1 /* 2 * INET An implementation of the TCP/IP protocol suite for the LINUX 3 * operating system. INET is implemented using the BSD Socket 4 * interface as the means of communication with the user level. 5 * 6 * Implementation of the Transmission Control Protocol(TCP). 7 * 8 * Authors: Ross Biro 9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> 10 * Mark Evans, <evansmp@uhura.aston.ac.uk> 11 * Corey Minyard <wf-rch!minyard@relay.EU.net> 12 * Florian La Roche, <flla@stud.uni-sb.de> 13 * Charles Hedrick, <hedrick@klinzhai.rutgers.edu> 14 * Linus Torvalds, <torvalds@cs.helsinki.fi> 15 * Alan Cox, <gw4pts@gw4pts.ampr.org> 16 * Matthew Dillon, <dillon@apollo.west.oic.com> 17 * Arnt Gulbrandsen, <agulbra@nvg.unit.no> 18 * Jorge Cwik, <jorge@laser.satlink.net> 19 */ 20 21 /* 22 * Changes: Pedro Roque : Retransmit queue handled by TCP. 23 * : Fragmentation on mtu decrease 24 * : Segment collapse on retransmit 25 * : AF independence 26 * 27 * Linus Torvalds : send_delayed_ack 28 * David S. Miller : Charge memory using the right skb 29 * during syn/ack processing. 30 * David S. Miller : Output engine completely rewritten. 31 * Andrea Arcangeli: SYNACK carry ts_recent in tsecr. 32 * Cacophonix Gaul : draft-minshall-nagle-01 33 * J Hadi Salim : ECN support 34 * 35 */ 36 37 #include <net/tcp.h> 38 39 #include <linux/compiler.h> 40 #include <linux/gfp.h> 41 #include <linux/module.h> 42 43 /* People can turn this off for buggy TCP's found in printers etc. */ 44 int sysctl_tcp_retrans_collapse __read_mostly = 1; 45 46 /* People can turn this on to work with those rare, broken TCPs that 47 * interpret the window field as a signed quantity. 48 */ 49 int sysctl_tcp_workaround_signed_windows __read_mostly = 0; 50 51 /* This limits the percentage of the congestion window which we 52 * will allow a single TSO frame to consume. Building TSO frames 53 * which are too large can cause TCP streams to be bursty. 54 */ 55 int sysctl_tcp_tso_win_divisor __read_mostly = 3; 56 57 int sysctl_tcp_mtu_probing __read_mostly = 0; 58 int sysctl_tcp_base_mss __read_mostly = 512; 59 60 /* By default, RFC2861 behavior. */ 61 int sysctl_tcp_slow_start_after_idle __read_mostly = 1; 62 63 int sysctl_tcp_cookie_size __read_mostly = 0; /* TCP_COOKIE_MAX */ 64 EXPORT_SYMBOL_GPL(sysctl_tcp_cookie_size); 65 66 67 /* Account for new data that has been sent to the network. */ 68 static void tcp_event_new_data_sent(struct sock *sk, struct sk_buff *skb) 69 { 70 struct tcp_sock *tp = tcp_sk(sk); 71 unsigned int prior_packets = tp->packets_out; 72 73 tcp_advance_send_head(sk, skb); 74 tp->snd_nxt = TCP_SKB_CB(skb)->end_seq; 75 76 /* Don't override Nagle indefinately with F-RTO */ 77 if (tp->frto_counter == 2) 78 tp->frto_counter = 3; 79 80 tp->packets_out += tcp_skb_pcount(skb); 81 if (!prior_packets) 82 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, 83 inet_csk(sk)->icsk_rto, TCP_RTO_MAX); 84 } 85 86 /* SND.NXT, if window was not shrunk. 87 * If window has been shrunk, what should we make? It is not clear at all. 88 * Using SND.UNA we will fail to open window, SND.NXT is out of window. :-( 89 * Anything in between SND.UNA...SND.UNA+SND.WND also can be already 90 * invalid. OK, let's make this for now: 91 */ 92 static inline __u32 tcp_acceptable_seq(struct sock *sk) 93 { 94 struct tcp_sock *tp = tcp_sk(sk); 95 96 if (!before(tcp_wnd_end(tp), tp->snd_nxt)) 97 return tp->snd_nxt; 98 else 99 return tcp_wnd_end(tp); 100 } 101 102 /* Calculate mss to advertise in SYN segment. 103 * RFC1122, RFC1063, draft-ietf-tcpimpl-pmtud-01 state that: 104 * 105 * 1. It is independent of path mtu. 106 * 2. Ideally, it is maximal possible segment size i.e. 65535-40. 107 * 3. For IPv4 it is reasonable to calculate it from maximal MTU of 108 * attached devices, because some buggy hosts are confused by 109 * large MSS. 110 * 4. We do not make 3, we advertise MSS, calculated from first 111 * hop device mtu, but allow to raise it to ip_rt_min_advmss. 112 * This may be overridden via information stored in routing table. 113 * 5. Value 65535 for MSS is valid in IPv6 and means "as large as possible, 114 * probably even Jumbo". 115 */ 116 static __u16 tcp_advertise_mss(struct sock *sk) 117 { 118 struct tcp_sock *tp = tcp_sk(sk); 119 struct dst_entry *dst = __sk_dst_get(sk); 120 int mss = tp->advmss; 121 122 if (dst && dst_metric(dst, RTAX_ADVMSS) < mss) { 123 mss = dst_metric(dst, RTAX_ADVMSS); 124 tp->advmss = mss; 125 } 126 127 return (__u16)mss; 128 } 129 130 /* RFC2861. Reset CWND after idle period longer RTO to "restart window". 131 * This is the first part of cwnd validation mechanism. */ 132 static void tcp_cwnd_restart(struct sock *sk, struct dst_entry *dst) 133 { 134 struct tcp_sock *tp = tcp_sk(sk); 135 s32 delta = tcp_time_stamp - tp->lsndtime; 136 u32 restart_cwnd = tcp_init_cwnd(tp, dst); 137 u32 cwnd = tp->snd_cwnd; 138 139 tcp_ca_event(sk, CA_EVENT_CWND_RESTART); 140 141 tp->snd_ssthresh = tcp_current_ssthresh(sk); 142 restart_cwnd = min(restart_cwnd, cwnd); 143 144 while ((delta -= inet_csk(sk)->icsk_rto) > 0 && cwnd > restart_cwnd) 145 cwnd >>= 1; 146 tp->snd_cwnd = max(cwnd, restart_cwnd); 147 tp->snd_cwnd_stamp = tcp_time_stamp; 148 tp->snd_cwnd_used = 0; 149 } 150 151 /* Congestion state accounting after a packet has been sent. */ 152 static void tcp_event_data_sent(struct tcp_sock *tp, 153 struct sk_buff *skb, struct sock *sk) 154 { 155 struct inet_connection_sock *icsk = inet_csk(sk); 156 const u32 now = tcp_time_stamp; 157 158 if (sysctl_tcp_slow_start_after_idle && 159 (!tp->packets_out && (s32)(now - tp->lsndtime) > icsk->icsk_rto)) 160 tcp_cwnd_restart(sk, __sk_dst_get(sk)); 161 162 tp->lsndtime = now; 163 164 /* If it is a reply for ato after last received 165 * packet, enter pingpong mode. 166 */ 167 if ((u32)(now - icsk->icsk_ack.lrcvtime) < icsk->icsk_ack.ato) 168 icsk->icsk_ack.pingpong = 1; 169 } 170 171 /* Account for an ACK we sent. */ 172 static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts) 173 { 174 tcp_dec_quickack_mode(sk, pkts); 175 inet_csk_clear_xmit_timer(sk, ICSK_TIME_DACK); 176 } 177 178 /* Determine a window scaling and initial window to offer. 179 * Based on the assumption that the given amount of space 180 * will be offered. Store the results in the tp structure. 181 * NOTE: for smooth operation initial space offering should 182 * be a multiple of mss if possible. We assume here that mss >= 1. 183 * This MUST be enforced by all callers. 184 */ 185 void tcp_select_initial_window(int __space, __u32 mss, 186 __u32 *rcv_wnd, __u32 *window_clamp, 187 int wscale_ok, __u8 *rcv_wscale, 188 __u32 init_rcv_wnd) 189 { 190 unsigned int space = (__space < 0 ? 0 : __space); 191 192 /* If no clamp set the clamp to the max possible scaled window */ 193 if (*window_clamp == 0) 194 (*window_clamp) = (65535 << 14); 195 space = min(*window_clamp, space); 196 197 /* Quantize space offering to a multiple of mss if possible. */ 198 if (space > mss) 199 space = (space / mss) * mss; 200 201 /* NOTE: offering an initial window larger than 32767 202 * will break some buggy TCP stacks. If the admin tells us 203 * it is likely we could be speaking with such a buggy stack 204 * we will truncate our initial window offering to 32K-1 205 * unless the remote has sent us a window scaling option, 206 * which we interpret as a sign the remote TCP is not 207 * misinterpreting the window field as a signed quantity. 208 */ 209 if (sysctl_tcp_workaround_signed_windows) 210 (*rcv_wnd) = min(space, MAX_TCP_WINDOW); 211 else 212 (*rcv_wnd) = space; 213 214 (*rcv_wscale) = 0; 215 if (wscale_ok) { 216 /* Set window scaling on max possible window 217 * See RFC1323 for an explanation of the limit to 14 218 */ 219 space = max_t(u32, sysctl_tcp_rmem[2], sysctl_rmem_max); 220 space = min_t(u32, space, *window_clamp); 221 while (space > 65535 && (*rcv_wscale) < 14) { 222 space >>= 1; 223 (*rcv_wscale)++; 224 } 225 } 226 227 /* Set initial window to value enough for senders, 228 * following RFC2414. Senders, not following this RFC, 229 * will be satisfied with 2. 230 */ 231 if (mss > (1 << *rcv_wscale)) { 232 int init_cwnd = 4; 233 if (mss > 1460 * 3) 234 init_cwnd = 2; 235 else if (mss > 1460) 236 init_cwnd = 3; 237 /* when initializing use the value from init_rcv_wnd 238 * rather than the default from above 239 */ 240 if (init_rcv_wnd && 241 (*rcv_wnd > init_rcv_wnd * mss)) 242 *rcv_wnd = init_rcv_wnd * mss; 243 else if (*rcv_wnd > init_cwnd * mss) 244 *rcv_wnd = init_cwnd * mss; 245 } 246 247 /* Set the clamp no higher than max representable value */ 248 (*window_clamp) = min(65535U << (*rcv_wscale), *window_clamp); 249 } 250 251 /* Chose a new window to advertise, update state in tcp_sock for the 252 * socket, and return result with RFC1323 scaling applied. The return 253 * value can be stuffed directly into th->window for an outgoing 254 * frame. 255 */ 256 static u16 tcp_select_window(struct sock *sk) 257 { 258 struct tcp_sock *tp = tcp_sk(sk); 259 u32 cur_win = tcp_receive_window(tp); 260 u32 new_win = __tcp_select_window(sk); 261 262 /* Never shrink the offered window */ 263 if (new_win < cur_win) { 264 /* Danger Will Robinson! 265 * Don't update rcv_wup/rcv_wnd here or else 266 * we will not be able to advertise a zero 267 * window in time. --DaveM 268 * 269 * Relax Will Robinson. 270 */ 271 new_win = ALIGN(cur_win, 1 << tp->rx_opt.rcv_wscale); 272 } 273 tp->rcv_wnd = new_win; 274 tp->rcv_wup = tp->rcv_nxt; 275 276 /* Make sure we do not exceed the maximum possible 277 * scaled window. 278 */ 279 if (!tp->rx_opt.rcv_wscale && sysctl_tcp_workaround_signed_windows) 280 new_win = min(new_win, MAX_TCP_WINDOW); 281 else 282 new_win = min(new_win, (65535U << tp->rx_opt.rcv_wscale)); 283 284 /* RFC1323 scaling applied */ 285 new_win >>= tp->rx_opt.rcv_wscale; 286 287 /* If we advertise zero window, disable fast path. */ 288 if (new_win == 0) 289 tp->pred_flags = 0; 290 291 return new_win; 292 } 293 294 /* Packet ECN state for a SYN-ACK */ 295 static inline void TCP_ECN_send_synack(struct tcp_sock *tp, struct sk_buff *skb) 296 { 297 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_CWR; 298 if (!(tp->ecn_flags & TCP_ECN_OK)) 299 TCP_SKB_CB(skb)->flags &= ~TCPCB_FLAG_ECE; 300 } 301 302 /* Packet ECN state for a SYN. */ 303 static inline void TCP_ECN_send_syn(struct sock *sk, struct sk_buff *skb) 304 { 305 struct tcp_sock *tp = tcp_sk(sk); 306 307 tp->ecn_flags = 0; 308 if (sysctl_tcp_ecn == 1) { 309 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ECE | TCPCB_FLAG_CWR; 310 tp->ecn_flags = TCP_ECN_OK; 311 } 312 } 313 314 static __inline__ void 315 TCP_ECN_make_synack(struct request_sock *req, struct tcphdr *th) 316 { 317 if (inet_rsk(req)->ecn_ok) 318 th->ece = 1; 319 } 320 321 /* Set up ECN state for a packet on a ESTABLISHED socket that is about to 322 * be sent. 323 */ 324 static inline void TCP_ECN_send(struct sock *sk, struct sk_buff *skb, 325 int tcp_header_len) 326 { 327 struct tcp_sock *tp = tcp_sk(sk); 328 329 if (tp->ecn_flags & TCP_ECN_OK) { 330 /* Not-retransmitted data segment: set ECT and inject CWR. */ 331 if (skb->len != tcp_header_len && 332 !before(TCP_SKB_CB(skb)->seq, tp->snd_nxt)) { 333 INET_ECN_xmit(sk); 334 if (tp->ecn_flags & TCP_ECN_QUEUE_CWR) { 335 tp->ecn_flags &= ~TCP_ECN_QUEUE_CWR; 336 tcp_hdr(skb)->cwr = 1; 337 skb_shinfo(skb)->gso_type |= SKB_GSO_TCP_ECN; 338 } 339 } else { 340 /* ACK or retransmitted segment: clear ECT|CE */ 341 INET_ECN_dontxmit(sk); 342 } 343 if (tp->ecn_flags & TCP_ECN_DEMAND_CWR) 344 tcp_hdr(skb)->ece = 1; 345 } 346 } 347 348 /* Constructs common control bits of non-data skb. If SYN/FIN is present, 349 * auto increment end seqno. 