18c2ecf20Sopenharmony_ci// SPDX-License-Identifier: GPL-2.0 28c2ecf20Sopenharmony_ci/* Multipath TCP 38c2ecf20Sopenharmony_ci * 48c2ecf20Sopenharmony_ci * Copyright (c) 2017 - 2019, Intel Corporation. 58c2ecf20Sopenharmony_ci */ 68c2ecf20Sopenharmony_ci 78c2ecf20Sopenharmony_ci#define pr_fmt(fmt) "MPTCP: " fmt 88c2ecf20Sopenharmony_ci 98c2ecf20Sopenharmony_ci#include <linux/kernel.h> 108c2ecf20Sopenharmony_ci#include <linux/module.h> 118c2ecf20Sopenharmony_ci#include <linux/netdevice.h> 128c2ecf20Sopenharmony_ci#include <crypto/algapi.h> 138c2ecf20Sopenharmony_ci#include <crypto/sha.h> 148c2ecf20Sopenharmony_ci#include <net/sock.h> 158c2ecf20Sopenharmony_ci#include <net/inet_common.h> 168c2ecf20Sopenharmony_ci#include <net/inet_hashtables.h> 178c2ecf20Sopenharmony_ci#include <net/protocol.h> 188c2ecf20Sopenharmony_ci#include <net/tcp.h> 198c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 208c2ecf20Sopenharmony_ci#include <net/ip6_route.h> 218c2ecf20Sopenharmony_ci#endif 228c2ecf20Sopenharmony_ci#include <net/mptcp.h> 238c2ecf20Sopenharmony_ci#include <uapi/linux/mptcp.h> 248c2ecf20Sopenharmony_ci#include "protocol.h" 258c2ecf20Sopenharmony_ci#include "mib.h" 268c2ecf20Sopenharmony_ci 278c2ecf20Sopenharmony_cistatic void SUBFLOW_REQ_INC_STATS(struct request_sock *req, 288c2ecf20Sopenharmony_ci enum linux_mptcp_mib_field field) 298c2ecf20Sopenharmony_ci{ 308c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(req_to_sk(req)), field); 318c2ecf20Sopenharmony_ci} 328c2ecf20Sopenharmony_ci 338c2ecf20Sopenharmony_cistatic void subflow_req_destructor(struct request_sock *req) 348c2ecf20Sopenharmony_ci{ 358c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 368c2ecf20Sopenharmony_ci 378c2ecf20Sopenharmony_ci pr_debug("subflow_req=%p", subflow_req); 388c2ecf20Sopenharmony_ci 398c2ecf20Sopenharmony_ci if (subflow_req->msk) 408c2ecf20Sopenharmony_ci sock_put((struct sock *)subflow_req->msk); 418c2ecf20Sopenharmony_ci 428c2ecf20Sopenharmony_ci mptcp_token_destroy_request(req); 438c2ecf20Sopenharmony_ci} 448c2ecf20Sopenharmony_ci 458c2ecf20Sopenharmony_cistatic void subflow_generate_hmac(u64 key1, u64 key2, u32 nonce1, u32 nonce2, 468c2ecf20Sopenharmony_ci void *hmac) 478c2ecf20Sopenharmony_ci{ 488c2ecf20Sopenharmony_ci u8 msg[8]; 498c2ecf20Sopenharmony_ci 508c2ecf20Sopenharmony_ci put_unaligned_be32(nonce1, &msg[0]); 518c2ecf20Sopenharmony_ci put_unaligned_be32(nonce2, &msg[4]); 528c2ecf20Sopenharmony_ci 538c2ecf20Sopenharmony_ci mptcp_crypto_hmac_sha(key1, key2, msg, 8, hmac); 548c2ecf20Sopenharmony_ci} 558c2ecf20Sopenharmony_ci 568c2ecf20Sopenharmony_cistatic bool mptcp_can_accept_new_subflow(const struct mptcp_sock *msk) 578c2ecf20Sopenharmony_ci{ 588c2ecf20Sopenharmony_ci return mptcp_is_fully_established((void *)msk) && 598c2ecf20Sopenharmony_ci READ_ONCE(msk->pm.accept_subflow); 608c2ecf20Sopenharmony_ci} 618c2ecf20Sopenharmony_ci 628c2ecf20Sopenharmony_ci/* validate received token and create truncated hmac and nonce for SYN-ACK */ 638c2ecf20Sopenharmony_cistatic struct mptcp_sock *subflow_token_join_request(struct request_sock *req, 648c2ecf20Sopenharmony_ci const struct sk_buff *skb) 658c2ecf20Sopenharmony_ci{ 668c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 678c2ecf20Sopenharmony_ci u8 hmac[SHA256_DIGEST_SIZE]; 688c2ecf20Sopenharmony_ci struct mptcp_sock *msk; 698c2ecf20Sopenharmony_ci int local_id; 708c2ecf20Sopenharmony_ci 718c2ecf20Sopenharmony_ci msk = mptcp_token_get_sock(sock_net(req_to_sk(req)), subflow_req->token); 728c2ecf20Sopenharmony_ci if (!msk) { 738c2ecf20Sopenharmony_ci SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINNOTOKEN); 748c2ecf20Sopenharmony_ci return NULL; 758c2ecf20Sopenharmony_ci } 768c2ecf20Sopenharmony_ci 778c2ecf20Sopenharmony_ci local_id = mptcp_pm_get_local_id(msk, (struct sock_common *)req); 788c2ecf20Sopenharmony_ci if (local_id < 0) { 798c2ecf20Sopenharmony_ci sock_put((struct sock *)msk); 808c2ecf20Sopenharmony_ci return NULL; 818c2ecf20Sopenharmony_ci } 828c2ecf20Sopenharmony_ci subflow_req->local_id = local_id; 838c2ecf20Sopenharmony_ci 848c2ecf20Sopenharmony_ci get_random_bytes(&subflow_req->local_nonce, sizeof(u32)); 858c2ecf20Sopenharmony_ci 868c2ecf20Sopenharmony_ci subflow_generate_hmac(msk->local_key, msk->remote_key, 878c2ecf20Sopenharmony_ci subflow_req->local_nonce, 888c2ecf20Sopenharmony_ci subflow_req->remote_nonce, hmac); 898c2ecf20Sopenharmony_ci 908c2ecf20Sopenharmony_ci subflow_req->thmac = get_unaligned_be64(hmac); 918c2ecf20Sopenharmony_ci return msk; 928c2ecf20Sopenharmony_ci} 938c2ecf20Sopenharmony_ci 948c2ecf20Sopenharmony_cistatic int __subflow_init_req(struct request_sock *req, const struct sock *sk_listener) 958c2ecf20Sopenharmony_ci{ 968c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 978c2ecf20Sopenharmony_ci 988c2ecf20Sopenharmony_ci subflow_req->mp_capable = 0; 998c2ecf20Sopenharmony_ci subflow_req->mp_join = 0; 1008c2ecf20Sopenharmony_ci subflow_req->msk = NULL; 1018c2ecf20Sopenharmony_ci mptcp_token_init_request(req); 1028c2ecf20Sopenharmony_ci 1038c2ecf20Sopenharmony_ci#ifdef CONFIG_TCP_MD5SIG 1048c2ecf20Sopenharmony_ci /* no MPTCP if MD5SIG is enabled on this socket or we may run out of 1058c2ecf20Sopenharmony_ci * TCP option space. 1068c2ecf20Sopenharmony_ci */ 1078c2ecf20Sopenharmony_ci if (rcu_access_pointer(tcp_sk(sk_listener)->md5sig_info)) 1088c2ecf20Sopenharmony_ci return -EINVAL; 1098c2ecf20Sopenharmony_ci#endif 1108c2ecf20Sopenharmony_ci 1118c2ecf20Sopenharmony_ci return 0; 1128c2ecf20Sopenharmony_ci} 1138c2ecf20Sopenharmony_ci 1148c2ecf20Sopenharmony_cistatic void subflow_init_req(struct request_sock *req, 1158c2ecf20Sopenharmony_ci const struct sock *sk_listener, 1168c2ecf20Sopenharmony_ci struct sk_buff *skb) 1178c2ecf20Sopenharmony_ci{ 1188c2ecf20Sopenharmony_ci struct mptcp_subflow_context *listener = mptcp_subflow_ctx(sk_listener); 1198c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 1208c2ecf20Sopenharmony_ci struct mptcp_options_received mp_opt; 1218c2ecf20Sopenharmony_ci int ret; 1228c2ecf20Sopenharmony_ci 1238c2ecf20Sopenharmony_ci pr_debug("subflow_req=%p, listener=%p", subflow_req, listener); 1248c2ecf20Sopenharmony_ci 1258c2ecf20Sopenharmony_ci ret = __subflow_init_req(req, sk_listener); 1268c2ecf20Sopenharmony_ci if (ret) 1278c2ecf20Sopenharmony_ci return; 1288c2ecf20Sopenharmony_ci 1298c2ecf20Sopenharmony_ci mptcp_get_options(skb, &mp_opt); 1308c2ecf20Sopenharmony_ci 1318c2ecf20Sopenharmony_ci if (mp_opt.mp_capable) { 1328c2ecf20Sopenharmony_ci SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_MPCAPABLEPASSIVE); 1338c2ecf20Sopenharmony_ci 1348c2ecf20Sopenharmony_ci if (mp_opt.mp_join) 1358c2ecf20Sopenharmony_ci return; 1368c2ecf20Sopenharmony_ci } else if (mp_opt.mp_join) { 1378c2ecf20Sopenharmony_ci SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINSYNRX); 1388c2ecf20Sopenharmony_ci } 1398c2ecf20Sopenharmony_ci 1408c2ecf20Sopenharmony_ci if (mp_opt.mp_capable && listener->request_mptcp) { 1418c2ecf20Sopenharmony_ci int err, retries = 4; 1428c2ecf20Sopenharmony_ci 1438c2ecf20Sopenharmony_ci subflow_req->ssn_offset = TCP_SKB_CB(skb)->seq; 1448c2ecf20Sopenharmony_ciagain: 1458c2ecf20Sopenharmony_ci do { 1468c2ecf20Sopenharmony_ci get_random_bytes(&subflow_req->local_key, sizeof(subflow_req->local_key)); 1478c2ecf20Sopenharmony_ci } while (subflow_req->local_key == 0); 1488c2ecf20Sopenharmony_ci 1498c2ecf20Sopenharmony_ci if (unlikely(req->syncookie)) { 1508c2ecf20Sopenharmony_ci mptcp_crypto_key_sha(subflow_req->local_key, 1518c2ecf20Sopenharmony_ci &subflow_req->token, 1528c2ecf20Sopenharmony_ci &subflow_req->idsn); 1538c2ecf20Sopenharmony_ci if (mptcp_token_exists(subflow_req->token)) { 1548c2ecf20Sopenharmony_ci if (retries-- > 0) 1558c2ecf20Sopenharmony_ci goto again; 1568c2ecf20Sopenharmony_ci } else { 1578c2ecf20Sopenharmony_ci subflow_req->mp_capable = 1; 1588c2ecf20Sopenharmony_ci } 1598c2ecf20Sopenharmony_ci return; 1608c2ecf20Sopenharmony_ci } 1618c2ecf20Sopenharmony_ci 1628c2ecf20Sopenharmony_ci err = mptcp_token_new_request(req); 1638c2ecf20Sopenharmony_ci if (err == 0) 1648c2ecf20Sopenharmony_ci subflow_req->mp_capable = 1; 1658c2ecf20Sopenharmony_ci else if (retries-- > 0) 1668c2ecf20Sopenharmony_ci goto again; 1678c2ecf20Sopenharmony_ci 1688c2ecf20Sopenharmony_ci } else if (mp_opt.mp_join && listener->request_mptcp) { 1698c2ecf20Sopenharmony_ci subflow_req->ssn_offset = TCP_SKB_CB(skb)->seq; 1708c2ecf20Sopenharmony_ci subflow_req->mp_join = 1; 1718c2ecf20Sopenharmony_ci subflow_req->backup = mp_opt.backup; 1728c2ecf20Sopenharmony_ci subflow_req->remote_id = mp_opt.join_id; 1738c2ecf20Sopenharmony_ci subflow_req->token = mp_opt.token; 1748c2ecf20Sopenharmony_ci subflow_req->remote_nonce = mp_opt.nonce; 1758c2ecf20Sopenharmony_ci subflow_req->msk = subflow_token_join_request(req, skb); 1768c2ecf20Sopenharmony_ci 1778c2ecf20Sopenharmony_ci if (unlikely(req->syncookie) && subflow_req->msk) { 1788c2ecf20Sopenharmony_ci if (mptcp_can_accept_new_subflow(subflow_req->msk)) 1798c2ecf20Sopenharmony_ci subflow_init_req_cookie_join_save(subflow_req, skb); 1808c2ecf20Sopenharmony_ci } 1818c2ecf20Sopenharmony_ci 1828c2ecf20Sopenharmony_ci pr_debug("token=%u, remote_nonce=%u msk=%p", subflow_req->token, 1838c2ecf20Sopenharmony_ci subflow_req->remote_nonce, subflow_req->msk); 1848c2ecf20Sopenharmony_ci } 1858c2ecf20Sopenharmony_ci} 1868c2ecf20Sopenharmony_ci 1878c2ecf20Sopenharmony_ciint mptcp_subflow_init_cookie_req(struct request_sock *req, 1888c2ecf20Sopenharmony_ci const struct sock *sk_listener, 1898c2ecf20Sopenharmony_ci struct sk_buff *skb) 1908c2ecf20Sopenharmony_ci{ 1918c2ecf20Sopenharmony_ci struct mptcp_subflow_context *listener = mptcp_subflow_ctx(sk_listener); 