Print this page
12976 system panics with error in IP module
Reviewed by: Andy Fiddaman <andy@omniosce.org>
Reviewed by: Paul Winder <p.winder@me.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/uts/common/inet/tcp/tcp.c
+++ new/usr/src/uts/common/inet/tcp/tcp.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
|
↓ open down ↓ |
13 lines elided |
↑ open up ↑ |
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21
22 22 /*
23 23 * Copyright (c) 1991, 2010, Oracle and/or its affiliates. All rights reserved.
24 - * Copyright 2019 Joyent, Inc.
25 24 * Copyright (c) 2011 Nexenta Systems, Inc. All rights reserved.
26 25 * Copyright (c) 2013, 2017 by Delphix. All rights reserved.
27 26 * Copyright 2014, OmniTI Computer Consulting, Inc. All rights reserved.
27 + * Copyright 2020 Joyent, Inc.
28 28 */
29 29 /* Copyright (c) 1990 Mentat Inc. */
30 30
31 31 #include <sys/types.h>
32 32 #include <sys/stream.h>
33 33 #include <sys/strsun.h>
34 34 #include <sys/strsubr.h>
35 35 #include <sys/stropts.h>
36 36 #include <sys/strlog.h>
37 37 #define _SUN_TPI_VERSION 2
38 38 #include <sys/tihdr.h>
39 39 #include <sys/timod.h>
40 40 #include <sys/ddi.h>
41 41 #include <sys/sunddi.h>
42 42 #include <sys/suntpi.h>
43 43 #include <sys/xti_inet.h>
44 44 #include <sys/cmn_err.h>
45 45 #include <sys/debug.h>
46 46 #include <sys/sdt.h>
47 47 #include <sys/vtrace.h>
48 48 #include <sys/kmem.h>
49 49 #include <sys/ethernet.h>
50 50 #include <sys/cpuvar.h>
51 51 #include <sys/dlpi.h>
52 52 #include <sys/pattr.h>
53 53 #include <sys/policy.h>
54 54 #include <sys/priv.h>
55 55 #include <sys/zone.h>
56 56 #include <sys/sunldi.h>
57 57
58 58 #include <sys/errno.h>
59 59 #include <sys/signal.h>
60 60 #include <sys/socket.h>
61 61 #include <sys/socketvar.h>
62 62 #include <sys/sockio.h>
63 63 #include <sys/isa_defs.h>
64 64 #include <sys/md5.h>
65 65 #include <sys/random.h>
66 66 #include <sys/uio.h>
67 67 #include <sys/systm.h>
68 68 #include <netinet/in.h>
69 69 #include <netinet/tcp.h>
70 70 #include <netinet/ip6.h>
71 71 #include <netinet/icmp6.h>
72 72 #include <net/if.h>
73 73 #include <net/route.h>
74 74 #include <inet/ipsec_impl.h>
75 75
76 76 #include <inet/common.h>
77 77 #include <inet/cc.h>
78 78 #include <inet/ip.h>
79 79 #include <inet/ip_impl.h>
80 80 #include <inet/ip6.h>
81 81 #include <inet/ip_ndp.h>
82 82 #include <inet/proto_set.h>
83 83 #include <inet/mib2.h>
84 84 #include <inet/optcom.h>
85 85 #include <inet/snmpcom.h>
86 86 #include <inet/kstatcom.h>
87 87 #include <inet/tcp.h>
88 88 #include <inet/tcp_impl.h>
89 89 #include <inet/tcp_cluster.h>
90 90 #include <inet/udp_impl.h>
91 91 #include <net/pfkeyv2.h>
92 92 #include <inet/ipdrop.h>
93 93
94 94 #include <inet/ipclassifier.h>
95 95 #include <inet/ip_ire.h>
96 96 #include <inet/ip_ftable.h>
97 97 #include <inet/ip_if.h>
98 98 #include <inet/ipp_common.h>
99 99 #include <inet/ip_rts.h>
100 100 #include <inet/ip_netinfo.h>
101 101 #include <sys/squeue_impl.h>
102 102 #include <sys/squeue.h>
103 103 #include <sys/tsol/label.h>
104 104 #include <sys/tsol/tnet.h>
105 105 #include <rpc/pmap_prot.h>
106 106 #include <sys/callo.h>
107 107
108 108 /*
109 109 * TCP Notes: aka FireEngine Phase I (PSARC 2002/433)
110 110 *
111 111 * (Read the detailed design doc in PSARC case directory)
112 112 *
113 113 * The entire tcp state is contained in tcp_t and conn_t structure
114 114 * which are allocated in tandem using ipcl_conn_create() and passing
115 115 * IPCL_TCPCONN as a flag. We use 'conn_ref' and 'conn_lock' to protect
116 116 * the references on the tcp_t. The tcp_t structure is never compressed
117 117 * and packets always land on the correct TCP perimeter from the time
118 118 * eager is created till the time tcp_t dies (as such the old mentat
119 119 * TCP global queue is not used for detached state and no IPSEC checking
120 120 * is required). The global queue is still allocated to send out resets
121 121 * for connection which have no listeners and IP directly calls
122 122 * tcp_xmit_listeners_reset() which does any policy check.
123 123 *
124 124 * Protection and Synchronisation mechanism:
125 125 *
126 126 * The tcp data structure does not use any kind of lock for protecting
127 127 * its state but instead uses 'squeues' for mutual exclusion from various
128 128 * read and write side threads. To access a tcp member, the thread should
129 129 * always be behind squeue (via squeue_enter with flags as SQ_FILL, SQ_PROCESS,
130 130 * or SQ_NODRAIN). Since the squeues allow a direct function call, caller
131 131 * can pass any tcp function having prototype of edesc_t as argument
132 132 * (different from traditional STREAMs model where packets come in only
133 133 * designated entry points). The list of functions that can be directly
134 134 * called via squeue are listed before the usual function prototype.
135 135 *
136 136 * Referencing:
137 137 *
138 138 * TCP is MT-Hot and we use a reference based scheme to make sure that the
139 139 * tcp structure doesn't disappear when its needed. When the application
140 140 * creates an outgoing connection or accepts an incoming connection, we
141 141 * start out with 2 references on 'conn_ref'. One for TCP and one for IP.
142 142 * The IP reference is just a symbolic reference since ip_tcpclose()
143 143 * looks at tcp structure after tcp_close_output() returns which could
144 144 * have dropped the last TCP reference. So as long as the connection is
145 145 * in attached state i.e. !TCP_IS_DETACHED, we have 2 references on the
146 146 * conn_t. The classifier puts its own reference when the connection is
147 147 * inserted in listen or connected hash. Anytime a thread needs to enter
148 148 * the tcp connection perimeter, it retrieves the conn/tcp from q->ptr
149 149 * on write side or by doing a classify on read side and then puts a
150 150 * reference on the conn before doing squeue_enter/tryenter/fill. For
151 151 * read side, the classifier itself puts the reference under fanout lock
152 152 * to make sure that tcp can't disappear before it gets processed. The
153 153 * squeue will drop this reference automatically so the called function
154 154 * doesn't have to do a DEC_REF.
155 155 *
156 156 * Opening a new connection:
157 157 *
158 158 * The outgoing connection open is pretty simple. tcp_open() does the
159 159 * work in creating the conn/tcp structure and initializing it. The
160 160 * squeue assignment is done based on the CPU the application
161 161 * is running on. So for outbound connections, processing is always done
162 162 * on application CPU which might be different from the incoming CPU
163 163 * being interrupted by the NIC. An optimal way would be to figure out
164 164 * the NIC <-> CPU binding at listen time, and assign the outgoing
165 165 * connection to the squeue attached to the CPU that will be interrupted
166 166 * for incoming packets (we know the NIC based on the bind IP address).
167 167 * This might seem like a problem if more data is going out but the
168 168 * fact is that in most cases the transmit is ACK driven transmit where
169 169 * the outgoing data normally sits on TCP's xmit queue waiting to be
170 170 * transmitted.
171 171 *
172 172 * Accepting a connection:
173 173 *
174 174 * This is a more interesting case because of various races involved in
175 175 * establishing a eager in its own perimeter. Read the meta comment on
176 176 * top of tcp_input_listener(). But briefly, the squeue is picked by
177 177 * ip_fanout based on the ring or the sender (if loopback).
178 178 *
179 179 * Closing a connection:
180 180 *
181 181 * The close is fairly straight forward. tcp_close() calls tcp_close_output()
182 182 * via squeue to do the close and mark the tcp as detached if the connection
183 183 * was in state TCPS_ESTABLISHED or greater. In the later case, TCP keep its
184 184 * reference but tcp_close() drop IP's reference always. So if tcp was
185 185 * not killed, it is sitting in time_wait list with 2 reference - 1 for TCP
186 186 * and 1 because it is in classifier's connected hash. This is the condition
187 187 * we use to determine that its OK to clean up the tcp outside of squeue
188 188 * when time wait expires (check the ref under fanout and conn_lock and
189 189 * if it is 2, remove it from fanout hash and kill it).
190 190 *
191 191 * Although close just drops the necessary references and marks the
192 192 * tcp_detached state, tcp_close needs to know the tcp_detached has been
193 193 * set (under squeue) before letting the STREAM go away (because a
194 194 * inbound packet might attempt to go up the STREAM while the close
195 195 * has happened and tcp_detached is not set). So a special lock and
196 196 * flag is used along with a condition variable (tcp_closelock, tcp_closed,
197 197 * and tcp_closecv) to signal tcp_close that tcp_close_out() has marked
198 198 * tcp_detached.
199 199 *
200 200 * Special provisions and fast paths:
201 201 *
202 202 * We make special provisions for sockfs by marking tcp_issocket
203 203 * whenever we have only sockfs on top of TCP. This allows us to skip
204 204 * putting the tcp in acceptor hash since a sockfs listener can never
205 205 * become acceptor and also avoid allocating a tcp_t for acceptor STREAM
206 206 * since eager has already been allocated and the accept now happens
207 207 * on acceptor STREAM. There is a big blob of comment on top of
208 208 * tcp_input_listener explaining the new accept. When socket is POP'd,
209 209 * sockfs sends us an ioctl to mark the fact and we go back to old
210 210 * behaviour. Once tcp_issocket is unset, its never set for the
211 211 * life of that connection.
212 212 *
213 213 * IPsec notes :
214 214 *
215 215 * Since a packet is always executed on the correct TCP perimeter
216 216 * all IPsec processing is defered to IP including checking new
217 217 * connections and setting IPSEC policies for new connection. The
218 218 * only exception is tcp_xmit_listeners_reset() which is called
219 219 * directly from IP and needs to policy check to see if TH_RST
220 220 * can be sent out.
221 221 */
222 222
223 223 /*
224 224 * Values for squeue switch:
225 225 * 1: SQ_NODRAIN
226 226 * 2: SQ_PROCESS
227 227 * 3: SQ_FILL
228 228 */
229 229 int tcp_squeue_wput = 2; /* /etc/systems */
230 230 int tcp_squeue_flag;
231 231
232 232 /*
233 233 * To prevent memory hog, limit the number of entries in tcp_free_list
234 234 * to 1% of available memory / number of cpus
235 235 */
236 236 uint_t tcp_free_list_max_cnt = 0;
237 237
238 238 #define TIDUSZ 4096 /* transport interface data unit size */
239 239
240 240 /*
241 241 * Size of acceptor hash list. It has to be a power of 2 for hashing.
242 242 */
243 243 #define TCP_ACCEPTOR_FANOUT_SIZE 512
244 244
245 245 #ifdef _ILP32
246 246 #define TCP_ACCEPTOR_HASH(accid) \
247 247 (((uint_t)(accid) >> 8) & (TCP_ACCEPTOR_FANOUT_SIZE - 1))
248 248 #else
249 249 #define TCP_ACCEPTOR_HASH(accid) \
250 250 ((uint_t)(accid) & (TCP_ACCEPTOR_FANOUT_SIZE - 1))
251 251 #endif /* _ILP32 */
252 252
253 253 /*
254 254 * Minimum number of connections which can be created per listener. Used
255 255 * when the listener connection count is in effect.
256 256 */
257 257 static uint32_t tcp_min_conn_listener = 2;
258 258
259 259 uint32_t tcp_early_abort = 30;
260 260
261 261 /* TCP Timer control structure */
262 262 typedef struct tcpt_s {
263 263 pfv_t tcpt_pfv; /* The routine we are to call */
264 264 tcp_t *tcpt_tcp; /* The parameter we are to pass in */
265 265 } tcpt_t;
266 266
267 267 /*
268 268 * Functions called directly via squeue having a prototype of edesc_t.
269 269 */
270 270 void tcp_input_data(void *arg, mblk_t *mp, void *arg2,
271 271 ip_recv_attr_t *ira);
272 272 static void tcp_linger_interrupted(void *arg, mblk_t *mp, void *arg2,
273 273 ip_recv_attr_t *dummy);
274 274
275 275
276 276 /* Prototype for TCP functions */
277 277 static void tcp_random_init(void);
278 278 int tcp_random(void);
279 279 static int tcp_connect_ipv4(tcp_t *tcp, ipaddr_t *dstaddrp,
280 280 in_port_t dstport, uint_t srcid);
281 281 static int tcp_connect_ipv6(tcp_t *tcp, in6_addr_t *dstaddrp,
282 282 in_port_t dstport, uint32_t flowinfo,
283 283 uint_t srcid, uint32_t scope_id);
284 284 static void tcp_iss_init(tcp_t *tcp);
285 285 static void tcp_reinit(tcp_t *tcp);
286 286 static void tcp_reinit_values(tcp_t *tcp);
287 287
288 288 static int tcp_wsrv(queue_t *q);
289 289 static void tcp_update_lso(tcp_t *tcp, ip_xmit_attr_t *ixa);
290 290 static void tcp_update_zcopy(tcp_t *tcp);
291 291 static void tcp_notify(void *, ip_xmit_attr_t *, ixa_notify_type_t,
292 292 ixa_notify_arg_t);
293 293 static void *tcp_stack_init(netstackid_t stackid, netstack_t *ns);
294 294 static void tcp_stack_fini(netstackid_t stackid, void *arg);
295 295
296 296 static int tcp_squeue_switch(int);
297 297
298 298 static int tcp_open(queue_t *, dev_t *, int, int, cred_t *, boolean_t);
299 299 static int tcp_openv4(queue_t *, dev_t *, int, int, cred_t *);
300 300 static int tcp_openv6(queue_t *, dev_t *, int, int, cred_t *);
301 301
302 302 static void tcp_squeue_add(squeue_t *);
303 303
304 304 struct module_info tcp_rinfo = {
305 305 TCP_MOD_ID, TCP_MOD_NAME, 0, INFPSZ, TCP_RECV_HIWATER, TCP_RECV_LOWATER
306 306 };
307 307
308 308 static struct module_info tcp_winfo = {
309 309 TCP_MOD_ID, TCP_MOD_NAME, 0, INFPSZ, 127, 16
310 310 };
311 311
312 312 /*
313 313 * Entry points for TCP as a device. The normal case which supports
314 314 * the TCP functionality.
315 315 * We have separate open functions for the /dev/tcp and /dev/tcp6 devices.
316 316 */
317 317 struct qinit tcp_rinitv4 = {
318 318 NULL, tcp_rsrv, tcp_openv4, tcp_tpi_close, NULL, &tcp_rinfo
319 319 };
320 320
321 321 struct qinit tcp_rinitv6 = {
322 322 NULL, tcp_rsrv, tcp_openv6, tcp_tpi_close, NULL, &tcp_rinfo
323 323 };
324 324
325 325 struct qinit tcp_winit = {
326 326 tcp_wput, tcp_wsrv, NULL, NULL, NULL, &tcp_winfo
327 327 };
328 328
329 329 /* Initial entry point for TCP in socket mode. */
330 330 struct qinit tcp_sock_winit = {
331 331 tcp_wput_sock, tcp_wsrv, NULL, NULL, NULL, &tcp_winfo
332 332 };
333 333
334 334 /* TCP entry point during fallback */
335 335 struct qinit tcp_fallback_sock_winit = {
336 336 tcp_wput_fallback, NULL, NULL, NULL, NULL, &tcp_winfo
337 337 };
338 338
339 339 /*
340 340 * Entry points for TCP as a acceptor STREAM opened by sockfs when doing
341 341 * an accept. Avoid allocating data structures since eager has already
342 342 * been created.
343 343 */
344 344 struct qinit tcp_acceptor_rinit = {
345 345 NULL, tcp_rsrv, NULL, tcp_tpi_close_accept, NULL, &tcp_winfo
346 346 };
347 347
348 348 struct qinit tcp_acceptor_winit = {
349 349 tcp_tpi_accept, NULL, NULL, NULL, NULL, &tcp_winfo
350 350 };
351 351
352 352 /* For AF_INET aka /dev/tcp */
353 353 struct streamtab tcpinfov4 = {
354 354 &tcp_rinitv4, &tcp_winit
355 355 };
356 356
357 357 /* For AF_INET6 aka /dev/tcp6 */
358 358 struct streamtab tcpinfov6 = {
359 359 &tcp_rinitv6, &tcp_winit
360 360 };
361 361
362 362 /*
363 363 * Following assumes TPI alignment requirements stay along 32 bit
364 364 * boundaries
365 365 */
366 366 #define ROUNDUP32(x) \
367 367 (((x) + (sizeof (int32_t) - 1)) & ~(sizeof (int32_t) - 1))
368 368
369 369 /* Template for response to info request. */
370 370 struct T_info_ack tcp_g_t_info_ack = {
371 371 T_INFO_ACK, /* PRIM_type */
372 372 0, /* TSDU_size */
373 373 T_INFINITE, /* ETSDU_size */
374 374 T_INVALID, /* CDATA_size */
375 375 T_INVALID, /* DDATA_size */
376 376 sizeof (sin_t), /* ADDR_size */
377 377 0, /* OPT_size - not initialized here */
378 378 TIDUSZ, /* TIDU_size */
379 379 T_COTS_ORD, /* SERV_type */
380 380 TCPS_IDLE, /* CURRENT_state */
381 381 (XPG4_1|EXPINLINE) /* PROVIDER_flag */
382 382 };
383 383
384 384 struct T_info_ack tcp_g_t_info_ack_v6 = {
385 385 T_INFO_ACK, /* PRIM_type */
386 386 0, /* TSDU_size */
387 387 T_INFINITE, /* ETSDU_size */
388 388 T_INVALID, /* CDATA_size */
389 389 T_INVALID, /* DDATA_size */
390 390 sizeof (sin6_t), /* ADDR_size */
391 391 0, /* OPT_size - not initialized here */
392 392 TIDUSZ, /* TIDU_size */
393 393 T_COTS_ORD, /* SERV_type */
394 394 TCPS_IDLE, /* CURRENT_state */
395 395 (XPG4_1|EXPINLINE) /* PROVIDER_flag */
396 396 };
397 397
398 398 /*
399 399 * TCP tunables related declarations. Definitions are in tcp_tunables.c
400 400 */
401 401 extern mod_prop_info_t tcp_propinfo_tbl[];
402 402 extern int tcp_propinfo_count;
403 403
404 404 #define IS_VMLOANED_MBLK(mp) \
405 405 (((mp)->b_datap->db_struioflag & STRUIO_ZC) != 0)
406 406
407 407 uint32_t do_tcpzcopy = 1; /* 0: disable, 1: enable, 2: force */
408 408
409 409 /*
410 410 * Forces all connections to obey the value of the tcps_maxpsz_multiplier
411 411 * tunable settable via NDD. Otherwise, the per-connection behavior is
412 412 * determined dynamically during tcp_set_destination(), which is the default.
413 413 */
414 414 boolean_t tcp_static_maxpsz = B_FALSE;
415 415
416 416 /*
417 417 * If the receive buffer size is changed, this function is called to update
418 418 * the upper socket layer on the new delayed receive wake up threshold.
419 419 */
420 420 static void
421 421 tcp_set_recv_threshold(tcp_t *tcp, uint32_t new_rcvthresh)
422 422 {
423 423 uint32_t default_threshold = SOCKET_RECVHIWATER >> 3;
424 424
425 425 if (IPCL_IS_NONSTR(tcp->tcp_connp)) {
426 426 conn_t *connp = tcp->tcp_connp;
427 427 struct sock_proto_props sopp;
428 428
429 429 /*
430 430 * only increase rcvthresh upto default_threshold
431 431 */
432 432 if (new_rcvthresh > default_threshold)
433 433 new_rcvthresh = default_threshold;
434 434
435 435 sopp.sopp_flags = SOCKOPT_RCVTHRESH;
436 436 sopp.sopp_rcvthresh = new_rcvthresh;
437 437
438 438 (*connp->conn_upcalls->su_set_proto_props)
439 439 (connp->conn_upper_handle, &sopp);
440 440 }
441 441 }
442 442
443 443 /*
444 444 * Figure out the value of window scale opton. Note that the rwnd is
445 445 * ASSUMED to be rounded up to the nearest MSS before the calculation.
446 446 * We cannot find the scale value and then do a round up of tcp_rwnd
447 447 * because the scale value may not be correct after that.
448 448 *
449 449 * Set the compiler flag to make this function inline.
450 450 */
451 451 void
452 452 tcp_set_ws_value(tcp_t *tcp)
453 453 {
454 454 int i;
455 455 uint32_t rwnd = tcp->tcp_rwnd;
456 456
457 457 for (i = 0; rwnd > TCP_MAXWIN && i < TCP_MAX_WINSHIFT;
458 458 i++, rwnd >>= 1)
459 459 ;
460 460 tcp->tcp_rcv_ws = i;
461 461 }
462 462
463 463 /*
464 464 * Remove cached/latched IPsec references.
465 465 */
466 466 void
467 467 tcp_ipsec_cleanup(tcp_t *tcp)
468 468 {
469 469 conn_t *connp = tcp->tcp_connp;
470 470
471 471 ASSERT(connp->conn_flags & IPCL_TCPCONN);
472 472
473 473 if (connp->conn_latch != NULL) {
474 474 IPLATCH_REFRELE(connp->conn_latch);
475 475 connp->conn_latch = NULL;
476 476 }
477 477 if (connp->conn_latch_in_policy != NULL) {
478 478 IPPOL_REFRELE(connp->conn_latch_in_policy);
479 479 connp->conn_latch_in_policy = NULL;
480 480 }
481 481 if (connp->conn_latch_in_action != NULL) {
482 482 IPACT_REFRELE(connp->conn_latch_in_action);
483 483 connp->conn_latch_in_action = NULL;
484 484 }
485 485 if (connp->conn_policy != NULL) {
486 486 IPPH_REFRELE(connp->conn_policy, connp->conn_netstack);
487 487 connp->conn_policy = NULL;
488 488 }
489 489 }
490 490
491 491 /*
492 492 * Cleaup before placing on free list.
493 493 * Disassociate from the netstack/tcp_stack_t since the freelist
494 494 * is per squeue and not per netstack.
495 495 */
496 496 void
497 497 tcp_cleanup(tcp_t *tcp)
498 498 {
499 499 mblk_t *mp;
500 500 conn_t *connp = tcp->tcp_connp;
501 501 tcp_stack_t *tcps = tcp->tcp_tcps;
502 502 netstack_t *ns = tcps->tcps_netstack;
503 503 mblk_t *tcp_rsrv_mp;
504 504
505 505 tcp_bind_hash_remove(tcp);
506 506
507 507 /* Cleanup that which needs the netstack first */
508 508 tcp_ipsec_cleanup(tcp);
509 509 ixa_cleanup(connp->conn_ixa);
510 510
511 511 if (connp->conn_ht_iphc != NULL) {
512 512 kmem_free(connp->conn_ht_iphc, connp->conn_ht_iphc_allocated);
513 513 connp->conn_ht_iphc = NULL;
514 514 connp->conn_ht_iphc_allocated = 0;
515 515 connp->conn_ht_iphc_len = 0;
516 516 connp->conn_ht_ulp = NULL;
517 517 connp->conn_ht_ulp_len = 0;
518 518 tcp->tcp_ipha = NULL;
519 519 tcp->tcp_ip6h = NULL;
520 520 tcp->tcp_tcpha = NULL;
521 521 }
522 522
523 523 /* We clear any IP_OPTIONS and extension headers */
524 524 ip_pkt_free(&connp->conn_xmit_ipp);
525 525
526 526 tcp_free(tcp);
527 527
528 528 /*
529 529 * Since we will bzero the entire structure, we need to
530 530 * remove it and reinsert it in global hash list. We
531 531 * know the walkers can't get to this conn because we
532 532 * had set CONDEMNED flag earlier and checked reference
533 533 * under conn_lock so walker won't pick it and when we
534 534 * go the ipcl_globalhash_remove() below, no walker
535 535 * can get to it.
536 536 */
537 537 ipcl_globalhash_remove(connp);
538 538
539 539 /* Save some state */
540 540 mp = tcp->tcp_timercache;
541 541
542 542 tcp_rsrv_mp = tcp->tcp_rsrv_mp;
543 543
544 544 if (connp->conn_cred != NULL) {
545 545 crfree(connp->conn_cred);
546 546 connp->conn_cred = NULL;
547 547 }
548 548 ipcl_conn_cleanup(connp);
549 549 connp->conn_flags = IPCL_TCPCONN;
550 550
551 551 /*
552 552 * Now it is safe to decrement the reference counts.
553 553 * This might be the last reference on the netstack
554 554 * in which case it will cause the freeing of the IP Instance.
555 555 */
556 556 connp->conn_netstack = NULL;
557 557 connp->conn_ixa->ixa_ipst = NULL;
558 558 netstack_rele(ns);
559 559 ASSERT(tcps != NULL);
560 560 tcp->tcp_tcps = NULL;
561 561
562 562 bzero(tcp, sizeof (tcp_t));
563 563
564 564 /* restore the state */
565 565 tcp->tcp_timercache = mp;
566 566
567 567 tcp->tcp_rsrv_mp = tcp_rsrv_mp;
568 568
569 569 tcp->tcp_connp = connp;
570 570
571 571 ASSERT(connp->conn_tcp == tcp);
572 572 ASSERT(connp->conn_flags & IPCL_TCPCONN);
573 573 connp->conn_state_flags = CONN_INCIPIENT;
574 574 ASSERT(connp->conn_proto == IPPROTO_TCP);
575 575 ASSERT(connp->conn_ref == 1);
576 576 }
577 577
578 578 /*
579 579 * Adapt to the information, such as rtt and rtt_sd, provided from the
580 580 * DCE and IRE maintained by IP.
581 581 *
582 582 * Checks for multicast and broadcast destination address.
583 583 * Returns zero if ok; an errno on failure.
584 584 *
585 585 * Note that the MSS calculation here is based on the info given in
586 586 * the DCE and IRE. We do not do any calculation based on TCP options. They
587 587 * will be handled in tcp_input_data() when TCP knows which options to use.
588 588 *
589 589 * Note on how TCP gets its parameters for a connection.
590 590 *
591 591 * When a tcp_t structure is allocated, it gets all the default parameters.
592 592 * In tcp_set_destination(), it gets those metric parameters, like rtt, rtt_sd,
593 593 * spipe, rpipe, ... from the route metrics. Route metric overrides the
594 594 * default.
595 595 *
596 596 * An incoming SYN with a multicast or broadcast destination address is dropped
597 597 * in ip_fanout_v4/v6.
598 598 *
599 599 * An incoming SYN with a multicast or broadcast source address is always
600 600 * dropped in tcp_set_destination, since IPDF_ALLOW_MCBC is not set in
601 601 * conn_connect.
602 602 * The same logic in tcp_set_destination also serves to
603 603 * reject an attempt to connect to a broadcast or multicast (destination)
604 604 * address.
