1/* SPDX-License-Identifier: GPL-2.0-or-later */
2/*
3 * INET An implementation of the TCP/IP protocol suite for the LINUX
4 * operating system. INET is implemented using the BSD Socket
5 * interface as the means of communication with the user level.
6 *
7 * Definitions for the TCP module.
8 *
9 * Version: @(#)tcp.h 1.0.5 05/23/93
10 *
11 * Authors: Ross Biro
12 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
13 */
14#ifndef _TCP_H
15#define _TCP_H
16
17#define FASTRETRANS_DEBUG 1
18
19#include <linux/list.h>
20#include <linux/tcp.h>
21#include <linux/bug.h>
22#include <linux/slab.h>
23#include <linux/cache.h>
24#include <linux/percpu.h>
25#include <linux/skbuff.h>
26#include <linux/kref.h>
27#include <linux/ktime.h>
28#include <linux/indirect_call_wrapper.h>
29
30#include <net/inet_connection_sock.h>
31#include <net/inet_timewait_sock.h>
32#include <net/inet_hashtables.h>
33#include <net/checksum.h>
34#include <net/request_sock.h>
35#include <net/sock_reuseport.h>
36#include <net/sock.h>
37#include <net/snmp.h>
38#include <net/ip.h>
39#include <net/tcp_states.h>
40#include <net/tcp_ao.h>
41#include <net/inet_ecn.h>
42#include <net/dst.h>
43#include <net/mptcp.h>
44
45#include <linux/seq_file.h>
46#include <linux/memcontrol.h>
47#include <linux/bpf-cgroup.h>
48#include <linux/siphash.h>
49
50extern struct inet_hashinfo tcp_hashinfo;
51
52DECLARE_PER_CPU(unsigned int, tcp_orphan_count);
53int tcp_orphan_count_sum(void);
54
55void tcp_time_wait(struct sock *sk, int state, int timeo);
56
57#define MAX_TCP_HEADER L1_CACHE_ALIGN(128 + MAX_HEADER)
58#define MAX_TCP_OPTION_SPACE 40
59#define TCP_MIN_SND_MSS 48
60#define TCP_MIN_GSO_SIZE (TCP_MIN_SND_MSS - MAX_TCP_OPTION_SPACE)
61
62/*
63 * Never offer a window over 32767 without using window scaling. Some
64 * poor stacks do signed 16bit maths!
65 */
66#define MAX_TCP_WINDOW 32767U
67
68/* Minimal accepted MSS. It is (60+60+8) - (20+20). */
69#define TCP_MIN_MSS 88U
70
71/* The initial MTU to use for probing */
72#define TCP_BASE_MSS 1024
73
74/* probing interval, default to 10 minutes as per RFC4821 */
75#define TCP_PROBE_INTERVAL 600
76
77/* Specify interval when tcp mtu probing will stop */
78#define TCP_PROBE_THRESHOLD 8
79
80/* After receiving this amount of duplicate ACKs fast retransmit starts. */
81#define TCP_FASTRETRANS_THRESH 3
82
83/* Maximal number of ACKs sent quickly to accelerate slow-start. */
84#define TCP_MAX_QUICKACKS 16U
85
86/* Maximal number of window scale according to RFC1323 */
87#define TCP_MAX_WSCALE 14U
88
89/* urg_data states */
90#define TCP_URG_VALID 0x0100
91#define TCP_URG_NOTYET 0x0200
92#define TCP_URG_READ 0x0400
93
94#define TCP_RETR1 3 /*
95 * This is how many retries it does before it
96 * tries to figure out if the gateway is
97 * down. Minimal RFC value is 3; it corresponds
98 * to ~3sec-8min depending on RTO.
99 */
100
101#define TCP_RETR2 15 /*
102 * This should take at least
103 * 90 minutes to time out.
104 * RFC1122 says that the limit is 100 sec.
105 * 15 is ~13-30min depending on RTO.
106 */
107
108#define TCP_SYN_RETRIES 6 /* This is how many retries are done
109 * when active opening a connection.
110 * RFC1122 says the minimum retry MUST
111 * be at least 180secs. Nevertheless
112 * this value is corresponding to
113 * 63secs of retransmission with the
114 * current initial RTO.
115 */
116
117#define TCP_SYNACK_RETRIES 5 /* This is how may retries are done
118 * when passive opening a connection.
119 * This is corresponding to 31secs of
120 * retransmission with the current
121 * initial RTO.
122 */
123
124#define TCP_TIMEWAIT_LEN (60*HZ) /* how long to wait to destroy TIME-WAIT
125 * state, about 60 seconds */
126#define TCP_FIN_TIMEOUT TCP_TIMEWAIT_LEN
127 /* BSD style FIN_WAIT2 deadlock breaker.
128 * It used to be 3min, new value is 60sec,
129 * to combine FIN-WAIT-2 timeout with
130 * TIME-WAIT timer.
131 */
132#define TCP_FIN_TIMEOUT_MAX (120 * HZ) /* max TCP_LINGER2 value (two minutes) */
133
134#define TCP_DELACK_MAX ((unsigned)(HZ/5)) /* maximal time to delay before sending an ACK */
135static_assert((1 << ATO_BITS) > TCP_DELACK_MAX);
136
137#if HZ >= 100
138#define TCP_DELACK_MIN ((unsigned)(HZ/25)) /* minimal time to delay before sending an ACK */
139#define TCP_ATO_MIN ((unsigned)(HZ/25))
140#else
141#define TCP_DELACK_MIN 4U
142#define TCP_ATO_MIN 4U
143#endif
144#define TCP_RTO_MAX ((unsigned)(120*HZ))
145#define TCP_RTO_MIN ((unsigned)(HZ/5))
146#define TCP_TIMEOUT_MIN (2U) /* Min timeout for TCP timers in jiffies */
147
148#define TCP_TIMEOUT_MIN_US (2*USEC_PER_MSEC) /* Min TCP timeout in microsecs */
149
150#define TCP_TIMEOUT_INIT ((unsigned)(1*HZ)) /* RFC6298 2.1 initial RTO value */
151#define TCP_TIMEOUT_FALLBACK ((unsigned)(3*HZ)) /* RFC 1122 initial RTO value, now
152 * used as a fallback RTO for the
153 * initial data transmission if no
154 * valid RTT sample has been acquired,
155 * most likely due to retrans in 3WHS.
156 */
157
158#define TCP_RESOURCE_PROBE_INTERVAL ((unsigned)(HZ/2U)) /* Maximal interval between probes
159 * for local resources.
160 */
161#define TCP_KEEPALIVE_TIME (120*60*HZ) /* two hours */
162#define TCP_KEEPALIVE_PROBES 9 /* Max of 9 keepalive probes */
163#define TCP_KEEPALIVE_INTVL (75*HZ)
164
165#define MAX_TCP_KEEPIDLE 32767
166#define MAX_TCP_KEEPINTVL 32767
167#define MAX_TCP_KEEPCNT 127
168#define MAX_TCP_SYNCNT 127
169
170/* Ensure that TCP PAWS checks are relaxed after ~2147 seconds
171 * to avoid overflows. This assumes a clock smaller than 1 Mhz.
172 * Default clock is 1 Khz, tcp_usec_ts uses 1 Mhz.
173 */
174#define TCP_PAWS_WRAP (INT_MAX / USEC_PER_SEC)
175
176#define TCP_PAWS_MSL 60 /* Per-host timestamps are invalidated
177 * after this time. It should be equal
178 * (or greater than) TCP_TIMEWAIT_LEN
179 * to provide reliability equal to one
180 * provided by timewait state.
181 */
182#define TCP_PAWS_WINDOW 1 /* Replay window for per-host
183 * timestamps. It must be less than
184 * minimal timewait lifetime.
185 */
186/*
187 * TCP option
188 */
189
190#define TCPOPT_NOP 1 /* Padding */
191#define TCPOPT_EOL 0 /* End of options */
192#define TCPOPT_MSS 2 /* Segment size negotiating */
193#define TCPOPT_WINDOW 3 /* Window scaling */
194#define TCPOPT_SACK_PERM 4 /* SACK Permitted */
195#define TCPOPT_SACK 5 /* SACK Block */
196#define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */
197#define TCPOPT_MD5SIG 19 /* MD5 Signature (RFC2385) */
198#define TCPOPT_AO 29 /* Authentication Option (RFC5925) */
199#define TCPOPT_MPTCP 30 /* Multipath TCP (RFC6824) */
200#define TCPOPT_FASTOPEN 34 /* Fast open (RFC7413) */
201#define TCPOPT_EXP 254 /* Experimental */
202/* Magic number to be after the option value for sharing TCP
203 * experimental options. See draft-ietf-tcpm-experimental-options-00.txt
204 */
205#define TCPOPT_FASTOPEN_MAGIC 0xF989
206#define TCPOPT_SMC_MAGIC 0xE2D4C3D9
207
208/*
209 * TCP option lengths
210 */
211
212#define TCPOLEN_MSS 4
213#define TCPOLEN_WINDOW 3
214#define TCPOLEN_SACK_PERM 2
215#define TCPOLEN_TIMESTAMP 10
216#define TCPOLEN_MD5SIG 18
217#define TCPOLEN_FASTOPEN_BASE 2
218#define TCPOLEN_EXP_FASTOPEN_BASE 4
219#define TCPOLEN_EXP_SMC_BASE 6
220
221/* But this is what stacks really send out. */
222#define TCPOLEN_TSTAMP_ALIGNED 12
223#define TCPOLEN_WSCALE_ALIGNED 4
224#define TCPOLEN_SACKPERM_ALIGNED 4
225#define TCPOLEN_SACK_BASE 2
226#define TCPOLEN_SACK_BASE_ALIGNED 4
227#define TCPOLEN_SACK_PERBLOCK 8
228#define TCPOLEN_MD5SIG_ALIGNED 20
229#define TCPOLEN_MSS_ALIGNED 4
230#define TCPOLEN_EXP_SMC_BASE_ALIGNED 8
231
232/* Flags in tp->nonagle */
233#define TCP_NAGLE_OFF 1 /* Nagle's algo is disabled */
234#define TCP_NAGLE_CORK 2 /* Socket is corked */
235#define TCP_NAGLE_PUSH 4 /* Cork is overridden for already queued data */
236
237/* TCP thin-stream limits */
238#define TCP_THIN_LINEAR_RETRIES 6 /* After 6 linear retries, do exp. backoff */
239
240/* TCP initial congestion window as per rfc6928 */
241#define TCP_INIT_CWND 10
242
243/* Bit Flags for sysctl_tcp_fastopen */
244#define TFO_CLIENT_ENABLE 1
245#define TFO_SERVER_ENABLE 2
246#define TFO_CLIENT_NO_COOKIE 4 /* Data in SYN w/o cookie option */
247
248/* Accept SYN data w/o any cookie option */
249#define TFO_SERVER_COOKIE_NOT_REQD 0x200
250
251/* Force enable TFO on all listeners, i.e., not requiring the
252 * TCP_FASTOPEN socket option.
253 */
254#define TFO_SERVER_WO_SOCKOPT1 0x400
255
256
257/* sysctl variables for tcp */
258extern int sysctl_tcp_max_orphans;
259extern long sysctl_tcp_mem[3];
260
261#define TCP_RACK_LOSS_DETECTION 0x1 /* Use RACK to detect losses */
262#define TCP_RACK_STATIC_REO_WND 0x2 /* Use static RACK reo wnd */
263#define TCP_RACK_NO_DUPTHRESH 0x4 /* Do not use DUPACK threshold in RACK */
264
265extern atomic_long_t tcp_memory_allocated;
266DECLARE_PER_CPU(int, tcp_memory_per_cpu_fw_alloc);
267
268extern struct percpu_counter tcp_sockets_allocated;
269extern unsigned long tcp_memory_pressure;
270
271/* optimized version of sk_under_memory_pressure() for TCP sockets */
272static inline bool tcp_under_memory_pressure(const struct sock *sk)
273{
274 if (mem_cgroup_sockets_enabled && sk->sk_memcg &&
275 mem_cgroup_under_socket_pressure(memcg: sk->sk_memcg))
276 return true;
277
278 return READ_ONCE(tcp_memory_pressure);
279}
280/*
281 * The next routines deal with comparing 32 bit unsigned ints
282 * and worry about wraparound (automatic with unsigned arithmetic).
