock(sock->sk);
2012 static int mptcp_listen(struct socket *sock, int backlog)
2014 struct mptcp_sock *msk = mptcp_sk(sock->sk);
2015 struct socket *ssock;
2018 pr_debug("msk=%p", msk);
2020 lock_sock(sock->sk);
2021 ssock = __mptcp_nmpc_socket(msk);
2027 mptcp_token_destroy(msk);
2028 inet_sk_state_store(sock->sk, TCP_LISTEN);
2029 sock_set_flag(sock->sk, SOCK_RCU_FREE);
2031 err = ssock->ops->listen(ssock, backlog);
2032 inet_sk_state_store(sock->sk, inet_sk_state_load(ssock->sk));
2034 mptcp_copy_inaddrs(sock->sk, ssock->sk);
2037 release_sock(sock->sk);
2041 static int mptcp_stream_accept(struct socket *sock, struct socket *newsock,
2042 int flags, bool kern)
2044 struct mptcp_sock *msk = mptcp_sk(sock->sk);
2045 struct socket *ssock;
2048 pr_debug("msk=%p", msk);
2050 lock_sock(sock->sk);
2051 if (sock->sk->sk_state != TCP_LISTEN)
2054 ssock = __mptcp_nmpc_socket(msk);
2058 clear_bit(MPTCP_DATA_READY, &msk->flags);
2059 sock_hold(ssock->sk);
2060 release_sock(sock->sk);
2062 err = ssock->ops->accept(sock, newsock, flags, kern);
2063 if (err == 0 && !mptcp_is_tcpsk(newsock->sk)) {
2064 struct mptcp_sock *msk = mptcp_sk(newsock->sk);
2065 struct mptcp_subflow_context *subflow;
2067 /* set ssk->sk_socket of accept()ed flows to mptcp socket.
2068 * This is needed so NOSPACE flag can be set from tcp stack.
2070 __mptcp_flush_join_list(msk);
2071 list_for_each_entry(subflow, &msk->conn_list, node) {
2072 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
2074 if (!ssk->sk_socket)
2075 mptcp_sock_graft(ssk, newsock);
2079 if (inet_csk_listen_poll(ssock->sk))
2080 set_bit(MPTCP_DATA_READY, &msk->flags);
2081 sock_put(ssock->sk);
2085 release_sock(sock->sk);
2089 static __poll_t mptcp_check_readable(struct mptcp_sock *msk)
2091 return test_bit(MPTCP_DATA_READY, &msk->flags) ? EPOLLIN | EPOLLRDNORM :
2095 static __poll_t mptcp_poll(struct file *file, struct socket *sock,
2096 struct poll_table_struct *wait)
2098 struct sock *sk = sock->sk;
2099 struct mptcp_sock *msk;
2104 sock_poll_wait(file, sock, wait);
2106 state = inet_sk_state_load(sk);
2107 if (state == TCP_LISTEN)
2108 return mptcp_check_readable(msk);
2110 if (state != TCP_SYN_SENT && state != TCP_SYN_RECV) {
2111 mask |= mptcp_check_readable(msk);
2112 if (sk_stream_is_writeable(sk) &&
2113 test_bit(MPTCP_SEND_SPACE, &msk->flags))
2114 mask |= EPOLLOUT | EPOLLWRNORM;
2116 if (sk->sk_shutdown & RCV_SHUTDOWN)
2117 mask |= EPOLLIN | EPOLLRDNORM | EPOLLRDHUP;
2122 static int mptcp_shutdown(struct socket *sock, int how)
2124 struct mptcp_sock *msk = mptcp_sk(sock->sk);
2125 struct mptcp_subflow_context *subflow;
2128 pr_debug("sk=%p, how=%d", msk, how);
2130 lock_sock(sock->sk);
2131 if (how == SHUT_WR || how == SHUT_RDWR)
2132 inet_sk_state_store(sock->sk, TCP_FIN_WAIT1);
2136 if ((how & ~SHUTDOWN_MASK) || !how) {
2141 if (sock->state == SS_CONNECTING) {
2142 if ((1 << sock->sk->sk_state) &
2143 (TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_CLOSE))
2144 sock->state = SS_DISCONNECTING;
2146 sock->state = SS_CONNECTED;