605 605 */
606 606 int
607 607 tcp_set_destination(tcp_t *tcp)
608 608 {
609 609 uint32_t mss_max;
610 610 uint32_t mss;
611 611 boolean_t tcp_detached = TCP_IS_DETACHED(tcp);
612 612 conn_t *connp = tcp->tcp_connp;
613 613 tcp_stack_t *tcps = tcp->tcp_tcps;
614 614 iulp_t uinfo;
615 615 int error;
616 616 uint32_t flags;
617 617
618 618 flags = IPDF_LSO | IPDF_ZCOPY;
619 619 /*
620 620 * Make sure we have a dce for the destination to avoid dce_ident
621 621 * contention for connected sockets.
622 622 */
623 623 flags |= IPDF_UNIQUE_DCE;
624 624
625 625 if (!tcps->tcps_ignore_path_mtu)
626 626 connp->conn_ixa->ixa_flags |= IXAF_PMTU_DISCOVERY;
627 627
628 628 /* Use conn_lock to satify ASSERT; tcp is already serialized */
629 629 mutex_enter(&connp->conn_lock);
630 630 error = conn_connect(connp, &uinfo, flags);
631 631 mutex_exit(&connp->conn_lock);
632 632 if (error != 0)
633 633 return (error);
634 634
635 635 error = tcp_build_hdrs(tcp);
636 636 if (error != 0)
637 637 return (error);
638 638
639 639 tcp->tcp_localnet = uinfo.iulp_localnet;
640 640
641 641 if (uinfo.iulp_rtt != 0) {
642 642 tcp->tcp_rtt_sa = MSEC2NSEC(uinfo.iulp_rtt);
643 643 tcp->tcp_rtt_sd = MSEC2NSEC(uinfo.iulp_rtt_sd);
644 644 tcp->tcp_rto = tcp_calculate_rto(tcp, tcps, 0);
645 645 }
646 646 if (uinfo.iulp_ssthresh != 0)
647 647 tcp->tcp_cwnd_ssthresh = uinfo.iulp_ssthresh;
648 648 else
649 649 tcp->tcp_cwnd_ssthresh = TCP_MAX_LARGEWIN;
650 650 if (uinfo.iulp_spipe > 0) {
651 651 connp->conn_sndbuf = MIN(uinfo.iulp_spipe,
652 652 tcps->tcps_max_buf);
653 653 if (tcps->tcps_snd_lowat_fraction != 0) {
654 654 connp->conn_sndlowat = connp->conn_sndbuf /
655 655 tcps->tcps_snd_lowat_fraction;
656 656 }
657 657 (void) tcp_maxpsz_set(tcp, B_TRUE);
658 658 }
659 659 /*
660 660 * Note that up till now, acceptor always inherits receive
661 661 * window from the listener. But if there is a metrics
662 662 * associated with a host, we should use that instead of
663 663 * inheriting it from listener. Thus we need to pass this
664 664 * info back to the caller.
665 665 */
666 666 if (uinfo.iulp_rpipe > 0) {
667 667 tcp->tcp_rwnd = MIN(uinfo.iulp_rpipe,
668 668 tcps->tcps_max_buf);
669 669 }
670 670
671 671 if (uinfo.iulp_rtomax > 0) {
672 672 tcp->tcp_second_timer_threshold =
673 673 uinfo.iulp_rtomax;
674 674 }
675 675
676 676 /*
677 677 * Use the metric option settings, iulp_tstamp_ok and
678 678 * iulp_wscale_ok, only for active open. What this means
679 679 * is that if the other side uses timestamp or window
680 680 * scale option, TCP will also use those options. That
681 681 * is for passive open. If the application sets a
682 682 * large window, window scale is enabled regardless of
683 683 * the value in iulp_wscale_ok. This is the behavior
684 684 * since 2.6. So we keep it.
685 685 * The only case left in passive open processing is the
686 686 * check for SACK.
687 687 * For ECN, it should probably be like SACK. But the
688 688 * current value is binary, so we treat it like the other
689 689 * cases. The metric only controls active open.For passive
690 690 * open, the ndd param, tcp_ecn_permitted, controls the
691 691 * behavior.
692 692 */
693 693 if (!tcp_detached) {
694 694 /*
695 695 * The if check means that the following can only
696 696 * be turned on by the metrics only IRE, but not off.
697 697 */
698 698 if (uinfo.iulp_tstamp_ok)
699 699 tcp->tcp_snd_ts_ok = B_TRUE;
700 700 if (uinfo.iulp_wscale_ok)
701 701 tcp->tcp_snd_ws_ok = B_TRUE;
702 702 if (uinfo.iulp_sack == 2)
703 703 tcp->tcp_snd_sack_ok = B_TRUE;
704 704 if (uinfo.iulp_ecn_ok)
705 705 tcp->tcp_ecn_ok = B_TRUE;
706 706 } else {
707 707 /*
708 708 * Passive open.
709 709 *
710 710 * As above, the if check means that SACK can only be
711 711 * turned on by the metric only IRE.
712 712 */
713 713 if (uinfo.iulp_sack > 0) {
714 714 tcp->tcp_snd_sack_ok = B_TRUE;
715 715 }
716 716 }
717 717
718 718 /*
719 719 * XXX Note that currently, iulp_mtu can be as small as 68
720 720 * because of PMTUd. So tcp_mss may go to negative if combined
721 721 * length of all those options exceeds 28 bytes. But because
722 722 * of the tcp_mss_min check below, we may not have a problem if
723 723 * tcp_mss_min is of a reasonable value. The default is 1 so
724 724 * the negative problem still exists. And the check defeats PMTUd.
725 725 * In fact, if PMTUd finds that the MSS should be smaller than
726 726 * tcp_mss_min, TCP should turn off PMUTd and use the tcp_mss_min
727 727 * value.
728 728 *
729 729 * We do not deal with that now. All those problems related to
730 730 * PMTUd will be fixed later.
731 731 */
732 732 ASSERT(uinfo.iulp_mtu != 0);
733 733 mss = tcp->tcp_initial_pmtu = uinfo.iulp_mtu;
734 734
735 735 /* Sanity check for MSS value. */
736 736 if (connp->conn_ipversion == IPV4_VERSION)
737 737 mss_max = tcps->tcps_mss_max_ipv4;
738 738 else
739 739 mss_max = tcps->tcps_mss_max_ipv6;
740 740
741 741 if (tcp->tcp_ipsec_overhead == 0)
742 742 tcp->tcp_ipsec_overhead = conn_ipsec_length(connp);
743 743
744 744 mss -= tcp->tcp_ipsec_overhead;
745 745
746 746 if (mss < tcps->tcps_mss_min)
747 747 mss = tcps->tcps_mss_min;
748 748 if (mss > mss_max)
749 749 mss = mss_max;
750 750
751 751 /* Note that this is the maximum MSS, excluding all options. */
752 752 tcp->tcp_mss = mss;
753 753
754 754 /*
755 755 * Update the tcp connection with LSO capability.
756 756 */
757 757 tcp_update_lso(tcp, connp->conn_ixa);
758 758
759 759 /*
760 760 * Initialize the ISS here now that we have the full connection ID.
761 761 * The RFC 1948 method of initial sequence number generation requires
762 762 * knowledge of the full connection ID before setting the ISS.
763 763 */
764 764 tcp_iss_init(tcp);
765 765
766 766 tcp->tcp_loopback = (uinfo.iulp_loopback | uinfo.iulp_local);
767 767
768 768 /*
769 769 * Make sure that conn is not marked incipient
770 770 * for incoming connections. A blind
771 771 * removal of incipient flag is cheaper than
772 772 * check and removal.
773 773 */
774 774 mutex_enter(&connp->conn_lock);
775 775 connp->conn_state_flags &= ~CONN_INCIPIENT;
776 776 mutex_exit(&connp->conn_lock);
777 777 return (0);
778 778 }
779 779
780 780 /*
781 781 * tcp_clean_death / tcp_close_detached must not be called more than once
782 782 * on a tcp. Thus every function that potentially calls tcp_clean_death
783 783 * must check for the tcp state before calling tcp_clean_death.
784 784 * Eg. tcp_input_data, tcp_eager_kill, tcp_clean_death_wrapper,
785 785 * tcp_timer_handler, all check for the tcp state.
786 786 */
787 787 /* ARGSUSED */
788 788 void
789 789 tcp_clean_death_wrapper(void *arg, mblk_t *mp, void *arg2,
790 790 ip_recv_attr_t *dummy)
791 791 {
792 792 tcp_t *tcp = ((conn_t *)arg)->conn_tcp;
793 793
794 794 freemsg(mp);
795 795 if (tcp->tcp_state > TCPS_BOUND)
796 796 (void) tcp_clean_death(((conn_t *)arg)->conn_tcp, ETIMEDOUT);
797 797 }
798 798
799 799 /*
800 800 * We are dying for some reason. Try to do it gracefully. (May be called
801 801 * as writer.)
802 802 *
803 803 * Return -1 if the structure was not cleaned up (if the cleanup had to be
804 804 * done by a service procedure).
805 805 * TBD - Should the return value distinguish between the tcp_t being
806 806 * freed and it being reinitialized?
807 807 */
808 808 int
809 809 tcp_clean_death(tcp_t *tcp, int err)
810 810 {
811 811 mblk_t *mp;
812 812 queue_t *q;
813 813 conn_t *connp = tcp->tcp_connp;
814 814 tcp_stack_t *tcps = tcp->tcp_tcps;
815 815
816 816 if (tcp->tcp_fused)
817 817 tcp_unfuse(tcp);
818 818
819 819 if (tcp->tcp_linger_tid != 0 &&
820 820 TCP_TIMER_CANCEL(tcp, tcp->tcp_linger_tid) >= 0) {
821 821 tcp_stop_lingering(tcp);
822 822 }
823 823
824 824 ASSERT(tcp != NULL);
825 825 ASSERT((connp->conn_family == AF_INET &&
826 826 connp->conn_ipversion == IPV4_VERSION) ||
827 827 (connp->conn_family == AF_INET6 &&
828 828 (connp->conn_ipversion == IPV4_VERSION ||
829 829 connp->conn_ipversion == IPV6_VERSION)));
830 830
831 831 if (TCP_IS_DETACHED(tcp)) {
832 832 if (tcp->tcp_hard_binding) {
833 833 /*
834 834 * Its an eager that we are dealing with. We close the
835 835 * eager but in case a conn_ind has already gone to the
836 836 * listener, let tcp_accept_finish() send a discon_ind
837 837 * to the listener and drop the last reference. If the
838 838 * listener doesn't even know about the eager i.e. the
839 839 * conn_ind hasn't gone up, blow away the eager and drop
840 840 * the last reference as well. If the conn_ind has gone
841 841 * up, state should be BOUND. tcp_accept_finish
842 842 * will figure out that the connection has received a
843 843 * RST and will send a DISCON_IND to the application.
844 844 */
845 845 tcp_closei_local(tcp);
846 846 if (!tcp->tcp_tconnind_started) {
847 847 CONN_DEC_REF(connp);
848 848 } else {
849 849 tcp->tcp_state = TCPS_BOUND;
850 850 DTRACE_TCP6(state__change, void, NULL,
851 851 ip_xmit_attr_t *, connp->conn_ixa,
852 852 void, NULL, tcp_t *, tcp, void, NULL,
853 853 int32_t, TCPS_CLOSED);
854 854 }
855 855 } else {
856 856 tcp_close_detached(tcp);
857 857 }
858 858 return (0);
859 859 }
860 860
861 861 TCP_STAT(tcps, tcp_clean_death_nondetached);
862 862
863 863 /*
864 864 * The connection is dead. Decrement listener connection counter if
865 865 * necessary.
866 866 */
867 867 if (tcp->tcp_listen_cnt != NULL)
868 868 TCP_DECR_LISTEN_CNT(tcp);
869 869
870 870 /*
871 871 * When a connection is moved to TIME_WAIT state, the connection
872 872 * counter is already decremented. So no need to decrement here
873 873 * again. See SET_TIME_WAIT() macro.
874 874 */
875 875 if (tcp->tcp_state >= TCPS_ESTABLISHED &&
876 876 tcp->tcp_state < TCPS_TIME_WAIT) {
877 877 TCPS_CONN_DEC(tcps);
878 878 }
879 879
880 880 q = connp->conn_rq;
881 881
882 882 /* Trash all inbound data */
883 883 if (!IPCL_IS_NONSTR(connp)) {
884 884 ASSERT(q != NULL);
885 885 flushq(q, FLUSHALL);
886 886 }
887 887
888 888 /*
889 889 * If we are at least part way open and there is error
890 890 * (err==0 implies no error)
891 891 * notify our client by a T_DISCON_IND.
892 892 */
893 893 if ((tcp->tcp_state >= TCPS_SYN_SENT) && err) {
894 894 if (tcp->tcp_state >= TCPS_ESTABLISHED &&
895 895 !TCP_IS_SOCKET(tcp)) {
896 896 /*
897 897 * Send M_FLUSH according to TPI. Because sockets will
898 898 * (and must) ignore FLUSHR we do that only for TPI
899 899 * endpoints and sockets in STREAMS mode.
900 900 */
901 901 (void) putnextctl1(q, M_FLUSH, FLUSHR);
902 902 }
903 903 if (connp->conn_debug) {
904 904 (void) strlog(TCP_MOD_ID, 0, 1, SL_TRACE|SL_ERROR,
905 905 "tcp_clean_death: discon err %d", err);
906 906 }
907 907 if (IPCL_IS_NONSTR(connp)) {
908 908 /* Direct socket, use upcall */
909 909 (*connp->conn_upcalls->su_disconnected)(
910 910 connp->conn_upper_handle, tcp->tcp_connid, err);
911 911 } else {
912 912 mp = mi_tpi_discon_ind(NULL, err, 0);
913 913 if (mp != NULL) {
914 914 putnext(q, mp);
915 915 } else {
916 916 if (connp->conn_debug) {
917 917 (void) strlog(TCP_MOD_ID, 0, 1,
918 918 SL_ERROR|SL_TRACE,
919 919 "tcp_clean_death, sending M_ERROR");
920 920 }
921 921 (void) putnextctl1(q, M_ERROR, EPROTO);
922 922 }
923 923 }
924 924 if (tcp->tcp_state <= TCPS_SYN_RCVD) {
925 925 /* SYN_SENT or SYN_RCVD */
926 926 TCPS_BUMP_MIB(tcps, tcpAttemptFails);
927 927 } else if (tcp->tcp_state <= TCPS_CLOSE_WAIT) {
928 928 /* ESTABLISHED or CLOSE_WAIT */
929 929 TCPS_BUMP_MIB(tcps, tcpEstabResets);
930 930 }
931 931 }
932 932
933 933 /*
934 934 * ESTABLISHED non-STREAMS eagers are not 'detached' because
935 935 * an upper handle is obtained when the SYN-ACK comes in. So it
936 936 * should receive the 'disconnected' upcall, but tcp_reinit should
937 937 * not be called since this is an eager.
938 938 */
939 939 if (tcp->tcp_listener != NULL && IPCL_IS_NONSTR(connp)) {
940 940 tcp_closei_local(tcp);
941 941 tcp->tcp_state = TCPS_BOUND;
942 942 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
943 943 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
944 944 int32_t, TCPS_CLOSED);
945 945 return (0);
946 946 }
947 947
948 948 tcp_reinit(tcp);
949 949 if (IPCL_IS_NONSTR(connp))
950 950 (void) tcp_do_unbind(connp);
951 951
952 952 return (-1);
953 953 }
954 954
955 955 /*
956 956 * In case tcp is in the "lingering state" and waits for the SO_LINGER timeout
957 957 * to expire, stop the wait and finish the close.
958 958 */
959 959 void
960 960 tcp_stop_lingering(tcp_t *tcp)
961 961 {
962 962 clock_t delta = 0;
963 963 tcp_stack_t *tcps = tcp->tcp_tcps;
964 964 conn_t *connp = tcp->tcp_connp;
965 965
966 966 tcp->tcp_linger_tid = 0;
967 967 if (tcp->tcp_state > TCPS_LISTEN) {
968 968 tcp_acceptor_hash_remove(tcp);
969 969 mutex_enter(&tcp->tcp_non_sq_lock);
970 970 if (tcp->tcp_flow_stopped) {
971 971 tcp_clrqfull(tcp);
972 972 }
973 973 mutex_exit(&tcp->tcp_non_sq_lock);
974 974
975 975 if (tcp->tcp_timer_tid != 0) {
976 976 delta = TCP_TIMER_CANCEL(tcp, tcp->tcp_timer_tid);
977 977 tcp->tcp_timer_tid = 0;
978 978 }
979 979 /*
980 980 * Need to cancel those timers which will not be used when
981 981 * TCP is detached. This has to be done before the conn_wq
982 982 * is cleared.
983 983 */
984 984 tcp_timers_stop(tcp);
985 985
986 986 tcp->tcp_detached = B_TRUE;
987 987 connp->conn_rq = NULL;
988 988 connp->conn_wq = NULL;
989 989
990 990 if (tcp->tcp_state == TCPS_TIME_WAIT) {
991 991 tcp_time_wait_append(tcp);
992 992 TCP_DBGSTAT(tcps, tcp_detach_time_wait);
993 993 goto finish;
994 994 }
995 995
996 996 /*
997 997 * If delta is zero the timer event wasn't executed and was
998 998 * successfully canceled. In this case we need to restart it
999 999 * with the minimal delta possible.
1000 1000 */
1001 1001 if (delta >= 0) {
1002 1002 tcp->tcp_timer_tid = TCP_TIMER(tcp, tcp_timer,
1003 1003 delta ? delta : 1);
1004 1004 }
1005 1005 } else {
1006 1006 tcp_closei_local(tcp);
1007 1007 CONN_DEC_REF(connp);
1008 1008 }
1009 1009 finish:
1010 1010 tcp->tcp_detached = B_TRUE;
1011 1011 connp->conn_rq = NULL;
|
↓ open down ↓ |
974 lines elided |
↑ open up ↑ |
1012 1012 connp->conn_wq = NULL;
1013 1013
1014 1014 /* Signal closing thread that it can complete close */
1015 1015 mutex_enter(&tcp->tcp_closelock);
1016 1016 tcp->tcp_closed = 1;
1017 1017 cv_signal(&tcp->tcp_closecv);
1018 1018 mutex_exit(&tcp->tcp_closelock);
1019 1019
1020 1020 /* If we have an upper handle (socket), release it */
1021 1021 if (IPCL_IS_NONSTR(connp)) {
1022 - ASSERT(connp->conn_upper_handle != NULL);
1023 - (*connp->conn_upcalls->su_closed)(connp->conn_upper_handle);
1022 + sock_upcalls_t *upcalls = connp->conn_upcalls;
1023 + sock_upper_handle_t handle = connp->conn_upper_handle;
1024 +
1025 + ASSERT(upcalls != NULL);
1026 + ASSERT(upcalls->su_closed != NULL);
1027 + ASSERT(handle != NULL);
1028 + /*
1029 + * Set these to NULL first because closed() will free upper
1030 + * structures. Acquire conn_lock because an external caller
1031 + * like conn_get_socket_info() will upcall if these are
1032 + * non-NULL.
1033 + */
1034 + mutex_enter(&connp->conn_lock);
1024 1035 connp->conn_upper_handle = NULL;
1025 1036 connp->conn_upcalls = NULL;
1037 + mutex_exit(&connp->conn_lock);
1038 + upcalls->su_closed(handle);
1026 1039 }
1027 1040 }
1028 1041
1029 1042 void
1030 1043 tcp_close_common(conn_t *connp, int flags)
1031 1044 {
1032 1045 tcp_t *tcp = connp->conn_tcp;
1033 1046 mblk_t *mp = &tcp->tcp_closemp;
1034 1047 boolean_t conn_ioctl_cleanup_reqd = B_FALSE;
1035 1048 mblk_t *bp;
1036 1049
1037 1050 ASSERT(connp->conn_ref >= 2);
1038 1051
1039 1052 /*
1040 1053 * Mark the conn as closing. ipsq_pending_mp_add will not
1041 1054 * add any mp to the pending mp list, after this conn has
1042 1055 * started closing.
1043 1056 */
1044 1057 mutex_enter(&connp->conn_lock);
1045 1058 connp->conn_state_flags |= CONN_CLOSING;
1046 1059 if (connp->conn_oper_pending_ill != NULL)
1047 1060 conn_ioctl_cleanup_reqd = B_TRUE;
1048 1061 CONN_INC_REF_LOCKED(connp);
1049 1062 mutex_exit(&connp->conn_lock);
1050 1063 tcp->tcp_closeflags = (uint8_t)flags;
1051 1064 ASSERT(connp->conn_ref >= 3);
1052 1065
1053 1066 /*
1054 1067 * tcp_closemp_used is used below without any protection of a lock
1055 1068 * as we don't expect any one else to use it concurrently at this
1056 1069 * point otherwise it would be a major defect.
1057 1070 */
1058 1071
1059 1072 if (mp->b_prev == NULL)
1060 1073 tcp->tcp_closemp_used = B_TRUE;
1061 1074 else
1062 1075 cmn_err(CE_PANIC, "tcp_close: concurrent use of tcp_closemp: "
1063 1076 "connp %p tcp %p\n", (void *)connp, (void *)tcp);
1064 1077
1065 1078 TCP_DEBUG_GETPCSTACK(tcp->tcmp_stk, 15);
1066 1079
1067 1080 /*
1068 1081 * Cleanup any queued ioctls here. This must be done before the wq/rq
1069 1082 * are re-written by tcp_close_output().
1070 1083 */
1071 1084 if (conn_ioctl_cleanup_reqd)
1072 1085 conn_ioctl_cleanup(connp);
1073 1086
1074 1087 /*
1075 1088 * As CONN_CLOSING is set, no further ioctls should be passed down to
1076 1089 * IP for this conn (see the guards in tcp_ioctl, tcp_wput_ioctl and
1077 1090 * tcp_wput_iocdata). If the ioctl was queued on an ipsq,
1078 1091 * conn_ioctl_cleanup should have found it and removed it. If the ioctl
1079 1092 * was still in flight at the time, we wait for it here. See comments
1080 1093 * for CONN_INC_IOCTLREF in ip.h for details.
1081 1094 */
1082 1095 mutex_enter(&connp->conn_lock);
1083 1096 while (connp->conn_ioctlref > 0)
1084 1097 cv_wait(&connp->conn_cv, &connp->conn_lock);
1085 1098 ASSERT(connp->conn_ioctlref == 0);
1086 1099 ASSERT(connp->conn_oper_pending_ill == NULL);
1087 1100 mutex_exit(&connp->conn_lock);
1088 1101
1089 1102 SQUEUE_ENTER_ONE(connp->conn_sqp, mp, tcp_close_output, connp,
1090 1103 NULL, tcp_squeue_flag, SQTAG_IP_TCP_CLOSE);
1091 1104
1092 1105 /*
1093 1106 * For non-STREAMS sockets, the normal case is that the conn makes
1094 1107 * an upcall when it's finally closed, so there is no need to wait
1095 1108 * in the protocol. But in case of SO_LINGER the thread sleeps here
1096 1109 * so it can properly deal with the thread being interrupted.
1097 1110 */
1098 1111 if (IPCL_IS_NONSTR(connp) && connp->conn_linger == 0)
1099 1112 goto nowait;
1100 1113
1101 1114 mutex_enter(&tcp->tcp_closelock);
1102 1115 while (!tcp->tcp_closed) {
1103 1116 if (!cv_wait_sig(&tcp->tcp_closecv, &tcp->tcp_closelock)) {
1104 1117 /*
1105 1118 * The cv_wait_sig() was interrupted. We now do the
1106 1119 * following:
1107 1120 *
1108 1121 * 1) If the endpoint was lingering, we allow this
1109 1122 * to be interrupted by cancelling the linger timeout
1110 1123 * and closing normally.
1111 1124 *
1112 1125 * 2) Revert to calling cv_wait()
1113 1126 *
1114 1127 * We revert to using cv_wait() to avoid an
1115 1128 * infinite loop which can occur if the calling
1116 1129 * thread is higher priority than the squeue worker
1117 1130 * thread and is bound to the same cpu.
1118 1131 */
1119 1132 if (connp->conn_linger && connp->conn_lingertime > 0) {
1120 1133 mutex_exit(&tcp->tcp_closelock);
1121 1134 /* Entering squeue, bump ref count. */
1122 1135 CONN_INC_REF(connp);
1123 1136 bp = allocb_wait(0, BPRI_HI, STR_NOSIG, NULL);
1124 1137 SQUEUE_ENTER_ONE(connp->conn_sqp, bp,
1125 1138 tcp_linger_interrupted, connp, NULL,
1126 1139 tcp_squeue_flag, SQTAG_IP_TCP_CLOSE);
1127 1140 mutex_enter(&tcp->tcp_closelock);
1128 1141 }
1129 1142 break;
1130 1143 }
1131 1144 }
1132 1145 while (!tcp->tcp_closed)
1133 1146 cv_wait(&tcp->tcp_closecv, &tcp->tcp_closelock);
1134 1147 mutex_exit(&tcp->tcp_closelock);
1135 1148
1136 1149 /*
1137 1150 * In the case of listener streams that have eagers in the q or q0
1138 1151 * we wait for the eagers to drop their reference to us. conn_rq and
1139 1152 * conn_wq of the eagers point to our queues. By waiting for the
1140 1153 * refcnt to drop to 1, we are sure that the eagers have cleaned
1141 1154 * up their queue pointers and also dropped their references to us.
1142 1155 *
1143 1156 * For non-STREAMS sockets we do not have to wait here; the
1144 1157 * listener will instead make a su_closed upcall when the last
1145 1158 * reference is dropped.
1146 1159 */
1147 1160 if (tcp->tcp_wait_for_eagers && !IPCL_IS_NONSTR(connp)) {
1148 1161 mutex_enter(&connp->conn_lock);
1149 1162 while (connp->conn_ref != 1) {
1150 1163 cv_wait(&connp->conn_cv, &connp->conn_lock);
1151 1164 }
1152 1165 mutex_exit(&connp->conn_lock);
1153 1166 }
1154 1167
1155 1168 nowait:
1156 1169 connp->conn_cpid = NOPID;
1157 1170 }
1158 1171
1159 1172 /*
1160 1173 * Called by tcp_close() routine via squeue when lingering is
1161 1174 * interrupted by a signal.
1162 1175 */
1163 1176
1164 1177 /* ARGSUSED */
1165 1178 static void
1166 1179 tcp_linger_interrupted(void *arg, mblk_t *mp, void *arg2, ip_recv_attr_t *dummy)
1167 1180 {
1168 1181 conn_t *connp = (conn_t *)arg;
1169 1182 tcp_t *tcp = connp->conn_tcp;
1170 1183
1171 1184 freeb(mp);
1172 1185 if (tcp->tcp_linger_tid != 0 &&
1173 1186 TCP_TIMER_CANCEL(tcp, tcp->tcp_linger_tid) >= 0) {
1174 1187 tcp_stop_lingering(tcp);
1175 1188 tcp->tcp_client_errno = EINTR;
1176 1189 }
1177 1190 }
1178 1191
1179 1192 /*
1180 1193 * Clean up the b_next and b_prev fields of every mblk pointed at by *mpp.
1181 1194 * Some stream heads get upset if they see these later on as anything but NULL.
1182 1195 */
1183 1196 void
1184 1197 tcp_close_mpp(mblk_t **mpp)
1185 1198 {
1186 1199 mblk_t *mp;
1187 1200
1188 1201 if ((mp = *mpp) != NULL) {
1189 1202 do {
1190 1203 mp->b_next = NULL;
1191 1204 mp->b_prev = NULL;
1192 1205 } while ((mp = mp->b_cont) != NULL);
1193 1206
1194 1207 mp = *mpp;
1195 1208 *mpp = NULL;
1196 1209 freemsg(mp);
1197 1210 }
1198 1211 }
1199 1212
1200 1213 /* Do detached close. */
1201 1214 void
1202 1215 tcp_close_detached(tcp_t *tcp)
1203 1216 {
1204 1217 if (tcp->tcp_fused)
1205 1218 tcp_unfuse(tcp);
1206 1219
1207 1220 /*
1208 1221 * Clustering code serializes TCP disconnect callbacks and
1209 1222 * cluster tcp list walks by blocking a TCP disconnect callback
1210 1223 * if a cluster tcp list walk is in progress. This ensures
1211 1224 * accurate accounting of TCPs in the cluster code even though
1212 1225 * the TCP list walk itself is not atomic.