350 */ 351 static void tcp_init_nondata_skb(struct sk_buff *skb, u32 seq, u8 flags) 352 { 353 skb->csum = 0; 354 355 TCP_SKB_CB(skb)->flags = flags; 356 TCP_SKB_CB(skb)->sacked = 0; 357 358 skb_shinfo(skb)->gso_segs = 1; 359 skb_shinfo(skb)->gso_size = 0; 360 skb_shinfo(skb)->gso_type = 0; 361 362 TCP_SKB_CB(skb)->seq = seq; 363 if (flags & (TCPCB_FLAG_SYN | TCPCB_FLAG_FIN)) 364 seq++; 365 TCP_SKB_CB(skb)->end_seq = seq; 366 } 367 368 static inline int tcp_urg_mode(const struct tcp_sock *tp) 369 { 370 return tp->snd_una != tp->snd_up; 371 } 372 373 #define OPTION_SACK_ADVERTISE (1 << 0) 374 #define OPTION_TS (1 << 1) 375 #define OPTION_MD5 (1 << 2) 376 #define OPTION_WSCALE (1 << 3) 377 #define OPTION_COOKIE_EXTENSION (1 << 4) 378 379 struct tcp_out_options { 380 u8 options; /* bit field of OPTION_* */ 381 u8 ws; /* window scale, 0 to disable */ 382 u8 num_sack_blocks; /* number of SACK blocks to include */ 383 u8 hash_size; /* bytes in hash_location */ 384 u16 mss; /* 0 to disable */ 385 __u32 tsval, tsecr; /* need to include OPTION_TS */ 386 __u8 *hash_location; /* temporary pointer, overloaded */ 387 }; 388 389 /* The sysctl int routines are generic, so check consistency here. 390 */ 391 static u8 tcp_cookie_size_check(u8 desired) 392 { 393 if (desired > 0) { 394 /* previously specified */ 395 return desired; 396 } 397 if (sysctl_tcp_cookie_size <= 0) { 398 /* no default specified */ 399 return 0; 400 } 401 if (sysctl_tcp_cookie_size <= TCP_COOKIE_MIN) { 402 /* value too small, specify minimum */ 403 return TCP_COOKIE_MIN; 404 } 405 if (sysctl_tcp_cookie_size >= TCP_COOKIE_MAX) { 406 /* value too large, specify maximum */ 407 return TCP_COOKIE_MAX; 408 } 409 if (0x1 & sysctl_tcp_cookie_size) { 410 /* 8-bit multiple, illegal, fix it */ 411 return (u8)(sysctl_tcp_cookie_size + 0x1); 412 } 413 return (u8)sysctl_tcp_cookie_size; 414 } 415 416 /* Write previously computed TCP options to the packet. 417 * 418 * Beware: Something in the Internet is very sensitive to the ordering of 419 * TCP options, we learned this through the hard way, so be careful here. 420 * Luckily we can at least blame others for their non-compliance but from 421 * inter-operatibility perspective it seems that we're somewhat stuck with 422 * the ordering which we have been using if we want to keep working with 423 * those broken things (not that it currently hurts anybody as there isn't 424 * particular reason why the ordering would need to be changed). 425 * 426 * At least SACK_PERM as the first option is known to lead to a disaster 427 * (but it may well be that other scenarios fail similarly). 428 */ 429 static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp, 430 struct tcp_out_options *opts) 431 { 432 u8 options = opts->options; /* mungable copy */ 433 434 /* Having both authentication and cookies for security is redundant, 435 * and there's certainly not enough room. Instead, the cookie-less 436 * extension variant is proposed. 437 * 438 * Consider the pessimal case with authentication. The options 439 * could look like: 440 * COOKIE|MD5(20) + MSS(4) + SACK|TS(12) + WSCALE(4) == 40 441 */ 442 if (unlikely(OPTION_MD5 & options)) { 443 if (unlikely(OPTION_COOKIE_EXTENSION & options)) { 444 *ptr++ = htonl((TCPOPT_COOKIE << 24) | 445 (TCPOLEN_COOKIE_BASE << 16) | 446 (TCPOPT_MD5SIG << 8) | 447 TCPOLEN_MD5SIG); 448 } else { 449 *ptr++ = htonl((TCPOPT_NOP << 24) | 450 (TCPOPT_NOP << 16) | 451 (TCPOPT_MD5SIG << 8) | 452 TCPOLEN_MD5SIG); 453 } 454 options &= ~OPTION_COOKIE_EXTENSION; 455 /* overload cookie hash location */ 456 opts->hash_location = (__u8 *)ptr; 457 ptr += 4; 458 } 459 460 if (unlikely(opts->mss)) { 461 *ptr++ = htonl((TCPOPT_MSS << 24) | 462 (TCPOLEN_MSS << 16) | 463 opts->mss); 464 } 465 466 if (likely(OPTION_TS & options)) { 467 if (unlikely(OPTION_SACK_ADVERTISE & options)) { 468 *ptr++ = htonl((TCPOPT_SACK_PERM << 24) | 469 (TCPOLEN_SACK_PERM << 16) | 470 (TCPOPT_TIMESTAMP << 8) | 471 TCPOLEN_TIMESTAMP); 472 options &= ~OPTION_SACK_ADVERTISE; 473 } else { 474 *ptr++ = htonl((TCPOPT_NOP << 24) | 475 (TCPOPT_NOP << 16) | 476 (TCPOPT_TIMESTAMP << 8) | 477 TCPOLEN_TIMESTAMP); 478 } 479 *ptr++ = htonl(opts->tsval); 480 *ptr++ = htonl(opts->tsecr); 481 } 482 483 /* Specification requires after timestamp, so do it now. 484 * 485 * Consider the pessimal case without authentication. The options 486 * could look like: 487 * MSS(4) + SACK|TS(12) + COOKIE(20) + WSCALE(4) == 40 488 */ 489 if (unlikely(OPTION_COOKIE_EXTENSION & options)) { 490 __u8 *cookie_copy = opts->hash_location; 491 u8 cookie_size = opts->hash_size; 492 493 /* 8-bit multiple handled in tcp_cookie_size_check() above, 494 * and elsewhere. 495 */ 496 if (0x2 & cookie_size) { 497 __u8 *p = (__u8 *)ptr; 498 499 /* 16-bit multiple */ 500 *p++ = TCPOPT_COOKIE; 501 *p++ = TCPOLEN_COOKIE_BASE + cookie_size; 502 *p++ = *cookie_copy++; 503 *p++ = *cookie_copy++; 504 ptr++; 505 cookie_size -= 2; 506 } else { 507 /* 32-bit multiple */ 508 *ptr++ = htonl(((TCPOPT_NOP << 24) | 509 (TCPOPT_NOP << 16) | 510 (TCPOPT_COOKIE << 8) | 511 TCPOLEN_COOKIE_BASE) + 512 cookie_size); 513 } 514 515 if (cookie_size > 0) { 516 memcpy(ptr, cookie_copy, cookie_size); 517 ptr += (cookie_size / 4); 518 } 519 } 520 521 if (unlikely(OPTION_SACK_ADVERTISE & options)) { 522 *ptr++ = htonl((TCPOPT_NOP << 24) | 523 (TCPOPT_NOP << 16) | 524 (TCPOPT_SACK_PERM << 8) | 525 TCPOLEN_SACK_PERM); 526 } 527 528 if (unlikely(OPTION_WSCALE & options)) { 529 *ptr++ = htonl((TCPOPT_NOP << 24) | 530 (TCPOPT_WINDOW << 16) | 531 (TCPOLEN_WINDOW << 8) | 532 opts->ws); 533 } 534 535 if (unlikely(opts->num_sack_blocks)) { 536 struct tcp_sack_block *sp = tp->rx_opt.dsack ? 537 tp->duplicate_sack : tp->selective_acks; 538 int this_sack; 539 540 *ptr++ = htonl((TCPOPT_NOP << 24) | 541 (TCPOPT_NOP << 16) | 542 (TCPOPT_SACK << 8) | 543 (TCPOLEN_SACK_BASE + (opts->num_sack_blocks * 544 TCPOLEN_SACK_PERBLOCK))); 545 546 for (this_sack = 0; this_sack < opts->num_sack_blocks; 547 ++this_sack) { 548 *ptr++ = htonl(sp[this_sack].start_seq); 549 *ptr++ = htonl(sp[this_sack].end_seq); 550 } 551 552 tp->rx_opt.dsack = 0; 553 } 554 } 555 556 /* Compute TCP options for SYN packets. This is not the final 557 * network wire format yet. 558 */ 559 static unsigned tcp_syn_options(struct sock *sk, struct sk_buff *skb, 560 struct tcp_out_options *opts, 561 struct tcp_md5sig_key **md5) { 562 struct tcp_sock *tp = tcp_sk(sk); 563 struct tcp_cookie_values *cvp = tp->cookie_values; 564 unsigned remaining = MAX_TCP_OPTION_SPACE; 565 u8 cookie_size = (!tp->rx_opt.cookie_out_never && cvp != NULL) ? 566 tcp_cookie_size_check(cvp->cookie_desired) : 567 0; 568 569 #ifdef CONFIG_TCP_MD5SIG 570 *md5 = tp->af_specific->md5_lookup(sk, sk); 571 if (*md5) { 572 opts->options |= OPTION_MD5; 573 remaining -= TCPOLEN_MD5SIG_ALIGNED; 574 } 575 #else 576 *md5 = NULL; 577 #endif 578 579 /* We always get an MSS option. The option bytes which will be seen in 580 * normal data packets should timestamps be used, must be in the MSS 581 * advertised. But we subtract them from tp->mss_cache so that 582 * calculations in tcp_sendmsg are simpler etc. So account for this 583 * fact here if necessary. If we don't do this correctly, as a 584 * receiver we won't recognize data packets as being full sized when we 585 * should, and thus we won't abide by the delayed ACK rules correctly. 586 * SACKs don't matter, we never delay an ACK when we have any of those 587 * going out. */ 588 opts->mss = tcp_advertise_mss(sk); 589 remaining -= TCPOLEN_MSS_ALIGNED; 590 591 if (likely(sysctl_tcp_timestamps && *md5 == NULL)) { 592 opts->options |= OPTION_TS; 593 opts->tsval = TCP_SKB_CB(skb)->when; 594 opts->tsecr = tp->rx_opt.ts_recent; 595 remaining -= TCPOLEN_TSTAMP_ALIGNED; 596 } 597 if (likely(sysctl_tcp_window_scaling)) { 598 opts->ws = tp->rx_opt.rcv_wscale; 599 opts->options |= OPTION_WSCALE; 600 remaining -= TCPOLEN_WSCALE_ALIGNED; 601 } 602 if (likely(sysctl_tcp_sack)) { 603 opts->options |= OPTION_SACK_ADVERTISE; 604 if (unlikely(!(OPTION_TS & opts->options))) 605 remaining -= TCPOLEN_SACKPERM_ALIGNED; 606 } 607 608 /* Note that timestamps are required by the specification. 609 * 610 * Odd numbers of bytes are prohibited by the specification, ensuring 611 * that the cookie is 16-bit aligned, and the resulting cookie pair is 612 * 32-bit aligned. 613 */ 614 if (*md5 == NULL && 615 (OPTION_TS & opts->options) && 616 cookie_size > 0) { 617 int need = TCPOLEN_COOKIE_BASE + cookie_size; 618 619 if (0x2 & need) { 620 /* 32-bit multiple */ 621 need += 2; /* NOPs */ 622 623 if (need > remaining) { 624 /* try shrinking cookie to fit */ 625 cookie_size -= 2; 626 need -= 4; 627 } 628 } 629 while (need > remaining && TCP_COOKIE_MIN <= cookie_size) { 630 cookie_size -= 4; 631 need -= 4; 632 } 633 if (TCP_COOKIE_MIN <= cookie_size) { 634 opts->options |= OPTION_COOKIE_EXTENSION; 635 opts->hash_location = (__u8 *)&cvp->cookie_pair[0]; 636 opts->hash_size = cookie_size; 637 638 /* Remember for future incarnations. */ 639 cvp->cookie_desired = cookie_size; 640 641 if (cvp->cookie_desired != cvp->cookie_pair_size) { 642 /* Currently use random bytes as a nonce, 643 * assuming these are completely unpredictable 644 * by hostile users of the same system. 645 */ 646 get_random_bytes(&cvp->cookie_pair[0], 647 cookie_size); 648 cvp->cookie_pair_size = cookie_size; 649 } 650 651 remaining -= need; 652 } 653 } 654 return MAX_TCP_OPTION_SPACE - remaining; 655 } 656 657 /* Set up TCP options for SYN-ACKs. */ 658 static unsigned tcp_synack_options(struct sock *sk, 659 struct request_sock *req, 660 unsigned mss, struct sk_buff *skb, 661 struct tcp_out_options *opts, 662 struct tcp_md5sig_key **md5, 663 struct tcp_extend_values *xvp) 664 { 665 struct inet_request_sock *ireq = inet_rsk(req); 666 unsigned remaining = MAX_TCP_OPTION_SPACE; 667 u8 cookie_plus = (xvp != NULL && !xvp->cookie_out_never) ? 668 xvp->cookie_plus : 669 0; 670 bool doing_ts = ireq->tstamp_ok; 671 672 #ifdef CONFIG_TCP_MD5SIG 673 *md5 = tcp_rsk(req)->af_specific->md5_lookup(sk, req); 674 if (*md5) { 675 opts->options |= OPTION_MD5; 676 remaining -= TCPOLEN_MD5SIG_ALIGNED; 677 678 /* We can't fit any SACK blocks in a packet with MD5 + TS 679 * options. There was discussion about disabling SACK 680 * rather than TS in order to fit in better with old, 681 * buggy kernels, but that was deemed to be unnecessary. 