1 /* 2 * Copyright (c) 1982, 1986, 1988, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. All advertising materials mentioning features or use of this software 14 * must display the following acknowledgement: 15 * This product includes software developed by the University of 16 * California, Berkeley and its contributors. 17 * 4. Neither the name of the University nor the names of its contributors 18 * may be used to endorse or promote products derived from this software 19 * without specific prior written permission. 20 * 21 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 24 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * From: @(#)tcp_usrreq.c 8.2 (Berkeley) 1/3/94 34 * $FreeBSD$ 35 */ 36 37 #include "opt_ipsec.h" 38 #include "opt_inet.h" 39 #include "opt_inet6.h" 40 #include "opt_tcpdebug.h" 41 42 #include <sys/param.h> 43 #include <sys/systm.h> 44 #include <sys/malloc.h> 45 #include <sys/kernel.h> 46 #include <sys/sysctl.h> 47 #include <sys/mbuf.h> 48 #ifdef INET6 49 #include <sys/domain.h> 50 #endif /* INET6 */ 51 #include <sys/socket.h> 52 #include <sys/socketvar.h> 53 #include <sys/protosw.h> 54 #include <sys/proc.h> 55 #include <sys/jail.h> 56 57 #include <net/if.h> 58 #include <net/route.h> 59 60 #include <netinet/in.h> 61 #include <netinet/in_systm.h> 62 #ifdef INET6 63 #include <netinet/ip6.h> 64 #endif 65 #include <netinet/in_pcb.h> 66 #ifdef INET6 67 #include <netinet6/in6_pcb.h> 68 #endif 69 #include <netinet/in_var.h> 70 #include <netinet/ip_var.h> 71 #ifdef INET6 72 #include <netinet6/ip6_var.h> 73 #endif 74 #include <netinet/tcp.h> 75 #include <netinet/tcp_fsm.h> 76 #include <netinet/tcp_seq.h> 77 #include <netinet/tcp_timer.h> 78 #include <netinet/tcp_var.h> 79 #include <netinet/tcpip.h> 80 #ifdef TCPDEBUG 81 #include <netinet/tcp_debug.h> 82 #endif 83 84 #ifdef IPSEC 85 #include <netinet6/ipsec.h> 86 #endif /*IPSEC*/ 87 88 /* 89 * TCP protocol interface to socket abstraction. 90 */ 91 extern char *tcpstates[]; /* XXX ??? */ 92 93 static int tcp_attach(struct socket *, struct thread *td); 94 static int tcp_connect(struct tcpcb *, struct sockaddr *, 95 struct thread *td); 96 #ifdef INET6 97 static int tcp6_connect(struct tcpcb *, struct sockaddr *, 98 struct thread *td); 99 #endif /* INET6 */ 100 static struct tcpcb * 101 tcp_disconnect(struct tcpcb *); 102 static struct tcpcb * 103 tcp_usrclosed(struct tcpcb *); 104 105 #ifdef TCPDEBUG 106 #define TCPDEBUG0 int ostate = 0 107 #define TCPDEBUG1() ostate = tp ? tp->t_state : 0 108 #define TCPDEBUG2(req) if (tp && (so->so_options & SO_DEBUG)) \ 109 tcp_trace(TA_USER, ostate, tp, 0, 0, req) 110 #else 111 #define TCPDEBUG0 112 #define TCPDEBUG1() 113 #define TCPDEBUG2(req) 114 #endif 115 116 /* 117 * TCP attaches to socket via pru_attach(), reserving space, 118 * and an internet control block. 119 */ 120 static int 121 tcp_usr_attach(struct socket *so, int proto, struct thread *td) 122 { 123 int s = splnet(); 124 int error; 125 struct inpcb *inp; 126 struct tcpcb *tp = 0; 127 TCPDEBUG0; 128 129 INP_INFO_WLOCK(&tcbinfo); 130 TCPDEBUG1(); 131 inp = sotoinpcb(so); 132 if (inp) { 133 error = EISCONN; 134 goto out; 135 } 136 137 error = tcp_attach(so, td); 138 if (error) 139 goto out; 140 141 if ((so->so_options & SO_LINGER) && so->so_linger == 0) 142 so->so_linger = TCP_LINGERTIME; 143 144 inp = sotoinpcb(so); 145 tp = intotcpcb(inp); 146 out: 147 TCPDEBUG2(PRU_ATTACH); 148 INP_INFO_WUNLOCK(&tcbinfo); 149 splx(s); 150 return error; 151 } 152 153 /* 154 * pru_detach() detaches the TCP protocol from the socket. 155 * If the protocol state is non-embryonic, then can't 156 * do this directly: have to initiate a pru_disconnect(), 157 * which may finish later; embryonic TCB's can just 158 * be discarded here. 159 */ 160 static int 161 tcp_usr_detach(struct socket *so) 162 { 163 int s = splnet(); 164 int error = 0; 165 struct inpcb *inp; 166 struct tcpcb *tp; 167 TCPDEBUG0; 168 169 INP_INFO_WLOCK(&tcbinfo); 170 inp = sotoinpcb(so); 171 if (inp == 0) { 172 INP_INFO_WUNLOCK(&tcbinfo); 173 splx(s); 174 return EINVAL; /* XXX */ 175 } 176 INP_LOCK(inp); 177 tp = intotcpcb(inp); 178 TCPDEBUG1(); 179 tp = tcp_disconnect(tp); 180 181 TCPDEBUG2(PRU_DETACH); 182 if (tp) 183 INP_UNLOCK(inp); 184 INP_INFO_WUNLOCK(&tcbinfo); 185 splx(s); 186 return error; 187 } 188 189 #define INI_NOLOCK 0 190 #define INI_READ 1 191 #define INI_WRITE 2 192 193 #define COMMON_START() \ 194 TCPDEBUG0; \ 195 do { \ 196 if (inirw == INI_READ) \ 197 INP_INFO_RLOCK(&tcbinfo); \ 198 else if (inirw == INI_WRITE) \ 199 INP_INFO_WLOCK(&tcbinfo); \ 200 inp = sotoinpcb(so); \ 201 if (inp == 0) { \ 202 if (inirw == INI_READ) \ 203 INP_INFO_RUNLOCK(&tcbinfo); \ 204 else if (inirw == INI_WRITE) \ 205 INP_INFO_WUNLOCK(&tcbinfo); \ 206 splx(s); \ 207 return EINVAL; \ 208 } \ 209 INP_LOCK(inp); \ 210 if (inirw == INI_READ) \ 211 INP_INFO_RUNLOCK(&tcbinfo); \ 212 tp = intotcpcb(inp); \ 213 TCPDEBUG1(); \ 214 } while(0) 215 216 #define COMMON_END(req) \ 217 out: TCPDEBUG2(req); \ 218 do { \ 219 if (tp) \ 220 INP_UNLOCK(inp); \ 221 if (inirw == INI_WRITE) \ 222 INP_INFO_WUNLOCK(&tcbinfo); \ 223 splx(s); \ 224 return error; \ 225 goto out; \ 226 } while(0) 227 228 /* 229 * Give the socket an address. 230 */ 231 static int 232 tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 233 { 234 int s = splnet(); 235 int error = 0; 236 struct inpcb *inp; 237 struct tcpcb *tp; 238 struct sockaddr_in *sinp; 239 const int inirw = INI_WRITE; 240 241 COMMON_START(); 242 243 /* 244 * Must check for multicast addresses and disallow binding 245 * to them. 246 */ 247 sinp = (struct sockaddr_in *)nam; 248 if (nam->sa_len != sizeof (*sinp)) 249 return (EINVAL); 250 if (sinp->sin_family == AF_INET && 251 IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { 252 error = EAFNOSUPPORT; 253 goto out; 254 } 255 error = in_pcbbind(inp, nam, td); 256 if (error) 257 goto out; 258 COMMON_END(PRU_BIND); 259 } 260 261 #ifdef INET6 262 static int 263 tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) 264 { 265 int s = splnet(); 266 int error = 0; 267 struct inpcb *inp; 268 struct tcpcb *tp; 269 struct sockaddr_in6 *sin6p; 270 const int inirw = INI_WRITE; 271 272 COMMON_START(); 273 274 /* 275 * Must check for multicast addresses and disallow binding 276 * to them. 277 */ 278 sin6p = (struct sockaddr_in6 *)nam; 279 if (nam->sa_len != sizeof (*sin6p)) 280 return (EINVAL); 281 if (sin6p->sin6_family == AF_INET6 && 282 IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) { 283 error = EAFNOSUPPORT; 284 goto out; 285 } 286 inp->inp_vflag &= ~INP_IPV4; 287 inp->inp_vflag |= INP_IPV6; 288 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) { 289 if (IN6_IS_ADDR_UNSPECIFIED(&sin6p->sin6_addr)) 290 inp->inp_vflag |= INP_IPV4; 291 else if (IN6_IS_ADDR_V4MAPPED(&sin6p->sin6_addr)) { 292 struct sockaddr_in sin; 293 294 in6_sin6_2_sin(&sin, sin6p); 295 inp->inp_vflag |= INP_IPV4; 296 inp->inp_vflag &= ~INP_IPV6; 297 error = in_pcbbind(inp, (struct sockaddr *)&sin, td); 298 goto out; 299 } 300 } 301 error = in6_pcbbind(inp, nam, td); 302 if (error) 303 goto out; 304 COMMON_END(PRU_BIND); 305 } 306 #endif /* INET6 */ 307 308 /* 309 * Prepare to accept connections. 310 */ 311 static int 312 tcp_usr_listen(struct socket *so, struct thread *td) 313 { 314 int s = splnet(); 315 int error = 0; 316 struct inpcb *inp; 317 struct tcpcb *tp; 318 const int inirw = INI_WRITE; 319 320 COMMON_START(); 321 if (inp->inp_lport == 0) 322 error = in_pcbbind(inp, (struct sockaddr *)0, td); 323 if (error == 0) 324 tp->t_state = TCPS_LISTEN; 325 COMMON_END(PRU_LISTEN); 326 } 327 328 #ifdef INET6 329 static int 330 tcp6_usr_listen(struct socket *so, struct thread *td) 331 { 332 int s = splnet(); 333 int error = 0; 334 struct inpcb *inp; 335 struct tcpcb *tp; 336 const int inirw = INI_WRITE; 337 338 COMMON_START(); 339 if (inp->inp_lport == 0) { 340 inp->inp_vflag &= ~INP_IPV4; 341 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) == 0) 342 inp->inp_vflag |= INP_IPV4; 343 error = in6_pcbbind(inp, (struct sockaddr *)0, td); 344 } 345 if (error == 0) 346 tp->t_state = TCPS_LISTEN; 347 COMMON_END(PRU_LISTEN); 348 } 349 #endif /* INET6 */ 350 351 /* 352 * Initiate connection to peer. 353 * Create a template for use in transmissions on this connection. 354 * Enter SYN_SENT state, and mark socket as connecting. 355 * Start keep-alive timer, and seed output sequence space. 