1213 1226 */
1214 1227 tcp_closei_local(tcp);
1215 1228 CONN_DEC_REF(tcp->tcp_connp);
1216 1229 }
1217 1230
1218 1231 /*
1219 1232 * The tcp_t is going away. Remove it from all lists and set it
1220 1233 * to TCPS_CLOSED. The freeing up of memory is deferred until
1221 1234 * tcp_inactive. This is needed since a thread in tcp_rput might have
1222 1235 * done a CONN_INC_REF on this structure before it was removed from the
1223 1236 * hashes.
1224 1237 */
1225 1238 void
1226 1239 tcp_closei_local(tcp_t *tcp)
1227 1240 {
1228 1241 conn_t *connp = tcp->tcp_connp;
1229 1242 tcp_stack_t *tcps = tcp->tcp_tcps;
1230 1243 int32_t oldstate;
1231 1244
1232 1245 if (!TCP_IS_SOCKET(tcp))
1233 1246 tcp_acceptor_hash_remove(tcp);
1234 1247
1235 1248 /*
1236 1249 * This can be called via tcp_time_wait_processing() if TCP gets a
1237 1250 * SYN with sequence number outside the TIME-WAIT connection's
1238 1251 * window. So we need to check for TIME-WAIT state here as the
1239 1252 * connection counter is already decremented. See SET_TIME_WAIT()
1240 1253 * macro
1241 1254 */
1242 1255 if (tcp->tcp_state >= TCPS_ESTABLISHED &&
1243 1256 tcp->tcp_state < TCPS_TIME_WAIT) {
1244 1257 TCPS_CONN_DEC(tcps);
1245 1258 }
1246 1259
1247 1260 /*
1248 1261 * If we are an eager connection hanging off a listener that
1249 1262 * hasn't formally accepted the connection yet, get off its
1250 1263 * list and blow off any data that we have accumulated.
1251 1264 */
1252 1265 if (tcp->tcp_listener != NULL) {
1253 1266 tcp_t *listener = tcp->tcp_listener;
1254 1267 mutex_enter(&listener->tcp_eager_lock);
1255 1268 /*
1256 1269 * tcp_tconnind_started == B_TRUE means that the
1257 1270 * conn_ind has already gone to listener. At
1258 1271 * this point, eager will be closed but we
1259 1272 * leave it in listeners eager list so that
1260 1273 * if listener decides to close without doing
1261 1274 * accept, we can clean this up. In tcp_tli_accept
1262 1275 * we take care of the case of accept on closed
1263 1276 * eager.
1264 1277 */
1265 1278 if (!tcp->tcp_tconnind_started) {
1266 1279 tcp_eager_unlink(tcp);
1267 1280 mutex_exit(&listener->tcp_eager_lock);
1268 1281 /*
1269 1282 * We don't want to have any pointers to the
1270 1283 * listener queue, after we have released our
1271 1284 * reference on the listener
1272 1285 */
1273 1286 ASSERT(tcp->tcp_detached);
1274 1287 connp->conn_rq = NULL;
1275 1288 connp->conn_wq = NULL;
1276 1289 CONN_DEC_REF(listener->tcp_connp);
1277 1290 } else {
1278 1291 mutex_exit(&listener->tcp_eager_lock);
1279 1292 }
1280 1293 }
1281 1294
1282 1295 /* Stop all the timers */
1283 1296 tcp_timers_stop(tcp);
1284 1297
1285 1298 if (tcp->tcp_state == TCPS_LISTEN) {
1286 1299 if (tcp->tcp_ip_addr_cache) {
1287 1300 kmem_free((void *)tcp->tcp_ip_addr_cache,
1288 1301 IP_ADDR_CACHE_SIZE * sizeof (ipaddr_t));
1289 1302 tcp->tcp_ip_addr_cache = NULL;
1290 1303 }
1291 1304 }
1292 1305
1293 1306 /* Decrement listerner connection counter if necessary. */
1294 1307 if (tcp->tcp_listen_cnt != NULL)
1295 1308 TCP_DECR_LISTEN_CNT(tcp);
1296 1309
1297 1310 mutex_enter(&tcp->tcp_non_sq_lock);
1298 1311 if (tcp->tcp_flow_stopped)
1299 1312 tcp_clrqfull(tcp);
1300 1313 mutex_exit(&tcp->tcp_non_sq_lock);
1301 1314
1302 1315 tcp_bind_hash_remove(tcp);
1303 1316 /*
1304 1317 * If the tcp_time_wait_collector (which runs outside the squeue)
1305 1318 * is trying to remove this tcp from the time wait list, we will
1306 1319 * block in tcp_time_wait_remove while trying to acquire the
1307 1320 * tcp_time_wait_lock. The logic in tcp_time_wait_collector also
1308 1321 * requires the ipcl_hash_remove to be ordered after the
1309 1322 * tcp_time_wait_remove for the refcnt checks to work correctly.
1310 1323 */
1311 1324 if (tcp->tcp_state == TCPS_TIME_WAIT)
1312 1325 (void) tcp_time_wait_remove(tcp, NULL);
1313 1326 CL_INET_DISCONNECT(connp);
1314 1327 ipcl_hash_remove(connp);
1315 1328 oldstate = tcp->tcp_state;
1316 1329 tcp->tcp_state = TCPS_CLOSED;
1317 1330 /* Need to probe before ixa_cleanup() is called */
1318 1331 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
1319 1332 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
1320 1333 int32_t, oldstate);
1321 1334 ixa_cleanup(connp->conn_ixa);
1322 1335
1323 1336 /*
1324 1337 * Mark the conn as CONDEMNED
1325 1338 */
1326 1339 mutex_enter(&connp->conn_lock);
1327 1340 connp->conn_state_flags |= CONN_CONDEMNED;
1328 1341 mutex_exit(&connp->conn_lock);
1329 1342
1330 1343 ASSERT(tcp->tcp_time_wait_next == NULL);
1331 1344 ASSERT(tcp->tcp_time_wait_prev == NULL);
1332 1345 ASSERT(tcp->tcp_time_wait_expire == 0);
1333 1346
1334 1347 tcp_ipsec_cleanup(tcp);
1335 1348 }
1336 1349
1337 1350 /*
1338 1351 * tcp is dying (called from ipcl_conn_destroy and error cases).
1339 1352 * Free the tcp_t in either case.
1340 1353 */
1341 1354 void
1342 1355 tcp_free(tcp_t *tcp)
1343 1356 {
1344 1357 mblk_t *mp;
1345 1358 conn_t *connp = tcp->tcp_connp;
1346 1359
1347 1360 ASSERT(tcp != NULL);
1348 1361 ASSERT(tcp->tcp_ptpahn == NULL && tcp->tcp_acceptor_hash == NULL);
1349 1362
1350 1363 connp->conn_rq = NULL;
1351 1364 connp->conn_wq = NULL;
1352 1365
1353 1366 tcp_close_mpp(&tcp->tcp_xmit_head);
1354 1367 tcp_close_mpp(&tcp->tcp_reass_head);
1355 1368 if (tcp->tcp_rcv_list != NULL) {
1356 1369 /* Free b_next chain */
1357 1370 tcp_close_mpp(&tcp->tcp_rcv_list);
1358 1371 }
1359 1372 if ((mp = tcp->tcp_urp_mp) != NULL) {
1360 1373 freemsg(mp);
1361 1374 }
1362 1375 if ((mp = tcp->tcp_urp_mark_mp) != NULL) {
1363 1376 freemsg(mp);
1364 1377 }
1365 1378
1366 1379 if (tcp->tcp_fused_sigurg_mp != NULL) {
1367 1380 ASSERT(!IPCL_IS_NONSTR(tcp->tcp_connp));
1368 1381 freeb(tcp->tcp_fused_sigurg_mp);
1369 1382 tcp->tcp_fused_sigurg_mp = NULL;
1370 1383 }
1371 1384
1372 1385 if (tcp->tcp_ordrel_mp != NULL) {
1373 1386 ASSERT(!IPCL_IS_NONSTR(tcp->tcp_connp));
1374 1387 freeb(tcp->tcp_ordrel_mp);
1375 1388 tcp->tcp_ordrel_mp = NULL;
1376 1389 }
1377 1390
1378 1391 TCP_NOTSACK_REMOVE_ALL(tcp->tcp_notsack_list, tcp);
1379 1392 bzero(&tcp->tcp_sack_info, sizeof (tcp_sack_info_t));
1380 1393
1381 1394 if (tcp->tcp_hopopts != NULL) {
1382 1395 mi_free(tcp->tcp_hopopts);
1383 1396 tcp->tcp_hopopts = NULL;
1384 1397 tcp->tcp_hopoptslen = 0;
1385 1398 }
1386 1399 ASSERT(tcp->tcp_hopoptslen == 0);
1387 1400 if (tcp->tcp_dstopts != NULL) {
1388 1401 mi_free(tcp->tcp_dstopts);
1389 1402 tcp->tcp_dstopts = NULL;
1390 1403 tcp->tcp_dstoptslen = 0;
1391 1404 }
1392 1405 ASSERT(tcp->tcp_dstoptslen == 0);
1393 1406 if (tcp->tcp_rthdrdstopts != NULL) {
1394 1407 mi_free(tcp->tcp_rthdrdstopts);
1395 1408 tcp->tcp_rthdrdstopts = NULL;
1396 1409 tcp->tcp_rthdrdstoptslen = 0;
1397 1410 }
1398 1411 ASSERT(tcp->tcp_rthdrdstoptslen == 0);
1399 1412 if (tcp->tcp_rthdr != NULL) {
1400 1413 mi_free(tcp->tcp_rthdr);
1401 1414 tcp->tcp_rthdr = NULL;
1402 1415 tcp->tcp_rthdrlen = 0;
1403 1416 }
1404 1417 ASSERT(tcp->tcp_rthdrlen == 0);
1405 1418
1406 1419 /*
1407 1420 * Following is really a blowing away a union.
1408 1421 * It happens to have exactly two members of identical size
1409 1422 * the following code is enough.
1410 1423 */
1411 1424 tcp_close_mpp(&tcp->tcp_conn.tcp_eager_conn_ind);
1412 1425
1413 1426 /* Allow the CC algorithm to clean up after itself. */
|
↓ open down ↓ |
378 lines elided |
↑ open up ↑ |
1414 1427 if (tcp->tcp_cc_algo != NULL && tcp->tcp_cc_algo->cb_destroy != NULL)
1415 1428 tcp->tcp_cc_algo->cb_destroy(&tcp->tcp_ccv);
1416 1429
1417 1430 /*
1418 1431 * If this is a non-STREAM socket still holding on to an upper
1419 1432 * handle, release it. As a result of fallback we might also see
1420 1433 * STREAMS based conns with upper handles, in which case there is
1421 1434 * nothing to do other than clearing the field.
1422 1435 */
1423 1436 if (connp->conn_upper_handle != NULL) {
1437 + sock_upcalls_t *upcalls = connp->conn_upcalls;
1438 + sock_upper_handle_t handle = connp->conn_upper_handle;
1439 +
1440 + /*
1441 + * Set these to NULL first because closed() will free upper
1442 + * structures. Acquire conn_lock because an external caller
1443 + * like conn_get_socket_info() will upcall if these are
1444 + * non-NULL.
1445 + */
1446 + mutex_enter(&connp->conn_lock);
1447 + connp->conn_upper_handle = NULL;
1448 + connp->conn_upcalls = NULL;
1449 + mutex_exit(&connp->conn_lock);
1424 1450 if (IPCL_IS_NONSTR(connp)) {
1425 - (*connp->conn_upcalls->su_closed)(
1426 - connp->conn_upper_handle);
1451 + ASSERT(upcalls != NULL);
1452 + ASSERT(upcalls->su_closed != NULL);
1453 + ASSERT(handle != NULL);
1454 + upcalls->su_closed(handle);
1427 1455 tcp->tcp_detached = B_TRUE;
1428 1456 }
1429 - connp->conn_upper_handle = NULL;
1430 - connp->conn_upcalls = NULL;
1431 1457 }
1432 1458 }
1433 1459
1434 1460 /*
1435 1461 * tcp_get_conn/tcp_free_conn
1436 1462 *
1437 1463 * tcp_get_conn is used to get a clean tcp connection structure.
1438 1464 * It tries to reuse the connections put on the freelist by the
1439 1465 * time_wait_collector failing which it goes to kmem_cache. This
1440 1466 * way has two benefits compared to just allocating from and
1441 1467 * freeing to kmem_cache.
1442 1468 * 1) The time_wait_collector can free (which includes the cleanup)
1443 1469 * outside the squeue. So when the interrupt comes, we have a clean
1444 1470 * connection sitting in the freelist. Obviously, this buys us
1445 1471 * performance.
1446 1472 *
1447 1473 * 2) Defence against DOS attack. Allocating a tcp/conn in tcp_input_listener
1448 1474 * has multiple disadvantages - tying up the squeue during alloc.
1449 1475 * But allocating the conn/tcp in IP land is also not the best since
1450 1476 * we can't check the 'q' and 'q0' which are protected by squeue and
1451 1477 * blindly allocate memory which might have to be freed here if we are
1452 1478 * not allowed to accept the connection. By using the freelist and
1453 1479 * putting the conn/tcp back in freelist, we don't pay a penalty for
1454 1480 * allocating memory without checking 'q/q0' and freeing it if we can't
1455 1481 * accept the connection.
1456 1482 *
1457 1483 * Care should be taken to put the conn back in the same squeue's freelist
1458 1484 * from which it was allocated. Best results are obtained if conn is
1459 1485 * allocated from listener's squeue and freed to the same. Time wait
1460 1486 * collector will free up the freelist is the connection ends up sitting
1461 1487 * there for too long.
1462 1488 */
1463 1489 conn_t *
1464 1490 tcp_get_conn(void *arg, tcp_stack_t *tcps)
1465 1491 {
1466 1492 tcp_t *tcp = NULL;
1467 1493 conn_t *connp = NULL;
1468 1494 squeue_t *sqp = (squeue_t *)arg;
1469 1495 tcp_squeue_priv_t *tcp_time_wait;
1470 1496 netstack_t *ns;
1471 1497 mblk_t *tcp_rsrv_mp = NULL;
1472 1498
1473 1499 tcp_time_wait =
1474 1500 *((tcp_squeue_priv_t **)squeue_getprivate(sqp, SQPRIVATE_TCP));
1475 1501
1476 1502 mutex_enter(&tcp_time_wait->tcp_time_wait_lock);
1477 1503 tcp = tcp_time_wait->tcp_free_list;
1478 1504 ASSERT((tcp != NULL) ^ (tcp_time_wait->tcp_free_list_cnt == 0));
1479 1505 if (tcp != NULL) {
1480 1506 tcp_time_wait->tcp_free_list = tcp->tcp_time_wait_next;
1481 1507 tcp_time_wait->tcp_free_list_cnt--;
1482 1508 mutex_exit(&tcp_time_wait->tcp_time_wait_lock);
1483 1509 tcp->tcp_time_wait_next = NULL;
1484 1510 connp = tcp->tcp_connp;
1485 1511 connp->conn_flags |= IPCL_REUSED;
1486 1512
1487 1513 ASSERT(tcp->tcp_tcps == NULL);
1488 1514 ASSERT(connp->conn_netstack == NULL);
1489 1515 ASSERT(tcp->tcp_rsrv_mp != NULL);
1490 1516 ns = tcps->tcps_netstack;
1491 1517 netstack_hold(ns);
1492 1518 connp->conn_netstack = ns;
1493 1519 connp->conn_ixa->ixa_ipst = ns->netstack_ip;
1494 1520 tcp->tcp_tcps = tcps;
1495 1521 ipcl_globalhash_insert(connp);
1496 1522
1497 1523 connp->conn_ixa->ixa_notify_cookie = tcp;
1498 1524 ASSERT(connp->conn_ixa->ixa_notify == tcp_notify);
1499 1525 connp->conn_recv = tcp_input_data;
1500 1526 ASSERT(connp->conn_recvicmp == tcp_icmp_input);
1501 1527 ASSERT(connp->conn_verifyicmp == tcp_verifyicmp);
1502 1528 return (connp);
1503 1529 }
1504 1530 mutex_exit(&tcp_time_wait->tcp_time_wait_lock);
1505 1531 /*
1506 1532 * Pre-allocate the tcp_rsrv_mp. This mblk will not be freed until
1507 1533 * this conn_t/tcp_t is freed at ipcl_conn_destroy().
1508 1534 */
1509 1535 tcp_rsrv_mp = allocb(0, BPRI_HI);
1510 1536 if (tcp_rsrv_mp == NULL)
1511 1537 return (NULL);
1512 1538
1513 1539 if ((connp = ipcl_conn_create(IPCL_TCPCONN, KM_NOSLEEP,
1514 1540 tcps->tcps_netstack)) == NULL) {
1515 1541 freeb(tcp_rsrv_mp);
1516 1542 return (NULL);
1517 1543 }
1518 1544
1519 1545 tcp = connp->conn_tcp;
1520 1546 tcp->tcp_rsrv_mp = tcp_rsrv_mp;
1521 1547 mutex_init(&tcp->tcp_rsrv_mp_lock, NULL, MUTEX_DEFAULT, NULL);
1522 1548
1523 1549 tcp->tcp_tcps = tcps;
1524 1550
1525 1551 connp->conn_recv = tcp_input_data;
1526 1552 connp->conn_recvicmp = tcp_icmp_input;
1527 1553 connp->conn_verifyicmp = tcp_verifyicmp;
1528 1554
1529 1555 /*
1530 1556 * Register tcp_notify to listen to capability changes detected by IP.
1531 1557 * This upcall is made in the context of the call to conn_ip_output
1532 1558 * thus it is inside the squeue.
1533 1559 */
1534 1560 connp->conn_ixa->ixa_notify = tcp_notify;
1535 1561 connp->conn_ixa->ixa_notify_cookie = tcp;
1536 1562
1537 1563 return (connp);
1538 1564 }
1539 1565
1540 1566 /*
1541 1567 * Handle connect to IPv4 destinations, including connections for AF_INET6
1542 1568 * sockets connecting to IPv4 mapped IPv6 destinations.
1543 1569 * Returns zero if OK, a positive errno, or a negative TLI error.
1544 1570 */
1545 1571 static int
1546 1572 tcp_connect_ipv4(tcp_t *tcp, ipaddr_t *dstaddrp, in_port_t dstport,
1547 1573 uint_t srcid)
1548 1574 {
1549 1575 ipaddr_t dstaddr = *dstaddrp;
1550 1576 uint16_t lport;
1551 1577 conn_t *connp = tcp->tcp_connp;
1552 1578 tcp_stack_t *tcps = tcp->tcp_tcps;
1553 1579 int error;
1554 1580
1555 1581 ASSERT(connp->conn_ipversion == IPV4_VERSION);
1556 1582
1557 1583 /* Check for attempt to connect to INADDR_ANY */
1558 1584 if (dstaddr == INADDR_ANY) {
1559 1585 /*
1560 1586 * SunOS 4.x and 4.3 BSD allow an application
1561 1587 * to connect a TCP socket to INADDR_ANY.
1562 1588 * When they do this, the kernel picks the
1563 1589 * address of one interface and uses it
1564 1590 * instead. The kernel usually ends up
1565 1591 * picking the address of the loopback
1566 1592 * interface. This is an undocumented feature.
1567 1593 * However, we provide the same thing here
1568 1594 * in order to have source and binary
1569 1595 * compatibility with SunOS 4.x.
1570 1596 * Update the T_CONN_REQ (sin/sin6) since it is used to
1571 1597 * generate the T_CONN_CON.
1572 1598 */
1573 1599 dstaddr = htonl(INADDR_LOOPBACK);
1574 1600 *dstaddrp = dstaddr;
1575 1601 }
1576 1602
1577 1603 /* Handle __sin6_src_id if socket not bound to an IP address */
1578 1604 if (srcid != 0 && connp->conn_laddr_v4 == INADDR_ANY) {
1579 1605 if (!ip_srcid_find_id(srcid, &connp->conn_laddr_v6,
1580 1606 IPCL_ZONEID(connp), B_TRUE, tcps->tcps_netstack)) {
1581 1607 /* Mismatch - conn_laddr_v6 would be v6 address. */
1582 1608 return (EADDRNOTAVAIL);
1583 1609 }
1584 1610 connp->conn_saddr_v6 = connp->conn_laddr_v6;
1585 1611 }
1586 1612
1587 1613 IN6_IPADDR_TO_V4MAPPED(dstaddr, &connp->conn_faddr_v6);
1588 1614 connp->conn_fport = dstport;
1589 1615
1590 1616 /*
1591 1617 * At this point the remote destination address and remote port fields
1592 1618 * in the tcp-four-tuple have been filled in the tcp structure. Now we
1593 1619 * have to see which state tcp was in so we can take appropriate action.
1594 1620 */
1595 1621 if (tcp->tcp_state == TCPS_IDLE) {
1596 1622 /*
1597 1623 * We support a quick connect capability here, allowing
1598 1624 * clients to transition directly from IDLE to SYN_SENT
1599 1625 * tcp_bindi will pick an unused port, insert the connection
1600 1626 * in the bind hash and transition to BOUND state.
1601 1627 */
1602 1628 lport = tcp_update_next_port(tcps->tcps_next_port_to_try,
1603 1629 tcp, B_TRUE);
1604 1630 lport = tcp_bindi(tcp, lport, &connp->conn_laddr_v6, 0, B_TRUE,
1605 1631 B_FALSE, B_FALSE);
1606 1632 if (lport == 0)
1607 1633 return (-TNOADDR);
1608 1634 }
1609 1635
1610 1636 /*
1611 1637 * Lookup the route to determine a source address and the uinfo.
1612 1638 * Setup TCP parameters based on the metrics/DCE.
1613 1639 */
1614 1640 error = tcp_set_destination(tcp);
1615 1641 if (error != 0)
1616 1642 return (error);
1617 1643
1618 1644 /*
1619 1645 * Don't let an endpoint connect to itself.
1620 1646 */
1621 1647 if (connp->conn_faddr_v4 == connp->conn_laddr_v4 &&
1622 1648 connp->conn_fport == connp->conn_lport)
1623 1649 return (-TBADADDR);
1624 1650
1625 1651 tcp->tcp_state = TCPS_SYN_SENT;
1626 1652
1627 1653 return (ipcl_conn_insert_v4(connp));
1628 1654 }
1629 1655
1630 1656 /*
1631 1657 * Handle connect to IPv6 destinations.
1632 1658 * Returns zero if OK, a positive errno, or a negative TLI error.
1633 1659 */
1634 1660 static int
1635 1661 tcp_connect_ipv6(tcp_t *tcp, in6_addr_t *dstaddrp, in_port_t dstport,
1636 1662 uint32_t flowinfo, uint_t srcid, uint32_t scope_id)
1637 1663 {
1638 1664 uint16_t lport;
1639 1665 conn_t *connp = tcp->tcp_connp;
1640 1666 tcp_stack_t *tcps = tcp->tcp_tcps;
1641 1667 int error;
1642 1668
1643 1669 ASSERT(connp->conn_family == AF_INET6);
1644 1670
1645 1671 /*
1646 1672 * If we're here, it means that the destination address is a native
1647 1673 * IPv6 address. Return an error if conn_ipversion is not IPv6. A
1648 1674 * reason why it might not be IPv6 is if the socket was bound to an
1649 1675 * IPv4-mapped IPv6 address.
1650 1676 */
1651 1677 if (connp->conn_ipversion != IPV6_VERSION)
1652 1678 return (-TBADADDR);
1653 1679
1654 1680 /*
1655 1681 * Interpret a zero destination to mean loopback.
1656 1682 * Update the T_CONN_REQ (sin/sin6) since it is used to
1657 1683 * generate the T_CONN_CON.
1658 1684 */
1659 1685 if (IN6_IS_ADDR_UNSPECIFIED(dstaddrp))
1660 1686 *dstaddrp = ipv6_loopback;
1661 1687
1662 1688 /* Handle __sin6_src_id if socket not bound to an IP address */
1663 1689 if (srcid != 0 && IN6_IS_ADDR_UNSPECIFIED(&connp->conn_laddr_v6)) {
1664 1690 if (!ip_srcid_find_id(srcid, &connp->conn_laddr_v6,
1665 1691 IPCL_ZONEID(connp), B_FALSE, tcps->tcps_netstack)) {
1666 1692 /* Mismatch - conn_laddr_v6 would be v4-mapped. */
1667 1693 return (EADDRNOTAVAIL);
1668 1694 }
1669 1695 connp->conn_saddr_v6 = connp->conn_laddr_v6;
1670 1696 }
1671 1697
1672 1698 /*
1673 1699 * Take care of the scope_id now.
1674 1700 */
1675 1701 if (scope_id != 0 && IN6_IS_ADDR_LINKSCOPE(dstaddrp)) {
1676 1702 connp->conn_ixa->ixa_flags |= IXAF_SCOPEID_SET;
1677 1703 connp->conn_ixa->ixa_scopeid = scope_id;
1678 1704 } else {
1679 1705 connp->conn_ixa->ixa_flags &= ~IXAF_SCOPEID_SET;
1680 1706 }
1681 1707
1682 1708 connp->conn_flowinfo = flowinfo;
1683 1709 connp->conn_faddr_v6 = *dstaddrp;
1684 1710 connp->conn_fport = dstport;
1685 1711
1686 1712 /*
1687 1713 * At this point the remote destination address and remote port fields
1688 1714 * in the tcp-four-tuple have been filled in the tcp structure. Now we
1689 1715 * have to see which state tcp was in so we can take appropriate action.
1690 1716 */
1691 1717 if (tcp->tcp_state == TCPS_IDLE) {
1692 1718 /*
1693 1719 * We support a quick connect capability here, allowing
1694 1720 * clients to transition directly from IDLE to SYN_SENT
1695 1721 * tcp_bindi will pick an unused port, insert the connection
1696 1722 * in the bind hash and transition to BOUND state.
1697 1723 */
1698 1724 lport = tcp_update_next_port(tcps->tcps_next_port_to_try,
1699 1725 tcp, B_TRUE);
1700 1726 lport = tcp_bindi(tcp, lport, &connp->conn_laddr_v6, 0, B_TRUE,
1701 1727 B_FALSE, B_FALSE);
1702 1728 if (lport == 0)
1703 1729 return (-TNOADDR);
1704 1730 }
1705 1731
1706 1732 /*
1707 1733 * Lookup the route to determine a source address and the uinfo.
1708 1734 * Setup TCP parameters based on the metrics/DCE.
1709 1735 */
1710 1736 error = tcp_set_destination(tcp);
1711 1737 if (error != 0)
1712 1738 return (error);
1713 1739
1714 1740 /*
1715 1741 * Don't let an endpoint connect to itself.
1716 1742 */
1717 1743 if (IN6_ARE_ADDR_EQUAL(&connp->conn_faddr_v6, &connp->conn_laddr_v6) &&
1718 1744 connp->conn_fport == connp->conn_lport)
1719 1745 return (-TBADADDR);
1720 1746
1721 1747 tcp->tcp_state = TCPS_SYN_SENT;
1722 1748
1723 1749 return (ipcl_conn_insert_v6(connp));
1724 1750 }
1725 1751
1726 1752 /*
1727 1753 * Disconnect
1728 1754 * Note that unlike other functions this returns a positive tli error
1729 1755 * when it fails; it never returns an errno.