283 */
284
285static inline bool before(__u32 seq1, __u32 seq2)
286{
287 return (__s32)(seq1-seq2) < 0;
288}
289#define after(seq2, seq1) before(seq1, seq2)
290
291/* is s2<=s1<=s3 ? */
292static inline bool between(__u32 seq1, __u32 seq2, __u32 seq3)
293{
294 return seq3 - seq2 >= seq1 - seq2;
295}
296
297static inline bool tcp_out_of_memory(struct sock *sk)
298{
299 if (sk->sk_wmem_queued > SOCK_MIN_SNDBUF &&
300 sk_memory_allocated(sk) > sk_prot_mem_limits(sk, index: 2))
301 return true;
302 return false;
303}
304
305static inline void tcp_wmem_free_skb(struct sock *sk, struct sk_buff *skb)
306{
307 sk_wmem_queued_add(sk, val: -skb->truesize);
308 if (!skb_zcopy_pure(skb))
309 sk_mem_uncharge(sk, size: skb->truesize);
310 else
311 sk_mem_uncharge(sk, SKB_TRUESIZE(skb_end_offset(skb)));
312 __kfree_skb(skb);
313}
314
315void sk_forced_mem_schedule(struct sock *sk, int size);
316
317bool tcp_check_oom(struct sock *sk, int shift);
318
319
320extern struct proto tcp_prot;
321
322#define TCP_INC_STATS(net, field) SNMP_INC_STATS((net)->mib.tcp_statistics, field)
323#define __TCP_INC_STATS(net, field) __SNMP_INC_STATS((net)->mib.tcp_statistics, field)
324#define TCP_DEC_STATS(net, field) SNMP_DEC_STATS((net)->mib.tcp_statistics, field)
325#define TCP_ADD_STATS(net, field, val) SNMP_ADD_STATS((net)->mib.tcp_statistics, field, val)
326
327void tcp_tasklet_init(void);
328
329int tcp_v4_err(struct sk_buff *skb, u32);
330
331void tcp_shutdown(struct sock *sk, int how);
332
333int tcp_v4_early_demux(struct sk_buff *skb);
334int tcp_v4_rcv(struct sk_buff *skb);
335
336void tcp_remove_empty_skb(struct sock *sk);
337int tcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t size);
338int tcp_sendmsg_locked(struct sock *sk, struct msghdr *msg, size_t size);
339int tcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg, int *copied,
340 size_t size, struct ubuf_info *uarg);
341void tcp_splice_eof(struct socket *sock);
342int tcp_send_mss(struct sock *sk, int *size_goal, int flags);
343int tcp_wmem_schedule(struct sock *sk, int copy);
344void tcp_push(struct sock *sk, int flags, int mss_now, int nonagle,
345 int size_goal);
346void tcp_release_cb(struct sock *sk);
347void tcp_wfree(struct sk_buff *skb);
348void tcp_write_timer_handler(struct sock *sk);
349void tcp_delack_timer_handler(struct sock *sk);
350int tcp_ioctl(struct sock *sk, int cmd, int *karg);
351enum skb_drop_reason tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb);
352void tcp_rcv_established(struct sock *sk, struct sk_buff *skb);
353void tcp_rcv_space_adjust(struct sock *sk);
354int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp);
355void tcp_twsk_destructor(struct sock *sk);
356void tcp_twsk_purge(struct list_head *net_exit_list, int family);
357ssize_t tcp_splice_read(struct socket *sk, loff_t *ppos,
358 struct pipe_inode_info *pipe, size_t len,
359 unsigned int flags);
360struct sk_buff *tcp_stream_alloc_skb(struct sock *sk, gfp_t gfp,
361 bool force_schedule);
362
363static inline void tcp_dec_quickack_mode(struct sock *sk)
364{
365 struct inet_connection_sock *icsk = inet_csk(sk);
366
367 if (icsk->icsk_ack.quick) {
368 /* How many ACKs S/ACKing new data have we sent? */
369 const unsigned int pkts = inet_csk_ack_scheduled(sk) ? 1 : 0;
370
371 if (pkts >= icsk->icsk_ack.quick) {
372 icsk->icsk_ack.quick = 0;
373 /* Leaving quickack mode we deflate ATO. */
374 icsk->icsk_ack.ato = TCP_ATO_MIN;
375 } else
376 icsk->icsk_ack.quick -= pkts;
377 }
378}
379
380#define TCP_ECN_OK 1
381#define TCP_ECN_QUEUE_CWR 2
382#define TCP_ECN_DEMAND_CWR 4
383#define TCP_ECN_SEEN 8
384
385enum tcp_tw_status {
386 TCP_TW_SUCCESS = 0,
387 TCP_TW_RST = 1,
388 TCP_TW_ACK = 2,
389 TCP_TW_SYN = 3
390};
391
392
393enum tcp_tw_status tcp_timewait_state_process(struct inet_timewait_sock *tw,
394 struct sk_buff *skb,
395 const struct tcphdr *th);
396struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
397 struct request_sock *req, bool fastopen,
398 bool *lost_race);
399enum skb_drop_reason tcp_child_process(struct sock *parent, struct sock *child,
400 struct sk_buff *skb);
401void tcp_enter_loss(struct sock *sk);
402void tcp_cwnd_reduction(struct sock *sk, int newly_acked_sacked, int newly_lost, int flag);
403void tcp_clear_retrans(struct tcp_sock *tp);
404void tcp_update_metrics(struct sock *sk);
405void tcp_init_metrics(struct sock *sk);
406void tcp_metrics_init(void);
407bool tcp_peer_is_proven(struct request_sock *req, struct dst_entry *dst);
408void __tcp_close(struct sock *sk, long timeout);
409void tcp_close(struct sock *sk, long timeout);
410void tcp_init_sock(struct sock *sk);
411void tcp_init_transfer(struct sock *sk, int bpf_op, struct sk_buff *skb);
412__poll_t tcp_poll(struct file *file, struct socket *sock,
413 struct poll_table_struct *wait);
414int do_tcp_getsockopt(struct sock *sk, int level,
415 int optname, sockptr_t optval, sockptr_t optlen);
416int tcp_getsockopt(struct sock *sk, int level, int optname,
417 char __user *optval, int __user *optlen);
418bool tcp_bpf_bypass_getsockopt(int level, int optname);
419int do_tcp_setsockopt(struct sock *sk, int level, int optname,
420 sockptr_t optval, unsigned int optlen);
421int tcp_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
422 unsigned int optlen);
423void tcp_set_keepalive(struct sock *sk, int val);
424void tcp_syn_ack_timeout(const struct request_sock *req);
425int tcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
426 int flags, int *addr_len);
427int tcp_set_rcvlowat(struct sock *sk, int val);
428int tcp_set_window_clamp(struct sock *sk, int val);
429void tcp_update_recv_tstamps(struct sk_buff *skb,
430 struct scm_timestamping_internal *tss);
431void tcp_recv_timestamp(struct msghdr *msg, const struct sock *sk,
432 struct scm_timestamping_internal *tss);
433void tcp_data_ready(struct sock *sk);
434#ifdef CONFIG_MMU
435int tcp_mmap(struct file *file, struct socket *sock,
436 struct vm_area_struct *vma);
437#endif
438void tcp_parse_options(const struct net *net, const struct sk_buff *skb,
439 struct tcp_options_received *opt_rx,
440 int estab, struct tcp_fastopen_cookie *foc);
441
442/*
443 * BPF SKB-less helpers
444 */
445u16 tcp_v4_get_syncookie(struct sock *sk, struct iphdr *iph,
446 struct tcphdr *th, u32 *cookie);
447u16 tcp_v6_get_syncookie(struct sock *sk, struct ipv6hdr *iph,
448 struct tcphdr *th, u32 *cookie);
449u16 tcp_parse_mss_option(const struct tcphdr *th, u16 user_mss);
450u16 tcp_get_syncookie_mss(struct request_sock_ops *rsk_ops,
451 const struct tcp_request_sock_ops *af_ops,
452 struct sock *sk, struct tcphdr *th);
453/*
454 * TCP v4 functions exported for the inet6 API
455 */
456
457void tcp_v4_send_check(struct sock *sk, struct sk_buff *skb);
458void tcp_v4_mtu_reduced(struct sock *sk);
459void tcp_req_err(struct sock *sk, u32 seq, bool abort);
460void tcp_ld_RTO_revert(struct sock *sk, u32 seq);
461int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb);
462struct sock *tcp_create_openreq_child(const struct sock *sk,
463 struct request_sock *req,
464 struct sk_buff *skb);
465void tcp_ca_openreq_child(struct sock *sk, const struct dst_entry *dst);
466struct sock *tcp_v4_syn_recv_sock(const struct sock *sk, struct sk_buff *skb,
467 struct request_sock *req,
468 struct dst_entry *dst,
469 struct request_sock *req_unhash,
470 bool *own_req);
471int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb);
472int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len);
473int tcp_connect(struct sock *sk);
474enum tcp_synack_type {
475 TCP_SYNACK_NORMAL,
476 TCP_SYNACK_FASTOPEN,
477 TCP_SYNACK_COOKIE,
478};
479struct sk_buff *tcp_make_synack(const struct sock *sk, struct dst_entry *dst,
480 struct request_sock *req,
481 struct tcp_fastopen_cookie *foc,
482 enum tcp_synack_type synack_type,
483 struct sk_buff *syn_skb);
484int tcp_disconnect(struct sock *sk, int flags);
485
486void tcp_finish_connect(struct sock *sk, struct sk_buff *skb);
487int tcp_send_rcvq(struct sock *sk, struct msghdr *msg, size_t size);
488void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb);
489
490/* From syncookies.c */
491struct sock *tcp_get_cookie_sock(struct sock *sk, struct sk_buff *skb,
492 struct request_sock *req,
493 struct dst_entry *dst);
494int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th);
495struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb);
496struct request_sock *cookie_tcp_reqsk_alloc(const struct request_sock_ops *ops,
497 struct sock *sk, struct sk_buff *skb,
498 struct tcp_options_received *tcp_opt,
499 int mss, u32 tsoff);
500
501#if IS_ENABLED(CONFIG_BPF)
502struct bpf_tcp_req_attrs {
503 u32 rcv_tsval;
504 u32 rcv_tsecr;
505 u16 mss;
506 u8 rcv_wscale;
507 u8 snd_wscale;
508 u8 ecn_ok;
509 u8 wscale_ok;
510 u8 sack_ok;
511 u8 tstamp_ok;
512 u8 usec_ts_ok;
513 u8 reserved[3];
514};
515#endif
516
517#ifdef CONFIG_SYN_COOKIES
518
519/* Syncookies use a monotonic timer which increments every 60 seconds.
520 * This counter is used both as a hash input and partially encoded into
521 * the cookie value. A cookie is only validated further if the delta
522 * between the current counter value and the encoded one is less than this,
523 * i.e. a sent cookie is valid only at most for 2*60 seconds (or less if
524 * the counter advances immediately after a cookie is generated).
525 */
526#define MAX_SYNCOOKIE_AGE 2
527#define TCP_SYNCOOKIE_PERIOD (60 * HZ)
528#define TCP_SYNCOOKIE_VALID (MAX_SYNCOOKIE_AGE * TCP_SYNCOOKIE_PERIOD)
529
530/* syncookies: remember time of last synqueue overflow
531 * But do not dirty this field too often (once per second is enough)
532 * It is racy as we do not hold a lock, but race is very minor.
533 */
534static inline void tcp_synq_overflow(const struct sock *sk)
535{
536 unsigned int last_overflow;
537 unsigned int now = jiffies;
538
539 if (sk->sk_reuseport) {
540 struct sock_reuseport *reuse;
541
542 reuse = rcu_dereference(sk->sk_reuseport_cb);
543 if (likely(reuse)) {
544 last_overflow = READ_ONCE(reuse->synq_overflow_ts);
545 if (!time_between32(now, last_overflow,
546 last_overflow + HZ))
547 WRITE_ONCE(reuse->synq_overflow_ts, now);
548 return;
549 }
550 }
551
552 last_overflow = READ_ONCE(tcp_sk(sk)->rx_opt.ts_recent_stamp);
553 if (!time_between32(now, last_overflow, last_overflow + HZ))
554 WRITE_ONCE(tcp_sk_rw(sk)->rx_opt.ts_recent_stamp, now);
555}
556
557/* syncookies: no recent synqueue overflow on this listening socket? */
558static inline bool tcp_synq_no_recent_overflow(const struct sock *sk)
559{
560 unsigned int last_overflow;
561 unsigned int now = jiffies;
562
563 if (sk->sk_reuseport) {
564 struct sock_reuseport *reuse;
565
566 reuse = rcu_dereference(sk->sk_reuseport_cb);
567 if (likely(reuse)) {
568 last_overflow = READ_ONCE(reuse->synq_overflow_ts);
569 return !time_between32(now, last_overflow - HZ,
570 last_overflow +
571 TCP_SYNCOOKIE_VALID);
572 }
573 }
574
575 last_overflow = READ_ONCE(tcp_sk(sk)->rx_opt.ts_recent_stamp);
576
577 /* If last_overflow <= jiffies <= last_overflow + TCP_SYNCOOKIE_VALID,
578 * then we're under synflood. However, we have to use
579 * 'last_overflow - HZ' as lower bound. That's because a concurrent
580 * tcp_synq_overflow() could update .ts_recent_stamp after we read
581 * jiffies but before we store .ts_recent_stamp into last_overflow,
582 * which could lead to rejecting a valid syncookie.
583 */
584 return !time_between32(now, last_overflow - HZ,
585 last_overflow + TCP_SYNCOOKIE_VALID);
586}
587
588static inline u32 tcp_cookie_time(void)
589{
590 u64 val = get_jiffies_64();
591
592 do_div(val, TCP_SYNCOOKIE_PERIOD);
593 return val;
594}
595
596/* Convert one nsec 64bit timestamp to ts (ms or usec resolution) */
597static inline u64 tcp_ns_to_ts(bool usec_ts, u64 val)
598{
599 if (usec_ts)
600 return div_u64(dividend: val, NSEC_PER_USEC);
601
602 return div_u64(dividend: val, NSEC_PER_MSEC);
603}
604
605u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th,
606 u16 *mssp);
607__u32 cookie_v4_init_sequence(const struct sk_buff *skb, __u16 *mss);
608u64 cookie_init_timestamp(struct request_sock *req, u64 now);
609bool cookie_timestamp_decode(const struct net *net,
610 struct tcp_options_received *opt);
611
612static inline bool cookie_ecn_ok(const struct net *net, const struct dst_entry *dst)
613{
614 return READ_ONCE(net->ipv4.sysctl_tcp_ecn) ||
615 dst_feature(dst, RTAX_FEATURE_ECN);
616}
617
618#if IS_ENABLED(CONFIG_BPF)
619static inline bool cookie_bpf_ok(struct sk_buff *skb)
620{
621 return skb->sk;
622}
623
624struct request_sock *cookie_bpf_check(struct sock *sk, struct sk_buff *skb);
625#else
626static inline bool cookie_bpf_ok(struct sk_buff *skb)
627{
628 return false;
629}
630
631static inline struct request_sock *cookie_bpf_check(struct net *net, struct sock *sk,
632 struct sk_buff *skb)
633{
634 return NULL;
635}
636#endif
637
638/* From net/ipv6/syncookies.c */
639int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th);
640struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb);
641
642u32 __cookie_v6_init_sequence(const struct ipv6hdr *iph,
643 const struct tcphdr *th, u16 *mssp);
644__u32 cookie_v6_init_sequence(const struct sk_buff *skb, __u16 *mss);
645#endif
646/* tcp_output.c */
647
648void tcp_skb_entail(struct sock *sk, struct sk_buff *skb);
649void tcp_mark_push(struct tcp_sock *tp, struct sk_buff *skb);
650void __tcp_push_pending_frames(struct sock *sk, unsigned int cur_mss,
651 int nonagle);
652int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb, int segs);
653int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb, int segs);
654void tcp_retransmit_timer(struct sock *sk);
655void tcp_xmit_retransmit_queue(struct sock *);
656void tcp_simple_retransmit(struct sock *);
657void tcp_enter_recovery(struct sock *sk, bool ece_ack);
658int tcp_trim_head(struct sock *, struct sk_buff *, u32);
659enum tcp_queue {
660 TCP_FRAG_IN_WRITE_QUEUE,
661 TCP_FRAG_IN_RTX_QUEUE,
662};
663int tcp_fragment(struct sock *sk, enum tcp_queue tcp_queue,
664 struct sk_buff *skb, u32 len,
665 unsigned int mss_now, gfp_t gfp);
666
667void tcp_send_probe0(struct sock *);
668int tcp_write_wakeup(struct sock *, int mib);
669void tcp_send_fin(struct sock *sk);
670void tcp_send_active_reset(struct sock *sk, gfp_t priority);
671int tcp_send_synack(struct sock *);
672void tcp_push_one(struct sock *, unsigned int mss_now);
673void __tcp_send_ack(struct sock *sk, u32 rcv_nxt);
674void tcp_send_ack(struct sock *sk);
675void tcp_send_delayed_ack(struct sock *sk);
676void tcp_send_loss_probe(struct sock *sk);
677bool tcp_schedule_loss_probe(struct sock *sk, bool advancing_rto);
678void tcp_skb_collapse_tstamp(struct sk_buff *skb,
679 const struct sk_buff *next_skb);
680
681/* tcp_input.c */
682void tcp_rearm_rto(struct sock *sk);
683void tcp_synack_rtt_meas(struct sock *sk, struct request_sock *req);
684void tcp_reset(struct sock *sk, struct sk_buff *skb);
685void tcp_fin(struct sock *sk);
686void tcp_check_space(struct sock *sk);
687void tcp_sack_compress_send_ack(struct sock *sk);
688
689/* tcp_timer.c */
690void tcp_init_xmit_timers(struct sock *);
691static inline void tcp_clear_xmit_timers(struct sock *sk)
692{
693 if (hrtimer_try_to_cancel(timer: &tcp_sk(sk)->pacing_timer) == 1)
694 __sock_put(sk);
695
696 if (hrtimer_try_to_cancel(timer: &tcp_sk(sk)->compressed_ack_timer) == 1)
697 __sock_put(sk);
698
699 inet_csk_clear_xmit_timers(sk);
700}
701
702unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu);
703unsigned int tcp_current_mss(struct sock *sk);
704u32 tcp_clamp_probe0_to_user_timeout(const struct sock *sk, u32 when);
705
706/* Bound MSS / TSO packet size with the half of the window */
707static inline int tcp_bound_to_half_wnd(struct tcp_sock *tp, int pktsize)
708{
709 int cutoff;
710
711 /* When peer uses tiny windows, there is no use in packetizing
712 * to sub-MSS pieces for the sake of SWS or making sure there
713 * are enough packets in the pipe for fast recovery.
