From nobody Sat Apr 20 09:15:53 2024 Delivered-To: wpasupplicant.patchew@gmail.com Received: by 2002:ab0:590e:0:0:0:0:0 with SMTP id n14csp2211673uad; Sun, 31 Jul 2022 19:47:57 -0700 (PDT) X-Google-Smtp-Source: AGRyM1uTe9fyW8u0SQ7kF5pYoeUFpmmkq+KsFWrJE2p0vRrYo1ySg3+DFfpiAM86dPOmj6QXx0ax X-Received: by 2002:aa7:8286:0:b0:52b:5ccd:f6bb with SMTP id s6-20020aa78286000000b0052b5ccdf6bbmr14162344pfm.34.1659322076746; Sun, 31 Jul 2022 19:47:56 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1659322076; cv=pass; d=google.com; s=arc-20160816; b=tnPwq+ZDYxW89S8GxDkOBJrM3yeb0a4OncKocr0mOxIkbnLMN8EQguisGBcnsK7LVg WJEoDw42HFletTCLtEk6hK1A0UjLKNbdkcMsvZqtbREXIyBorhBOwrLtscjs7svbKuUB ukTMT/Rgpd3qPbgX8Xmh6g5eyy9OOeNd6PwQQfifMyRAhkklMac9tsjr20xN7hh2BKaq 1IWwOI1u7cIfPbfXXtUhD+e0KuoftmJeNNWzyXi6ILgipeIMWEb3kunFQAN3HpN8iYJf L+l4B6xsx2hpnFbp8rWzqLDJFrtEpZThCwbWYWmTjAjm0wqnW1VVH9EQ8kBXyk/c+BMV A6/A== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:mime-version:list-unsubscribe :list-subscribe:list-id:precedence:date:subject:message-id:cc:to :from:dkim-signature; bh=luXiZ4NNPZc3nOpHyNh5QP/Sauz1fWVNf8zSeVqm/fw=; b=u9PfNENVhxaRqmk/2PMJRB+MXCfz8qHb/4NTYU2V1TvWsQcFIkDRPH48N+BvozPJQR brLnrgxrJFxqx4RcekN4LzEeSuiZcf1GeJbq1ntHK4YM2glTizwsTr7S7dZd2J+8LWqE PvZOhYpKhHmaEvpagojV075UrbpJ6SCOrxD8XhqEIqjavf+yLdE0JPBLmRRZ8Bm1IJjK k3R1aQTdTrtUfkdQq7C+owbQcOSyVJwzk2qOLl21gYIX5ntzNRVgETCOTBGRFtUD+qQd s4NHABpd023seBIZmrmjSw3AOrSYEZRyH46p4+OeVNwaLvWPzR+r2qfBNy0Zanb+Pz0Z e2Vg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@shytyi.net header.s=hs header.b=BvnzDrCF; arc=pass (i=1 spf=pass spfdomain=shytyi.net dkim=pass dkdomain=shytyi.net dmarc=pass fromdomain=shytyi.net>); spf=pass (google.com: domain of mptcp+bounces-6101-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 139.178.88.99 as permitted sender) smtp.mailfrom="mptcp+bounces-6101-wpasupplicant.patchew=gmail.com@lists.linux.dev" Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [139.178.88.99]) by mx.google.com with ESMTPS id ij22-20020a170902ab5600b0016d821a0bebsi2815919plb.346.2022.07.31.19.47.56 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 31 Jul 2022 19:47:56 -0700 (PDT) Received-SPF: pass (google.com: domain of mptcp+bounces-6101-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 139.178.88.99 as permitted sender) client-ip=139.178.88.99; Authentication-Results: mx.google.com; dkim=pass header.i=@shytyi.net header.s=hs header.b=BvnzDrCF; arc=pass (i=1 spf=pass spfdomain=shytyi.net dkim=pass dkdomain=shytyi.net dmarc=pass fromdomain=shytyi.net>); spf=pass (google.com: domain of mptcp+bounces-6101-wpasupplicant.patchew=gmail.com@lists.linux.dev designates 139.178.88.99 as permitted sender) smtp.mailfrom="mptcp+bounces-6101-wpasupplicant.patchew=gmail.com@lists.linux.dev" Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id C6988280985 for ; Mon, 1 Aug 2022 02:47:55 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 7F78015A8; Mon, 1 Aug 2022 02:47:54 +0000 (UTC) X-Original-To: mptcp@lists.linux.dev Received: from sender11-of-o51.zoho.eu (sender11-of-o51.zoho.eu [31.186.226.237]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 900807F for ; Mon, 1 Aug 2022 02:47:51 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; t=1659322060; cv=none; d=zohomail.eu; s=zohoarc; b=OzZn7UW8ibqSYty6znsDfwKQg1YmPRuj7vonD161ujZ+mFvQpTgVhgbk2YID1TBLmDK8NedRpaip0LlWCwGgd/sBYys0rzhHsCNSZhvkZOGXYV5r8Nnn1YKAkDt434xjgAeIPqTqnhnwhl3uvpfz9l+2s/PPRzX4/qiKJxumTFs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; t=1659322060; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:MIME-Version:Message-ID:Subject:To; bh=luXiZ4NNPZc3nOpHyNh5QP/Sauz1fWVNf8zSeVqm/fw=; b=dfAGaHzNw9RUcvaixj8DMQKSfocWkLcc40ec9TVpA6kecXK72DbIS+7ZkXLqYq+QsFXO0qDCwpXowKbZmM1Mbp+CXNhu4m44Z561W0Dv88j24VGRsu2IDGgZ2ZcE7SIbSSqA51jSGt4ICakRfZeu0R0HGoeGFQhmmuGiWxoesVI= ARC-Authentication-Results: i=1; mx.zohomail.eu; dkim=pass header.i=shytyi.net; spf=pass smtp.mailfrom=dmytro@shytyi.net; dmarc=pass header.from= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1659322060; s=hs; d=shytyi.net; i=dmytro@shytyi.net; h=From:From:To:To:Cc:Cc:Message-ID:Subject:Subject:Date:Date:MIME-Version:Content-Transfer-Encoding:Content-Type:Message-Id:Reply-To; bh=luXiZ4NNPZc3nOpHyNh5QP/Sauz1fWVNf8zSeVqm/fw=; b=BvnzDrCFKeZOmJaY+dCf8/Qwn/WJxuVptDI2htMudvz0OqTcLhW9oJNzwIl2Z1t9 C1PajPYzlWFdVXNFiE0RqZJyYcq09cCOAM0AkN2VlKcPJ86PDcKCfkufj87jXA48iGi oVCDwMQYcjBHaGL7Ik7nOSM65o9/crcUTJEbu8UA= Received: from localhost.localdomain (243.34.22.93.rev.sfr.net [93.22.34.243]) by mx.zoho.eu with SMTPS id 1659322058997264.7051098893853; Mon, 1 Aug 2022 04:47:38 +0200 (CEST) From: Dmytro SHYTYI To: mptcp@lists.linux.dev Cc: Dmytro SHYTYI Message-ID: <20220801024656.397714-1-dmytro@shytyi.net> Subject: [RFC PATCH mptcp-next v4] mptcp: Fast Open Mechanism Date: Mon, 1 Aug 2022 03:46:56 +0100 X-Mailer: git-send-email 2.25.1 Precedence: bulk X-Mailing-List: mptcp@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ZohoMailClient: External Content-Type: text/plain; charset="utf-8" This set of patches will bring "Fast Open" Option support to MPTCP. The aim of Fast Open Mechanism is to eliminate one round trip time from a TCP conversation by allowing data to be included as part of the SYN segment that initiates the connection. IETF RFC 8684: Appendix B. TCP Fast Open and MPTCP. [PATCH v3] includes "client-server" partial support for : 1. MPTCP cookie request from client (seems to be working). 2. MPTCP cookie offering from server (seems to be working). 3. MPTCP SYN+DATA+COOKIE from client (seems to be working). 4. subsequent write + read on the opened socket (first launch with TFO request seems to be working, hovewer the second launch appears to have a mptcp "RST" issue). This patch is Work In Progress transitional draft. The differences between v3 and v4: 1. An attempt to reduce impact on existing TCP code. 2. 2 files related to mptcp_fastopen are created(*.h + *.c). 3. "subflow_v4_conn_request" is used to call "mptcp_conn_request"( located in "mptcp_fastopen.c") to process the received packet on the listener side when "SYN" is received during 3way handshake. 4. This chain adds "skb" to "&msk->sk_receive_queue" ("subflow_v4_conn_request"->"mptcp_conn_request"-> "mptcp_try_fastopen"->"mptcp_fastopen_create_child"-> "mptcp_fastopen_add_skb") 5. Some minor comments from mailing list are not yet included in the current version of the PATCH. Signed-off-by: Dmytro SHYTYI --- include/net/mptcp.h | 2 +- net/ipv4/tcp_output.c | 3 +- net/mptcp/Makefile | 2 +- net/mptcp/mptcp_fastopen.c | 476 +++++++++++++++++++++++++++++++++++++ net/mptcp/mptcp_fastopen.h | 67 ++++++ net/mptcp/options.c | 7 +- net/mptcp/protocol.c | 8 +- net/mptcp/protocol.h | 3 + net/mptcp/sockopt.c | 41 ++++ net/mptcp/subflow.c | 7 +- 10 files changed, 604 insertions(+), 12 deletions(-) create mode 100644 net/mptcp/mptcp_fastopen.c create mode 100644 net/mptcp/mptcp_fastopen.h diff --git a/include/net/mptcp.h b/include/net/mptcp.h index 6456ea26e4c7..692197187af8 100644 --- a/include/net/mptcp.h +++ b/include/net/mptcp.h @@ -139,7 +139,7 @@ void mptcp_space(const struct sock *ssk, int *space, in= t *full_space); bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb, unsigned int *size, struct mptcp_out_options *opts); bool mptcp_synack_options(const struct request_sock *req, unsigned int *si= ze, - struct mptcp_out_options *opts); + struct mptcp_out_options *opts, u16 *tcp_options); bool mptcp_established_options(struct sock *sk, struct sk_buff *skb, unsigned int *size, unsigned int remaining, struct mptcp_out_options *opts); diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c index b4b2284ed4a2..864517e63bdf 100644 --- a/net/ipv4/tcp_output.c +++ b/net/ipv4/tcp_output.c @@ -747,7 +747,7 @@ static void mptcp_set_option_cond(const struct request_= sock *req, if (rsk_is_mptcp(req)) { unsigned int size; =20 - if (mptcp_synack_options(req, &size, &opts->mptcp)) { + if (mptcp_synack_options(req, &size, &opts->mptcp, &opts->options)) { if (*remaining >=3D size) { opts->options |=3D OPTION_MPTCP; *remaining -=3D size; @@ -822,7 +822,6 @@ static unsigned int tcp_syn_options(struct sock *sk, st= ruct sk_buff *skb, tp->syn_fastopen_exp =3D fastopen->cookie.exp ? 1 : 0; } } - smc_set_option(tp, opts, &remaining); =20 if (sk_is_mptcp(sk)) { diff --git a/net/mptcp/Makefile b/net/mptcp/Makefile index 8a7f68efa35f..0f1022b395ef 100644 --- a/net/mptcp/Makefile +++ b/net/mptcp/Makefile @@ -2,7 +2,7 @@ obj-$(CONFIG_MPTCP) +=3D mptcp.o =20 mptcp-y :=3D protocol.o subflow.o options.o token.o crypto.o ctrl.o pm.o d= iag.o \ - mib.o pm_netlink.o sockopt.o pm_userspace.o sched.o + mib.o pm_netlink.o sockopt.o pm_userspace.o sched.o mptcp_fastopen.o =20 obj-$(CONFIG_SYN_COOKIES) +=3D syncookies.o obj-$(CONFIG_INET_MPTCP_DIAG) +=3D mptcp_diag.o diff --git a/net/mptcp/mptcp_fastopen.c b/net/mptcp/mptcp_fastopen.c new file mode 100644 index 000000000000..cca086e178a6 --- /dev/null +++ b/net/mptcp/mptcp_fastopen.c @@ -0,0 +1,476 @@ +#include "mptcp_fastopen.h" + +int mptcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg, + size_t len, struct mptcp_sock *msk, + size_t *copied) +{ + const struct iphdr *iph; + struct ubuf_info *uarg; + struct sockaddr *uaddr; + struct sk_buff *skb; + struct tcp_sock *tp; + struct socket *ssk; + int ret; + + ssk =3D __mptcp_nmpc_socket(msk); + if (unlikely(!ssk)) + goto out_EFAULT; + skb =3D tcp_stream_alloc_skb(ssk->sk, 0, ssk->sk->sk_allocation, true); + if (unlikely(!skb)) + goto out_EFAULT; + iph =3D ip_hdr(skb); + if (unlikely(!iph)) + goto out_EFAULT; + uarg =3D msg_zerocopy_realloc(sk, len, skb_zcopy(skb)); + if (unlikely(!uarg)) + goto out_EFAULT; + uaddr =3D msg->msg_name; + + tp =3D tcp_sk(ssk->sk); + if (unlikely(!tp)) + goto out_EFAULT; + if (!tp->fastopen_req) + tp->fastopen_req =3D kzalloc(sizeof(*tp->fastopen_req), + ssk->sk->sk_allocation); + + if (unlikely(!tp->fastopen_req)) + goto out_EFAULT; + tp->fastopen_req->data =3D msg; + tp->fastopen_req->size =3D len; + tp->fastopen_req->uarg =3D uarg; + + /* requests a cookie */ + *copied =3D mptcp_stream_connect(sk->sk_socket, uaddr, + msg->msg_namelen, msg->msg_flags); + + return 0; +out_EFAULT: + ret =3D -EFAULT; + return ret; +} + +void mptcp_reqsk_record_syn(const struct sock *sk, + struct request_sock *req, + const struct sk_buff *skb) +{ + if (tcp_sk(sk)->save_syn) { + u32 length =3D skb_network_header_len(skb) + tcp_hdrlen(skb); + struct saved_syn *svd_syn; + u32 mac_headerlen; + void *base; + + if (tcp_sk(sk)->save_syn =3D=3D 2) { + base =3D skb_mac_header(skb); + mac_headerlen =3D skb_mac_header_len(skb); + length +=3D mac_headerlen; + } else { + base =3D skb_network_header(skb); + mac_headerlen =3D 0; + } + + svd_syn =3D kmalloc(struct_size(svd_syn, data, length), + GFP_ATOMIC); + if (svd_syn) { + svd_syn->mac_hdrlen =3D mac_headerlen; + svd_syn->network_hdrlen =3D skb_network_header_len(skb); + svd_syn->tcp_hdrlen =3D tcp_hdrlen(skb); + memcpy(svd_syn->data, base, length); + req->saved_syn =3D svd_syn; + } + } +} + +void mptcp_ecn_create_request(struct request_sock *req, + const struct sk_buff *skb, + const struct sock *listen_sk, + const struct dst_entry *dst) +{ + const struct tcphdr *thdr =3D tcp_hdr(skb); + const struct net *net =3D sock_net(listen_sk); + bool thdr_ecn =3D thdr->ece && thdr->cwr; + bool ect_stat, ecn_okay; + u32 ecn_okay_dst; + + if (!thdr_ecn) + return; + + ect_stat =3D !INET_ECN_is_not_ect(TCP_SKB_CB(skb)->ip_dsfield); + ecn_okay_dst =3D dst_feature(dst, DST_FEATURE_ECN_MASK); + ecn_okay =3D net->ipv4.sysctl_tcp_ecn || ecn_okay_dst; + + if (((!ect_stat || thdr->res1) && ecn_okay) || tcp_ca_needs_ecn(listen_sk= ) || + (ecn_okay_dst & DST_FEATURE_ECN_CA) || + tcp_bpf_ca_needs_ecn((struct sock *)req)) + inet_rsk(req)->ecn_ok =3D 1; +} + +void mptcp_openreq_init(struct request_sock *req, + const struct tcp_options_received *rx_opt, + struct sk_buff *skb, const struct sock *sk) +{ + struct inet_request_sock *ireq =3D inet_rsk(req); + + req->rsk_rcv_wnd =3D 0; + tcp_rsk(req)->rcv_isn =3D TCP_SKB_CB(skb)->seq; + tcp_rsk(req)->rcv_nxt =3D TCP_SKB_CB(skb)->seq + 1; + tcp_rsk(req)->snt_synack =3D 0; + tcp_rsk(req)->last_oow_ack_time =3D 0; + req->mss =3D rx_opt->mss_clamp; + req->ts_recent =3D rx_opt->saw_tstamp ? rx_opt->rcv_tsval : 0; + ireq->tstamp_ok =3D rx_opt->tstamp_ok; + ireq->sack_ok =3D rx_opt->sack_ok; + ireq->snd_wscale =3D rx_opt->snd_wscale; + ireq->wscale_ok =3D rx_opt->wscale_ok; + ireq->acked =3D 0; + ireq->ecn_ok =3D 0; + ireq->ir_rmt_port =3D tcp_hdr(skb)->source; + ireq->ir_num =3D ntohs(tcp_hdr(skb)->dest); + ireq->ir_mark =3D inet_request_mark(sk, skb); +} + +void mptcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb) +{ + struct sock *msk =3D mptcp_subflow_ctx(sk)->conn; + struct tcp_sock *tp =3D tcp_sk(sk); + + if (TCP_SKB_CB(skb)->end_seq =3D=3D tp->rcv_nxt) + return; + + skb =3D skb_clone(skb, GFP_ATOMIC); + if (!skb) + return; + + skb_dst_drop(skb); + + tp->segs_in =3D 0; + tcp_segs_in(tp, skb); + __skb_pull(skb, tcp_hdrlen(skb)); + sk_forced_mem_schedule(sk, skb->truesize); + skb_set_owner_r(skb, sk); + + TCP_SKB_CB(skb)->seq++; + TCP_SKB_CB(skb)->tcp_flags &=3D ~TCPHDR_SYN; + + tp->rcv_nxt =3D TCP_SKB_CB(skb)->end_seq; + + __skb_queue_tail(&msk->sk_receive_queue, skb); + + tp->syn_data_acked =3D 1; + + tp->bytes_received =3D skb->len; + + if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN) + tcp_fin(sk); +} + +struct sock *mptcp_fastopen_create_child(struct sock *sk, + struct sk_buff *skb, + struct request_sock *req) +{ + struct request_sock_queue *r_sock_queue =3D &inet_csk(sk)->icsk_accept_qu= eue; + struct tcp_sock *tp; + struct sock *child_sock; + bool own_req; + + child_sock =3D inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb, req, NUL= L, + NULL, &own_req); + if (!child_sock) + return NULL; + + spin_lock(&r_sock_queue->fastopenq.lock); + r_sock_queue->fastopenq.qlen++; + spin_unlock(&r_sock_queue->fastopenq.lock); + + tp =3D tcp_sk(child_sock); + + rcu_assign_pointer(tp->fastopen_rsk, req); + tcp_rsk(req)->tfo_listener =3D true; + + tp->snd_wnd =3D ntohs(tcp_hdr(skb)->window); + tp->max_window =3D tp->snd_wnd; + + inet_csk_reset_xmit_timer(child_sock, ICSK_TIME_RETRANS, + TCP_TIMEOUT_INIT, TCP_RTO_MAX); + + refcount_set(&req->rsk_refcnt, 2); + + tcp_init_transfer(child_sock, BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB, skb); + + + tp->rcv_nxt =3D TCP_SKB_CB(skb)->seq + 1; + //tp->rcv_nxt =3D TCP_SKB_CB(skb)->end_seq; + //tp->copied_seq =3D 4;//3 + + mptcp_fastopen_add_skb(child_sock, skb); + + tcp_rsk(req)->rcv_nxt =3D tp->rcv_nxt; + tp->rcv_wup =3D tp->rcv_nxt; + + return child_sock; +} + +bool