1730 1756 */
1731 1757 static int
1732 1758 tcp_disconnect_common(tcp_t *tcp, t_scalar_t seqnum)
1733 1759 {
1734 1760 conn_t *lconnp;
1735 1761 tcp_stack_t *tcps = tcp->tcp_tcps;
1736 1762 conn_t *connp = tcp->tcp_connp;
1737 1763
1738 1764 /*
1739 1765 * Right now, upper modules pass down a T_DISCON_REQ to TCP,
1740 1766 * when the stream is in BOUND state. Do not send a reset,
1741 1767 * since the destination IP address is not valid, and it can
1742 1768 * be the initialized value of all zeros (broadcast address).
1743 1769 */
1744 1770 if (tcp->tcp_state <= TCPS_BOUND) {
1745 1771 if (connp->conn_debug) {
1746 1772 (void) strlog(TCP_MOD_ID, 0, 1, SL_ERROR|SL_TRACE,
1747 1773 "tcp_disconnect: bad state, %d", tcp->tcp_state);
1748 1774 }
1749 1775 return (TOUTSTATE);
1750 1776 } else if (tcp->tcp_state >= TCPS_ESTABLISHED) {
1751 1777 TCPS_CONN_DEC(tcps);
1752 1778 }
1753 1779
1754 1780 if (seqnum == -1 || tcp->tcp_conn_req_max == 0) {
1755 1781
1756 1782 /*
1757 1783 * According to TPI, for non-listeners, ignore seqnum
1758 1784 * and disconnect.
1759 1785 * Following interpretation of -1 seqnum is historical
1760 1786 * and implied TPI ? (TPI only states that for T_CONN_IND,
1761 1787 * a valid seqnum should not be -1).
1762 1788 *
1763 1789 * -1 means disconnect everything
1764 1790 * regardless even on a listener.
1765 1791 */
1766 1792
1767 1793 int old_state = tcp->tcp_state;
1768 1794 ip_stack_t *ipst = tcps->tcps_netstack->netstack_ip;
1769 1795
1770 1796 /*
1771 1797 * The connection can't be on the tcp_time_wait_head list
1772 1798 * since it is not detached.
1773 1799 */
1774 1800 ASSERT(tcp->tcp_time_wait_next == NULL);
1775 1801 ASSERT(tcp->tcp_time_wait_prev == NULL);
1776 1802 ASSERT(tcp->tcp_time_wait_expire == 0);
1777 1803 /*
1778 1804 * If it used to be a listener, check to make sure no one else
1779 1805 * has taken the port before switching back to LISTEN state.
1780 1806 */
1781 1807 if (connp->conn_ipversion == IPV4_VERSION) {
1782 1808 lconnp = ipcl_lookup_listener_v4(connp->conn_lport,
1783 1809 connp->conn_laddr_v4, IPCL_ZONEID(connp), ipst);
1784 1810 } else {
1785 1811 uint_t ifindex = 0;
1786 1812
1787 1813 if (connp->conn_ixa->ixa_flags & IXAF_SCOPEID_SET)
1788 1814 ifindex = connp->conn_ixa->ixa_scopeid;
1789 1815
1790 1816 /* Allow conn_bound_if listeners? */
1791 1817 lconnp = ipcl_lookup_listener_v6(connp->conn_lport,
1792 1818 &connp->conn_laddr_v6, ifindex, IPCL_ZONEID(connp),
1793 1819 ipst);
1794 1820 }
1795 1821 if (tcp->tcp_conn_req_max && lconnp == NULL) {
1796 1822 tcp->tcp_state = TCPS_LISTEN;
1797 1823 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
1798 1824 connp->conn_ixa, void, NULL, tcp_t *, tcp, void,
1799 1825 NULL, int32_t, old_state);
1800 1826 } else if (old_state > TCPS_BOUND) {
1801 1827 tcp->tcp_conn_req_max = 0;
1802 1828 tcp->tcp_state = TCPS_BOUND;
1803 1829 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
1804 1830 connp->conn_ixa, void, NULL, tcp_t *, tcp, void,
1805 1831 NULL, int32_t, old_state);
1806 1832
1807 1833 /*
1808 1834 * If this end point is not going to become a listener,
1809 1835 * decrement the listener connection count if
1810 1836 * necessary. Note that we do not do this if it is
1811 1837 * going to be a listner (the above if case) since
1812 1838 * then it may remove the counter struct.
1813 1839 */
1814 1840 if (tcp->tcp_listen_cnt != NULL)
1815 1841 TCP_DECR_LISTEN_CNT(tcp);
1816 1842 }
1817 1843 if (lconnp != NULL)
1818 1844 CONN_DEC_REF(lconnp);
1819 1845 switch (old_state) {
1820 1846 case TCPS_SYN_SENT:
1821 1847 case TCPS_SYN_RCVD:
1822 1848 TCPS_BUMP_MIB(tcps, tcpAttemptFails);
1823 1849 break;
1824 1850 case TCPS_ESTABLISHED:
1825 1851 case TCPS_CLOSE_WAIT:
1826 1852 TCPS_BUMP_MIB(tcps, tcpEstabResets);
1827 1853 break;
1828 1854 }
1829 1855
1830 1856 if (tcp->tcp_fused)
1831 1857 tcp_unfuse(tcp);
1832 1858
1833 1859 mutex_enter(&tcp->tcp_eager_lock);
1834 1860 if ((tcp->tcp_conn_req_cnt_q0 != 0) ||
1835 1861 (tcp->tcp_conn_req_cnt_q != 0)) {
1836 1862 tcp_eager_cleanup(tcp, 0);
1837 1863 }
1838 1864 mutex_exit(&tcp->tcp_eager_lock);
1839 1865
1840 1866 tcp_xmit_ctl("tcp_disconnect", tcp, tcp->tcp_snxt,
1841 1867 tcp->tcp_rnxt, TH_RST | TH_ACK);
1842 1868
1843 1869 tcp_reinit(tcp);
1844 1870
1845 1871 return (0);
1846 1872 } else if (!tcp_eager_blowoff(tcp, seqnum)) {
1847 1873 return (TBADSEQ);
1848 1874 }
1849 1875 return (0);
1850 1876 }
1851 1877
1852 1878 /*
1853 1879 * Our client hereby directs us to reject the connection request
1854 1880 * that tcp_input_listener() marked with 'seqnum'. Rejection consists
1855 1881 * of sending the appropriate RST, not an ICMP error.
1856 1882 */
1857 1883 void
1858 1884 tcp_disconnect(tcp_t *tcp, mblk_t *mp)
1859 1885 {
1860 1886 t_scalar_t seqnum;
1861 1887 int error;
1862 1888 conn_t *connp = tcp->tcp_connp;
1863 1889
1864 1890 ASSERT((uintptr_t)(mp->b_wptr - mp->b_rptr) <= (uintptr_t)INT_MAX);
1865 1891 if ((mp->b_wptr - mp->b_rptr) < sizeof (struct T_discon_req)) {
1866 1892 tcp_err_ack(tcp, mp, TPROTO, 0);
1867 1893 return;
1868 1894 }
1869 1895 seqnum = ((struct T_discon_req *)mp->b_rptr)->SEQ_number;
1870 1896 error = tcp_disconnect_common(tcp, seqnum);
1871 1897 if (error != 0)
1872 1898 tcp_err_ack(tcp, mp, error, 0);
1873 1899 else {
1874 1900 if (tcp->tcp_state >= TCPS_ESTABLISHED) {
1875 1901 /* Send M_FLUSH according to TPI */
1876 1902 (void) putnextctl1(connp->conn_rq, M_FLUSH, FLUSHRW);
1877 1903 }
1878 1904 mp = mi_tpi_ok_ack_alloc(mp);
1879 1905 if (mp != NULL)
1880 1906 putnext(connp->conn_rq, mp);
1881 1907 }
1882 1908 }
1883 1909
1884 1910 /*
1885 1911 * Handle reinitialization of a tcp structure.
1886 1912 * Maintain "binding state" resetting the state to BOUND, LISTEN, or IDLE.
1887 1913 */
1888 1914 static void
1889 1915 tcp_reinit(tcp_t *tcp)
1890 1916 {
1891 1917 mblk_t *mp;
1892 1918 tcp_stack_t *tcps = tcp->tcp_tcps;
1893 1919 conn_t *connp = tcp->tcp_connp;
1894 1920 int32_t oldstate;
1895 1921
1896 1922 /* tcp_reinit should never be called for detached tcp_t's */
1897 1923 ASSERT(tcp->tcp_listener == NULL);
1898 1924 ASSERT((connp->conn_family == AF_INET &&
1899 1925 connp->conn_ipversion == IPV4_VERSION) ||
1900 1926 (connp->conn_family == AF_INET6 &&
1901 1927 (connp->conn_ipversion == IPV4_VERSION ||
1902 1928 connp->conn_ipversion == IPV6_VERSION)));
1903 1929
1904 1930 /* Cancel outstanding timers */
1905 1931 tcp_timers_stop(tcp);
1906 1932
1907 1933 tcp_close_mpp(&tcp->tcp_xmit_head);
1908 1934 if (tcp->tcp_snd_zcopy_aware)
1909 1935 tcp_zcopy_notify(tcp);
1910 1936 tcp->tcp_xmit_last = tcp->tcp_xmit_tail = NULL;
1911 1937 tcp->tcp_unsent = tcp->tcp_xmit_tail_unsent = 0;
1912 1938 mutex_enter(&tcp->tcp_non_sq_lock);
1913 1939 if (tcp->tcp_flow_stopped &&
1914 1940 TCP_UNSENT_BYTES(tcp) <= connp->conn_sndlowat) {
1915 1941 tcp_clrqfull(tcp);
1916 1942 }
1917 1943 mutex_exit(&tcp->tcp_non_sq_lock);
1918 1944 tcp_close_mpp(&tcp->tcp_reass_head);
1919 1945 tcp->tcp_reass_tail = NULL;
1920 1946 if (tcp->tcp_rcv_list != NULL) {
1921 1947 /* Free b_next chain */
1922 1948 tcp_close_mpp(&tcp->tcp_rcv_list);
1923 1949 tcp->tcp_rcv_last_head = NULL;
1924 1950 tcp->tcp_rcv_last_tail = NULL;
1925 1951 tcp->tcp_rcv_cnt = 0;
1926 1952 }
1927 1953 tcp->tcp_rcv_last_tail = NULL;
1928 1954
1929 1955 if ((mp = tcp->tcp_urp_mp) != NULL) {
1930 1956 freemsg(mp);
1931 1957 tcp->tcp_urp_mp = NULL;
1932 1958 }
1933 1959 if ((mp = tcp->tcp_urp_mark_mp) != NULL) {
1934 1960 freemsg(mp);
1935 1961 tcp->tcp_urp_mark_mp = NULL;
1936 1962 }
1937 1963 if (tcp->tcp_fused_sigurg_mp != NULL) {
1938 1964 ASSERT(!IPCL_IS_NONSTR(tcp->tcp_connp));
1939 1965 freeb(tcp->tcp_fused_sigurg_mp);
1940 1966 tcp->tcp_fused_sigurg_mp = NULL;
1941 1967 }
1942 1968 if (tcp->tcp_ordrel_mp != NULL) {
1943 1969 ASSERT(!IPCL_IS_NONSTR(tcp->tcp_connp));
1944 1970 freeb(tcp->tcp_ordrel_mp);
1945 1971 tcp->tcp_ordrel_mp = NULL;
1946 1972 }
1947 1973
1948 1974 /*
1949 1975 * Following is a union with two members which are
1950 1976 * identical types and size so the following cleanup
1951 1977 * is enough.
1952 1978 */
1953 1979 tcp_close_mpp(&tcp->tcp_conn.tcp_eager_conn_ind);
1954 1980
1955 1981 CL_INET_DISCONNECT(connp);
1956 1982
1957 1983 /*
1958 1984 * The connection can't be on the tcp_time_wait_head list
1959 1985 * since it is not detached.
1960 1986 */
1961 1987 ASSERT(tcp->tcp_time_wait_next == NULL);
1962 1988 ASSERT(tcp->tcp_time_wait_prev == NULL);
1963 1989 ASSERT(tcp->tcp_time_wait_expire == 0);
1964 1990
1965 1991 /*
1966 1992 * Reset/preserve other values
1967 1993 */
1968 1994 tcp_reinit_values(tcp);
1969 1995 ipcl_hash_remove(connp);
1970 1996 /* Note that ixa_cred gets cleared in ixa_cleanup */
1971 1997 ixa_cleanup(connp->conn_ixa);
1972 1998 tcp_ipsec_cleanup(tcp);
1973 1999
1974 2000 connp->conn_laddr_v6 = connp->conn_bound_addr_v6;
1975 2001 connp->conn_saddr_v6 = connp->conn_bound_addr_v6;
1976 2002 oldstate = tcp->tcp_state;
1977 2003
1978 2004 if (tcp->tcp_conn_req_max != 0) {
1979 2005 /*
1980 2006 * This is the case when a TLI program uses the same
1981 2007 * transport end point to accept a connection. This
1982 2008 * makes the TCP both a listener and acceptor. When
1983 2009 * this connection is closed, we need to set the state
1984 2010 * back to TCPS_LISTEN. Make sure that the eager list
1985 2011 * is reinitialized.
1986 2012 *
1987 2013 * Note that this stream is still bound to the four
1988 2014 * tuples of the previous connection in IP. If a new
1989 2015 * SYN with different foreign address comes in, IP will
1990 2016 * not find it and will send it to the global queue. In
1991 2017 * the global queue, TCP will do a tcp_lookup_listener()
1992 2018 * to find this stream. This works because this stream
1993 2019 * is only removed from connected hash.
1994 2020 *
1995 2021 */
1996 2022 tcp->tcp_state = TCPS_LISTEN;
1997 2023 tcp->tcp_eager_next_q0 = tcp->tcp_eager_prev_q0 = tcp;
1998 2024 tcp->tcp_eager_next_drop_q0 = tcp;
1999 2025 tcp->tcp_eager_prev_drop_q0 = tcp;
2000 2026 /*
2001 2027 * Initially set conn_recv to tcp_input_listener_unbound to try
2002 2028 * to pick a good squeue for the listener when the first SYN
2003 2029 * arrives. tcp_input_listener_unbound sets it to
2004 2030 * tcp_input_listener on that first SYN.
2005 2031 */
2006 2032 connp->conn_recv = tcp_input_listener_unbound;
2007 2033
2008 2034 connp->conn_proto = IPPROTO_TCP;
2009 2035 connp->conn_faddr_v6 = ipv6_all_zeros;
2010 2036 connp->conn_fport = 0;
2011 2037
2012 2038 (void) ipcl_bind_insert(connp);
2013 2039 } else {
2014 2040 tcp->tcp_state = TCPS_BOUND;
2015 2041 }
2016 2042
2017 2043 /*
2018 2044 * Initialize to default values
2019 2045 */
2020 2046 tcp_init_values(tcp, NULL);
2021 2047
2022 2048 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
2023 2049 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
2024 2050 int32_t, oldstate);
2025 2051
2026 2052 ASSERT(tcp->tcp_ptpbhn != NULL);
2027 2053 tcp->tcp_rwnd = connp->conn_rcvbuf;
2028 2054 tcp->tcp_mss = connp->conn_ipversion != IPV4_VERSION ?
2029 2055 tcps->tcps_mss_def_ipv6 : tcps->tcps_mss_def_ipv4;
2030 2056 }
2031 2057
2032 2058 /*
2033 2059 * Force values to zero that need be zero.
2034 2060 * Do not touch values asociated with the BOUND or LISTEN state
2035 2061 * since the connection will end up in that state after the reinit.
2036 2062 * NOTE: tcp_reinit_values MUST have a line for each field in the tcp_t
2037 2063 * structure!
2038 2064 */
2039 2065 static void
2040 2066 tcp_reinit_values(tcp_t *tcp)
2041 2067 {
2042 2068 tcp_stack_t *tcps = tcp->tcp_tcps;
2043 2069 conn_t *connp = tcp->tcp_connp;
2044 2070
2045 2071 #ifndef lint
2046 2072 #define DONTCARE(x)
2047 2073 #define PRESERVE(x)
2048 2074 #else
2049 2075 #define DONTCARE(x) ((x) = (x))
2050 2076 #define PRESERVE(x) ((x) = (x))
2051 2077 #endif /* lint */
2052 2078
2053 2079 PRESERVE(tcp->tcp_bind_hash_port);
2054 2080 PRESERVE(tcp->tcp_bind_hash);
2055 2081 PRESERVE(tcp->tcp_ptpbhn);
2056 2082 PRESERVE(tcp->tcp_acceptor_hash);
2057 2083 PRESERVE(tcp->tcp_ptpahn);
2058 2084
2059 2085 /* Should be ASSERT NULL on these with new code! */
2060 2086 ASSERT(tcp->tcp_time_wait_next == NULL);
2061 2087 ASSERT(tcp->tcp_time_wait_prev == NULL);
2062 2088 ASSERT(tcp->tcp_time_wait_expire == 0);
2063 2089 PRESERVE(tcp->tcp_state);
2064 2090 PRESERVE(connp->conn_rq);
2065 2091 PRESERVE(connp->conn_wq);
2066 2092
2067 2093 ASSERT(tcp->tcp_xmit_head == NULL);
2068 2094 ASSERT(tcp->tcp_xmit_last == NULL);
2069 2095 ASSERT(tcp->tcp_unsent == 0);
2070 2096 ASSERT(tcp->tcp_xmit_tail == NULL);
2071 2097 ASSERT(tcp->tcp_xmit_tail_unsent == 0);
2072 2098
2073 2099 tcp->tcp_snxt = 0; /* Displayed in mib */
2074 2100 tcp->tcp_suna = 0; /* Displayed in mib */
2075 2101 tcp->tcp_swnd = 0;
2076 2102 DONTCARE(tcp->tcp_cwnd); /* Init in tcp_process_options */
2077 2103
2078 2104 if (connp->conn_ht_iphc != NULL) {
2079 2105 kmem_free(connp->conn_ht_iphc, connp->conn_ht_iphc_allocated);
2080 2106 connp->conn_ht_iphc = NULL;
2081 2107 connp->conn_ht_iphc_allocated = 0;
2082 2108 connp->conn_ht_iphc_len = 0;
2083 2109 connp->conn_ht_ulp = NULL;
2084 2110 connp->conn_ht_ulp_len = 0;
2085 2111 tcp->tcp_ipha = NULL;
2086 2112 tcp->tcp_ip6h = NULL;
2087 2113 tcp->tcp_tcpha = NULL;
2088 2114 }
2089 2115
2090 2116 /* We clear any IP_OPTIONS and extension headers */
2091 2117 ip_pkt_free(&connp->conn_xmit_ipp);
2092 2118
2093 2119 DONTCARE(tcp->tcp_naglim); /* Init in tcp_init_values */
2094 2120 DONTCARE(tcp->tcp_ipha);
2095 2121 DONTCARE(tcp->tcp_ip6h);
2096 2122 DONTCARE(tcp->tcp_tcpha);
2097 2123 tcp->tcp_valid_bits = 0;
2098 2124
2099 2125 DONTCARE(tcp->tcp_timer_backoff); /* Init in tcp_init_values */
2100 2126 DONTCARE(tcp->tcp_last_recv_time); /* Init in tcp_init_values */
2101 2127 tcp->tcp_last_rcv_lbolt = 0;
2102 2128
2103 2129 tcp->tcp_init_cwnd = 0;
2104 2130
2105 2131 tcp->tcp_urp_last_valid = 0;
2106 2132 tcp->tcp_hard_binding = 0;
2107 2133
2108 2134 tcp->tcp_fin_acked = 0;
2109 2135 tcp->tcp_fin_rcvd = 0;
2110 2136 tcp->tcp_fin_sent = 0;
2111 2137 tcp->tcp_ordrel_done = 0;
2112 2138
2113 2139 tcp->tcp_detached = 0;
2114 2140
2115 2141 tcp->tcp_snd_ws_ok = B_FALSE;
2116 2142 tcp->tcp_snd_ts_ok = B_FALSE;
2117 2143 tcp->tcp_zero_win_probe = 0;
2118 2144
2119 2145 tcp->tcp_loopback = 0;
2120 2146 tcp->tcp_localnet = 0;
2121 2147 tcp->tcp_syn_defense = 0;
2122 2148 tcp->tcp_set_timer = 0;
2123 2149
2124 2150 tcp->tcp_active_open = 0;
2125 2151 tcp->tcp_rexmit = B_FALSE;
2126 2152 tcp->tcp_xmit_zc_clean = B_FALSE;
2127 2153
2128 2154 tcp->tcp_snd_sack_ok = B_FALSE;
2129 2155 tcp->tcp_hwcksum = B_FALSE;
2130 2156
2131 2157 DONTCARE(tcp->tcp_maxpsz_multiplier); /* Init in tcp_init_values */
2132 2158
2133 2159 tcp->tcp_conn_def_q0 = 0;
2134 2160 tcp->tcp_ip_forward_progress = B_FALSE;
2135 2161 tcp->tcp_ecn_ok = B_FALSE;
2136 2162
2137 2163 tcp->tcp_cwr = B_FALSE;
2138 2164 tcp->tcp_ecn_echo_on = B_FALSE;
2139 2165 tcp->tcp_is_wnd_shrnk = B_FALSE;
2140 2166
2141 2167 TCP_NOTSACK_REMOVE_ALL(tcp->tcp_notsack_list, tcp);
2142 2168 bzero(&tcp->tcp_sack_info, sizeof (tcp_sack_info_t));
2143 2169
2144 2170 tcp->tcp_rcv_ws = 0;
2145 2171 tcp->tcp_snd_ws = 0;
2146 2172 tcp->tcp_ts_recent = 0;
2147 2173 tcp->tcp_rnxt = 0; /* Displayed in mib */
2148 2174 DONTCARE(tcp->tcp_rwnd); /* Set in tcp_reinit() */
2149 2175 tcp->tcp_initial_pmtu = 0;
2150 2176
2151 2177 ASSERT(tcp->tcp_reass_head == NULL);
2152 2178 ASSERT(tcp->tcp_reass_tail == NULL);
2153 2179
2154 2180 tcp->tcp_cwnd_cnt = 0;
2155 2181
2156 2182 ASSERT(tcp->tcp_rcv_list == NULL);
2157 2183 ASSERT(tcp->tcp_rcv_last_head == NULL);
2158 2184 ASSERT(tcp->tcp_rcv_last_tail == NULL);
2159 2185 ASSERT(tcp->tcp_rcv_cnt == 0);
2160 2186
2161 2187 DONTCARE(tcp->tcp_cwnd_ssthresh); /* Init in tcp_set_destination */
2162 2188 DONTCARE(tcp->tcp_cwnd_max); /* Init in tcp_init_values */
2163 2189 tcp->tcp_csuna = 0;
2164 2190
2165 2191 tcp->tcp_rto = 0; /* Displayed in MIB */
2166 2192 DONTCARE(tcp->tcp_rtt_sa); /* Init in tcp_init_values */
2167 2193 DONTCARE(tcp->tcp_rtt_sd); /* Init in tcp_init_values */
2168 2194 tcp->tcp_rtt_update = 0;
2169 2195 tcp->tcp_rtt_sum = 0;
2170 2196 tcp->tcp_rtt_cnt = 0;
2171 2197
2172 2198 DONTCARE(tcp->tcp_swl1); /* Init in case TCPS_LISTEN/TCPS_SYN_SENT */
2173 2199 DONTCARE(tcp->tcp_swl2); /* Init in case TCPS_LISTEN/TCPS_SYN_SENT */
2174 2200
2175 2201 tcp->tcp_rack = 0; /* Displayed in mib */
2176 2202 tcp->tcp_rack_cnt = 0;
2177 2203 tcp->tcp_rack_cur_max = 0;
2178 2204 tcp->tcp_rack_abs_max = 0;
2179 2205
2180 2206 tcp->tcp_max_swnd = 0;
2181 2207
2182 2208 ASSERT(tcp->tcp_listener == NULL);
2183 2209
2184 2210 DONTCARE(tcp->tcp_irs); /* tcp_valid_bits cleared */
2185 2211 DONTCARE(tcp->tcp_iss); /* tcp_valid_bits cleared */
2186 2212 DONTCARE(tcp->tcp_fss); /* tcp_valid_bits cleared */
2187 2213 DONTCARE(tcp->tcp_urg); /* tcp_valid_bits cleared */
2188 2214
2189 2215 ASSERT(tcp->tcp_conn_req_cnt_q == 0);
2190 2216 ASSERT(tcp->tcp_conn_req_cnt_q0 == 0);
2191 2217 PRESERVE(tcp->tcp_conn_req_max);
2192 2218 PRESERVE(tcp->tcp_conn_req_seqnum);
2193 2219
2194 2220 DONTCARE(tcp->tcp_first_timer_threshold); /* Init in tcp_init_values */
2195 2221 DONTCARE(tcp->tcp_second_timer_threshold); /* Init in tcp_init_values */
2196 2222 DONTCARE(tcp->tcp_first_ctimer_threshold); /* Init in tcp_init_values */
2197 2223 DONTCARE(tcp->tcp_second_ctimer_threshold); /* in tcp_init_values */
2198 2224
2199 2225 DONTCARE(tcp->tcp_urp_last); /* tcp_urp_last_valid is cleared */
2200 2226 ASSERT(tcp->tcp_urp_mp == NULL);
2201 2227 ASSERT(tcp->tcp_urp_mark_mp == NULL);
2202 2228 ASSERT(tcp->tcp_fused_sigurg_mp == NULL);
2203 2229
2204 2230 ASSERT(tcp->tcp_eager_next_q == NULL);
2205 2231 ASSERT(tcp->tcp_eager_last_q == NULL);
2206 2232 ASSERT((tcp->tcp_eager_next_q0 == NULL &&
2207 2233 tcp->tcp_eager_prev_q0 == NULL) ||
2208 2234 tcp->tcp_eager_next_q0 == tcp->tcp_eager_prev_q0);
2209 2235 ASSERT(tcp->tcp_conn.tcp_eager_conn_ind == NULL);
2210 2236
2211 2237 ASSERT((tcp->tcp_eager_next_drop_q0 == NULL &&
2212 2238 tcp->tcp_eager_prev_drop_q0 == NULL) ||
2213 2239 tcp->tcp_eager_next_drop_q0 == tcp->tcp_eager_prev_drop_q0);
2214 2240
2215 2241 DONTCARE(tcp->tcp_ka_rinterval); /* Init in tcp_init_values */
2216 2242 DONTCARE(tcp->tcp_ka_abort_thres); /* Init in tcp_init_values */
2217 2243 DONTCARE(tcp->tcp_ka_cnt); /* Init in tcp_init_values */
2218 2244
2219 2245 tcp->tcp_client_errno = 0;
2220 2246
2221 2247 DONTCARE(connp->conn_sum); /* Init in tcp_init_values */
2222 2248
2223 2249 connp->conn_faddr_v6 = ipv6_all_zeros; /* Displayed in MIB */
2224 2250
2225 2251 PRESERVE(connp->conn_bound_addr_v6);
2226 2252 tcp->tcp_last_sent_len = 0;
2227 2253 tcp->tcp_dupack_cnt = 0;
2228 2254
2229 2255 connp->conn_fport = 0; /* Displayed in MIB */
2230 2256 PRESERVE(connp->conn_lport);
2231 2257
2232 2258 PRESERVE(tcp->tcp_acceptor_lockp);
2233 2259
2234 2260 ASSERT(tcp->tcp_ordrel_mp == NULL);
2235 2261 PRESERVE(tcp->tcp_acceptor_id);
2236 2262 DONTCARE(tcp->tcp_ipsec_overhead);
2237 2263
2238 2264 PRESERVE(connp->conn_family);
2239 2265 /* Remove any remnants of mapped address binding */
2240 2266 if (connp->conn_family == AF_INET6) {
2241 2267 connp->conn_ipversion = IPV6_VERSION;
2242 2268 tcp->tcp_mss = tcps->tcps_mss_def_ipv6;
2243 2269 } else {
2244 2270 connp->conn_ipversion = IPV4_VERSION;
2245 2271 tcp->tcp_mss = tcps->tcps_mss_def_ipv4;
2246 2272 }
2247 2273
2248 2274 connp->conn_bound_if = 0;
2249 2275 connp->conn_recv_ancillary.crb_all = 0;
2250 2276 tcp->tcp_recvifindex = 0;
2251 2277 tcp->tcp_recvhops = 0;
2252 2278 tcp->tcp_closed = 0;
2253 2279 if (tcp->tcp_hopopts != NULL) {
2254 2280 mi_free(tcp->tcp_hopopts);
2255 2281 tcp->tcp_hopopts = NULL;
2256 2282 tcp->tcp_hopoptslen = 0;
2257 2283 }
2258 2284 ASSERT(tcp->tcp_hopoptslen == 0);
2259 2285 if (tcp->tcp_dstopts != NULL) {
2260 2286 mi_free(tcp->tcp_dstopts);
2261 2287 tcp->tcp_dstopts = NULL;
2262 2288 tcp->tcp_dstoptslen = 0;
2263 2289 }
2264 2290 ASSERT(tcp->tcp_dstoptslen == 0);
2265 2291 if (tcp->tcp_rthdrdstopts != NULL) {
2266 2292 mi_free(tcp->tcp_rthdrdstopts);
2267 2293 tcp->tcp_rthdrdstopts = NULL;
2268 2294 tcp->tcp_rthdrdstoptslen = 0;
2269 2295 }
2270 2296 ASSERT(tcp->tcp_rthdrdstoptslen == 0);
2271 2297 if (tcp->tcp_rthdr != NULL) {
2272 2298 mi_free(tcp->tcp_rthdr);
2273 2299 tcp->tcp_rthdr = NULL;
2274 2300 tcp->tcp_rthdrlen = 0;
2275 2301 }
2276 2302 ASSERT(tcp->tcp_rthdrlen == 0);
2277 2303
2278 2304 /* Reset fusion-related fields */
2279 2305 tcp->tcp_fused = B_FALSE;
2280 2306 tcp->tcp_unfusable = B_FALSE;
2281 2307 tcp->tcp_fused_sigurg = B_FALSE;
2282 2308 tcp->tcp_loopback_peer = NULL;
2283 2309
2284 2310 tcp->tcp_lso = B_FALSE;
2285 2311
2286 2312 tcp->tcp_in_ack_unsent = 0;
2287 2313 tcp->tcp_cork = B_FALSE;
2288 2314 tcp->tcp_tconnind_started = B_FALSE;
2289 2315
2290 2316 PRESERVE(tcp->tcp_squeue_bytes);
2291 2317
2292 2318 tcp->tcp_closemp_used = B_FALSE;
2293 2319
2294 2320 PRESERVE(tcp->tcp_rsrv_mp);
2295 2321 PRESERVE(tcp->tcp_rsrv_mp_lock);
2296 2322
2297 2323 #ifdef DEBUG
2298 2324 DONTCARE(tcp->tcmp_stk[0]);
2299 2325 #endif
2300 2326
2301 2327 PRESERVE(tcp->tcp_connid);
2302 2328
2303 2329 ASSERT(tcp->tcp_listen_cnt == NULL);
2304 2330 ASSERT(tcp->tcp_reass_tid == 0);
2305 2331
2306 2332 /* Allow the CC algorithm to clean up after itself. */
2307 2333 if (tcp->tcp_cc_algo->cb_destroy != NULL)
2308 2334 tcp->tcp_cc_algo->cb_destroy(&tcp->tcp_ccv);
2309 2335 tcp->tcp_cc_algo = NULL;
2310 2336
2311 2337 #undef DONTCARE
2312 2338 #undef PRESERVE
2313 2339 }
2314 2340
2315 2341 /*
2316 2342 * Initialize the various fields in tcp_t. If parent (the listener) is non
2317 2343 * NULL, certain values will be inheritted from it.