714 *
715 * On the other hand, for extremely large MSS devices, handling
716 * smaller than MSS windows in this way does make sense.
717 */
718 if (tp->max_window > TCP_MSS_DEFAULT)
719 cutoff = (tp->max_window >> 1);
720 else
721 cutoff = tp->max_window;
722
723 if (cutoff && pktsize > cutoff)
724 return max_t(int, cutoff, 68U - tp->tcp_header_len);
725 else
726 return pktsize;
727}
728
729/* tcp.c */
730void tcp_get_info(struct sock *, struct tcp_info *);
731
732/* Read 'sendfile()'-style from a TCP socket */
733int tcp_read_sock(struct sock *sk, read_descriptor_t *desc,
734 sk_read_actor_t recv_actor);
735int tcp_read_skb(struct sock *sk, skb_read_actor_t recv_actor);
736struct sk_buff *tcp_recv_skb(struct sock *sk, u32 seq, u32 *off);
737void tcp_read_done(struct sock *sk, size_t len);
738
739void tcp_initialize_rcv_mss(struct sock *sk);
740
741int tcp_mtu_to_mss(struct sock *sk, int pmtu);
742int tcp_mss_to_mtu(struct sock *sk, int mss);
743void tcp_mtup_init(struct sock *sk);
744
745static inline void tcp_bound_rto(const struct sock *sk)
746{
747 if (inet_csk(sk)->icsk_rto > TCP_RTO_MAX)
748 inet_csk(sk)->icsk_rto = TCP_RTO_MAX;
749}
750
751static inline u32 __tcp_set_rto(const struct tcp_sock *tp)
752{
753 return usecs_to_jiffies(u: (tp->srtt_us >> 3) + tp->rttvar_us);
754}
755
756static inline void __tcp_fast_path_on(struct tcp_sock *tp, u32 snd_wnd)
757{
758 /* mptcp hooks are only on the slow path */
759 if (sk_is_mptcp(sk: (struct sock *)tp))
760 return;
761
762 tp->pred_flags = htonl((tp->tcp_header_len << 26) |
763 ntohl(TCP_FLAG_ACK) |
764 snd_wnd);
765}
766
767static inline void tcp_fast_path_on(struct tcp_sock *tp)
768{
769 __tcp_fast_path_on(tp, snd_wnd: tp->snd_wnd >> tp->rx_opt.snd_wscale);
770}
771
772static inline void tcp_fast_path_check(struct sock *sk)
773{
774 struct tcp_sock *tp = tcp_sk(sk);
775
776 if (RB_EMPTY_ROOT(&tp->out_of_order_queue) &&
777 tp->rcv_wnd &&
778 atomic_read(v: &sk->sk_rmem_alloc) < sk->sk_rcvbuf &&
779 !tp->urg_data)
780 tcp_fast_path_on(tp);
781}
782
783u32 tcp_delack_max(const struct sock *sk);
784
785/* Compute the actual rto_min value */
786static inline u32 tcp_rto_min(const struct sock *sk)
787{
788 const struct dst_entry *dst = __sk_dst_get(sk);
789 u32 rto_min = inet_csk(sk)->icsk_rto_min;
790
791 if (dst && dst_metric_locked(dst, RTAX_RTO_MIN))
792 rto_min = dst_metric_rtt(dst, RTAX_RTO_MIN);
793 return rto_min;
794}
795
796static inline u32 tcp_rto_min_us(const struct sock *sk)
797{
798 return jiffies_to_usecs(j: tcp_rto_min(sk));
799}
800
801static inline bool tcp_ca_dst_locked(const struct dst_entry *dst)
802{
803 return dst_metric_locked(dst, RTAX_CC_ALGO);
804}
805
806/* Minimum RTT in usec. ~0 means not available. */
807static inline u32 tcp_min_rtt(const struct tcp_sock *tp)
808{
809 return minmax_get(m: &tp->rtt_min);
810}
811
812/* Compute the actual receive window we are currently advertising.
813 * Rcv_nxt can be after the window if our peer push more data
814 * than the offered window.
815 */
816static inline u32 tcp_receive_window(const struct tcp_sock *tp)
817{
818 s32 win = tp->rcv_wup + tp->rcv_wnd - tp->rcv_nxt;
819
820 if (win < 0)
821 win = 0;
822 return (u32) win;
823}
824
825/* Choose a new window, without checks for shrinking, and without
826 * scaling applied to the result. The caller does these things
827 * if necessary. This is a "raw" window selection.
828 */
829u32 __tcp_select_window(struct sock *sk);
830
831void tcp_send_window_probe(struct sock *sk);
832
833/* TCP uses 32bit jiffies to save some space.
834 * Note that this is different from tcp_time_stamp, which
835 * historically has been the same until linux-4.13.
836 */
837#define tcp_jiffies32 ((u32)jiffies)
838
839/*
840 * Deliver a 32bit value for TCP timestamp option (RFC 7323)
841 * It is no longer tied to jiffies, but to 1 ms clock.
842 * Note: double check if you want to use tcp_jiffies32 instead of this.
843 */
844#define TCP_TS_HZ 1000
845
846static inline u64 tcp_clock_ns(void)
847{
848 return ktime_get_ns();
849}
850
851static inline u64 tcp_clock_us(void)
852{
853 return div_u64(dividend: tcp_clock_ns(), NSEC_PER_USEC);
854}
855
856static inline u64 tcp_clock_ms(void)
857{
858 return div_u64(dividend: tcp_clock_ns(), NSEC_PER_MSEC);
859}
860
861/* TCP Timestamp included in TS option (RFC 1323) can either use ms
862 * or usec resolution. Each socket carries a flag to select one or other
863 * resolution, as the route attribute could change anytime.
864 * Each flow must stick to initial resolution.
865 */
866static inline u32 tcp_clock_ts(bool usec_ts)
867{
868 return usec_ts ? tcp_clock_us() : tcp_clock_ms();
869}
870
871static inline u32 tcp_time_stamp_ms(const struct tcp_sock *tp)
872{
873 return div_u64(dividend: tp->tcp_mstamp, USEC_PER_MSEC);
874}
875
876static inline u32 tcp_time_stamp_ts(const struct tcp_sock *tp)
877{
878 if (tp->tcp_usec_ts)
879 return tp->tcp_mstamp;
880 return tcp_time_stamp_ms(tp);
881}
882
883void tcp_mstamp_refresh(struct tcp_sock *tp);
884
885static inline u32 tcp_stamp_us_delta(u64 t1, u64 t0)
886{
887 return max_t(s64, t1 - t0, 0);
888}
889
890/* provide the departure time in us unit */
891static inline u64 tcp_skb_timestamp_us(const struct sk_buff *skb)
892{
893 return div_u64(dividend: skb->skb_mstamp_ns, NSEC_PER_USEC);
894}
895
896/* Provide skb TSval in usec or ms unit */
897static inline u32 tcp_skb_timestamp_ts(bool usec_ts, const struct sk_buff *skb)
898{
899 if (usec_ts)
900 return tcp_skb_timestamp_us(skb);
901
902 return div_u64(dividend: skb->skb_mstamp_ns, NSEC_PER_MSEC);
903}
904
905static inline u32 tcp_tw_tsval(const struct tcp_timewait_sock *tcptw)
906{
907 return tcp_clock_ts(usec_ts: tcptw->tw_sk.tw_usec_ts) + tcptw->tw_ts_offset;
908}
909
910static inline u32 tcp_rsk_tsval(const struct tcp_request_sock *treq)
911{
912 return tcp_clock_ts(usec_ts: treq->req_usec_ts) + treq->ts_off;
913}
914
915#define tcp_flag_byte(th) (((u_int8_t *)th)[13])
916
917#define TCPHDR_FIN 0x01
918#define TCPHDR_SYN 0x02
919#define TCPHDR_RST 0x04
920#define TCPHDR_PSH 0x08
921#define TCPHDR_ACK 0x10
922#define TCPHDR_URG 0x20
923#define TCPHDR_ECE 0x40
924#define TCPHDR_CWR 0x80
925
926#define TCPHDR_SYN_ECN (TCPHDR_SYN | TCPHDR_ECE | TCPHDR_CWR)
927
928/* This is what the send packet queuing engine uses to pass
929 * TCP per-packet control information to the transmission code.
930 * We also store the host-order sequence numbers in here too.
931 * This is 44 bytes if IPV6 is enabled.
932 * If this grows please adjust skbuff.h:skbuff->cb[xxx] size appropriately.
933 */
934struct tcp_skb_cb {
935 __u32 seq; /* Starting sequence number */
936 __u32 end_seq; /* SEQ + FIN + SYN + datalen */
937 union {
938 /* Note : tcp_tw_isn is used in input path only
939 * (isn chosen by tcp_timewait_state_process())
940 *
941 * tcp_gso_segs/size are used in write queue only,
942 * cf tcp_skb_pcount()/tcp_skb_mss()
943 */
944 __u32 tcp_tw_isn;
945 struct {
946 u16 tcp_gso_segs;
947 u16 tcp_gso_size;
948 };
949 };
950 __u8 tcp_flags; /* TCP header flags. (tcp[13]) */
951
952 __u8 sacked; /* State flags for SACK. */
953#define TCPCB_SACKED_ACKED 0x01 /* SKB ACK'd by a SACK block */
954#define TCPCB_SACKED_RETRANS 0x02 /* SKB retransmitted */
955#define TCPCB_LOST 0x04 /* SKB is lost */
956#define TCPCB_TAGBITS 0x07 /* All tag bits */
957#define TCPCB_REPAIRED 0x10 /* SKB repaired (no skb_mstamp_ns) */
958#define TCPCB_EVER_RETRANS 0x80 /* Ever retransmitted frame */
959#define TCPCB_RETRANS (TCPCB_SACKED_RETRANS|TCPCB_EVER_RETRANS| \
960 TCPCB_REPAIRED)
961
962 __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */
963 __u8 txstamp_ack:1, /* Record TX timestamp for ack? */
964 eor:1, /* Is skb MSG_EOR marked? */
965 has_rxtstamp:1, /* SKB has a RX timestamp */
966 unused:5;
967 __u32 ack_seq; /* Sequence number ACK'd */
968 union {
969 struct {
970#define TCPCB_DELIVERED_CE_MASK ((1U<<20) - 1)
971 /* There is space for up to 24 bytes */
972 __u32 is_app_limited:1, /* cwnd not fully used? */
973 delivered_ce:20,
974 unused:11;
975 /* pkts S/ACKed so far upon tx of skb, incl retrans: */
976 __u32 delivered;
977 /* start of send pipeline phase */
978 u64 first_tx_mstamp;
979 /* when we reached the "delivered" count */
980 u64 delivered_mstamp;
981 } tx; /* only used for outgoing skbs */
982 union {
983 struct inet_skb_parm h4;
984#if IS_ENABLED(CONFIG_IPV6)
985 struct inet6_skb_parm h6;
986#endif
987 } header; /* For incoming skbs */
988 };
989};
990
991#define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0]))
992
993extern const struct inet_connection_sock_af_ops ipv4_specific;
994
995#if IS_ENABLED(CONFIG_IPV6)
996/* This is the variant of inet6_iif() that must be used by TCP,
997 * as TCP moves IP6CB into a different location in skb->cb[]
998 */
999static inline int tcp_v6_iif(const struct sk_buff *skb)
1000{
1001 return TCP_SKB_CB(skb)->header.h6.iif;
1002}
1003
1004static inline int tcp_v6_iif_l3_slave(const struct sk_buff *skb)
1005{
1006 bool l3_slave = ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags);
1007
1008 return l3_slave ? skb->skb_iif : TCP_SKB_CB(skb)->header.h6.iif;
1009}
1010
1011/* TCP_SKB_CB reference means this can not be used from early demux */
1012static inline int tcp_v6_sdif(const struct sk_buff *skb)
1013{
1014#if IS_ENABLED(CONFIG_NET_L3_MASTER_DEV)
1015 if (skb && ipv6_l3mdev_skb(TCP_SKB_CB(skb)->header.h6.flags))
1016 return TCP_SKB_CB(skb)->header.h6.iif;
1017#endif
1018 return 0;
1019}
1020
1021extern const struct inet_connection_sock_af_ops ipv6_specific;
1022
1023INDIRECT_CALLABLE_DECLARE(void tcp_v6_send_check(struct sock *sk, struct sk_buff *skb));
1024INDIRECT_CALLABLE_DECLARE(int tcp_v6_rcv(struct sk_buff *skb));
1025void tcp_v6_early_demux(struct sk_buff *skb);
1026
1027#endif
1028
1029/* TCP_SKB_CB reference means this can not be used from early demux */
1030static inline int tcp_v4_sdif(struct sk_buff *skb)
1031{
1032#if IS_ENABLED(CONFIG_NET_L3_MASTER_DEV)
1033 if (skb && ipv4_l3mdev_skb(TCP_SKB_CB(skb)->header.h4.flags))
1034 return TCP_SKB_CB(skb)->header.h4.iif;
1035#endif
1036 return 0;
1037}
1038
1039/* Due to TSO, an SKB can be composed of multiple actual
1040 * packets. To keep these tracked properly, we use this.