1928c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 1938c2ecf20Sopenharmony_ci struct mptcp_options_received mp_opt; 1948c2ecf20Sopenharmony_ci int err; 1958c2ecf20Sopenharmony_ci 1968c2ecf20Sopenharmony_ci err = __subflow_init_req(req, sk_listener); 1978c2ecf20Sopenharmony_ci if (err) 1988c2ecf20Sopenharmony_ci return err; 1998c2ecf20Sopenharmony_ci 2008c2ecf20Sopenharmony_ci mptcp_get_options(skb, &mp_opt); 2018c2ecf20Sopenharmony_ci 2028c2ecf20Sopenharmony_ci if (mp_opt.mp_capable && mp_opt.mp_join) 2038c2ecf20Sopenharmony_ci return -EINVAL; 2048c2ecf20Sopenharmony_ci 2058c2ecf20Sopenharmony_ci if (mp_opt.mp_capable && listener->request_mptcp) { 2068c2ecf20Sopenharmony_ci if (mp_opt.sndr_key == 0) 2078c2ecf20Sopenharmony_ci return -EINVAL; 2088c2ecf20Sopenharmony_ci 2098c2ecf20Sopenharmony_ci subflow_req->local_key = mp_opt.rcvr_key; 2108c2ecf20Sopenharmony_ci err = mptcp_token_new_request(req); 2118c2ecf20Sopenharmony_ci if (err) 2128c2ecf20Sopenharmony_ci return err; 2138c2ecf20Sopenharmony_ci 2148c2ecf20Sopenharmony_ci subflow_req->mp_capable = 1; 2158c2ecf20Sopenharmony_ci subflow_req->ssn_offset = TCP_SKB_CB(skb)->seq - 1; 2168c2ecf20Sopenharmony_ci } else if (mp_opt.mp_join && listener->request_mptcp) { 2178c2ecf20Sopenharmony_ci if (!mptcp_token_join_cookie_init_state(subflow_req, skb)) 2188c2ecf20Sopenharmony_ci return -EINVAL; 2198c2ecf20Sopenharmony_ci 2208c2ecf20Sopenharmony_ci if (mptcp_can_accept_new_subflow(subflow_req->msk)) 2218c2ecf20Sopenharmony_ci subflow_req->mp_join = 1; 2228c2ecf20Sopenharmony_ci 2238c2ecf20Sopenharmony_ci subflow_req->ssn_offset = TCP_SKB_CB(skb)->seq - 1; 2248c2ecf20Sopenharmony_ci } 2258c2ecf20Sopenharmony_ci 2268c2ecf20Sopenharmony_ci return 0; 2278c2ecf20Sopenharmony_ci} 2288c2ecf20Sopenharmony_ciEXPORT_SYMBOL_GPL(mptcp_subflow_init_cookie_req); 2298c2ecf20Sopenharmony_ci 2308c2ecf20Sopenharmony_cistatic void subflow_v4_init_req(struct request_sock *req, 2318c2ecf20Sopenharmony_ci const struct sock *sk_listener, 2328c2ecf20Sopenharmony_ci struct sk_buff *skb) 2338c2ecf20Sopenharmony_ci{ 2348c2ecf20Sopenharmony_ci tcp_rsk(req)->is_mptcp = 1; 2358c2ecf20Sopenharmony_ci 2368c2ecf20Sopenharmony_ci tcp_request_sock_ipv4_ops.init_req(req, sk_listener, skb); 2378c2ecf20Sopenharmony_ci 2388c2ecf20Sopenharmony_ci subflow_init_req(req, sk_listener, skb); 2398c2ecf20Sopenharmony_ci} 2408c2ecf20Sopenharmony_ci 2418c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 2428c2ecf20Sopenharmony_cistatic void subflow_v6_init_req(struct request_sock *req, 2438c2ecf20Sopenharmony_ci const struct sock *sk_listener, 2448c2ecf20Sopenharmony_ci struct sk_buff *skb) 2458c2ecf20Sopenharmony_ci{ 2468c2ecf20Sopenharmony_ci tcp_rsk(req)->is_mptcp = 1; 2478c2ecf20Sopenharmony_ci 2488c2ecf20Sopenharmony_ci tcp_request_sock_ipv6_ops.init_req(req, sk_listener, skb); 2498c2ecf20Sopenharmony_ci 2508c2ecf20Sopenharmony_ci subflow_init_req(req, sk_listener, skb); 2518c2ecf20Sopenharmony_ci} 2528c2ecf20Sopenharmony_ci#endif 2538c2ecf20Sopenharmony_ci 2548c2ecf20Sopenharmony_ci/* validate received truncated hmac and create hmac for third ACK */ 2558c2ecf20Sopenharmony_cistatic bool subflow_thmac_valid(struct mptcp_subflow_context *subflow) 2568c2ecf20Sopenharmony_ci{ 2578c2ecf20Sopenharmony_ci u8 hmac[SHA256_DIGEST_SIZE]; 2588c2ecf20Sopenharmony_ci u64 thmac; 2598c2ecf20Sopenharmony_ci 2608c2ecf20Sopenharmony_ci subflow_generate_hmac(subflow->remote_key, subflow->local_key, 2618c2ecf20Sopenharmony_ci subflow->remote_nonce, subflow->local_nonce, 2628c2ecf20Sopenharmony_ci hmac); 2638c2ecf20Sopenharmony_ci 2648c2ecf20Sopenharmony_ci thmac = get_unaligned_be64(hmac); 2658c2ecf20Sopenharmony_ci pr_debug("subflow=%p, token=%u, thmac=%llu, subflow->thmac=%llu\n", 2668c2ecf20Sopenharmony_ci subflow, subflow->token, 2678c2ecf20Sopenharmony_ci (unsigned long long)thmac, 2688c2ecf20Sopenharmony_ci (unsigned long long)subflow->thmac); 2698c2ecf20Sopenharmony_ci 2708c2ecf20Sopenharmony_ci return thmac == subflow->thmac; 2718c2ecf20Sopenharmony_ci} 2728c2ecf20Sopenharmony_ci 2738c2ecf20Sopenharmony_civoid mptcp_subflow_reset(struct sock *ssk) 2748c2ecf20Sopenharmony_ci{ 2758c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 2768c2ecf20Sopenharmony_ci struct sock *sk = subflow->conn; 2778c2ecf20Sopenharmony_ci 2788c2ecf20Sopenharmony_ci tcp_send_active_reset(ssk, GFP_ATOMIC); 2798c2ecf20Sopenharmony_ci tcp_done(ssk); 2808c2ecf20Sopenharmony_ci if (!test_and_set_bit(MPTCP_WORK_CLOSE_SUBFLOW, &mptcp_sk(sk)->flags) && 2818c2ecf20Sopenharmony_ci schedule_work(&mptcp_sk(sk)->work)) 2828c2ecf20Sopenharmony_ci sock_hold(sk); 2838c2ecf20Sopenharmony_ci} 2848c2ecf20Sopenharmony_ci 2858c2ecf20Sopenharmony_cistatic void subflow_finish_connect(struct sock *sk, const struct sk_buff *skb) 2868c2ecf20Sopenharmony_ci{ 2878c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 2888c2ecf20Sopenharmony_ci struct mptcp_options_received mp_opt; 2898c2ecf20Sopenharmony_ci struct sock *parent = subflow->conn; 2908c2ecf20Sopenharmony_ci 2918c2ecf20Sopenharmony_ci subflow->icsk_af_ops->sk_rx_dst_set(sk, skb); 2928c2ecf20Sopenharmony_ci 2938c2ecf20Sopenharmony_ci if (inet_sk_state_load(parent) == TCP_SYN_SENT) { 2948c2ecf20Sopenharmony_ci inet_sk_state_store(parent, TCP_ESTABLISHED); 2958c2ecf20Sopenharmony_ci parent->sk_state_change(parent); 2968c2ecf20Sopenharmony_ci } 2978c2ecf20Sopenharmony_ci 2988c2ecf20Sopenharmony_ci /* be sure no special action on any packet other than syn-ack */ 2998c2ecf20Sopenharmony_ci if (subflow->conn_finished) 3008c2ecf20Sopenharmony_ci return; 3018c2ecf20Sopenharmony_ci 3028c2ecf20Sopenharmony_ci subflow->rel_write_seq = 1; 3038c2ecf20Sopenharmony_ci subflow->conn_finished = 1; 3048c2ecf20Sopenharmony_ci subflow->ssn_offset = TCP_SKB_CB(skb)->seq; 3058c2ecf20Sopenharmony_ci pr_debug("subflow=%p synack seq=%x", subflow, subflow->ssn_offset); 3068c2ecf20Sopenharmony_ci 3078c2ecf20Sopenharmony_ci mptcp_get_options(skb, &mp_opt); 3088c2ecf20Sopenharmony_ci if (subflow->request_mptcp) { 3098c2ecf20Sopenharmony_ci if (!mp_opt.mp_capable) { 3108c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(sk), 3118c2ecf20Sopenharmony_ci MPTCP_MIB_MPCAPABLEACTIVEFALLBACK); 3128c2ecf20Sopenharmony_ci mptcp_do_fallback(sk); 3138c2ecf20Sopenharmony_ci pr_fallback(mptcp_sk(subflow->conn)); 3148c2ecf20Sopenharmony_ci goto fallback; 3158c2ecf20Sopenharmony_ci } 3168c2ecf20Sopenharmony_ci 3178c2ecf20Sopenharmony_ci subflow->mp_capable = 1; 3188c2ecf20Sopenharmony_ci subflow->can_ack = 1; 3198c2ecf20Sopenharmony_ci subflow->remote_key = mp_opt.sndr_key; 3208c2ecf20Sopenharmony_ci pr_debug("subflow=%p, remote_key=%llu", subflow, 3218c2ecf20Sopenharmony_ci subflow->remote_key); 3228c2ecf20Sopenharmony_ci mptcp_finish_connect(sk); 3238c2ecf20Sopenharmony_ci } else if (subflow->request_join) { 3248c2ecf20Sopenharmony_ci u8 hmac[SHA256_DIGEST_SIZE]; 3258c2ecf20Sopenharmony_ci 3268c2ecf20Sopenharmony_ci if (!mp_opt.mp_join) 3278c2ecf20Sopenharmony_ci goto do_reset; 3288c2ecf20Sopenharmony_ci 3298c2ecf20Sopenharmony_ci subflow->thmac = mp_opt.thmac; 3308c2ecf20Sopenharmony_ci subflow->remote_nonce = mp_opt.nonce; 3318c2ecf20Sopenharmony_ci pr_debug("subflow=%p, thmac=%llu, remote_nonce=%u", subflow, 3328c2ecf20Sopenharmony_ci subflow->thmac, subflow->remote_nonce); 3338c2ecf20Sopenharmony_ci 3348c2ecf20Sopenharmony_ci if (!subflow_thmac_valid(subflow)) { 3358c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_JOINACKMAC); 3368c2ecf20Sopenharmony_ci goto do_reset; 3378c2ecf20Sopenharmony_ci } 3388c2ecf20Sopenharmony_ci 3398c2ecf20Sopenharmony_ci if (!mptcp_finish_join(sk)) 3408c2ecf20Sopenharmony_ci goto do_reset; 3418c2ecf20Sopenharmony_ci 3428c2ecf20Sopenharmony_ci subflow_generate_hmac(subflow->local_key, subflow->remote_key, 3438c2ecf20Sopenharmony_ci subflow->local_nonce, 3448c2ecf20Sopenharmony_ci subflow->remote_nonce, 3458c2ecf20Sopenharmony_ci hmac); 3468c2ecf20Sopenharmony_ci memcpy(subflow->hmac, hmac, MPTCPOPT_HMAC_LEN); 3478c2ecf20Sopenharmony_ci 3488c2ecf20Sopenharmony_ci subflow->mp_join = 1; 3498c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_JOINSYNACKRX); 3508c2ecf20Sopenharmony_ci } else if (mptcp_check_fallback(sk)) { 3518c2ecf20Sopenharmony_cifallback: 3528c2ecf20Sopenharmony_ci mptcp_rcv_space_init(mptcp_sk(parent), sk); 3538c2ecf20Sopenharmony_ci } 3548c2ecf20Sopenharmony_ci return; 3558c2ecf20Sopenharmony_ci 3568c2ecf20Sopenharmony_cido_reset: 3578c2ecf20Sopenharmony_ci mptcp_subflow_reset(sk); 3588c2ecf20Sopenharmony_ci} 3598c2ecf20Sopenharmony_ci 3608c2ecf20Sopenharmony_cistatic struct request_sock_ops mptcp_subflow_v4_request_sock_ops __ro_after_init; 3618c2ecf20Sopenharmony_cistatic struct tcp_request_sock_ops subflow_request_sock_ipv4_ops __ro_after_init; 3628c2ecf20Sopenharmony_ci 3638c2ecf20Sopenharmony_cistatic int subflow_v4_conn_request(struct sock *sk, struct sk_buff *skb) 3648c2ecf20Sopenharmony_ci{ 3658c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 3668c2ecf20Sopenharmony_ci 3678c2ecf20Sopenharmony_ci pr_debug("subflow=%p", subflow); 3688c2ecf20Sopenharmony_ci 3698c2ecf20Sopenharmony_ci /* Never answer to SYNs sent to broadcast or multicast */ 3708c2ecf20Sopenharmony_ci if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) 3718c2ecf20Sopenharmony_ci goto drop; 3728c2ecf20Sopenharmony_ci 3738c2ecf20Sopenharmony_ci return tcp_conn_request(&mptcp_subflow_v4_request_sock_ops, 3748c2ecf20Sopenharmony_ci &subflow_request_sock_ipv4_ops, 3758c2ecf20Sopenharmony_ci sk, skb); 3768c2ecf20Sopenharmony_cidrop: 3778c2ecf20Sopenharmony_ci tcp_listendrop(sk); 3788c2ecf20Sopenharmony_ci return 0; 3798c2ecf20Sopenharmony_ci} 3808c2ecf20Sopenharmony_ci 3818c2ecf20Sopenharmony_cistatic void