682 */ 683 doing_ts &= !ireq->sack_ok; 684 } 685 #else 686 *md5 = NULL; 687 #endif 688 689 /* We always send an MSS option. */ 690 opts->mss = mss; 691 remaining -= TCPOLEN_MSS_ALIGNED; 692 693 if (likely(ireq->wscale_ok)) { 694 opts->ws = ireq->rcv_wscale; 695 opts->options |= OPTION_WSCALE; 696 remaining -= TCPOLEN_WSCALE_ALIGNED; 697 } 698 if (likely(doing_ts)) { 699 opts->options |= OPTION_TS; 700 opts->tsval = TCP_SKB_CB(skb)->when; 701 opts->tsecr = req->ts_recent; 702 remaining -= TCPOLEN_TSTAMP_ALIGNED; 703 } 704 if (likely(ireq->sack_ok)) { 705 opts->options |= OPTION_SACK_ADVERTISE; 706 if (unlikely(!doing_ts)) 707 remaining -= TCPOLEN_SACKPERM_ALIGNED; 708 } 709 710 /* Similar rationale to tcp_syn_options() applies here, too. 711 * If the <SYN> options fit, the same options should fit now! 712 */ 713 if (*md5 == NULL && 714 doing_ts && 715 cookie_plus > TCPOLEN_COOKIE_BASE) { 716 int need = cookie_plus; /* has TCPOLEN_COOKIE_BASE */ 717 718 if (0x2 & need) { 719 /* 32-bit multiple */ 720 need += 2; /* NOPs */ 721 } 722 if (need <= remaining) { 723 opts->options |= OPTION_COOKIE_EXTENSION; 724 opts->hash_size = cookie_plus - TCPOLEN_COOKIE_BASE; 725 remaining -= need; 726 } else { 727 /* There's no error return, so flag it. */ 728 xvp->cookie_out_never = 1; /* true */ 729 opts->hash_size = 0; 730 } 731 } 732 return MAX_TCP_OPTION_SPACE - remaining; 733 } 734 735 /* Compute TCP options for ESTABLISHED sockets. This is not the 736 * final wire format yet. 737 */ 738 static unsigned tcp_established_options(struct sock *sk, struct sk_buff *skb, 739 struct tcp_out_options *opts, 740 struct tcp_md5sig_key **md5) { 741 struct tcp_skb_cb *tcb = skb ? TCP_SKB_CB(skb) : NULL; 742 struct tcp_sock *tp = tcp_sk(sk); 743 unsigned size = 0; 744 unsigned int eff_sacks; 745 746 #ifdef CONFIG_TCP_MD5SIG 747 *md5 = tp->af_specific->md5_lookup(sk, sk); 748 if (unlikely(*md5)) { 749 opts->options |= OPTION_MD5; 750 size += TCPOLEN_MD5SIG_ALIGNED; 751 } 752 #else 753 *md5 = NULL; 754 #endif 755 756 if (likely(tp->rx_opt.tstamp_ok)) { 757 opts->options |= OPTION_TS; 758 opts->tsval = tcb ? tcb->when : 0; 759 opts->tsecr = tp->rx_opt.ts_recent; 760 size += TCPOLEN_TSTAMP_ALIGNED; 761 } 762 763 eff_sacks = tp->rx_opt.num_sacks + tp->rx_opt.dsack; 764 if (unlikely(eff_sacks)) { 765 const unsigned remaining = MAX_TCP_OPTION_SPACE - size; 766 opts->num_sack_blocks = 767 min_t(unsigned, eff_sacks, 768 (remaining - TCPOLEN_SACK_BASE_ALIGNED) / 769 TCPOLEN_SACK_PERBLOCK); 770 size += TCPOLEN_SACK_BASE_ALIGNED + 771 opts->num_sack_blocks * TCPOLEN_SACK_PERBLOCK; 772 } 773 774 return size; 775 } 776 777 /* This routine actually transmits TCP packets queued in by 778 * tcp_do_sendmsg(). This is used by both the initial 779 * transmission and possible later retransmissions. 780 * All SKB's seen here are completely headerless. It is our 781 * job to build the TCP header, and pass the packet down to 782 * IP so it can do the same plus pass the packet off to the 783 * device. 784 * 785 * We are working here with either a clone of the original 786 * SKB, or a fresh unique copy made by the retransmit engine. 787 */ 788 static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it, 789 gfp_t gfp_mask) 790 { 791 const struct inet_connection_sock *icsk = inet_csk(sk); 792 struct inet_sock *inet; 793 struct tcp_sock *tp; 794 struct tcp_skb_cb *tcb; 795 struct tcp_out_options opts; 796 unsigned tcp_options_size, tcp_header_size; 797 struct tcp_md5sig_key *md5; 798 struct tcphdr *th; 799 int err; 800 801 BUG_ON(!skb || !tcp_skb_pcount(skb)); 802 803 /* If congestion control is doing timestamping, we must 804 * take such a timestamp before we potentially clone/copy. 805 */ 806 if (icsk->icsk_ca_ops->flags & TCP_CONG_RTT_STAMP) 807 __net_timestamp(skb); 808 809 if (likely(clone_it)) { 810 if (unlikely(skb_cloned(skb))) 811 skb = pskb_copy(skb, gfp_mask); 812 else 813 skb = skb_clone(skb, gfp_mask); 814 if (unlikely(!skb)) 815 return -ENOBUFS; 816 } 817 818 inet = inet_sk(sk); 819 tp = tcp_sk(sk); 820 tcb = TCP_SKB_CB(skb); 821 memset(&opts, 0, sizeof(opts)); 822 823 if (unlikely(tcb->flags & TCPCB_FLAG_SYN)) 824 tcp_options_size = tcp_syn_options(sk, skb, &opts, &md5); 825 else 826 tcp_options_size = tcp_established_options(sk, skb, &opts, 827 &md5); 828 tcp_header_size = tcp_options_size + sizeof(struct tcphdr); 829 830 if (tcp_packets_in_flight(tp) == 0) 831 tcp_ca_event(sk, CA_EVENT_TX_START); 832 833 skb_push(skb, tcp_header_size); 834 skb_reset_transport_header(skb); 835 skb_set_owner_w(skb, sk); 836 837 /* Build TCP header and checksum it. */ 838 th = tcp_hdr(skb); 839 th->source = inet->inet_sport; 840 th->dest = inet->inet_dport; 841 th->seq = htonl(tcb->seq); 842 th->ack_seq = htonl(tp->rcv_nxt); 843 *(((__be16 *)th) + 6) = htons(((tcp_header_size >> 2) << 12) | 844 tcb->flags); 845 846 if (unlikely(tcb->flags & TCPCB_FLAG_SYN)) { 847 /* RFC1323: The window in SYN & SYN/ACK segments 848 * is never scaled. 849 */ 850 th->window = htons(min(tp->rcv_wnd, 65535U)); 851 } else { 852 th->window = htons(tcp_select_window(sk)); 853 } 854 th->check = 0; 855 th->urg_ptr = 0; 856 857 /* The urg_mode check is necessary during a below snd_una win probe */ 858 if (unlikely(tcp_urg_mode(tp) && before(tcb->seq, tp->snd_up))) { 859 if (before(tp->snd_up, tcb->seq + 0x10000)) { 860 th->urg_ptr = htons(tp->snd_up - tcb->seq); 861 th->urg = 1; 862 } else if (after(tcb->seq + 0xFFFF, tp->snd_nxt)) { 863 th->urg_ptr = 0xFFFF; 864 th->urg = 1; 865 } 866 } 867 868 tcp_options_write((__be32 *)(th + 1), tp, &opts); 869 if (likely((tcb->flags & TCPCB_FLAG_SYN) == 0)) 870 TCP_ECN_send(sk, skb, tcp_header_size); 871 872 #ifdef CONFIG_TCP_MD5SIG 873 /* Calculate the MD5 hash, as we have all we need now */ 874 if (md5) { 875 sk->sk_route_caps &= ~NETIF_F_GSO_MASK; 876 tp->af_specific->calc_md5_hash(opts.hash_location, 877 md5, sk, NULL, skb); 878 } 879 #endif 880 881 icsk->icsk_af_ops->send_check(sk, skb->len, skb); 882 883 if (likely(tcb->flags & TCPCB_FLAG_ACK)) 884 tcp_event_ack_sent(sk, tcp_skb_pcount(skb)); 885 886 if (skb->len != tcp_header_size) 887 tcp_event_data_sent(tp, skb, sk); 888 889 if (after(tcb->end_seq, tp->snd_nxt) || tcb->seq == tcb->end_seq) 890 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTSEGS); 891 892 err = icsk->icsk_af_ops->queue_xmit(skb, 0); 893 if (likely(err <= 0)) 894 return err; 895 896 tcp_enter_cwr(sk, 1); 897 898 return net_xmit_eval(err); 899 } 900 901 /* This routine just queues the buffer for sending. 902 * 903 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames, 904 * otherwise socket can stall. 905 */ 906 static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb) 907 { 908 struct tcp_sock *tp = tcp_sk(sk); 909 910 /* Advance write_seq and place onto the write_queue. */ 911 tp->write_seq = TCP_SKB_CB(skb)->end_seq; 912 skb_header_release(skb); 913 tcp_add_write_queue_tail(sk, skb); 914 sk->sk_wmem_queued += skb->truesize; 915 sk_mem_charge(sk, skb->truesize); 916 } 917 918 /* Initialize TSO segments for a packet. */ 919 static void tcp_set_skb_tso_segs(struct sock *sk, struct sk_buff *skb, 920 unsigned int mss_now) 921 { 922 if (skb->len <= mss_now || !sk_can_gso(sk) || 923 skb->ip_summed == CHECKSUM_NONE) { 924 /* Avoid the costly divide in the normal 925 * non-TSO case. 926 */ 927 skb_shinfo(skb)->gso_segs = 1; 928 skb_shinfo(skb)->gso_size = 0; 929 skb_shinfo(skb)->gso_type = 0; 930 } else { 931 skb_shinfo(skb)->gso_segs = DIV_ROUND_UP(skb->len, mss_now); 932 skb_shinfo(skb)->gso_size = mss_now; 933 skb_shinfo(skb)->gso_type = sk->sk_gso_type; 934 } 935 } 936 937 /* When a modification to fackets out becomes necessary, we need to check 938 * skb is counted to fackets_out or not. 939 */ 940 static void tcp_adjust_fackets_out(struct sock *sk, struct sk_buff *skb, 941 int decr) 942 { 943 struct tcp_sock *tp = tcp_sk(sk); 944 945 if (!tp->sacked_out || tcp_is_reno(tp)) 946 return; 947 948 if (after(tcp_highest_sack_seq(tp), TCP_SKB_CB(skb)->seq)) 949 tp->fackets_out -= decr; 950 } 951 952 /* Pcount in the middle of the write queue got changed, we need to do various 953 * tweaks to fix counters 954 */ 955 static void tcp_adjust_pcount(struct sock *sk, struct sk_buff *skb, int decr) 956 { 957 struct tcp_sock *tp = tcp_sk(sk); 958 959 tp->packets_out -= decr; 960 961 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED) 962 tp->sacked_out -= decr; 963 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_RETRANS) 964 tp->retrans_out -= decr; 965 if (TCP_SKB_CB(skb)->sacked & TCPCB_LOST) 966 tp->lost_out -= decr; 967 968 /* Reno case is special. Sigh... */ 969 if (tcp_is_reno(tp) && decr > 0) 970 tp->sacked_out -= min_t(u32, tp->sacked_out, decr); 971 972 tcp_adjust_fackets_out(sk, skb, decr); 973 974 if (tp->lost_skb_hint && 975 before(TCP_SKB_CB(skb)->seq, TCP_SKB_CB(tp->lost_skb_hint)->seq) && 976 (tcp_is_fack(tp) || (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED))) 977 tp->lost_cnt_hint -= decr; 978 979 tcp_verify_left_out(tp); 980 } 981 982 /* Function to create two new TCP segments. Shrinks the given segment 983 * to the specified size and appends a new segment with the rest of the 984 * packet to the list. This won't be called frequently, I hope. 985 * Remember, these are still headerless SKBs at this point. 986 */ 987 int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len, 988 unsigned int mss_now) 989 { 990 struct tcp_sock *tp = tcp_sk(sk); 991 struct sk_buff *buff; 992 int nsize, old_factor; 993 int nlen; 994 u8 flags; 995 996 BUG_ON(len > skb->len); 997 998 nsize = skb_headlen(skb) - len; 999 if (nsize < 0) 1000 nsize = 0; 1001 1002 if (skb_cloned(skb) && 1003 skb_is_nonlinear(skb) && 1004 pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 1005 return -ENOMEM; 1006 1007 /* Get a new skb... force flag on. */ 1008 buff = sk_stream_alloc_skb(sk, nsize, GFP_ATOMIC); 1009 if (buff == NULL) 1010 return -ENOMEM; /* We'll just try again later. */ 1011 1012 sk->sk_wmem_queued += buff->truesize; 1013 sk_mem_charge(sk, buff->truesize); 1014 nlen = skb->len - len - nsize; 1015 buff->truesize += nlen; 1016 skb->truesize -= nlen; 1017 1018 /* Correct the sequence numbers. */ 1019 TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len; 1020 TCP_SKB_CB(buff)->end_seq = TCP_SKB_CB(skb)->end_seq; 1021 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(buff)->seq; 1022 1023 /* PSH and FIN should only be set in the second packet. */ 1024 flags = TCP_SKB_CB(skb)->flags; 1025 TCP_SKB_CB(skb)->flags = flags & ~(TCPCB_FLAG_FIN | TCPCB_FLAG_PSH); 1026 TCP_SKB_CB(buff)->flags = flags; 1027 TCP_SKB_CB(buff)->sacked = TCP_SKB_CB(skb)->sacked; 1028 1029 if (!skb_shinfo(skb)->nr_frags && skb->ip_summed != CHECKSUM_PARTIAL) { 1030 /* Copy and checksum data tail into the new buffer. */ 1031 buff->csum = csum_partial_copy_nocheck(skb->data + len, 1032 skb_put(buff, nsize), 1033 nsize, 0); 1034 1035 skb_trim(skb, len); 1036 1037 skb->csum = csum_block_sub(skb->csum, buff->csum, len); 1038 } else { 1039 skb->ip_summed = CHECKSUM_PARTIAL; 1040 skb_split(skb, buff, len); 1041 } 1042 1043 buff->ip_summed = skb->ip_summed; 1044 1045 /* Looks stupid, but our code really uses when of 1046 * skbs, which it never sent before. --ANK 1047 */ 1048 TCP_SKB_CB(buff)->when = TCP_SKB_CB(skb)->when; 1049 buff->tstamp = skb->tstamp; 1050 1051 old_factor = tcp_skb_pcount(skb); 1052 1053 /* Fix up tso_factor for both original and new SKB. */ 1054 tcp_set_skb_tso_segs(sk, skb, mss_now); 1055 tcp_set_skb_tso_segs(sk, buff, mss_now); 1056 1057 /* If this packet has been sent out already, we must 1058 * adjust the various packet counters. 1059 */ 1060 if (!before(tp->snd_nxt, TCP_SKB_CB(buff)->end_seq)) { 1061 int diff = old_factor - tcp_skb_pcount(skb) - 1062 tcp_skb_pcount(buff); 1063 1064 if (diff) 1065 tcp_adjust_pcount(sk, skb, diff); 1066 } 1067 1068 /* Link BUFF into the send queue. */ 1069 skb_header_release(buff); 1070 tcp_insert_write_queue_after(skb, buff, sk); 1071 1072 return 0; 1073 } 1074 1075 /* This is similar to __pskb_pull_head() (it will go to core/skbuff.c 1076 * eventually). The difference is that pulled data not copied, but 1077 * immediately discarded. 