1041 */
1042static inline int tcp_skb_pcount(const struct sk_buff *skb)
1043{
1044 return TCP_SKB_CB(skb)->tcp_gso_segs;
1045}
1046
1047static inline void tcp_skb_pcount_set(struct sk_buff *skb, int segs)
1048{
1049 TCP_SKB_CB(skb)->tcp_gso_segs = segs;
1050}
1051
1052static inline void tcp_skb_pcount_add(struct sk_buff *skb, int segs)
1053{
1054 TCP_SKB_CB(skb)->tcp_gso_segs += segs;
1055}
1056
1057/* This is valid iff skb is in write queue and tcp_skb_pcount() > 1. */
1058static inline int tcp_skb_mss(const struct sk_buff *skb)
1059{
1060 return TCP_SKB_CB(skb)->tcp_gso_size;
1061}
1062
1063static inline bool tcp_skb_can_collapse_to(const struct sk_buff *skb)
1064{
1065 return likely(!TCP_SKB_CB(skb)->eor);
1066}
1067
1068static inline bool tcp_skb_can_collapse(const struct sk_buff *to,
1069 const struct sk_buff *from)
1070{
1071 return likely(tcp_skb_can_collapse_to(to) &&
1072 mptcp_skb_can_collapse(to, from) &&
1073 skb_pure_zcopy_same(to, from));
1074}
1075
1076/* Events passed to congestion control interface */
1077enum tcp_ca_event {
1078 CA_EVENT_TX_START, /* first transmit when no packets in flight */
1079 CA_EVENT_CWND_RESTART, /* congestion window restart */
1080 CA_EVENT_COMPLETE_CWR, /* end of congestion recovery */
1081 CA_EVENT_LOSS, /* loss timeout */
1082 CA_EVENT_ECN_NO_CE, /* ECT set, but not CE marked */
1083 CA_EVENT_ECN_IS_CE, /* received CE marked IP packet */
1084};
1085
1086/* Information about inbound ACK, passed to cong_ops->in_ack_event() */
1087enum tcp_ca_ack_event_flags {
1088 CA_ACK_SLOWPATH = (1 << 0), /* In slow path processing */
1089 CA_ACK_WIN_UPDATE = (1 << 1), /* ACK updated window */
1090 CA_ACK_ECE = (1 << 2), /* ECE bit is set on ack */
1091};
1092
1093/*
1094 * Interface for adding new TCP congestion control handlers
1095 */
1096#define TCP_CA_NAME_MAX 16
1097#define TCP_CA_MAX 128
1098#define TCP_CA_BUF_MAX (TCP_CA_NAME_MAX*TCP_CA_MAX)
1099
1100#define TCP_CA_UNSPEC 0
1101
1102/* Algorithm can be set on socket without CAP_NET_ADMIN privileges */
1103#define TCP_CONG_NON_RESTRICTED 0x1
1104/* Requires ECN/ECT set on all packets */
1105#define TCP_CONG_NEEDS_ECN 0x2
1106#define TCP_CONG_MASK (TCP_CONG_NON_RESTRICTED | TCP_CONG_NEEDS_ECN)
1107
1108union tcp_cc_info;
1109
1110struct ack_sample {
1111 u32 pkts_acked;
1112 s32 rtt_us;
1113 u32 in_flight;
1114};
1115
1116/* A rate sample measures the number of (original/retransmitted) data
1117 * packets delivered "delivered" over an interval of time "interval_us".
1118 * The tcp_rate.c code fills in the rate sample, and congestion
1119 * control modules that define a cong_control function to run at the end
1120 * of ACK processing can optionally chose to consult this sample when
1121 * setting cwnd and pacing rate.
1122 * A sample is invalid if "delivered" or "interval_us" is negative.
1123 */
1124struct rate_sample {
1125 u64 prior_mstamp; /* starting timestamp for interval */
1126 u32 prior_delivered; /* tp->delivered at "prior_mstamp" */
1127 u32 prior_delivered_ce;/* tp->delivered_ce at "prior_mstamp" */
1128 s32 delivered; /* number of packets delivered over interval */
1129 s32 delivered_ce; /* number of packets delivered w/ CE marks*/
1130 long interval_us; /* time for tp->delivered to incr "delivered" */
1131 u32 snd_interval_us; /* snd interval for delivered packets */
1132 u32 rcv_interval_us; /* rcv interval for delivered packets */
1133 long rtt_us; /* RTT of last (S)ACKed packet (or -1) */
1134 int losses; /* number of packets marked lost upon ACK */
1135 u32 acked_sacked; /* number of packets newly (S)ACKed upon ACK */
1136 u32 prior_in_flight; /* in flight before this ACK */
1137 u32 last_end_seq; /* end_seq of most recently ACKed packet */
1138 bool is_app_limited; /* is sample from packet with bubble in pipe? */
1139 bool is_retrans; /* is sample from retransmission? */
1140 bool is_ack_delayed; /* is this (likely) a delayed ACK? */
1141};
1142
1143struct tcp_congestion_ops {
1144/* fast path fields are put first to fill one cache line */
1145
1146 /* return slow start threshold (required) */
1147 u32 (*ssthresh)(struct sock *sk);
1148
1149 /* do new cwnd calculation (required) */
1150 void (*cong_avoid)(struct sock *sk, u32 ack, u32 acked);
1151
1152 /* call before changing ca_state (optional) */
1153 void (*set_state)(struct sock *sk, u8 new_state);
1154
1155 /* call when cwnd event occurs (optional) */
1156 void (*cwnd_event)(struct sock *sk, enum tcp_ca_event ev);
1157
1158 /* call when ack arrives (optional) */
1159 void (*in_ack_event)(struct sock *sk, u32 flags);
1160
1161 /* hook for packet ack accounting (optional) */
1162 void (*pkts_acked)(struct sock *sk, const struct ack_sample *sample);
1163
1164 /* override sysctl_tcp_min_tso_segs */
1165 u32 (*min_tso_segs)(struct sock *sk);
1166
1167 /* call when packets are delivered to update cwnd and pacing rate,
1168 * after all the ca_state processing. (optional)
1169 */
1170 void (*cong_control)(struct sock *sk, const struct rate_sample *rs);
1171
1172
1173 /* new value of cwnd after loss (required) */
1174 u32 (*undo_cwnd)(struct sock *sk);
1175 /* returns the multiplier used in tcp_sndbuf_expand (optional) */
1176 u32 (*sndbuf_expand)(struct sock *sk);
1177
1178/* control/slow paths put last */
1179 /* get info for inet_diag (optional) */
1180 size_t (*get_info)(struct sock *sk, u32 ext, int *attr,
1181 union tcp_cc_info *info);
1182
1183 char name[TCP_CA_NAME_MAX];
1184 struct module *owner;
1185 struct list_head list;
1186 u32 key;
1187 u32 flags;
1188
1189 /* initialize private data (optional) */
1190 void (*init)(struct sock *sk);
1191 /* cleanup private data (optional) */
1192 void (*release)(struct sock *sk);
1193} ____cacheline_aligned_in_smp;
1194
1195int tcp_register_congestion_control(struct tcp_congestion_ops *type);
1196void tcp_unregister_congestion_control(struct tcp_congestion_ops *type);
1197int tcp_update_congestion_control(struct tcp_congestion_ops *type,
1198 struct tcp_congestion_ops *old_type);
1199int tcp_validate_congestion_control(struct tcp_congestion_ops *ca);
1200
1201void tcp_assign_congestion_control(struct sock *sk);
1202void tcp_init_congestion_control(struct sock *sk);
1203void tcp_cleanup_congestion_control(struct sock *sk);
1204int tcp_set_default_congestion_control(struct net *net, const char *name);
1205void tcp_get_default_congestion_control(struct net *net, char *name);
1206void tcp_get_available_congestion_control(char *buf, size_t len);
1207void tcp_get_allowed_congestion_control(char *buf, size_t len);
1208int tcp_set_allowed_congestion_control(char *allowed);
1209int tcp_set_congestion_control(struct sock *sk, const char *name, bool load,
1210 bool cap_net_admin);
1211u32 tcp_slow_start(struct tcp_sock *tp, u32 acked);
1212void tcp_cong_avoid_ai(struct tcp_sock *tp, u32 w, u32 acked);
1213
1214u32 tcp_reno_ssthresh(struct sock *sk);
1215u32 tcp_reno_undo_cwnd(struct sock *sk);
1216void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 acked);
1217extern struct tcp_congestion_ops tcp_reno;
1218
1219struct tcp_congestion_ops *tcp_ca_find(const char *name);
1220struct tcp_congestion_ops *tcp_ca_find_key(u32 key);
1221u32 tcp_ca_get_key_by_name(struct net *net, const char *name, bool *ecn_ca);
1222#ifdef CONFIG_INET
1223char *tcp_ca_get_name_by_key(u32 key, char *buffer);
1224#else
1225static inline char *tcp_ca_get_name_by_key(u32 key, char *buffer)
1226{
1227 return NULL;
1228}
1229#endif
1230
1231static inline bool tcp_ca_needs_ecn(const struct sock *sk)
1232{
1233 const struct inet_connection_sock *icsk = inet_csk(sk);
1234
1235 return icsk->icsk_ca_ops->flags & TCP_CONG_NEEDS_ECN;
1236}
1237
1238static inline void tcp_ca_event(struct sock *sk, const enum tcp_ca_event event)
1239{
1240 const struct inet_connection_sock *icsk = inet_csk(sk);
1241
1242 if (icsk->icsk_ca_ops->cwnd_event)
1243 icsk->icsk_ca_ops->cwnd_event(sk, event);
1244}
1245
1246/* From tcp_cong.c */
1247void tcp_set_ca_state(struct sock *sk, const u8 ca_state);
1248
1249/* From tcp_rate.c */
1250void tcp_rate_skb_sent(struct sock *sk, struct sk_buff *skb);
1251void tcp_rate_skb_delivered(struct sock *sk, struct sk_buff *skb,
1252 struct rate_sample *rs);
1253void tcp_rate_gen(struct sock *sk, u32 delivered, u32 lost,
1254 bool is_sack_reneg, struct rate_sample *rs);
1255void tcp_rate_check_app_limited(struct sock *sk);
1256
1257static inline bool tcp_skb_sent_after(u64 t1, u64 t2, u32 seq1, u32 seq2)
1258{
1259 return t1 > t2 || (t1 == t2 && after(seq1, seq2));
1260}
1261
1262/* These functions determine how the current flow behaves in respect of SACK
1263 * handling. SACK is negotiated with the peer, and therefore it can vary
1264 * between different flows.
1265 *
1266 * tcp_is_sack - SACK enabled
1267 * tcp_is_reno - No SACK
1268 */
1269static inline int tcp_is_sack(const struct tcp_sock *tp)
1270{
1271 return likely(tp->rx_opt.sack_ok);
1272}
1273
1274static inline bool tcp_is_reno(const struct tcp_sock *tp)
1275{
1276 return !tcp_is_sack(tp);
1277}
1278
1279static inline unsigned int tcp_left_out(const struct tcp_sock *tp)
1280{
1281 return tp->sacked_out + tp->lost_out;
1282}
1283
1284/* This determines how many packets are "in the network" to the best
1285 * of our knowledge. In many cases it is conservative, but where
1286 * detailed information is available from the receiver (via SACK
1287 * blocks etc.) we can make more aggressive calculations.
1288 *
1289 * Use this for decisions involving congestion control, use just
1290 * tp->packets_out to determine if the send queue is empty or not.
1291 *
1292 * Read this equation as:
1293 *
1294 * "Packets sent once on transmission queue" MINUS
1295 * "Packets left network, but not honestly ACKed yet" PLUS
1296 * "Packets fast retransmitted"
1297 */
1298static inline unsigned int tcp_packets_in_flight(const struct tcp_sock *tp)
1299{
1300 return tp->packets_out - tcp_left_out(tp) + tp->retrans_out;
1301}
1302
1303#define TCP_INFINITE_SSTHRESH 0x7fffffff
1304
1305static inline u32 tcp_snd_cwnd(const struct tcp_sock *tp)
1306{
1307 return tp->snd_cwnd;
1308}
1309
1310static inline void tcp_snd_cwnd_set(struct tcp_sock *tp, u32 val)
1311{
1312 WARN_ON_ONCE((int)val <= 0);
1313 tp->snd_cwnd = val;
1314}
1315
1316static inline bool tcp_in_slow_start(const struct tcp_sock *tp)
1317{
1318 return tcp_snd_cwnd(tp) < tp->snd_ssthresh;
1319}
1320
1321static inline bool tcp_in_initial_slowstart(const struct tcp_sock *tp)
1322{
1323 return tp->snd_ssthresh >= TCP_INFINITE_SSTHRESH;
1324}
1325
1326static inline bool tcp_in_cwnd_reduction(const struct sock *sk)
1327{
1328 return (TCPF_CA_CWR | TCPF_CA_Recovery) &
1329 (1 << inet_csk(sk)->icsk_ca_state);
1330}
1331
1332/* If cwnd > ssthresh, we may raise ssthresh to be half-way to cwnd.
1333 * The exception is cwnd reduction phase, when cwnd is decreasing towards
1334 * ssthresh.
1335 */
1336static inline __u32 tcp_current_ssthresh(const struct sock *sk)
1337{
1338 const struct tcp_sock *tp = tcp_sk(sk);
1339
1340 if (tcp_in_cwnd_reduction(sk))
1341 return tp->snd_ssthresh;
1342 else
1343 return max(tp->snd_ssthresh,
1344 ((tcp_snd_cwnd(tp) >> 1) +
1345 (tcp_snd_cwnd(tp) >> 2)));
1346}
1347
1348/* Use define here intentionally to get WARN_ON location shown at the caller */
1349#define tcp_verify_left_out(tp) WARN_ON(tcp_left_out(tp) > tp->packets_out)
1350
1351void tcp_enter_cwr(struct sock *sk);
1352__u32 tcp_init_cwnd(const struct tcp_sock *tp, const struct dst_entry *dst);
1353
1354/* The maximum number of MSS of available cwnd for which TSO defers
1355 * sending if not using sysctl_tcp_tso_win_divisor.
1356 */
1357static inline __u32 tcp_max_tso_deferred_mss(const struct tcp_sock *tp)
1358{
1359 return 3;
1360}
1361
1362/* Returns end sequence number of the receiver's advertised window */
1363static inline u32 tcp_wnd_end(const struct tcp_sock *tp)
1364{
1365 return tp->snd_una + tp->snd_wnd;
1366}
1367
1368/* We follow the spirit of RFC2861 to validate cwnd but implement a more
1369 * flexible approach. The RFC suggests cwnd should not be raised unless
1370 * it was fully used previously. And that's exactly what we do in
1371 * congestion avoidance mode. But in slow start we allow cwnd to grow
1372 * as long as the application has used half the cwnd.
1373 * Example :
1374 * cwnd is 10 (IW10), but application sends 9 frames.
1375 * We allow cwnd to reach 18 when all frames are ACKed.
1376 * This check is safe because it's as aggressive as slow start which already
1377 * risks 100% overshoot. The advantage is that we discourage application to
1378 * either send more filler packets or data to artificially blow up the cwnd
1379 * usage, and allow application-limited process to probe bw more aggressively.
1380 */
1381static inline bool tcp_is_cwnd_limited(const struct sock *sk)
1382{
1383 const struct tcp_sock *tp = tcp_sk(sk);
1384
1385 if (tp->is_cwnd_limited)
1386 return true;
1387
1388 /* If in slow start, ensure cwnd grows to twice what was ACKed. */
1389 if (tcp_in_slow_start(tp))
1390 return tcp_snd_cwnd(tp) < 2 * tp->max_packets_out;
1391
1392 return false;
1393}
1394
1395/* BBR congestion control needs pacing.
1396 * Same remark for SO_MAX_PACING_RATE.
1397 * sch_fq packet scheduler is efficiently handling pacing,
1398 * but is not always installed/used.
1399 * Return true if TCP stack should pace packets itself.
1400 */
1401static inline bool tcp_needs_internal_pacing(const struct sock *sk)
1402{
1403 return smp_load_acquire(&sk->sk_pacing_status) == SK_PACING_NEEDED;
1404}
1405
1406/* Estimates in how many jiffies next packet for this flow can be sent.
1407 * Scheduling a retransmit timer too early would be silly.