subflow_v4_req_destructor(struct request_sock *req) 3828c2ecf20Sopenharmony_ci{ 3838c2ecf20Sopenharmony_ci subflow_req_destructor(req); 3848c2ecf20Sopenharmony_ci tcp_request_sock_ops.destructor(req); 3858c2ecf20Sopenharmony_ci} 3868c2ecf20Sopenharmony_ci 3878c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 3888c2ecf20Sopenharmony_cistatic struct request_sock_ops mptcp_subflow_v6_request_sock_ops __ro_after_init; 3898c2ecf20Sopenharmony_cistatic struct tcp_request_sock_ops subflow_request_sock_ipv6_ops __ro_after_init; 3908c2ecf20Sopenharmony_cistatic struct inet_connection_sock_af_ops subflow_v6_specific __ro_after_init; 3918c2ecf20Sopenharmony_cistatic struct inet_connection_sock_af_ops subflow_v6m_specific __ro_after_init; 3928c2ecf20Sopenharmony_ci 3938c2ecf20Sopenharmony_cistatic int subflow_v6_conn_request(struct sock *sk, struct sk_buff *skb) 3948c2ecf20Sopenharmony_ci{ 3958c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 3968c2ecf20Sopenharmony_ci 3978c2ecf20Sopenharmony_ci pr_debug("subflow=%p", subflow); 3988c2ecf20Sopenharmony_ci 3998c2ecf20Sopenharmony_ci if (skb->protocol == htons(ETH_P_IP)) 4008c2ecf20Sopenharmony_ci return subflow_v4_conn_request(sk, skb); 4018c2ecf20Sopenharmony_ci 4028c2ecf20Sopenharmony_ci if (!ipv6_unicast_destination(skb)) 4038c2ecf20Sopenharmony_ci goto drop; 4048c2ecf20Sopenharmony_ci 4058c2ecf20Sopenharmony_ci if (ipv6_addr_v4mapped(&ipv6_hdr(skb)->saddr)) { 4068c2ecf20Sopenharmony_ci __IP6_INC_STATS(sock_net(sk), NULL, IPSTATS_MIB_INHDRERRORS); 4078c2ecf20Sopenharmony_ci return 0; 4088c2ecf20Sopenharmony_ci } 4098c2ecf20Sopenharmony_ci 4108c2ecf20Sopenharmony_ci return tcp_conn_request(&mptcp_subflow_v6_request_sock_ops, 4118c2ecf20Sopenharmony_ci &subflow_request_sock_ipv6_ops, sk, skb); 4128c2ecf20Sopenharmony_ci 4138c2ecf20Sopenharmony_cidrop: 4148c2ecf20Sopenharmony_ci tcp_listendrop(sk); 4158c2ecf20Sopenharmony_ci return 0; /* don't send reset */ 4168c2ecf20Sopenharmony_ci} 4178c2ecf20Sopenharmony_ci 4188c2ecf20Sopenharmony_cistatic void subflow_v6_req_destructor(struct request_sock *req) 4198c2ecf20Sopenharmony_ci{ 4208c2ecf20Sopenharmony_ci subflow_req_destructor(req); 4218c2ecf20Sopenharmony_ci tcp6_request_sock_ops.destructor(req); 4228c2ecf20Sopenharmony_ci} 4238c2ecf20Sopenharmony_ci#endif 4248c2ecf20Sopenharmony_ci 4258c2ecf20Sopenharmony_cistruct request_sock *mptcp_subflow_reqsk_alloc(const struct request_sock_ops *ops, 4268c2ecf20Sopenharmony_ci struct sock *sk_listener, 4278c2ecf20Sopenharmony_ci bool attach_listener) 4288c2ecf20Sopenharmony_ci{ 4298c2ecf20Sopenharmony_ci if (ops->family == AF_INET) 4308c2ecf20Sopenharmony_ci ops = &mptcp_subflow_v4_request_sock_ops; 4318c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 4328c2ecf20Sopenharmony_ci else if (ops->family == AF_INET6) 4338c2ecf20Sopenharmony_ci ops = &mptcp_subflow_v6_request_sock_ops; 4348c2ecf20Sopenharmony_ci#endif 4358c2ecf20Sopenharmony_ci 4368c2ecf20Sopenharmony_ci return inet_reqsk_alloc(ops, sk_listener, attach_listener); 4378c2ecf20Sopenharmony_ci} 4388c2ecf20Sopenharmony_ciEXPORT_SYMBOL(mptcp_subflow_reqsk_alloc); 4398c2ecf20Sopenharmony_ci 4408c2ecf20Sopenharmony_ci/* validate hmac received in third ACK */ 4418c2ecf20Sopenharmony_cistatic bool subflow_hmac_valid(const struct request_sock *req, 4428c2ecf20Sopenharmony_ci const struct mptcp_options_received *mp_opt) 4438c2ecf20Sopenharmony_ci{ 4448c2ecf20Sopenharmony_ci const struct mptcp_subflow_request_sock *subflow_req; 4458c2ecf20Sopenharmony_ci u8 hmac[SHA256_DIGEST_SIZE]; 4468c2ecf20Sopenharmony_ci struct mptcp_sock *msk; 4478c2ecf20Sopenharmony_ci 4488c2ecf20Sopenharmony_ci subflow_req = mptcp_subflow_rsk(req); 4498c2ecf20Sopenharmony_ci msk = subflow_req->msk; 4508c2ecf20Sopenharmony_ci if (!msk) 4518c2ecf20Sopenharmony_ci return false; 4528c2ecf20Sopenharmony_ci 4538c2ecf20Sopenharmony_ci subflow_generate_hmac(msk->remote_key, msk->local_key, 4548c2ecf20Sopenharmony_ci subflow_req->remote_nonce, 4558c2ecf20Sopenharmony_ci subflow_req->local_nonce, hmac); 4568c2ecf20Sopenharmony_ci 4578c2ecf20Sopenharmony_ci return !crypto_memneq(hmac, mp_opt->hmac, MPTCPOPT_HMAC_LEN); 4588c2ecf20Sopenharmony_ci} 4598c2ecf20Sopenharmony_ci 4608c2ecf20Sopenharmony_cistatic void mptcp_sock_destruct(struct sock *sk) 4618c2ecf20Sopenharmony_ci{ 4628c2ecf20Sopenharmony_ci /* if new mptcp socket isn't accepted, it is free'd 4638c2ecf20Sopenharmony_ci * from the tcp listener sockets request queue, linked 4648c2ecf20Sopenharmony_ci * from req->sk. The tcp socket is released. 4658c2ecf20Sopenharmony_ci * This calls the ULP release function which will 4668c2ecf20Sopenharmony_ci * also remove the mptcp socket, via 4678c2ecf20Sopenharmony_ci * sock_put(ctx->conn). 4688c2ecf20Sopenharmony_ci * 4698c2ecf20Sopenharmony_ci * Problem is that the mptcp socket will be in 4708c2ecf20Sopenharmony_ci * ESTABLISHED state and will not have the SOCK_DEAD flag. 4718c2ecf20Sopenharmony_ci * Both result in warnings from inet_sock_destruct. 4728c2ecf20Sopenharmony_ci */ 4738c2ecf20Sopenharmony_ci if ((1 << sk->sk_state) & (TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) { 4748c2ecf20Sopenharmony_ci sk->sk_state = TCP_CLOSE; 4758c2ecf20Sopenharmony_ci WARN_ON_ONCE(sk->sk_socket); 4768c2ecf20Sopenharmony_ci sock_orphan(sk); 4778c2ecf20Sopenharmony_ci } 4788c2ecf20Sopenharmony_ci 4798c2ecf20Sopenharmony_ci mptcp_destroy_common(mptcp_sk(sk)); 4808c2ecf20Sopenharmony_ci inet_sock_destruct(sk); 4818c2ecf20Sopenharmony_ci} 4828c2ecf20Sopenharmony_ci 4838c2ecf20Sopenharmony_cistatic void mptcp_force_close(struct sock *sk) 4848c2ecf20Sopenharmony_ci{ 4858c2ecf20Sopenharmony_ci inet_sk_state_store(sk, TCP_CLOSE); 4868c2ecf20Sopenharmony_ci sk_common_release(sk); 4878c2ecf20Sopenharmony_ci} 4888c2ecf20Sopenharmony_ci 4898c2ecf20Sopenharmony_cistatic void subflow_ulp_fallback(struct sock *sk, 4908c2ecf20Sopenharmony_ci struct mptcp_subflow_context *old_ctx) 4918c2ecf20Sopenharmony_ci{ 4928c2ecf20Sopenharmony_ci struct inet_connection_sock *icsk = inet_csk(sk); 4938c2ecf20Sopenharmony_ci 4948c2ecf20Sopenharmony_ci mptcp_subflow_tcp_fallback(sk, old_ctx); 4958c2ecf20Sopenharmony_ci icsk->icsk_ulp_ops = NULL; 4968c2ecf20Sopenharmony_ci rcu_assign_pointer(icsk->icsk_ulp_data, NULL); 4978c2ecf20Sopenharmony_ci tcp_sk(sk)->is_mptcp = 0; 4988c2ecf20Sopenharmony_ci} 4998c2ecf20Sopenharmony_ci 5008c2ecf20Sopenharmony_cistatic void subflow_drop_ctx(struct sock *ssk) 5018c2ecf20Sopenharmony_ci{ 5028c2ecf20Sopenharmony_ci struct mptcp_subflow_context *ctx = mptcp_subflow_ctx(ssk); 5038c2ecf20Sopenharmony_ci 5048c2ecf20Sopenharmony_ci if (!ctx) 5058c2ecf20Sopenharmony_ci return; 5068c2ecf20Sopenharmony_ci 5078c2ecf20Sopenharmony_ci subflow_ulp_fallback(ssk, ctx); 5088c2ecf20Sopenharmony_ci if (ctx->conn) 5098c2ecf20Sopenharmony_ci sock_put(ctx->conn); 5108c2ecf20Sopenharmony_ci 5118c2ecf20Sopenharmony_ci kfree_rcu(ctx, rcu); 5128c2ecf20Sopenharmony_ci} 5138c2ecf20Sopenharmony_ci 5148c2ecf20Sopenharmony_civoid mptcp_subflow_fully_established(struct mptcp_subflow_context *subflow, 5158c2ecf20Sopenharmony_ci struct mptcp_options_received *mp_opt) 5168c2ecf20Sopenharmony_ci{ 5178c2ecf20Sopenharmony_ci struct mptcp_sock *msk = mptcp_sk(subflow->conn); 5188c2ecf20Sopenharmony_ci 5198c2ecf20Sopenharmony_ci subflow->remote_key = mp_opt->sndr_key; 5208c2ecf20Sopenharmony_ci subflow->fully_established = 1; 5218c2ecf20Sopenharmony_ci subflow->can_ack = 1; 5228c2ecf20Sopenharmony_ci WRITE_ONCE(msk->fully_established, true); 5238c2ecf20Sopenharmony_ci} 5248c2ecf20Sopenharmony_ci 5258c2ecf20Sopenharmony_cistatic struct sock *subflow_syn_recv_sock(const struct sock *sk, 5268c2ecf20Sopenharmony_ci struct sk_buff *skb, 5278c2ecf20Sopenharmony_ci struct request_sock *req, 5288c2ecf20Sopenharmony_ci struct dst_entry *dst, 5298c2ecf20Sopenharmony_ci struct request_sock *req_unhash, 5308c2ecf20Sopenharmony_ci bool *own_req) 5318c2ecf20Sopenharmony_ci{ 5328c2ecf20Sopenharmony_ci struct mptcp_subflow_context *listener = mptcp_subflow_ctx(sk); 5338c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req; 5348c2ecf20Sopenharmony_ci struct mptcp_options_received mp_opt; 5358c2ecf20Sopenharmony_ci bool fallback, fallback_is_fatal; 5368c2ecf20Sopenharmony_ci struct sock *new_msk = NULL; 5378c2ecf20Sopenharmony_ci struct sock *child; 5388c2ecf20Sopenharmony_ci 5398c2ecf20Sopenharmony_ci pr_debug("listener=%p, req=%p, conn=%p", listener, req, listener->conn); 5408c2ecf20Sopenharmony_ci 5418c2ecf20Sopenharmony_ci /* After child creation we must look for 'mp_capable' even when options 5428c2ecf20Sopenharmony_ci * are not parsed 5438c2ecf20Sopenharmony_ci */ 5448c2ecf20Sopenharmony_ci mp_opt.mp_capable = 0; 5458c2ecf20Sopenharmony_ci 5468c2ecf20Sopenharmony_ci /* hopefully temporary handling for MP_JOIN+syncookie */ 5478c2ecf20Sopenharmony_ci subflow_req = mptcp_subflow_rsk(req); 5488c2ecf20Sopenharmony_ci fallback_is_fatal = tcp_rsk(req)->is_mptcp && subflow_req->mp_join; 5498c2ecf20Sopenharmony_ci fallback = !tcp_rsk(req)->is_mptcp; 5508c2ecf20Sopenharmony_ci if (fallback) 5518c2ecf20Sopenharmony_ci goto create_child; 5528c2ecf20Sopenharmony_ci 5538c2ecf20Sopenharmony_ci /* if the sk is MP_CAPABLE, we try to fetch the client key */ 5548c2ecf20Sopenharmony_ci if (subflow_req->mp_capable) { 5558c2ecf20Sopenharmony_ci /* we can receive and accept an in-window, out-of-order pkt, 5568c2ecf20Sopenharmony_ci * which may not carry the MP_CAPABLE opt even on mptcp enabled 5578c2ecf20Sopenharmony_ci * paths: always try to extract the peer key, and fallback 5588c2ecf20Sopenharmony_ci * for packets missing it. 5598c2ecf20Sopenharmony_ci * Even OoO DSS packets coming legitly after dropped or 5608c2ecf20Sopenharmony_ci * reordered MPC will cause fallback, but we don't have other 5618c2ecf20Sopenharmony_ci * options. 