1 /*- 2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 4. Neither the name of the University nor the names of its contributors 14 * may be used to endorse or promote products derived from this software 15 * without specific prior written permission. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 * @(#)tcp_input.c 8.12 (Berkeley) 5/24/95 30 */ 31 32 #include <sys/cdefs.h> 33 __FBSDID("$FreeBSD$"); 34 35 #include "opt_inet.h" 36 #include "opt_inet6.h" 37 #include "opt_tcpdebug.h" 38 39 #include <sys/param.h> 40 #include <sys/kernel.h> 41 #include <sys/malloc.h> 42 #include <sys/mbuf.h> 43 #include <sys/socket.h> 44 #include <sys/socketvar.h> 45 #include <sys/sysctl.h> 46 #include <sys/syslog.h> 47 #include <sys/systm.h> 48 49 #include <vm/uma.h> 50 51 #include <net/if.h> 52 #include <net/if_var.h> 53 #include <net/route.h> 54 #include <net/vnet.h> 55 56 #include <netinet/in.h> 57 #include <netinet/in_pcb.h> 58 #include <netinet/in_systm.h> 59 #include <netinet/in_var.h> 60 #include <netinet/ip.h> 61 #include <netinet/ip_var.h> 62 #include <netinet/ip_options.h> 63 #include <netinet/ip6.h> 64 #include <netinet6/in6_pcb.h> 65 #include <netinet6/ip6_var.h> 66 #include <netinet6/nd6.h> 67 #include <netinet/tcp.h> 68 #include <netinet/tcp_fsm.h> 69 #include <netinet/tcp_seq.h> 70 #include <netinet/tcp_timer.h> 71 #include <netinet/tcp_var.h> 72 #include <netinet6/tcp6_var.h> 73 #include <netinet/tcpip.h> 74 75 void 76 tcp_reass_flush(struct tcpcb *tp) 77 { 78 struct mbuf *m; 79 80 INP_WLOCK_ASSERT(tp->t_inpcb); 81 82 while ((m = tp->t_segq) != NULL) { 83 tp->t_segq = m->m_nextpkt; 84 tp->t_segqlen -= m->m_pkthdr.len; 85 m_freem(m); 86 } 87 88 KASSERT((tp->t_segqlen == 0), 89 ("TCP reass queue %p length is %d instead of 0 after flush.", 90 tp, tp->t_segqlen)); 91 } 92 93 #define M_TCPHDR(m) ((struct tcphdr *)((m)->m_pkthdr.pkt_tcphdr)) 94 95 int 96 tcp_reass(struct tcpcb *tp, struct tcphdr *th, int *tlenp, struct mbuf *m) 97 { 98 struct socket *so = tp->t_inpcb->inp_socket; 99 struct mbuf *mq, *mp; 100 int flags, wakeup; 101 102 INP_WLOCK_ASSERT(tp->t_inpcb); 103 104 /* 105 * XXX: tcp_reass() is rather inefficient with its data structures 106 * and should be rewritten (see NetBSD for optimizations). 107 */ 108 109 /* 110 * Call with th==NULL after become established to 111 * force pre-ESTABLISHED data up to user socket. 112 */ 113 if (th == NULL) 114 goto present; 115 116 M_ASSERTPKTHDR(m); 117 KASSERT(*tlenp == m->m_pkthdr.len, ("%s: tlenp %u len %u", __func__, 118 *tlenp, m->m_pkthdr.len)); 119 120 /* 121 * Limit the number of segments that can be queued to reduce the 122 * potential for mbuf exhaustion. For best performance, we want to be 123 * able to queue a full window's worth of segments. The size of the 124 * socket receive buffer determines our advertised window and grows 125 * automatically when socket buffer autotuning is enabled. Use it as the 126 * basis for our queue limit. 127 * Always let the missing segment through which caused this queue. 