1408 */
1409static inline unsigned long tcp_pacing_delay(const struct sock *sk)
1410{
1411 s64 delay = tcp_sk(sk)->tcp_wstamp_ns - tcp_sk(sk)->tcp_clock_cache;
1412
1413 return delay > 0 ? nsecs_to_jiffies(n: delay) : 0;
1414}
1415
1416static inline void tcp_reset_xmit_timer(struct sock *sk,
1417 const int what,
1418 unsigned long when,
1419 const unsigned long max_when)
1420{
1421 inet_csk_reset_xmit_timer(sk, what, when: when + tcp_pacing_delay(sk),
1422 max_when);
1423}
1424
1425/* Something is really bad, we could not queue an additional packet,
1426 * because qdisc is full or receiver sent a 0 window, or we are paced.
1427 * We do not want to add fuel to the fire, or abort too early,
1428 * so make sure the timer we arm now is at least 200ms in the future,
1429 * regardless of current icsk_rto value (as it could be ~2ms)
1430 */
1431static inline unsigned long tcp_probe0_base(const struct sock *sk)
1432{
1433 return max_t(unsigned long, inet_csk(sk)->icsk_rto, TCP_RTO_MIN);
1434}
1435
1436/* Variant of inet_csk_rto_backoff() used for zero window probes */
1437static inline unsigned long tcp_probe0_when(const struct sock *sk,
1438 unsigned long max_when)
1439{
1440 u8 backoff = min_t(u8, ilog2(TCP_RTO_MAX / TCP_RTO_MIN) + 1,
1441 inet_csk(sk)->icsk_backoff);
1442 u64 when = (u64)tcp_probe0_base(sk) << backoff;
1443
1444 return (unsigned long)min_t(u64, when, max_when);
1445}
1446
1447static inline void tcp_check_probe_timer(struct sock *sk)
1448{
1449 if (!tcp_sk(sk)->packets_out && !inet_csk(sk)->icsk_pending)
1450 tcp_reset_xmit_timer(sk, ICSK_TIME_PROBE0,
1451 when: tcp_probe0_base(sk), TCP_RTO_MAX);
1452}
1453
1454static inline void tcp_init_wl(struct tcp_sock *tp, u32 seq)
1455{
1456 tp->snd_wl1 = seq;
1457}
1458
1459static inline void tcp_update_wl(struct tcp_sock *tp, u32 seq)
1460{
1461 tp->snd_wl1 = seq;
1462}
1463
1464/*
1465 * Calculate(/check) TCP checksum
1466 */
1467static inline __sum16 tcp_v4_check(int len, __be32 saddr,
1468 __be32 daddr, __wsum base)
1469{
1470 return csum_tcpudp_magic(saddr, daddr, len, IPPROTO_TCP, sum: base);
1471}
1472
1473static inline bool tcp_checksum_complete(struct sk_buff *skb)
1474{
1475 return !skb_csum_unnecessary(skb) &&
1476 __skb_checksum_complete(skb);
1477}
1478
1479bool tcp_add_backlog(struct sock *sk, struct sk_buff *skb,
1480 enum skb_drop_reason *reason);
1481
1482
1483int tcp_filter(struct sock *sk, struct sk_buff *skb);
1484void tcp_set_state(struct sock *sk, int state);
1485void tcp_done(struct sock *sk);
1486int tcp_abort(struct sock *sk, int err);
1487
1488static inline void tcp_sack_reset(struct tcp_options_received *rx_opt)
1489{
1490 rx_opt->dsack = 0;
1491 rx_opt->num_sacks = 0;
1492}
1493
1494void tcp_cwnd_restart(struct sock *sk, s32 delta);
1495
1496static inline void tcp_slow_start_after_idle_check(struct sock *sk)
1497{
1498 const struct tcp_congestion_ops *ca_ops = inet_csk(sk)->icsk_ca_ops;
1499 struct tcp_sock *tp = tcp_sk(sk);
1500 s32 delta;
1501
1502 if (!READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_slow_start_after_idle) ||
1503 tp->packets_out || ca_ops->cong_control)
1504 return;
1505 delta = tcp_jiffies32 - tp->lsndtime;
1506 if (delta > inet_csk(sk)->icsk_rto)
1507 tcp_cwnd_restart(sk, delta);
1508}
1509
1510/* Determine a window scaling and initial window to offer. */
1511void tcp_select_initial_window(const struct sock *sk, int __space,
1512 __u32 mss, __u32 *rcv_wnd,
1513 __u32 *window_clamp, int wscale_ok,
1514 __u8 *rcv_wscale, __u32 init_rcv_wnd);
1515
1516static inline int __tcp_win_from_space(u8 scaling_ratio, int space)
1517{
1518 s64 scaled_space = (s64)space * scaling_ratio;
1519
1520 return scaled_space >> TCP_RMEM_TO_WIN_SCALE;
1521}
1522
1523static inline int tcp_win_from_space(const struct sock *sk, int space)
1524{
1525 return __tcp_win_from_space(tcp_sk(sk)->scaling_ratio, space);
1526}
1527
1528/* inverse of __tcp_win_from_space() */
1529static inline int __tcp_space_from_win(u8 scaling_ratio, int win)
1530{
1531 u64 val = (u64)win << TCP_RMEM_TO_WIN_SCALE;
1532
1533 do_div(val, scaling_ratio);
1534 return val;
1535}
1536
1537static inline int tcp_space_from_win(const struct sock *sk, int win)
1538{
1539 return __tcp_space_from_win(tcp_sk(sk)->scaling_ratio, win);
1540}
1541
1542/* Assume a conservative default of 1200 bytes of payload per 4K page.
1543 * This may be adjusted later in tcp_measure_rcv_mss().
1544 */
1545#define TCP_DEFAULT_SCALING_RATIO ((1200 << TCP_RMEM_TO_WIN_SCALE) / \
1546 SKB_TRUESIZE(4096))
1547
1548static inline void tcp_scaling_ratio_init(struct sock *sk)
1549{
1550 tcp_sk(sk)->scaling_ratio = TCP_DEFAULT_SCALING_RATIO;
1551}
1552
1553/* Note: caller must be prepared to deal with negative returns */
1554static inline int tcp_space(const struct sock *sk)
1555{
1556 return tcp_win_from_space(sk, READ_ONCE(sk->sk_rcvbuf) -
1557 READ_ONCE(sk->sk_backlog.len) -
1558 atomic_read(v: &sk->sk_rmem_alloc));
1559}
1560
1561static inline int tcp_full_space(const struct sock *sk)
1562{
1563 return tcp_win_from_space(sk, READ_ONCE(sk->sk_rcvbuf));
1564}
1565
1566static inline void __tcp_adjust_rcv_ssthresh(struct sock *sk, u32 new_ssthresh)
1567{
1568 int unused_mem = sk_unused_reserved_mem(sk);
1569 struct tcp_sock *tp = tcp_sk(sk);
1570
1571 tp->rcv_ssthresh = min(tp->rcv_ssthresh, new_ssthresh);
1572 if (unused_mem)
1573 tp->rcv_ssthresh = max_t(u32, tp->rcv_ssthresh,
1574 tcp_win_from_space(sk, unused_mem));
1575}
1576
1577static inline void tcp_adjust_rcv_ssthresh(struct sock *sk)
1578{
1579 __tcp_adjust_rcv_ssthresh(sk, new_ssthresh: 4U * tcp_sk(sk)->advmss);
1580}
1581
1582void tcp_cleanup_rbuf(struct sock *sk, int copied);
1583void __tcp_cleanup_rbuf(struct sock *sk, int copied);
1584
1585
1586/* We provision sk_rcvbuf around 200% of sk_rcvlowat.
1587 * If 87.5 % (7/8) of the space has been consumed, we want to override
1588 * SO_RCVLOWAT constraint, since we are receiving skbs with too small
1589 * len/truesize ratio.
1590 */
1591static inline bool tcp_rmem_pressure(const struct sock *sk)
1592{
1593 int rcvbuf, threshold;
1594
1595 if (tcp_under_memory_pressure(sk))
1596 return true;
1597
1598 rcvbuf = READ_ONCE(sk->sk_rcvbuf);
1599 threshold = rcvbuf - (rcvbuf >> 3);
1600
1601 return atomic_read(v: &sk->sk_rmem_alloc) > threshold;
1602}
1603
1604static inline bool tcp_epollin_ready(const struct sock *sk, int target)
1605{
1606 const struct tcp_sock *tp = tcp_sk(sk);
1607 int avail = READ_ONCE(tp->rcv_nxt) - READ_ONCE(tp->copied_seq);
1608
1609 if (avail <= 0)
1610 return false;
1611
1612 return (avail >= target) || tcp_rmem_pressure(sk) ||
1613 (tcp_receive_window(tp) <= inet_csk(sk)->icsk_ack.rcv_mss);
1614}
1615
1616extern void tcp_openreq_init_rwin(struct request_sock *req,
1617 const struct sock *sk_listener,
1618 const struct dst_entry *dst);
1619
1620void tcp_enter_memory_pressure(struct sock *sk);
1621void tcp_leave_memory_pressure(struct sock *sk);
1622
1623static inline int keepalive_intvl_when(const struct tcp_sock *tp)
1624{
1625 struct net *net = sock_net(sk: (struct sock *)tp);
1626 int val;
1627
1628 /* Paired with WRITE_ONCE() in tcp_sock_set_keepintvl()
1629 * and do_tcp_setsockopt().
1630 */
1631 val = READ_ONCE(tp->keepalive_intvl);
1632
1633 return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_intvl);
1634}
1635
1636static inline int keepalive_time_when(const struct tcp_sock *tp)
1637{
1638 struct net *net = sock_net(sk: (struct sock *)tp);
1639 int val;
1640
1641 /* Paired with WRITE_ONCE() in tcp_sock_set_keepidle_locked() */
1642 val = READ_ONCE(tp->keepalive_time);
1643
1644 return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_time);
1645}
1646
1647static inline int keepalive_probes(const struct tcp_sock *tp)
1648{
1649 struct net *net = sock_net(sk: (struct sock *)tp);
1650 int val;
1651
1652 /* Paired with WRITE_ONCE() in tcp_sock_set_keepcnt()
1653 * and do_tcp_setsockopt().
1654 */
1655 val = READ_ONCE(tp->keepalive_probes);
1656
1657 return val ? : READ_ONCE(net->ipv4.sysctl_tcp_keepalive_probes);
1658}
1659
1660static inline u32 keepalive_time_elapsed(const struct tcp_sock *tp)
1661{
1662 const struct inet_connection_sock *icsk = &tp->inet_conn;
1663
1664 return min_t(u32, tcp_jiffies32 - icsk->icsk_ack.lrcvtime,
1665 tcp_jiffies32 - tp->rcv_tstamp);
1666}
1667
1668static inline int tcp_fin_time(const struct sock *sk)
1669{
1670 int fin_timeout = tcp_sk(sk)->linger2 ? :
1671 READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fin_timeout);
1672 const int rto = inet_csk(sk)->icsk_rto;
1673
1674 if (fin_timeout < (rto << 2) - (rto >> 1))
1675 fin_timeout = (rto << 2) - (rto >> 1);
1676
1677 return fin_timeout;
1678}
1679
1680static inline bool tcp_paws_check(const struct tcp_options_received *rx_opt,
1681 int paws_win)
1682{
1683 if ((s32)(rx_opt->ts_recent - rx_opt->rcv_tsval) <= paws_win)
1684 return true;
1685 if (unlikely(!time_before32(ktime_get_seconds(),
1686 rx_opt->ts_recent_stamp + TCP_PAWS_WRAP)))
1687 return true;
1688 /*
1689 * Some OSes send SYN and SYNACK messages with tsval=0 tsecr=0,
1690 * then following tcp messages have valid values. Ignore 0 value,
1691 * or else 'negative' tsval might forbid us to accept their packets.
1692 */
1693 if (!rx_opt->ts_recent)
1694 return true;
1695 return false;
1696}
1697
1698static inline bool tcp_paws_reject(const struct tcp_options_received *rx_opt,
1699 int rst)
1700{
1701 if (tcp_paws_check(rx_opt, paws_win: 0))
1702 return false;
1703
1704 /* RST segments are not recommended to carry timestamp,
1705 and, if they do, it is recommended to ignore PAWS because
1706 "their cleanup function should take precedence over timestamps."
1707 Certainly, it is mistake. It is necessary to understand the reasons
1708 of this constraint to relax it: if peer reboots, clock may go
1709 out-of-sync and half-open connections will not be reset.
1710 Actually, the problem would be not existing if all
1711 the implementations followed draft about maintaining clock
1712 via reboots. Linux-2.2 DOES NOT!
1713
1714 However, we can relax time bounds for RST segments to MSL.
1715 */
1716 if (rst && !time_before32(ktime_get_seconds(),
1717 rx_opt->ts_recent_stamp + TCP_PAWS_MSL))
1718 return false;
1719 return true;
1720}
1721
1722bool tcp_oow_rate_limited(struct net *net, const struct sk_buff *skb,
1723 int mib_idx, u32 *last_oow_ack_time);
1724
1725static inline void tcp_mib_init(struct net *net)
1726{
1727 /* See RFC 2012 */
1728 TCP_ADD_STATS(net, TCP_MIB_RTOALGORITHM, 1);
1729 TCP_ADD_STATS(net, TCP_MIB_RTOMIN, TCP_RTO_MIN*1000/HZ);
1730 TCP_ADD_STATS(net, TCP_MIB_RTOMAX, TCP_RTO_MAX*1000/HZ);
1731 TCP_ADD_STATS(net, TCP_MIB_MAXCONN, -1);
1732}
1733
1734/* from STCP */
1735static inline void tcp_clear_retrans_hints_partial(struct tcp_sock *tp)
1736{
1737 tp->lost_skb_hint = NULL;
1738}
1739
1740static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp)
1741{
1742 tcp_clear_retrans_hints_partial(tp);
1743 tp->retransmit_skb_hint = NULL;
1744}
1745
1746#define tcp_md5_addr tcp_ao_addr
1747
1748/* - key database */
1749struct tcp_md5sig_key {
1750 struct hlist_node node;
1751 u8 keylen;
1752 u8 family; /* AF_INET or AF_INET6 */
1753 u8 prefixlen;
1754 u8 flags;
1755 union tcp_md5_addr addr;
1756 int l3index; /* set if key added with L3 scope */
1757 u8 key[TCP_MD5SIG_MAXKEYLEN];
1758 struct rcu_head rcu;
1759};
1760
1761/* - sock block */
1762struct tcp_md5sig_info {
1763 struct hlist_head head;
1764 struct rcu_head rcu;
1765};
1766
1767/* - pseudo header */
1768struct tcp4_pseudohdr {
1769 __be32 saddr;
1770 __be32 daddr;
1771 __u8 pad;
1772 __u8 protocol;
1773 __be16 len;
1774};
1775
1776struct tcp6_pseudohdr {
1777 struct in6_addr saddr;
1778 struct in6_addr daddr;
1779 __be32 len;
1780 __be32 protocol; /* including padding */
1781};
1782
1783union tcp_md5sum_block {
1784 struct tcp4_pseudohdr ip4;
1785#if IS_ENABLED(CONFIG_IPV6)
1786 struct tcp6_pseudohdr ip6;
1787#endif
1788};
1789
1790/*
1791 * struct tcp_sigpool - per-CPU pool of ahash_requests
1792 * @scratch: per-CPU temporary area, that can be used between
1793 * tcp_sigpool_start() and tcp_sigpool_end() to perform
1794 * crypto request
1795 * @req: pre-allocated ahash request
1796 */
1797struct tcp_sigpool {
1798 void *scratch;
1799 struct ahash_request *req;
1800};
1801
1802int tcp_sigpool_alloc_ahash(const char *alg, size_t scratch_size);
1803void tcp_sigpool_get(unsigned int id);
1804void tcp_sigpool_release(unsigned int id);
1805int tcp_sigpool_hash_skb_data(struct tcp_sigpool *hp,
1806 const struct sk_buff *skb,
1807 unsigned int header_len);
1808
1809/**
1810 * tcp_sigpool_start - disable bh and start using tcp_sigpool_ahash
1811 * @id: tcp_sigpool that was previously allocated by tcp_sigpool_alloc_ahash()
1812 * @c: returned tcp_sigpool for usage (uninitialized on failure)
1813 *
1814 * Returns 0 on success, error otherwise.