2318 2344 */
2319 2345 void
2320 2346 tcp_init_values(tcp_t *tcp, tcp_t *parent)
2321 2347 {
2322 2348 tcp_stack_t *tcps = tcp->tcp_tcps;
2323 2349 conn_t *connp = tcp->tcp_connp;
2324 2350
2325 2351 ASSERT((connp->conn_family == AF_INET &&
2326 2352 connp->conn_ipversion == IPV4_VERSION) ||
2327 2353 (connp->conn_family == AF_INET6 &&
2328 2354 (connp->conn_ipversion == IPV4_VERSION ||
2329 2355 connp->conn_ipversion == IPV6_VERSION)));
2330 2356
2331 2357 tcp->tcp_ccv.type = IPPROTO_TCP;
2332 2358 tcp->tcp_ccv.ccvc.tcp = tcp;
2333 2359
2334 2360 if (parent == NULL) {
2335 2361 tcp->tcp_cc_algo = tcps->tcps_default_cc_algo;
2336 2362
2337 2363 tcp->tcp_naglim = tcps->tcps_naglim_def;
2338 2364
2339 2365 tcp->tcp_rto_initial = tcps->tcps_rexmit_interval_initial;
2340 2366 tcp->tcp_rto_min = tcps->tcps_rexmit_interval_min;
2341 2367 tcp->tcp_rto_max = tcps->tcps_rexmit_interval_max;
2342 2368
2343 2369 tcp->tcp_first_ctimer_threshold =
2344 2370 tcps->tcps_ip_notify_cinterval;
2345 2371 tcp->tcp_second_ctimer_threshold =
2346 2372 tcps->tcps_ip_abort_cinterval;
2347 2373 tcp->tcp_first_timer_threshold = tcps->tcps_ip_notify_interval;
2348 2374 tcp->tcp_second_timer_threshold = tcps->tcps_ip_abort_interval;
2349 2375
2350 2376 tcp->tcp_fin_wait_2_flush_interval =
2351 2377 tcps->tcps_fin_wait_2_flush_interval;
2352 2378
2353 2379 tcp->tcp_ka_interval = tcps->tcps_keepalive_interval;
2354 2380 tcp->tcp_ka_abort_thres = tcps->tcps_keepalive_abort_interval;
2355 2381 tcp->tcp_ka_cnt = 0;
2356 2382 tcp->tcp_ka_rinterval = 0;
2357 2383
2358 2384 /*
2359 2385 * Default value of tcp_init_cwnd is 0, so no need to set here
2360 2386 * if parent is NULL. But we need to inherit it from parent.
2361 2387 */
2362 2388 } else {
2363 2389 /* Inherit various TCP parameters from the parent. */
2364 2390 tcp->tcp_cc_algo = parent->tcp_cc_algo;
2365 2391
2366 2392 tcp->tcp_naglim = parent->tcp_naglim;
2367 2393
2368 2394 tcp->tcp_rto_initial = parent->tcp_rto_initial;
2369 2395 tcp->tcp_rto_min = parent->tcp_rto_min;
2370 2396 tcp->tcp_rto_max = parent->tcp_rto_max;
2371 2397
2372 2398 tcp->tcp_first_ctimer_threshold =
2373 2399 parent->tcp_first_ctimer_threshold;
2374 2400 tcp->tcp_second_ctimer_threshold =
2375 2401 parent->tcp_second_ctimer_threshold;
2376 2402 tcp->tcp_first_timer_threshold =
2377 2403 parent->tcp_first_timer_threshold;
2378 2404 tcp->tcp_second_timer_threshold =
2379 2405 parent->tcp_second_timer_threshold;
2380 2406
2381 2407 tcp->tcp_fin_wait_2_flush_interval =
2382 2408 parent->tcp_fin_wait_2_flush_interval;
2383 2409
2384 2410 tcp->tcp_ka_interval = parent->tcp_ka_interval;
2385 2411 tcp->tcp_ka_abort_thres = parent->tcp_ka_abort_thres;
2386 2412 tcp->tcp_ka_cnt = parent->tcp_ka_cnt;
2387 2413 tcp->tcp_ka_rinterval = parent->tcp_ka_rinterval;
2388 2414
2389 2415 tcp->tcp_init_cwnd = parent->tcp_init_cwnd;
2390 2416 }
2391 2417
2392 2418 if (tcp->tcp_cc_algo->cb_init != NULL)
2393 2419 VERIFY(tcp->tcp_cc_algo->cb_init(&tcp->tcp_ccv) == 0);
2394 2420
2395 2421 /*
2396 2422 * Initialize tcp_rtt_sa and tcp_rtt_sd so that the calculated RTO
2397 2423 * will be close to tcp_rexmit_interval_initial. By doing this, we
2398 2424 * allow the algorithm to adjust slowly to large fluctuations of RTT
2399 2425 * during first few transmissions of a connection as seen in slow
2400 2426 * links.
2401 2427 */
2402 2428 tcp->tcp_rtt_sa = MSEC2NSEC(tcp->tcp_rto_initial) << 2;
2403 2429 tcp->tcp_rtt_sd = MSEC2NSEC(tcp->tcp_rto_initial) >> 1;
2404 2430 tcp->tcp_rto = tcp_calculate_rto(tcp, tcps,
2405 2431 tcps->tcps_conn_grace_period);
2406 2432
2407 2433 tcp->tcp_timer_backoff = 0;
2408 2434 tcp->tcp_ms_we_have_waited = 0;
2409 2435 tcp->tcp_last_recv_time = ddi_get_lbolt();
2410 2436 tcp->tcp_cwnd_max = tcps->tcps_cwnd_max_;
2411 2437 tcp->tcp_cwnd_ssthresh = TCP_MAX_LARGEWIN;
2412 2438
2413 2439 tcp->tcp_maxpsz_multiplier = tcps->tcps_maxpsz_multiplier;
2414 2440
2415 2441 /* NOTE: ISS is now set in tcp_set_destination(). */
2416 2442
2417 2443 /* Reset fusion-related fields */
2418 2444 tcp->tcp_fused = B_FALSE;
2419 2445 tcp->tcp_unfusable = B_FALSE;
2420 2446 tcp->tcp_fused_sigurg = B_FALSE;
2421 2447 tcp->tcp_loopback_peer = NULL;
2422 2448
2423 2449 /* We rebuild the header template on the next connect/conn_request */
2424 2450
2425 2451 connp->conn_mlp_type = mlptSingle;
2426 2452
2427 2453 /*
2428 2454 * Init the window scale to the max so tcp_rwnd_set() won't pare
2429 2455 * down tcp_rwnd. tcp_set_destination() will set the right value later.
2430 2456 */
2431 2457 tcp->tcp_rcv_ws = TCP_MAX_WINSHIFT;
2432 2458 tcp->tcp_rwnd = connp->conn_rcvbuf;
2433 2459
2434 2460 tcp->tcp_cork = B_FALSE;
2435 2461 /*
2436 2462 * Init the tcp_debug option if it wasn't already set. This value
2437 2463 * determines whether TCP
2438 2464 * calls strlog() to print out debug messages. Doing this
2439 2465 * initialization here means that this value is not inherited thru
2440 2466 * tcp_reinit().
2441 2467 */
2442 2468 if (!connp->conn_debug)
2443 2469 connp->conn_debug = tcps->tcps_dbg;
2444 2470 }
2445 2471
2446 2472 /*
2447 2473 * Update the TCP connection according to change of PMTU.
2448 2474 *
2449 2475 * Path MTU might have changed by either increase or decrease, so need to
2450 2476 * adjust the MSS based on the value of ixa_pmtu. No need to handle tiny
2451 2477 * or negative MSS, since tcp_mss_set() will do it.
2452 2478 */
2453 2479 void
2454 2480 tcp_update_pmtu(tcp_t *tcp, boolean_t decrease_only)
2455 2481 {
2456 2482 uint32_t pmtu;
2457 2483 int32_t mss;
2458 2484 conn_t *connp = tcp->tcp_connp;
2459 2485 ip_xmit_attr_t *ixa = connp->conn_ixa;
2460 2486 iaflags_t ixaflags;
2461 2487
2462 2488 if (tcp->tcp_tcps->tcps_ignore_path_mtu)
2463 2489 return;
2464 2490
2465 2491 if (tcp->tcp_state < TCPS_ESTABLISHED)
2466 2492 return;
2467 2493
2468 2494 /*
2469 2495 * Always call ip_get_pmtu() to make sure that IP has updated
2470 2496 * ixa_flags properly.
2471 2497 */
2472 2498 pmtu = ip_get_pmtu(ixa);
2473 2499 ixaflags = ixa->ixa_flags;
2474 2500
2475 2501 /*
2476 2502 * Calculate the MSS by decreasing the PMTU by conn_ht_iphc_len and
2477 2503 * IPsec overhead if applied. Make sure to use the most recent
2478 2504 * IPsec information.
2479 2505 */
2480 2506 mss = pmtu - connp->conn_ht_iphc_len - conn_ipsec_length(connp);
2481 2507
2482 2508 /*
2483 2509 * Nothing to change, so just return.
2484 2510 */
2485 2511 if (mss == tcp->tcp_mss)
2486 2512 return;
2487 2513
2488 2514 /*
2489 2515 * Currently, for ICMP errors, only PMTU decrease is handled.
2490 2516 */
2491 2517 if (mss > tcp->tcp_mss && decrease_only)
2492 2518 return;
2493 2519
2494 2520 DTRACE_PROBE2(tcp_update_pmtu, int32_t, tcp->tcp_mss, uint32_t, mss);
2495 2521
2496 2522 /*
2497 2523 * Update ixa_fragsize and ixa_pmtu.
2498 2524 */
2499 2525 ixa->ixa_fragsize = ixa->ixa_pmtu = pmtu;
2500 2526
2501 2527 /*
2502 2528 * Adjust MSS and all relevant variables.
2503 2529 */
2504 2530 tcp_mss_set(tcp, mss);
2505 2531
2506 2532 /*
2507 2533 * If the PMTU is below the min size maintained by IP, then ip_get_pmtu
2508 2534 * has set IXAF_PMTU_TOO_SMALL and cleared IXAF_PMTU_IPV4_DF. Since TCP
2509 2535 * has a (potentially different) min size we do the same. Make sure to
2510 2536 * clear IXAF_DONTFRAG, which is used by IP to decide whether to
2511 2537 * fragment the packet.
2512 2538 *
2513 2539 * LSO over IPv6 can not be fragmented. So need to disable LSO
2514 2540 * when IPv6 fragmentation is needed.
2515 2541 */
2516 2542 if (mss < tcp->tcp_tcps->tcps_mss_min)
2517 2543 ixaflags |= IXAF_PMTU_TOO_SMALL;
2518 2544
2519 2545 if (ixaflags & IXAF_PMTU_TOO_SMALL)
2520 2546 ixaflags &= ~(IXAF_DONTFRAG | IXAF_PMTU_IPV4_DF);
2521 2547
2522 2548 if ((connp->conn_ipversion == IPV4_VERSION) &&
2523 2549 !(ixaflags & IXAF_PMTU_IPV4_DF)) {
2524 2550 tcp->tcp_ipha->ipha_fragment_offset_and_flags = 0;
2525 2551 }
2526 2552 ixa->ixa_flags = ixaflags;
2527 2553 }
2528 2554
2529 2555 int
2530 2556 tcp_maxpsz_set(tcp_t *tcp, boolean_t set_maxblk)
2531 2557 {
2532 2558 conn_t *connp = tcp->tcp_connp;
2533 2559 queue_t *q = connp->conn_rq;
2534 2560 int32_t mss = tcp->tcp_mss;
2535 2561 int maxpsz;
2536 2562
2537 2563 if (TCP_IS_DETACHED(tcp))
2538 2564 return (mss);
2539 2565 if (tcp->tcp_fused) {
2540 2566 maxpsz = tcp_fuse_maxpsz(tcp);
2541 2567 mss = INFPSZ;
2542 2568 } else if (tcp->tcp_maxpsz_multiplier == 0) {
2543 2569 /*
2544 2570 * Set the sd_qn_maxpsz according to the socket send buffer
2545 2571 * size, and sd_maxblk to INFPSZ (-1). This will essentially
2546 2572 * instruct the stream head to copyin user data into contiguous
2547 2573 * kernel-allocated buffers without breaking it up into smaller
2548 2574 * chunks. We round up the buffer size to the nearest SMSS.
2549 2575 */
2550 2576 maxpsz = MSS_ROUNDUP(connp->conn_sndbuf, mss);
2551 2577 mss = INFPSZ;
2552 2578 } else {
2553 2579 /*
2554 2580 * Set sd_qn_maxpsz to approx half the (receivers) buffer
2555 2581 * (and a multiple of the mss). This instructs the stream
2556 2582 * head to break down larger than SMSS writes into SMSS-
2557 2583 * size mblks, up to tcp_maxpsz_multiplier mblks at a time.
2558 2584 */
2559 2585 maxpsz = tcp->tcp_maxpsz_multiplier * mss;
2560 2586 if (maxpsz > connp->conn_sndbuf / 2) {
2561 2587 maxpsz = connp->conn_sndbuf / 2;
2562 2588 /* Round up to nearest mss */
2563 2589 maxpsz = MSS_ROUNDUP(maxpsz, mss);
2564 2590 }
2565 2591 }
2566 2592
2567 2593 (void) proto_set_maxpsz(q, connp, maxpsz);
2568 2594 if (!(IPCL_IS_NONSTR(connp)))
2569 2595 connp->conn_wq->q_maxpsz = maxpsz;
2570 2596 if (set_maxblk)
2571 2597 (void) proto_set_tx_maxblk(q, connp, mss);
2572 2598 return (mss);
2573 2599 }
2574 2600
2575 2601 /* For /dev/tcp aka AF_INET open */
2576 2602 static int
2577 2603 tcp_openv4(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
2578 2604 {
2579 2605 return (tcp_open(q, devp, flag, sflag, credp, B_FALSE));
2580 2606 }
2581 2607
2582 2608 /* For /dev/tcp6 aka AF_INET6 open */
2583 2609 static int
2584 2610 tcp_openv6(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp)
2585 2611 {
2586 2612 return (tcp_open(q, devp, flag, sflag, credp, B_TRUE));
2587 2613 }
2588 2614
2589 2615 conn_t *
2590 2616 tcp_create_common(cred_t *credp, boolean_t isv6, boolean_t issocket,
2591 2617 int *errorp)
2592 2618 {
2593 2619 tcp_t *tcp = NULL;
2594 2620 conn_t *connp;
2595 2621 zoneid_t zoneid;
2596 2622 tcp_stack_t *tcps;
2597 2623 squeue_t *sqp;
2598 2624
2599 2625 ASSERT(errorp != NULL);
2600 2626 /*
2601 2627 * Find the proper zoneid and netstack.
2602 2628 */
2603 2629 /*
2604 2630 * Special case for install: miniroot needs to be able to
2605 2631 * access files via NFS as though it were always in the
2606 2632 * global zone.
2607 2633 */
2608 2634 if (credp == kcred && nfs_global_client_only != 0) {
2609 2635 zoneid = GLOBAL_ZONEID;
2610 2636 tcps = netstack_find_by_stackid(GLOBAL_NETSTACKID)->
2611 2637 netstack_tcp;
2612 2638 ASSERT(tcps != NULL);
2613 2639 } else {
2614 2640 netstack_t *ns;
2615 2641 int err;
2616 2642
2617 2643 if ((err = secpolicy_basic_net_access(credp)) != 0) {
2618 2644 *errorp = err;
2619 2645 return (NULL);
2620 2646 }
2621 2647
2622 2648 ns = netstack_find_by_cred(credp);
2623 2649 ASSERT(ns != NULL);
2624 2650 tcps = ns->netstack_tcp;
2625 2651 ASSERT(tcps != NULL);
2626 2652
2627 2653 /*
2628 2654 * For exclusive stacks we set the zoneid to zero
2629 2655 * to make TCP operate as if in the global zone.
2630 2656 */
2631 2657 if (tcps->tcps_netstack->netstack_stackid !=
2632 2658 GLOBAL_NETSTACKID)
2633 2659 zoneid = GLOBAL_ZONEID;
2634 2660 else
2635 2661 zoneid = crgetzoneid(credp);
2636 2662 }
2637 2663
2638 2664 sqp = IP_SQUEUE_GET((uint_t)gethrtime());
2639 2665 connp = tcp_get_conn(sqp, tcps);
2640 2666 /*
2641 2667 * Both tcp_get_conn and netstack_find_by_cred incremented refcnt,
2642 2668 * so we drop it by one.
2643 2669 */
2644 2670 netstack_rele(tcps->tcps_netstack);
2645 2671 if (connp == NULL) {
2646 2672 *errorp = ENOSR;
2647 2673 return (NULL);
2648 2674 }
2649 2675 ASSERT(connp->conn_ixa->ixa_protocol == connp->conn_proto);
2650 2676
2651 2677 connp->conn_sqp = sqp;
2652 2678 connp->conn_initial_sqp = connp->conn_sqp;
2653 2679 connp->conn_ixa->ixa_sqp = connp->conn_sqp;
2654 2680 tcp = connp->conn_tcp;
2655 2681
2656 2682 /*
2657 2683 * Besides asking IP to set the checksum for us, have conn_ip_output
2658 2684 * to do the following checks when necessary:
2659 2685 *
2660 2686 * IXAF_VERIFY_SOURCE: drop packets when our outer source goes invalid
2661 2687 * IXAF_VERIFY_PMTU: verify PMTU changes
2662 2688 * IXAF_VERIFY_LSO: verify LSO capability changes
2663 2689 */
2664 2690 connp->conn_ixa->ixa_flags |= IXAF_SET_ULP_CKSUM | IXAF_VERIFY_SOURCE |
2665 2691 IXAF_VERIFY_PMTU | IXAF_VERIFY_LSO;
2666 2692
2667 2693 if (!tcps->tcps_dev_flow_ctl)
2668 2694 connp->conn_ixa->ixa_flags |= IXAF_NO_DEV_FLOW_CTL;
2669 2695
2670 2696 if (isv6) {
2671 2697 connp->conn_ixa->ixa_src_preferences = IPV6_PREFER_SRC_DEFAULT;
2672 2698 connp->conn_ipversion = IPV6_VERSION;
2673 2699 connp->conn_family = AF_INET6;
2674 2700 tcp->tcp_mss = tcps->tcps_mss_def_ipv6;
2675 2701 connp->conn_default_ttl = tcps->tcps_ipv6_hoplimit;
2676 2702 } else {
2677 2703 connp->conn_ipversion = IPV4_VERSION;
2678 2704 connp->conn_family = AF_INET;
2679 2705 tcp->tcp_mss = tcps->tcps_mss_def_ipv4;
2680 2706 connp->conn_default_ttl = tcps->tcps_ipv4_ttl;
2681 2707 }
2682 2708 connp->conn_xmit_ipp.ipp_unicast_hops = connp->conn_default_ttl;
2683 2709
2684 2710 crhold(credp);
2685 2711 connp->conn_cred = credp;
2686 2712 connp->conn_cpid = curproc->p_pid;
2687 2713 connp->conn_open_time = ddi_get_lbolt64();
2688 2714
2689 2715 /* Cache things in the ixa without any refhold */
2690 2716 ASSERT(!(connp->conn_ixa->ixa_free_flags & IXA_FREE_CRED));
2691 2717 connp->conn_ixa->ixa_cred = credp;
2692 2718 connp->conn_ixa->ixa_cpid = connp->conn_cpid;
2693 2719
2694 2720 connp->conn_zoneid = zoneid;
2695 2721 /* conn_allzones can not be set this early, hence no IPCL_ZONEID */
2696 2722 connp->conn_ixa->ixa_zoneid = zoneid;
2697 2723 connp->conn_mlp_type = mlptSingle;
2698 2724 ASSERT(connp->conn_netstack == tcps->tcps_netstack);
2699 2725 ASSERT(tcp->tcp_tcps == tcps);
2700 2726
2701 2727 /*
2702 2728 * If the caller has the process-wide flag set, then default to MAC
2703 2729 * exempt mode. This allows read-down to unlabeled hosts.
2704 2730 */
2705 2731 if (getpflags(NET_MAC_AWARE, credp) != 0)
2706 2732 connp->conn_mac_mode = CONN_MAC_AWARE;
2707 2733
2708 2734 connp->conn_zone_is_global = (crgetzoneid(credp) == GLOBAL_ZONEID);
2709 2735
2710 2736 if (issocket) {
2711 2737 tcp->tcp_issocket = 1;
2712 2738 }
2713 2739
2714 2740 connp->conn_rcvbuf = tcps->tcps_recv_hiwat;
2715 2741 connp->conn_sndbuf = tcps->tcps_xmit_hiwat;
2716 2742 if (tcps->tcps_snd_lowat_fraction != 0) {
2717 2743 connp->conn_sndlowat = connp->conn_sndbuf /
2718 2744 tcps->tcps_snd_lowat_fraction;
2719 2745 } else {
2720 2746 connp->conn_sndlowat = tcps->tcps_xmit_lowat;
2721 2747 }
2722 2748 connp->conn_so_type = SOCK_STREAM;
2723 2749 connp->conn_wroff = connp->conn_ht_iphc_allocated +
2724 2750 tcps->tcps_wroff_xtra;
2725 2751
2726 2752 SOCK_CONNID_INIT(tcp->tcp_connid);
2727 2753 /* DTrace ignores this - it isn't a tcp:::state-change */
2728 2754 tcp->tcp_state = TCPS_IDLE;
2729 2755 tcp_init_values(tcp, NULL);
2730 2756 return (connp);
2731 2757 }
2732 2758
2733 2759 static int
2734 2760 tcp_open(queue_t *q, dev_t *devp, int flag, int sflag, cred_t *credp,
2735 2761 boolean_t isv6)
2736 2762 {
2737 2763 tcp_t *tcp = NULL;
2738 2764 conn_t *connp = NULL;
2739 2765 int err;
2740 2766 vmem_t *minor_arena = NULL;
2741 2767 dev_t conn_dev;
2742 2768 boolean_t issocket;
2743 2769
2744 2770 if (q->q_ptr != NULL)
2745 2771 return (0);
2746 2772
2747 2773 if (sflag == MODOPEN)
2748 2774 return (EINVAL);
2749 2775
2750 2776 if ((ip_minor_arena_la != NULL) && (flag & SO_SOCKSTR) &&
2751 2777 ((conn_dev = inet_minor_alloc(ip_minor_arena_la)) != 0)) {
2752 2778 minor_arena = ip_minor_arena_la;
2753 2779 } else {
2754 2780 /*
2755 2781 * Either minor numbers in the large arena were exhausted
2756 2782 * or a non socket application is doing the open.
2757 2783 * Try to allocate from the small arena.
2758 2784 */
2759 2785 if ((conn_dev = inet_minor_alloc(ip_minor_arena_sa)) == 0) {
2760 2786 return (EBUSY);
2761 2787 }
2762 2788 minor_arena = ip_minor_arena_sa;
2763 2789 }
2764 2790
2765 2791 ASSERT(minor_arena != NULL);
2766 2792
2767 2793 *devp = makedevice(getmajor(*devp), (minor_t)conn_dev);
2768 2794
2769 2795 if (flag & SO_FALLBACK) {
2770 2796 /*
2771 2797 * Non streams socket needs a stream to fallback to
2772 2798 */
2773 2799 RD(q)->q_ptr = (void *)conn_dev;
2774 2800 WR(q)->q_qinfo = &tcp_fallback_sock_winit;
2775 2801 WR(q)->q_ptr = (void *)minor_arena;
2776 2802 qprocson(q);
2777 2803 return (0);
2778 2804 } else if (flag & SO_ACCEPTOR) {
2779 2805 q->q_qinfo = &tcp_acceptor_rinit;
2780 2806 /*
2781 2807 * the conn_dev and minor_arena will be subsequently used by
2782 2808 * tcp_tli_accept() and tcp_tpi_close_accept() to figure out
2783 2809 * the minor device number for this connection from the q_ptr.