1078 */ 1079 static void __pskb_trim_head(struct sk_buff *skb, int len) 1080 { 1081 int i, k, eat; 1082 1083 eat = len; 1084 k = 0; 1085 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { 1086 if (skb_shinfo(skb)->frags[i].size <= eat) { 1087 put_page(skb_shinfo(skb)->frags[i].page); 1088 eat -= skb_shinfo(skb)->frags[i].size; 1089 } else { 1090 skb_shinfo(skb)->frags[k] = skb_shinfo(skb)->frags[i]; 1091 if (eat) { 1092 skb_shinfo(skb)->frags[k].page_offset += eat; 1093 skb_shinfo(skb)->frags[k].size -= eat; 1094 eat = 0; 1095 } 1096 k++; 1097 } 1098 } 1099 skb_shinfo(skb)->nr_frags = k; 1100 1101 skb_reset_tail_pointer(skb); 1102 skb->data_len -= len; 1103 skb->len = skb->data_len; 1104 } 1105 1106 /* Remove acked data from a packet in the transmit queue. */ 1107 int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len) 1108 { 1109 if (skb_cloned(skb) && pskb_expand_head(skb, 0, 0, GFP_ATOMIC)) 1110 return -ENOMEM; 1111 1112 /* If len == headlen, we avoid __skb_pull to preserve alignment. */ 1113 if (unlikely(len < skb_headlen(skb))) 1114 __skb_pull(skb, len); 1115 else 1116 __pskb_trim_head(skb, len - skb_headlen(skb)); 1117 1118 TCP_SKB_CB(skb)->seq += len; 1119 skb->ip_summed = CHECKSUM_PARTIAL; 1120 1121 skb->truesize -= len; 1122 sk->sk_wmem_queued -= len; 1123 sk_mem_uncharge(sk, len); 1124 sock_set_flag(sk, SOCK_QUEUE_SHRUNK); 1125 1126 /* Any change of skb->len requires recalculation of tso 1127 * factor and mss. 1128 */ 1129 if (tcp_skb_pcount(skb) > 1) 1130 tcp_set_skb_tso_segs(sk, skb, tcp_current_mss(sk)); 1131 1132 return 0; 1133 } 1134 1135 /* Calculate MSS. Not accounting for SACKs here. */ 1136 int tcp_mtu_to_mss(struct sock *sk, int pmtu) 1137 { 1138 struct tcp_sock *tp = tcp_sk(sk); 1139 struct inet_connection_sock *icsk = inet_csk(sk); 1140 int mss_now; 1141 1142 /* Calculate base mss without TCP options: 1143 It is MMS_S - sizeof(tcphdr) of rfc1122 1144 */ 1145 mss_now = pmtu - icsk->icsk_af_ops->net_header_len - sizeof(struct tcphdr); 1146 1147 /* Clamp it (mss_clamp does not include tcp options) */ 1148 if (mss_now > tp->rx_opt.mss_clamp) 1149 mss_now = tp->rx_opt.mss_clamp; 1150 1151 /* Now subtract optional transport overhead */ 1152 mss_now -= icsk->icsk_ext_hdr_len; 1153 1154 /* Then reserve room for full set of TCP options and 8 bytes of data */ 1155 if (mss_now < 48) 1156 mss_now = 48; 1157 1158 /* Now subtract TCP options size, not including SACKs */ 1159 mss_now -= tp->tcp_header_len - sizeof(struct tcphdr); 1160 1161 return mss_now; 1162 } 1163 1164 /* Inverse of above */ 1165 int tcp_mss_to_mtu(struct sock *sk, int mss) 1166 { 1167 struct tcp_sock *tp = tcp_sk(sk); 1168 struct inet_connection_sock *icsk = inet_csk(sk); 1169 int mtu; 1170 1171 mtu = mss + 1172 tp->tcp_header_len + 1173 icsk->icsk_ext_hdr_len + 1174 icsk->icsk_af_ops->net_header_len; 1175 1176 return mtu; 1177 } 1178 1179 /* MTU probing init per socket */ 1180 void tcp_mtup_init(struct sock *sk) 1181 { 1182 struct tcp_sock *tp = tcp_sk(sk); 1183 struct inet_connection_sock *icsk = inet_csk(sk); 1184 1185 icsk->icsk_mtup.enabled = sysctl_tcp_mtu_probing > 1; 1186 icsk->icsk_mtup.search_high = tp->rx_opt.mss_clamp + sizeof(struct tcphdr) + 1187 icsk->icsk_af_ops->net_header_len; 1188 icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, sysctl_tcp_base_mss); 1189 icsk->icsk_mtup.probe_size = 0; 1190 } 1191 1192 /* This function synchronize snd mss to current pmtu/exthdr set. 1193 1194 tp->rx_opt.user_mss is mss set by user by TCP_MAXSEG. It does NOT counts 1195 for TCP options, but includes only bare TCP header. 1196 1197 tp->rx_opt.mss_clamp is mss negotiated at connection setup. 1198 It is minimum of user_mss and mss received with SYN. 1199 It also does not include TCP options. 1200 1201 inet_csk(sk)->icsk_pmtu_cookie is last pmtu, seen by this function. 1202 1203 tp->mss_cache is current effective sending mss, including 1204 all tcp options except for SACKs. It is evaluated, 1205 taking into account current pmtu, but never exceeds 1206 tp->rx_opt.mss_clamp. 1207 1208 NOTE1. rfc1122 clearly states that advertised MSS 1209 DOES NOT include either tcp or ip options. 1210 1211 NOTE2. inet_csk(sk)->icsk_pmtu_cookie and tp->mss_cache 1212 are READ ONLY outside this function. --ANK (980731) 1213 */ 1214 unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu) 1215 { 1216 struct tcp_sock *tp = tcp_sk(sk); 1217 struct inet_connection_sock *icsk = inet_csk(sk); 1218 int mss_now; 1219 1220 if (icsk->icsk_mtup.search_high > pmtu) 1221 icsk->icsk_mtup.search_high = pmtu; 1222 1223 mss_now = tcp_mtu_to_mss(sk, pmtu); 1224 mss_now = tcp_bound_to_half_wnd(tp, mss_now); 1225 1226 /* And store cached results */ 1227 icsk->icsk_pmtu_cookie = pmtu; 1228 if (icsk->icsk_mtup.enabled) 1229 mss_now = min(mss_now, tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low)); 1230 tp->mss_cache = mss_now; 1231 1232 return mss_now; 1233 } 1234 1235 /* Compute the current effective MSS, taking SACKs and IP options, 1236 * and even PMTU discovery events into account. 1237 */ 1238 unsigned int tcp_current_mss(struct sock *sk) 1239 { 1240 struct tcp_sock *tp = tcp_sk(sk); 1241 struct dst_entry *dst = __sk_dst_get(sk); 1242 u32 mss_now; 1243 unsigned header_len; 1244 struct tcp_out_options opts; 1245 struct tcp_md5sig_key *md5; 1246 1247 mss_now = tp->mss_cache; 1248 1249 if (dst) { 1250 u32 mtu = dst_mtu(dst); 1251 if (mtu != inet_csk(sk)->icsk_pmtu_cookie) 1252 mss_now = tcp_sync_mss(sk, mtu); 1253 } 1254 1255 header_len = tcp_established_options(sk, NULL, &opts, &md5) + 1256 sizeof(struct tcphdr); 1257 /* The mss_cache is sized based on tp->tcp_header_len, which assumes 1258 * some common options. If this is an odd packet (because we have SACK 1259 * blocks etc) then our calculated header_len will be different, and 1260 * we have to adjust mss_now correspondingly */ 1261 if (header_len != tp->tcp_header_len) { 1262 int delta = (int) header_len - tp->tcp_header_len; 1263 mss_now -= delta; 1264 } 1265 1266 return mss_now; 1267 } 1268 1269 /* Congestion window validation. (RFC2861) */ 1270 static void tcp_cwnd_validate(struct sock *sk) 1271 { 1272 struct tcp_sock *tp = tcp_sk(sk); 1273 1274 if (tp->packets_out >= tp->snd_cwnd) { 1275 /* Network is feed fully. */ 1276 tp->snd_cwnd_used = 0; 1277 tp->snd_cwnd_stamp = tcp_time_stamp; 1278 } else { 1279 /* Network starves. */ 1280 if (tp->packets_out > tp->snd_cwnd_used) 1281 tp->snd_cwnd_used = tp->packets_out; 1282 1283 if (sysctl_tcp_slow_start_after_idle && 1284 (s32)(tcp_time_stamp - tp->snd_cwnd_stamp) >= inet_csk(sk)->icsk_rto) 1285 tcp_cwnd_application_limited(sk); 1286 } 1287 } 1288 1289 /* Returns the portion of skb which can be sent right away without 1290 * introducing MSS oddities to segment boundaries. In rare cases where 1291 * mss_now != mss_cache, we will request caller to create a small skb 1292 * per input skb which could be mostly avoided here (if desired). 1293 * 1294 * We explicitly want to create a request for splitting write queue tail 1295 * to a small skb for Nagle purposes while avoiding unnecessary modulos, 1296 * thus all the complexity (cwnd_len is always MSS multiple which we 1297 * return whenever allowed by the other factors). Basically we need the 1298 * modulo only when the receiver window alone is the limiting factor or 1299 * when we would be allowed to send the split-due-to-Nagle skb fully. 1300 */ 1301 static unsigned int tcp_mss_split_point(struct sock *sk, struct sk_buff *skb, 1302 unsigned int mss_now, unsigned int cwnd) 1303 { 1304 struct tcp_sock *tp = tcp_sk(sk); 1305 u32 needed, window, cwnd_len; 1306 1307 window = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq; 1308 cwnd_len = mss_now * cwnd; 1309 1310 if (likely(cwnd_len <= window && skb != tcp_write_queue_tail(sk))) 1311 return cwnd_len; 1312 1313 needed = min(skb->len, window); 1314 1315 if (cwnd_len <= needed) 1316 return cwnd_len; 1317 1318 return needed - needed % mss_now; 1319 } 1320 1321 /* Can at least one segment of SKB be sent right now, according to the 1322 * congestion window rules? If so, return how many segments are allowed. 1323 */ 1324 static inline unsigned int tcp_cwnd_test(struct tcp_sock *tp, 1325 struct sk_buff *skb) 1326 { 1327 u32 in_flight, cwnd; 1328 1329 /* Don't be strict about the congestion window for the final FIN. */ 1330 if ((TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) && 1331 tcp_skb_pcount(skb) == 1) 1332 return 1; 1333 1334 in_flight = tcp_packets_in_flight(tp); 1335 cwnd = tp->snd_cwnd; 1336 if (in_flight < cwnd) 1337 return (cwnd - in_flight); 1338 1339 return 0; 1340 } 1341 1342 /* Intialize TSO state of a skb. 1343 * This must be invoked the first time we consider transmitting 1344 * SKB onto the wire. 1345 */ 1346 static int tcp_init_tso_segs(struct sock *sk, struct sk_buff *skb, 1347 unsigned int mss_now) 1348 { 1349 int tso_segs = tcp_skb_pcount(skb); 1350 1351 if (!tso_segs || (tso_segs > 1 && tcp_skb_mss(skb) != mss_now)) { 1352 tcp_set_skb_tso_segs(sk, skb, mss_now); 1353 tso_segs = tcp_skb_pcount(skb); 1354 } 1355 return tso_segs; 1356 } 1357 1358 /* Minshall's variant of the Nagle send check. */ 1359 static inline int tcp_minshall_check(const struct tcp_sock *tp) 1360 { 1361 return after(tp->snd_sml, tp->snd_una) && 1362 !after(tp->snd_sml, tp->snd_nxt); 1363 } 1364 1365 /* Return 0, if packet can be sent now without violation Nagle's rules: 1366 * 1. It is full sized. 1367 * 2. Or it contains FIN. (already checked by caller) 1368 * 3. Or TCP_NODELAY was set. 1369 * 4. Or TCP_CORK is not set, and all sent packets are ACKed. 1370 * With Minshall's modification: all sent small packets are ACKed. 1371 */ 1372 static inline int tcp_nagle_check(const struct tcp_sock *tp, 1373 const struct sk_buff *skb, 1374 unsigned mss_now, int nonagle) 1375 { 1376 return (skb->len < mss_now && 1377 ((nonagle & TCP_NAGLE_CORK) || 1378 (!nonagle && tp->packets_out && tcp_minshall_check(tp)))); 1379 } 1380 1381 /* Return non-zero if the Nagle test allows this packet to be 1382 * sent now. 1383 */ 1384 static inline int tcp_nagle_test(struct tcp_sock *tp, struct sk_buff *skb, 1385 unsigned int cur_mss, int nonagle) 1386 { 1387 /* Nagle rule does not apply to frames, which sit in the middle of the 1388 * write_queue (they have no chances to get new data). 1389 * 1390 * This is implemented in the callers, where they modify the 'nonagle' 1391 * argument based upon the location of SKB in the send queue. 1392 */ 1393 if (nonagle & TCP_NAGLE_PUSH) 1394 return 1; 1395 1396 /* Don't use the nagle rule for urgent data (or for the final FIN). 1397 * Nagle can be ignored during F-RTO too (see RFC4138). 1398 */ 1399 if (tcp_urg_mode(tp) || (tp->frto_counter == 2) || 1400 (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN)) 1401 return 1; 1402 1403 if (!tcp_nagle_check(tp, skb, cur_mss, nonagle)) 1404 return 1; 1405 1406 return 0; 1407 } 1408 1409 /* Does at least the first segment of SKB fit into the send window? */ 1410 static inline int tcp_snd_wnd_test(struct tcp_sock *tp, struct sk_buff *skb, 1411 unsigned int cur_mss) 1412 { 1413 u32 end_seq = TCP_SKB_CB(skb)->end_seq; 1414 1415 if (skb->len > cur_mss) 1416 end_seq = TCP_SKB_CB(skb)->seq + cur_mss; 1417 1418 return !after(end_seq, tcp_wnd_end(tp)); 1419 } 1420 1421 /* This checks if the data bearing packet SKB (usually tcp_send_head(sk)) 1422 * should be put on the wire right now. If so, it returns the number of 1423 * packets allowed by the congestion window. 