1815 */
1816int tcp_sigpool_start(unsigned int id, struct tcp_sigpool *c);
1817/**
1818 * tcp_sigpool_end - enable bh and stop using tcp_sigpool
1819 * @c: tcp_sigpool context that was returned by tcp_sigpool_start()
1820 */
1821void tcp_sigpool_end(struct tcp_sigpool *c);
1822size_t tcp_sigpool_algo(unsigned int id, char *buf, size_t buf_len);
1823/* - functions */
1824int tcp_v4_md5_hash_skb(char *md5_hash, const struct tcp_md5sig_key *key,
1825 const struct sock *sk, const struct sk_buff *skb);
1826int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr,
1827 int family, u8 prefixlen, int l3index, u8 flags,
1828 const u8 *newkey, u8 newkeylen);
1829int tcp_md5_key_copy(struct sock *sk, const union tcp_md5_addr *addr,
1830 int family, u8 prefixlen, int l3index,
1831 struct tcp_md5sig_key *key);
1832
1833int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr,
1834 int family, u8 prefixlen, int l3index, u8 flags);
1835void tcp_clear_md5_list(struct sock *sk);
1836struct tcp_md5sig_key *tcp_v4_md5_lookup(const struct sock *sk,
1837 const struct sock *addr_sk);
1838
1839#ifdef CONFIG_TCP_MD5SIG
1840struct tcp_md5sig_key *__tcp_md5_do_lookup(const struct sock *sk, int l3index,
1841 const union tcp_md5_addr *addr,
1842 int family, bool any_l3index);
1843static inline struct tcp_md5sig_key *
1844tcp_md5_do_lookup(const struct sock *sk, int l3index,
1845 const union tcp_md5_addr *addr, int family)
1846{
1847 if (!static_branch_unlikely(&tcp_md5_needed.key))
1848 return NULL;
1849 return __tcp_md5_do_lookup(sk, l3index, addr, family, any_l3index: false);
1850}
1851
1852static inline struct tcp_md5sig_key *
1853tcp_md5_do_lookup_any_l3index(const struct sock *sk,
1854 const union tcp_md5_addr *addr, int family)
1855{
1856 if (!static_branch_unlikely(&tcp_md5_needed.key))
1857 return NULL;
1858 return __tcp_md5_do_lookup(sk, l3index: 0, addr, family, any_l3index: true);
1859}
1860
1861enum skb_drop_reason
1862tcp_inbound_md5_hash(const struct sock *sk, const struct sk_buff *skb,
1863 const void *saddr, const void *daddr,
1864 int family, int l3index, const __u8 *hash_location);
1865
1866
1867#define tcp_twsk_md5_key(twsk) ((twsk)->tw_md5_key)
1868#else
1869static inline struct tcp_md5sig_key *
1870tcp_md5_do_lookup(const struct sock *sk, int l3index,
1871 const union tcp_md5_addr *addr, int family)
1872{
1873 return NULL;
1874}
1875
1876static inline struct tcp_md5sig_key *
1877tcp_md5_do_lookup_any_l3index(const struct sock *sk,
1878 const union tcp_md5_addr *addr, int family)
1879{
1880 return NULL;
1881}
1882
1883static inline enum skb_drop_reason
1884tcp_inbound_md5_hash(const struct sock *sk, const struct sk_buff *skb,
1885 const void *saddr, const void *daddr,
1886 int family, int l3index, const __u8 *hash_location)
1887{
1888 return SKB_NOT_DROPPED_YET;
1889}
1890#define tcp_twsk_md5_key(twsk) NULL
1891#endif
1892
1893int tcp_md5_alloc_sigpool(void);
1894void tcp_md5_release_sigpool(void);
1895void tcp_md5_add_sigpool(void);
1896extern int tcp_md5_sigpool_id;
1897
1898int tcp_md5_hash_key(struct tcp_sigpool *hp,
1899 const struct tcp_md5sig_key *key);
1900
1901/* From tcp_fastopen.c */
1902void tcp_fastopen_cache_get(struct sock *sk, u16 *mss,
1903 struct tcp_fastopen_cookie *cookie);
1904void tcp_fastopen_cache_set(struct sock *sk, u16 mss,
1905 struct tcp_fastopen_cookie *cookie, bool syn_lost,
1906 u16 try_exp);
1907struct tcp_fastopen_request {
1908 /* Fast Open cookie. Size 0 means a cookie request */
1909 struct tcp_fastopen_cookie cookie;
1910 struct msghdr *data; /* data in MSG_FASTOPEN */
1911 size_t size;
1912 int copied; /* queued in tcp_connect() */
1913 struct ubuf_info *uarg;
1914};
1915void tcp_free_fastopen_req(struct tcp_sock *tp);
1916void tcp_fastopen_destroy_cipher(struct sock *sk);
1917void tcp_fastopen_ctx_destroy(struct net *net);
1918int tcp_fastopen_reset_cipher(struct net *net, struct sock *sk,
1919 void *primary_key, void *backup_key);
1920int tcp_fastopen_get_cipher(struct net *net, struct inet_connection_sock *icsk,
1921 u64 *key);
1922void tcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb);
1923struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
1924 struct request_sock *req,
1925 struct tcp_fastopen_cookie *foc,
1926 const struct dst_entry *dst);
1927void tcp_fastopen_init_key_once(struct net *net);
1928bool tcp_fastopen_cookie_check(struct sock *sk, u16 *mss,
1929 struct tcp_fastopen_cookie *cookie);
1930bool tcp_fastopen_defer_connect(struct sock *sk, int *err);
1931#define TCP_FASTOPEN_KEY_LENGTH sizeof(siphash_key_t)
1932#define TCP_FASTOPEN_KEY_MAX 2
1933#define TCP_FASTOPEN_KEY_BUF_LENGTH \
1934 (TCP_FASTOPEN_KEY_LENGTH * TCP_FASTOPEN_KEY_MAX)
1935
1936/* Fastopen key context */
1937struct tcp_fastopen_context {
1938 siphash_key_t key[TCP_FASTOPEN_KEY_MAX];
1939 int num;
1940 struct rcu_head rcu;
1941};
1942
1943void tcp_fastopen_active_disable(struct sock *sk);
1944bool tcp_fastopen_active_should_disable(struct sock *sk);
1945void tcp_fastopen_active_disable_ofo_check(struct sock *sk);
1946void tcp_fastopen_active_detect_blackhole(struct sock *sk, bool expired);
1947
1948/* Caller needs to wrap with rcu_read_(un)lock() */
1949static inline
1950struct tcp_fastopen_context *tcp_fastopen_get_ctx(const struct sock *sk)
1951{
1952 struct tcp_fastopen_context *ctx;
1953
1954 ctx = rcu_dereference(inet_csk(sk)->icsk_accept_queue.fastopenq.ctx);
1955 if (!ctx)
1956 ctx = rcu_dereference(sock_net(sk)->ipv4.tcp_fastopen_ctx);
1957 return ctx;
1958}
1959
1960static inline
1961bool tcp_fastopen_cookie_match(const struct tcp_fastopen_cookie *foc,
1962 const struct tcp_fastopen_cookie *orig)
1963{
1964 if (orig->len == TCP_FASTOPEN_COOKIE_SIZE &&
1965 orig->len == foc->len &&
1966 !memcmp(p: orig->val, q: foc->val, size: foc->len))
1967 return true;
1968 return false;
1969}
1970
1971static inline
1972int tcp_fastopen_context_len(const struct tcp_fastopen_context *ctx)
1973{
1974 return ctx->num;
1975}
1976
1977/* Latencies incurred by various limits for a sender. They are
1978 * chronograph-like stats that are mutually exclusive.
1979 */
1980enum tcp_chrono {
1981 TCP_CHRONO_UNSPEC,
1982 TCP_CHRONO_BUSY, /* Actively sending data (non-empty write queue) */
1983 TCP_CHRONO_RWND_LIMITED, /* Stalled by insufficient receive window */
1984 TCP_CHRONO_SNDBUF_LIMITED, /* Stalled by insufficient send buffer */
1985 __TCP_CHRONO_MAX,
1986};
1987
1988void tcp_chrono_start(struct sock *sk, const enum tcp_chrono type);
1989void tcp_chrono_stop(struct sock *sk, const enum tcp_chrono type);
1990
1991/* This helper is needed, because skb->tcp_tsorted_anchor uses
1992 * the same memory storage than skb->destructor/_skb_refdst
1993 */
1994static inline void tcp_skb_tsorted_anchor_cleanup(struct sk_buff *skb)
1995{
1996 skb->destructor = NULL;
1997 skb->_skb_refdst = 0UL;
1998}
1999
2000#define tcp_skb_tsorted_save(skb) { \
2001 unsigned long _save = skb->_skb_refdst; \
2002 skb->_skb_refdst = 0UL;
2003
2004#define tcp_skb_tsorted_restore(skb) \
2005 skb->_skb_refdst = _save; \
2006}
2007
2008void tcp_write_queue_purge(struct sock *sk);
2009
2010static inline struct sk_buff *tcp_rtx_queue_head(const struct sock *sk)
2011{
2012 return skb_rb_first(&sk->tcp_rtx_queue);
2013}
2014
2015static inline struct sk_buff *tcp_rtx_queue_tail(const struct sock *sk)
2016{
2017 return skb_rb_last(&sk->tcp_rtx_queue);
2018}
2019
2020static inline struct sk_buff *tcp_write_queue_tail(const struct sock *sk)
2021{
2022 return skb_peek_tail(list_: &sk->sk_write_queue);
2023}
2024
2025#define tcp_for_write_queue_from_safe(skb, tmp, sk) \
2026 skb_queue_walk_from_safe(&(sk)->sk_write_queue, skb, tmp)
2027
2028static inline struct sk_buff *tcp_send_head(const struct sock *sk)
2029{
2030 return skb_peek(list_: &sk->sk_write_queue);
2031}
2032
2033static inline bool tcp_skb_is_last(const struct sock *sk,
2034 const struct sk_buff *skb)
2035{
2036 return skb_queue_is_last(list: &sk->sk_write_queue, skb);
2037}
2038
2039/**
2040 * tcp_write_queue_empty - test if any payload (or FIN) is available in write queue
2041 * @sk: socket
2042 *
2043 * Since the write queue can have a temporary empty skb in it,
2044 * we must not use "return skb_queue_empty(&sk->sk_write_queue)"
2045 */
2046static inline bool tcp_write_queue_empty(const struct sock *sk)
2047{
2048 const struct tcp_sock *tp = tcp_sk(sk);
2049
2050 return tp->write_seq == tp->snd_nxt;
2051}
2052
2053static inline bool tcp_rtx_queue_empty(const struct sock *sk)
2054{
2055 return RB_EMPTY_ROOT(&sk->tcp_rtx_queue);
2056}
2057
2058static inline bool tcp_rtx_and_write_queues_empty(const struct sock *sk)
2059{
2060 return tcp_rtx_queue_empty(sk) && tcp_write_queue_empty(sk);
2061}
2062
2063static inline void tcp_add_write_queue_tail(struct sock *sk, struct sk_buff *skb)
2064{
2065 __skb_queue_tail(list: &sk->sk_write_queue, newsk: skb);
2066
2067 /* Queue it, remembering where we must start sending. */
2068 if (sk->sk_write_queue.next == skb)
2069 tcp_chrono_start(sk, type: TCP_CHRONO_BUSY);
2070}
2071
2072/* Insert new before skb on the write queue of sk. */
2073static inline void tcp_insert_write_queue_before(struct sk_buff *new,
2074 struct sk_buff *skb,
2075 struct sock *sk)
2076{
2077 __skb_queue_before(list: &sk->sk_write_queue, next: skb, newsk: new);
2078}
2079
2080static inline void tcp_unlink_write_queue(struct sk_buff *skb, struct sock *sk)
2081{
2082 tcp_skb_tsorted_anchor_cleanup(skb);
2083 __skb_unlink(skb, list: &sk->sk_write_queue);
2084}
2085
2086void tcp_rbtree_insert(struct rb_root *root, struct sk_buff *skb);
2087
2088static inline void tcp_rtx_queue_unlink(struct sk_buff *skb, struct sock *sk)
2089{
2090 tcp_skb_tsorted_anchor_cleanup(skb);
2091 rb_erase(&skb->rbnode, &sk->tcp_rtx_queue);
2092}
2093
2094static inline void tcp_rtx_queue_unlink_and_free(struct sk_buff *skb, struct sock *sk)
2095{
2096 list_del(entry: &skb->tcp_tsorted_anchor);
2097 tcp_rtx_queue_unlink(skb, sk);
2098 tcp_wmem_free_skb(sk, skb);
2099}
2100
2101static inline void tcp_push_pending_frames(struct sock *sk)
2102{
2103 if (tcp_send_head(sk)) {
2104 struct tcp_sock *tp = tcp_sk(sk);
2105
2106 __tcp_push_pending_frames(sk, cur_mss: tcp_current_mss(sk), nonagle: tp->nonagle);
2107 }
2108}
2109
2110/* Start sequence of the skb just after the highest skb with SACKed
2111 * bit, valid only if sacked_out > 0 or when the caller has ensured
2112 * validity by itself.