2784 2810 */
2785 2811 RD(q)->q_ptr = (void *)conn_dev;
2786 2812 WR(q)->q_qinfo = &tcp_acceptor_winit;
2787 2813 WR(q)->q_ptr = (void *)minor_arena;
2788 2814 qprocson(q);
2789 2815 return (0);
2790 2816 }
2791 2817
2792 2818 issocket = flag & SO_SOCKSTR;
2793 2819 connp = tcp_create_common(credp, isv6, issocket, &err);
2794 2820
2795 2821 if (connp == NULL) {
2796 2822 inet_minor_free(minor_arena, conn_dev);
2797 2823 q->q_ptr = WR(q)->q_ptr = NULL;
2798 2824 return (err);
2799 2825 }
2800 2826
2801 2827 connp->conn_rq = q;
2802 2828 connp->conn_wq = WR(q);
2803 2829 q->q_ptr = WR(q)->q_ptr = connp;
2804 2830
2805 2831 connp->conn_dev = conn_dev;
2806 2832 connp->conn_minor_arena = minor_arena;
2807 2833
2808 2834 ASSERT(q->q_qinfo == &tcp_rinitv4 || q->q_qinfo == &tcp_rinitv6);
2809 2835 ASSERT(WR(q)->q_qinfo == &tcp_winit);
2810 2836
2811 2837 tcp = connp->conn_tcp;
2812 2838
2813 2839 if (issocket) {
2814 2840 WR(q)->q_qinfo = &tcp_sock_winit;
2815 2841 } else {
2816 2842 #ifdef _ILP32
2817 2843 tcp->tcp_acceptor_id = (t_uscalar_t)RD(q);
2818 2844 #else
2819 2845 tcp->tcp_acceptor_id = conn_dev;
2820 2846 #endif /* _ILP32 */
2821 2847 tcp_acceptor_hash_insert(tcp->tcp_acceptor_id, tcp);
2822 2848 }
2823 2849
2824 2850 /*
2825 2851 * Put the ref for TCP. Ref for IP was already put
2826 2852 * by ipcl_conn_create. Also Make the conn_t globally
2827 2853 * visible to walkers
2828 2854 */
2829 2855 mutex_enter(&connp->conn_lock);
2830 2856 CONN_INC_REF_LOCKED(connp);
2831 2857 ASSERT(connp->conn_ref == 2);
2832 2858 connp->conn_state_flags &= ~CONN_INCIPIENT;
2833 2859 mutex_exit(&connp->conn_lock);
2834 2860
2835 2861 qprocson(q);
2836 2862 return (0);
2837 2863 }
2838 2864
2839 2865 /*
2840 2866 * Build/update the tcp header template (in conn_ht_iphc) based on
2841 2867 * conn_xmit_ipp. The headers include ip6_t, any extension
2842 2868 * headers, and the maximum size tcp header (to avoid reallocation
2843 2869 * on the fly for additional tcp options).
2844 2870 *
2845 2871 * Assumes the caller has already set conn_{faddr,laddr,fport,lport,flowinfo}.
2846 2872 * Returns failure if can't allocate memory.
2847 2873 */
2848 2874 int
2849 2875 tcp_build_hdrs(tcp_t *tcp)
2850 2876 {
2851 2877 tcp_stack_t *tcps = tcp->tcp_tcps;
2852 2878 conn_t *connp = tcp->tcp_connp;
2853 2879 char buf[TCP_MAX_HDR_LENGTH];
2854 2880 uint_t buflen;
2855 2881 uint_t ulplen = TCP_MIN_HEADER_LENGTH;
2856 2882 uint_t extralen = TCP_MAX_TCP_OPTIONS_LENGTH;
2857 2883 tcpha_t *tcpha;
2858 2884 uint32_t cksum;
2859 2885 int error;
2860 2886
2861 2887 /*
2862 2888 * We might be called after the connection is set up, and we might
2863 2889 * have TS options already in the TCP header. Thus we save any
2864 2890 * existing tcp header.
2865 2891 */
2866 2892 buflen = connp->conn_ht_ulp_len;
2867 2893 if (buflen != 0) {
2868 2894 bcopy(connp->conn_ht_ulp, buf, buflen);
2869 2895 extralen -= buflen - ulplen;
2870 2896 ulplen = buflen;
2871 2897 }
2872 2898
2873 2899 /* Grab lock to satisfy ASSERT; TCP is serialized using squeue */
2874 2900 mutex_enter(&connp->conn_lock);
2875 2901 error = conn_build_hdr_template(connp, ulplen, extralen,
2876 2902 &connp->conn_laddr_v6, &connp->conn_faddr_v6, connp->conn_flowinfo);
2877 2903 mutex_exit(&connp->conn_lock);
2878 2904 if (error != 0)
2879 2905 return (error);
2880 2906
2881 2907 /*
2882 2908 * Any routing header/option has been massaged. The checksum difference
2883 2909 * is stored in conn_sum for later use.
2884 2910 */
2885 2911 tcpha = (tcpha_t *)connp->conn_ht_ulp;
2886 2912 tcp->tcp_tcpha = tcpha;
2887 2913
2888 2914 /* restore any old tcp header */
2889 2915 if (buflen != 0) {
2890 2916 bcopy(buf, connp->conn_ht_ulp, buflen);
2891 2917 } else {
2892 2918 tcpha->tha_sum = 0;
2893 2919 tcpha->tha_urp = 0;
2894 2920 tcpha->tha_ack = 0;
2895 2921 tcpha->tha_offset_and_reserved = (5 << 4);
2896 2922 tcpha->tha_lport = connp->conn_lport;
2897 2923 tcpha->tha_fport = connp->conn_fport;
2898 2924 }
2899 2925
2900 2926 /*
2901 2927 * IP wants our header length in the checksum field to
2902 2928 * allow it to perform a single pseudo-header+checksum
2903 2929 * calculation on behalf of TCP.
2904 2930 * Include the adjustment for a source route once IP_OPTIONS is set.
2905 2931 */
2906 2932 cksum = sizeof (tcpha_t) + connp->conn_sum;
2907 2933 cksum = (cksum >> 16) + (cksum & 0xFFFF);
2908 2934 ASSERT(cksum < 0x10000);
2909 2935 tcpha->tha_sum = htons(cksum);
2910 2936
2911 2937 if (connp->conn_ipversion == IPV4_VERSION)
2912 2938 tcp->tcp_ipha = (ipha_t *)connp->conn_ht_iphc;
2913 2939 else
2914 2940 tcp->tcp_ip6h = (ip6_t *)connp->conn_ht_iphc;
2915 2941
2916 2942 if (connp->conn_ht_iphc_allocated + tcps->tcps_wroff_xtra >
2917 2943 connp->conn_wroff) {
2918 2944 connp->conn_wroff = connp->conn_ht_iphc_allocated +
2919 2945 tcps->tcps_wroff_xtra;
2920 2946 (void) proto_set_tx_wroff(connp->conn_rq, connp,
2921 2947 connp->conn_wroff);
2922 2948 }
2923 2949 return (0);
2924 2950 }
2925 2951
2926 2952 /*
2927 2953 * tcp_rwnd_set() is called to adjust the receive window to a desired value.
2928 2954 * We do not allow the receive window to shrink. After setting rwnd,
2929 2955 * set the flow control hiwat of the stream.
2930 2956 *
2931 2957 * This function is called in 2 cases:
2932 2958 *
2933 2959 * 1) Before data transfer begins, in tcp_input_listener() for accepting a
2934 2960 * connection (passive open) and in tcp_input_data() for active connect.
2935 2961 * This is called after tcp_mss_set() when the desired MSS value is known.
2936 2962 * This makes sure that our window size is a mutiple of the other side's
2937 2963 * MSS.
2938 2964 * 2) Handling SO_RCVBUF option.
2939 2965 *
2940 2966 * It is ASSUMED that the requested size is a multiple of the current MSS.
2941 2967 *
2942 2968 * XXX - Should allow a lower rwnd than tcp_recv_hiwat_minmss * mss if the
2943 2969 * user requests so.
2944 2970 */
2945 2971 int
2946 2972 tcp_rwnd_set(tcp_t *tcp, uint32_t rwnd)
2947 2973 {
2948 2974 uint32_t mss = tcp->tcp_mss;
2949 2975 uint32_t old_max_rwnd;
2950 2976 uint32_t max_transmittable_rwnd;
2951 2977 boolean_t tcp_detached = TCP_IS_DETACHED(tcp);
2952 2978 tcp_stack_t *tcps = tcp->tcp_tcps;
2953 2979 conn_t *connp = tcp->tcp_connp;
2954 2980
2955 2981 /*
2956 2982 * Insist on a receive window that is at least
2957 2983 * tcp_recv_hiwat_minmss * MSS (default 4 * MSS) to avoid
2958 2984 * funny TCP interactions of Nagle algorithm, SWS avoidance
2959 2985 * and delayed acknowledgement.
2960 2986 */
2961 2987 rwnd = MAX(rwnd, tcps->tcps_recv_hiwat_minmss * mss);
2962 2988
2963 2989 if (tcp->tcp_fused) {
2964 2990 size_t sth_hiwat;
2965 2991 tcp_t *peer_tcp = tcp->tcp_loopback_peer;
2966 2992
2967 2993 ASSERT(peer_tcp != NULL);
2968 2994 sth_hiwat = tcp_fuse_set_rcv_hiwat(tcp, rwnd);
2969 2995 if (!tcp_detached) {
2970 2996 (void) proto_set_rx_hiwat(connp->conn_rq, connp,
2971 2997 sth_hiwat);
2972 2998 tcp_set_recv_threshold(tcp, sth_hiwat >> 3);
2973 2999 }
2974 3000
2975 3001 /* Caller could have changed tcp_rwnd; update tha_win */
2976 3002 if (tcp->tcp_tcpha != NULL) {
2977 3003 tcp->tcp_tcpha->tha_win =
2978 3004 htons(tcp->tcp_rwnd >> tcp->tcp_rcv_ws);
2979 3005 }
2980 3006 if ((tcp->tcp_rcv_ws > 0) && rwnd > tcp->tcp_cwnd_max)
2981 3007 tcp->tcp_cwnd_max = rwnd;
2982 3008
2983 3009 /*
2984 3010 * In the fusion case, the maxpsz stream head value of
2985 3011 * our peer is set according to its send buffer size
2986 3012 * and our receive buffer size; since the latter may
2987 3013 * have changed we need to update the peer's maxpsz.
2988 3014 */
2989 3015 (void) tcp_maxpsz_set(peer_tcp, B_TRUE);
2990 3016 return (sth_hiwat);
2991 3017 }
2992 3018
2993 3019 if (tcp_detached)
2994 3020 old_max_rwnd = tcp->tcp_rwnd;
2995 3021 else
2996 3022 old_max_rwnd = connp->conn_rcvbuf;
2997 3023
2998 3024
2999 3025 /*
3000 3026 * If window size info has already been exchanged, TCP should not
3001 3027 * shrink the window. Shrinking window is doable if done carefully.
3002 3028 * We may add that support later. But so far there is not a real
3003 3029 * need to do that.
3004 3030 */
3005 3031 if (rwnd < old_max_rwnd && tcp->tcp_state > TCPS_SYN_SENT) {
3006 3032 /* MSS may have changed, do a round up again. */
3007 3033 rwnd = MSS_ROUNDUP(old_max_rwnd, mss);
3008 3034 }
3009 3035
3010 3036 /*
3011 3037 * tcp_rcv_ws starts with TCP_MAX_WINSHIFT so the following check
3012 3038 * can be applied even before the window scale option is decided.
3013 3039 */
3014 3040 max_transmittable_rwnd = TCP_MAXWIN << tcp->tcp_rcv_ws;
3015 3041 if (rwnd > max_transmittable_rwnd) {
3016 3042 rwnd = max_transmittable_rwnd -
3017 3043 (max_transmittable_rwnd % mss);
3018 3044 if (rwnd < mss)
3019 3045 rwnd = max_transmittable_rwnd;
3020 3046 /*
3021 3047 * If we're over the limit we may have to back down tcp_rwnd.
3022 3048 * The increment below won't work for us. So we set all three
3023 3049 * here and the increment below will have no effect.
3024 3050 */
3025 3051 tcp->tcp_rwnd = old_max_rwnd = rwnd;
3026 3052 }
3027 3053 if (tcp->tcp_localnet) {
3028 3054 tcp->tcp_rack_abs_max =
3029 3055 MIN(tcps->tcps_local_dacks_max, rwnd / mss / 2);
3030 3056 } else {
3031 3057 /*
3032 3058 * For a remote host on a different subnet (through a router),
3033 3059 * we ack every other packet to be conforming to RFC1122.
3034 3060 * tcp_deferred_acks_max is default to 2.
3035 3061 */
3036 3062 tcp->tcp_rack_abs_max =
3037 3063 MIN(tcps->tcps_deferred_acks_max, rwnd / mss / 2);
3038 3064 }
3039 3065 if (tcp->tcp_rack_cur_max > tcp->tcp_rack_abs_max)
3040 3066 tcp->tcp_rack_cur_max = tcp->tcp_rack_abs_max;
3041 3067 else
3042 3068 tcp->tcp_rack_cur_max = 0;
3043 3069 /*
3044 3070 * Increment the current rwnd by the amount the maximum grew (we
3045 3071 * can not overwrite it since we might be in the middle of a
3046 3072 * connection.)
3047 3073 */
3048 3074 tcp->tcp_rwnd += rwnd - old_max_rwnd;
3049 3075 connp->conn_rcvbuf = rwnd;
3050 3076
3051 3077 /* Are we already connected? */
3052 3078 if (tcp->tcp_tcpha != NULL) {
3053 3079 tcp->tcp_tcpha->tha_win =
3054 3080 htons(tcp->tcp_rwnd >> tcp->tcp_rcv_ws);
3055 3081 }
3056 3082
3057 3083 if ((tcp->tcp_rcv_ws > 0) && rwnd > tcp->tcp_cwnd_max)
3058 3084 tcp->tcp_cwnd_max = rwnd;
3059 3085
3060 3086 if (tcp_detached)
3061 3087 return (rwnd);
3062 3088
3063 3089 tcp_set_recv_threshold(tcp, rwnd >> 3);
3064 3090
3065 3091 (void) proto_set_rx_hiwat(connp->conn_rq, connp, rwnd);
3066 3092 return (rwnd);
3067 3093 }
3068 3094
3069 3095 int
3070 3096 tcp_do_unbind(conn_t *connp)
3071 3097 {
3072 3098 tcp_t *tcp = connp->conn_tcp;
3073 3099 int32_t oldstate;
3074 3100
3075 3101 switch (tcp->tcp_state) {
3076 3102 case TCPS_BOUND:
3077 3103 case TCPS_LISTEN:
3078 3104 break;
3079 3105 default:
3080 3106 return (-TOUTSTATE);
3081 3107 }
3082 3108
3083 3109 /*
3084 3110 * Need to clean up all the eagers since after the unbind, segments
3085 3111 * will no longer be delivered to this listener stream.
3086 3112 */
3087 3113 mutex_enter(&tcp->tcp_eager_lock);
3088 3114 if (tcp->tcp_conn_req_cnt_q0 != 0 || tcp->tcp_conn_req_cnt_q != 0) {
3089 3115 tcp_eager_cleanup(tcp, 0);
3090 3116 }
3091 3117 mutex_exit(&tcp->tcp_eager_lock);
3092 3118
3093 3119 /* Clean up the listener connection counter if necessary. */
3094 3120 if (tcp->tcp_listen_cnt != NULL)
3095 3121 TCP_DECR_LISTEN_CNT(tcp);
3096 3122 connp->conn_laddr_v6 = ipv6_all_zeros;
3097 3123 connp->conn_saddr_v6 = ipv6_all_zeros;
3098 3124 tcp_bind_hash_remove(tcp);
3099 3125 oldstate = tcp->tcp_state;
3100 3126 tcp->tcp_state = TCPS_IDLE;
3101 3127 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
3102 3128 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
3103 3129 int32_t, oldstate);
3104 3130
3105 3131 ip_unbind(connp);
3106 3132 bzero(&connp->conn_ports, sizeof (connp->conn_ports));
3107 3133
3108 3134 return (0);
3109 3135 }
3110 3136
3111 3137 /*
3112 3138 * Collect protocol properties to send to the upper handle.
3113 3139 */
3114 3140 void
3115 3141 tcp_get_proto_props(tcp_t *tcp, struct sock_proto_props *sopp)
3116 3142 {
3117 3143 conn_t *connp = tcp->tcp_connp;
3118 3144
3119 3145 sopp->sopp_flags = SOCKOPT_RCVHIWAT | SOCKOPT_MAXBLK | SOCKOPT_WROFF;
3120 3146 sopp->sopp_maxblk = tcp_maxpsz_set(tcp, B_FALSE);
3121 3147
3122 3148 sopp->sopp_rxhiwat = tcp->tcp_fused ?
3123 3149 tcp_fuse_set_rcv_hiwat(tcp, connp->conn_rcvbuf) :
3124 3150 connp->conn_rcvbuf;
3125 3151 /*
3126 3152 * Determine what write offset value to use depending on SACK and
3127 3153 * whether the endpoint is fused or not.
3128 3154 */
3129 3155 if (tcp->tcp_fused) {
3130 3156 ASSERT(tcp->tcp_loopback);
3131 3157 ASSERT(tcp->tcp_loopback_peer != NULL);
3132 3158 /*
3133 3159 * For fused tcp loopback, set the stream head's write
3134 3160 * offset value to zero since we won't be needing any room
3135 3161 * for TCP/IP headers. This would also improve performance
3136 3162 * since it would reduce the amount of work done by kmem.
3137 3163 * Non-fused tcp loopback case is handled separately below.
3138 3164 */
3139 3165 sopp->sopp_wroff = 0;
3140 3166 /*
3141 3167 * Update the peer's transmit parameters according to
3142 3168 * our recently calculated high water mark value.
3143 3169 */
3144 3170 (void) tcp_maxpsz_set(tcp->tcp_loopback_peer, B_TRUE);
3145 3171 } else if (tcp->tcp_snd_sack_ok) {
3146 3172 sopp->sopp_wroff = connp->conn_ht_iphc_allocated +
3147 3173 (tcp->tcp_loopback ? 0 : tcp->tcp_tcps->tcps_wroff_xtra);
3148 3174 } else {
3149 3175 sopp->sopp_wroff = connp->conn_ht_iphc_len +
3150 3176 (tcp->tcp_loopback ? 0 : tcp->tcp_tcps->tcps_wroff_xtra);
3151 3177 }
3152 3178
3153 3179 if (tcp->tcp_loopback) {
3154 3180 sopp->sopp_flags |= SOCKOPT_LOOPBACK;
3155 3181 sopp->sopp_loopback = B_TRUE;
3156 3182 }
3157 3183 }
3158 3184
3159 3185 /*
3160 3186 * Check the usability of ZEROCOPY. It's instead checking the flag set by IP.
3161 3187 */
3162 3188 boolean_t
3163 3189 tcp_zcopy_check(tcp_t *tcp)
3164 3190 {
3165 3191 conn_t *connp = tcp->tcp_connp;
3166 3192 ip_xmit_attr_t *ixa = connp->conn_ixa;
3167 3193 boolean_t zc_enabled = B_FALSE;
3168 3194 tcp_stack_t *tcps = tcp->tcp_tcps;
3169 3195
3170 3196 if (do_tcpzcopy == 2)
3171 3197 zc_enabled = B_TRUE;
3172 3198 else if ((do_tcpzcopy == 1) && (ixa->ixa_flags & IXAF_ZCOPY_CAPAB))
3173 3199 zc_enabled = B_TRUE;
3174 3200
3175 3201 tcp->tcp_snd_zcopy_on = zc_enabled;
3176 3202 if (!TCP_IS_DETACHED(tcp)) {
3177 3203 if (zc_enabled) {
3178 3204 ixa->ixa_flags |= IXAF_VERIFY_ZCOPY;
3179 3205 (void) proto_set_tx_copyopt(connp->conn_rq, connp,
3180 3206 ZCVMSAFE);
3181 3207 TCP_STAT(tcps, tcp_zcopy_on);
3182 3208 } else {
3183 3209 ixa->ixa_flags &= ~IXAF_VERIFY_ZCOPY;
3184 3210 (void) proto_set_tx_copyopt(connp->conn_rq, connp,
3185 3211 ZCVMUNSAFE);
3186 3212 TCP_STAT(tcps, tcp_zcopy_off);
3187 3213 }
3188 3214 }
3189 3215 return (zc_enabled);
3190 3216 }
3191 3217
3192 3218 /*
3193 3219 * Backoff from a zero-copy message by copying data to a new allocated
3194 3220 * message and freeing the original desballoca'ed segmapped message.
3195 3221 *
3196 3222 * This function is called by following two callers:
3197 3223 * 1. tcp_timer: fix_xmitlist is set to B_TRUE, because it's safe to free
3198 3224 * the origial desballoca'ed message and notify sockfs. This is in re-
3199 3225 * transmit state.
3200 3226 * 2. tcp_output: fix_xmitlist is set to B_FALSE. Flag STRUIO_ZCNOTIFY need
3201 3227 * to be copied to new message.
3202 3228 */
3203 3229 mblk_t *
3204 3230 tcp_zcopy_backoff(tcp_t *tcp, mblk_t *bp, boolean_t fix_xmitlist)
3205 3231 {
3206 3232 mblk_t *nbp;
3207 3233 mblk_t *head = NULL;
3208 3234 mblk_t *tail = NULL;
3209 3235 tcp_stack_t *tcps = tcp->tcp_tcps;
3210 3236
3211 3237 ASSERT(bp != NULL);
3212 3238 while (bp != NULL) {
3213 3239 if (IS_VMLOANED_MBLK(bp)) {
3214 3240 TCP_STAT(tcps, tcp_zcopy_backoff);
3215 3241 if ((nbp = copyb(bp)) == NULL) {
3216 3242 tcp->tcp_xmit_zc_clean = B_FALSE;
3217 3243 if (tail != NULL)
3218 3244 tail->b_cont = bp;
3219 3245 return ((head == NULL) ? bp : head);
3220 3246 }
3221 3247
3222 3248 if (bp->b_datap->db_struioflag & STRUIO_ZCNOTIFY) {
3223 3249 if (fix_xmitlist)
3224 3250 tcp_zcopy_notify(tcp);
3225 3251 else
3226 3252 nbp->b_datap->db_struioflag |=
3227 3253 STRUIO_ZCNOTIFY;
3228 3254 }
3229 3255 nbp->b_cont = bp->b_cont;
3230 3256
3231 3257 /*
3232 3258 * Copy saved information and adjust tcp_xmit_tail
3233 3259 * if needed.
3234 3260 */
3235 3261 if (fix_xmitlist) {
3236 3262 nbp->b_prev = bp->b_prev;
3237 3263 nbp->b_next = bp->b_next;
3238 3264
3239 3265 if (tcp->tcp_xmit_tail == bp)
3240 3266 tcp->tcp_xmit_tail = nbp;
3241 3267 }
3242 3268
3243 3269 /* Free the original message. */
3244 3270 bp->b_prev = NULL;
3245 3271 bp->b_next = NULL;
3246 3272 freeb(bp);
3247 3273
3248 3274 bp = nbp;
3249 3275 }
3250 3276
3251 3277 if (head == NULL) {
3252 3278 head = bp;
3253 3279 }
3254 3280 if (tail == NULL) {
3255 3281 tail = bp;
3256 3282 } else {
3257 3283 tail->b_cont = bp;
3258 3284 tail = bp;
3259 3285 }
3260 3286
3261 3287 /* Move forward. */
3262 3288 bp = bp->b_cont;
3263 3289 }
3264 3290
3265 3291 if (fix_xmitlist) {
3266 3292 tcp->tcp_xmit_last = tail;
3267 3293 tcp->tcp_xmit_zc_clean = B_TRUE;
3268 3294 }
3269 3295
3270 3296 return (head);
3271 3297 }
3272 3298
3273 3299 void
3274 3300 tcp_zcopy_notify(tcp_t *tcp)
3275 3301 {
3276 3302 struct stdata *stp;
3277 3303 conn_t *connp;
3278 3304
3279 3305 if (tcp->tcp_detached)
3280 3306 return;
3281 3307 connp = tcp->tcp_connp;
3282 3308 if (IPCL_IS_NONSTR(connp)) {
3283 3309 (*connp->conn_upcalls->su_zcopy_notify)
3284 3310 (connp->conn_upper_handle);
3285 3311 return;
3286 3312 }
3287 3313 stp = STREAM(connp->conn_rq);
3288 3314 mutex_enter(&stp->sd_lock);
3289 3315 stp->sd_flag |= STZCNOTIFY;
3290 3316 cv_broadcast(&stp->sd_zcopy_wait);
3291 3317 mutex_exit(&stp->sd_lock);
3292 3318 }
3293 3319
3294 3320 /*
3295 3321 * Update the TCP connection according to change of LSO capability.
3296 3322 */
3297 3323 static void
3298 3324 tcp_update_lso(tcp_t *tcp, ip_xmit_attr_t *ixa)
3299 3325 {
3300 3326 /*
3301 3327 * We check against IPv4 header length to preserve the old behavior
3302 3328 * of only enabling LSO when there are no IP options.
3303 3329 * But this restriction might not be necessary at all. Before removing
3304 3330 * it, need to verify how LSO is handled for source routing case, with
3305 3331 * which IP does software checksum.
3306 3332 *
3307 3333 * For IPv6, whenever any extension header is needed, LSO is supressed.
3308 3334 */
3309 3335 if (ixa->ixa_ip_hdr_length != ((ixa->ixa_flags & IXAF_IS_IPV4) ?
3310 3336 IP_SIMPLE_HDR_LENGTH : IPV6_HDR_LEN))
3311 3337 return;
3312 3338
3313 3339 /*
3314 3340 * Either the LSO capability newly became usable, or it has changed.
3315 3341 */
3316 3342 if (ixa->ixa_flags & IXAF_LSO_CAPAB) {
3317 3343 ill_lso_capab_t *lsoc = &ixa->ixa_lso_capab;
3318 3344 uint_t lso_max = (ixa->ixa_flags & IXAF_IS_IPV4) ?
3319 3345 lsoc->ill_lso_max_tcpv4 : lsoc->ill_lso_max_tcpv6;
3320 3346
3321 3347 ASSERT3U(lso_max, >, 0);
3322 3348 tcp->tcp_lso_max = MIN(TCP_MAX_LSO_LENGTH, lso_max);
3323 3349
3324 3350 DTRACE_PROBE3(tcp_update_lso, boolean_t, tcp->tcp_lso,
3325 3351 boolean_t, B_TRUE, uint32_t, tcp->tcp_lso_max);
3326 3352
3327 3353 /*
3328 3354 * If LSO to be enabled, notify the STREAM header with larger
3329 3355 * data block.
3330 3356 */
3331 3357 if (!tcp->tcp_lso)
3332 3358 tcp->tcp_maxpsz_multiplier = 0;
3333 3359
3334 3360 tcp->tcp_lso = B_TRUE;
3335 3361 TCP_STAT(tcp->tcp_tcps, tcp_lso_enabled);
3336 3362 } else { /* LSO capability is not usable any more. */
3337 3363 DTRACE_PROBE3(tcp_update_lso, boolean_t, tcp->tcp_lso,
3338 3364 boolean_t, B_FALSE, uint32_t, tcp->tcp_lso_max);
3339 3365
3340 3366 /*
3341 3367 * If LSO to be disabled, notify the STREAM header with smaller
3342 3368 * data block. And need to restore fragsize to PMTU.
3343 3369 */
3344 3370 if (tcp->tcp_lso) {
3345 3371 tcp->tcp_maxpsz_multiplier =
3346 3372 tcp->tcp_tcps->tcps_maxpsz_multiplier;
3347 3373 ixa->ixa_fragsize = ixa->ixa_pmtu;
3348 3374 tcp->tcp_lso = B_FALSE;
3349 3375 TCP_STAT(tcp->tcp_tcps, tcp_lso_disabled);
3350 3376 }
3351 3377 }
3352 3378
3353 3379 (void) tcp_maxpsz_set(tcp, B_TRUE);
3354 3380 }
3355 3381
3356 3382 /*
3357 3383 * Update the TCP connection according to change of ZEROCOPY capability.