5628c2ecf20Sopenharmony_ci */ 5638c2ecf20Sopenharmony_ci mptcp_get_options(skb, &mp_opt); 5648c2ecf20Sopenharmony_ci if (!mp_opt.mp_capable) { 5658c2ecf20Sopenharmony_ci fallback = true; 5668c2ecf20Sopenharmony_ci goto create_child; 5678c2ecf20Sopenharmony_ci } 5688c2ecf20Sopenharmony_ci 5698c2ecf20Sopenharmony_ci new_msk = mptcp_sk_clone(listener->conn, &mp_opt, req); 5708c2ecf20Sopenharmony_ci if (!new_msk) 5718c2ecf20Sopenharmony_ci fallback = true; 5728c2ecf20Sopenharmony_ci } else if (subflow_req->mp_join) { 5738c2ecf20Sopenharmony_ci mptcp_get_options(skb, &mp_opt); 5748c2ecf20Sopenharmony_ci if (!mp_opt.mp_join || !subflow_hmac_valid(req, &mp_opt) || 5758c2ecf20Sopenharmony_ci !mptcp_can_accept_new_subflow(subflow_req->msk)) { 5768c2ecf20Sopenharmony_ci SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINACKMAC); 5778c2ecf20Sopenharmony_ci fallback = true; 5788c2ecf20Sopenharmony_ci } 5798c2ecf20Sopenharmony_ci } 5808c2ecf20Sopenharmony_ci 5818c2ecf20Sopenharmony_cicreate_child: 5828c2ecf20Sopenharmony_ci child = listener->icsk_af_ops->syn_recv_sock(sk, skb, req, dst, 5838c2ecf20Sopenharmony_ci req_unhash, own_req); 5848c2ecf20Sopenharmony_ci 5858c2ecf20Sopenharmony_ci if (child && *own_req) { 5868c2ecf20Sopenharmony_ci struct mptcp_subflow_context *ctx = mptcp_subflow_ctx(child); 5878c2ecf20Sopenharmony_ci 5888c2ecf20Sopenharmony_ci tcp_rsk(req)->drop_req = false; 5898c2ecf20Sopenharmony_ci 5908c2ecf20Sopenharmony_ci /* we need to fallback on ctx allocation failure and on pre-reqs 5918c2ecf20Sopenharmony_ci * checking above. In the latter scenario we additionally need 5928c2ecf20Sopenharmony_ci * to reset the context to non MPTCP status. 5938c2ecf20Sopenharmony_ci */ 5948c2ecf20Sopenharmony_ci if (!ctx || fallback) { 5958c2ecf20Sopenharmony_ci if (fallback_is_fatal) 5968c2ecf20Sopenharmony_ci goto dispose_child; 5978c2ecf20Sopenharmony_ci 5988c2ecf20Sopenharmony_ci subflow_drop_ctx(child); 5998c2ecf20Sopenharmony_ci goto out; 6008c2ecf20Sopenharmony_ci } 6018c2ecf20Sopenharmony_ci 6028c2ecf20Sopenharmony_ci if (ctx->mp_capable) { 6038c2ecf20Sopenharmony_ci /* this can't race with mptcp_close(), as the msk is 6048c2ecf20Sopenharmony_ci * not yet exposted to user-space 6058c2ecf20Sopenharmony_ci */ 6068c2ecf20Sopenharmony_ci inet_sk_state_store((void *)new_msk, TCP_ESTABLISHED); 6078c2ecf20Sopenharmony_ci 6088c2ecf20Sopenharmony_ci /* new mpc subflow takes ownership of the newly 6098c2ecf20Sopenharmony_ci * created mptcp socket 6108c2ecf20Sopenharmony_ci */ 6118c2ecf20Sopenharmony_ci new_msk->sk_destruct = mptcp_sock_destruct; 6128c2ecf20Sopenharmony_ci mptcp_pm_new_connection(mptcp_sk(new_msk), 1); 6138c2ecf20Sopenharmony_ci mptcp_token_accept(subflow_req, mptcp_sk(new_msk)); 6148c2ecf20Sopenharmony_ci ctx->conn = new_msk; 6158c2ecf20Sopenharmony_ci new_msk = NULL; 6168c2ecf20Sopenharmony_ci 6178c2ecf20Sopenharmony_ci /* with OoO packets we can reach here without ingress 6188c2ecf20Sopenharmony_ci * mpc option 6198c2ecf20Sopenharmony_ci */ 6208c2ecf20Sopenharmony_ci if (mp_opt.mp_capable) 6218c2ecf20Sopenharmony_ci mptcp_subflow_fully_established(ctx, &mp_opt); 6228c2ecf20Sopenharmony_ci } else if (ctx->mp_join) { 6238c2ecf20Sopenharmony_ci struct mptcp_sock *owner; 6248c2ecf20Sopenharmony_ci 6258c2ecf20Sopenharmony_ci owner = subflow_req->msk; 6268c2ecf20Sopenharmony_ci if (!owner) 6278c2ecf20Sopenharmony_ci goto dispose_child; 6288c2ecf20Sopenharmony_ci 6298c2ecf20Sopenharmony_ci /* move the msk reference ownership to the subflow */ 6308c2ecf20Sopenharmony_ci subflow_req->msk = NULL; 6318c2ecf20Sopenharmony_ci ctx->conn = (struct sock *)owner; 6328c2ecf20Sopenharmony_ci if (!mptcp_finish_join(child)) 6338c2ecf20Sopenharmony_ci goto dispose_child; 6348c2ecf20Sopenharmony_ci 6358c2ecf20Sopenharmony_ci SUBFLOW_REQ_INC_STATS(req, MPTCP_MIB_JOINACKRX); 6368c2ecf20Sopenharmony_ci tcp_rsk(req)->drop_req = true; 6378c2ecf20Sopenharmony_ci } 6388c2ecf20Sopenharmony_ci } 6398c2ecf20Sopenharmony_ci 6408c2ecf20Sopenharmony_ciout: 6418c2ecf20Sopenharmony_ci /* dispose of the left over mptcp master, if any */ 6428c2ecf20Sopenharmony_ci if (unlikely(new_msk)) 6438c2ecf20Sopenharmony_ci mptcp_force_close(new_msk); 6448c2ecf20Sopenharmony_ci 6458c2ecf20Sopenharmony_ci /* check for expected invariant - should never trigger, just help 6468c2ecf20Sopenharmony_ci * catching eariler subtle bugs 6478c2ecf20Sopenharmony_ci */ 6488c2ecf20Sopenharmony_ci WARN_ON_ONCE(child && *own_req && tcp_sk(child)->is_mptcp && 6498c2ecf20Sopenharmony_ci (!mptcp_subflow_ctx(child) || 6508c2ecf20Sopenharmony_ci !mptcp_subflow_ctx(child)->conn)); 6518c2ecf20Sopenharmony_ci return child; 6528c2ecf20Sopenharmony_ci 6538c2ecf20Sopenharmony_cidispose_child: 6548c2ecf20Sopenharmony_ci subflow_drop_ctx(child); 6558c2ecf20Sopenharmony_ci tcp_rsk(req)->drop_req = true; 6568c2ecf20Sopenharmony_ci inet_csk_prepare_for_destroy_sock(child); 6578c2ecf20Sopenharmony_ci tcp_done(child); 6588c2ecf20Sopenharmony_ci req->rsk_ops->send_reset(sk, skb); 6598c2ecf20Sopenharmony_ci 6608c2ecf20Sopenharmony_ci /* The last child reference will be released by the caller */ 6618c2ecf20Sopenharmony_ci return child; 6628c2ecf20Sopenharmony_ci} 6638c2ecf20Sopenharmony_ci 6648c2ecf20Sopenharmony_cistatic struct inet_connection_sock_af_ops subflow_specific __ro_after_init; 6658c2ecf20Sopenharmony_ci 6668c2ecf20Sopenharmony_cienum mapping_status { 6678c2ecf20Sopenharmony_ci MAPPING_OK, 6688c2ecf20Sopenharmony_ci MAPPING_INVALID, 6698c2ecf20Sopenharmony_ci MAPPING_EMPTY, 6708c2ecf20Sopenharmony_ci MAPPING_DATA_FIN, 6718c2ecf20Sopenharmony_ci MAPPING_DUMMY 6728c2ecf20Sopenharmony_ci}; 6738c2ecf20Sopenharmony_ci 6748c2ecf20Sopenharmony_cistatic u64 expand_seq(u64 old_seq, u16 old_data_len, u64 seq) 6758c2ecf20Sopenharmony_ci{ 6768c2ecf20Sopenharmony_ci if ((u32)seq == (u32)old_seq) 6778c2ecf20Sopenharmony_ci return old_seq; 6788c2ecf20Sopenharmony_ci 6798c2ecf20Sopenharmony_ci /* Assume map covers data not mapped yet. */ 6808c2ecf20Sopenharmony_ci return seq | ((old_seq + old_data_len + 1) & GENMASK_ULL(63, 32)); 6818c2ecf20Sopenharmony_ci} 6828c2ecf20Sopenharmony_ci 6838c2ecf20Sopenharmony_cistatic void dbg_bad_map(struct mptcp_subflow_context *subflow, u32 ssn) 6848c2ecf20Sopenharmony_ci{ 6858c2ecf20Sopenharmony_ci pr_debug("Bad mapping: ssn=%d map_seq=%d map_data_len=%d", 6868c2ecf20Sopenharmony_ci ssn, subflow->map_subflow_seq, subflow->map_data_len); 6878c2ecf20Sopenharmony_ci} 6888c2ecf20Sopenharmony_ci 6898c2ecf20Sopenharmony_cistatic bool skb_is_fully_mapped(struct sock *ssk, struct sk_buff *skb) 6908c2ecf20Sopenharmony_ci{ 6918c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 6928c2ecf20Sopenharmony_ci unsigned int skb_consumed; 6938c2ecf20Sopenharmony_ci 6948c2ecf20Sopenharmony_ci skb_consumed = tcp_sk(ssk)->copied_seq - TCP_SKB_CB(skb)->seq; 6958c2ecf20Sopenharmony_ci if (WARN_ON_ONCE(skb_consumed >= skb->len)) 6968c2ecf20Sopenharmony_ci return true; 6978c2ecf20Sopenharmony_ci 6988c2ecf20Sopenharmony_ci return skb->len - skb_consumed <= subflow->map_data_len - 6998c2ecf20Sopenharmony_ci mptcp_subflow_get_map_offset(subflow); 7008c2ecf20Sopenharmony_ci} 7018c2ecf20Sopenharmony_ci 7028c2ecf20Sopenharmony_cistatic bool validate_mapping(struct sock *ssk, struct sk_buff *skb) 7038c2ecf20Sopenharmony_ci{ 7048c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 7058c2ecf20Sopenharmony_ci u32 ssn = tcp_sk(ssk)->copied_seq - subflow->ssn_offset; 7068c2ecf20Sopenharmony_ci 7078c2ecf20Sopenharmony_ci if (unlikely(before(ssn, subflow->map_subflow_seq))) { 7088c2ecf20Sopenharmony_ci /* Mapping covers data later in the subflow stream, 7098c2ecf20Sopenharmony_ci * currently unsupported. 7108c2ecf20Sopenharmony_ci */ 7118c2ecf20Sopenharmony_ci dbg_bad_map(subflow, ssn); 7128c2ecf20Sopenharmony_ci return false; 7138c2ecf20Sopenharmony_ci } 7148c2ecf20Sopenharmony_ci if (unlikely(!before(ssn, subflow->map_subflow_seq + 7158c2ecf20Sopenharmony_ci subflow->map_data_len))) { 7168c2ecf20Sopenharmony_ci /* Mapping does covers past subflow data, invalid */ 7178c2ecf20Sopenharmony_ci dbg_bad_map(subflow, ssn); 7188c2ecf20Sopenharmony_ci return false; 7198c2ecf20Sopenharmony_ci } 7208c2ecf20Sopenharmony_ci return true; 7218c2ecf20Sopenharmony_ci} 7228c2ecf20Sopenharmony_ci 7238c2ecf20Sopenharmony_cistatic enum mapping_status get_mapping_status(struct sock *ssk, 7248c2ecf20Sopenharmony_ci struct mptcp_sock *msk) 7258c2ecf20Sopenharmony_ci{ 7268c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 7278c2ecf20Sopenharmony_ci struct mptcp_ext *mpext; 7288c2ecf20Sopenharmony_ci struct sk_buff *skb; 7298c2ecf20Sopenharmony_ci u16 data_len; 7308c2ecf20Sopenharmony_ci u64 map_seq; 7318c2ecf20Sopenharmony_ci 7328c2ecf20Sopenharmony_ci skb = skb_peek(&ssk->sk_receive_queue); 7338c2ecf20Sopenharmony_ci if (!skb) 7348c2ecf20Sopenharmony_ci return MAPPING_EMPTY; 7358c2ecf20Sopenharmony_ci 7368c2ecf20Sopenharmony_ci if (mptcp_check_fallback(ssk)) 7378c2ecf20Sopenharmony_ci return MAPPING_DUMMY; 7388c2ecf20Sopenharmony_ci 7398c2ecf20Sopenharmony_ci mpext = mptcp_get_ext(skb); 7408c2ecf20Sopenharmony_ci if (!mpext || !mpext->use_map) { 7418c2ecf20Sopenharmony_ci if (!subflow->map_valid && !skb->len) { 7428c2ecf20Sopenharmony_ci /* the TCP stack deliver 0 len FIN pkt to the receive 7438c2ecf20Sopenharmony_ci * queue, that is the only 0len pkts ever expected here, 7448c2ecf20Sopenharmony_ci * and we can admit no mapping only for 0 len pkts 7458c2ecf20Sopenharmony_ci */ 7468c2ecf20Sopenharmony_ci if (!