mptcp_fastopen_queue_check(struct sock *sk) +{ + struct fastopen_queue *fo_queue; + struct request_sock *req_sock; + + fo_queue =3D &inet_csk(sk)->icsk_accept_queue.fastopenq; + if (fo_queue->max_qlen =3D=3D 0) + return false; + + if (fo_queue->qlen >=3D fo_queue->max_qlen) { + + spin_lock(&fo_queue->lock); + req_sock =3D fo_queue->rskq_rst_head; + if (!req_sock || time_after(req_sock->rsk_timer.expires, jiffies)) { + spin_unlock(&fo_queue->lock); + return false; + } + fo_queue->rskq_rst_head =3D req_sock->dl_next; + fo_queue->qlen--; + spin_unlock(&fo_queue->lock); + reqsk_put(req_sock); + } + return true; +} + +bool mptcp_fastopen_cookie_gen_cipher(struct request_sock *req, + struct sk_buff *syn, + const siphash_key_t *key, + struct tcp_fastopen_cookie *foc) +{ + if (req->rsk_ops->family =3D=3D AF_INET) { + const struct iphdr *iph =3D ip_hdr(syn); + + foc->val[0] =3D cpu_to_le64(siphash(&iph->saddr, + sizeof(iph->saddr) + + sizeof(iph->daddr), + key)); + foc->len =3D TCP_FASTOPEN_COOKIE_SIZE; + return true; + } + + return false; +} + + +void mptcp_fastopen_cookie_gen(struct sock *sk, + struct request_sock *req, + struct sk_buff *syn, + struct tcp_fastopen_cookie *foc) +{ + struct tcp_fastopen_context *ctx; + + rcu_read_lock(); + ctx =3D tcp_fastopen_get_ctx(sk); + if (ctx) + mptcp_fastopen_cookie_gen_cipher(req, syn, &ctx->key[0], foc); + rcu_read_unlock(); +} + +int mptcp_fastopen_cookie_gen_check(struct sock *sk, + struct request_sock *req, + struct sk_buff *syn, + struct tcp_fastopen_cookie *orig, + struct tcp_fastopen_cookie *valid_foc) +{ + struct tcp_fastopen_cookie mptcp_search_foc =3D { .len =3D -1 }; + struct tcp_fastopen_cookie *mptcp_foc =3D valid_foc; + struct tcp_fastopen_context *mptcp_fo_ctx; + int i, ret =3D 0; + + rcu_read_lock(); + mptcp_fo_ctx =3D tcp_fastopen_get_ctx(sk); + if (!mptcp_fo_ctx) + goto out; + for (i =3D 0; i < tcp_fastopen_context_len(mptcp_fo_ctx); i++) { + mptcp_fastopen_cookie_gen_cipher(req, syn, &mptcp_fo_ctx->key[i], mptcp_= foc); + if (tcp_fastopen_cookie_match(mptcp_foc, orig)) { + ret =3D i + 1; + goto out; + } + mptcp_foc =3D &mptcp_search_foc; + } +out: + rcu_read_unlock(); + return ret; +} + + +bool mptcp_fastopen_no_cookie(const struct sock *sk, + const struct dst_entry *dst, + int flag) +{ + return (sock_net(sk)->ipv4.sysctl_tcp_fastopen & flag) || + tcp_sk(sk)->fastopen_no_cookie || + (dst && dst_metric(dst, RTAX_FASTOPEN_NO_COOKIE)); +} + +struct sock *mptcp_try_fastopen(struct sock *sk, struct sk_buff *skb, + struct request_sock *req, + struct tcp_fastopen_cookie *foc, + const struct dst_entry *dst) +{ + bool syn_data_status =3D TCP_SKB_CB(skb)->end_seq !=3D TCP_SKB_CB(skb)->s= eq + 1; + struct tcp_fastopen_cookie valid_mptcp_foc =3D { .len =3D -1 }; + struct sock *child_sock; + int ret =3D 0; + + + if ((syn_data_status || foc->len >=3D 0) && + mptcp_fastopen_queue_check(sk)) { + foc->len =3D -1; + return NULL; + } + + if (mptcp_fastopen_no_cookie(sk, dst, TFO_SERVER_COOKIE_NOT_REQD)) + goto fastopen; + + if (foc->len =3D=3D 0) { + mptcp_fastopen_cookie_gen(sk, req, skb, &valid_mptcp_foc); + } else if (foc->len > 0) { + ret =3D mptcp_fastopen_cookie_gen_check(sk, req, skb, foc, + &valid_mptcp_foc); + if (!ret) { + __asm__ ("NOP"); + } else { +fastopen: + child_sock =3D mptcp_fastopen_create_child(sk, skb, req); + if (child_sock) { + if (ret =3D=3D 2) { + valid_mptcp_foc.exp =3D foc->exp; + *foc =3D valid_mptcp_foc; + } else { + foc->len =3D -1; + } + return child_sock; + } + } + } + valid_mptcp_foc.exp =3D foc->exp; + *foc =3D valid_mptcp_foc; + return NULL; +} + +int mptcp_conn_request(struct request_sock_ops *rsk_ops, + const struct tcp_request_sock_ops *af_ops, + struct sock *sk, struct sk_buff *skb) +{ + struct tcp_fastopen_cookie mptcp_foc =3D { .len =3D -1 }; + struct tcp_options_received tmp_opt_rcvd; + __u32 isn =3D TCP_SKB_CB(skb)->tcp_tw_isn; + struct tcp_sock *tp_sock =3D tcp_sk(sk); + struct sock *mptcp_fo_sk =3D NULL; + struct net *net =3D sock_net(sk); + struct request_sock *req_sock; + bool want_cookie =3D false; + struct dst_entry *dst; + struct flowi fl; + + if (sk_acceptq_is_full(sk)) { + goto drop; + } + + req_sock =3D inet_reqsk_alloc(rsk_ops, sk, !want_cookie); + if (!req_sock) + goto drop; + + req_sock->syncookie =3D want_cookie; + tcp_rsk(req_sock)->af_specific =3D af_ops; + tcp_rsk(req_sock)->ts_off =3D 0; + tcp_rsk(req_sock)->is_mptcp =3D 1; + + tcp_clear_options(&tmp_opt_rcvd); + tmp_opt_rcvd.mss_clamp =3D af_ops->mss_clamp; + tmp_opt_rcvd.user_mss =3D tp_sock->rx_opt.user_mss; + tcp_parse_options(sock_net(sk), skb, &tmp_opt_rcvd, 0, + want_cookie ? NULL : &mptcp_foc); + + if (want_cookie && !tmp_opt_rcvd.saw_tstamp) + tcp_clear_options(&tmp_opt_rcvd); + + if (IS_ENABLED(CONFIG_SMC) && want_cookie) + tmp_opt_rcvd.smc_ok =3D 0; + + tmp_opt_rcvd.tstamp_ok =3D tmp_opt_rcvd.saw_tstamp; + mptcp_openreq_init(req_sock, &tmp_opt_rcvd, skb, sk); + inet_rsk(req_sock)->no_srccheck =3D inet_sk(sk)->transparent; + + inet_rsk(req_sock)->ir_iif =3D inet_request_bound_dev_if(sk, skb); + + dst =3D af_ops->route_req(sk, skb, &fl, req_sock); + if (!dst) + goto drop_and_free; + + if (tmp_opt_rcvd.tstamp_ok) + tcp_rsk(req_sock)->ts_off =3D af_ops->init_ts_off(net, skb); + + if (!want_cookie && !isn) { + if (!net->ipv4.sysctl_tcp_syncookies && + (net->ipv4.sysctl_max_syn_backlog - inet_csk_reqsk_queue_len(sk) < + (net->ipv4.sysctl_max_syn_backlog >> 2)) && + !tcp_peer_is_proven(req_sock, dst)) { + goto drop_and_release; + } + + isn =3D af_ops->init_seq(skb); + } + + mptcp_ecn_create_request(req_sock, skb, sk, dst); + + if (want_cookie) { + isn =3D cookie_init_sequence(af_ops, sk, skb, &req_sock->mss); + if (!tmp_opt_rcvd.tstamp_ok) + inet_rsk(req_sock)->ecn_ok =3D 0; + } + + tcp_rsk(req_sock)->snt_isn =3D isn; + tcp_rsk(req_sock)->txhash =3D net_tx_rndhash(); + tcp_rsk(req_sock)->syn_tos =3D TCP_SKB_CB(skb)->ip_dsfield; + + tcp_openreq_init_rwin(req_sock, sk, dst); + sk_rx_queue_set(req_to_sk(req_sock), skb); + if (!want_cookie) { + mptcp_reqsk_record_syn(sk, req_sock, skb); + mptcp_fo_sk =3D mptcp_try_fastopen(sk, skb, req_sock, &mptcp_foc, dst); + } + if (mptcp_fo_sk) { + af_ops->send_synack(mptcp_fo_sk, dst, &fl, req_sock, + &mptcp_foc, TCP_SYNACK_FASTOPEN, skb); + if (!inet_csk_reqsk_queue_add(sk, req_sock, mptcp_fo_sk)) { + reqsk_fastopen_remove(mptcp_fo_sk, req_sock, false); + bh_unlock_sock(mptcp_fo_sk); + sock_put(mptcp_fo_sk); + goto drop_and_free; + } + sk->sk_data_ready(sk); + bh_unlock_sock(mptcp_fo_sk); + sock_put(mptcp_fo_sk); + + + } else { + tcp_rsk(req_sock)->tfo_listener =3D false; + if (!want_cookie) { + req_sock->timeout =3D tcp_timeout_init((struct sock *)req_sock); + inet_csk_reqsk_queue_hash_add(sk, req_sock, req_sock->timeout); + } + af_ops->send_synack(sk, dst, &fl, req_sock, &mptcp_foc, + !want_cookie ? TCP_SYNACK_NORMAL : + TCP_SYNACK_COOKIE, + skb); + if (want_cookie) { + reqsk_free(req_sock); + return 0; + } + } + reqsk_put(req_sock); + return 0; + +drop_and_release: + dst_release(dst); +drop_and_free: + __reqsk_free(req_sock); +drop: + tcp_listendrop(sk); + return 0; +} diff --git a/net/mptcp/mptcp_fastopen.h b/net/mptcp/mptcp_fastopen.h new file mode 100644 index 000000000000..c050195c60a7 --- /dev/null +++ b/net/mptcp/mptcp_fastopen.h @@ -0,0 +1,67 @@ +/* SPDX-License-Identifier: GPL-2.0 + * MPTCP Fast Open