3358 3384 */
3359 3385 static void
3360 3386 tcp_update_zcopy(tcp_t *tcp)
3361 3387 {
3362 3388 conn_t *connp = tcp->tcp_connp;
3363 3389 tcp_stack_t *tcps = tcp->tcp_tcps;
3364 3390
3365 3391 if (tcp->tcp_snd_zcopy_on) {
3366 3392 tcp->tcp_snd_zcopy_on = B_FALSE;
3367 3393 if (!TCP_IS_DETACHED(tcp)) {
3368 3394 (void) proto_set_tx_copyopt(connp->conn_rq, connp,
3369 3395 ZCVMUNSAFE);
3370 3396 TCP_STAT(tcps, tcp_zcopy_off);
3371 3397 }
3372 3398 } else {
3373 3399 tcp->tcp_snd_zcopy_on = B_TRUE;
3374 3400 if (!TCP_IS_DETACHED(tcp)) {
3375 3401 (void) proto_set_tx_copyopt(connp->conn_rq, connp,
3376 3402 ZCVMSAFE);
3377 3403 TCP_STAT(tcps, tcp_zcopy_on);
3378 3404 }
3379 3405 }
3380 3406 }
3381 3407
3382 3408 /*
3383 3409 * Notify function registered with ip_xmit_attr_t. It's called in the squeue
3384 3410 * so it's safe to update the TCP connection.
3385 3411 */
3386 3412 /* ARGSUSED1 */
3387 3413 static void
3388 3414 tcp_notify(void *arg, ip_xmit_attr_t *ixa, ixa_notify_type_t ntype,
3389 3415 ixa_notify_arg_t narg)
3390 3416 {
3391 3417 tcp_t *tcp = (tcp_t *)arg;
3392 3418 conn_t *connp = tcp->tcp_connp;
3393 3419
3394 3420 switch (ntype) {
3395 3421 case IXAN_LSO:
3396 3422 tcp_update_lso(tcp, connp->conn_ixa);
3397 3423 break;
3398 3424 case IXAN_PMTU:
3399 3425 tcp_update_pmtu(tcp, B_FALSE);
3400 3426 break;
3401 3427 case IXAN_ZCOPY:
3402 3428 tcp_update_zcopy(tcp);
3403 3429 break;
3404 3430 default:
3405 3431 break;
3406 3432 }
3407 3433 }
3408 3434
3409 3435 /*
3410 3436 * The TCP write service routine should never be called...
3411 3437 */
3412 3438 /* ARGSUSED */
3413 3439 static int
3414 3440 tcp_wsrv(queue_t *q)
3415 3441 {
3416 3442 tcp_stack_t *tcps = Q_TO_TCP(q)->tcp_tcps;
3417 3443
3418 3444 TCP_STAT(tcps, tcp_wsrv_called);
3419 3445 return (0);
3420 3446 }
3421 3447
3422 3448 /*
3423 3449 * Hash list lookup routine for tcp_t structures.
3424 3450 * Returns with a CONN_INC_REF tcp structure. Caller must do a CONN_DEC_REF.
3425 3451 */
3426 3452 tcp_t *
3427 3453 tcp_acceptor_hash_lookup(t_uscalar_t id, tcp_stack_t *tcps)
3428 3454 {
3429 3455 tf_t *tf;
3430 3456 tcp_t *tcp;
3431 3457
3432 3458 tf = &tcps->tcps_acceptor_fanout[TCP_ACCEPTOR_HASH(id)];
3433 3459 mutex_enter(&tf->tf_lock);
3434 3460 for (tcp = tf->tf_tcp; tcp != NULL;
3435 3461 tcp = tcp->tcp_acceptor_hash) {
3436 3462 if (tcp->tcp_acceptor_id == id) {
3437 3463 CONN_INC_REF(tcp->tcp_connp);
3438 3464 mutex_exit(&tf->tf_lock);
3439 3465 return (tcp);
3440 3466 }
3441 3467 }
3442 3468 mutex_exit(&tf->tf_lock);
3443 3469 return (NULL);
3444 3470 }
3445 3471
3446 3472 /*
3447 3473 * Hash list insertion routine for tcp_t structures.
3448 3474 */
3449 3475 void
3450 3476 tcp_acceptor_hash_insert(t_uscalar_t id, tcp_t *tcp)
3451 3477 {
3452 3478 tf_t *tf;
3453 3479 tcp_t **tcpp;
3454 3480 tcp_t *tcpnext;
3455 3481 tcp_stack_t *tcps = tcp->tcp_tcps;
3456 3482
3457 3483 tf = &tcps->tcps_acceptor_fanout[TCP_ACCEPTOR_HASH(id)];
3458 3484
3459 3485 if (tcp->tcp_ptpahn != NULL)
3460 3486 tcp_acceptor_hash_remove(tcp);
3461 3487 tcpp = &tf->tf_tcp;
3462 3488 mutex_enter(&tf->tf_lock);
3463 3489 tcpnext = tcpp[0];
3464 3490 if (tcpnext)
3465 3491 tcpnext->tcp_ptpahn = &tcp->tcp_acceptor_hash;
3466 3492 tcp->tcp_acceptor_hash = tcpnext;
3467 3493 tcp->tcp_ptpahn = tcpp;
3468 3494 tcpp[0] = tcp;
3469 3495 tcp->tcp_acceptor_lockp = &tf->tf_lock; /* For tcp_*_hash_remove */
3470 3496 mutex_exit(&tf->tf_lock);
3471 3497 }
3472 3498
3473 3499 /*
3474 3500 * Hash list removal routine for tcp_t structures.
3475 3501 */
3476 3502 void
3477 3503 tcp_acceptor_hash_remove(tcp_t *tcp)
3478 3504 {
3479 3505 tcp_t *tcpnext;
3480 3506 kmutex_t *lockp;
3481 3507
3482 3508 /*
3483 3509 * Extract the lock pointer in case there are concurrent
3484 3510 * hash_remove's for this instance.
3485 3511 */
3486 3512 lockp = tcp->tcp_acceptor_lockp;
3487 3513
3488 3514 if (tcp->tcp_ptpahn == NULL)
3489 3515 return;
3490 3516
3491 3517 ASSERT(lockp != NULL);
3492 3518 mutex_enter(lockp);
3493 3519 if (tcp->tcp_ptpahn) {
3494 3520 tcpnext = tcp->tcp_acceptor_hash;
3495 3521 if (tcpnext) {
3496 3522 tcpnext->tcp_ptpahn = tcp->tcp_ptpahn;
3497 3523 tcp->tcp_acceptor_hash = NULL;
3498 3524 }
3499 3525 *tcp->tcp_ptpahn = tcpnext;
3500 3526 tcp->tcp_ptpahn = NULL;
3501 3527 }
3502 3528 mutex_exit(lockp);
3503 3529 tcp->tcp_acceptor_lockp = NULL;
3504 3530 }
3505 3531
3506 3532 /*
3507 3533 * Type three generator adapted from the random() function in 4.4 BSD:
3508 3534 */
3509 3535
3510 3536 /*
3511 3537 * Copyright (c) 1983, 1993
3512 3538 * The Regents of the University of California. All rights reserved.
3513 3539 *
3514 3540 * Redistribution and use in source and binary forms, with or without
3515 3541 * modification, are permitted provided that the following conditions
3516 3542 * are met:
3517 3543 * 1. Redistributions of source code must retain the above copyright
3518 3544 * notice, this list of conditions and the following disclaimer.
3519 3545 * 2. Redistributions in binary form must reproduce the above copyright
3520 3546 * notice, this list of conditions and the following disclaimer in the
3521 3547 * documentation and/or other materials provided with the distribution.
3522 3548 * 3. All advertising materials mentioning features or use of this software
3523 3549 * must display the following acknowledgement:
3524 3550 * This product includes software developed by the University of
3525 3551 * California, Berkeley and its contributors.
3526 3552 * 4. Neither the name of the University nor the names of its contributors
3527 3553 * may be used to endorse or promote products derived from this software
3528 3554 * without specific prior written permission.
3529 3555 *
3530 3556 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
3531 3557 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
3532 3558 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
3533 3559 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
3534 3560 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
3535 3561 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
3536 3562 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
3537 3563 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
3538 3564 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
3539 3565 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
3540 3566 * SUCH DAMAGE.
3541 3567 */
3542 3568
3543 3569 /* Type 3 -- x**31 + x**3 + 1 */
3544 3570 #define DEG_3 31
3545 3571 #define SEP_3 3
3546 3572
3547 3573
3548 3574 /* Protected by tcp_random_lock */
3549 3575 static int tcp_randtbl[DEG_3 + 1];
3550 3576
3551 3577 static int *tcp_random_fptr = &tcp_randtbl[SEP_3 + 1];
3552 3578 static int *tcp_random_rptr = &tcp_randtbl[1];
3553 3579
3554 3580 static int *tcp_random_state = &tcp_randtbl[1];
3555 3581 static int *tcp_random_end_ptr = &tcp_randtbl[DEG_3 + 1];
3556 3582
3557 3583 kmutex_t tcp_random_lock;
3558 3584
3559 3585 void
3560 3586 tcp_random_init(void)
3561 3587 {
3562 3588 int i;
3563 3589 hrtime_t hrt;
3564 3590 time_t wallclock;
3565 3591 uint64_t result;
3566 3592
3567 3593 /*
3568 3594 * Use high-res timer and current time for seed. Gethrtime() returns
3569 3595 * a longlong, which may contain resolution down to nanoseconds.
3570 3596 * The current time will either be a 32-bit or a 64-bit quantity.
3571 3597 * XOR the two together in a 64-bit result variable.
3572 3598 * Convert the result to a 32-bit value by multiplying the high-order
3573 3599 * 32-bits by the low-order 32-bits.
3574 3600 */
3575 3601
3576 3602 hrt = gethrtime();
3577 3603 (void) drv_getparm(TIME, &wallclock);
3578 3604 result = (uint64_t)wallclock ^ (uint64_t)hrt;
3579 3605 mutex_enter(&tcp_random_lock);
3580 3606 tcp_random_state[0] = ((result >> 32) & 0xffffffff) *
3581 3607 (result & 0xffffffff);
3582 3608
3583 3609 for (i = 1; i < DEG_3; i++)
3584 3610 tcp_random_state[i] = 1103515245 * tcp_random_state[i - 1]
3585 3611 + 12345;
3586 3612 tcp_random_fptr = &tcp_random_state[SEP_3];
3587 3613 tcp_random_rptr = &tcp_random_state[0];
3588 3614 mutex_exit(&tcp_random_lock);
3589 3615 for (i = 0; i < 10 * DEG_3; i++)
3590 3616 (void) tcp_random();
3591 3617 }
3592 3618
3593 3619 /*
3594 3620 * tcp_random: Return a random number in the range [1 - (128K + 1)].
3595 3621 * This range is selected to be approximately centered on TCP_ISS / 2,
3596 3622 * and easy to compute. We get this value by generating a 32-bit random
3597 3623 * number, selecting out the high-order 17 bits, and then adding one so
3598 3624 * that we never return zero.
3599 3625 */
3600 3626 int
3601 3627 tcp_random(void)
3602 3628 {
3603 3629 int i;
3604 3630
3605 3631 mutex_enter(&tcp_random_lock);
3606 3632 *tcp_random_fptr += *tcp_random_rptr;
3607 3633
3608 3634 /*
3609 3635 * The high-order bits are more random than the low-order bits,
3610 3636 * so we select out the high-order 17 bits and add one so that
3611 3637 * we never return zero.
3612 3638 */
3613 3639 i = ((*tcp_random_fptr >> 15) & 0x1ffff) + 1;
3614 3640 if (++tcp_random_fptr >= tcp_random_end_ptr) {
3615 3641 tcp_random_fptr = tcp_random_state;
3616 3642 ++tcp_random_rptr;
3617 3643 } else if (++tcp_random_rptr >= tcp_random_end_ptr)
3618 3644 tcp_random_rptr = tcp_random_state;
3619 3645
3620 3646 mutex_exit(&tcp_random_lock);
3621 3647 return (i);
3622 3648 }
3623 3649
3624 3650 /*
3625 3651 * Split this function out so that if the secret changes, I'm okay.
3626 3652 *
3627 3653 * Initialize the tcp_iss_cookie and tcp_iss_key.
3628 3654 */
3629 3655
3630 3656 #define PASSWD_SIZE 16 /* MUST be multiple of 4 */
3631 3657
3632 3658 void
3633 3659 tcp_iss_key_init(uint8_t *phrase, int len, tcp_stack_t *tcps)
3634 3660 {
3635 3661 struct {
3636 3662 int32_t current_time;
3637 3663 uint32_t randnum;
3638 3664 uint16_t pad;
3639 3665 uint8_t ether[6];
3640 3666 uint8_t passwd[PASSWD_SIZE];
3641 3667 } tcp_iss_cookie;
3642 3668 time_t t;
3643 3669
3644 3670 /*
3645 3671 * Start with the current absolute time.
3646 3672 */
3647 3673 (void) drv_getparm(TIME, &t);
3648 3674 tcp_iss_cookie.current_time = t;
3649 3675
3650 3676 /*
3651 3677 * XXX - Need a more random number per RFC 1750, not this crap.
3652 3678 * OTOH, if what follows is pretty random, then I'm in better shape.
3653 3679 */
3654 3680 tcp_iss_cookie.randnum = (uint32_t)(gethrtime() + tcp_random());
3655 3681 tcp_iss_cookie.pad = 0x365c; /* Picked from HMAC pad values. */
3656 3682
3657 3683 /*
3658 3684 * The cpu_type_info is pretty non-random. Ugggh. It does serve
3659 3685 * as a good template.
3660 3686 */
3661 3687 bcopy(&cpu_list->cpu_type_info, &tcp_iss_cookie.passwd,
3662 3688 min(PASSWD_SIZE, sizeof (cpu_list->cpu_type_info)));
3663 3689
3664 3690 /*
3665 3691 * The pass-phrase. Normally this is supplied by user-called NDD.
3666 3692 */
3667 3693 bcopy(phrase, &tcp_iss_cookie.passwd, min(PASSWD_SIZE, len));
3668 3694
3669 3695 /*
3670 3696 * See 4010593 if this section becomes a problem again,
3671 3697 * but the local ethernet address is useful here.
3672 3698 */
3673 3699 (void) localetheraddr(NULL,
3674 3700 (struct ether_addr *)&tcp_iss_cookie.ether);
3675 3701
3676 3702 /*
3677 3703 * Hash 'em all together. The MD5Final is called per-connection.
3678 3704 */
3679 3705 mutex_enter(&tcps->tcps_iss_key_lock);
3680 3706 MD5Init(&tcps->tcps_iss_key);
3681 3707 MD5Update(&tcps->tcps_iss_key, (uchar_t *)&tcp_iss_cookie,
3682 3708 sizeof (tcp_iss_cookie));
3683 3709 mutex_exit(&tcps->tcps_iss_key_lock);
3684 3710 }
3685 3711
3686 3712 /*
3687 3713 * Called by IP when IP is loaded into the kernel
3688 3714 */
3689 3715 void
3690 3716 tcp_ddi_g_init(void)
3691 3717 {
3692 3718 tcp_timercache = kmem_cache_create("tcp_timercache",
3693 3719 sizeof (tcp_timer_t) + sizeof (mblk_t), 0,
3694 3720 NULL, NULL, NULL, NULL, NULL, 0);
3695 3721
3696 3722 tcp_notsack_blk_cache = kmem_cache_create("tcp_notsack_blk_cache",
3697 3723 sizeof (notsack_blk_t), 0, NULL, NULL, NULL, NULL, NULL, 0);
3698 3724
3699 3725 mutex_init(&tcp_random_lock, NULL, MUTEX_DEFAULT, NULL);
3700 3726
3701 3727 /* Initialize the random number generator */
3702 3728 tcp_random_init();
3703 3729
3704 3730 /* A single callback independently of how many netstacks we have */
3705 3731 ip_squeue_init(tcp_squeue_add);
3706 3732
3707 3733 tcp_g_kstat = tcp_g_kstat_init(&tcp_g_statistics);
3708 3734
3709 3735 tcp_squeue_flag = tcp_squeue_switch(tcp_squeue_wput);
3710 3736
3711 3737 /*
3712 3738 * We want to be informed each time a stack is created or
3713 3739 * destroyed in the kernel, so we can maintain the
3714 3740 * set of tcp_stack_t's.
3715 3741 */
3716 3742 netstack_register(NS_TCP, tcp_stack_init, NULL, tcp_stack_fini);
3717 3743 }
3718 3744
3719 3745
3720 3746 #define INET_NAME "ip"
3721 3747
3722 3748 /*
3723 3749 * Initialize the TCP stack instance.
3724 3750 */
3725 3751 static void *
3726 3752 tcp_stack_init(netstackid_t stackid, netstack_t *ns)
3727 3753 {
3728 3754 tcp_stack_t *tcps;
3729 3755 int i;
3730 3756 int error = 0;
3731 3757 major_t major;
3732 3758 size_t arrsz;
3733 3759
3734 3760 tcps = (tcp_stack_t *)kmem_zalloc(sizeof (*tcps), KM_SLEEP);
3735 3761 tcps->tcps_netstack = ns;
3736 3762
3737 3763 /* Initialize locks */
3738 3764 mutex_init(&tcps->tcps_iss_key_lock, NULL, MUTEX_DEFAULT, NULL);
3739 3765 mutex_init(&tcps->tcps_epriv_port_lock, NULL, MUTEX_DEFAULT, NULL);
3740 3766
3741 3767 tcps->tcps_g_num_epriv_ports = TCP_NUM_EPRIV_PORTS;
3742 3768 tcps->tcps_g_epriv_ports[0] = ULP_DEF_EPRIV_PORT1;
3743 3769 tcps->tcps_g_epriv_ports[1] = ULP_DEF_EPRIV_PORT2;
3744 3770 tcps->tcps_min_anonpriv_port = 512;
3745 3771
3746 3772 tcps->tcps_bind_fanout = kmem_zalloc(sizeof (tf_t) *
3747 3773 TCP_BIND_FANOUT_SIZE, KM_SLEEP);
3748 3774 tcps->tcps_acceptor_fanout = kmem_zalloc(sizeof (tf_t) *
3749 3775 TCP_ACCEPTOR_FANOUT_SIZE, KM_SLEEP);
3750 3776
3751 3777 for (i = 0; i < TCP_BIND_FANOUT_SIZE; i++) {
3752 3778 mutex_init(&tcps->tcps_bind_fanout[i].tf_lock, NULL,
3753 3779 MUTEX_DEFAULT, NULL);
3754 3780 }
3755 3781
3756 3782 for (i = 0; i < TCP_ACCEPTOR_FANOUT_SIZE; i++) {
3757 3783 mutex_init(&tcps->tcps_acceptor_fanout[i].tf_lock, NULL,
3758 3784 MUTEX_DEFAULT, NULL);
3759 3785 }
3760 3786
3761 3787 /* TCP's IPsec code calls the packet dropper. */
3762 3788 ip_drop_register(&tcps->tcps_dropper, "TCP IPsec policy enforcement");
3763 3789
3764 3790 arrsz = tcp_propinfo_count * sizeof (mod_prop_info_t);
3765 3791 tcps->tcps_propinfo_tbl = (mod_prop_info_t *)kmem_alloc(arrsz,
3766 3792 KM_SLEEP);
3767 3793 bcopy(tcp_propinfo_tbl, tcps->tcps_propinfo_tbl, arrsz);
3768 3794
3769 3795 /*
3770 3796 * Note: To really walk the device tree you need the devinfo
3771 3797 * pointer to your device which is only available after probe/attach.
3772 3798 * The following is safe only because it uses ddi_root_node()
3773 3799 */
3774 3800 tcp_max_optsize = optcom_max_optsize(tcp_opt_obj.odb_opt_des_arr,
3775 3801 tcp_opt_obj.odb_opt_arr_cnt);
3776 3802
3777 3803 /*
3778 3804 * Initialize RFC 1948 secret values. This will probably be reset once
3779 3805 * by the boot scripts.
3780 3806 *
3781 3807 * Use NULL name, as the name is caught by the new lockstats.
3782 3808 *
3783 3809 * Initialize with some random, non-guessable string, like the global
3784 3810 * T_INFO_ACK.
3785 3811 */
3786 3812
3787 3813 tcp_iss_key_init((uint8_t *)&tcp_g_t_info_ack,
3788 3814 sizeof (tcp_g_t_info_ack), tcps);
3789 3815
3790 3816 tcps->tcps_kstat = tcp_kstat2_init(stackid);
3791 3817 tcps->tcps_mibkp = tcp_kstat_init(stackid);
3792 3818
3793 3819 major = mod_name_to_major(INET_NAME);
3794 3820 error = ldi_ident_from_major(major, &tcps->tcps_ldi_ident);
3795 3821 ASSERT(error == 0);
3796 3822 tcps->tcps_ixa_cleanup_mp = allocb_wait(0, BPRI_MED, STR_NOSIG, NULL);
3797 3823 ASSERT(tcps->tcps_ixa_cleanup_mp != NULL);
3798 3824 cv_init(&tcps->tcps_ixa_cleanup_ready_cv, NULL, CV_DEFAULT, NULL);
3799 3825 cv_init(&tcps->tcps_ixa_cleanup_done_cv, NULL, CV_DEFAULT, NULL);
3800 3826 mutex_init(&tcps->tcps_ixa_cleanup_lock, NULL, MUTEX_DEFAULT, NULL);
3801 3827
3802 3828 mutex_init(&tcps->tcps_reclaim_lock, NULL, MUTEX_DEFAULT, NULL);
3803 3829 tcps->tcps_reclaim = B_FALSE;
3804 3830 tcps->tcps_reclaim_tid = 0;
3805 3831 tcps->tcps_reclaim_period = tcps->tcps_rexmit_interval_max;
3806 3832
3807 3833 /*
3808 3834 * ncpus is the current number of CPUs, which can be bigger than
3809 3835 * boot_ncpus. But we don't want to use ncpus to allocate all the
3810 3836 * tcp_stats_cpu_t at system boot up time since it will be 1. While
3811 3837 * we handle adding CPU in tcp_cpu_update(), it will be slow if
3812 3838 * there are many CPUs as we will be adding them 1 by 1.
3813 3839 *
3814 3840 * Note that tcps_sc_cnt never decreases and the tcps_sc[x] pointers
3815 3841 * are not freed until the stack is going away. So there is no need
3816 3842 * to grab a lock to access the per CPU tcps_sc[x] pointer.
3817 3843 */
3818 3844 mutex_enter(&cpu_lock);
3819 3845 tcps->tcps_sc_cnt = MAX(ncpus, boot_ncpus);
3820 3846 mutex_exit(&cpu_lock);
3821 3847 tcps->tcps_sc = kmem_zalloc(max_ncpus * sizeof (tcp_stats_cpu_t *),
3822 3848 KM_SLEEP);
3823 3849 for (i = 0; i < tcps->tcps_sc_cnt; i++) {
3824 3850 tcps->tcps_sc[i] = kmem_zalloc(sizeof (tcp_stats_cpu_t),
3825 3851 KM_SLEEP);
3826 3852 }
3827 3853
3828 3854 mutex_init(&tcps->tcps_listener_conf_lock, NULL, MUTEX_DEFAULT, NULL);
3829 3855 list_create(&tcps->tcps_listener_conf, sizeof (tcp_listener_t),
3830 3856 offsetof(tcp_listener_t, tl_link));
3831 3857
3832 3858 tcps->tcps_default_cc_algo = cc_load_algo(CC_DEFAULT_ALGO_NAME);
3833 3859 VERIFY3P(tcps->tcps_default_cc_algo, !=, NULL);
3834 3860
3835 3861 return (tcps);
3836 3862 }
3837 3863
3838 3864 /*
3839 3865 * Called when the IP module is about to be unloaded.
3840 3866 */
3841 3867 void
3842 3868 tcp_ddi_g_destroy(void)
3843 3869 {
3844 3870 tcp_g_kstat_fini(tcp_g_kstat);
3845 3871 tcp_g_kstat = NULL;
3846 3872 bzero(&tcp_g_statistics, sizeof (tcp_g_statistics));
3847 3873
3848 3874 mutex_destroy(&tcp_random_lock);
3849 3875
3850 3876 kmem_cache_destroy(tcp_timercache);
3851 3877 kmem_cache_destroy(tcp_notsack_blk_cache);
3852 3878
3853 3879 netstack_unregister(NS_TCP);
3854 3880 }
3855 3881
3856 3882 /*
3857 3883 * Free the TCP stack instance.
3858 3884 */
3859 3885 static void
3860 3886 tcp_stack_fini(netstackid_t stackid, void *arg)
3861 3887 {
3862 3888 tcp_stack_t *tcps = (tcp_stack_t *)arg;
3863 3889 int i;
3864 3890
3865 3891 freeb(tcps->tcps_ixa_cleanup_mp);
3866 3892 tcps->tcps_ixa_cleanup_mp = NULL;
3867 3893 cv_destroy(&tcps->tcps_ixa_cleanup_ready_cv);
3868 3894 cv_destroy(&tcps->tcps_ixa_cleanup_done_cv);
3869 3895 mutex_destroy(&tcps->tcps_ixa_cleanup_lock);
3870 3896
3871 3897 /*
3872 3898 * Set tcps_reclaim to false tells tcp_reclaim_timer() not to restart
3873 3899 * the timer.
3874 3900 */
3875 3901 mutex_enter(&tcps->tcps_reclaim_lock);
3876 3902 tcps->tcps_reclaim = B_FALSE;
3877 3903 mutex_exit(&tcps->tcps_reclaim_lock);
3878 3904 if (tcps->tcps_reclaim_tid != 0)
3879 3905 (void) untimeout(tcps->tcps_reclaim_tid);
3880 3906 mutex_destroy(&tcps->tcps_reclaim_lock);
3881 3907
3882 3908 tcp_listener_conf_cleanup(tcps);
3883 3909
3884 3910 for (i = 0; i < tcps->tcps_sc_cnt; i++)
3885 3911 kmem_free(tcps->tcps_sc[i], sizeof (tcp_stats_cpu_t));
3886 3912 kmem_free(tcps->tcps_sc, max_ncpus * sizeof (tcp_stats_cpu_t *));
3887 3913
3888 3914 kmem_free(tcps->tcps_propinfo_tbl,
3889 3915 tcp_propinfo_count * sizeof (mod_prop_info_t));
3890 3916 tcps->tcps_propinfo_tbl = NULL;
3891 3917
3892 3918 for (i = 0; i < TCP_BIND_FANOUT_SIZE; i++) {
3893 3919 ASSERT(tcps->tcps_bind_fanout[i].tf_tcp == NULL);
3894 3920 mutex_destroy(&tcps->tcps_bind_fanout[i].tf_lock);
3895 3921 }
3896 3922
3897 3923 for (i = 0; i < TCP_ACCEPTOR_FANOUT_SIZE; i++) {
3898 3924 ASSERT(tcps->tcps_acceptor_fanout[i].tf_tcp == NULL);
3899 3925 mutex_destroy(&tcps->tcps_acceptor_fanout[i].tf_lock);
3900 3926 }
3901 3927
3902 3928 kmem_free(tcps->tcps_bind_fanout, sizeof (tf_t) * TCP_BIND_FANOUT_SIZE);
3903 3929 tcps->tcps_bind_fanout = NULL;
3904 3930
3905 3931 kmem_free(tcps->tcps_acceptor_fanout, sizeof (tf_t) *
3906 3932 TCP_ACCEPTOR_FANOUT_SIZE);
3907 3933 tcps->tcps_acceptor_fanout = NULL;
3908 3934
3909 3935 mutex_destroy(&tcps->tcps_iss_key_lock);
3910 3936 mutex_destroy(&tcps->tcps_epriv_port_lock);
3911 3937
3912 3938 ip_drop_unregister(&tcps->tcps_dropper);
3913 3939
3914 3940 tcp_kstat2_fini(stackid, tcps->tcps_kstat);
3915 3941 tcps->tcps_kstat = NULL;
3916 3942
3917 3943 tcp_kstat_fini(stackid, tcps->tcps_mibkp);
3918 3944 tcps->tcps_mibkp = NULL;
3919 3945
3920 3946 ldi_ident_release(tcps->tcps_ldi_ident);
3921 3947 kmem_free(tcps, sizeof (*tcps));
3922 3948 }
3923 3949
3924 3950 /*
3925 3951 * Generate ISS, taking into account NDD changes may happen halfway through.