2113 */
2114static inline u32 tcp_highest_sack_seq(struct tcp_sock *tp)
2115{
2116 if (!tp->sacked_out)
2117 return tp->snd_una;
2118
2119 if (tp->highest_sack == NULL)
2120 return tp->snd_nxt;
2121
2122 return TCP_SKB_CB(tp->highest_sack)->seq;
2123}
2124
2125static inline void tcp_advance_highest_sack(struct sock *sk, struct sk_buff *skb)
2126{
2127 tcp_sk(sk)->highest_sack = skb_rb_next(skb);
2128}
2129
2130static inline struct sk_buff *tcp_highest_sack(struct sock *sk)
2131{
2132 return tcp_sk(sk)->highest_sack;
2133}
2134
2135static inline void tcp_highest_sack_reset(struct sock *sk)
2136{
2137 tcp_sk(sk)->highest_sack = tcp_rtx_queue_head(sk);
2138}
2139
2140/* Called when old skb is about to be deleted and replaced by new skb */
2141static inline void tcp_highest_sack_replace(struct sock *sk,
2142 struct sk_buff *old,
2143 struct sk_buff *new)
2144{
2145 if (old == tcp_highest_sack(sk))
2146 tcp_sk(sk)->highest_sack = new;
2147}
2148
2149/* This helper checks if socket has IP_TRANSPARENT set */
2150static inline bool inet_sk_transparent(const struct sock *sk)
2151{
2152 switch (sk->sk_state) {
2153 case TCP_TIME_WAIT:
2154 return inet_twsk(sk)->tw_transparent;
2155 case TCP_NEW_SYN_RECV:
2156 return inet_rsk(sk: inet_reqsk(sk))->no_srccheck;
2157 }
2158 return inet_test_bit(TRANSPARENT, sk);
2159}
2160
2161/* Determines whether this is a thin stream (which may suffer from
2162 * increased latency). Used to trigger latency-reducing mechanisms.
2163 */
2164static inline bool tcp_stream_is_thin(struct tcp_sock *tp)
2165{
2166 return tp->packets_out < 4 && !tcp_in_initial_slowstart(tp);
2167}
2168
2169/* /proc */
2170enum tcp_seq_states {
2171 TCP_SEQ_STATE_LISTENING,
2172 TCP_SEQ_STATE_ESTABLISHED,
2173};
2174
2175void *tcp_seq_start(struct seq_file *seq, loff_t *pos);
2176void *tcp_seq_next(struct seq_file *seq, void *v, loff_t *pos);
2177void tcp_seq_stop(struct seq_file *seq, void *v);
2178
2179struct tcp_seq_afinfo {
2180 sa_family_t family;
2181};
2182
2183struct tcp_iter_state {
2184 struct seq_net_private p;
2185 enum tcp_seq_states state;
2186 struct sock *syn_wait_sk;
2187 int bucket, offset, sbucket, num;
2188 loff_t last_pos;
2189};
2190
2191extern struct request_sock_ops tcp_request_sock_ops;
2192extern struct request_sock_ops tcp6_request_sock_ops;
2193
2194void tcp_v4_destroy_sock(struct sock *sk);
2195
2196struct sk_buff *tcp_gso_segment(struct sk_buff *skb,
2197 netdev_features_t features);
2198struct sk_buff *tcp_gro_receive(struct list_head *head, struct sk_buff *skb);
2199INDIRECT_CALLABLE_DECLARE(int tcp4_gro_complete(struct sk_buff *skb, int thoff));
2200INDIRECT_CALLABLE_DECLARE(struct sk_buff *tcp4_gro_receive(struct list_head *head, struct sk_buff *skb));
2201INDIRECT_CALLABLE_DECLARE(int tcp6_gro_complete(struct sk_buff *skb, int thoff));
2202INDIRECT_CALLABLE_DECLARE(struct sk_buff *tcp6_gro_receive(struct list_head *head, struct sk_buff *skb));
2203#ifdef CONFIG_INET
2204void tcp_gro_complete(struct sk_buff *skb);
2205#else
2206static inline void tcp_gro_complete(struct sk_buff *skb) { }
2207#endif
2208
2209void __tcp_v4_send_check(struct sk_buff *skb, __be32 saddr, __be32 daddr);
2210
2211static inline u32 tcp_notsent_lowat(const struct tcp_sock *tp)
2212{
2213 struct net *net = sock_net(sk: (struct sock *)tp);
2214 u32 val;
2215
2216 val = READ_ONCE(tp->notsent_lowat);
2217
2218 return val ?: READ_ONCE(net->ipv4.sysctl_tcp_notsent_lowat);
2219}
2220
2221bool tcp_stream_memory_free(const struct sock *sk, int wake);
2222
2223#ifdef CONFIG_PROC_FS
2224int tcp4_proc_init(void);
2225void tcp4_proc_exit(void);
2226#endif
2227
2228int tcp_rtx_synack(const struct sock *sk, struct request_sock *req);
2229int tcp_conn_request(struct request_sock_ops *rsk_ops,
2230 const struct tcp_request_sock_ops *af_ops,
2231 struct sock *sk, struct sk_buff *skb);
2232
2233/* TCP af-specific functions */
2234struct tcp_sock_af_ops {
2235#ifdef CONFIG_TCP_MD5SIG
2236 struct tcp_md5sig_key *(*md5_lookup) (const struct sock *sk,
2237 const struct sock *addr_sk);
2238 int (*calc_md5_hash)(char *location,
2239 const struct tcp_md5sig_key *md5,
2240 const struct sock *sk,
2241 const struct sk_buff *skb);
2242 int (*md5_parse)(struct sock *sk,
2243 int optname,
2244 sockptr_t optval,
2245 int optlen);
2246#endif
2247#ifdef CONFIG_TCP_AO
2248 int (*ao_parse)(struct sock *sk, int optname, sockptr_t optval, int optlen);
2249 struct tcp_ao_key *(*ao_lookup)(const struct sock *sk,
2250 struct sock *addr_sk,
2251 int sndid, int rcvid);
2252 int (*ao_calc_key_sk)(struct tcp_ao_key *mkt, u8 *key,
2253 const struct sock *sk,
2254 __be32 sisn, __be32 disn, bool send);
2255 int (*calc_ao_hash)(char *location, struct tcp_ao_key *ao,
2256 const struct sock *sk, const struct sk_buff *skb,
2257 const u8 *tkey, int hash_offset, u32 sne);
2258#endif
2259};
2260
2261struct tcp_request_sock_ops {
2262 u16 mss_clamp;
2263#ifdef CONFIG_TCP_MD5SIG
2264 struct tcp_md5sig_key *(*req_md5_lookup)(const struct sock *sk,
2265 const struct sock *addr_sk);
2266 int (*calc_md5_hash) (char *location,
2267 const struct tcp_md5sig_key *md5,
2268 const struct sock *sk,
2269 const struct sk_buff *skb);
2270#endif
2271#ifdef CONFIG_TCP_AO
2272 struct tcp_ao_key *(*ao_lookup)(const struct sock *sk,
2273 struct request_sock *req,
2274 int sndid, int rcvid);
2275 int (*ao_calc_key)(struct tcp_ao_key *mkt, u8 *key, struct request_sock *sk);
2276 int (*ao_synack_hash)(char *ao_hash, struct tcp_ao_key *mkt,
2277 struct request_sock *req, const struct sk_buff *skb,
2278 int hash_offset, u32 sne);
2279#endif
2280#ifdef CONFIG_SYN_COOKIES
2281 __u32 (*cookie_init_seq)(const struct sk_buff *skb,
2282 __u16 *mss);
2283#endif
2284 struct dst_entry *(*route_req)(const struct sock *sk,
2285 struct sk_buff *skb,
2286 struct flowi *fl,
2287 struct request_sock *req);
2288 u32 (*init_seq)(const struct sk_buff *skb);
2289 u32 (*init_ts_off)(const struct net *net, const struct sk_buff *skb);
2290 int (*send_synack)(const struct sock *sk, struct dst_entry *dst,
2291 struct flowi *fl, struct request_sock *req,
2292 struct tcp_fastopen_cookie *foc,
2293 enum tcp_synack_type synack_type,
2294 struct sk_buff *syn_skb);
2295};
2296
2297extern const struct tcp_request_sock_ops tcp_request_sock_ipv4_ops;
2298#if IS_ENABLED(CONFIG_IPV6)
2299extern const struct tcp_request_sock_ops tcp_request_sock_ipv6_ops;
2300#endif
2301
2302#ifdef CONFIG_SYN_COOKIES
2303static inline __u32 cookie_init_sequence(const struct tcp_request_sock_ops *ops,
2304 const struct sock *sk, struct sk_buff *skb,
2305 __u16 *mss)
2306{
2307 tcp_synq_overflow(sk);
2308 __NET_INC_STATS(sock_net(sk), LINUX_MIB_SYNCOOKIESSENT);
2309 return ops->cookie_init_seq(skb, mss);
2310}
2311#else
2312static inline __u32 cookie_init_sequence(const struct tcp_request_sock_ops *ops,
2313 const struct sock *sk, struct sk_buff *skb,
2314 __u16 *mss)
2315{
2316 return 0;
2317}
2318#endif
2319
2320struct tcp_key {
2321 union {
2322 struct {
2323 struct tcp_ao_key *ao_key;
2324 char *traffic_key;
2325 u32 sne;
2326 u8 rcv_next;
2327 };
2328 struct tcp_md5sig_key *md5_key;
2329 };
2330 enum {
2331 TCP_KEY_NONE = 0,
2332 TCP_KEY_MD5,
2333 TCP_KEY_AO,
2334 } type;
2335};
2336
2337static inline void tcp_get_current_key(const struct sock *sk,
2338 struct tcp_key *out)
2339{
2340#if defined(CONFIG_TCP_AO) || defined(CONFIG_TCP_MD5SIG)
2341 const struct tcp_sock *tp = tcp_sk(sk);
2342#endif
2343
2344#ifdef CONFIG_TCP_AO
2345 if (static_branch_unlikely(&tcp_ao_needed.key)) {
2346 struct tcp_ao_info *ao;
2347
2348 ao = rcu_dereference_protected(tp->ao_info,
2349 lockdep_sock_is_held(sk));
2350 if (ao) {
2351 out->ao_key = READ_ONCE(ao->current_key);
2352 out->type = TCP_KEY_AO;
2353 return;
2354 }
2355 }
2356#endif
2357#ifdef CONFIG_TCP_MD5SIG
2358 if (static_branch_unlikely(&tcp_md5_needed.key) &&
2359 rcu_access_pointer(tp->md5sig_info)) {
2360 out->md5_key = tp->af_specific->md5_lookup(sk, sk);
2361 if (out->md5_key) {
2362 out->type = TCP_KEY_MD5;
2363 return;
2364 }
2365 }
2366#endif
2367 out->type = TCP_KEY_NONE;
2368}
2369
2370static inline bool tcp_key_is_md5(const struct tcp_key *key)
2371{
2372#ifdef CONFIG_TCP_MD5SIG
2373 if (static_branch_unlikely(&tcp_md5_needed.key) &&
2374 key->type == TCP_KEY_MD5)
2375 return true;
2376#endif
2377 return false;
2378}
2379
2380static inline bool tcp_key_is_ao(const struct tcp_key *key)
2381{
2382#ifdef CONFIG_TCP_AO
2383 if (static_branch_unlikely(&tcp_ao_needed.key) &&
2384 key->type == TCP_KEY_AO)
2385 return true;
2386#endif
2387 return false;
2388}
2389
2390int tcpv4_offload_init(void);
2391
2392void tcp_v4_init(void);
2393void tcp_init(void);
2394
2395/* tcp_recovery.c */
2396void tcp_mark_skb_lost(struct sock *sk, struct sk_buff *skb);
2397void tcp_newreno_mark_lost(struct sock *sk, bool snd_una_advanced);
2398extern s32 tcp_rack_skb_timeout(struct tcp_sock *tp, struct sk_buff *skb,
2399 u32 reo_wnd);
2400extern bool tcp_rack_mark_lost(struct sock *sk);
2401extern void tcp_rack_advance(struct tcp_sock *tp, u8 sacked, u32 end_seq,
2402 u64 xmit_time);
2403extern void tcp_rack_reo_timeout(struct sock *sk);
2404extern void tcp_rack_update_reo_wnd(struct sock *sk, struct rate_sample *rs);
2405
2406/* tcp_plb.c */
2407
2408/*
2409 * Scaling factor for fractions in PLB. For example, tcp_plb_update_state
2410 * expects cong_ratio which represents fraction of traffic that experienced
2411 * congestion over a single RTT. In order to avoid floating point operations,
2412 * this fraction should be mapped to (1 << TCP_PLB_SCALE) and passed in.
2413 */
2414#define TCP_PLB_SCALE 8
2415
2416/* State for PLB (Protective Load Balancing) for a single TCP connection. */
2417struct tcp_plb_state {
2418 u8 consec_cong_rounds:5, /* consecutive congested rounds */
2419 unused:3;
2420 u32 pause_until; /* jiffies32 when PLB can resume rerouting */
2421};
2422
2423static inline void tcp_plb_init(const struct sock *sk,
2424 struct tcp_plb_state *plb)
2425{
2426 plb->consec_cong_rounds = 0;
2427 plb->pause_until = 0;
2428}
2429void tcp_plb_update_state(const struct sock *sk, struct tcp_plb_state *plb,
2430 const int cong_ratio);
2431void tcp_plb_check_rehash(struct sock *sk, struct tcp_plb_state *plb);
2432void tcp_plb_update_state_upon_rto(struct sock *sk, struct tcp_plb_state *plb);
2433
2434/* At how many usecs into the future should the RTO fire? */
2435static inline s64 tcp_rto_delta_us(const struct sock *sk)
2436{
2437 const struct sk_buff *skb = tcp_rtx_queue_head(sk);
2438 u32 rto = inet_csk(sk)->icsk_rto;
2439 u64 rto_time_stamp_us = tcp_skb_timestamp_us(skb) + jiffies_to_usecs(j: rto);
2440
2441 return rto_time_stamp_us - tcp_sk(sk)->tcp_mstamp;
2442}
2443
2444/*
2445 * Save and compile IPv4 options, return a pointer to it
2446 */
2447static inline struct ip_options_rcu *tcp_v4_save_options(struct net *net,
2448 struct sk_buff *skb)
2449{
2450 const struct ip_options *opt = &TCP_SKB_CB(skb)->header.h4.opt;
2451 struct ip_options_rcu *dopt = NULL;
2452
2453 if (opt->optlen) {
2454 int opt_size = sizeof(*dopt) + opt->optlen;
2455
2456 dopt = kmalloc(size: opt_size, GFP_ATOMIC);
2457 if (dopt && __ip_options_echo(net, dopt: &dopt->opt, skb, sopt: opt)) {
2458 kfree(objp: dopt);
2459 dopt = NULL;
2460 }
2461 }
2462 return dopt;
2463}
2464
2465/* locally generated TCP pure ACKs have skb->truesize == 2
2466 * (check tcp_send_ack() in net/ipv4/tcp_output.c )
2467 * This is much faster than dissecting the packet to find out.
2468 * (Think of GRE encapsulations, IPv4, IPv6, ...)
2469 */
2470static inline bool skb_is_tcp_pure_ack(const struct sk_buff *skb)
2471{
2472 return skb->truesize == 2;
2473}
2474
2475static inline void skb_set_tcp_pure_ack(struct sk_buff *skb)
2476{
2477 skb->truesize = 2;
2478}
2479
2480static inline int tcp_inq(struct sock *sk)
2481{
2482 struct tcp_sock *tp = tcp_sk(sk);
2483 int answ;
2484
2485 if ((1 << sk->sk_state) & (TCPF_SYN_SENT | TCPF_SYN_RECV)) {
2486 answ = 0;
2487 } else if (sock_flag(sk, flag: SOCK_URGINLINE) ||
2488 !tp->urg_data ||
2489 before(seq1: tp->urg_seq, seq2: tp->copied_seq) ||
2490 !before(seq1: tp->urg_seq, seq2: tp->rcv_nxt)) {
2491
2492 answ = tp->rcv_nxt - tp->copied_seq;
2493
2494 /* Subtract 1, if FIN was received */
2495 if (answ && sock_flag(sk, flag: SOCK_DONE))
2496 answ--;
2497 } else {
2498 answ = tp->urg_seq - tp->copied_seq;
2499 }
2500
2501 return answ;
2502}
2503
2504int tcp_peek_len(struct socket *sock);
2505
2506static inline void tcp_segs_in(struct tcp_sock *tp, const struct sk_buff *skb)
2507{
2508 u16 segs_in;
2509
2510 segs_in = max_t(u16, 1, skb_shinfo(skb)->gso_segs);
2511
2512 /* We update these fields while other threads might
2513 * read them from tcp_get_info()
2514 */
2515 WRITE_ONCE(tp->segs_in, tp->segs_in + segs_in);
2516 if (skb->len > tcp_hdrlen(skb))
2517 WRITE_ONCE(tp->data_segs_in, tp->data_segs_in + segs_in);
2518}
2519
2520/*
2521 * TCP listen path runs lockless.
2522 * We forced "struct sock" to be const qualified to make sure
2523 * we don't modify one of its field by mistake.
2524 * Here, we increment sk_drops which is an atomic_t, so we can safely
2525 * make sock writable again.
2526 */
2527static inline void tcp_listendrop(const struct sock *sk)
2528{
2529 atomic_inc(v: &((struct sock *)sk)->sk_drops);
2530 __NET_INC_STATS(sock_net(sk), LINUX_MIB_LISTENDROPS);
2531}
2532
2533enum hrtimer_restart tcp_pace_kick(struct hrtimer *timer);
2534
2535/*
2536 * Interface for adding Upper Level Protocols over TCP
2537 */
2538
2539#define TCP_ULP_NAME_MAX 16
2540#define TCP_ULP_MAX 128
2541#define TCP_ULP_BUF_MAX (TCP_ULP_NAME_MAX*TCP_ULP_MAX)
2542
2543struct tcp_ulp_ops {
2544 struct list_head list;
2545
2546 /* initialize ulp */
2547 int (*init)(struct sock *sk);
2548 /* update ulp */
2549 void (*update)(struct sock *sk, struct proto *p,
2550 void (*write_space)(struct sock *sk));
2551 /* cleanup ulp */
2552 void (*release)(struct sock *sk);
2553 /* diagnostic */
2554 int (*get_info)(struct sock *sk, struct sk_buff *skb);
2555 size_t (*get_info_size)(const struct sock *sk);
2556 /* clone ulp */
2557 void (*clone)(const struct request_sock *req, struct sock *newsk,
2558 const gfp_t priority);
2559
2560 char name[TCP_ULP_NAME_MAX];
2561 struct module *owner;
2562};
2563int tcp_register_ulp(struct tcp_ulp_ops *type);
2564void tcp_unregister_ulp(struct tcp_ulp_ops *type);
2565int tcp_set_ulp(struct sock *sk, const char *name);
2566void tcp_get_available_ulp(char *buf, size_t len);
2567void tcp_cleanup_ulp(struct sock *sk);
2568void tcp_update_ulp(struct sock *sk, struct proto *p,
2569 void (*write_space)(struct sock *sk));
2570
2571#define MODULE_ALIAS_TCP_ULP(name) \
2572 __MODULE_INFO(alias, alias_userspace, name); \
2573 __MODULE_INFO(alias, alias_tcp_ulp, "tcp-ulp-" name)
2574
2575#ifdef CONFIG_NET_SOCK_MSG
2576struct sk_msg;
2577struct sk_psock;
2578
2579#ifdef CONFIG_BPF_SYSCALL
2580int tcp_bpf_update_proto(struct sock *sk, struct sk_psock *psock, bool restore);
2581void tcp_bpf_clone(const struct sock *sk, struct sock *newsk);
2582#endif /* CONFIG_BPF_SYSCALL */
2583
2584#ifdef CONFIG_INET
2585void tcp_eat_skb(struct sock *sk, struct sk_buff *skb);
2586#else
2587static inline void tcp_eat_skb(struct sock *sk, struct sk_buff *skb)
2588{
2589}
2590#endif
2591
2592int tcp_bpf_sendmsg_redir(struct sock *sk, bool ingress,
2593 struct sk_msg *msg, u32 bytes, int flags);
2594#endif /* CONFIG_NET_SOCK_MSG */
2595
2596#if !defined(CONFIG_BPF_SYSCALL) || !defined(CONFIG_NET_SOCK_MSG)
2597static inline void tcp_bpf_clone(const struct sock *sk, struct sock *newsk)
2598{
2599}
2600#endif
2601
2602#ifdef CONFIG_CGROUP_BPF
2603static inline void bpf_skops_init_skb(struct bpf_sock_ops_kern *skops,
2604 struct sk_buff *skb,
2605 unsigned int end_offset)
2606{
2607 skops->skb = skb;
2608 skops->skb_data_end = skb->data + end_offset;
2609}
2610#else
2611static inline void bpf_skops_init_skb(struct bpf_sock_ops_kern *skops,
2612 struct sk_buff *skb,
2613 unsigned int end_offset)
2614{
2615}
2616#endif
2617
2618/* Call BPF_SOCK_OPS program that returns an int. If the return value
2619 * is < 0, then the BPF op failed (for example if the loaded BPF
2620 * program does not support the chosen operation or there is no BPF
2621 * program loaded).
2622 */
2623#ifdef CONFIG_BPF
2624static inline int tcp_call_bpf(struct sock *sk, int op, u32 nargs, u32 *args)
2625{
2626 struct bpf_sock_ops_kern sock_ops;
2627 int ret;
2628
2629 memset(&sock_ops, 0, offsetof(struct bpf_sock_ops_kern, temp));
2630 if (sk_fullsock(sk)) {
2631 sock_ops.is_fullsock = 1;
2632 sock_owned_by_me(sk);
2633 }
2634
2635 sock_ops.sk = sk;
2636 sock_ops.op = op;
2637 if (nargs > 0)
2638 memcpy(sock_ops.args, args, nargs * sizeof(*args));
2639
2640 ret = BPF_CGROUP_RUN_PROG_SOCK_OPS(&sock_ops);
2641 if (ret == 0)
2642 ret = sock_ops.reply;
2643 else
2644 ret = -1;
2645 return ret;
2646}
2647
2648static inline int tcp_call_bpf_2arg(struct sock *sk, int op, u32 arg1, u32 arg2)
2649{
2650 u32 args[2] = {arg1, arg2};
2651
2652 return tcp_call_bpf(sk, op, nargs: 2, args);
2653}
2654
2655static inline int tcp_call_bpf_3arg(struct sock *sk, int op, u32 arg1, u32 arg2,
2656 u32 arg3)
2657{
2658 u32 args[3] = {arg1, arg2, arg3};
2659
2660 return tcp_call_bpf(sk, op, nargs: 3, args);
2661}
2662
2663#else
2664static inline int tcp_call_bpf(struct sock *sk, int op, u32 nargs, u32 *args)
2665{
2666 return -EPERM;
2667}
2668
2669static inline int tcp_call_bpf_2arg(struct sock *sk, int op, u32 arg1, u32 arg2)
2670{
2671 return -EPERM;
2672}
2673
2674static inline int tcp_call_bpf_3arg(struct sock *sk, int op, u32 arg1, u32 arg2,
2675 u32 arg3)
2676{
2677 return -EPERM;
2678}
2679
2680#endif
2681
2682static inline u32 tcp_timeout_init(struct sock *sk)
2683{
2684 int timeout;
2685
2686 timeout = tcp_call_bpf(sk, op: BPF_SOCK_OPS_TIMEOUT_INIT, nargs: 0, NULL);
2687
2688 if (timeout <= 0)
2689 timeout = TCP_TIMEOUT_INIT;
2690 return min_t(int, timeout, TCP_RTO_MAX);
2691}
2692
2693static inline u32 tcp_rwnd_init_bpf(struct sock *sk)
2694{
2695 int rwnd;
2696
2697 rwnd = tcp_call_bpf(sk, op: BPF_SOCK_OPS_RWND_INIT, nargs: 0, NULL);
2698
2699 if (rwnd < 0)
2700 rwnd = 0;
2701 return rwnd;
2702}
2703
2704static inline bool tcp_bpf_ca_needs_ecn(struct sock *sk)
2705{
2706 return (tcp_call_bpf(sk, op: BPF_SOCK_OPS_NEEDS_ECN, nargs: 0, NULL) == 1);
2707}
2708
2709static inline void tcp_bpf_rtt(struct sock *sk)
2710{
2711 if (BPF_SOCK_OPS_TEST_FLAG(tcp_sk(sk), BPF_SOCK_OPS_RTT_CB_FLAG))
2712 tcp_call_bpf(sk, op: BPF_SOCK_OPS_RTT_CB, nargs: 0, NULL);
2713}
2714
2715#if IS_ENABLED(CONFIG_SMC)
2716extern struct static_key_false tcp_have_smc;
2717#endif
2718
2719#if IS_ENABLED(CONFIG_TLS_DEVICE)
2720void clean_acked_data_enable(struct inet_connection_sock *icsk,
2721 void (*cad)(struct sock *sk, u32 ack_seq));
2722void clean_acked_data_disable(struct inet_connection_sock *icsk);
2723void clean_acked_data_flush(void);
2724#endif
2725
2726DECLARE_STATIC_KEY_FALSE(tcp_tx_delay_enabled);
2727static inline void tcp_add_tx_delay(struct sk_buff *skb,
2728 const struct tcp_sock *tp)
2729{
2730 if (static_branch_unlikely(&tcp_tx_delay_enabled))
2731 skb->skb_mstamp_ns += (u64)tp->tcp_tx_delay * NSEC_PER_USEC;
2732}
2733
2734/* Compute Earliest Departure Time for some control packets
2735 * like ACK or RST for TIME_WAIT or non ESTABLISHED sockets.
2736 */
2737static inline u64 tcp_transmit_time(const struct sock *sk)
2738{
2739 if (static_branch_unlikely(&tcp_tx_delay_enabled)) {
2740 u32 delay = (sk->sk_state == TCP_TIME_WAIT) ?
2741 tcp_twsk(sk)->tw_tx_delay : tcp_sk(sk)->tcp_tx_delay;
2742
2743 return tcp_clock_ns() + (u64)delay * NSEC_PER_USEC;
2744 }
2745 return 0;
2746}
2747
2748static inline int tcp_parse_auth_options(const struct tcphdr *th,
2749 const u8 **md5_hash, const struct tcp_ao_hdr **aoh)
2750{
2751 const u8 *md5_tmp, *ao_tmp;
2752 int ret;
2753
2754 ret = tcp_do_parse_auth_options(th, md5_hash: &md5_tmp, ao_hash: &ao_tmp);
2755 if (ret)
2756 return ret;
2757
2758 if (md5_hash)
2759 *md5_hash = md5_tmp;
2760
2761 if (aoh) {
2762 if (!ao_tmp)
2763 *aoh = NULL;
2764 else
2765 *aoh = (struct tcp_ao_hdr *)(ao_tmp - 2);
2766 }
2767
2768 return 0;
2769}
2770
2771static inline bool tcp_ao_required(struct sock *sk, const void *saddr,
2772 int family, int l3index, bool stat_inc)
2773{
2774#ifdef CONFIG_TCP_AO
2775 struct tcp_ao_info *ao_info;
2776 struct tcp_ao_key *ao_key;
2777
2778 if (!static_branch_unlikely(&tcp_ao_needed.key))
2779 return false;
2780
2781 ao_info = rcu_dereference_check(tcp_sk(sk)->ao_info,
2782 lockdep_sock_is_held(sk));
2783 if (!ao_info)
2784 return false;
2785
2786 ao_key = tcp_ao_do_lookup(sk, l3index, addr: saddr, family, sndid: -1, rcvid: -1);
2787 if (ao_info->ao_required || ao_key) {
2788 if (stat_inc) {
2789 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOREQUIRED);
2790 atomic64_inc(v: &ao_info->counters.ao_required);
2791 }
2792 return true;
2793 }
2794#endif
2795 return false;
2796}
2797
2798/* Called with rcu_read_lock() */
2799static inline enum skb_drop_reason
2800tcp_inbound_hash(struct sock *sk, const struct request_sock *req,
2801 const struct sk_buff *skb,
2802 const void *saddr, const void *daddr,
2803 int family, int dif, int sdif)
2804{
2805 const struct tcphdr *th = tcp_hdr(skb);
2806 const struct tcp_ao_hdr *aoh;
2807 const __u8 *md5_location;
2808 int l3index;
2809
2810 /* Invalid option or two times meet any of auth options */
2811 if (tcp_parse_auth_options(th, md5_hash: &md5_location, aoh: &aoh)) {
2812 tcp_hash_fail("TCP segment has incorrect auth options set",
2813 family, skb, "");
2814 return SKB_DROP_REASON_TCP_AUTH_HDR;
2815 }
2816
2817 if (req) {
2818 if (tcp_rsk_used_ao(req) != !!aoh) {
2819 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPAOBAD);
2820 tcp_hash_fail("TCP connection can't start/end using TCP-AO",
2821 family, skb, "%s",
2822 !aoh ? "missing AO" : "AO signed");
2823 return SKB_DROP_REASON_TCP_AOFAILURE;
2824 }
2825 }
2826
2827 /* sdif set, means packet ingressed via a device
2828 * in an L3 domain and dif is set to the l3mdev
2829 */
2830 l3index = sdif ? dif : 0;
2831
2832 /* Fast path: unsigned segments */
2833 if (likely(!md5_location && !aoh)) {
2834 /* Drop if there's TCP-MD5 or TCP-AO key with any rcvid/sndid
2835 * for the remote peer. On TCP-AO established connection
2836 * the last key is impossible to remove, so there's
2837 * always at least one current_key.
2838 */
2839 if (tcp_ao_required(sk, saddr, family, l3index, stat_inc: true)) {
2840 tcp_hash_fail("AO hash is required, but not found",
2841 family, skb, "L3 index %d", l3index);
2842 return SKB_DROP_REASON_TCP_AONOTFOUND;
2843 }
2844 if (unlikely(tcp_md5_do_lookup(sk, l3index, saddr, family))) {
2845 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPMD5NOTFOUND);
2846 tcp_hash_fail("MD5 Hash not found",
2847 family, skb, "L3 index %d", l3index);
2848 return SKB_DROP_REASON_TCP_MD5NOTFOUND;
2849 }
2850 return SKB_NOT_DROPPED_YET;
2851 }
2852
2853 if (aoh)
2854 return tcp_inbound_ao_hash(sk, skb, family, req, l3index, aoh);
2855
2856 return tcp_inbound_md5_hash(sk, skb, saddr, daddr, family,
2857 l3index, hash_location: md5_location);
2858}
2859
2860#endif /* _TCP_H */
2861

source code of linux/include/net/tcp.h