Mechanism. Copyright (c) 2021-2022, Dmytro SHYTYI. + */ + +#ifndef __MPTCP_FASTOPEN_H +#define __MPTCP_FASTOPEN_H + +#include +#include +#include +#include "protocol.h" + +int mptcp_sendmsg_fastopen(struct sock *sk, struct msghdr *msg, + size_t len, struct mptcp_sock *msk, + size_t *copied); + +void mptcp_reqsk_record_syn(const struct sock *sk, + struct request_sock *req, + const struct sk_buff *skb); + +void mptcp_ecn_create_request(struct request_sock *req, + const struct sk_buff *skb, + const struct sock *listen_sk, + const struct dst_entry *dst); + +void mptcp_openreq_init(struct request_sock *req, + const struct tcp_options_received *rx_opt, + struct sk_buff *skb, const struct sock *sk); + +void mptcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb); + +struct sock *mptcp_fastopen_create_child(struct sock *sk, + struct sk_buff *skb, + struct request_sock *req); + +bool mptcp_fastopen_queue_check(struct sock *sk); + +bool mptcp_fastopen_cookie_gen_cipher(struct request_sock *req, + struct sk_buff *syn, + const siphash_key_t *key, + struct tcp_fastopen_cookie *foc); + +void mptcp_fastopen_cookie_gen(struct sock *sk, + struct request_sock *req, + struct sk_buff *syn, + struct tcp_fastopen_cookie *foc); + +int mptcp_fastopen_cookie_gen_check(struct sock *sk, + struct request_sock *req, + struct sk_buff *syn, + struct tcp_fastopen_cookie *orig, + struct tcp_fastopen_cookie *valid_foc); + +bool mptcp_fastopen_no_cookie(const struct sock *sk, + const struct dst_entry *dst, + int flag); + +struct sock *mptcp_try_fastopen(struct sock *sk, struct sk_buff *skb, + struct request_sock *req, + struct tcp_fastopen_cookie *foc, + const struct dst_entry *dst); + +int mptcp_conn_request(struct request_sock_ops *rsk_ops, + const struct tcp_request_sock_ops *af_ops, + struct sock *sk, struct sk_buff *skb); + +#endif /* __MPTCP_FASTOPEN_H */ diff --git a/net/mptcp/options.c b/net/mptcp/options.c index be3b918a6d15..1ce965ee71d2 100644 --- a/net/mptcp/options.c +++ b/net/mptcp/options.c @@ -887,16 +887,19 @@ bool mptcp_established_options(struct sock *sk, struc= t sk_buff *skb, } =20 bool mptcp_synack_options(const struct request_sock *req, unsigned int *si= ze, - struct mptcp_out_options *opts) + struct mptcp_out_options *opts, u16 *tcp_options) { struct mptcp_subflow_request_sock *subflow_req =3D mptcp_subflow_rsk(req); + struct inet_request_sock *ireq =3D inet_rsk(req); +#define OPTION_TS BIT(1) + *tcp_options ^=3D OPTION_TS; =20 if (subflow_req->mp_capable) { opts->suboptions =3D OPTION_MPTCP_MPC_SYNACK; opts->sndr_key =3D subflow_req->local_key; opts->csum_reqd =3D subflow_req->csum_reqd; opts->allow_join_id0 =3D subflow_req->allow_join_id0; - *size =3D TCPOLEN_MPTCP_MPC_SYNACK; + *size =3D TCPOLEN_MPTCP_MPC_SYNACK - TCPOLEN_TSTAMP_ALIGNED + TCPOLEN_S= ACKPERM_ALIGNED; pr_debug("subflow_req=3D%p, local_key=3D%llu", subflow_req, subflow_req->local_key); return true; diff --git a/net/mptcp/protocol.c b/net/mptcp/protocol.c index d6aef4b13b8a..64a2635405c4 100644 --- a/net/mptcp/protocol.c +++ b/net/mptcp/protocol.c @@ -25,6 +25,7 @@ #include #include "protocol.h" #include "mib.h" +#include "mptcp_fastopen.h" =20 #define CREATE_TRACE_POINTS #include @@ -1690,9 +1691,9 @@ static int mptcp_sendmsg(struct sock *sk, struct msgh= dr *msg, size_t len) int ret =3D 0; long timeo; =20 - /* we don't support FASTOPEN yet */ + /* we don't fully support FASTOPEN yet */ if (msg->msg_flags & MSG_FASTOPEN) - return -EOPNOTSUPP; + mptcp_sendmsg_fastopen(sk, msg, len, msk, &copied); =20 /* silently ignore everything else */ msg->msg_flags &=3D MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL; @@ -2681,6 +2682,7 @@ void