(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN)) 7478c2ecf20Sopenharmony_ci WARN_ONCE(1, "0len seq %d:%d flags %x", 7488c2ecf20Sopenharmony_ci TCP_SKB_CB(skb)->seq, 7498c2ecf20Sopenharmony_ci TCP_SKB_CB(skb)->end_seq, 7508c2ecf20Sopenharmony_ci TCP_SKB_CB(skb)->tcp_flags); 7518c2ecf20Sopenharmony_ci sk_eat_skb(ssk, skb); 7528c2ecf20Sopenharmony_ci return MAPPING_EMPTY; 7538c2ecf20Sopenharmony_ci } 7548c2ecf20Sopenharmony_ci 7558c2ecf20Sopenharmony_ci if (!subflow->map_valid) 7568c2ecf20Sopenharmony_ci return MAPPING_INVALID; 7578c2ecf20Sopenharmony_ci 7588c2ecf20Sopenharmony_ci goto validate_seq; 7598c2ecf20Sopenharmony_ci } 7608c2ecf20Sopenharmony_ci 7618c2ecf20Sopenharmony_ci pr_debug("seq=%llu is64=%d ssn=%u data_len=%u data_fin=%d", 7628c2ecf20Sopenharmony_ci mpext->data_seq, mpext->dsn64, mpext->subflow_seq, 7638c2ecf20Sopenharmony_ci mpext->data_len, mpext->data_fin); 7648c2ecf20Sopenharmony_ci 7658c2ecf20Sopenharmony_ci data_len = mpext->data_len; 7668c2ecf20Sopenharmony_ci if (data_len == 0) { 7678c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_INFINITEMAPRX); 7688c2ecf20Sopenharmony_ci return MAPPING_INVALID; 7698c2ecf20Sopenharmony_ci } 7708c2ecf20Sopenharmony_ci 7718c2ecf20Sopenharmony_ci if (mpext->data_fin == 1) { 7728c2ecf20Sopenharmony_ci if (data_len == 1) { 7738c2ecf20Sopenharmony_ci bool updated = mptcp_update_rcv_data_fin(msk, mpext->data_seq, 7748c2ecf20Sopenharmony_ci mpext->dsn64); 7758c2ecf20Sopenharmony_ci pr_debug("DATA_FIN with no payload seq=%llu", mpext->data_seq); 7768c2ecf20Sopenharmony_ci if (subflow->map_valid) { 7778c2ecf20Sopenharmony_ci /* A DATA_FIN might arrive in a DSS 7788c2ecf20Sopenharmony_ci * option before the previous mapping 7798c2ecf20Sopenharmony_ci * has been fully consumed. Continue 7808c2ecf20Sopenharmony_ci * handling the existing mapping. 7818c2ecf20Sopenharmony_ci */ 7828c2ecf20Sopenharmony_ci skb_ext_del(skb, SKB_EXT_MPTCP); 7838c2ecf20Sopenharmony_ci return MAPPING_OK; 7848c2ecf20Sopenharmony_ci } else { 7858c2ecf20Sopenharmony_ci if (updated && schedule_work(&msk->work)) 7868c2ecf20Sopenharmony_ci sock_hold((struct sock *)msk); 7878c2ecf20Sopenharmony_ci 7888c2ecf20Sopenharmony_ci return MAPPING_DATA_FIN; 7898c2ecf20Sopenharmony_ci } 7908c2ecf20Sopenharmony_ci } else { 7918c2ecf20Sopenharmony_ci u64 data_fin_seq = mpext->data_seq + data_len - 1; 7928c2ecf20Sopenharmony_ci 7938c2ecf20Sopenharmony_ci /* If mpext->data_seq is a 32-bit value, data_fin_seq 7948c2ecf20Sopenharmony_ci * must also be limited to 32 bits. 7958c2ecf20Sopenharmony_ci */ 7968c2ecf20Sopenharmony_ci if (!mpext->dsn64) 7978c2ecf20Sopenharmony_ci data_fin_seq &= GENMASK_ULL(31, 0); 7988c2ecf20Sopenharmony_ci 7998c2ecf20Sopenharmony_ci mptcp_update_rcv_data_fin(msk, data_fin_seq, mpext->dsn64); 8008c2ecf20Sopenharmony_ci pr_debug("DATA_FIN with mapping seq=%llu dsn64=%d", 8018c2ecf20Sopenharmony_ci data_fin_seq, mpext->dsn64); 8028c2ecf20Sopenharmony_ci } 8038c2ecf20Sopenharmony_ci 8048c2ecf20Sopenharmony_ci /* Adjust for DATA_FIN using 1 byte of sequence space */ 8058c2ecf20Sopenharmony_ci data_len--; 8068c2ecf20Sopenharmony_ci } 8078c2ecf20Sopenharmony_ci 8088c2ecf20Sopenharmony_ci if (!mpext->dsn64) { 8098c2ecf20Sopenharmony_ci map_seq = expand_seq(subflow->map_seq, subflow->map_data_len, 8108c2ecf20Sopenharmony_ci mpext->data_seq); 8118c2ecf20Sopenharmony_ci pr_debug("expanded seq=%llu", subflow->map_seq); 8128c2ecf20Sopenharmony_ci } else { 8138c2ecf20Sopenharmony_ci map_seq = mpext->data_seq; 8148c2ecf20Sopenharmony_ci } 8158c2ecf20Sopenharmony_ci WRITE_ONCE(mptcp_sk(subflow->conn)->use_64bit_ack, !!mpext->dsn64); 8168c2ecf20Sopenharmony_ci 8178c2ecf20Sopenharmony_ci if (subflow->map_valid) { 8188c2ecf20Sopenharmony_ci /* Allow replacing only with an identical map */ 8198c2ecf20Sopenharmony_ci if (subflow->map_seq == map_seq && 8208c2ecf20Sopenharmony_ci subflow->map_subflow_seq == mpext->subflow_seq && 8218c2ecf20Sopenharmony_ci subflow->map_data_len == data_len) { 8228c2ecf20Sopenharmony_ci skb_ext_del(skb, SKB_EXT_MPTCP); 8238c2ecf20Sopenharmony_ci return MAPPING_OK; 8248c2ecf20Sopenharmony_ci } 8258c2ecf20Sopenharmony_ci 8268c2ecf20Sopenharmony_ci /* If this skb data are fully covered by the current mapping, 8278c2ecf20Sopenharmony_ci * the new map would need caching, which is not supported 8288c2ecf20Sopenharmony_ci */ 8298c2ecf20Sopenharmony_ci if (skb_is_fully_mapped(ssk, skb)) { 8308c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_DSSNOMATCH); 8318c2ecf20Sopenharmony_ci return MAPPING_INVALID; 8328c2ecf20Sopenharmony_ci } 8338c2ecf20Sopenharmony_ci 8348c2ecf20Sopenharmony_ci /* will validate the next map after consuming the current one */ 8358c2ecf20Sopenharmony_ci return MAPPING_OK; 8368c2ecf20Sopenharmony_ci } 8378c2ecf20Sopenharmony_ci 8388c2ecf20Sopenharmony_ci subflow->map_seq = map_seq; 8398c2ecf20Sopenharmony_ci subflow->map_subflow_seq = mpext->subflow_seq; 8408c2ecf20Sopenharmony_ci subflow->map_data_len = data_len; 8418c2ecf20Sopenharmony_ci subflow->map_valid = 1; 8428c2ecf20Sopenharmony_ci subflow->mpc_map = mpext->mpc_map; 8438c2ecf20Sopenharmony_ci pr_debug("new map seq=%llu subflow_seq=%u data_len=%u", 8448c2ecf20Sopenharmony_ci subflow->map_seq, subflow->map_subflow_seq, 8458c2ecf20Sopenharmony_ci subflow->map_data_len); 8468c2ecf20Sopenharmony_ci 8478c2ecf20Sopenharmony_civalidate_seq: 8488c2ecf20Sopenharmony_ci /* we revalidate valid mapping on new skb, because we must ensure 8498c2ecf20Sopenharmony_ci * the current skb is completely covered by the available mapping 8508c2ecf20Sopenharmony_ci */ 8518c2ecf20Sopenharmony_ci if (!validate_mapping(ssk, skb)) 8528c2ecf20Sopenharmony_ci return MAPPING_INVALID; 8538c2ecf20Sopenharmony_ci 8548c2ecf20Sopenharmony_ci skb_ext_del(skb, SKB_EXT_MPTCP); 8558c2ecf20Sopenharmony_ci return MAPPING_OK; 8568c2ecf20Sopenharmony_ci} 8578c2ecf20Sopenharmony_ci 8588c2ecf20Sopenharmony_cistatic void mptcp_subflow_discard_data(struct sock *ssk, struct sk_buff *skb, 8598c2ecf20Sopenharmony_ci u64 limit) 8608c2ecf20Sopenharmony_ci{ 8618c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 8628c2ecf20Sopenharmony_ci bool fin = TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN; 8638c2ecf20Sopenharmony_ci u32 incr; 8648c2ecf20Sopenharmony_ci 8658c2ecf20Sopenharmony_ci incr = limit >= skb->len ? skb->len + fin : limit; 8668c2ecf20Sopenharmony_ci 8678c2ecf20Sopenharmony_ci pr_debug("discarding=%d len=%d seq=%d", incr, skb->len, 8688c2ecf20Sopenharmony_ci subflow->map_subflow_seq); 8698c2ecf20Sopenharmony_ci MPTCP_INC_STATS(sock_net(ssk), MPTCP_MIB_DUPDATA); 8708c2ecf20Sopenharmony_ci tcp_sk(ssk)->copied_seq += incr; 8718c2ecf20Sopenharmony_ci if (!before(tcp_sk(ssk)->copied_seq, TCP_SKB_CB(skb)->end_seq)) 8728c2ecf20Sopenharmony_ci sk_eat_skb(ssk, skb); 8738c2ecf20Sopenharmony_ci if (mptcp_subflow_get_map_offset(subflow) >= subflow->map_data_len) 8748c2ecf20Sopenharmony_ci subflow->map_valid = 0; 8758c2ecf20Sopenharmony_ci if (incr) 8768c2ecf20Sopenharmony_ci tcp_cleanup_rbuf(ssk, incr); 8778c2ecf20Sopenharmony_ci} 8788c2ecf20Sopenharmony_ci 8798c2ecf20Sopenharmony_cistatic bool subflow_check_data_avail(struct sock *ssk) 8808c2ecf20Sopenharmony_ci{ 8818c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 8828c2ecf20Sopenharmony_ci enum mapping_status status; 8838c2ecf20Sopenharmony_ci struct mptcp_sock *msk; 8848c2ecf20Sopenharmony_ci struct sk_buff *skb; 8858c2ecf20Sopenharmony_ci 8868c2ecf20Sopenharmony_ci pr_debug("msk=%p ssk=%p data_avail=%d skb=%p", subflow->conn, ssk, 8878c2ecf20Sopenharmony_ci subflow->data_avail, skb_peek(&ssk->sk_receive_queue)); 8888c2ecf20Sopenharmony_ci if (!skb_peek(&ssk->sk_receive_queue)) 8898c2ecf20Sopenharmony_ci subflow->data_avail = 0; 8908c2ecf20Sopenharmony_ci if (subflow->data_avail) 8918c2ecf20Sopenharmony_ci return true; 8928c2ecf20Sopenharmony_ci 8938c2ecf20Sopenharmony_ci msk = mptcp_sk(subflow->conn); 8948c2ecf20Sopenharmony_ci for (;;) { 8958c2ecf20Sopenharmony_ci u64 ack_seq; 8968c2ecf20Sopenharmony_ci u64 old_ack; 8978c2ecf20Sopenharmony_ci 8988c2ecf20Sopenharmony_ci status = get_mapping_status(ssk, msk); 8998c2ecf20Sopenharmony_ci pr_debug("msk=%p ssk=%p status=%d", msk, ssk, status); 9008c2ecf20Sopenharmony_ci if (status == MAPPING_INVALID) { 9018c2ecf20Sopenharmony_ci ssk->sk_err = EBADMSG; 9028c2ecf20Sopenharmony_ci goto fatal; 9038c2ecf20Sopenharmony_ci } 9048c2ecf20Sopenharmony_ci if (status == MAPPING_DUMMY) { 9058c2ecf20Sopenharmony_ci __mptcp_do_fallback(msk); 9068c2ecf20Sopenharmony_ci skb = skb_peek(&ssk->sk_receive_queue); 9078c2ecf20Sopenharmony_ci subflow->map_valid = 1; 9088c2ecf20Sopenharmony_ci subflow->map_seq = READ_ONCE(msk->ack_seq); 9098c2ecf20Sopenharmony_ci subflow->map_data_len = skb->len; 9108c2ecf20Sopenharmony_ci subflow->map_subflow_seq = tcp_sk(ssk)->copied_seq - 9118c2ecf20Sopenharmony_ci subflow->ssn_offset; 9128c2ecf20Sopenharmony_ci subflow->data_avail = MPTCP_SUBFLOW_DATA_AVAIL; 9138c2ecf20Sopenharmony_ci return true; 9148c2ecf20Sopenharmony_ci } 9158c2ecf20Sopenharmony_ci 9168c2ecf20Sopenharmony_ci if (status != MAPPING_OK) 9178c2ecf20Sopenharmony_ci return false; 9188c2ecf20Sopenharmony_ci 9198c2ecf20Sopenharmony_ci skb = skb_peek(&ssk->sk_receive_queue); 9208c2ecf20Sopenharmony_ci if (WARN_ON_ONCE(!skb)) 9218c2ecf20Sopenharmony_ci return false; 9228c2ecf20Sopenharmony_ci 9238c2ecf20Sopenharmony_ci /* if msk lacks the remote key, this subflow must provide an 9248c2ecf20Sopenharmony_ci * MP_CAPABLE-based mapping 9258c2ecf20Sopenharmony_ci */ 9268c2ecf20Sopenharmony_ci if (unlikely(!READ_ONCE(msk->can_ack))) { 9278c2ecf20Sopenharmony_ci if (!subflow->mpc_map) { 9288c2ecf20Sopenharmony_ci ssk->sk_err = EBADMSG; 9298c2ecf20Sopenharmony_ci goto fatal; 9308c2ecf20Sopenharmony_ci } 9318c2ecf20Sopenharmony_ci