356 * Send initial segment on connection. 357 */ 358 static int 359 tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 360 { 361 int s = splnet(); 362 int error = 0; 363 struct inpcb *inp; 364 struct tcpcb *tp; 365 struct sockaddr_in *sinp; 366 const int inirw = INI_WRITE; 367 368 COMMON_START(); 369 370 /* 371 * Must disallow TCP ``connections'' to multicast addresses. 372 */ 373 sinp = (struct sockaddr_in *)nam; 374 if (nam->sa_len != sizeof (*sinp)) 375 return (EINVAL); 376 if (sinp->sin_family == AF_INET 377 && IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { 378 error = EAFNOSUPPORT; 379 goto out; 380 } 381 382 if (td && jailed(td->td_ucred)) 383 prison_remote_ip(td->td_ucred, 0, &sinp->sin_addr.s_addr); 384 385 if ((error = tcp_connect(tp, nam, td)) != 0) 386 goto out; 387 error = tcp_output(tp); 388 COMMON_END(PRU_CONNECT); 389 } 390 391 #ifdef INET6 392 static int 393 tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) 394 { 395 int s = splnet(); 396 int error = 0; 397 struct inpcb *inp; 398 struct tcpcb *tp; 399 struct sockaddr_in6 *sin6p; 400 const int inirw = INI_WRITE; 401 402 COMMON_START(); 403 404 /* 405 * Must disallow TCP ``connections'' to multicast addresses. 406 */ 407 sin6p = (struct sockaddr_in6 *)nam; 408 if (nam->sa_len != sizeof (*sin6p)) 409 return (EINVAL); 410 if (sin6p->sin6_family == AF_INET6 411 && IN6_IS_ADDR_MULTICAST(&sin6p->sin6_addr)) { 412 error = EAFNOSUPPORT; 413 goto out; 414 } 415 416 if (IN6_IS_ADDR_V4MAPPED(&sin6p->sin6_addr)) { 417 struct sockaddr_in sin; 418 419 if ((inp->inp_flags & IN6P_IPV6_V6ONLY) != 0) { 420 error = EINVAL; 421 goto out; 422 } 423 424 in6_sin6_2_sin(&sin, sin6p); 425 inp->inp_vflag |= INP_IPV4; 426 inp->inp_vflag &= ~INP_IPV6; 427 if ((error = tcp_connect(tp, (struct sockaddr *)&sin, td)) != 0) 428 goto out; 429 error = tcp_output(tp); 430 goto out; 431 } 432 inp->inp_vflag &= ~INP_IPV4; 433 inp->inp_vflag |= INP_IPV6; 434 inp->inp_inc.inc_isipv6 = 1; 435 if ((error = tcp6_connect(tp, nam, td)) != 0) 436 goto out; 437 error = tcp_output(tp); 438 COMMON_END(PRU_CONNECT); 439 } 440 #endif /* INET6 */ 441 442 /* 443 * Initiate disconnect from peer. 444 * If connection never passed embryonic stage, just drop; 445 * else if don't need to let data drain, then can just drop anyways, 446 * else have to begin TCP shutdown process: mark socket disconnecting, 447 * drain unread data, state switch to reflect user close, and 448 * send segment (e.g. FIN) to peer. Socket will be really disconnected 449 * when peer sends FIN and acks ours. 450 * 451 * SHOULD IMPLEMENT LATER PRU_CONNECT VIA REALLOC TCPCB. 452 */ 453 static int 454 tcp_usr_disconnect(struct socket *so) 455 { 456 int s = splnet(); 457 int error = 0; 458 struct inpcb *inp; 459 struct tcpcb *tp; 460 const int inirw = INI_WRITE; 461 462 COMMON_START(); 463 tp = tcp_disconnect(tp); 464 COMMON_END(PRU_DISCONNECT); 465 } 466 467 /* 468 * Accept a connection. Essentially all the work is 469 * done at higher levels; just return the address 470 * of the peer, storing through addr. 471 */ 472 static int 473 tcp_usr_accept(struct socket *so, struct sockaddr **nam) 474 { 475 int s; 476 int error = 0; 477 struct inpcb *inp = NULL; 478 struct tcpcb *tp = NULL; 479 struct in_addr addr; 480 in_port_t port = 0; 481 TCPDEBUG0; 482 483 if (so->so_state & SS_ISDISCONNECTED) { 484 error = ECONNABORTED; 485 goto out; 486 } 487 488 s = splnet(); 489 INP_INFO_RLOCK(&tcbinfo); 490 inp = sotoinpcb(so); 491 if (!inp) { 492 INP_INFO_RUNLOCK(&tcbinfo); 493 splx(s); 494 return (EINVAL); 495 } 496 INP_LOCK(inp); 497 INP_INFO_RUNLOCK(&tcbinfo); 498 tp = intotcpcb(inp); 499 TCPDEBUG1(); 500 501 /* 502 * We inline in_setpeeraddr and COMMON_END here, so that we can 503 * copy the data of interest and defer the malloc until after we 504 * release the lock. 505 */ 506 port = inp->inp_fport; 507 addr = inp->inp_faddr; 508 509 out: TCPDEBUG2(PRU_ACCEPT); 510 if (tp) 511 INP_UNLOCK(inp); 512 splx(s); 513 if (error == 0) 514 *nam = in_sockaddr(port, &addr); 515 return error; 516 } 517 518 #ifdef INET6 519 static int 520 tcp6_usr_accept(struct socket *so, struct sockaddr **nam) 521 { 522 int s; 523 struct inpcb *inp = NULL; 524 int error = 0; 525 struct tcpcb *tp = NULL; 526 struct in_addr addr; 527 struct in6_addr addr6; 528 in_port_t port = 0; 529 int v4 = 0; 530 TCPDEBUG0; 531 532 if (so->so_state & SS_ISDISCONNECTED) { 533 error = ECONNABORTED; 534 goto out; 535 } 536 537 s = splnet(); 538 INP_INFO_RLOCK(&tcbinfo); 539 inp = sotoinpcb(so); 540 if (inp == 0) { 541 INP_INFO_RUNLOCK(&tcbinfo); 542 splx(s); 543 return (EINVAL); 544 } 545 INP_LOCK(inp); 546 INP_INFO_RUNLOCK(&tcbinfo); 547 tp = intotcpcb(inp); 548 TCPDEBUG1(); 549 /* 550 * We inline in6_mapped_peeraddr and COMMON_END here, so that we can 551 * copy the data of interest and defer the malloc until after we 552 * release the lock. 553 */ 554 if (inp->inp_vflag & INP_IPV4) { 555 v4 = 1; 556 port = inp->inp_fport; 557 addr = inp->inp_faddr; 558 } else { 559 port = inp->inp_fport; 560 addr6 = inp->in6p_faddr; 561 } 562 563 out: TCPDEBUG2(PRU_ACCEPT); 564 if (tp) 565 INP_UNLOCK(inp); 566 splx(s); 567 if (error == 0) { 568 if (v4) 569 *nam = in6_v4mapsin6_sockaddr(port, &addr); 570 else 571 *nam = in6_sockaddr(port, &addr6); 572 } 573 return error; 574 } 575 #endif /* INET6 */ 576 577 /* 578 * This is the wrapper function for in_setsockaddr. We just pass down 579 * the pcbinfo for in_setsockaddr to lock. We don't want to do the locking 580 * here because in_setsockaddr will call malloc and can block. 581 */ 582 static int 583 tcp_sockaddr(struct socket *so, struct sockaddr **nam) 584 { 585 return (in_setsockaddr(so, nam, &tcbinfo)); 586 } 587 588 /* 589 * This is the wrapper function for in_setpeeraddr. We just pass down 590 * the pcbinfo for in_setpeeraddr to lock. 591 */ 592 static int 593 tcp_peeraddr(struct socket *so, struct sockaddr **nam) 594 { 595 return (in_setpeeraddr(so, nam, &tcbinfo)); 596 } 597 598 /* 599 * Mark the connection as being incapable of further output. 600 */ 601 static int 602 tcp_usr_shutdown(struct socket *so) 603 { 604 int s = splnet(); 605 int error = 0; 606 struct inpcb *inp; 607 struct tcpcb *tp; 608 const int inirw = INI_WRITE; 609 610 COMMON_START(); 611 socantsendmore(so); 612 tp = tcp_usrclosed(tp); 613 if (tp) 614 error = tcp_output(tp); 615 COMMON_END(PRU_SHUTDOWN); 616 } 617 618 /* 619 * After a receive, possibly send window update to peer. 620 */ 621 static int 622 tcp_usr_rcvd(struct socket *so, int flags) 623 { 624 int s = splnet(); 625 int error = 0; 626 struct inpcb *inp; 627 struct tcpcb *tp; 628 const int inirw = INI_READ; 629 630 COMMON_START(); 631 tcp_output(tp); 632 COMMON_END(PRU_RCVD); 633 } 634 635 /* 636 * Do a send by putting data in output queue and updating urgent 637 * marker if URG set. Possibly send more data. Unlike the other 638 * pru_*() routines, the mbuf chains are our responsibility. We 639 * must either enqueue them or free them. The other pru_* routines 640 * generally are caller-frees. 641 */ 642 static int 643 tcp_usr_send(struct socket *so, int flags, struct mbuf *m, 644 struct sockaddr *nam, struct mbuf *control, struct thread *td) 645 { 646 int s = splnet(); 647 int error = 0; 648 struct inpcb *inp; 649 struct tcpcb *tp; 650 const int inirw = INI_WRITE; 651 #ifdef INET6 652 int isipv6; 653 #endif 654 TCPDEBUG0; 655 656 /* 657 * Need write lock here because this function might call 658 * tcp_connect or tcp_usrclosed. 659 * We really want to have to this function upgrade from read lock 660 * to write lock. XXX 661 */ 662 INP_INFO_WLOCK(&tcbinfo); 663 inp = sotoinpcb(so); 664 if (inp == NULL) { 665 /* 666 * OOPS! we lost a race, the TCP session got reset after 667 * we checked SS_CANTSENDMORE, eg: while doing uiomove or a 668 * network interrupt in the non-splnet() section of sosend(). 669 */ 670 if (m) 671 m_freem(m); 672 if (control) 673 m_freem(control); 674 error = ECONNRESET; /* XXX EPIPE? */ 675 tp = NULL; 676 TCPDEBUG1(); 677 goto out; 678 } 679 INP_LOCK(inp); 680 #ifdef INET6 681 isipv6 = nam && nam->sa_family == AF_INET6; 682 #endif /* INET6 */ 683 tp = intotcpcb(inp); 684 TCPDEBUG1(); 685 if (control) { 686 /* TCP doesn't do control messages (rights, creds, etc) */ 687 if (control->m_len) { 688 m_freem(control); 689 if (m) 690 m_freem(m); 691 error = EINVAL; 692 goto out; 693 } 694 m_freem(control); /* empty control, just free it */ 695 } 696 if (!(flags & PRUS_OOB)) { 697 sbappendstream(&so->so_snd, m); 698 if (nam && tp->t_state < TCPS_SYN_SENT) { 699 /* 700 * Do implied connect if not yet connected, 701 * initialize window to default value, and 702 * initialize maxseg/maxopd using peer's cached 703 * MSS. 704 */ 705 #ifdef INET6 706 if (isipv6) 707 error = tcp6_connect(tp, nam, td); 708 else 709 #endif /* INET6 */ 710 error = tcp_connect(tp, nam, td); 711 if (error) 712 goto out; 713 tp->snd_wnd = TTCP_CLIENT_SND_WND; 714 tcp_mss(tp, -1); 715 } 716 717 if (flags & PRUS_EOF) { 718 /* 719 * Close the send side of the connection after 720 * the data is sent. 721 */ 722 socantsendmore(so); 723 tp = tcp_usrclosed(tp); 724 } 725 if (tp != NULL) { 726 if (flags & PRUS_MORETOCOME) 727 tp->t_flags |= TF_MORETOCOME; 728 error = tcp_output(tp); 729 if (flags & PRUS_MORETOCOME) 730 tp->t_flags &= ~TF_MORETOCOME; 731 } 732 } else { 733 if (sbspace(&so->so_snd) < -512) { 734 m_freem(m); 735 error = ENOBUFS; 736 goto out; 737 } 738 /* 739 * According to RFC961 (Assigned Protocols), 740 * the urgent pointer points to the last octet 741 * of urgent data. We continue, however, 742 * to consider it to indicate the first octet 743 * of data past the urgent section. 744 * Otherwise, snd_up should be one lower. 745 */ 746 sbappendstream(&so->so_snd, m); 747 if (nam && tp->t_state < TCPS_SYN_SENT) { 748 /* 749 * Do implied connect if not yet connected, 750 * initialize window to default value, and 751 * initialize maxseg/maxopd using peer's cached 752 * MSS. 753 */ 754 #ifdef INET6 755 if (isipv6) 756 error = tcp6_connect(tp, nam, td); 757 else 758 #endif /* INET6 */ 759 error = tcp_connect(tp, nam, td); 760 if (error) 761 goto out; 762 tp->snd_wnd = TTCP_CLIENT_SND_WND; 763 tcp_mss(tp, -1); 764 } 765 tp->snd_up = tp->snd_una + so->so_snd.sb_cc; 766 tp->t_force = 1; 767 error = tcp_output(tp); 768 tp->t_force = 0; 769 } 770 COMMON_END((flags & PRUS_OOB) ? PRU_SENDOOB : 771 ((flags & PRUS_EOF) ? PRU_SEND_EOF : PRU_SEND)); 772 } 773 774 /* 775 * Abort the TCP. 776 */ 777 static int 778 tcp_usr_abort(struct socket *so) 779 { 780 int s = splnet(); 781 int error = 0; 782 struct inpcb *inp; 783 struct tcpcb *tp; 784 const int inirw = INI_WRITE; 785 786 COMMON_START(); 787 tp = tcp_drop(tp, ECONNABORTED); 788 COMMON_END(PRU_ABORT); 789 } 790 791 /* 792 * Receive out-of-band data. 793 */ 794 static int 795 tcp_usr_rcvoob(struct socket *so, struct mbuf *m, int flags) 796 { 797 int s = splnet(); 798 int error = 0; 799 struct inpcb *inp; 800 struct tcpcb *tp; 801 const int inirw = INI_READ; 802 803 COMMON_START(); 804 if ((so->so_oobmark == 0 && 805 (so->so_state & SS_RCVATMARK) == 0) || 806 so->so_options & SO_OOBINLINE || 807 tp->t_oobflags & TCPOOB_HADDATA) { 808 error = EINVAL; 809 goto out; 810 } 811 if ((tp->t_oobflags & TCPOOB_HAVEDATA) == 0) { 812 error = EWOULDBLOCK; 813 goto out; 814 } 815 m->m_len = 1; 816 *mtod(m, caddr_t) = tp->t_iobc; 817 if ((flags & MSG_PEEK) == 0) 818 tp->t_oobflags ^= (TCPOOB_HAVEDATA | TCPOOB_HADDATA); 819 COMMON_END(PRU_RCVOOB); 820 } 821 822 /* xxx - should be const */ 823 struct pr_usrreqs tcp_usrreqs = { 824 tcp_usr_abort, tcp_usr_accept, tcp_usr_attach, tcp_usr_bind, 825 tcp_usr_connect, pru_connect2_notsupp, in_control, tcp_usr_detach, 826 tcp_usr_disconnect, tcp_usr_listen, tcp_peeraddr, tcp_usr_rcvd, 827 tcp_usr_rcvoob, tcp_usr_send, pru_sense_null, tcp_usr_shutdown, 828 tcp_sockaddr, sosend, soreceive, sopoll, in_pcbsosetlabel 829 }; 830 831 #ifdef INET6 832 struct pr_usrreqs tcp6_usrreqs = { 833 tcp_usr_abort, tcp6_usr_accept, tcp_usr_attach, tcp6_usr_bind, 834 tcp6_usr_connect, pru_connect2_notsupp, in6_control, tcp_usr_detach, 835 tcp_usr_disconnect, tcp6_usr_listen, in6_mapped_peeraddr, tcp_usr_rcvd, 836 tcp_usr_rcvoob, tcp_usr_send, pru_sense_null, tcp_usr_shutdown, 837 in6_mapped_sockaddr, sosend, soreceive, sopoll, in_pcbsosetlabel 838 }; 839 #endif /* INET6 */ 840 841 /* 842 * Common subroutine to open a TCP connection to remote host specified 843 * by struct sockaddr_in in mbuf *nam. Call in_pcbbind to assign a local 844 * port number if needed. Call in_pcbconnect_setup to do the routing and 845 * to choose a local host address (interface). If there is an existing 846 * incarnation of the same connection in TIME-WAIT state and if the remote 847 * host was sending CC options and if the connection duration was < MSL, then 848 * truncate the previous TIME-WAIT state and proceed. 849 * Initialize connection parameters and enter SYN-SENT state. 850 */ 851 static int 852 tcp_connect(tp, nam, td) 853 register struct tcpcb *tp; 854 struct sockaddr *nam; 855 struct thread *td; 856 { 857 struct inpcb *inp = tp->t_inpcb, *oinp; 858 struct socket *so = inp->inp_socket; 859 struct tcptw *otw; 860 struct rmxp_tao tao; 861 struct in_addr laddr; 862 u_short lport; 863 int error; 864 865 bzero(&tao, sizeof(tao)); 866 867 if (inp->inp_lport == 0) { 868 error = in_pcbbind(inp, (struct sockaddr *)0, td); 869 if (error) 870 return error; 871 } 872 873 /* 874 * Cannot simply call in_pcbconnect, because there might be an 875 * earlier incarnation of this same connection still in 876 * TIME_WAIT state, creating an ADDRINUSE error. 877 */ 878 laddr = inp->inp_laddr; 879 lport = inp->inp_lport; 880 error = in_pcbconnect_setup(inp, nam, &laddr.s_addr, &lport, 881 &inp->inp_faddr.s_addr, &inp->inp_fport, &oinp, td); 882 if (error && oinp == NULL) 883 return error; 884 if (oinp) { 885 if (oinp != inp && 886 (oinp->inp_vflag & INP_TIMEWAIT) && 887 (ticks - (otw = intotw(oinp))->t_starttime) < tcp_msl && 888 otw->cc_recv != 0) { 889 inp->inp_faddr = oinp->inp_faddr; 890 inp->inp_fport = oinp->inp_fport; 891 (void) tcp_twclose(otw, 0); 892 } else 893 return EADDRINUSE; 894 } 895 inp->inp_laddr = laddr; 896 in_pcbrehash(inp); 897 898 /* Compute window scaling to request. */ 899 while (tp->request_r_scale < TCP_MAX_WINSHIFT && 900 (TCP_MAXWIN << tp->request_r_scale) < so->so_rcv.sb_hiwat) 901 tp->request_r_scale++; 902 903 soisconnecting(so); 904 tcpstat.tcps_connattempt++; 905 tp->t_state = TCPS_SYN_SENT; 906 callout_reset(tp->tt_keep, tcp_keepinit, tcp_timer_keep, tp); 907 tp->iss = tcp_new_isn(tp); 908 tp->t_bw_rtseq = tp->iss; 909 tcp_sendseqinit(tp); 910 911 /* 912 * Generate a CC value for this connection and 913 * check whether CC or CCnew should be used. 914 */ 915 if (tcp_do_rfc1644) 916 tcp_hc_gettao(&inp->inp_inc, &tao); 917 918 tp->cc_send = CC_INC(tcp_ccgen); 919 if (tao.tao_ccsent != 0 && 920 CC_GEQ(tp->cc_send, tao.tao_ccsent)) { 921 tao.tao_ccsent = tp->cc_send; 922 } else { 923 tao.tao_ccsent = 0; 924 tp->t_flags |= TF_SENDCCNEW; 925 } 926 927 if (tcp_do_rfc1644) 928 tcp_hc_updatetao(&inp->inp_inc, TCP_HC_TAO_CCSENT, 929 tao.tao_ccsent, 0); 930 931 return 0; 932 } 933 934 #ifdef INET6 935 static int 936 tcp6_connect(tp, nam, td) 937 register struct tcpcb *tp; 938 struct sockaddr *nam; 939 struct thread *td; 940 { 941 struct inpcb *inp = tp->t_inpcb, *oinp; 942 struct socket *so = inp->inp_socket; 943 struct tcptw *otw; 944 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)nam; 945 struct in6_addr *addr6; 946 struct rmxp_tao tao; 947 int error; 948 949 bzero(&tao, sizeof(tao)); 950 951 if (inp->inp_lport == 0) { 952 error = in6_pcbbind(inp, (struct sockaddr *)0, td); 953 if (error) 954 return error; 955 } 956 957 /* 958 * Cannot simply call in_pcbconnect, because there might be an 959 * earlier incarnation of this same connection still in 960 * TIME_WAIT state, creating an ADDRINUSE error. 961 */ 962 error = in6_pcbladdr(inp, nam, &addr6); 963 if (error) 964 return error; 965 oinp = in6_pcblookup_hash(inp->inp_pcbinfo, 966 &sin6->sin6_addr, sin6->sin6_port, 967 IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr) 968 ? addr6 969 : &inp->in6p_laddr, 970 inp->inp_lport, 0, NULL); 971 if (oinp) { 972 if (oinp != inp && 973 (oinp->inp_vflag & INP_TIMEWAIT) && 974 (ticks - (otw = intotw(oinp))->t_starttime) < tcp_msl && 975 otw->cc_recv != 0) { 976 inp->inp_faddr = oinp->inp_faddr; 977 inp->inp_fport = oinp->inp_fport; 978 (void) tcp_twclose(otw, 0); 979 } else 980 return EADDRINUSE; 981 } 982 if (IN6_IS_ADDR_UNSPECIFIED(&inp->in6p_laddr)) 983 inp->in6p_laddr = *addr6; 984 inp->in6p_faddr = sin6->sin6_addr; 985 inp->inp_fport = sin6->sin6_port; 986 if ((sin6->sin6_flowinfo & IPV6_FLOWINFO_MASK) != 0) 987 inp->in6p_flowinfo = sin6->sin6_flowinfo; 988 in_pcbrehash(inp); 989 