128 * NB: Access to the socket buffer is left intentionally unlocked as we 129 * can tolerate stale information here. 130 */ 131 if ((th->th_seq != tp->rcv_nxt || !TCPS_HAVEESTABLISHED(tp->t_state)) && 132 tp->t_segqlen + m->m_pkthdr.len >= sbspace(&so->so_rcv)) { 133 char *s; 134 135 TCPSTAT_INC(tcps_rcvreassfull); 136 *tlenp = 0; 137 if ((s = tcp_log_addrs(&tp->t_inpcb->inp_inc, th, NULL, 138 NULL))) { 139 log(LOG_DEBUG, "%s; %s: queue limit reached, " 140 "segment dropped\n", s, __func__); 141 free(s, M_TCPLOG); 142 } 143 m_freem(m); 144 return (0); 145 } 146 147 /* 148 * Find a segment which begins after this one does. 149 */ 150 mp = NULL; 151 for (mq = tp->t_segq; mq != NULL; mq = mq->m_nextpkt) { 152 if (SEQ_GT(M_TCPHDR(mq)->th_seq, th->th_seq)) 153 break; 154 mp = mq; 155 } 156 157 /* 158 * If there is a preceding segment, it may provide some of 159 * our data already. If so, drop the data from the incoming 160 * segment. If it provides all of our data, drop us. 161 */ 162 if (mp != NULL) { 163 int i; 164 165 /* conversion to int (in i) handles seq wraparound */ 166 i = M_TCPHDR(mp)->th_seq + mp->m_pkthdr.len - th->th_seq; 167 if (i > 0) { 168 if (i >= *tlenp) { 169 TCPSTAT_INC(tcps_rcvduppack); 170 TCPSTAT_ADD(tcps_rcvdupbyte, *tlenp); 171 m_freem(m); 172 /* 173 * Try to present any queued data 174 * at the left window edge to the user. 175 * This is needed after the 3-WHS 176 * completes. 177 */ 178 goto present; /* ??? */ 179 } 180 m_adj(m, i); 181 *tlenp -= i; 182 th->th_seq += i; 183 } 184 } 185 tp->t_rcvoopack++; 186 TCPSTAT_INC(tcps_rcvoopack); 187 TCPSTAT_ADD(tcps_rcvoobyte, *tlenp); 188 189 /* 190 * While we overlap succeeding segments trim them or, 191 * if they are completely covered, dequeue them. 192 */ 193 while (mq) { 194 struct mbuf *nq; 195 int i; 196 197 i = (th->th_seq + *tlenp) - M_TCPHDR(mq)->th_seq; 198 if (i <= 0) 199 break; 200 if (i < mq->m_pkthdr.len) { 201 M_TCPHDR(mq)->th_seq += i; 202 m_adj(mq, i); 203 tp->t_segqlen -= i; 204 break; 205 } 206 207 nq = mq->m_nextpkt; 208 tp->t_segqlen -= mq->m_pkthdr.len; 209 m_freem(mq); 210 if (mp) 211 mp->m_nextpkt = nq; 212 else 213 tp->t_segq = nq; 214 mq = nq; 215 } 216 217 /* 218 * Insert the new segment queue entry into place. Try to collapse 219 * mbuf chains if segments are adjacent. 220 */ 221 if (mp) { 222 if (M_TCPHDR(mp)->th_seq + mp->m_pkthdr.len == th->th_seq) 223 m_catpkt(mp, m); 224 else { 225 m->m_nextpkt = mp->m_nextpkt; 226 mp->m_nextpkt = m; 227 m->m_pkthdr.pkt_tcphdr = th; 228 } 229 } else { 230 mq = tp->t_segq; 231 tp->t_segq = m; 232 if (mq && th->th_seq + *tlenp == M_TCPHDR(mq)->th_seq) { 233 m->m_nextpkt = mq->m_nextpkt; 234 mq->m_nextpkt = NULL; 235 m_catpkt(m, mq); 236 } else 237 m->m_nextpkt = mq; 238 m->m_pkthdr.pkt_tcphdr = th; 239 } 240 tp->t_segqlen += *tlenp; 241 242 present: 243 /* 244 * Present data to user, advancing rcv_nxt through 245 * completed sequence space. 246 */ 247 if (!TCPS_HAVEESTABLISHED(tp->t_state)) 248 return (0); 249 250 flags = 0; 251 wakeup = 0; 252 SOCKBUF_LOCK(&so->so_rcv); 253 while ((mq = tp->t_segq) != NULL && 254 M_TCPHDR(mq)->th_seq == tp->rcv_nxt) { 255 tp->t_segq = mq->m_nextpkt; 256 257 tp->rcv_nxt += mq->m_pkthdr.len; 258 tp->t_segqlen -= mq->m_pkthdr.len; 259 flags = M_TCPHDR(mq)->th_flags & TH_FIN; 260 261 if (so->so_rcv.sb_state & SBS_CANTRCVMORE) 262 m_freem(mq); 263 else { 264 mq->m_nextpkt = NULL; 265 sbappendstream_locked(&so->so_rcv, mq, 0); 266 wakeup = 1; 267 } 268 } 269 ND6_HINT(tp); 270 if (wakeup) 271 sorwakeup_locked(so); 272 else 273 SOCKBUF_UNLOCK(&so->so_rcv); 274 return (flags); 275 } 276