1424 */ 1425 static unsigned int tcp_snd_test(struct sock *sk, struct sk_buff *skb, 1426 unsigned int cur_mss, int nonagle) 1427 { 1428 struct tcp_sock *tp = tcp_sk(sk); 1429 unsigned int cwnd_quota; 1430 1431 tcp_init_tso_segs(sk, skb, cur_mss); 1432 1433 if (!tcp_nagle_test(tp, skb, cur_mss, nonagle)) 1434 return 0; 1435 1436 cwnd_quota = tcp_cwnd_test(tp, skb); 1437 if (cwnd_quota && !tcp_snd_wnd_test(tp, skb, cur_mss)) 1438 cwnd_quota = 0; 1439 1440 return cwnd_quota; 1441 } 1442 1443 /* Test if sending is allowed right now. */ 1444 int tcp_may_send_now(struct sock *sk) 1445 { 1446 struct tcp_sock *tp = tcp_sk(sk); 1447 struct sk_buff *skb = tcp_send_head(sk); 1448 1449 return (skb && 1450 tcp_snd_test(sk, skb, tcp_current_mss(sk), 1451 (tcp_skb_is_last(sk, skb) ? 1452 tp->nonagle : TCP_NAGLE_PUSH))); 1453 } 1454 1455 /* Trim TSO SKB to LEN bytes, put the remaining data into a new packet 1456 * which is put after SKB on the list. It is very much like 1457 * tcp_fragment() except that it may make several kinds of assumptions 1458 * in order to speed up the splitting operation. In particular, we 1459 * know that all the data is in scatter-gather pages, and that the 1460 * packet has never been sent out before (and thus is not cloned). 1461 */ 1462 static int tso_fragment(struct sock *sk, struct sk_buff *skb, unsigned int len, 1463 unsigned int mss_now) 1464 { 1465 struct sk_buff *buff; 1466 int nlen = skb->len - len; 1467 u8 flags; 1468 1469 /* All of a TSO frame must be composed of paged data. */ 1470 if (skb->len != skb->data_len) 1471 return tcp_fragment(sk, skb, len, mss_now); 1472 1473 buff = sk_stream_alloc_skb(sk, 0, GFP_ATOMIC); 1474 if (unlikely(buff == NULL)) 1475 return -ENOMEM; 1476 1477 sk->sk_wmem_queued += buff->truesize; 1478 sk_mem_charge(sk, buff->truesize); 1479 buff->truesize += nlen; 1480 skb->truesize -= nlen; 1481 1482 /* Correct the sequence numbers. */ 1483 TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len; 1484 TCP_SKB_CB(buff)->end_seq = TCP_SKB_CB(skb)->end_seq; 1485 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(buff)->seq; 1486 1487 /* PSH and FIN should only be set in the second packet. */ 1488 flags = TCP_SKB_CB(skb)->flags; 1489 TCP_SKB_CB(skb)->flags = flags & ~(TCPCB_FLAG_FIN | TCPCB_FLAG_PSH); 1490 TCP_SKB_CB(buff)->flags = flags; 1491 1492 /* This packet was never sent out yet, so no SACK bits. */ 1493 TCP_SKB_CB(buff)->sacked = 0; 1494 1495 buff->ip_summed = skb->ip_summed = CHECKSUM_PARTIAL; 1496 skb_split(skb, buff, len); 1497 1498 /* Fix up tso_factor for both original and new SKB. */ 1499 tcp_set_skb_tso_segs(sk, skb, mss_now); 1500 tcp_set_skb_tso_segs(sk, buff, mss_now); 1501 1502 /* Link BUFF into the send queue. */ 1503 skb_header_release(buff); 1504 tcp_insert_write_queue_after(skb, buff, sk); 1505 1506 return 0; 1507 } 1508 1509 /* Try to defer sending, if possible, in order to minimize the amount 1510 * of TSO splitting we do. View it as a kind of TSO Nagle test. 1511 * 1512 * This algorithm is from John Heffner. 1513 */ 1514 static int tcp_tso_should_defer(struct sock *sk, struct sk_buff *skb) 1515 { 1516 struct tcp_sock *tp = tcp_sk(sk); 1517 const struct inet_connection_sock *icsk = inet_csk(sk); 1518 u32 send_win, cong_win, limit, in_flight; 1519 1520 if (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) 1521 goto send_now; 1522 1523 if (icsk->icsk_ca_state != TCP_CA_Open) 1524 goto send_now; 1525 1526 /* Defer for less than two clock ticks. */ 1527 if (tp->tso_deferred && 1528 (((u32)jiffies << 1) >> 1) - (tp->tso_deferred >> 1) > 1) 1529 goto send_now; 1530 1531 in_flight = tcp_packets_in_flight(tp); 1532 1533 BUG_ON(tcp_skb_pcount(skb) <= 1 || (tp->snd_cwnd <= in_flight)); 1534 1535 send_win = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq; 1536 1537 /* From in_flight test above, we know that cwnd > in_flight. */ 1538 cong_win = (tp->snd_cwnd - in_flight) * tp->mss_cache; 1539 1540 limit = min(send_win, cong_win); 1541 1542 /* If a full-sized TSO skb can be sent, do it. */ 1543 if (limit >= sk->sk_gso_max_size) 1544 goto send_now; 1545 1546 /* Middle in queue won't get any more data, full sendable already? */ 1547 if ((skb != tcp_write_queue_tail(sk)) && (limit >= skb->len)) 1548 goto send_now; 1549 1550 if (sysctl_tcp_tso_win_divisor) { 1551 u32 chunk = min(tp->snd_wnd, tp->snd_cwnd * tp->mss_cache); 1552 1553 /* If at least some fraction of a window is available, 1554 * just use it. 1555 */ 1556 chunk /= sysctl_tcp_tso_win_divisor; 1557 if (limit >= chunk) 1558 goto send_now; 1559 } else { 1560 /* Different approach, try not to defer past a single 1561 * ACK. Receiver should ACK every other full sized 1562 * frame, so if we have space for more than 3 frames 1563 * then send now. 1564 */ 1565 if (limit > tcp_max_burst(tp) * tp->mss_cache) 1566 goto send_now; 1567 } 1568 1569 /* Ok, it looks like it is advisable to defer. */ 1570 tp->tso_deferred = 1 | (jiffies << 1); 1571 1572 return 1; 1573 1574 send_now: 1575 tp->tso_deferred = 0; 1576 return 0; 1577 } 1578 1579 /* Create a new MTU probe if we are ready. 1580 * MTU probe is regularly attempting to increase the path MTU by 1581 * deliberately sending larger packets. This discovers routing 1582 * changes resulting in larger path MTUs. 1583 * 1584 * Returns 0 if we should wait to probe (no cwnd available), 1585 * 1 if a probe was sent, 1586 * -1 otherwise 1587 */ 1588 static int tcp_mtu_probe(struct sock *sk) 1589 { 1590 struct tcp_sock *tp = tcp_sk(sk); 1591 struct inet_connection_sock *icsk = inet_csk(sk); 1592 struct sk_buff *skb, *nskb, *next; 1593 int len; 1594 int probe_size; 1595 int size_needed; 1596 int copy; 1597 int mss_now; 1598 1599 /* Not currently probing/verifying, 1600 * not in recovery, 1601 * have enough cwnd, and 1602 * not SACKing (the variable headers throw things off) */ 1603 if (!icsk->icsk_mtup.enabled || 1604 icsk->icsk_mtup.probe_size || 1605 inet_csk(sk)->icsk_ca_state != TCP_CA_Open || 1606 tp->snd_cwnd < 11 || 1607 tp->rx_opt.num_sacks || tp->rx_opt.dsack) 1608 return -1; 1609 1610 /* Very simple search strategy: just double the MSS. */ 1611 mss_now = tcp_current_mss(sk); 1612 probe_size = 2 * tp->mss_cache; 1613 size_needed = probe_size + (tp->reordering + 1) * tp->mss_cache; 1614 if (probe_size > tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_high)) { 1615 /* TODO: set timer for probe_converge_event */ 1616 return -1; 1617 } 1618 1619 /* Have enough data in the send queue to probe? */ 1620 if (tp->write_seq - tp->snd_nxt < size_needed) 1621 return -1; 1622 1623 if (tp->snd_wnd < size_needed) 1624 return -1; 1625 if (after(tp->snd_nxt + size_needed, tcp_wnd_end(tp))) 1626 return 0; 1627 1628 /* Do we need to wait to drain cwnd? With none in flight, don't stall */ 1629 if (tcp_packets_in_flight(tp) + 2 > tp->snd_cwnd) { 1630 if (!tcp_packets_in_flight(tp)) 1631 return -1; 1632 else 1633 return 0; 1634 } 1635 1636 /* We're allowed to probe. Build it now. */ 1637 if ((nskb = sk_stream_alloc_skb(sk, probe_size, GFP_ATOMIC)) == NULL) 1638 return -1; 1639 sk->sk_wmem_queued += nskb->truesize; 1640 sk_mem_charge(sk, nskb->truesize); 1641 1642 skb = tcp_send_head(sk); 1643 1644 TCP_SKB_CB(nskb)->seq = TCP_SKB_CB(skb)->seq; 1645 TCP_SKB_CB(nskb)->end_seq = TCP_SKB_CB(skb)->seq + probe_size; 1646 TCP_SKB_CB(nskb)->flags = TCPCB_FLAG_ACK; 1647 TCP_SKB_CB(nskb)->sacked = 0; 1648 nskb->csum = 0; 1649 nskb->ip_summed = skb->ip_summed; 1650 1651 tcp_insert_write_queue_before(nskb, skb, sk); 1652 1653 len = 0; 1654 tcp_for_write_queue_from_safe(skb, next, sk) { 1655 copy = min_t(int, skb->len, probe_size - len); 1656 if (nskb->ip_summed) 1657 skb_copy_bits(skb, 0, skb_put(nskb, copy), copy); 1658 else 1659 nskb->csum = skb_copy_and_csum_bits(skb, 0, 1660 skb_put(nskb, copy), 1661 copy, nskb->csum); 1662 1663 if (skb->len <= copy) { 1664 /* We've eaten all the data from this skb. 1665 * Throw it away. */ 1666 TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags; 1667 tcp_unlink_write_queue(skb, sk); 1668 sk_wmem_free_skb(sk, skb); 1669 } else { 1670 TCP_SKB_CB(nskb)->flags |= TCP_SKB_CB(skb)->flags & 1671 ~(TCPCB_FLAG_FIN|TCPCB_FLAG_PSH); 1672 if (!skb_shinfo(skb)->nr_frags) { 1673 skb_pull(skb, copy); 1674 if (skb->ip_summed != CHECKSUM_PARTIAL) 1675 skb->csum = csum_partial(skb->data, 1676 skb->len, 0); 1677 } else { 1678 __pskb_trim_head(skb, copy); 1679 tcp_set_skb_tso_segs(sk, skb, mss_now); 1680 } 1681 TCP_SKB_CB(skb)->seq += copy; 1682 } 1683 1684 len += copy; 1685 1686 if (len >= probe_size) 1687 break; 1688 } 1689 tcp_init_tso_segs(sk, nskb, nskb->len); 1690 1691 /* We're ready to send. If this fails, the probe will 1692 * be resegmented into mss-sized pieces by tcp_write_xmit(). */ 1693 TCP_SKB_CB(nskb)->when = tcp_time_stamp; 1694 if (!tcp_transmit_skb(sk, nskb, 1, GFP_ATOMIC)) { 1695 /* Decrement cwnd here because we are sending 1696 * effectively two packets. */ 1697 tp->snd_cwnd--; 1698 tcp_event_new_data_sent(sk, nskb); 1699 1700 icsk->icsk_mtup.probe_size = tcp_mss_to_mtu(sk, nskb->len); 1701 tp->mtu_probe.probe_seq_start = TCP_SKB_CB(nskb)->seq; 1702 tp->mtu_probe.probe_seq_end = TCP_SKB_CB(nskb)->end_seq; 1703 1704 return 1; 1705 } 1706 1707 return -1; 1708 } 1709 1710 /* This routine writes packets to the network. It advances the 1711 * send_head. This happens as incoming acks open up the remote 1712 * window for us. 1713 * 1714 * LARGESEND note: !tcp_urg_mode is overkill, only frames between 1715 * snd_up-64k-mss .. snd_up cannot be large. However, taking into 1716 * account rare use of URG, this is not a big flaw. 1717 * 1718 * Returns 1, if no segments are in flight and we have queued segments, but 1719 * cannot send anything now because of SWS or another problem. 1720 */ 1721 static int tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle, 1722 int push_one, gfp_t gfp) 1723 { 1724 struct tcp_sock *tp = tcp_sk(sk); 1725 struct sk_buff *skb; 1726 unsigned int tso_segs, sent_pkts; 1727 int cwnd_quota; 1728 int result; 1729 1730 sent_pkts = 0; 1731 1732 if (!push_one) { 1733 /* Do MTU probing. */ 1734 result = tcp_mtu_probe(sk); 1735 if (!result) { 1736 return 0; 1737 } else if (result > 0) { 1738 sent_pkts = 1; 1739 } 1740 } 1741 1742 while ((skb = tcp_send_head(sk))) { 1743 unsigned int limit; 1744 1745 tso_segs = tcp_init_tso_segs(sk, skb, mss_now); 1746 BUG_ON(!tso_segs); 1747 1748 cwnd_quota = tcp_cwnd_test(tp, skb); 1749 if (!cwnd_quota) 1750 break; 1751 1752 if (unlikely(!tcp_snd_wnd_test(tp, skb, mss_now))) 1753 break; 1754 1755 if (tso_segs == 1) { 1756 if (unlikely(!tcp_nagle_test(tp, skb, mss_now, 1757 (tcp_skb_is_last(sk, skb) ? 1758 nonagle : TCP_NAGLE_PUSH)))) 1759 break; 1760 } else { 1761 if (!push_one && tcp_tso_should_defer(sk, skb)) 1762 break; 1763 } 1764 1765 limit = mss_now; 1766 if (tso_segs > 1 && !tcp_urg_mode(tp)) 1767 limit = tcp_mss_split_point(sk, skb, mss_now, 1768 cwnd_quota); 1769 1770 if (skb->len > limit && 1771 unlikely(tso_fragment(sk, skb, limit, mss_now))) 1772 break; 1773 1774 TCP_SKB_CB(skb)->when = tcp_time_stamp; 1775 1776 if (unlikely(tcp_transmit_skb(sk, skb, 1, gfp))) 1777 break; 1778 1779 /* Advance the send_head. This one is sent out. 1780 * This call will increment packets_out. 1781 */ 1782 tcp_event_new_data_sent(sk, skb); 1783 1784 tcp_minshall_update(tp, mss_now, skb); 1785 sent_pkts++; 1786 1787 if (push_one) 1788 break; 1789 } 1790 1791 if (likely(sent_pkts)) { 1792 tcp_cwnd_validate(sk); 1793 return 0; 1794 } 1795 return !tp->packets_out && tcp_send_head(sk); 1796 } 1797 1798 /* Push out any pending frames which were held back due to 1799 * TCP_CORK or attempt at coalescing tiny packets. 