990 /* Compute window scaling to request. */ 991 while (tp->request_r_scale < TCP_MAX_WINSHIFT && 992 (TCP_MAXWIN << tp->request_r_scale) < so->so_rcv.sb_hiwat) 993 tp->request_r_scale++; 994 995 soisconnecting(so); 996 tcpstat.tcps_connattempt++; 997 tp->t_state = TCPS_SYN_SENT; 998 callout_reset(tp->tt_keep, tcp_keepinit, tcp_timer_keep, tp); 999 tp->iss = tcp_new_isn(tp); 1000 tp->t_bw_rtseq = tp->iss; 1001 tcp_sendseqinit(tp); 1002 1003 /* 1004 * Generate a CC value for this connection and 1005 * check whether CC or CCnew should be used. 1006 */ 1007 if (tcp_do_rfc1644) 1008 tcp_hc_gettao(&inp->inp_inc, &tao); 1009 1010 tp->cc_send = CC_INC(tcp_ccgen); 1011 if (tao.tao_ccsent != 0 && 1012 CC_GEQ(tp->cc_send, tao.tao_ccsent)) { 1013 tao.tao_ccsent = tp->cc_send; 1014 } else { 1015 tao.tao_ccsent = 0; 1016 tp->t_flags |= TF_SENDCCNEW; 1017 } 1018 if (tcp_do_rfc1644) 1019 tcp_hc_updatetao(&inp->inp_inc, TCP_HC_TAO_CCSENT, 1020 tao.tao_ccsent, 0); 1021 1022 return 0; 1023 } 1024 #endif /* INET6 */ 1025 1026 /* 1027 * The new sockopt interface makes it possible for us to block in the 1028 * copyin/out step (if we take a page fault). Taking a page fault at 1029 * splnet() is probably a Bad Thing. (Since sockets and pcbs both now 1030 * use TSM, there probably isn't any need for this function to run at 1031 * splnet() any more. This needs more examination.) 1032 */ 1033 int 1034 tcp_ctloutput(so, sopt) 1035 struct socket *so; 1036 struct sockopt *sopt; 1037 { 1038 int error, opt, optval, s; 1039 struct inpcb *inp; 1040 struct tcpcb *tp; 1041 1042 error = 0; 1043 s = splnet(); /* XXX */ 1044 INP_INFO_RLOCK(&tcbinfo); 1045 inp = sotoinpcb(so); 1046 if (inp == NULL) { 1047 INP_INFO_RUNLOCK(&tcbinfo); 1048 splx(s); 1049 return (ECONNRESET); 1050 } 1051 INP_LOCK(inp); 1052 INP_INFO_RUNLOCK(&tcbinfo); 1053 if (sopt->sopt_level != IPPROTO_TCP) { 1054 #ifdef INET6 1055 if (INP_CHECK_SOCKAF(so, AF_INET6)) 1056 error = ip6_ctloutput(so, sopt); 1057 else 1058 #endif /* INET6 */ 1059 error = ip_ctloutput(so, sopt); 1060 INP_UNLOCK(inp); 1061 splx(s); 1062 return (error); 1063 } 1064 tp = intotcpcb(inp); 1065 1066 switch (sopt->sopt_dir) { 1067 case SOPT_SET: 1068 switch (sopt->sopt_name) { 1069 #ifdef TCP_SIGNATURE 1070 case TCP_MD5SIG: 1071 error = sooptcopyin(sopt, &optval, sizeof optval, 1072 sizeof optval); 1073 if (error) 1074 break; 1075 1076 if (optval > 0) 1077 tp->t_flags |= TF_SIGNATURE; 1078 else 1079 tp->t_flags &= ~TF_SIGNATURE; 1080 break; 1081 #endif /* TCP_SIGNATURE */ 1082 case TCP_NODELAY: 1083 case TCP_NOOPT: 1084 error = sooptcopyin(sopt, &optval, sizeof optval, 1085 sizeof optval); 1086 if (error) 1087 break; 1088 1089 switch (sopt->sopt_name) { 1090 case TCP_NODELAY: 1091 opt = TF_NODELAY; 1092 break; 1093 case TCP_NOOPT: 1094 opt = TF_NOOPT; 1095 break; 1096 default: 1097 opt = 0; /* dead code to fool gcc */ 1098 break; 1099 } 1100 1101 if (optval) 1102 tp->t_flags |= opt; 1103 else 1104 tp->t_flags &= ~opt; 1105 break; 1106 1107 case TCP_NOPUSH: 1108 error = sooptcopyin(sopt, &optval, sizeof optval, 1109 sizeof optval); 1110 if (error) 1111 break; 1112 1113 if (optval) 1114 tp->t_flags |= TF_NOPUSH; 1115 else { 1116 tp->t_flags &= ~TF_NOPUSH; 1117 error = tcp_output(tp); 1118 } 1119 break; 1120 1121 case TCP_MAXSEG: 1122 error = sooptcopyin(sopt, &optval, sizeof optval, 1123 sizeof optval); 1124 if (error) 1125 break; 1126 1127 if (optval > 0 && optval <= tp->t_maxseg && 1128 optval + 40 >= tcp_minmss) 1129 tp->t_maxseg = optval; 1130 else 1131 error = EINVAL; 1132 break; 1133 1134 default: 1135 error = ENOPROTOOPT; 1136 break; 1137 } 1138 break; 1139 1140 case SOPT_GET: 1141 switch (sopt->sopt_name) { 1142 #ifdef TCP_SIGNATURE 1143 case TCP_MD5SIG: 1144 optval = (tp->t_flags & TF_SIGNATURE) ? 1 : 0; 1145 break; 1146 #endif 1147 case TCP_NODELAY: 1148 optval = tp->t_flags & TF_NODELAY; 1149 break; 1150 case TCP_MAXSEG: 1151 optval = tp->t_maxseg; 1152 break; 1153 case TCP_NOOPT: 1154 optval = tp->t_flags & TF_NOOPT; 1155 break; 1156 case TCP_NOPUSH: 1157 optval = tp->t_flags & TF_NOPUSH; 1158 break; 1159 default: 1160 error = ENOPROTOOPT; 1161 break; 1162 } 1163 if (error == 0) 1164 error = sooptcopyout(sopt, &optval, sizeof optval); 1165 break; 1166 } 1167 INP_UNLOCK(inp); 1168 splx(s); 1169 return (error); 1170 } 1171 1172 /* 1173 * tcp_sendspace and tcp_recvspace are the default send and receive window 1174 * sizes, respectively. These are obsolescent (this information should 1175 * be set by the route). 