mptcp_subflow_shutdown(struct sock *sk, struct s= ock *ssk, int how) case TCP_SYN_SENT: tcp_disconnect(ssk, O_NONBLOCK); break; + case TCP_ESTABLISHED: default: if (__mptcp_check_fallback(mptcp_sk(sk))) { pr_debug("Fallback"); @@ -3476,7 +3478,7 @@ static void mptcp_subflow_early_fallback(struct mptcp= _sock *msk, __mptcp_do_fallback(msk); } =20 -static int mptcp_stream_connect(struct socket *sock, struct sockaddr *uadd= r, +int mptcp_stream_connect(struct socket *sock, struct sockaddr *uaddr, int addr_len, int flags) { struct mptcp_sock *msk =3D mptcp_sk(sock->sk); diff --git a/net/mptcp/protocol.h b/net/mptcp/protocol.h index 8739794166d8..6b8784a35244 100644 --- a/net/mptcp/protocol.h +++ b/net/mptcp/protocol.h @@ -891,6 +891,9 @@ unsigned int mptcp_pm_get_add_addr_accept_max(const str= uct mptcp_sock *msk); unsigned int mptcp_pm_get_subflows_max(const struct mptcp_sock *msk); unsigned int mptcp_pm_get_local_addr_max(const struct mptcp_sock *msk); =20 +int mptcp_stream_connect(struct socket *sock, struct sockaddr *uaddr, + int addr_len, int flags); + /* called under PM lock */ static inline void __mptcp_pm_close_subflow(struct mptcp_sock *msk) { diff --git a/net/mptcp/sockopt.c b/net/mptcp/sockopt.c index 423d3826ca1e..e1ae1ef224cf 100644 --- a/net/mptcp/sockopt.c +++ b/net/mptcp/sockopt.c @@ -560,6 +560,8 @@ static bool mptcp_supported_sockopt(int level, int optn= ame) case TCP_TX_DELAY: case TCP_INQ: return true; + case TCP_FASTOPEN: + return true; } =20 /* TCP_MD5SIG, TCP_MD5SIG_EXT are not supported, MD5 is not compatible w= ith MPTCP */ @@ -768,6 +770,43 @@ static int mptcp_setsockopt_sol_tcp_defer(struct mptcp= _sock *msk, sockptr_t optv return tcp_setsockopt(listener->sk, SOL_TCP, TCP_DEFER_ACCEPT, optval, op= tlen); } =20 +static int mptcp_setsockopt_sol_tcp_fastopen(struct mptcp_sock *msk, sockp= tr_t optval, + unsigned int optlen) +{ + struct mptcp_subflow_context *subflow; + struct sock *sk =3D (struct sock *)msk; + struct net *net =3D sock_net(sk); + int val; + int ret; + + ret =3D 0; + + if (copy_from_sockptr(&val, optval, sizeof(val))) + return -EFAULT; + + lock_sock(sk); + + mptcp_for_each_subflow(msk, subflow) { + struct sock *ssk =3D mptcp_subflow_tcp_sock(subflow); + + lock_sock(ssk); + + if (val >=3D 0 && ((1 << sk->sk_state) & (TCPF_CLOSE | + TCPF_LISTEN))) { + tcp_fastopen_init_key_once(net); + fastopen_queue_tune(sk, val); + } else { + ret =3D -EINVAL; + } + + release_sock(ssk); + } + + release_sock(sk); + + return ret; +} + static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *msk, int optname, sockptr_t optval, unsigned int optlen) { @@ -796,6 +835,8 @@ static int mptcp_setsockopt_sol_tcp(struct mptcp_sock *= msk, int optname, return mptcp_setsockopt_sol_tcp_nodelay(msk, optval, optlen); case TCP_DEFER_ACCEPT: return mptcp_setsockopt_sol_tcp_defer(msk, optval, optlen); + case TCP_FASTOPEN: + return mptcp_setsockopt_sol_tcp_fastopen(msk, optval, optlen); } =20 return -EOPNOTSUPP; diff --git a/net/mptcp/subflow.c b/net/mptcp/subflow.c index 8841e8cd9ad8..9fa71b67fd5a 100644 --- a/net/mptcp/subflow.c +++ b/net/mptcp/subflow.c @@ -22,6 +22,7 @@ #endif #include #include +#include "mptcp_fastopen.h" #include "protocol.h" #include "mib.h" =20 @@ -542,9 +543,9 @@ static int subflow_v4_conn_request(struct sock *sk, str= uct sk_buff *skb) if (skb_rtable(skb)->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) goto drop; =20 - return tcp_conn_request(&mptcp_subflow_request_sock_ops, - &subflow_request_sock_ipv4_ops, - sk, skb); + return mptcp_conn_request(&mptcp_subflow_request_sock_ops, + &subflow_request_sock_ipv4_ops, + sk, skb); drop: tcp_listendrop(sk); return 0; --=20 2.25.1