WRITE_ONCE(msk->remote_key, subflow->remote_key); 9328c2ecf20Sopenharmony_ci WRITE_ONCE(msk->ack_seq, subflow->map_seq); 9338c2ecf20Sopenharmony_ci WRITE_ONCE(msk->can_ack, true); 9348c2ecf20Sopenharmony_ci } 9358c2ecf20Sopenharmony_ci 9368c2ecf20Sopenharmony_ci old_ack = READ_ONCE(msk->ack_seq); 9378c2ecf20Sopenharmony_ci ack_seq = mptcp_subflow_get_mapped_dsn(subflow); 9388c2ecf20Sopenharmony_ci pr_debug("msk ack_seq=%llx subflow ack_seq=%llx", old_ack, 9398c2ecf20Sopenharmony_ci ack_seq); 9408c2ecf20Sopenharmony_ci if (ack_seq == old_ack) { 9418c2ecf20Sopenharmony_ci subflow->data_avail = MPTCP_SUBFLOW_DATA_AVAIL; 9428c2ecf20Sopenharmony_ci break; 9438c2ecf20Sopenharmony_ci } else if (after64(ack_seq, old_ack)) { 9448c2ecf20Sopenharmony_ci subflow->data_avail = MPTCP_SUBFLOW_OOO_DATA; 9458c2ecf20Sopenharmony_ci break; 9468c2ecf20Sopenharmony_ci } 9478c2ecf20Sopenharmony_ci 9488c2ecf20Sopenharmony_ci /* only accept in-sequence mapping. Old values are spurious 9498c2ecf20Sopenharmony_ci * retransmission 9508c2ecf20Sopenharmony_ci */ 9518c2ecf20Sopenharmony_ci mptcp_subflow_discard_data(ssk, skb, old_ack - ack_seq); 9528c2ecf20Sopenharmony_ci } 9538c2ecf20Sopenharmony_ci return true; 9548c2ecf20Sopenharmony_ci 9558c2ecf20Sopenharmony_cifatal: 9568c2ecf20Sopenharmony_ci /* fatal protocol error, close the socket */ 9578c2ecf20Sopenharmony_ci /* This barrier is coupled with smp_rmb() in tcp_poll() */ 9588c2ecf20Sopenharmony_ci smp_wmb(); 9598c2ecf20Sopenharmony_ci ssk->sk_error_report(ssk); 9608c2ecf20Sopenharmony_ci tcp_set_state(ssk, TCP_CLOSE); 9618c2ecf20Sopenharmony_ci tcp_send_active_reset(ssk, GFP_ATOMIC); 9628c2ecf20Sopenharmony_ci subflow->data_avail = 0; 9638c2ecf20Sopenharmony_ci return false; 9648c2ecf20Sopenharmony_ci} 9658c2ecf20Sopenharmony_ci 9668c2ecf20Sopenharmony_cibool mptcp_subflow_data_available(struct sock *sk) 9678c2ecf20Sopenharmony_ci{ 9688c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 9698c2ecf20Sopenharmony_ci 9708c2ecf20Sopenharmony_ci /* check if current mapping is still valid */ 9718c2ecf20Sopenharmony_ci if (subflow->map_valid && 9728c2ecf20Sopenharmony_ci mptcp_subflow_get_map_offset(subflow) >= subflow->map_data_len) { 9738c2ecf20Sopenharmony_ci subflow->map_valid = 0; 9748c2ecf20Sopenharmony_ci subflow->data_avail = 0; 9758c2ecf20Sopenharmony_ci 9768c2ecf20Sopenharmony_ci pr_debug("Done with mapping: seq=%u data_len=%u", 9778c2ecf20Sopenharmony_ci subflow->map_subflow_seq, 9788c2ecf20Sopenharmony_ci subflow->map_data_len); 9798c2ecf20Sopenharmony_ci } 9808c2ecf20Sopenharmony_ci 9818c2ecf20Sopenharmony_ci return subflow_check_data_avail(sk); 9828c2ecf20Sopenharmony_ci} 9838c2ecf20Sopenharmony_ci 9848c2ecf20Sopenharmony_ci/* If ssk has an mptcp parent socket, use the mptcp rcvbuf occupancy, 9858c2ecf20Sopenharmony_ci * not the ssk one. 9868c2ecf20Sopenharmony_ci * 9878c2ecf20Sopenharmony_ci * In mptcp, rwin is about the mptcp-level connection data. 9888c2ecf20Sopenharmony_ci * 9898c2ecf20Sopenharmony_ci * Data that is still on the ssk rx queue can thus be ignored, 9908c2ecf20Sopenharmony_ci * as far as mptcp peer is concerened that data is still inflight. 9918c2ecf20Sopenharmony_ci * DSS ACK is updated when skb is moved to the mptcp rx queue. 9928c2ecf20Sopenharmony_ci */ 9938c2ecf20Sopenharmony_civoid mptcp_space(const struct sock *ssk, int *space, int *full_space) 9948c2ecf20Sopenharmony_ci{ 9958c2ecf20Sopenharmony_ci const struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk); 9968c2ecf20Sopenharmony_ci const struct sock *sk = subflow->conn; 9978c2ecf20Sopenharmony_ci 9988c2ecf20Sopenharmony_ci *space = tcp_space(sk); 9998c2ecf20Sopenharmony_ci *full_space = tcp_full_space(sk); 10008c2ecf20Sopenharmony_ci} 10018c2ecf20Sopenharmony_ci 10028c2ecf20Sopenharmony_cistatic void subflow_data_ready(struct sock *sk) 10038c2ecf20Sopenharmony_ci{ 10048c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 10058c2ecf20Sopenharmony_ci u16 state = 1 << inet_sk_state_load(sk); 10068c2ecf20Sopenharmony_ci struct sock *parent = subflow->conn; 10078c2ecf20Sopenharmony_ci struct mptcp_sock *msk; 10088c2ecf20Sopenharmony_ci 10098c2ecf20Sopenharmony_ci msk = mptcp_sk(parent); 10108c2ecf20Sopenharmony_ci if (state & TCPF_LISTEN) { 10118c2ecf20Sopenharmony_ci /* MPJ subflow are removed from accept queue before reaching here, 10128c2ecf20Sopenharmony_ci * avoid stray wakeups 10138c2ecf20Sopenharmony_ci */ 10148c2ecf20Sopenharmony_ci if (reqsk_queue_empty(&inet_csk(sk)->icsk_accept_queue)) 10158c2ecf20Sopenharmony_ci return; 10168c2ecf20Sopenharmony_ci 10178c2ecf20Sopenharmony_ci set_bit(MPTCP_DATA_READY, &msk->flags); 10188c2ecf20Sopenharmony_ci parent->sk_data_ready(parent); 10198c2ecf20Sopenharmony_ci return; 10208c2ecf20Sopenharmony_ci } 10218c2ecf20Sopenharmony_ci 10228c2ecf20Sopenharmony_ci WARN_ON_ONCE(!__mptcp_check_fallback(msk) && !subflow->mp_capable && 10238c2ecf20Sopenharmony_ci !subflow->mp_join && !(state & TCPF_CLOSE)); 10248c2ecf20Sopenharmony_ci 10258c2ecf20Sopenharmony_ci if (mptcp_subflow_data_available(sk)) 10268c2ecf20Sopenharmony_ci mptcp_data_ready(parent, sk); 10278c2ecf20Sopenharmony_ci} 10288c2ecf20Sopenharmony_ci 10298c2ecf20Sopenharmony_cistatic void subflow_write_space(struct sock *sk) 10308c2ecf20Sopenharmony_ci{ 10318c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 10328c2ecf20Sopenharmony_ci struct sock *parent = subflow->conn; 10338c2ecf20Sopenharmony_ci 10348c2ecf20Sopenharmony_ci if (!sk_stream_is_writeable(sk)) 10358c2ecf20Sopenharmony_ci return; 10368c2ecf20Sopenharmony_ci 10378c2ecf20Sopenharmony_ci if (sk_stream_is_writeable(parent)) { 10388c2ecf20Sopenharmony_ci set_bit(MPTCP_SEND_SPACE, &mptcp_sk(parent)->flags); 10398c2ecf20Sopenharmony_ci smp_mb__after_atomic(); 10408c2ecf20Sopenharmony_ci /* set SEND_SPACE before sk_stream_write_space clears NOSPACE */ 10418c2ecf20Sopenharmony_ci sk_stream_write_space(parent); 10428c2ecf20Sopenharmony_ci } 10438c2ecf20Sopenharmony_ci} 10448c2ecf20Sopenharmony_ci 10458c2ecf20Sopenharmony_cistatic const struct inet_connection_sock_af_ops * 10468c2ecf20Sopenharmony_cisubflow_default_af_ops(struct sock *sk) 10478c2ecf20Sopenharmony_ci{ 10488c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 10498c2ecf20Sopenharmony_ci if (sk->sk_family == AF_INET6) 10508c2ecf20Sopenharmony_ci return &subflow_v6_specific; 10518c2ecf20Sopenharmony_ci#endif 10528c2ecf20Sopenharmony_ci return &subflow_specific; 10538c2ecf20Sopenharmony_ci} 10548c2ecf20Sopenharmony_ci 10558c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 10568c2ecf20Sopenharmony_civoid mptcpv6_handle_mapped(struct sock *sk, bool mapped) 10578c2ecf20Sopenharmony_ci{ 10588c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 10598c2ecf20Sopenharmony_ci struct inet_connection_sock *icsk = inet_csk(sk); 10608c2ecf20Sopenharmony_ci const struct inet_connection_sock_af_ops *target; 10618c2ecf20Sopenharmony_ci 10628c2ecf20Sopenharmony_ci target = mapped ? &subflow_v6m_specific : subflow_default_af_ops(sk); 10638c2ecf20Sopenharmony_ci 10648c2ecf20Sopenharmony_ci pr_debug("subflow=%p family=%d ops=%p target=%p mapped=%d", 10658c2ecf20Sopenharmony_ci subflow, sk->sk_family, icsk->icsk_af_ops, target, mapped); 10668c2ecf20Sopenharmony_ci 10678c2ecf20Sopenharmony_ci if (likely(icsk->icsk_af_ops == target)) 10688c2ecf20Sopenharmony_ci return; 10698c2ecf20Sopenharmony_ci 10708c2ecf20Sopenharmony_ci subflow->icsk_af_ops = icsk->icsk_af_ops; 10718c2ecf20Sopenharmony_ci icsk->icsk_af_ops = target; 10728c2ecf20Sopenharmony_ci} 10738c2ecf20Sopenharmony_ci#endif 10748c2ecf20Sopenharmony_ci 10758c2ecf20Sopenharmony_cistatic void mptcp_info2sockaddr(const struct mptcp_addr_info *info, 10768c2ecf20Sopenharmony_ci struct sockaddr_storage *addr) 10778c2ecf20Sopenharmony_ci{ 10788c2ecf20Sopenharmony_ci memset(addr, 0, sizeof(*addr)); 10798c2ecf20Sopenharmony_ci addr->ss_family = info->family; 10808c2ecf20Sopenharmony_ci if (addr->ss_family == AF_INET) { 10818c2ecf20Sopenharmony_ci struct sockaddr_in *in_addr = (struct sockaddr_in *)addr; 10828c2ecf20Sopenharmony_ci 10838c2ecf20Sopenharmony_ci in_addr->sin_addr = info->addr; 10848c2ecf20Sopenharmony_ci in_addr->sin_port = info->port; 10858c2ecf20Sopenharmony_ci } 10868c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 10878c2ecf20Sopenharmony_ci else if (addr->ss_family == AF_INET6) { 10888c2ecf20Sopenharmony_ci struct sockaddr_in6 *in6_addr = (struct sockaddr_in6 *)addr; 10898c2ecf20Sopenharmony_ci 10908c2ecf20Sopenharmony_ci in6_addr->sin6_addr = info->addr6; 10918c2ecf20Sopenharmony_ci in6_addr->sin6_port = info->port; 10928c2ecf20Sopenharmony_ci } 10938c2ecf20Sopenharmony_ci#endif 10948c2ecf20Sopenharmony_ci} 10958c2ecf20Sopenharmony_ci 10968c2ecf20Sopenharmony_ciint __mptcp_subflow_connect(struct sock *sk, const struct mptcp_addr_info *loc, 10978c2ecf20Sopenharmony_ci const struct mptcp_addr_info *remote) 10988c2ecf20Sopenharmony_ci{ 10998c2ecf20Sopenharmony_ci struct mptcp_sock *msk = mptcp_sk(sk); 11008c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow; 11018c2ecf20Sopenharmony_ci struct sockaddr_storage addr; 11028c2ecf20Sopenharmony_ci int remote_id = remote->id; 11038c2ecf20Sopenharmony_ci int local_id = loc->id; 11048c2ecf20Sopenharmony_ci struct socket *sf; 11058c2ecf20Sopenharmony_ci struct sock *ssk; 11068c2ecf20Sopenharmony_ci u32 remote_token; 11078c2ecf20Sopenharmony_ci int addrlen; 11088c2ecf20Sopenharmony_ci int err; 11098c2ecf20Sopenharmony_ci 11108c2ecf20Sopenharmony_ci if (!mptcp_is_fully_established(sk)) 11118c2ecf20Sopenharmony_ci return -ENOTCONN; 11128c2ecf20Sopenharmony_ci 11138c2ecf20Sopenharmony_ci err = mptcp_subflow_create_socket(sk, &sf); 11148c2ecf20Sopenharmony_ci if (err) 11158c2ecf20Sopenharmony_ci return err; 