2149 __mptcp_flush_join_list(msk);
2150 mptcp_for_each_subflow(msk, subflow) {
2151 struct sock *tcp_sk = mptcp_subflow_tcp_sock(subflow);
2153 mptcp_subflow_shutdown(tcp_sk, how, 1, msk->write_seq);
2156 /* Wake up anyone sleeping in poll. */
2157 sock->sk->sk_state_change(sock->sk);
2160 release_sock(sock->sk);
2165 static const struct proto_ops mptcp_stream_ops = {
2167 .owner = THIS_MODULE,
2168 .release = inet_release,
2170 .connect = mptcp_stream_connect,
2171 .socketpair = sock_no_socketpair,
2172 .accept = mptcp_stream_accept,
2173 .getname = inet_getname,
2175 .ioctl = inet_ioctl,
2176 .gettstamp = sock_gettstamp,
2177 .listen = mptcp_listen,
2178 .shutdown = mptcp_shutdown,
2179 .setsockopt = sock_common_setsockopt,
2180 .getsockopt = sock_common_getsockopt,
2181 .sendmsg = inet_sendmsg,
2182 .recvmsg = inet_recvmsg,
2183 .mmap = sock_no_mmap,
2184 .sendpage = inet_sendpage,
2187 static struct inet_protosw mptcp_protosw = {
2188 .type = SOCK_STREAM,
2189 .protocol = IPPROTO_MPTCP,
2190 .prot = &mptcp_prot,
2191 .ops = &mptcp_stream_ops,
2192 .flags = INET_PROTOSW_ICSK,
2195 void __init mptcp_proto_init(void)
2197 mptcp_prot.h.hashinfo = tcp_prot.h.hashinfo;
2199 if (percpu_counter_init(&mptcp_sockets_allocated, 0, GFP_KERNEL))
2200 panic("Failed to allocate MPTCP pcpu counter\n");
2202 mptcp_subflow_init();
2206 if (proto_register(&mptcp_prot, 1) != 0)
2207 panic("Failed to register MPTCP proto.\n");
2209 inet_register_protosw(&mptcp_protosw);
2211 BUILD_BUG_ON(sizeof(struct mptcp_skb_cb) > sizeof_field(struct sk_buff, cb));
2214 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
2215 static const struct proto_ops mptcp_v6_stream_ops = {
2217 .owner = THIS_MODULE,
2218 .release = inet6_release,
2220 .connect = mptcp_stream_connect,
2221 .socketpair = sock_no_socketpair,
2222 .accept = mptcp_stream_accept,
2223 .getname = inet6_getname,
2225 .ioctl = inet6_ioctl,
2226 .gettstamp = sock_gettstamp,
2227 .listen = mptcp_listen,
2228 .shutdown = mptcp_shutdown,
2229 .setsockopt = sock_common_setsockopt,
2230 .getsockopt = sock_common_getsockopt,
2231 .sendmsg = inet6_sendmsg,
2232 .recvmsg = inet6_recvmsg,
2233 .mmap = sock_no_mmap,
2234 .sendpage = inet_sendpage,
2235 #ifdef CONFIG_COMPAT
2236 .compat_ioctl = inet6_compat_ioctl,
2240 static struct proto mptcp_v6_prot;
2242 static void mptcp_v6_destroy(struct sock *sk)
2245 inet6_destroy_sock(sk);
2248 static struct inet_protosw mptcp_v6_protosw = {
2249 .type = SOCK_STREAM,
2250 .protocol = IPPROTO_MPTCP,
2251 .prot = &mptcp_v6_prot,
2252 .ops = &mptcp_v6_stream_ops,
2253 .flags = INET_PROTOSW_ICSK,
2256 int __init mptcp_proto_v6_init(void)
2260 mptcp_v6_prot = mptcp_prot;
2261 strcpy(mptcp_v6_prot.name, "MPTCPv6");
2262 mptcp_v6_prot.slab = NULL;
2263 mptcp_v6_prot.destroy = mptcp_v6_destroy;
2264 mptcp_v6_prot.obj_size = sizeof(struct mptcp6_sock);
2266 err = proto_register(&mptcp_v6_prot, 1);
2270 err = inet6_register_protosw(&mptcp_v6_protosw);
2272 proto_unregister(&mptcp_v6_prot);
projects / linux-2.6-microblaze.git / blob