1176 */ 1177 u_long tcp_sendspace = 1024*32; 1178 SYSCTL_INT(_net_inet_tcp, TCPCTL_SENDSPACE, sendspace, CTLFLAG_RW, 1179 &tcp_sendspace , 0, "Maximum outgoing TCP datagram size"); 1180 u_long tcp_recvspace = 1024*64; 1181 SYSCTL_INT(_net_inet_tcp, TCPCTL_RECVSPACE, recvspace, CTLFLAG_RW, 1182 &tcp_recvspace , 0, "Maximum incoming TCP datagram size"); 1183 1184 /* 1185 * Attach TCP protocol to socket, allocating 1186 * internet protocol control block, tcp control block, 1187 * bufer space, and entering LISTEN state if to accept connections. 1188 */ 1189 static int 1190 tcp_attach(so, td) 1191 struct socket *so; 1192 struct thread *td; 1193 { 1194 register struct tcpcb *tp; 1195 struct inpcb *inp; 1196 int error; 1197 #ifdef INET6 1198 int isipv6 = INP_CHECK_SOCKAF(so, AF_INET6) != 0; 1199 #endif 1200 1201 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) { 1202 error = soreserve(so, tcp_sendspace, tcp_recvspace); 1203 if (error) 1204 return (error); 1205 } 1206 error = in_pcballoc(so, &tcbinfo, td, "tcpinp"); 1207 if (error) 1208 return (error); 1209 inp = sotoinpcb(so); 1210 #ifdef INET6 1211 if (isipv6) { 1212 inp->inp_vflag |= INP_IPV6; 1213 inp->in6p_hops = -1; /* use kernel default */ 1214 } 1215 else 1216 #endif 1217 inp->inp_vflag |= INP_IPV4; 1218 tp = tcp_newtcpcb(inp); 1219 if (tp == 0) { 1220 int nofd = so->so_state & SS_NOFDREF; /* XXX */ 1221 1222 so->so_state &= ~SS_NOFDREF; /* don't free the socket yet */ 1223 #ifdef INET6 1224 if (isipv6) 1225 in6_pcbdetach(inp); 1226 else 1227 #endif 1228 in_pcbdetach(inp); 1229 so->so_state |= nofd; 1230 return (ENOBUFS); 1231 } 1232 tp->t_state = TCPS_CLOSED; 1233 return (0); 1234 } 1235 1236 /* 1237 * Initiate (or continue) disconnect. 1238 * If embryonic state, just send reset (once). 1239 * If in ``let data drain'' option and linger null, just drop. 1240 * Otherwise (hard), mark socket disconnecting and drop 1241 * current input data; switch states based on user close, and 1242 * send segment to peer (with FIN). 1243 */ 1244 static struct tcpcb * 1245 tcp_disconnect(tp) 1246 register struct tcpcb *tp; 1247 { 1248 struct socket *so = tp->t_inpcb->inp_socket; 1249 1250 if (tp->t_state < TCPS_ESTABLISHED) 1251 tp = tcp_close(tp); 1252 else if ((so->so_options & SO_LINGER) && so->so_linger == 0) 1253 tp = tcp_drop(tp, 0); 1254 else { 1255 soisdisconnecting(so); 1256 sbflush(&so->so_rcv); 1257 tp = tcp_usrclosed(tp); 1258 if (tp) 1259 (void) tcp_output(tp); 1260 } 1261 return (tp); 1262 } 1263 1264 /* 1265 * User issued close, and wish to trail through shutdown states: 1266 * if never received SYN, just forget it. If got a SYN from peer, 1267 * but haven't sent FIN, then go to FIN_WAIT_1 state to send peer a FIN. 1268 * If already got a FIN from peer, then almost done; go to LAST_ACK 1269 * state. In all other cases, have already sent FIN to peer (e.g. 1270 * after PRU_SHUTDOWN), and just have to play tedious game waiting 1271 * for peer to send FIN or not respond to keep-alives, etc. 1272 * We can let the user exit from the close as soon as the FIN is acked. 1273 */ 1274 static struct tcpcb * 1275 tcp_usrclosed(tp) 1276 register struct tcpcb *tp; 1277 { 1278 1279 switch (tp->t_state) { 1280 1281 case TCPS_CLOSED: 1282 case TCPS_LISTEN: 1283 tp->t_state = TCPS_CLOSED; 1284 tp = tcp_close(tp); 1285 break; 1286 1287 case TCPS_SYN_SENT: 1288 case TCPS_SYN_RECEIVED: 1289 tp->t_flags |= TF_NEEDFIN; 1290 break; 1291 1292 case TCPS_ESTABLISHED: 1293 tp->t_state = TCPS_FIN_WAIT_1; 1294 break; 1295 1296 case TCPS_CLOSE_WAIT: 1297 tp->t_state = TCPS_LAST_ACK; 1298 break; 1299 } 1300 if (tp && tp->t_state >= TCPS_FIN_WAIT_2) { 1301 soisdisconnected(tp->t_inpcb->inp_socket); 1302 /* To prevent the connection hanging in FIN_WAIT_2 forever. */ 1303 if (tp->t_state == TCPS_FIN_WAIT_2) 1304 callout_reset(tp->tt_2msl, tcp_maxidle, 1305 tcp_timer_2msl, tp); 1306 } 1307 return (tp); 1308 } 1309 1310