11168c2ecf20Sopenharmony_ci 11178c2ecf20Sopenharmony_ci ssk = sf->sk; 11188c2ecf20Sopenharmony_ci subflow = mptcp_subflow_ctx(ssk); 11198c2ecf20Sopenharmony_ci do { 11208c2ecf20Sopenharmony_ci get_random_bytes(&subflow->local_nonce, sizeof(u32)); 11218c2ecf20Sopenharmony_ci } while (!subflow->local_nonce); 11228c2ecf20Sopenharmony_ci 11238c2ecf20Sopenharmony_ci if (!local_id) { 11248c2ecf20Sopenharmony_ci err = mptcp_pm_get_local_id(msk, (struct sock_common *)ssk); 11258c2ecf20Sopenharmony_ci if (err < 0) 11268c2ecf20Sopenharmony_ci goto failed; 11278c2ecf20Sopenharmony_ci 11288c2ecf20Sopenharmony_ci local_id = err; 11298c2ecf20Sopenharmony_ci } 11308c2ecf20Sopenharmony_ci 11318c2ecf20Sopenharmony_ci subflow->remote_key = msk->remote_key; 11328c2ecf20Sopenharmony_ci subflow->local_key = msk->local_key; 11338c2ecf20Sopenharmony_ci subflow->token = msk->token; 11348c2ecf20Sopenharmony_ci mptcp_info2sockaddr(loc, &addr); 11358c2ecf20Sopenharmony_ci 11368c2ecf20Sopenharmony_ci addrlen = sizeof(struct sockaddr_in); 11378c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 11388c2ecf20Sopenharmony_ci if (loc->family == AF_INET6) 11398c2ecf20Sopenharmony_ci addrlen = sizeof(struct sockaddr_in6); 11408c2ecf20Sopenharmony_ci#endif 11418c2ecf20Sopenharmony_ci ssk->sk_bound_dev_if = loc->ifindex; 11428c2ecf20Sopenharmony_ci err = kernel_bind(sf, (struct sockaddr *)&addr, addrlen); 11438c2ecf20Sopenharmony_ci if (err) 11448c2ecf20Sopenharmony_ci goto failed; 11458c2ecf20Sopenharmony_ci 11468c2ecf20Sopenharmony_ci mptcp_crypto_key_sha(subflow->remote_key, &remote_token, NULL); 11478c2ecf20Sopenharmony_ci pr_debug("msk=%p remote_token=%u local_id=%d remote_id=%d", msk, 11488c2ecf20Sopenharmony_ci remote_token, local_id, remote_id); 11498c2ecf20Sopenharmony_ci subflow->remote_token = remote_token; 11508c2ecf20Sopenharmony_ci subflow->local_id = local_id; 11518c2ecf20Sopenharmony_ci subflow->remote_id = remote_id; 11528c2ecf20Sopenharmony_ci subflow->request_join = 1; 11538c2ecf20Sopenharmony_ci subflow->request_bkup = !!(loc->flags & MPTCP_PM_ADDR_FLAG_BACKUP); 11548c2ecf20Sopenharmony_ci mptcp_info2sockaddr(remote, &addr); 11558c2ecf20Sopenharmony_ci 11568c2ecf20Sopenharmony_ci err = kernel_connect(sf, (struct sockaddr *)&addr, addrlen, O_NONBLOCK); 11578c2ecf20Sopenharmony_ci if (err && err != -EINPROGRESS) 11588c2ecf20Sopenharmony_ci goto failed; 11598c2ecf20Sopenharmony_ci 11608c2ecf20Sopenharmony_ci spin_lock_bh(&msk->join_list_lock); 11618c2ecf20Sopenharmony_ci list_add_tail(&subflow->node, &msk->join_list); 11628c2ecf20Sopenharmony_ci spin_unlock_bh(&msk->join_list_lock); 11638c2ecf20Sopenharmony_ci 11648c2ecf20Sopenharmony_ci return err; 11658c2ecf20Sopenharmony_ci 11668c2ecf20Sopenharmony_cifailed: 11678c2ecf20Sopenharmony_ci sock_release(sf); 11688c2ecf20Sopenharmony_ci return err; 11698c2ecf20Sopenharmony_ci} 11708c2ecf20Sopenharmony_ci 11718c2ecf20Sopenharmony_ciint mptcp_subflow_create_socket(struct sock *sk, struct socket **new_sock) 11728c2ecf20Sopenharmony_ci{ 11738c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow; 11748c2ecf20Sopenharmony_ci struct net *net = sock_net(sk); 11758c2ecf20Sopenharmony_ci struct socket *sf; 11768c2ecf20Sopenharmony_ci int err; 11778c2ecf20Sopenharmony_ci 11788c2ecf20Sopenharmony_ci /* un-accepted server sockets can reach here - on bad configuration 11798c2ecf20Sopenharmony_ci * bail early to avoid greater trouble later 11808c2ecf20Sopenharmony_ci */ 11818c2ecf20Sopenharmony_ci if (unlikely(!sk->sk_socket)) 11828c2ecf20Sopenharmony_ci return -EINVAL; 11838c2ecf20Sopenharmony_ci 11848c2ecf20Sopenharmony_ci err = sock_create_kern(net, sk->sk_family, SOCK_STREAM, IPPROTO_TCP, 11858c2ecf20Sopenharmony_ci &sf); 11868c2ecf20Sopenharmony_ci if (err) 11878c2ecf20Sopenharmony_ci return err; 11888c2ecf20Sopenharmony_ci 11898c2ecf20Sopenharmony_ci lock_sock(sf->sk); 11908c2ecf20Sopenharmony_ci 11918c2ecf20Sopenharmony_ci /* kernel sockets do not by default acquire net ref, but TCP timer 11928c2ecf20Sopenharmony_ci * needs it. 11938c2ecf20Sopenharmony_ci */ 11948c2ecf20Sopenharmony_ci sf->sk->sk_net_refcnt = 1; 11958c2ecf20Sopenharmony_ci get_net(net); 11968c2ecf20Sopenharmony_ci#ifdef CONFIG_PROC_FS 11978c2ecf20Sopenharmony_ci this_cpu_add(*net->core.sock_inuse, 1); 11988c2ecf20Sopenharmony_ci#endif 11998c2ecf20Sopenharmony_ci err = tcp_set_ulp(sf->sk, "mptcp"); 12008c2ecf20Sopenharmony_ci release_sock(sf->sk); 12018c2ecf20Sopenharmony_ci 12028c2ecf20Sopenharmony_ci if (err) { 12038c2ecf20Sopenharmony_ci sock_release(sf); 12048c2ecf20Sopenharmony_ci return err; 12058c2ecf20Sopenharmony_ci } 12068c2ecf20Sopenharmony_ci 12078c2ecf20Sopenharmony_ci /* the newly created socket really belongs to the owning MPTCP master 12088c2ecf20Sopenharmony_ci * socket, even if for additional subflows the allocation is performed 12098c2ecf20Sopenharmony_ci * by a kernel workqueue. Adjust inode references, so that the 12108c2ecf20Sopenharmony_ci * procfs/diag interaces really show this one belonging to the correct 12118c2ecf20Sopenharmony_ci * user. 12128c2ecf20Sopenharmony_ci */ 12138c2ecf20Sopenharmony_ci SOCK_INODE(sf)->i_ino = SOCK_INODE(sk->sk_socket)->i_ino; 12148c2ecf20Sopenharmony_ci SOCK_INODE(sf)->i_uid = SOCK_INODE(sk->sk_socket)->i_uid; 12158c2ecf20Sopenharmony_ci SOCK_INODE(sf)->i_gid = SOCK_INODE(sk->sk_socket)->i_gid; 12168c2ecf20Sopenharmony_ci 12178c2ecf20Sopenharmony_ci subflow = mptcp_subflow_ctx(sf->sk); 12188c2ecf20Sopenharmony_ci pr_debug("subflow=%p", subflow); 12198c2ecf20Sopenharmony_ci 12208c2ecf20Sopenharmony_ci *new_sock = sf; 12218c2ecf20Sopenharmony_ci sock_hold(sk); 12228c2ecf20Sopenharmony_ci subflow->conn = sk; 12238c2ecf20Sopenharmony_ci 12248c2ecf20Sopenharmony_ci return 0; 12258c2ecf20Sopenharmony_ci} 12268c2ecf20Sopenharmony_ci 12278c2ecf20Sopenharmony_cistatic struct mptcp_subflow_context *subflow_create_ctx(struct sock *sk, 12288c2ecf20Sopenharmony_ci gfp_t priority) 12298c2ecf20Sopenharmony_ci{ 12308c2ecf20Sopenharmony_ci struct inet_connection_sock *icsk = inet_csk(sk); 12318c2ecf20Sopenharmony_ci struct mptcp_subflow_context *ctx; 12328c2ecf20Sopenharmony_ci 12338c2ecf20Sopenharmony_ci ctx = kzalloc(sizeof(*ctx), priority); 12348c2ecf20Sopenharmony_ci if (!ctx) 12358c2ecf20Sopenharmony_ci return NULL; 12368c2ecf20Sopenharmony_ci 12378c2ecf20Sopenharmony_ci rcu_assign_pointer(icsk->icsk_ulp_data, ctx); 12388c2ecf20Sopenharmony_ci INIT_LIST_HEAD(&ctx->node); 12398c2ecf20Sopenharmony_ci 12408c2ecf20Sopenharmony_ci pr_debug("subflow=%p", ctx); 12418c2ecf20Sopenharmony_ci 12428c2ecf20Sopenharmony_ci ctx->tcp_sock = sk; 12438c2ecf20Sopenharmony_ci 12448c2ecf20Sopenharmony_ci return ctx; 12458c2ecf20Sopenharmony_ci} 12468c2ecf20Sopenharmony_ci 12478c2ecf20Sopenharmony_cistatic void __subflow_state_change(struct sock *sk) 12488c2ecf20Sopenharmony_ci{ 12498c2ecf20Sopenharmony_ci struct socket_wq *wq; 12508c2ecf20Sopenharmony_ci 12518c2ecf20Sopenharmony_ci rcu_read_lock(); 12528c2ecf20Sopenharmony_ci wq = rcu_dereference(sk->sk_wq); 12538c2ecf20Sopenharmony_ci if (skwq_has_sleeper(wq)) 12548c2ecf20Sopenharmony_ci wake_up_interruptible_all(&wq->wait); 12558c2ecf20Sopenharmony_ci rcu_read_unlock(); 12568c2ecf20Sopenharmony_ci} 12578c2ecf20Sopenharmony_ci 12588c2ecf20Sopenharmony_cistatic bool subflow_is_done(const struct sock *sk) 12598c2ecf20Sopenharmony_ci{ 12608c2ecf20Sopenharmony_ci return sk->sk_shutdown & RCV_SHUTDOWN || sk->sk_state == TCP_CLOSE; 12618c2ecf20Sopenharmony_ci} 12628c2ecf20Sopenharmony_ci 12638c2ecf20Sopenharmony_cistatic void subflow_state_change(struct sock *sk) 12648c2ecf20Sopenharmony_ci{ 12658c2ecf20Sopenharmony_ci struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 12668c2ecf20Sopenharmony_ci struct sock *parent = subflow->conn; 12678c2ecf20Sopenharmony_ci 12688c2ecf20Sopenharmony_ci __subflow_state_change(sk); 12698c2ecf20Sopenharmony_ci 12708c2ecf20Sopenharmony_ci if (subflow_simultaneous_connect(sk)) { 12718c2ecf20Sopenharmony_ci mptcp_do_fallback(sk); 12728c2ecf20Sopenharmony_ci mptcp_rcv_space_init(mptcp_sk(parent), sk); 12738c2ecf20Sopenharmony_ci pr_fallback(mptcp_sk(parent)); 12748c2ecf20Sopenharmony_ci subflow->conn_finished = 1; 12758c2ecf20Sopenharmony_ci if (inet_sk_state_load(parent) == TCP_SYN_SENT) { 12768c2ecf20Sopenharmony_ci inet_sk_state_store(parent, TCP_ESTABLISHED); 12778c2ecf20Sopenharmony_ci parent->sk_state_change(parent); 12788c2ecf20Sopenharmony_ci } 12798c2ecf20Sopenharmony_ci } 12808c2ecf20Sopenharmony_ci 12818c2ecf20Sopenharmony_ci /* as recvmsg() does not acquire the subflow socket for ssk selection 12828c2ecf20Sopenharmony_ci * a fin packet carrying a DSS can be unnoticed if we don't trigger 12838c2ecf20Sopenharmony_ci * the data available machinery here. 12848c2ecf20Sopenharmony_ci */ 12858c2ecf20Sopenharmony_ci if (mptcp_subflow_data_available(sk)) 12868c2ecf20Sopenharmony_ci mptcp_data_ready(parent, sk); 12878c2ecf20Sopenharmony_ci 12888c2ecf20Sopenharmony_ci if (__mptcp_check_fallback(mptcp_sk(parent)) && 12898c2ecf20Sopenharmony_ci !(parent->sk_shutdown & RCV_SHUTDOWN) && 12908c2ecf20Sopenharmony_ci !subflow->rx_eof && subflow_is_done(sk)) { 12918c2ecf20Sopenharmony_ci subflow->rx_eof = 1; 12928c2ecf20Sopenharmony_ci mptcp_subflow_eof(parent); 12938c2ecf20Sopenharmony_ci } 12948c2ecf20Sopenharmony_ci} 12958c2ecf20Sopenharmony_ci 12968c2ecf20Sopenharmony_cistatic int subflow_ulp_init(struct sock *sk) 12978c2ecf20Sopenharmony_ci{ 12988c2ecf20Sopenharmony_ci struct inet_connection_sock *icsk = inet_csk(sk); 12998c2ecf20Sopenharmony_ci struct mptcp_subflow_context *ctx; 13008c2ecf20Sopenharmony_ci struct tcp_sock *tp = tcp_sk(sk); 13018c2ecf20Sopenharmony_ci int err = 0; 13028c2ecf20Sopenharmony_ci 13038c2ecf20Sopenharmony_ci /* disallow attaching ULP to a socket unless it has been 13048c2ecf20Sopenharmony_ci * created with sock_create_kern() 13058c2ecf20Sopenharmony_ci */ 13068c2ecf20Sopenharmony_ci if (!sk->sk_kern_sock) { 13078c2ecf20Sopenharmony_ci err = -EOPNOTSUPP; 13088c2ecf20Sopenharmony_ci goto out; 13098c2ecf20Sopenharmony_ci } 13108c2ecf20Sopenharmony_ci 13118c2ecf20Sopenharmony_ci ctx = subflow_create_ctx(sk, GFP_KERNEL); 13128c2ecf20Sopenharmony_ci if (!ctx) { 13138c2ecf20Sopenharmony_ci err = -ENOMEM; 13148c2ecf20Sopenharmony_ci goto out; 13158c2ecf20Sopenharmony_ci } 13168c2ecf20Sopenharmony_ci 13178c2ecf20Sopenharmony_ci pr_debug("subflow=%p, family=%d", ctx, sk->sk_family); 13188c2ecf20Sopenharmony_ci 13198c2ecf20Sopenharmony_ci tp->is_mptcp = 1; 13208c2ecf20Sopenharmony_ci ctx->icsk_af_ops = icsk->icsk_af_ops; 13218c2ecf20Sopenharmony_ci icsk->icsk_af_ops = subflow_default_af_ops(sk); 13228c2ecf20Sopenharmony_ci ctx->tcp_data_ready = sk->sk_data_ready; 13238c2ecf20Sopenharmony_ci ctx->tcp_state_change = sk->sk_state_change; 13248c2ecf20Sopenharmony_ci ctx->tcp_write_space = sk->sk_write_space; 13258c2ecf20Sopenharmony_ci sk->sk_data_ready = subflow_data_ready; 13268c2ecf20Sopenharmony_ci sk->sk_write_space = subflow_write_space; 13278c2ecf20Sopenharmony_ci sk->sk_state_change = subflow_state_change; 13288c2ecf20Sopenharmony_ciout: 13298c2ecf20Sopenharmony_ci return err; 13308c2ecf20Sopenharmony_ci} 13318c2ecf20Sopenharmony_ci 13328c2ecf20Sopenharmony_cistatic void subflow_ulp_release(struct sock *sk) 13338c2ecf20Sopenharmony_ci{ 13348c2ecf20Sopenharmony_ci struct mptcp_subflow_context *ctx = mptcp_subflow_ctx(sk); 13358c2ecf20Sopenharmony_ci 13368c2ecf20Sopenharmony_ci if (!ctx) 13378c2ecf20Sopenharmony_ci return; 13388c2ecf20Sopenharmony_ci 13398c2ecf20Sopenharmony_ci if (ctx->conn) 13408c2ecf20Sopenharmony_ci sock_put(ctx->conn); 13418c2ecf20Sopenharmony_ci 13428c2ecf20Sopenharmony_ci kfree_rcu(ctx, rcu); 13438c2ecf20Sopenharmony_ci} 13448c2ecf20Sopenharmony_ci 13458c2ecf20Sopenharmony_cistatic void subflow_ulp_clone(const struct request_sock *req, 13468c2ecf20Sopenharmony_ci struct sock *newsk, 13478c2ecf20Sopenharmony_ci const gfp_t priority) 13488c2ecf20Sopenharmony_ci{ 13498c2ecf20Sopenharmony_ci struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 13508c2ecf20Sopenharmony_ci struct mptcp_subflow_context *old_ctx = mptcp_subflow_ctx(newsk); 13518c2ecf20Sopenharmony_ci struct mptcp_subflow_context *new_ctx; 13528c2ecf20Sopenharmony_ci 13538c2ecf20Sopenharmony_ci if (!tcp_rsk(req)->is_mptcp || 13548c2ecf20Sopenharmony_ci (!subflow_req->mp_capable && !subflow_req->mp_join)) { 13558c2ecf20Sopenharmony_ci subflow_ulp_fallback(newsk, old_ctx); 13568c2ecf20Sopenharmony_ci return; 13578c2ecf20Sopenharmony_ci } 13588c2ecf20Sopenharmony_ci 13598c2ecf20Sopenharmony_ci new_ctx = subflow_create_ctx(newsk, priority); 13608c2ecf20Sopenharmony_ci if (!new_ctx) { 13618c2ecf20Sopenharmony_ci subflow_ulp_fallback(newsk, old_ctx); 13628c2ecf20Sopenharmony_ci return; 13638c2ecf20Sopenharmony_ci } 13648c2ecf20Sopenharmony_ci 13658c2ecf20Sopenharmony_ci new_ctx->conn_finished = 1; 13668c2ecf20Sopenharmony_ci new_ctx->icsk_af_ops = old_ctx->icsk_af_ops; 13678c2ecf20Sopenharmony_ci new_ctx->tcp_data_ready = old_ctx->tcp_data_ready; 13688c2ecf20Sopenharmony_ci new_ctx->tcp_state_change = old_ctx->tcp_state_change; 13698c2ecf20Sopenharmony_ci new_ctx->tcp_write_space = old_ctx->tcp_write_space; 13708c2ecf20Sopenharmony_ci new_ctx->rel_write_seq = 1; 13718c2ecf20Sopenharmony_ci new_ctx->tcp_sock = newsk; 13728c2ecf20Sopenharmony_ci 13738c2ecf20Sopenharmony_ci if (subflow_req->mp_capable) { 13748c2ecf20Sopenharmony_ci /* see comments in subflow_syn_recv_sock(), MPTCP connection 13758c2ecf20Sopenharmony_ci * is fully established only after we receive the remote key 13768c2ecf20Sopenharmony_ci */ 13778c2ecf20Sopenharmony_ci new_ctx->mp_capable = 1; 13788c2ecf20Sopenharmony_ci new_ctx->local_key = subflow_req->local_key; 13798c2ecf20Sopenharmony_ci new_ctx->token = subflow_req->token; 13808c2ecf20Sopenharmony_ci new_ctx->ssn_offset = subflow_req->ssn_offset; 13818c2ecf20Sopenharmony_ci new_ctx->idsn = subflow_req->idsn; 13828c2ecf20Sopenharmony_ci } else if (subflow_req->mp_join) { 13838c2ecf20Sopenharmony_ci new_ctx->ssn_offset = subflow_req->ssn_offset; 13848c2ecf20Sopenharmony_ci new_ctx->mp_join = 1; 13858c2ecf20Sopenharmony_ci new_ctx->fully_established = 1; 13868c2ecf20Sopenharmony_ci new_ctx->backup = subflow_req->backup; 13878c2ecf20Sopenharmony_ci new_ctx->local_id = subflow_req->local_id; 13888c2ecf20Sopenharmony_ci new_ctx->remote_id = subflow_req->remote_id; 13898c2ecf20Sopenharmony_ci new_ctx->token = subflow_req->token; 13908c2ecf20Sopenharmony_ci new_ctx->thmac = subflow_req->thmac; 13918c2ecf20Sopenharmony_ci } 13928c2ecf20Sopenharmony_ci} 13938c2ecf20Sopenharmony_ci 13948c2ecf20Sopenharmony_cistatic struct tcp_ulp_ops subflow_ulp_ops __read_mostly = { 13958c2ecf20Sopenharmony_ci .name = "mptcp", 13968c2ecf20Sopenharmony_ci .owner = THIS_MODULE, 13978c2ecf20Sopenharmony_ci .init = subflow_ulp_init, 13988c2ecf20Sopenharmony_ci .release = subflow_ulp_release, 13998c2ecf20Sopenharmony_ci .clone = subflow_ulp_clone, 14008c2ecf20Sopenharmony_ci}; 14018c2ecf20Sopenharmony_ci 14028c2ecf20Sopenharmony_cistatic int subflow_ops_init(struct request_sock_ops *subflow_ops) 14038c2ecf20Sopenharmony_ci{ 14048c2ecf20Sopenharmony_ci subflow_ops->obj_size = sizeof(struct mptcp_subflow_request_sock); 14058c2ecf20Sopenharmony_ci 14068c2ecf20Sopenharmony_ci subflow_ops->slab = kmem_cache_create(subflow_ops->slab_name, 14078c2ecf20Sopenharmony_ci subflow_ops->obj_size, 0, 14088c2ecf20Sopenharmony_ci SLAB_ACCOUNT | 14098c2ecf20Sopenharmony_ci SLAB_TYPESAFE_BY_RCU, 14108c2ecf20Sopenharmony_ci NULL); 14118c2ecf20Sopenharmony_ci if (!subflow_ops->slab) 14128c2ecf20Sopenharmony_ci return -ENOMEM; 14138c2ecf20Sopenharmony_ci 14148c2ecf20Sopenharmony_ci return 0; 14158c2ecf20Sopenharmony_ci} 14168c2ecf20Sopenharmony_ci 14178c2ecf20Sopenharmony_civoid __init mptcp_subflow_init(void) 14188c2ecf20Sopenharmony_ci{ 14198c2ecf20Sopenharmony_ci mptcp_subflow_v4_request_sock_ops = tcp_request_sock_ops; 14208c2ecf20Sopenharmony_ci mptcp_subflow_v4_request_sock_ops.slab_name = "request_sock_subflow_v4"; 14218c2ecf20Sopenharmony_ci mptcp_subflow_v4_request_sock_ops.destructor = subflow_v4_req_destructor; 14228c2ecf20Sopenharmony_ci 14238c2ecf20Sopenharmony_ci if (subflow_ops_init(&mptcp_subflow_v4_request_sock_ops) != 0) 14248c2ecf20Sopenharmony_ci panic("MPTCP: failed to init subflow v4 request sock ops\n"); 14258c2ecf20Sopenharmony_ci 14268c2ecf20Sopenharmony_ci subflow_request_sock_ipv4_ops = tcp_request_sock_ipv4_ops; 14278c2ecf20Sopenharmony_ci subflow_request_sock_ipv4_ops.init_req = subflow_v4_init_req; 14288c2ecf20Sopenharmony_ci 14298c2ecf20Sopenharmony_ci subflow_specific = ipv4_specific; 14308c2ecf20Sopenharmony_ci subflow_specific.conn_request = subflow_v4_conn_request; 14318c2ecf20Sopenharmony_ci subflow_specific.syn_recv_sock = subflow_syn_recv_sock; 14328c2ecf20Sopenharmony_ci subflow_specific.sk_rx_dst_set = subflow_finish_connect; 14338c2ecf20Sopenharmony_ci 14348c2ecf20Sopenharmony_ci#if IS_ENABLED(CONFIG_MPTCP_IPV6) 14358c2ecf20Sopenharmony_ci /* In struct mptcp_subflow_request_sock, we assume the TCP request sock 14368c2ecf20Sopenharmony_ci * structures for v4 and v6 have the same size. It should not changed in 14378c2ecf20Sopenharmony_ci * the future but better to make sure to be warned if it is no longer 14388c2ecf20Sopenharmony_ci * the case. 14398c2ecf20Sopenharmony_ci */ 14408c2ecf20Sopenharmony_ci BUILD_BUG_ON(sizeof(struct tcp_request_sock) != sizeof(struct tcp6_request_sock)); 14418c2ecf20Sopenharmony_ci 14428c2ecf20Sopenharmony_ci mptcp_subflow_v6_request_sock_ops = tcp6_request_sock_ops; 14438c2ecf20Sopenharmony_ci mptcp_subflow_v6_request_sock_ops.slab_name = "request_sock_subflow_v6"; 14448c2ecf20Sopenharmony_ci mptcp_subflow_v6_request_sock_ops.destructor = subflow_v6_req_destructor; 14458c2ecf20Sopenharmony_ci 14468c2ecf20Sopenharmony_ci if (subflow_ops_init(&mptcp_subflow_v6_request_sock_ops) != 0) 14478c2ecf20Sopenharmony_ci panic("MPTCP: failed to init subflow v6 request sock ops\n"); 14488c2ecf20Sopenharmony_ci 14498c2ecf20Sopenharmony_ci subflow_request_sock_ipv6_ops = tcp_request_sock_ipv6_ops; 14508c2ecf20Sopenharmony_ci subflow_request_sock_ipv6_ops.init_req = subflow_v6_init_req; 14518c2ecf20Sopenharmony_ci 14528c2ecf20Sopenharmony_ci subflow_v6_specific = ipv6_specific; 14538c2ecf20Sopenharmony_ci subflow_v6_specific.conn_request = subflow_v6_conn_request; 14548c2ecf20Sopenharmony_ci subflow_v6_specific.syn_recv_sock = subflow_syn_recv_sock; 14558c2ecf20Sopenharmony_ci subflow_v6_specific.sk_rx_dst_set = subflow_finish_connect; 14568c2ecf20Sopenharmony_ci 14578c2ecf20Sopenharmony_ci subflow_v6m_specific = subflow_v6_specific; 14588c2ecf20Sopenharmony_ci subflow_v6m_specific.queue_xmit = ipv4_specific.queue_xmit; 14598c2ecf20Sopenharmony_ci subflow_v6m_specific.send_check = ipv4_specific.send_check; 14608c2ecf20Sopenharmony_ci subflow_v6m_specific.net_header_len = ipv4_specific.net_header_len; 14618c2ecf20Sopenharmony_ci subflow_v6m_specific.mtu_reduced = ipv4_specific.mtu_reduced; 14628c2ecf20Sopenharmony_ci subflow_v6m_specific.net_frag_header_len = 0; 14638c2ecf20Sopenharmony_ci#endif 14648c2ecf20Sopenharmony_ci 14658c2ecf20Sopenharmony_ci mptcp_diag_subflow_init(&subflow_ulp_ops); 14668c2ecf20Sopenharmony_ci 14678c2ecf20Sopenharmony_ci if (tcp_register_ulp(&subflow_ulp_ops) != 0) 14688c2ecf20Sopenharmony_ci panic("MPTCP: failed to register subflows to ULP\n"); 14698c2ecf20Sopenharmony_ci} 1470