1800 * The socket must be locked by the caller. 1801 */ 1802 void __tcp_push_pending_frames(struct sock *sk, unsigned int cur_mss, 1803 int nonagle) 1804 { 1805 /* If we are closed, the bytes will have to remain here. 1806 * In time closedown will finish, we empty the write queue and 1807 * all will be happy. 1808 */ 1809 if (unlikely(sk->sk_state == TCP_CLOSE)) 1810 return; 1811 1812 if (tcp_write_xmit(sk, cur_mss, nonagle, 0, GFP_ATOMIC)) 1813 tcp_check_probe_timer(sk); 1814 } 1815 1816 /* Send _single_ skb sitting at the send head. This function requires 1817 * true push pending frames to setup probe timer etc. 1818 */ 1819 void tcp_push_one(struct sock *sk, unsigned int mss_now) 1820 { 1821 struct sk_buff *skb = tcp_send_head(sk); 1822 1823 BUG_ON(!skb || skb->len < mss_now); 1824 1825 tcp_write_xmit(sk, mss_now, TCP_NAGLE_PUSH, 1, sk->sk_allocation); 1826 } 1827 1828 /* This function returns the amount that we can raise the 1829 * usable window based on the following constraints 1830 * 1831 * 1. The window can never be shrunk once it is offered (RFC 793) 1832 * 2. We limit memory per socket 1833 * 1834 * RFC 1122: 1835 * "the suggested [SWS] avoidance algorithm for the receiver is to keep 1836 * RECV.NEXT + RCV.WIN fixed until: 1837 * RCV.BUFF - RCV.USER - RCV.WINDOW >= min(1/2 RCV.BUFF, MSS)" 1838 * 1839 * i.e. don't raise the right edge of the window until you can raise 1840 * it at least MSS bytes. 1841 * 1842 * Unfortunately, the recommended algorithm breaks header prediction, 1843 * since header prediction assumes th->window stays fixed. 1844 * 1845 * Strictly speaking, keeping th->window fixed violates the receiver 1846 * side SWS prevention criteria. The problem is that under this rule 1847 * a stream of single byte packets will cause the right side of the 1848 * window to always advance by a single byte. 1849 * 1850 * Of course, if the sender implements sender side SWS prevention 1851 * then this will not be a problem. 1852 * 1853 * BSD seems to make the following compromise: 1854 * 1855 * If the free space is less than the 1/4 of the maximum 1856 * space available and the free space is less than 1/2 mss, 1857 * then set the window to 0. 1858 * [ Actually, bsd uses MSS and 1/4 of maximal _window_ ] 1859 * Otherwise, just prevent the window from shrinking 1860 * and from being larger than the largest representable value. 1861 * 1862 * This prevents incremental opening of the window in the regime 1863 * where TCP is limited by the speed of the reader side taking 1864 * data out of the TCP receive queue. It does nothing about 1865 * those cases where the window is constrained on the sender side 1866 * because the pipeline is full. 1867 * 1868 * BSD also seems to "accidentally" limit itself to windows that are a 1869 * multiple of MSS, at least until the free space gets quite small. 1870 * This would appear to be a side effect of the mbuf implementation. 1871 * Combining these two algorithms results in the observed behavior 1872 * of having a fixed window size at almost all times. 1873 * 1874 * Below we obtain similar behavior by forcing the offered window to 1875 * a multiple of the mss when it is feasible to do so. 1876 * 1877 * Note, we don't "adjust" for TIMESTAMP or SACK option bytes. 1878 * Regular options like TIMESTAMP are taken into account. 1879 */ 1880 u32 __tcp_select_window(struct sock *sk) 1881 { 1882 struct inet_connection_sock *icsk = inet_csk(sk); 1883 struct tcp_sock *tp = tcp_sk(sk); 1884 /* MSS for the peer's data. Previous versions used mss_clamp 1885 * here. I don't know if the value based on our guesses 1886 * of peer's MSS is better for the performance. It's more correct 1887 * but may be worse for the performance because of rcv_mss 1888 * fluctuations. --SAW 1998/11/1 1889 */ 1890 int mss = icsk->icsk_ack.rcv_mss; 1891 int free_space = tcp_space(sk); 1892 int full_space = min_t(int, tp->window_clamp, tcp_full_space(sk)); 1893 int window; 1894 1895 if (mss > full_space) 1896 mss = full_space; 1897 1898 if (free_space < (full_space >> 1)) { 1899 icsk->icsk_ack.quick = 0; 1900 1901 if (tcp_memory_pressure) 1902 tp->rcv_ssthresh = min(tp->rcv_ssthresh, 1903 4U * tp->advmss); 1904 1905 if (free_space < mss) 1906 return 0; 1907 } 1908 1909 if (free_space > tp->rcv_ssthresh) 1910 free_space = tp->rcv_ssthresh; 1911 1912 /* Don't do rounding if we are using window scaling, since the 1913 * scaled window will not line up with the MSS boundary anyway. 1914 */ 1915 window = tp->rcv_wnd; 1916 if (tp->rx_opt.rcv_wscale) { 1917 window = free_space; 1918 1919 /* Advertise enough space so that it won't get scaled away. 1920 * Import case: prevent zero window announcement if 1921 * 1<<rcv_wscale > mss. 1922 */ 1923 if (((window >> tp->rx_opt.rcv_wscale) << tp->rx_opt.rcv_wscale) != window) 1924 window = (((window >> tp->rx_opt.rcv_wscale) + 1) 1925 << tp->rx_opt.rcv_wscale); 1926 } else { 1927 /* Get the largest window that is a nice multiple of mss. 1928 * Window clamp already applied above. 1929 * If our current window offering is within 1 mss of the 1930 * free space we just keep it. This prevents the divide 1931 * and multiply from happening most of the time. 1932 * We also don't do any window rounding when the free space 1933 * is too small. 1934 */ 1935 if (window <= free_space - mss || window > free_space) 1936 window = (free_space / mss) * mss; 1937 else if (mss == full_space && 1938 free_space > window + (full_space >> 1)) 1939 window = free_space; 1940 } 1941 1942 return window; 1943 } 1944 1945 /* Collapses two adjacent SKB's during retransmission. */ 1946 static void tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb) 1947 { 1948 struct tcp_sock *tp = tcp_sk(sk); 1949 struct sk_buff *next_skb = tcp_write_queue_next(sk, skb); 1950 int skb_size, next_skb_size; 1951 1952 skb_size = skb->len; 1953 next_skb_size = next_skb->len; 1954 1955 BUG_ON(tcp_skb_pcount(skb) != 1 || tcp_skb_pcount(next_skb) != 1); 1956 1957 tcp_highest_sack_combine(sk, next_skb, skb); 1958 1959 tcp_unlink_write_queue(next_skb, sk); 1960 1961 skb_copy_from_linear_data(next_skb, skb_put(skb, next_skb_size), 1962 next_skb_size); 1963 1964 if (next_skb->ip_summed == CHECKSUM_PARTIAL) 1965 skb->ip_summed = CHECKSUM_PARTIAL; 1966 1967 if (skb->ip_summed != CHECKSUM_PARTIAL) 1968 skb->csum = csum_block_add(skb->csum, next_skb->csum, skb_size); 1969 1970 /* Update sequence range on original skb. */ 1971 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(next_skb)->end_seq; 1972 1973 /* Merge over control information. This moves PSH/FIN etc. over */ 1974 TCP_SKB_CB(skb)->flags |= TCP_SKB_CB(next_skb)->flags; 1975 1976 /* All done, get rid of second SKB and account for it so 1977 * packet counting does not break. 1978 */ 1979 TCP_SKB_CB(skb)->sacked |= TCP_SKB_CB(next_skb)->sacked & TCPCB_EVER_RETRANS; 1980 1981 /* changed transmit queue under us so clear hints */ 1982 tcp_clear_retrans_hints_partial(tp); 1983 if (next_skb == tp->retransmit_skb_hint) 1984 tp->retransmit_skb_hint = skb; 1985 1986 tcp_adjust_pcount(sk, next_skb, tcp_skb_pcount(next_skb)); 1987 1988 sk_wmem_free_skb(sk, next_skb); 1989 } 1990 1991 /* Check if coalescing SKBs is legal. */ 1992 static int tcp_can_collapse(struct sock *sk, struct sk_buff *skb) 1993 { 1994 if (tcp_skb_pcount(skb) > 1) 1995 return 0; 1996 /* TODO: SACK collapsing could be used to remove this condition */ 1997 if (skb_shinfo(skb)->nr_frags != 0) 1998 return 0; 1999 if (skb_cloned(skb)) 2000 return 0; 2001 if (skb == tcp_send_head(sk)) 2002 return 0; 2003 /* Some heurestics for collapsing over SACK'd could be invented */ 2004 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED) 2005 return 0; 2006 2007 return 1; 2008 } 2009 2010 /* Collapse packets in the retransmit queue to make to create 2011 * less packets on the wire. This is only done on retransmission. 2012 */ 2013 static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to, 2014 int space) 2015 { 2016 struct tcp_sock *tp = tcp_sk(sk); 2017 struct sk_buff *skb = to, *tmp; 2018 int first = 1; 2019 2020 if (!sysctl_tcp_retrans_collapse) 2021 return; 2022 if (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_SYN) 2023 return; 2024 2025 tcp_for_write_queue_from_safe(skb, tmp, sk) { 2026 if (!tcp_can_collapse(sk, skb)) 2027 break; 2028 2029 space -= skb->len; 2030 2031 if (first) { 2032 first = 0; 2033 continue; 2034 } 2035 2036 if (space < 0) 2037 break; 2038 /* Punt if not enough space exists in the first SKB for 2039 * the data in the second 2040 */ 2041 if (skb->len > skb_tailroom(to)) 2042 break; 2043 2044 if (after(TCP_SKB_CB(skb)->end_seq, tcp_wnd_end(tp))) 2045 break; 2046 2047 tcp_collapse_retrans(sk, to); 2048 } 2049 } 2050 2051 /* This retransmits one SKB. Policy decisions and retransmit queue 2052 * state updates are done by the caller. Returns non-zero if an 2053 * error occurred which prevented the send. 2054 */ 2055 int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb) 2056 { 2057 struct tcp_sock *tp = tcp_sk(sk); 2058 struct inet_connection_sock *icsk = inet_csk(sk); 2059 unsigned int cur_mss; 2060 int err; 2061 2062 /* Inconslusive MTU probe */ 2063 if (icsk->icsk_mtup.probe_size) { 2064 icsk->icsk_mtup.probe_size = 0; 2065 } 2066 2067 /* Do not sent more than we queued. 1/4 is reserved for possible 2068 * copying overhead: fragmentation, tunneling, mangling etc. 2069 */ 2070 if (atomic_read(&sk->sk_wmem_alloc) > 2071 min(sk->sk_wmem_queued + (sk->sk_wmem_queued >> 2), sk->sk_sndbuf)) 2072 return -EAGAIN; 2073 2074 if (before(TCP_SKB_CB(skb)->seq, tp->snd_una)) { 2075 if (before(TCP_SKB_CB(skb)->end_seq, tp->snd_una)) 2076 BUG(); 2077 if (tcp_trim_head(sk, skb, tp->snd_una - TCP_SKB_CB(skb)->seq)) 2078 return -ENOMEM; 2079 } 2080 2081 if (inet_csk(sk)->icsk_af_ops->rebuild_header(sk)) 2082 return -EHOSTUNREACH; /* Routing failure or similar. */ 2083 2084 cur_mss = tcp_current_mss(sk); 2085 2086 /* If receiver has shrunk his window, and skb is out of 2087 * new window, do not retransmit it. The exception is the 2088 * case, when window is shrunk to zero. In this case 2089 * our retransmit serves as a zero window probe. 2090 */ 2091 if (!before(TCP_SKB_CB(skb)->seq, tcp_wnd_end(tp)) && 2092 TCP_SKB_CB(skb)->seq != tp->snd_una) 2093 return -EAGAIN; 2094 2095 if (skb->len > cur_mss) { 2096 if (tcp_fragment(sk, skb, cur_mss, cur_mss)) 2097 return -ENOMEM; /* We'll try again later. */ 2098 } else { 2099 int oldpcount = tcp_skb_pcount(skb); 2100 2101 if (unlikely(oldpcount > 1)) { 2102 tcp_init_tso_segs(sk, skb, cur_mss); 2103 tcp_adjust_pcount(sk, skb, oldpcount - tcp_skb_pcount(skb)); 2104 } 2105 } 2106 2107 tcp_retrans_try_collapse(sk, skb, cur_mss); 2108 2109 /* Some Solaris stacks overoptimize and ignore the FIN on a 2110 * retransmit when old data is attached. So strip it off 2111 * since it is cheap to do so and saves bytes on the network. 2112 */ 2113 if (skb->len > 0 && 2114 (TCP_SKB_CB(skb)->flags & TCPCB_FLAG_FIN) && 2115 tp->snd_una == (TCP_SKB_CB(skb)->end_seq - 1)) { 2116 if (!pskb_trim(skb, 0)) { 2117 /* Reuse, even though it does some unnecessary work */ 2118 tcp_init_nondata_skb(skb, TCP_SKB_CB(skb)->end_seq - 1, 2119 TCP_SKB_CB(skb)->flags); 2120 skb->ip_summed = CHECKSUM_NONE; 2121 } 2122 } 2123 2124 /* Make a copy, if the first transmission SKB clone we made 2125 * is still in somebody's hands, else make a clone. 2126 */ 2127 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2128 2129 err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); 2130 2131 if (err == 0) { 2132 /* Update global TCP statistics. */ 2133 TCP_INC_STATS(sock_net(sk), TCP_MIB_RETRANSSEGS); 2134 2135 tp->total_retrans++; 2136 2137 #if FASTRETRANS_DEBUG > 0 2138 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_RETRANS) { 2139 if (net_ratelimit()) 2140 printk(KERN_DEBUG "retrans_out leaked.\n"); 2141 } 2142 #endif 2143 if (!tp->retrans_out) 2144 tp->lost_retrans_low = tp->snd_nxt; 2145 TCP_SKB_CB(skb)->sacked |= TCPCB_RETRANS; 2146 tp->retrans_out += tcp_skb_pcount(skb); 2147 2148 /* Save stamp of the first retransmit. */ 2149 if (!tp->retrans_stamp) 2150 tp->retrans_stamp = TCP_SKB_CB(skb)->when; 2151 2152 tp->undo_retrans++; 2153 2154 /* snd_nxt is stored to detect loss of retransmitted segment, 2155 * see tcp_input.c tcp_sacktag_write_queue(). 2156 */ 2157 TCP_SKB_CB(skb)->ack_seq = tp->snd_nxt; 2158 } 2159 return err; 2160 } 2161 2162 /* Check if we forward retransmits are possible in the current 2163 * window/congestion state. 2164 */ 2165 static int tcp_can_forward_retransmit(struct sock *sk) 2166 { 2167 const struct inet_connection_sock *icsk = inet_csk(sk); 2168 struct tcp_sock *tp = tcp_sk(sk); 2169 2170 /* Forward retransmissions are possible only during Recovery. */ 2171 if (icsk->icsk_ca_state != TCP_CA_Recovery) 2172 return 0; 2173 2174 /* No forward retransmissions in Reno are possible. */ 2175 if (tcp_is_reno(tp)) 2176 return 0; 2177 2178 /* Yeah, we have to make difficult choice between forward transmission 2179 * and retransmission... Both ways have their merits... 2180 * 2181 * For now we do not retransmit anything, while we have some new 2182 * segments to send. In the other cases, follow rule 3 for 2183 * NextSeg() specified in RFC3517. 2184 */ 2185 2186 if (tcp_may_send_now(sk)) 2187 return 0; 2188 2189 return 1; 2190 } 2191 2192 /* This gets called after a retransmit timeout, and the initially 2193 * retransmitted data is acknowledged. It tries to continue 2194 * resending the rest of the retransmit queue, until either 2195 * we've sent it all or the congestion window limit is reached. 2196 * If doing SACK, the first ACK which comes back for a timeout 2197 * based retransmit packet might feed us FACK information again. 2198 * If so, we use it to avoid unnecessarily retransmissions. 2199 */ 2200 void tcp_xmit_retransmit_queue(struct sock *sk) 2201 { 2202 const struct inet_connection_sock *icsk = inet_csk(sk); 2203 struct tcp_sock *tp = tcp_sk(sk); 2204 struct sk_buff *skb; 2205 struct sk_buff *hole = NULL; 2206 u32 last_lost; 2207 int mib_idx; 2208 int fwd_rexmitting = 0; 2209 2210 if (!tp->lost_out) 2211 tp->retransmit_high = tp->snd_una; 2212 2213 if (tp->retransmit_skb_hint) { 2214 skb = tp->retransmit_skb_hint; 2215 last_lost = TCP_SKB_CB(skb)->end_seq; 2216 if (after(last_lost, tp->retransmit_high)) 2217 last_lost = tp->retransmit_high; 2218 } else { 2219 skb = tcp_write_queue_head(sk); 2220 last_lost = tp->snd_una; 2221 } 2222 2223 tcp_for_write_queue_from(skb, sk) { 2224 __u8 sacked = TCP_SKB_CB(skb)->sacked; 2225 2226 if (skb == tcp_send_head(sk)) 2227 break; 2228 /* we could do better than to assign each time */ 2229 if (hole == NULL) 2230 tp->retransmit_skb_hint = skb; 2231 2232 /* Assume this retransmit will generate 2233 * only one packet for congestion window 2234 * calculation purposes. This works because 2235 * tcp_retransmit_skb() will chop up the 2236 * packet to be MSS sized and all the 2237 * packet counting works out. 2238 */ 2239 if (tcp_packets_in_flight(tp) >= tp->snd_cwnd) 2240 return; 2241 2242 if (fwd_rexmitting) { 2243 begin_fwd: 2244 if (!before(TCP_SKB_CB(skb)->seq, tcp_highest_sack_seq(tp))) 2245 break; 2246 mib_idx = LINUX_MIB_TCPFORWARDRETRANS; 2247 2248 } else if (!before(TCP_SKB_CB(skb)->seq, tp->retransmit_high)) { 2249 tp->retransmit_high = last_lost; 2250 if (!tcp_can_forward_retransmit(sk)) 2251 break; 2252 /* Backtrack if necessary to non-L'ed skb */ 2253 if (hole != NULL) { 2254 skb = hole; 2255 hole = NULL; 2256 } 2257 fwd_rexmitting = 1; 2258 goto begin_fwd; 2259 2260 } else if (!(sacked & TCPCB_LOST)) { 2261 if (hole == NULL && !(sacked & (TCPCB_SACKED_RETRANS|TCPCB_SACKED_ACKED))) 2262 hole = skb; 2263 continue; 2264 2265 } else { 2266 last_lost = TCP_SKB_CB(skb)->end_seq; 2267 if (icsk->icsk_ca_state != TCP_CA_Loss) 2268 mib_idx = LINUX_MIB_TCPFASTRETRANS; 2269 else 2270 mib_idx = LINUX_MIB_TCPSLOWSTARTRETRANS; 2271 } 2272 2273 if (sacked & (TCPCB_SACKED_ACKED|TCPCB_SACKED_RETRANS)) 2274 continue; 2275 2276 if (tcp_retransmit_skb(sk, skb)) 2277 return; 2278 NET_INC_STATS_BH(sock_net(sk), mib_idx); 2279 2280 if (skb == tcp_write_queue_head(sk)) 2281 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, 2282 inet_csk(sk)->icsk_rto, 2283 TCP_RTO_MAX); 2284 } 2285 } 2286 2287 /* Send a fin. The caller locks the socket for us. This cannot be 2288 * allowed to fail queueing a FIN frame under any circumstances. 2289 */ 2290 void tcp_send_fin(struct sock *sk) 2291 { 2292 struct tcp_sock *tp = tcp_sk(sk); 2293 struct sk_buff *skb = tcp_write_queue_tail(sk); 2294 int mss_now; 2295 2296 /* Optimization, tack on the FIN if we have a queue of 2297 * unsent frames. But be careful about outgoing SACKS 2298 * and IP options. 2299 */ 2300 mss_now = tcp_current_mss(sk); 2301 2302 if (tcp_send_head(sk) != NULL) { 2303 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_FIN; 2304 TCP_SKB_CB(skb)->end_seq++; 2305 tp->write_seq++; 2306 } else { 2307 /* Socket is locked, keep trying until memory is available. */ 2308 for (;;) { 2309 skb = alloc_skb_fclone(MAX_TCP_HEADER, 2310 sk->sk_allocation); 2311 if (skb) 2312 break; 2313 yield(); 2314 } 2315 2316 /* Reserve space for headers and prepare control bits. */ 2317 skb_reserve(skb, MAX_TCP_HEADER); 2318 /* FIN eats a sequence byte, write_seq advanced by tcp_queue_skb(). */ 2319 tcp_init_nondata_skb(skb, tp->write_seq, 2320 TCPCB_FLAG_ACK | TCPCB_FLAG_FIN); 2321 tcp_queue_skb(sk, skb); 2322 } 2323 __tcp_push_pending_frames(sk, mss_now, TCP_NAGLE_OFF); 2324 } 2325 2326 /* We get here when a process closes a file descriptor (either due to 2327 * an explicit close() or as a byproduct of exit()'ing) and there 2328 * was unread data in the receive queue. This behavior is recommended 2329 * by RFC 2525, section 2.17. -DaveM 2330 */ 2331 void tcp_send_active_reset(struct sock *sk, gfp_t priority) 2332 { 2333 struct sk_buff *skb; 2334 2335 /* NOTE: No TCP options attached and we never retransmit this. */ 2336 skb = alloc_skb(MAX_TCP_HEADER, priority); 2337 if (!skb) { 2338 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTFAILED); 2339 return; 2340 } 2341 2342 /* Reserve space for headers and prepare control bits. */ 2343 skb_reserve(skb, MAX_TCP_HEADER); 2344 tcp_init_nondata_skb(skb, tcp_acceptable_seq(sk), 2345 TCPCB_FLAG_ACK | TCPCB_FLAG_RST); 2346 /* Send it off. */ 2347 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2348 if (tcp_transmit_skb(sk, skb, 0, priority)) 2349 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTFAILED); 2350 2351 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS); 2352 } 2353 2354 /* Send a crossed SYN-ACK during socket establishment. 2355 * WARNING: This routine must only be called when we have already sent 2356 * a SYN packet that crossed the incoming SYN that caused this routine 2357 * to get called. If this assumption fails then the initial rcv_wnd 2358 * and rcv_wscale values will not be correct. 2359 */ 2360 int tcp_send_synack(struct sock *sk) 2361 { 2362 struct sk_buff *skb; 2363 2364 skb = tcp_write_queue_head(sk); 2365 if (skb == NULL || !(TCP_SKB_CB(skb)->flags & TCPCB_FLAG_SYN)) { 2366 printk(KERN_DEBUG "tcp_send_synack: wrong queue state\n"); 2367 return -EFAULT; 2368 } 2369 if (!(TCP_SKB_CB(skb)->flags & TCPCB_FLAG_ACK)) { 2370 if (skb_cloned(skb)) { 2371 struct sk_buff *nskb = skb_copy(skb, GFP_ATOMIC); 2372 if (nskb == NULL) 2373 return -ENOMEM; 2374 tcp_unlink_write_queue(skb, sk); 2375 skb_header_release(nskb); 2376 __tcp_add_write_queue_head(sk, nskb); 2377 sk_wmem_free_skb(sk, skb); 2378 sk->sk_wmem_queued += nskb->truesize; 2379 sk_mem_charge(sk, nskb->truesize); 2380 skb = nskb; 2381 } 2382 2383 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_ACK; 2384 TCP_ECN_send_synack(tcp_sk(sk), skb); 2385 } 2386 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2387 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); 2388 } 2389 2390 /* Prepare a SYN-ACK. */ 2391 struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, 2392 struct request_sock *req, 2393 struct request_values *rvp) 2394 { 2395 struct tcp_out_options opts; 2396 struct tcp_extend_values *xvp = tcp_xv(rvp); 2397 struct inet_request_sock *ireq = inet_rsk(req); 2398 struct tcp_sock *tp = tcp_sk(sk); 2399 const struct tcp_cookie_values *cvp = tp->cookie_values; 2400 struct tcphdr *th; 2401 struct sk_buff *skb; 2402 struct tcp_md5sig_key *md5; 2403 int tcp_header_size; 2404 int mss; 2405 int s_data_desired = 0; 2406 2407 if (cvp != NULL && cvp->s_data_constant && cvp->s_data_desired) 2408 s_data_desired = cvp->s_data_desired; 2409 skb = sock_wmalloc(sk, MAX_TCP_HEADER + 15 + s_data_desired, 1, GFP_ATOMIC); 2410 if (skb == NULL) 2411 return NULL; 2412 2413 /* Reserve space for headers. */ 2414 skb_reserve(skb, MAX_TCP_HEADER); 2415 2416 skb_dst_set(skb, dst_clone(dst)); 2417 2418 mss = dst_metric(dst, RTAX_ADVMSS); 2419 if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < mss) 2420 mss = tp->rx_opt.user_mss; 2421 2422 if (req->rcv_wnd == 0) { /* ignored for retransmitted syns */ 2423 __u8 rcv_wscale; 2424 /* Set this up on the first call only */ 2425 req->window_clamp = tp->window_clamp ? : dst_metric(dst, RTAX_WINDOW); 2426 /* tcp_full_space because it is guaranteed to be the first packet */ 2427 tcp_select_initial_window(tcp_full_space(sk), 2428 mss - (ireq->tstamp_ok ? TCPOLEN_TSTAMP_ALIGNED : 0), 2429 &req->rcv_wnd, 2430 &req->window_clamp, 2431 ireq->wscale_ok, 2432 &rcv_wscale, 2433 dst_metric(dst, RTAX_INITRWND)); 2434 ireq->rcv_wscale = rcv_wscale; 2435 } 2436 2437 memset(&opts, 0, sizeof(opts)); 2438 #ifdef CONFIG_SYN_COOKIES 2439 if (unlikely(req->cookie_ts)) 2440 TCP_SKB_CB(skb)->when = cookie_init_timestamp(req); 2441 else 2442 #endif 2443 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2444 tcp_header_size = tcp_synack_options(sk, req, mss, 2445 skb, &opts, &md5, xvp) 2446 + sizeof(*th); 2447 2448 skb_push(skb, tcp_header_size); 2449 skb_reset_transport_header(skb); 2450 2451 th = tcp_hdr(skb); 2452 memset(th, 0, sizeof(struct tcphdr)); 2453 th->syn = 1; 2454 th->ack = 1; 2455 TCP_ECN_make_synack(req, th); 2456 th->source = ireq->loc_port; 2457 th->dest = ireq->rmt_port; 2458 /* Setting of flags are superfluous here for callers (and ECE is 2459 * not even correctly set) 2460 */ 2461 tcp_init_nondata_skb(skb, tcp_rsk(req)->snt_isn, 2462 TCPCB_FLAG_SYN | TCPCB_FLAG_ACK); 2463 2464 if (OPTION_COOKIE_EXTENSION & opts.options) { 2465 if (s_data_desired) { 2466 u8 *buf = skb_put(skb, s_data_desired); 2467 2468 /* copy data directly from the listening socket. */ 2469 memcpy(buf, cvp->s_data_payload, s_data_desired); 2470 TCP_SKB_CB(skb)->end_seq += s_data_desired; 2471 } 2472 2473 if (opts.hash_size > 0) { 2474 __u32 workspace[SHA_WORKSPACE_WORDS]; 2475 u32 *mess = &xvp->cookie_bakery[COOKIE_DIGEST_WORDS]; 2476 u32 *tail = &mess[COOKIE_MESSAGE_WORDS-1]; 2477 2478 /* Secret recipe depends on the Timestamp, (future) 2479 * Sequence and Acknowledgment Numbers, Initiator 2480 * Cookie, and others handled by IP variant caller. 2481 */ 2482 *tail-- ^= opts.tsval; 2483 *tail-- ^= tcp_rsk(req)->rcv_isn + 1; 2484 *tail-- ^= TCP_SKB_CB(skb)->seq + 1; 2485 2486 /* recommended */ 2487 *tail-- ^= ((th->dest << 16) | th->source); 2488 *tail-- ^= (u32)(unsigned long)cvp; /* per sockopt */ 2489 2490 sha_transform((__u32 *)&xvp->cookie_bakery[0], 2491 (char *)mess, 2492 &workspace[0]); 2493 opts.hash_location = 2494 (__u8 *)&xvp->cookie_bakery[0]; 2495 } 2496 } 2497 2498 th->seq = htonl(TCP_SKB_CB(skb)->seq); 2499 th->ack_seq = htonl(tcp_rsk(req)->rcv_isn + 1); 2500 2501 /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */ 2502 th->window = htons(min(req->rcv_wnd, 65535U)); 2503 tcp_options_write((__be32 *)(th + 1), tp, &opts); 2504 th->doff = (tcp_header_size >> 2); 2505 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTSEGS); 2506 2507 #ifdef CONFIG_TCP_MD5SIG 2508 /* Okay, we have all we need - do the md5 hash if needed */ 2509 if (md5) { 2510 tcp_rsk(req)->af_specific->calc_md5_hash(opts.hash_location, 2511 md5, NULL, req, skb); 2512 } 2513 #endif 2514 2515 return skb; 2516 } 2517 2518 /* Do all connect socket setups that can be done AF independent. */ 2519 static void tcp_connect_init(struct sock *sk) 2520 { 2521 struct dst_entry *dst = __sk_dst_get(sk); 2522 struct tcp_sock *tp = tcp_sk(sk); 2523 __u8 rcv_wscale; 2524 2525 /* We'll fix this up when we get a response from the other end. 2526 * See tcp_input.c:tcp_rcv_state_process case TCP_SYN_SENT. 2527 */ 2528 tp->tcp_header_len = sizeof(struct tcphdr) + 2529 (sysctl_tcp_timestamps ? TCPOLEN_TSTAMP_ALIGNED : 0); 2530 2531 #ifdef CONFIG_TCP_MD5SIG 2532 if (tp->af_specific->md5_lookup(sk, sk) != NULL) 2533 tp->tcp_header_len += TCPOLEN_MD5SIG_ALIGNED; 2534 #endif 2535 2536 /* If user gave his TCP_MAXSEG, record it to clamp */ 2537 if (tp->rx_opt.user_mss) 2538 tp->rx_opt.mss_clamp = tp->rx_opt.user_mss; 2539 tp->max_window = 0; 2540 tcp_mtup_init(sk); 2541 tcp_sync_mss(sk, dst_mtu(dst)); 2542 2543 if (!tp->window_clamp) 2544 tp->window_clamp = dst_metric(dst, RTAX_WINDOW); 2545 tp->advmss = dst_metric(dst, RTAX_ADVMSS); 2546 if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < tp->advmss) 2547 tp->advmss = tp->rx_opt.user_mss; 2548 2549 tcp_initialize_rcv_mss(sk); 2550 2551 tcp_select_initial_window(tcp_full_space(sk), 2552 tp->advmss - (tp->rx_opt.ts_recent_stamp ? tp->tcp_header_len - sizeof(struct tcphdr) : 0), 2553 &tp->rcv_wnd, 2554 &tp->window_clamp, 2555 sysctl_tcp_window_scaling, 2556 &rcv_wscale, 2557 dst_metric(dst, RTAX_INITRWND)); 2558 2559 tp->rx_opt.rcv_wscale = rcv_wscale; 2560 tp->rcv_ssthresh = tp->rcv_wnd; 2561 2562 sk->sk_err = 0; 2563 sock_reset_flag(sk, SOCK_DONE); 2564 tp->snd_wnd = 0; 2565 tcp_init_wl(tp, 0); 2566 tp->snd_una = tp->write_seq; 2567 tp->snd_sml = tp->write_seq; 2568 tp->snd_up = tp->write_seq; 2569 tp->rcv_nxt = 0; 2570 tp->rcv_wup = 0; 2571 tp->copied_seq = 0; 2572 2573 inet_csk(sk)->icsk_rto = TCP_TIMEOUT_INIT; 2574 inet_csk(sk)->icsk_retransmits = 0; 2575 tcp_clear_retrans(tp); 2576 } 2577 2578 /* Build a SYN and send it off. */ 2579 int tcp_connect(struct sock *sk) 2580 { 2581 struct tcp_sock *tp = tcp_sk(sk); 2582 struct sk_buff *buff; 2583 2584 tcp_connect_init(sk); 2585 2586 buff = alloc_skb_fclone(MAX_TCP_HEADER + 15, sk->sk_allocation); 2587 if (unlikely(buff == NULL)) 2588 return -ENOBUFS; 2589 2590 /* Reserve space for headers. */ 2591 skb_reserve(buff, MAX_TCP_HEADER); 2592 2593 tp->snd_nxt = tp->write_seq; 2594 tcp_init_nondata_skb(buff, tp->write_seq++, TCPCB_FLAG_SYN); 2595 TCP_ECN_send_syn(sk, buff); 2596 2597 /* Send it off. */ 2598 TCP_SKB_CB(buff)->when = tcp_time_stamp; 2599 tp->retrans_stamp = TCP_SKB_CB(buff)->when; 2600 skb_header_release(buff); 2601 __tcp_add_write_queue_tail(sk, buff); 2602 sk->sk_wmem_queued += buff->truesize; 2603 sk_mem_charge(sk, buff->truesize); 2604 tp->packets_out += tcp_skb_pcount(buff); 2605 tcp_transmit_skb(sk, buff, 1, sk->sk_allocation); 2606 2607 /* We change tp->snd_nxt after the tcp_transmit_skb() call 2608 * in order to make this packet get counted in tcpOutSegs. 2609 */ 2610 tp->snd_nxt = tp->write_seq; 2611 tp->pushed_seq = tp->write_seq; 2612 TCP_INC_STATS(sock_net(sk), TCP_MIB_ACTIVEOPENS); 2613 2614 /* Timer for repeating the SYN until an answer. */ 2615 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS, 2616 inet_csk(sk)->icsk_rto, TCP_RTO_MAX); 2617 return 0; 2618 } 2619 2620 /* Send out a delayed ack, the caller does the policy checking 2621 * to see if we should even be here. See tcp_input.c:tcp_ack_snd_check() 2622 * for details. 2623 */ 2624 void tcp_send_delayed_ack(struct sock *sk) 2625 { 2626 struct inet_connection_sock *icsk = inet_csk(sk); 2627 int ato = icsk->icsk_ack.ato; 2628 unsigned long timeout; 2629 2630 if (ato > TCP_DELACK_MIN) { 2631 const struct tcp_sock *tp = tcp_sk(sk); 2632 int max_ato = HZ / 2; 2633 2634 if (icsk->icsk_ack.pingpong || 2635 (icsk->icsk_ack.pending & ICSK_ACK_PUSHED)) 2636 max_ato = TCP_DELACK_MAX; 2637 2638 /* Slow path, intersegment interval is "high". */ 2639 2640 /* If some rtt estimate is known, use it to bound delayed ack. 2641 * Do not use inet_csk(sk)->icsk_rto here, use results of rtt measurements 2642 * directly. 2643 */ 2644 if (tp->srtt) { 2645 int rtt = max(tp->srtt >> 3, TCP_DELACK_MIN); 2646 2647 if (rtt < max_ato) 2648 max_ato = rtt; 2649 } 2650 2651 ato = min(ato, max_ato); 2652 } 2653 2654 /* Stay within the limit we were given */ 2655 timeout = jiffies + ato; 2656 2657 /* Use new timeout only if there wasn't a older one earlier. */ 2658 if (icsk->icsk_ack.pending & ICSK_ACK_TIMER) { 2659 /* If delack timer was blocked or is about to expire, 2660 * send ACK now. 2661 */ 2662 if (icsk->icsk_ack.blocked || 2663 time_before_eq(icsk->icsk_ack.timeout, jiffies + (ato >> 2))) { 2664 tcp_send_ack(sk); 2665 return; 2666 } 2667 2668 if (!time_before(timeout, icsk->icsk_ack.timeout)) 2669 timeout = icsk->icsk_ack.timeout; 2670 } 2671 icsk->icsk_ack.pending |= ICSK_ACK_SCHED | ICSK_ACK_TIMER; 2672 icsk->icsk_ack.timeout = timeout; 2673 sk_reset_timer(sk, &icsk->icsk_delack_timer, timeout); 2674 } 2675 2676 /* This routine sends an ack and also updates the window. */ 2677 void tcp_send_ack(struct sock *sk) 2678 { 2679 struct sk_buff *buff; 2680 2681 /* If we have been reset, we may not send again. */ 2682 if (sk->sk_state == TCP_CLOSE) 2683 return; 2684 2685 /* We are not putting this on the write queue, so 2686 * tcp_transmit_skb() will set the ownership to this 2687 * sock. 2688 */ 2689 buff = alloc_skb(MAX_TCP_HEADER, GFP_ATOMIC); 2690 if (buff == NULL) { 2691 inet_csk_schedule_ack(sk); 2692 inet_csk(sk)->icsk_ack.ato = TCP_ATO_MIN; 2693 inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK, 2694 TCP_DELACK_MAX, TCP_RTO_MAX); 2695 return; 2696 } 2697 2698 /* Reserve space for headers and prepare control bits. */ 2699 skb_reserve(buff, MAX_TCP_HEADER); 2700 tcp_init_nondata_skb(buff, tcp_acceptable_seq(sk), TCPCB_FLAG_ACK); 2701 2702 /* Send it off, this clears delayed acks for us. */ 2703 TCP_SKB_CB(buff)->when = tcp_time_stamp; 2704 tcp_transmit_skb(sk, buff, 0, GFP_ATOMIC); 2705 } 2706 2707 /* This routine sends a packet with an out of date sequence 2708 * number. It assumes the other end will try to ack it. 2709 * 2710 * Question: what should we make while urgent mode? 2711 * 4.4BSD forces sending single byte of data. We cannot send 2712 * out of window data, because we have SND.NXT==SND.MAX... 2713 * 2714 * Current solution: to send TWO zero-length segments in urgent mode: 2715 * one is with SEG.SEQ=SND.UNA to deliver urgent pointer, another is 2716 * out-of-date with SND.UNA-1 to probe window. 2717 */ 2718 static int tcp_xmit_probe_skb(struct sock *sk, int urgent) 2719 { 2720 struct tcp_sock *tp = tcp_sk(sk); 2721 struct sk_buff *skb; 2722 2723 /* We don't queue it, tcp_transmit_skb() sets ownership. */ 2724 skb = alloc_skb(MAX_TCP_HEADER, GFP_ATOMIC); 2725 if (skb == NULL) 2726 return -1; 2727 2728 /* Reserve space for headers and set control bits. */ 2729 skb_reserve(skb, MAX_TCP_HEADER); 2730 /* Use a previous sequence. This should cause the other 2731 * end to send an ack. Don't queue or clone SKB, just 2732 * send it. 2733 */ 2734 tcp_init_nondata_skb(skb, tp->snd_una - !urgent, TCPCB_FLAG_ACK); 2735 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2736 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC); 2737 } 2738 2739 /* Initiate keepalive or window probe from timer. */ 2740 int tcp_write_wakeup(struct sock *sk) 2741 { 2742 struct tcp_sock *tp = tcp_sk(sk); 2743 struct sk_buff *skb; 2744 2745 if (sk->sk_state == TCP_CLOSE) 2746 return -1; 2747 2748 if ((skb = tcp_send_head(sk)) != NULL && 2749 before(TCP_SKB_CB(skb)->seq, tcp_wnd_end(tp))) { 2750 int err; 2751 unsigned int mss = tcp_current_mss(sk); 2752 unsigned int seg_size = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq; 2753 2754 if (before(tp->pushed_seq, TCP_SKB_CB(skb)->end_seq)) 2755 tp->pushed_seq = TCP_SKB_CB(skb)->end_seq; 2756 2757 /* We are probing the opening of a window 2758 * but the window size is != 0 2759 * must have been a result SWS avoidance ( sender ) 2760 */ 2761 if (seg_size < TCP_SKB_CB(skb)->end_seq - TCP_SKB_CB(skb)->seq || 2762 skb->len > mss) { 2763 seg_size = min(seg_size, mss); 2764 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_PSH; 2765 if (tcp_fragment(sk, skb, seg_size, mss)) 2766 return -1; 2767 } else if (!tcp_skb_pcount(skb)) 2768 tcp_set_skb_tso_segs(sk, skb, mss); 2769 2770 TCP_SKB_CB(skb)->flags |= TCPCB_FLAG_PSH; 2771 TCP_SKB_CB(skb)->when = tcp_time_stamp; 2772 err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC); 2773 if (!err) 2774 tcp_event_new_data_sent(sk, skb); 2775 return err; 2776 } else { 2777 if (between(tp->snd_up, tp->snd_una + 1, tp->snd_una + 0xFFFF)) 2778 tcp_xmit_probe_skb(sk, 1); 2779 return tcp_xmit_probe_skb(sk, 0); 2780 } 2781 } 2782 2783 /* A window probe timeout has occurred. If window is not closed send 2784 * a partial packet else a zero probe. 2785 */ 2786 void tcp_send_probe0(struct sock *sk) 2787 { 2788 struct inet_connection_sock *icsk = inet_csk(sk); 2789 struct tcp_sock *tp = tcp_sk(sk); 2790 int err; 2791 2792 err = tcp_write_wakeup(sk); 2793 2794 if (tp->packets_out || !tcp_send_head(sk)) { 2795 /* Cancel probe timer, if it is not required. */ 2796 icsk->icsk_probes_out = 0; 2797 icsk->icsk_backoff = 0; 2798 return; 2799 } 2800 2801 if (err <= 0) { 2802 if (icsk->icsk_backoff < sysctl_tcp_retries2) 2803 icsk->icsk_backoff++; 2804 icsk->icsk_probes_out++; 2805 inet_csk_reset_xmit_timer(sk, ICSK_TIME_PROBE0, 2806 min(icsk->icsk_rto << icsk->icsk_backoff, TCP_RTO_MAX), 2807 TCP_RTO_MAX); 2808 } else { 2809 /* If packet was not sent due to local congestion, 2810 * do not backoff and do not remember icsk_probes_out. 2811 * Let local senders to fight for local resources. 2812 * 2813 * Use accumulated backoff yet. 2814 */ 2815 if (!icsk->icsk_probes_out) 2816 icsk->icsk_probes_out = 1; 2817 inet_csk_reset_xmit_timer(sk, ICSK_TIME_PROBE0, 2818 min(icsk->icsk_rto << icsk->icsk_backoff, 2819 TCP_RESOURCE_PROBE_INTERVAL), 2820 TCP_RTO_MAX); 2821 } 2822 } 2823 2824 EXPORT_SYMBOL(tcp_select_initial_window); 2825 EXPORT_SYMBOL(tcp_connect); 2826 EXPORT_SYMBOL(tcp_make_synack); 2827 EXPORT_SYMBOL(tcp_simple_retransmit); 2828 EXPORT_SYMBOL(tcp_sync_mss); 2829 EXPORT_SYMBOL(tcp_mtup_init); 2830