3926 3952 * (If the iss is not zero, set it.)
3927 3953 */
3928 3954
3929 3955 static void
3930 3956 tcp_iss_init(tcp_t *tcp)
3931 3957 {
3932 3958 MD5_CTX context;
3933 3959 struct { uint32_t ports; in6_addr_t src; in6_addr_t dst; } arg;
3934 3960 uint32_t answer[4];
3935 3961 tcp_stack_t *tcps = tcp->tcp_tcps;
3936 3962 conn_t *connp = tcp->tcp_connp;
3937 3963
3938 3964 tcps->tcps_iss_incr_extra += (tcps->tcps_iss_incr >> 1);
3939 3965 tcp->tcp_iss = tcps->tcps_iss_incr_extra;
3940 3966 switch (tcps->tcps_strong_iss) {
3941 3967 case 2:
3942 3968 mutex_enter(&tcps->tcps_iss_key_lock);
3943 3969 context = tcps->tcps_iss_key;
3944 3970 mutex_exit(&tcps->tcps_iss_key_lock);
3945 3971 arg.ports = connp->conn_ports;
3946 3972 arg.src = connp->conn_laddr_v6;
3947 3973 arg.dst = connp->conn_faddr_v6;
3948 3974 MD5Update(&context, (uchar_t *)&arg, sizeof (arg));
3949 3975 MD5Final((uchar_t *)answer, &context);
3950 3976 tcp->tcp_iss += answer[0] ^ answer[1] ^ answer[2] ^ answer[3];
3951 3977 /*
3952 3978 * Now that we've hashed into a unique per-connection sequence
3953 3979 * space, add a random increment per strong_iss == 1. So I
3954 3980 * guess we'll have to...
3955 3981 */
3956 3982 /* FALLTHRU */
3957 3983 case 1:
3958 3984 tcp->tcp_iss += (gethrtime() >> ISS_NSEC_SHT) + tcp_random();
3959 3985 break;
3960 3986 default:
3961 3987 tcp->tcp_iss += (uint32_t)gethrestime_sec() *
3962 3988 tcps->tcps_iss_incr;
3963 3989 break;
3964 3990 }
3965 3991 tcp->tcp_valid_bits = TCP_ISS_VALID;
3966 3992 tcp->tcp_fss = tcp->tcp_iss - 1;
3967 3993 tcp->tcp_suna = tcp->tcp_iss;
3968 3994 tcp->tcp_snxt = tcp->tcp_iss + 1;
3969 3995 tcp->tcp_rexmit_nxt = tcp->tcp_snxt;
3970 3996 tcp->tcp_csuna = tcp->tcp_snxt;
3971 3997 }
3972 3998
3973 3999 /*
3974 4000 * tcp_{set,clr}qfull() functions are used to either set or clear QFULL
3975 4001 * on the specified backing STREAMS q. Note, the caller may make the
3976 4002 * decision to call based on the tcp_t.tcp_flow_stopped value which
3977 4003 * when check outside the q's lock is only an advisory check ...
3978 4004 */
3979 4005 void
3980 4006 tcp_setqfull(tcp_t *tcp)
3981 4007 {
3982 4008 tcp_stack_t *tcps = tcp->tcp_tcps;
3983 4009 conn_t *connp = tcp->tcp_connp;
3984 4010
3985 4011 if (tcp->tcp_closed)
3986 4012 return;
3987 4013
3988 4014 conn_setqfull(connp, &tcp->tcp_flow_stopped);
3989 4015 if (tcp->tcp_flow_stopped)
3990 4016 TCP_STAT(tcps, tcp_flwctl_on);
3991 4017 }
3992 4018
3993 4019 void
3994 4020 tcp_clrqfull(tcp_t *tcp)
3995 4021 {
3996 4022 conn_t *connp = tcp->tcp_connp;
3997 4023
3998 4024 if (tcp->tcp_closed)
3999 4025 return;
4000 4026 conn_clrqfull(connp, &tcp->tcp_flow_stopped);
4001 4027 }
4002 4028
4003 4029 static int
4004 4030 tcp_squeue_switch(int val)
4005 4031 {
4006 4032 int rval = SQ_FILL;
4007 4033
4008 4034 switch (val) {
4009 4035 case 1:
4010 4036 rval = SQ_NODRAIN;
4011 4037 break;
4012 4038 case 2:
4013 4039 rval = SQ_PROCESS;
4014 4040 break;
4015 4041 default:
4016 4042 break;
4017 4043 }
4018 4044 return (rval);
4019 4045 }
4020 4046
4021 4047 /*
4022 4048 * This is called once for each squeue - globally for all stack
4023 4049 * instances.
4024 4050 */
4025 4051 static void
4026 4052 tcp_squeue_add(squeue_t *sqp)
4027 4053 {
4028 4054 tcp_squeue_priv_t *tcp_time_wait = kmem_zalloc(
4029 4055 sizeof (tcp_squeue_priv_t), KM_SLEEP);
4030 4056
4031 4057 *squeue_getprivate(sqp, SQPRIVATE_TCP) = (intptr_t)tcp_time_wait;
4032 4058 if (tcp_free_list_max_cnt == 0) {
4033 4059 int tcp_ncpus = ((boot_max_ncpus == -1) ?
4034 4060 max_ncpus : boot_max_ncpus);
4035 4061
4036 4062 /*
4037 4063 * Limit number of entries to 1% of availble memory / tcp_ncpus
4038 4064 */
4039 4065 tcp_free_list_max_cnt = (freemem * PAGESIZE) /
4040 4066 (tcp_ncpus * sizeof (tcp_t) * 100);
4041 4067 }
4042 4068 tcp_time_wait->tcp_free_list_cnt = 0;
4043 4069 }
4044 4070 /*
4045 4071 * Return unix error is tli error is TSYSERR, otherwise return a negative
4046 4072 * tli error.
4047 4073 */
4048 4074 int
4049 4075 tcp_do_bind(conn_t *connp, struct sockaddr *sa, socklen_t len, cred_t *cr,
4050 4076 boolean_t bind_to_req_port_only)
4051 4077 {
4052 4078 int error;
4053 4079 tcp_t *tcp = connp->conn_tcp;
4054 4080
4055 4081 if (tcp->tcp_state >= TCPS_BOUND) {
4056 4082 if (connp->conn_debug) {
4057 4083 (void) strlog(TCP_MOD_ID, 0, 1, SL_ERROR|SL_TRACE,
4058 4084 "tcp_bind: bad state, %d", tcp->tcp_state);
4059 4085 }
4060 4086 return (-TOUTSTATE);
4061 4087 }
4062 4088
4063 4089 error = tcp_bind_check(connp, sa, len, cr, bind_to_req_port_only);
4064 4090 if (error != 0)
4065 4091 return (error);
4066 4092
4067 4093 ASSERT(tcp->tcp_state == TCPS_BOUND);
4068 4094 tcp->tcp_conn_req_max = 0;
4069 4095 return (0);
4070 4096 }
4071 4097
4072 4098 /*
4073 4099 * If the return value from this function is positive, it's a UNIX error.
4074 4100 * Otherwise, if it's negative, then the absolute value is a TLI error.
4075 4101 * the TPI routine tcp_tpi_connect() is a wrapper function for this.
4076 4102 */
4077 4103 int
4078 4104 tcp_do_connect(conn_t *connp, const struct sockaddr *sa, socklen_t len,
4079 4105 cred_t *cr, pid_t pid)
4080 4106 {
4081 4107 tcp_t *tcp = connp->conn_tcp;
4082 4108 sin_t *sin = (sin_t *)sa;
4083 4109 sin6_t *sin6 = (sin6_t *)sa;
4084 4110 ipaddr_t *dstaddrp;
4085 4111 in_port_t dstport;
4086 4112 uint_t srcid;
4087 4113 int error;
4088 4114 uint32_t mss;
4089 4115 mblk_t *syn_mp;
4090 4116 tcp_stack_t *tcps = tcp->tcp_tcps;
4091 4117 int32_t oldstate;
4092 4118 ip_xmit_attr_t *ixa = connp->conn_ixa;
4093 4119
4094 4120 oldstate = tcp->tcp_state;
4095 4121
4096 4122 switch (len) {
4097 4123 default:
4098 4124 /*
4099 4125 * Should never happen
4100 4126 */
4101 4127 return (EINVAL);
4102 4128
4103 4129 case sizeof (sin_t):
4104 4130 sin = (sin_t *)sa;
4105 4131 if (sin->sin_port == 0) {
4106 4132 return (-TBADADDR);
4107 4133 }
4108 4134 if (connp->conn_ipv6_v6only) {
4109 4135 return (EAFNOSUPPORT);
4110 4136 }
4111 4137 break;
4112 4138
4113 4139 case sizeof (sin6_t):
4114 4140 sin6 = (sin6_t *)sa;
4115 4141 if (sin6->sin6_port == 0) {
4116 4142 return (-TBADADDR);
4117 4143 }
4118 4144 break;
4119 4145 }
4120 4146 /*
4121 4147 * If we're connecting to an IPv4-mapped IPv6 address, we need to
4122 4148 * make sure that the conn_ipversion is IPV4_VERSION. We
4123 4149 * need to this before we call tcp_bindi() so that the port lookup
4124 4150 * code will look for ports in the correct port space (IPv4 and
4125 4151 * IPv6 have separate port spaces).
4126 4152 */
4127 4153 if (connp->conn_family == AF_INET6 &&
4128 4154 connp->conn_ipversion == IPV6_VERSION &&
4129 4155 IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
4130 4156 if (connp->conn_ipv6_v6only)
4131 4157 return (EADDRNOTAVAIL);
4132 4158
4133 4159 connp->conn_ipversion = IPV4_VERSION;
4134 4160 }
4135 4161
4136 4162 switch (tcp->tcp_state) {
4137 4163 case TCPS_LISTEN:
4138 4164 /*
4139 4165 * Listening sockets are not allowed to issue connect().
4140 4166 */
4141 4167 if (IPCL_IS_NONSTR(connp))
4142 4168 return (EOPNOTSUPP);
4143 4169 /* FALLTHRU */
4144 4170 case TCPS_IDLE:
4145 4171 /*
4146 4172 * We support quick connect, refer to comments in
4147 4173 * tcp_connect_*()
4148 4174 */
4149 4175 /* FALLTHRU */
4150 4176 case TCPS_BOUND:
4151 4177 break;
4152 4178 default:
4153 4179 return (-TOUTSTATE);
4154 4180 }
4155 4181
4156 4182 /*
4157 4183 * We update our cred/cpid based on the caller of connect
4158 4184 */
4159 4185 if (connp->conn_cred != cr) {
4160 4186 crhold(cr);
4161 4187 crfree(connp->conn_cred);
4162 4188 connp->conn_cred = cr;
4163 4189 }
4164 4190 connp->conn_cpid = pid;
4165 4191
4166 4192 /* Cache things in the ixa without any refhold */
4167 4193 ASSERT(!(ixa->ixa_free_flags & IXA_FREE_CRED));
4168 4194 ixa->ixa_cred = cr;
4169 4195 ixa->ixa_cpid = pid;
4170 4196 if (is_system_labeled()) {
4171 4197 /* We need to restart with a label based on the cred */
4172 4198 ip_xmit_attr_restore_tsl(ixa, ixa->ixa_cred);
4173 4199 }
4174 4200
4175 4201 if (connp->conn_family == AF_INET6) {
4176 4202 if (!IN6_IS_ADDR_V4MAPPED(&sin6->sin6_addr)) {
4177 4203 error = tcp_connect_ipv6(tcp, &sin6->sin6_addr,
4178 4204 sin6->sin6_port, sin6->sin6_flowinfo,
4179 4205 sin6->__sin6_src_id, sin6->sin6_scope_id);
4180 4206 } else {
4181 4207 /*
4182 4208 * Destination adress is mapped IPv6 address.
4183 4209 * Source bound address should be unspecified or
4184 4210 * IPv6 mapped address as well.
4185 4211 */
4186 4212 if (!IN6_IS_ADDR_UNSPECIFIED(
4187 4213 &connp->conn_bound_addr_v6) &&
4188 4214 !IN6_IS_ADDR_V4MAPPED(&connp->conn_bound_addr_v6)) {
4189 4215 return (EADDRNOTAVAIL);
4190 4216 }
4191 4217 dstaddrp = &V4_PART_OF_V6((sin6->sin6_addr));
4192 4218 dstport = sin6->sin6_port;
4193 4219 srcid = sin6->__sin6_src_id;
4194 4220 error = tcp_connect_ipv4(tcp, dstaddrp, dstport,
4195 4221 srcid);
4196 4222 }
4197 4223 } else {
4198 4224 dstaddrp = &sin->sin_addr.s_addr;
4199 4225 dstport = sin->sin_port;
4200 4226 srcid = 0;
4201 4227 error = tcp_connect_ipv4(tcp, dstaddrp, dstport, srcid);
4202 4228 }
4203 4229
4204 4230 if (error != 0)
4205 4231 goto connect_failed;
4206 4232
4207 4233 CL_INET_CONNECT(connp, B_TRUE, error);
4208 4234 if (error != 0)
4209 4235 goto connect_failed;
4210 4236
4211 4237 /* connect succeeded */
4212 4238 TCPS_BUMP_MIB(tcps, tcpActiveOpens);
4213 4239 tcp->tcp_active_open = 1;
4214 4240
4215 4241 /*
4216 4242 * tcp_set_destination() does not adjust for TCP/IP header length.
4217 4243 */
4218 4244 mss = tcp->tcp_mss - connp->conn_ht_iphc_len;
4219 4245
4220 4246 /*
4221 4247 * Just make sure our rwnd is at least rcvbuf * MSS large, and round up
4222 4248 * to the nearest MSS.
4223 4249 *
4224 4250 * We do the round up here because we need to get the interface MTU
4225 4251 * first before we can do the round up.
4226 4252 */
4227 4253 tcp->tcp_rwnd = connp->conn_rcvbuf;
4228 4254 tcp->tcp_rwnd = MAX(MSS_ROUNDUP(tcp->tcp_rwnd, mss),
4229 4255 tcps->tcps_recv_hiwat_minmss * mss);
4230 4256 connp->conn_rcvbuf = tcp->tcp_rwnd;
4231 4257 tcp_set_ws_value(tcp);
4232 4258 tcp->tcp_tcpha->tha_win = htons(tcp->tcp_rwnd >> tcp->tcp_rcv_ws);
4233 4259 if (tcp->tcp_rcv_ws > 0 || tcps->tcps_wscale_always)
4234 4260 tcp->tcp_snd_ws_ok = B_TRUE;
4235 4261
4236 4262 /*
4237 4263 * Set tcp_snd_ts_ok to true
4238 4264 * so that tcp_xmit_mp will
4239 4265 * include the timestamp
4240 4266 * option in the SYN segment.
4241 4267 */
4242 4268 if (tcps->tcps_tstamp_always ||
4243 4269 (tcp->tcp_rcv_ws && tcps->tcps_tstamp_if_wscale)) {
4244 4270 tcp->tcp_snd_ts_ok = B_TRUE;
4245 4271 }
4246 4272
4247 4273 /*
4248 4274 * Note that tcp_snd_sack_ok can be set in tcp_set_destination() if
4249 4275 * the SACK metric is set. So here we just check the per stack SACK
4250 4276 * permitted param.
4251 4277 */
4252 4278 if (tcps->tcps_sack_permitted == 2) {
4253 4279 ASSERT(tcp->tcp_num_sack_blk == 0);
4254 4280 ASSERT(tcp->tcp_notsack_list == NULL);
4255 4281 tcp->tcp_snd_sack_ok = B_TRUE;
4256 4282 }
4257 4283
4258 4284 /*
4259 4285 * Should we use ECN? Note that the current
4260 4286 * default value (SunOS 5.9) of tcp_ecn_permitted
4261 4287 * is 1. The reason for doing this is that there
4262 4288 * are equipments out there that will drop ECN
4263 4289 * enabled IP packets. Setting it to 1 avoids
4264 4290 * compatibility problems.
4265 4291 */
4266 4292 if (tcps->tcps_ecn_permitted == 2)
4267 4293 tcp->tcp_ecn_ok = B_TRUE;
4268 4294
4269 4295 /* Trace change from BOUND -> SYN_SENT here */
4270 4296 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
4271 4297 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
4272 4298 int32_t, TCPS_BOUND);
4273 4299
4274 4300 TCP_TIMER_RESTART(tcp, tcp->tcp_rto);
4275 4301 syn_mp = tcp_xmit_mp(tcp, NULL, 0, NULL, NULL,
4276 4302 tcp->tcp_iss, B_FALSE, NULL, B_FALSE);
4277 4303 if (syn_mp != NULL) {
4278 4304 /*
4279 4305 * We must bump the generation before sending the syn
4280 4306 * to ensure that we use the right generation in case
4281 4307 * this thread issues a "connected" up call.
4282 4308 */
4283 4309 SOCK_CONNID_BUMP(tcp->tcp_connid);
4284 4310 /*
4285 4311 * DTrace sending the first SYN as a
4286 4312 * tcp:::connect-request event.
4287 4313 */
4288 4314 DTRACE_TCP5(connect__request, mblk_t *, NULL,
4289 4315 ip_xmit_attr_t *, connp->conn_ixa,
4290 4316 void_ip_t *, syn_mp->b_rptr, tcp_t *, tcp,
4291 4317 tcph_t *,
4292 4318 &syn_mp->b_rptr[connp->conn_ixa->ixa_ip_hdr_length]);
4293 4319 tcp_send_data(tcp, syn_mp);
4294 4320 }
4295 4321
4296 4322 if (tcp->tcp_conn.tcp_opts_conn_req != NULL)
4297 4323 tcp_close_mpp(&tcp->tcp_conn.tcp_opts_conn_req);
4298 4324 return (0);
4299 4325
4300 4326 connect_failed:
4301 4327 connp->conn_faddr_v6 = ipv6_all_zeros;
4302 4328 connp->conn_fport = 0;
4303 4329 tcp->tcp_state = oldstate;
4304 4330 if (tcp->tcp_conn.tcp_opts_conn_req != NULL)
4305 4331 tcp_close_mpp(&tcp->tcp_conn.tcp_opts_conn_req);
4306 4332 return (error);
4307 4333 }
4308 4334
4309 4335 int
4310 4336 tcp_do_listen(conn_t *connp, struct sockaddr *sa, socklen_t len,
4311 4337 int backlog, cred_t *cr, boolean_t bind_to_req_port_only)
4312 4338 {
4313 4339 tcp_t *tcp = connp->conn_tcp;
4314 4340 int error = 0;
4315 4341 tcp_stack_t *tcps = tcp->tcp_tcps;
4316 4342 int32_t oldstate;
4317 4343
4318 4344 /* All Solaris components should pass a cred for this operation. */
4319 4345 ASSERT(cr != NULL);
4320 4346
4321 4347 if (tcp->tcp_state >= TCPS_BOUND) {
4322 4348 if ((tcp->tcp_state == TCPS_BOUND ||
4323 4349 tcp->tcp_state == TCPS_LISTEN) && backlog > 0) {
4324 4350 /*
4325 4351 * Handle listen() increasing backlog.
4326 4352 * This is more "liberal" then what the TPI spec
4327 4353 * requires but is needed to avoid a t_unbind
4328 4354 * when handling listen() since the port number
4329 4355 * might be "stolen" between the unbind and bind.
4330 4356 */
4331 4357 goto do_listen;
4332 4358 }
4333 4359 if (connp->conn_debug) {
4334 4360 (void) strlog(TCP_MOD_ID, 0, 1, SL_ERROR|SL_TRACE,
4335 4361 "tcp_listen: bad state, %d", tcp->tcp_state);
4336 4362 }
4337 4363 return (-TOUTSTATE);
4338 4364 } else {
4339 4365 sin6_t addr;
4340 4366 sin_t *sin;
4341 4367 sin6_t *sin6;
4342 4368
4343 4369 if (sa == NULL) {
4344 4370 ASSERT(IPCL_IS_NONSTR(connp));
4345 4371 /* Do an implicit bind: Request for a generic port. */
4346 4372 if (connp->conn_family == AF_INET) {
4347 4373 len = sizeof (sin_t);
4348 4374 sin = (sin_t *)&addr;
4349 4375 *sin = sin_null;
4350 4376 sin->sin_family = AF_INET;
4351 4377 } else {
4352 4378 ASSERT(connp->conn_family == AF_INET6);
4353 4379 len = sizeof (sin6_t);
4354 4380 sin6 = (sin6_t *)&addr;
4355 4381 *sin6 = sin6_null;
4356 4382 sin6->sin6_family = AF_INET6;
4357 4383 }
4358 4384 sa = (struct sockaddr *)&addr;
4359 4385 }
4360 4386
4361 4387 error = tcp_bind_check(connp, sa, len, cr,
4362 4388 bind_to_req_port_only);
4363 4389 if (error)
4364 4390 return (error);
4365 4391 /* Fall through and do the fanout insertion */
4366 4392 }
4367 4393
4368 4394 do_listen:
4369 4395 ASSERT(tcp->tcp_state == TCPS_BOUND || tcp->tcp_state == TCPS_LISTEN);
4370 4396 tcp->tcp_conn_req_max = backlog;
4371 4397 if (tcp->tcp_conn_req_max) {
4372 4398 if (tcp->tcp_conn_req_max < tcps->tcps_conn_req_min)
4373 4399 tcp->tcp_conn_req_max = tcps->tcps_conn_req_min;
4374 4400 if (tcp->tcp_conn_req_max > tcps->tcps_conn_req_max_q)
4375 4401 tcp->tcp_conn_req_max = tcps->tcps_conn_req_max_q;
4376 4402 /*
4377 4403 * If this is a listener, do not reset the eager list
4378 4404 * and other stuffs. Note that we don't check if the
4379 4405 * existing eager list meets the new tcp_conn_req_max
4380 4406 * requirement.
4381 4407 */
4382 4408 if (tcp->tcp_state != TCPS_LISTEN) {
4383 4409 tcp->tcp_state = TCPS_LISTEN;
4384 4410 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
4385 4411 connp->conn_ixa, void, NULL, tcp_t *, tcp,
4386 4412 void, NULL, int32_t, TCPS_BOUND);
4387 4413 /* Initialize the chain. Don't need the eager_lock */
4388 4414 tcp->tcp_eager_next_q0 = tcp->tcp_eager_prev_q0 = tcp;
4389 4415 tcp->tcp_eager_next_drop_q0 = tcp;
4390 4416 tcp->tcp_eager_prev_drop_q0 = tcp;
4391 4417 tcp->tcp_second_ctimer_threshold =
4392 4418 tcps->tcps_ip_abort_linterval;
4393 4419 }
4394 4420 }
4395 4421
4396 4422 /*
4397 4423 * We need to make sure that the conn_recv is set to a non-null
4398 4424 * value before we insert the conn into the classifier table.
4399 4425 * This is to avoid a race with an incoming packet which does an
4400 4426 * ipcl_classify().
4401 4427 * We initially set it to tcp_input_listener_unbound to try to
4402 4428 * pick a good squeue for the listener when the first SYN arrives.
4403 4429 * tcp_input_listener_unbound sets it to tcp_input_listener on that
4404 4430 * first SYN.
4405 4431 */
4406 4432 connp->conn_recv = tcp_input_listener_unbound;
4407 4433
4408 4434 /* Insert the listener in the classifier table */
4409 4435 error = ip_laddr_fanout_insert(connp);
4410 4436 if (error != 0) {
4411 4437 /* Undo the bind - release the port number */
4412 4438 oldstate = tcp->tcp_state;
4413 4439 tcp->tcp_state = TCPS_IDLE;
4414 4440 DTRACE_TCP6(state__change, void, NULL, ip_xmit_attr_t *,
4415 4441 connp->conn_ixa, void, NULL, tcp_t *, tcp, void, NULL,
4416 4442 int32_t, oldstate);
4417 4443 connp->conn_bound_addr_v6 = ipv6_all_zeros;
4418 4444
4419 4445 connp->conn_laddr_v6 = ipv6_all_zeros;
4420 4446 connp->conn_saddr_v6 = ipv6_all_zeros;
4421 4447 connp->conn_ports = 0;
4422 4448
4423 4449 if (connp->conn_anon_port) {
4424 4450 zone_t *zone;
4425 4451
4426 4452 zone = crgetzone(cr);
4427 4453 connp->conn_anon_port = B_FALSE;
4428 4454 (void) tsol_mlp_anon(zone, connp->conn_mlp_type,
4429 4455 connp->conn_proto, connp->conn_lport, B_FALSE);
4430 4456 }
4431 4457 connp->conn_mlp_type = mlptSingle;
4432 4458
4433 4459 tcp_bind_hash_remove(tcp);
4434 4460 return (error);
4435 4461 } else {
4436 4462 /*
4437 4463 * If there is a connection limit, allocate and initialize
4438 4464 * the counter struct. Note that since listen can be called
4439 4465 * multiple times, the struct may have been allready allocated.
4440 4466 */
4441 4467 if (!list_is_empty(&tcps->tcps_listener_conf) &&
4442 4468 tcp->tcp_listen_cnt == NULL) {
4443 4469 tcp_listen_cnt_t *tlc;
4444 4470 uint32_t ratio;
4445 4471
4446 4472 ratio = tcp_find_listener_conf(tcps,
4447 4473 ntohs(connp->conn_lport));
4448 4474 if (ratio != 0) {
4449 4475 uint32_t mem_ratio, tot_buf;
4450 4476
4451 4477 tlc = kmem_alloc(sizeof (tcp_listen_cnt_t),
4452 4478 KM_SLEEP);
4453 4479 /*
4454 4480 * Calculate the connection limit based on
4455 4481 * the configured ratio and maxusers. Maxusers
4456 4482 * are calculated based on memory size,
4457 4483 * ~ 1 user per MB. Note that the conn_rcvbuf
4458 4484 * and conn_sndbuf may change after a
4459 4485 * connection is accepted. So what we have
4460 4486 * is only an approximation.
4461 4487 */
4462 4488 if ((tot_buf = connp->conn_rcvbuf +
4463 4489 connp->conn_sndbuf) < MB) {
4464 4490 mem_ratio = MB / tot_buf;
4465 4491 tlc->tlc_max = maxusers / ratio *
4466 4492 mem_ratio;
4467 4493 } else {
4468 4494 mem_ratio = tot_buf / MB;
4469 4495 tlc->tlc_max = maxusers / ratio /
4470 4496 mem_ratio;
4471 4497 }
4472 4498 /* At least we should allow two connections! */
4473 4499 if (tlc->tlc_max <= tcp_min_conn_listener)
4474 4500 tlc->tlc_max = tcp_min_conn_listener;
4475 4501 tlc->tlc_cnt = 1;
4476 4502 tlc->tlc_drop = 0;
4477 4503 tcp->tcp_listen_cnt = tlc;
4478 4504 }
4479 4505 }
4480 4506 }
4481 4507 return (error);
4482 4508 }
|
↓ open down ↓ |
3042 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX