1 /* $NetBSD: tcp_output.c,v 1.174 2012/03/22 20:34:39 drochner Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 34 * 35 * NRL grants permission for redistribution and use in source and binary 36 * forms, with or without modification, of the software and documentation 37 * created at NRL provided that the following conditions are met: 38 * 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgements: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * This product includes software developed at the Information 49 * Technology Division, US Naval Research Laboratory. 50 * 4. Neither the name of the NRL nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 55 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 56 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 57 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 58 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 61 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 62 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 63 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 65 * 66 * The views and conclusions contained in the software and documentation 67 * are those of the authors and should not be interpreted as representing 68 * official policies, either expressed or implied, of the US Naval 69 * Research Laboratory (NRL). 70 */ 71 72 /*- 73 * Copyright (c) 1997, 1998, 2001, 2005, 2006 The NetBSD Foundation, Inc. 74 * All rights reserved. 75 * 76 * This code is derived from software contributed to The NetBSD Foundation 77 * by Jason R. Thorpe and Kevin M. Lahey of the Numerical Aerospace Simulation 78 * Facility, NASA Ames Research Center. 79 * This code is derived from software contributed to The NetBSD Foundation 80 * by Charles M. Hannum. 81 * This code is derived from software contributed to The NetBSD Foundation 82 * by Rui Paulo. 83 * 84 * Redistribution and use in source and binary forms, with or without 85 * modification, are permitted provided that the following conditions 86 * are met: 87 * 1. Redistributions of source code must retain the above copyright 88 * notice, this list of conditions and the following disclaimer. 89 * 2. Redistributions in binary form must reproduce the above copyright 90 * notice, this list of conditions and the following disclaimer in the 91 * documentation and/or other materials provided with the distribution. 92 * 93 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 94 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 95 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 96 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 97 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 98 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 99 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 100 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 101 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 102 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 103 * POSSIBILITY OF SUCH DAMAGE. 104 */ 105 106 /* 107 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995 108 * The Regents of the University of California. All rights reserved. 109 * 110 * Redistribution and use in source and binary forms, with or without 111 * modification, are permitted provided that the following conditions 112 * are met: 113 * 1. Redistributions of source code must retain the above copyright 114 * notice, this list of conditions and the following disclaimer. 115 * 2. Redistributions in binary form must reproduce the above copyright 116 * notice, this list of conditions and the following disclaimer in the 117 * documentation and/or other materials provided with the distribution. 118 * 3. Neither the name of the University nor the names of its contributors 119 * may be used to endorse or promote products derived from this software 120 * without specific prior written permission. 121 * 122 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 123 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 124 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 125 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 126 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 127 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 128 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 129 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 130 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 131 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 132 * SUCH DAMAGE. 133 * 134 * @(#)tcp_output.c 8.4 (Berkeley) 5/24/95 135 */ 136 137 #include <sys/cdefs.h> 138 __KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.174 2012/03/22 20:34:39 drochner Exp $"); 139 140 #include "opt_inet.h" 141 #include "opt_ipsec.h" 142 #include "opt_tcp_debug.h" 143 144 #include <sys/param.h> 145 #include <sys/systm.h> 146 #include <sys/malloc.h> 147 #include <sys/mbuf.h> 148 #include <sys/protosw.h> 149 #include <sys/socket.h> 150 #include <sys/socketvar.h> 151 #include <sys/errno.h> 152 #include <sys/domain.h> 153 #include <sys/kernel.h> 154 #ifdef TCP_SIGNATURE 155 #include <sys/md5.h> 156 #endif 157 158 #include <net/if.h> 159 #include <net/route.h> 160 161 #include <netinet/in.h> 162 #include <netinet/in_systm.h> 163 #include <netinet/ip.h> 164 #include <netinet/in_pcb.h> 165 #include <netinet/ip_var.h> 166 167 #ifdef INET6 168 #ifndef INET 169 #include <netinet/in.h> 170 #endif 171 #include <netinet/ip6.h> 172 #include <netinet6/in6_var.h> 173 #include <netinet6/ip6_var.h> 174 #include <netinet6/in6_pcb.h> 175 #include <netinet6/nd6.h> 176 #endif 177 178 #ifdef FAST_IPSEC 179 #include <netipsec/ipsec.h> 180 #include <netipsec/key.h> 181 #ifdef INET6 182 #include <netipsec/ipsec6.h> 183 #endif 184 #endif /* FAST_IPSEC*/ 185 186 #include <netinet/tcp.h> 187 #define TCPOUTFLAGS 188 #include <netinet/tcp_fsm.h> 189 #include <netinet/tcp_seq.h> 190 #include <netinet/tcp_timer.h> 191 #include <netinet/tcp_var.h> 192 #include <netinet/tcp_private.h> 193 #include <netinet/tcp_congctl.h> 194 #include <netinet/tcpip.h> 195 #include <netinet/tcp_debug.h> 196 #include <netinet/in_offload.h> 197 #include <netinet6/in6_offload.h> 198 199 #ifdef notyet 200 extern struct mbuf *m_copypack(); 201 #endif 202 203 /* 204 * Knob to enable Congestion Window Monitoring, and control 205 * the burst size it allows. Default burst is 4 packets, per 206 * the Internet draft. 207 */ 208 int tcp_cwm = 0; 209 int tcp_cwm_burstsize = 4; 210 211 int tcp_do_autosndbuf = 1; 212 int tcp_autosndbuf_inc = 8 * 1024; 213 int tcp_autosndbuf_max = 256 * 1024; 214 215 #ifdef TCP_OUTPUT_COUNTERS 216 #include <sys/device.h> 217 218 extern struct evcnt tcp_output_bigheader; 219 extern struct evcnt tcp_output_predict_hit; 220 extern struct evcnt tcp_output_predict_miss; 221 extern struct evcnt tcp_output_copysmall; 222 extern struct evcnt tcp_output_copybig; 223 extern struct evcnt tcp_output_refbig; 224 225 #define TCP_OUTPUT_COUNTER_INCR(ev) (ev)->ev_count++ 226 #else 227 228 #define TCP_OUTPUT_COUNTER_INCR(ev) /* nothing */ 229 230 #endif /* TCP_OUTPUT_COUNTERS */ 231 232 static 233 #ifndef GPROF 234 inline 235 #endif 236 int 237 tcp_segsize(struct tcpcb *tp, int *txsegsizep, int *rxsegsizep, 238 bool *alwaysfragp) 239 { 240 #ifdef INET 241 struct inpcb *inp = tp->t_inpcb; 242 #endif 243 #ifdef INET6 244 struct in6pcb *in6p = tp->t_in6pcb; 245 #endif 246 struct socket *so = NULL; 247 struct rtentry *rt; 248 struct ifnet *ifp; 249 int size; 250 int hdrlen; 251 int optlen; 252 253 *alwaysfragp = false; 254 255 #ifdef DIAGNOSTIC 256 if (tp->t_inpcb && tp->t_in6pcb) 257 panic("tcp_segsize: both t_inpcb and t_in6pcb are set"); 258 #endif 259 switch (tp->t_family) { 260 #ifdef INET 261 case AF_INET: 262 hdrlen = sizeof(struct ip) + sizeof(struct tcphdr); 263 break; 264 #endif 265 #ifdef INET6 266 case AF_INET6: 267 hdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr); 268 break; 269 #endif 270 default: 271 size = tcp_mssdflt; 272 goto out; 273 } 274 275 rt = NULL; 276 #ifdef INET 277 if (inp) { 278 rt = in_pcbrtentry(inp); 279 so = inp->inp_socket; 280 } 281 #endif 282 #ifdef INET6 283 if (in6p) { 284 rt = in6_pcbrtentry(in6p); 285 so = in6p->in6p_socket; 286 } 287 #endif 288 if (rt == NULL) { 289 size = tcp_mssdflt; 290 goto out; 291 } 292 293 ifp = rt->rt_ifp; 294 295 size = tcp_mssdflt; 296 if (tp->t_mtudisc && rt->rt_rmx.rmx_mtu != 0) { 297 #ifdef INET6 298 if (in6p && rt->rt_rmx.rmx_mtu < IPV6_MMTU) { 299 /* 300 * RFC2460 section 5, last paragraph: if path MTU is 301 * smaller than 1280, use 1280 as packet size and 302 * attach fragment header. 303 */ 304 size = IPV6_MMTU - hdrlen - sizeof(struct ip6_frag); 305 *alwaysfragp = true; 306 } else 307 size = rt->rt_rmx.rmx_mtu - hdrlen; 308 #else 309 size = rt->rt_rmx.rmx_mtu - hdrlen; 310 #endif 311 } else if (ifp->if_flags & IFF_LOOPBACK) 312 size = ifp->if_mtu - hdrlen; 313 #ifdef INET 314 else if (inp && tp->t_mtudisc) 315 size = ifp->if_mtu - hdrlen; 316 else if (inp && in_localaddr(inp->inp_faddr)) 317 size = ifp->if_mtu - hdrlen; 318 #endif 319 #ifdef INET6 320 else if (in6p) { 321 #ifdef INET 322 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 323 /* mapped addr case */ 324 struct in_addr d; 325 bcopy(&in6p->in6p_faddr.s6_addr32[3], &d, sizeof(d)); 326 if (tp->t_mtudisc || in_localaddr(d)) 327 size = ifp->if_mtu - hdrlen; 328 } else 329 #endif 330 { 331 /* 332 * for IPv6, path MTU discovery is always turned on, 333 * or the node must use packet size <= 1280. 334 */ 335 size = tp->t_mtudisc ? IN6_LINKMTU(ifp) : IPV6_MMTU; 336 size -= hdrlen; 337 } 338 } 339 #endif 340 out: 341 /* 342 * Now we must make room for whatever extra TCP/IP options are in 343 * the packet. 344 */ 345 optlen = tcp_optlen(tp); 346 347 /* 348 * XXX tp->t_ourmss should have the right size, but without this code 349 * fragmentation will occur... need more investigation 350 */ 351 #ifdef INET 352 if (inp) { 353 #if defined(FAST_IPSEC) 354 if (! IPSEC_PCB_SKIP_IPSEC(inp->inp_sp, IPSEC_DIR_OUTBOUND)) 355 optlen += ipsec4_hdrsiz_tcp(tp); 356 #endif 357 optlen += ip_optlen(inp); 358 } 359 #endif 360 #ifdef INET6 361 #ifdef INET 362 if (in6p && tp->t_family == AF_INET) { 363 #if defined(FAST_IPSEC) 364 if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) 365 optlen += ipsec4_hdrsiz_tcp(tp); 366 #endif 367 /* XXX size -= ip_optlen(in6p); */ 368 } else 369 #endif 370 if (in6p && tp->t_family == AF_INET6) { 371 #if defined(FAST_IPSEC) 372 if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) 373 optlen += ipsec6_hdrsiz_tcp(tp); 374 #endif 375 optlen += ip6_optlen(in6p); 376 } 377 #endif 378 size -= optlen; 379 380 /* there may not be any room for data if mtu is too small */ 381 if (size < 0) 382 return (EMSGSIZE); 383 384 /* 385 * *rxsegsizep holds *estimated* inbound segment size (estimation 386 * assumes that path MTU is the same for both ways). this is only 387 * for silly window avoidance, do not use the value for other purposes. 388 * 389 * ipseclen is subtracted from both sides, this may not be right. 390 * I'm not quite sure about this (could someone comment). 391 */ 392 *txsegsizep = min(tp->t_peermss - optlen, size); 393 /* 394 * Never send more than half a buffer full. This insures that we can 395 * always keep 2 packets on the wire, no matter what SO_SNDBUF is, and 396 * therefore acks will never be delayed unless we run out of data to 397 * transmit. 398 */ 399 if (so) 400 *txsegsizep = min(so->so_snd.sb_hiwat >> 1, *txsegsizep); 401 *rxsegsizep = min(tp->t_ourmss - optlen, size); 402 403 if (*txsegsizep != tp->t_segsz) { 404 /* 405 * If the new segment size is larger, we don't want to 406 * mess up the congestion window, but if it is smaller 407 * we'll have to reduce the congestion window to ensure 408 * that we don't get into trouble with initial windows 409 * and the rest. In any case, if the segment size 410 * has changed, chances are the path has, too, and 411 * our congestion window will be different. 412 */ 413 if (*txsegsizep < tp->t_segsz) { 414 tp->snd_cwnd = max((tp->snd_cwnd / tp->t_segsz) 415 * *txsegsizep, *txsegsizep); 416 tp->snd_ssthresh = max((tp->snd_ssthresh / tp->t_segsz) 417 * *txsegsizep, *txsegsizep); 418 } 419 tp->t_segsz = *txsegsizep; 420 } 421 422 return (0); 423 } 424 425 static 426 #ifndef GPROF 427 inline 428 #endif 429 int 430 tcp_build_datapkt(struct tcpcb *tp, struct socket *so, int off, 431 long len, int hdrlen, struct mbuf **mp) 432 { 433 struct mbuf *m, *m0; 434 uint64_t *tcps; 435 436 tcps = TCP_STAT_GETREF(); 437 if (tp->t_force && len == 1) 438 tcps[TCP_STAT_SNDPROBE]++; 439 else if (SEQ_LT(tp->snd_nxt, tp->snd_max)) { 440 tcps[TCP_STAT_SNDREXMITPACK]++; 441 tcps[TCP_STAT_SNDREXMITBYTE] += len; 442 } else { 443 tcps[TCP_STAT_SNDPACK]++; 444 tcps[TCP_STAT_SNDBYTE] += len; 445 } 446 TCP_STAT_PUTREF(); 447 #ifdef notyet 448 if ((m = m_copypack(so->so_snd.sb_mb, off, 449 (int)len, max_linkhdr + hdrlen)) == 0) 450 return (ENOBUFS); 451 /* 452 * m_copypack left space for our hdr; use it. 453 */ 454 m->m_len += hdrlen; 455 m->m_data -= hdrlen; 456 #else 457 MGETHDR(m, M_DONTWAIT, MT_HEADER); 458 if (__predict_false(m == NULL)) 459 return (ENOBUFS); 460 MCLAIM(m, &tcp_tx_mowner); 461 462 /* 463 * XXX Because other code assumes headers will fit in 464 * XXX one header mbuf. 465 * 466 * (This code should almost *never* be run.) 467 */ 468 if (__predict_false((max_linkhdr + hdrlen) > MHLEN)) { 469 TCP_OUTPUT_COUNTER_INCR(&tcp_output_bigheader); 470 MCLGET(m, M_DONTWAIT); 471 if ((m->m_flags & M_EXT) == 0) { 472 m_freem(m); 473 return (ENOBUFS); 474 } 475 } 476 477 m->m_data += max_linkhdr; 478 m->m_len = hdrlen; 479 480 /* 481 * To avoid traversing the whole sb_mb chain for correct 482 * data to send, remember last sent mbuf, its offset and 483 * the sent size. When called the next time, see if the 484 * data to send is directly following the previous transfer. 485 * This is important for large TCP windows. 486 */ 487 if (off == 0 || tp->t_lastm == NULL || 488 (tp->t_lastoff + tp->t_lastlen) != off) { 489 TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_miss); 490 /* 491 * Either a new packet or a retransmit. 492 * Start from the beginning. 493 */ 494 tp->t_lastm = so->so_snd.sb_mb; 495 tp->t_inoff = off; 496 } else { 497 TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_hit); 498 tp->t_inoff += tp->t_lastlen; 499 } 500 501 /* Traverse forward to next packet */ 502 while (tp->t_inoff > 0) { 503 if (tp->t_lastm == NULL) 504 panic("tp->t_lastm == NULL"); 505 if (tp->t_inoff < tp->t_lastm->m_len) 506 break; 507 tp->t_inoff -= tp->t_lastm->m_len; 508 tp->t_lastm = tp->t_lastm->m_next; 509 } 510 511 tp->t_lastoff = off; 512 tp->t_lastlen = len; 513 m0 = tp->t_lastm; 514 off = tp->t_inoff; 515 516 if (len <= M_TRAILINGSPACE(m)) { 517 m_copydata(m0, off, (int) len, mtod(m, char *) + hdrlen); 518 m->m_len += len; 519 TCP_OUTPUT_COUNTER_INCR(&tcp_output_copysmall); 520 } else { 521 m->m_next = m_copym(m0, off, (int) len, M_DONTWAIT); 522 if (m->m_next == NULL) { 523 m_freem(m); 524 return (ENOBUFS); 525 } 526 #ifdef TCP_OUTPUT_COUNTERS 527 if (m->m_next->m_flags & M_EXT) 528 TCP_OUTPUT_COUNTER_INCR(&tcp_output_refbig); 529 else 530 TCP_OUTPUT_COUNTER_INCR(&tcp_output_copybig); 531 #endif /* TCP_OUTPUT_COUNTERS */ 532 } 533 #endif 534 535 *mp = m; 536 return (0); 537 } 538 539 /* 540 * Tcp output routine: figure out what should be sent and send it. 541 */ 542 int 543 tcp_output(struct tcpcb *tp) 544 { 545 struct rtentry *rt; 546 struct socket *so; 547 struct route *ro; 548 long len, win; 549 int off, flags, error; 550 struct mbuf *m; 551 struct ip *ip; 552 #ifdef INET6 553 struct ip6_hdr *ip6; 554 #endif 555 struct tcphdr *th; 556 u_char opt[MAX_TCPOPTLEN]; 557 unsigned optlen, hdrlen, packetlen; 558 unsigned int sack_numblks; 559 int idle, sendalot, txsegsize, rxsegsize; 560 int txsegsize_nosack; 561 int maxburst = TCP_MAXBURST; 562 int af; /* address family on the wire */ 563 int iphdrlen; 564 int has_tso4, has_tso6; 565 int has_tso, use_tso; 566 bool alwaysfrag; 567 int sack_rxmit; 568 int sack_bytes_rxmt; 569 int ecn_tos; 570 struct sackhole *p; 571 #ifdef TCP_SIGNATURE 572 int sigoff = 0; 573 #endif 574 uint64_t *tcps; 575 576 #ifdef DIAGNOSTIC 577 if (tp->t_inpcb && tp->t_in6pcb) 578 panic("tcp_output: both t_inpcb and t_in6pcb are set"); 579 #endif 580 so = NULL; 581 ro = NULL; 582 if (tp->t_inpcb) { 583 so = tp->t_inpcb->inp_socket; 584 ro = &tp->t_inpcb->inp_route; 585 } 586 #ifdef INET6 587 else if (tp->t_in6pcb) { 588 so = tp->t_in6pcb->in6p_socket; 589 ro = &tp->t_in6pcb->in6p_route; 590 } 591 #endif 592 593 switch (af = tp->t_family) { 594 #ifdef INET 595 case AF_INET: 596 if (tp->t_inpcb) 597 break; 598 #ifdef INET6 599 /* mapped addr case */ 600 if (tp->t_in6pcb) 601 break; 602 #endif 603 return (EINVAL); 604 #endif 605 #ifdef INET6 606 case AF_INET6: 607 if (tp->t_in6pcb) 608 break; 609 return (EINVAL); 610 #endif 611 default: 612 return (EAFNOSUPPORT); 613 } 614 615 if (tcp_segsize(tp, &txsegsize, &rxsegsize, &alwaysfrag)) 616 return (EMSGSIZE); 617 618 idle = (tp->snd_max == tp->snd_una); 619 620 /* 621 * Determine if we can use TCP segmentation offload: 622 * - If we're using IPv4 623 * - If there is not an IPsec policy that prevents it 624 * - If the interface can do it 625 */ 626 has_tso4 = has_tso6 = false; 627 #if defined(INET) 628 has_tso4 = tp->t_inpcb != NULL && 629 #if defined(FAST_IPSEC) 630 IPSEC_PCB_SKIP_IPSEC(tp->t_inpcb->inp_sp, 631 IPSEC_DIR_OUTBOUND) && 632 #endif 633 (rt = rtcache_validate(&tp->t_inpcb->inp_route)) != NULL && 634 (rt->rt_ifp->if_capenable & IFCAP_TSOv4) != 0; 635 #endif /* defined(INET) */ 636 #if defined(INET6) 637 has_tso6 = tp->t_in6pcb != NULL && 638 #if defined(FAST_IPSEC) 639 IPSEC_PCB_SKIP_IPSEC(tp->t_in6pcb->in6p_sp, 640 IPSEC_DIR_OUTBOUND) && 641 #endif 642 (rt = rtcache_validate(&tp->t_in6pcb->in6p_route)) != NULL && 643 (rt->rt_ifp->if_capenable & IFCAP_TSOv6) != 0; 644 #endif /* defined(INET6) */ 645 has_tso = (has_tso4 || has_tso6) && !alwaysfrag; 646 647 /* 648 * Restart Window computation. From draft-floyd-incr-init-win-03: 649 * 650 * Optionally, a TCP MAY set the restart window to the 651 * minimum of the value used for the initial window and 652 * the current value of cwnd (in other words, using a 653 * larger value for the restart window should never increase 654 * the size of cwnd). 655 */ 656 if (tcp_cwm) { 657 /* 658 * Hughes/Touch/Heidemann Congestion Window Monitoring. 659 * Count the number of packets currently pending 660 * acknowledgement, and limit our congestion window 661 * to a pre-determined allowed burst size plus that count. 662 * This prevents bursting once all pending packets have 663 * been acknowledged (i.e. transmission is idle). 664 * 665 * XXX Link this to Initial Window? 666 */ 667 tp->snd_cwnd = min(tp->snd_cwnd, 668 (tcp_cwm_burstsize * txsegsize) + 669 (tp->snd_nxt - tp->snd_una)); 670 } else { 671 if (idle && (tcp_now - tp->t_rcvtime) >= tp->t_rxtcur) { 672 /* 673 * We have been idle for "a while" and no acks are 674 * expected to clock out any data we send -- 675 * slow start to get ack "clock" running again. 676 */ 677 int ss = tcp_init_win; 678 #ifdef INET 679 if (tp->t_inpcb && 680 in_localaddr(tp->t_inpcb->inp_faddr)) 681 ss = tcp_init_win_local; 682 #endif 683 #ifdef INET6 684 if (tp->t_in6pcb && 685 in6_localaddr(&tp->t_in6pcb->in6p_faddr)) 686 ss = tcp_init_win_local; 687 #endif 688 tp->snd_cwnd = min(tp->snd_cwnd, 689 TCP_INITIAL_WINDOW(ss, txsegsize)); 690 } 691 } 692 693 txsegsize_nosack = txsegsize; 694 again: 695 ecn_tos = 0; 696 use_tso = has_tso; 697 if ((tp->t_flags & (TF_ECN_SND_CWR|TF_ECN_SND_ECE)) != 0) { 698 /* don't duplicate CWR/ECE. */ 699 use_tso = 0; 700 } 701 TCP_REASS_LOCK(tp); 702 sack_numblks = tcp_sack_numblks(tp); 703 if (sack_numblks) { 704 int sackoptlen; 705 706 sackoptlen = TCP_SACK_OPTLEN(sack_numblks); 707 if (sackoptlen > txsegsize_nosack) { 708 sack_numblks = 0; /* give up SACK */ 709 txsegsize = txsegsize_nosack; 710 } else { 711 if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) { 712 /* don't duplicate D-SACK. */ 713 use_tso = 0; 714 } 715 txsegsize = txsegsize_nosack - sackoptlen; 716 } 717 } else { 718 txsegsize = txsegsize_nosack; 719 } 720 721 /* 722 * Determine length of data that should be transmitted, and 723 * flags that should be used. If there is some data or critical 724 * controls (SYN, RST) to send, then transmit; otherwise, 725 * investigate further. 726 * 727 * Readjust SACK information to avoid resending duplicate data. 728 */ 729 if (TCP_SACK_ENABLED(tp) && SEQ_LT(tp->snd_nxt, tp->snd_max)) 730 tcp_sack_adjust(tp); 731 sendalot = 0; 732 off = tp->snd_nxt - tp->snd_una; 733 win = min(tp->snd_wnd, tp->snd_cwnd); 734 735 flags = tcp_outflags[tp->t_state]; 736 737 /* 738 * Send any SACK-generated retransmissions. If we're explicitly trying 739 * to send out new data (when sendalot is 1), bypass this function. 740 * If we retransmit in fast recovery mode, decrement snd_cwnd, since 741 * we're replacing a (future) new transmission with a retransmission 742 * now, and we previously incremented snd_cwnd in tcp_input(). 743 */ 744 /* 745 * Still in sack recovery , reset rxmit flag to zero. 746 */ 747 sack_rxmit = 0; 748 sack_bytes_rxmt = 0; 749 len = 0; 750 p = NULL; 751 do { 752 long cwin; 753 if (!TCP_SACK_ENABLED(tp)) 754 break; 755 if (tp->t_partialacks < 0) 756 break; 757 p = tcp_sack_output(tp, &sack_bytes_rxmt); 758 if (p == NULL) 759 break; 760 761 cwin = min(tp->snd_wnd, tp->snd_cwnd) - sack_bytes_rxmt; 762 if (cwin < 0) 763 cwin = 0; 764 /* Do not retransmit SACK segments beyond snd_recover */ 765 if (SEQ_GT(p->end, tp->snd_recover)) { 766 /* 767 * (At least) part of sack hole extends beyond 768 * snd_recover. Check to see if we can rexmit data 769 * for this hole. 770 */ 771 if (SEQ_GEQ(p->rxmit, tp->snd_recover)) { 772 /* 773 * Can't rexmit any more data for this hole. 774 * That data will be rexmitted in the next 775 * sack recovery episode, when snd_recover 776 * moves past p->rxmit. 777 */ 778 p = NULL; 779 break; 780 } 781 /* Can rexmit part of the current hole */ 782 len = ((long)ulmin(cwin, tp->snd_recover - p->rxmit)); 783 } else 784 len = ((long)ulmin(cwin, p->end - p->rxmit)); 785 off = p->rxmit - tp->snd_una; 786 if (off + len > so->so_snd.sb_cc) { 787 /* 1 for TH_FIN */ 788 KASSERT(off + len == so->so_snd.sb_cc + 1); 789 KASSERT(p->rxmit + len == tp->snd_max); 790 len = so->so_snd.sb_cc - off; 791 } 792 if (len > 0) { 793 sack_rxmit = 1; 794 sendalot = 1; 795 } 796 } while (/*CONSTCOND*/0); 797 798 /* 799 * If in persist timeout with window of 0, send 1 byte. 800 * Otherwise, if window is small but nonzero 801 * and timer expired, we will send what we can 802 * and go to transmit state. 803 */ 804 if (tp->t_force) { 805 if (win == 0) { 806 /* 807 * If we still have some data to send, then 808 * clear the FIN bit. Usually this would 809 * happen below when it realizes that we 810 * aren't sending all the data. However, 811 * if we have exactly 1 byte of unset data, 812 * then it won't clear the FIN bit below, 813 * and if we are in persist state, we wind 814 * up sending the packet without recording 815 * that we sent the FIN bit. 816 * 817 * We can't just blindly clear the FIN bit, 818 * because if we don't have any more data 819 * to send then the probe will be the FIN 820 * itself. 821 */ 822 if (off < so->so_snd.sb_cc) 823 flags &= ~TH_FIN; 824 win = 1; 825 } else { 826 TCP_TIMER_DISARM(tp, TCPT_PERSIST); 827 tp->t_rxtshift = 0; 828 } 829 } 830 831 if (sack_rxmit == 0) { 832 if (TCP_SACK_ENABLED(tp) && tp->t_partialacks >= 0) { 833 long cwin; 834 835 /* 836 * We are inside of a SACK recovery episode and are 837 * sending new data, having retransmitted all the 838 * data possible in the scoreboard. 839 */ 840 if (tp->snd_wnd < so->so_snd.sb_cc) { 841 len = tp->snd_wnd - off; 842 flags &= ~TH_FIN; 843 } else { 844 len = so->so_snd.sb_cc - off; 845 } 846 847 /* 848 * From FreeBSD: 849 * Don't remove this (len > 0) check ! 850 * We explicitly check for len > 0 here (although it 851 * isn't really necessary), to work around a gcc 852 * optimization issue - to force gcc to compute 853 * len above. Without this check, the computation 854 * of len is bungled by the optimizer. 855 */ 856 if (len > 0) { 857 cwin = tp->snd_cwnd - 858 (tp->snd_nxt - tp->sack_newdata) - 859 sack_bytes_rxmt; 860 if (cwin < 0) 861 cwin = 0; 862 if (cwin < len) { 863 len = cwin; 864 flags &= ~TH_FIN; 865 } 866 } 867 } else if (win < so->so_snd.sb_cc) { 868 len = win - off; 869 flags &= ~TH_FIN; 870 } else { 871 len = so->so_snd.sb_cc - off; 872 } 873 } 874 875 if (len < 0) { 876 /* 877 * If FIN has been sent but not acked, 878 * but we haven't been called to retransmit, 879 * len will be -1. Otherwise, window shrank 880 * after we sent into it. If window shrank to 0, 881 * cancel pending retransmit, pull snd_nxt back 882 * to (closed) window, and set the persist timer 883 * if it isn't already going. If the window didn't 884 * close completely, just wait for an ACK. 885 * 886 * If we have a pending FIN, either it has already been 887 * transmitted or it is outside the window, so drop it. 888 * If the FIN has been transmitted, but this is not a 889 * retransmission, then len must be -1. Therefore we also 890 * prevent here the sending of `gratuitous FINs'. This 891 * eliminates the need to check for that case below (e.g. 892 * to back up snd_nxt before the FIN so that the sequence 893 * number is correct). 894 */ 895 len = 0; 896 flags &= ~TH_FIN; 897 if (win == 0) { 898 TCP_TIMER_DISARM(tp, TCPT_REXMT); 899 tp->t_rxtshift = 0; 900 tp->snd_nxt = tp->snd_una; 901 if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) 902 tcp_setpersist(tp); 903 } 904 } 905 906 /* 907 * Automatic sizing enables the performance of large buffers 908 * and most of the efficiency of small ones by only allocating 909 * space when it is needed. 910 * 911 * The criteria to step up the send buffer one notch are: 912 * 1. receive window of remote host is larger than send buffer 913 * (with a fudge factor of 5/4th); 914 * 2. send buffer is filled to 7/8th with data (so we actually 915 * have data to make use of it); 916 * 3. send buffer fill has not hit maximal automatic size; 917 * 4. our send window (slow start and cogestion controlled) is 918 * larger than sent but unacknowledged data in send buffer. 919 * 920 * The remote host receive window scaling factor may limit the 921 * growing of the send buffer before it reaches its allowed 922 * maximum. 923 * 924 * It scales directly with slow start or congestion window 925 * and does at most one step per received ACK. This fast 926 * scaling has the drawback of growing the send buffer beyond 927 * what is strictly necessary to make full use of a given 928 * delay*bandwith product. However testing has shown this not 929 * to be much of an problem. At worst we are trading wasting 930 * of available bandwith (the non-use of it) for wasting some 931 * socket buffer memory. 932 * 933 * TODO: Shrink send buffer during idle periods together 934 * with congestion window. Requires another timer. 935 */ 936 if (tcp_do_autosndbuf && so->so_snd.sb_flags & SB_AUTOSIZE) { 937 if ((tp->snd_wnd / 4 * 5) >= so->so_snd.sb_hiwat && 938 so->so_snd.sb_cc >= (so->so_snd.sb_hiwat / 8 * 7) && 939 so->so_snd.sb_cc < tcp_autosndbuf_max && 940 win >= (so->so_snd.sb_cc - (tp->snd_nxt - tp->snd_una))) { 941 if (!sbreserve(&so->so_snd, 942 min(so->so_snd.sb_hiwat + tcp_autosndbuf_inc, 943 tcp_autosndbuf_max), so)) 944 so->so_snd.sb_flags &= ~SB_AUTOSIZE; 945 } 946 } 947 948 if (len > txsegsize) { 949 if (use_tso) { 950 /* 951 * Truncate TSO transfers to IP_MAXPACKET, and make 952 * sure that we send equal size transfers down the 953 * stack (rather than big-small-big-small-...). 954 */ 955 #ifdef INET6 956 CTASSERT(IPV6_MAXPACKET == IP_MAXPACKET); 957 #endif 958 len = (min(len, IP_MAXPACKET) / txsegsize) * txsegsize; 959 if (len <= txsegsize) { 960 use_tso = 0; 961 } 962 } else 963 len = txsegsize; 964 flags &= ~TH_FIN; 965 sendalot = 1; 966 } else 967 use_tso = 0; 968 if (sack_rxmit) { 969 if (SEQ_LT(p->rxmit + len, tp->snd_una + so->so_snd.sb_cc)) 970 flags &= ~TH_FIN; 971 } 972 973 win = sbspace(&so->so_rcv); 974 975 /* 976 * Sender silly window avoidance. If connection is idle 977 * and can send all data, a maximum segment, 978 * at least a maximum default-size segment do it, 979 * or are forced, do it; otherwise don't bother. 980 * If peer's buffer is tiny, then send 981 * when window is at least half open. 982 * If retransmitting (possibly after persist timer forced us 983 * to send into a small window), then must resend. 984 */ 985 if (len) { 986 if (len >= txsegsize) 987 goto send; 988 if ((so->so_state & SS_MORETOCOME) == 0 && 989 ((idle || tp->t_flags & TF_NODELAY) && 990 len + off >= so->so_snd.sb_cc)) 991 goto send; 992 if (tp->t_force) 993 goto send; 994 if (len >= tp->max_sndwnd / 2) 995 goto send; 996 if (SEQ_LT(tp->snd_nxt, tp->snd_max)) 997 goto send; 998 if (sack_rxmit) 999 goto send; 1000 } 1001 1002 /* 1003 * Compare available window to amount of window known to peer 1004 * (as advertised window less next expected input). If the 1005 * difference is at least twice the size of the largest segment 1006 * we expect to receive (i.e. two segments) or at least 50% of 1007 * the maximum possible window, then want to send a window update 1008 * to peer. 1009 */ 1010 if (win > 0) { 1011 /* 1012 * "adv" is the amount we can increase the window, 1013 * taking into account that we are limited by 1014 * TCP_MAXWIN << tp->rcv_scale. 1015 */ 1016 long adv = min(win, (long)TCP_MAXWIN << tp->rcv_scale) - 1017 (tp->rcv_adv - tp->rcv_nxt); 1018 1019 if (adv >= (long) (2 * rxsegsize)) 1020 goto send; 1021 if (2 * adv >= (long) so->so_rcv.sb_hiwat) 1022 goto send; 1023 } 1024 1025 /* 1026 * Send if we owe peer an ACK. 1027 */ 1028 if (tp->t_flags & TF_ACKNOW) 1029 goto send; 1030 if (flags & (TH_SYN|TH_FIN|TH_RST)) 1031 goto send; 1032 if (SEQ_GT(tp->snd_up, tp->snd_una)) 1033 goto send; 1034 /* 1035 * In SACK, it is possible for tcp_output to fail to send a segment 1036 * after the retransmission timer has been turned off. Make sure 1037 * that the retransmission timer is set. 1038 */ 1039 if (TCP_SACK_ENABLED(tp) && SEQ_GT(tp->snd_max, tp->snd_una) && 1040 !TCP_TIMER_ISARMED(tp, TCPT_REXMT) && 1041 !TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) { 1042 TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur); 1043 goto just_return; 1044 } 1045 1046 /* 1047 * TCP window updates are not reliable, rather a polling protocol 1048 * using ``persist'' packets is used to insure receipt of window 1049 * updates. The three ``states'' for the output side are: 1050 * idle not doing retransmits or persists 1051 * persisting to move a small or zero window 1052 * (re)transmitting and thereby not persisting 1053 * 1054 * tp->t_timer[TCPT_PERSIST] 1055 * is set when we are in persist state. 1056 * tp->t_force 1057 * is set when we are called to send a persist packet. 1058 * tp->t_timer[TCPT_REXMT] 1059 * is set when we are retransmitting 1060 * The output side is idle when both timers are zero. 1061 * 1062 * If send window is too small, there is data to transmit, and no 1063 * retransmit or persist is pending, then go to persist state. 1064 * If nothing happens soon, send when timer expires: 1065 * if window is nonzero, transmit what we can, 1066 * otherwise force out a byte. 1067 */ 1068 if (so->so_snd.sb_cc && TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 && 1069 TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) { 1070 tp->t_rxtshift = 0; 1071 tcp_setpersist(tp); 1072 } 1073 1074 /* 1075 * No reason to send a segment, just return. 1076 */ 1077 just_return: 1078 TCP_REASS_UNLOCK(tp); 1079 return (0); 1080 1081 send: 1082 /* 1083 * Before ESTABLISHED, force sending of initial options 1084 * unless TCP set not to do any options. 1085 * NOTE: we assume that the IP/TCP header plus TCP options 1086 * always fit in a single mbuf, leaving room for a maximum 1087 * link header, i.e. 1088 * max_linkhdr + sizeof (struct tcpiphdr) + optlen <= MCLBYTES 1089 */ 1090 optlen = 0; 1091 switch (af) { 1092 #ifdef INET 1093 case AF_INET: 1094 iphdrlen = sizeof(struct ip) + sizeof(struct tcphdr); 1095 break; 1096 #endif 1097 #ifdef INET6 1098 case AF_INET6: 1099 iphdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr); 1100 break; 1101 #endif 1102 default: /*pacify gcc*/ 1103 iphdrlen = 0; 1104 break; 1105 } 1106 hdrlen = iphdrlen; 1107 if (flags & TH_SYN) { 1108 struct rtentry *synrt; 1109 1110 synrt = NULL; 1111 #ifdef INET 1112 if (tp->t_inpcb) 1113 synrt = in_pcbrtentry(tp->t_inpcb); 1114 #endif 1115 #ifdef INET6 1116 if (tp->t_in6pcb) 1117 synrt = in6_pcbrtentry(tp->t_in6pcb); 1118 #endif 1119 1120 tp->snd_nxt = tp->iss; 1121 tp->t_ourmss = tcp_mss_to_advertise(synrt != NULL ? 1122 synrt->rt_ifp : NULL, af); 1123 if ((tp->t_flags & TF_NOOPT) == 0) { 1124 opt[0] = TCPOPT_MAXSEG; 1125 opt[1] = 4; 1126 opt[2] = (tp->t_ourmss >> 8) & 0xff; 1127 opt[3] = tp->t_ourmss & 0xff; 1128 optlen = 4; 1129 1130 if ((tp->t_flags & TF_REQ_SCALE) && 1131 ((flags & TH_ACK) == 0 || 1132 (tp->t_flags & TF_RCVD_SCALE))) { 1133 *((u_int32_t *) (opt + optlen)) = htonl( 1134 TCPOPT_NOP << 24 | 1135 TCPOPT_WINDOW << 16 | 1136 TCPOLEN_WINDOW << 8 | 1137 tp->request_r_scale); 1138 optlen += 4; 1139 } 1140 if (tcp_do_sack) { 1141 u_int8_t *cp = (u_int8_t *)(opt + optlen); 1142 1143 cp[0] = TCPOPT_SACK_PERMITTED; 1144 cp[1] = 2; 1145 cp[2] = TCPOPT_NOP; 1146 cp[3] = TCPOPT_NOP; 1147 optlen += 4; 1148 } 1149 } 1150 } 1151 1152 /* 1153 * Send a timestamp and echo-reply if this is a SYN and our side 1154 * wants to use timestamps (TF_REQ_TSTMP is set) or both our side 1155 * and our peer have sent timestamps in our SYN's. 1156 */ 1157 if ((tp->t_flags & (TF_REQ_TSTMP|TF_NOOPT)) == TF_REQ_TSTMP && 1158 (flags & TH_RST) == 0 && 1159 ((flags & (TH_SYN|TH_ACK)) == TH_SYN || 1160 (tp->t_flags & TF_RCVD_TSTMP))) { 1161 u_int32_t *lp = (u_int32_t *)(opt + optlen); 1162 1163 /* Form timestamp option as shown in appendix A of RFC 1323. */ 1164 *lp++ = htonl(TCPOPT_TSTAMP_HDR); 1165 *lp++ = htonl(TCP_TIMESTAMP(tp)); 1166 *lp = htonl(tp->ts_recent); 1167 optlen += TCPOLEN_TSTAMP_APPA; 1168 1169 /* Set receive buffer autosizing timestamp. */ 1170 if (tp->rfbuf_ts == 0 && (so->so_rcv.sb_flags & SB_AUTOSIZE)) 1171 tp->rfbuf_ts = TCP_TIMESTAMP(tp); 1172 } 1173 1174 /* 1175 * Tack on the SACK block if it is necessary. 1176 */ 1177 if (sack_numblks) { 1178 int sack_len; 1179 u_char *bp = (u_char *)(opt + optlen); 1180 u_int32_t *lp = (u_int32_t *)(bp + 4); 1181 struct ipqent *tiqe; 1182 1183 sack_len = sack_numblks * 8 + 2; 1184 bp[0] = TCPOPT_NOP; 1185 bp[1] = TCPOPT_NOP; 1186 bp[2] = TCPOPT_SACK; 1187 bp[3] = sack_len; 1188 if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) { 1189 sack_numblks--; 1190 *lp++ = htonl(tp->rcv_dsack_block.left); 1191 *lp++ = htonl(tp->rcv_dsack_block.right); 1192 tp->rcv_sack_flags &= ~TCPSACK_HAVED; 1193 } 1194 for (tiqe = TAILQ_FIRST(&tp->timeq); 1195 sack_numblks > 0; tiqe = TAILQ_NEXT(tiqe, ipqe_timeq)) { 1196 KASSERT(tiqe != NULL); 1197 sack_numblks--; 1198 *lp++ = htonl(tiqe->ipqe_seq); 1199 *lp++ = htonl(tiqe->ipqe_seq + tiqe->ipqe_len + 1200 ((tiqe->ipqe_flags & TH_FIN) != 0 ? 1 : 0)); 1201 } 1202 optlen += sack_len + 2; 1203 } 1204 TCP_REASS_UNLOCK(tp); 1205 1206 #ifdef TCP_SIGNATURE 1207 if (tp->t_flags & TF_SIGNATURE) { 1208 u_char *bp; 1209 /* 1210 * Initialize TCP-MD5 option (RFC2385) 1211 */ 1212 bp = (u_char *)opt + optlen; 1213 *bp++ = TCPOPT_SIGNATURE; 1214 *bp++ = TCPOLEN_SIGNATURE; 1215 sigoff = optlen + 2; 1216 memset(bp, 0, TCP_SIGLEN); 1217 bp += TCP_SIGLEN; 1218 optlen += TCPOLEN_SIGNATURE; 1219 /* 1220 * Terminate options list and maintain 32-bit alignment. 1221 */ 1222 *bp++ = TCPOPT_NOP; 1223 *bp++ = TCPOPT_EOL; 1224 optlen += 2; 1225 } 1226 #endif /* TCP_SIGNATURE */ 1227 1228 hdrlen += optlen; 1229 1230 #ifdef DIAGNOSTIC 1231 if (!use_tso && len > txsegsize) 1232 panic("tcp data to be sent is larger than segment"); 1233 else if (use_tso && len > IP_MAXPACKET) 1234 panic("tcp data to be sent is larger than max TSO size"); 1235 if (max_linkhdr + hdrlen > MCLBYTES) 1236 panic("tcphdr too big"); 1237 #endif 1238 1239 /* 1240 * Grab a header mbuf, attaching a copy of data to 1241 * be transmitted, and initialize the header from 1242 * the template for sends on this connection. 1243 */ 1244 if (len) { 1245 error = tcp_build_datapkt(tp, so, off, len, hdrlen, &m); 1246 if (error) 1247 goto out; 1248 /* 1249 * If we're sending everything we've got, set PUSH. 1250 * (This will keep happy those implementations which only 1251 * give data to the user when a buffer fills or 1252 * a PUSH comes in.) 1253 */ 1254 if (off + len == so->so_snd.sb_cc) 1255 flags |= TH_PUSH; 1256 } else { 1257 tcps = TCP_STAT_GETREF(); 1258 if (tp->t_flags & TF_ACKNOW) 1259 tcps[TCP_STAT_SNDACKS]++; 1260 else if (flags & (TH_SYN|TH_FIN|TH_RST)) 1261 tcps[TCP_STAT_SNDCTRL]++; 1262 else if (SEQ_GT(tp->snd_up, tp->snd_una)) 1263 tcps[TCP_STAT_SNDURG]++; 1264 else 1265 tcps[TCP_STAT_SNDWINUP]++; 1266 TCP_STAT_PUTREF(); 1267 1268 MGETHDR(m, M_DONTWAIT, MT_HEADER); 1269 if (m != NULL && max_linkhdr + hdrlen > MHLEN) { 1270 MCLGET(m, M_DONTWAIT); 1271 if ((m->m_flags & M_EXT) == 0) { 1272 m_freem(m); 1273 m = NULL; 1274 } 1275 } 1276 if (m == NULL) { 1277 error = ENOBUFS; 1278 goto out; 1279 } 1280 MCLAIM(m, &tcp_tx_mowner); 1281 m->m_data += max_linkhdr; 1282 m->m_len = hdrlen; 1283 } 1284 m->m_pkthdr.rcvif = NULL; 1285 switch (af) { 1286 #ifdef INET 1287 case AF_INET: 1288 ip = mtod(m, struct ip *); 1289 #ifdef INET6 1290 ip6 = NULL; 1291 #endif 1292 th = (struct tcphdr *)(ip + 1); 1293 break; 1294 #endif 1295 #ifdef INET6 1296 case AF_INET6: 1297 ip = NULL; 1298 ip6 = mtod(m, struct ip6_hdr *); 1299 th = (struct tcphdr *)(ip6 + 1); 1300 break; 1301 #endif 1302 default: /*pacify gcc*/ 1303 ip = NULL; 1304 #ifdef INET6 1305 ip6 = NULL; 1306 #endif 1307 th = NULL; 1308 break; 1309 } 1310 if (tp->t_template == 0) 1311 panic("tcp_output"); 1312 if (tp->t_template->m_len < iphdrlen) 1313 panic("tcp_output"); 1314 bcopy(mtod(tp->t_template, void *), mtod(m, void *), iphdrlen); 1315 1316 /* 1317 * If we are starting a connection, send ECN setup 1318 * SYN packet. If we are on a retransmit, we may 1319 * resend those bits a number of times as per 1320 * RFC 3168. 1321 */ 1322 if (tp->t_state == TCPS_SYN_SENT && tcp_do_ecn) { 1323 if (tp->t_flags & TF_SYN_REXMT) { 1324 if (tp->t_ecn_retries--) 1325 flags |= TH_ECE|TH_CWR; 1326 } else { 1327 flags |= TH_ECE|TH_CWR; 1328 tp->t_ecn_retries = tcp_ecn_maxretries; 1329 } 1330 } 1331 1332 if (TCP_ECN_ALLOWED(tp)) { 1333 /* 1334 * If the peer has ECN, mark data packets 1335 * ECN capable. Ignore pure ack packets, retransmissions 1336 * and window probes. 1337 */ 1338 if (len > 0 && SEQ_GEQ(tp->snd_nxt, tp->snd_max) && 1339 !(tp->t_force && len == 1)) { 1340 ecn_tos = IPTOS_ECN_ECT0; 1341 TCP_STATINC(TCP_STAT_ECN_ECT); 1342 } 1343 1344 /* 1345 * Reply with proper ECN notifications. 1346 */ 1347 if (tp->t_flags & TF_ECN_SND_CWR) { 1348 flags |= TH_CWR; 1349 tp->t_flags &= ~TF_ECN_SND_CWR; 1350 } 1351 if (tp->t_flags & TF_ECN_SND_ECE) { 1352 flags |= TH_ECE; 1353 } 1354 } 1355 1356 1357 /* 1358 * If we are doing retransmissions, then snd_nxt will 1359 * not reflect the first unsent octet. For ACK only 1360 * packets, we do not want the sequence number of the 1361 * retransmitted packet, we want the sequence number 1362 * of the next unsent octet. So, if there is no data 1363 * (and no SYN or FIN), use snd_max instead of snd_nxt 1364 * when filling in ti_seq. But if we are in persist 1365 * state, snd_max might reflect one byte beyond the 1366 * right edge of the window, so use snd_nxt in that 1367 * case, since we know we aren't doing a retransmission. 1368 * (retransmit and persist are mutually exclusive...) 1369 */ 1370 if (TCP_SACK_ENABLED(tp) && sack_rxmit) { 1371 th->th_seq = htonl(p->rxmit); 1372 p->rxmit += len; 1373 } else { 1374 if (len || (flags & (TH_SYN|TH_FIN)) || 1375 TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) 1376 th->th_seq = htonl(tp->snd_nxt); 1377 else 1378 th->th_seq = htonl(tp->snd_max); 1379 } 1380 th->th_ack = htonl(tp->rcv_nxt); 1381 if (optlen) { 1382 bcopy((void *)opt, (void *)(th + 1), optlen); 1383 th->th_off = (sizeof (struct tcphdr) + optlen) >> 2; 1384 } 1385 th->th_flags = flags; 1386 /* 1387 * Calculate receive window. Don't shrink window, 1388 * but avoid silly window syndrome. 1389 */ 1390 if (win < (long)(so->so_rcv.sb_hiwat / 4) && win < (long)rxsegsize) 1391 win = 0; 1392 if (win > (long)TCP_MAXWIN << tp->rcv_scale) 1393 win = (long)TCP_MAXWIN << tp->rcv_scale; 1394 if (win < (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt)) 1395 win = (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt); 1396 th->th_win = htons((u_int16_t) (win>>tp->rcv_scale)); 1397 if (SEQ_GT(tp->snd_up, tp->snd_nxt)) { 1398 u_int32_t urp = tp->snd_up - tp->snd_nxt; 1399 if (urp > IP_MAXPACKET) 1400 urp = IP_MAXPACKET; 1401 th->th_urp = htons((u_int16_t)urp); 1402 th->th_flags |= TH_URG; 1403 } else 1404 /* 1405 * If no urgent pointer to send, then we pull 1406 * the urgent pointer to the left edge of the send window 1407 * so that it doesn't drift into the send window on sequence 1408 * number wraparound. 1409 */ 1410 tp->snd_up = tp->snd_una; /* drag it along */ 1411 1412 #ifdef TCP_SIGNATURE 1413 if (sigoff && (tp->t_flags & TF_SIGNATURE)) { 1414 struct secasvar *sav; 1415 u_int8_t *sigp; 1416 1417 sav = tcp_signature_getsav(m, th); 1418 1419 if (sav == NULL) { 1420 if (m) 1421 m_freem(m); 1422 return (EPERM); 1423 } 1424 1425 m->m_pkthdr.len = hdrlen + len; 1426 sigp = (char *)th + sizeof(*th) + sigoff; 1427 tcp_signature(m, th, (char *)th - mtod(m, char *), sav, sigp); 1428 1429 key_sa_recordxfer(sav, m); 1430 #ifdef FAST_IPSEC 1431 KEY_FREESAV(&sav); 1432 #else 1433 key_freesav(sav); 1434 #endif 1435 } 1436 #endif 1437 1438 /* 1439 * Set ourselves up to be checksummed just before the packet 1440 * hits the wire. 1441 */ 1442 switch (af) { 1443 #ifdef INET 1444 case AF_INET: 1445 m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum); 1446 if (use_tso) { 1447 m->m_pkthdr.segsz = txsegsize; 1448 m->m_pkthdr.csum_flags = M_CSUM_TSOv4; 1449 } else { 1450 m->m_pkthdr.csum_flags = M_CSUM_TCPv4; 1451 if (len + optlen) { 1452 /* Fixup the pseudo-header checksum. */ 1453 /* XXXJRT Not IP Jumbogram safe. */ 1454 th->th_sum = in_cksum_addword(th->th_sum, 1455 htons((u_int16_t) (len + optlen))); 1456 } 1457 } 1458 break; 1459 #endif 1460 #ifdef INET6 1461 case AF_INET6: 1462 m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum); 1463 if (use_tso) { 1464 m->m_pkthdr.segsz = txsegsize; 1465 m->m_pkthdr.csum_flags = M_CSUM_TSOv6; 1466 } else { 1467 m->m_pkthdr.csum_flags = M_CSUM_TCPv6; 1468 if (len + optlen) { 1469 /* Fixup the pseudo-header checksum. */ 1470 /* XXXJRT: Not IPv6 Jumbogram safe. */ 1471 th->th_sum = in_cksum_addword(th->th_sum, 1472 htons((u_int16_t) (len + optlen))); 1473 } 1474 } 1475 break; 1476 #endif 1477 } 1478 1479 /* 1480 * In transmit state, time the transmission and arrange for 1481 * the retransmit. In persist state, just set snd_max. 1482 */ 1483 if (tp->t_force == 0 || TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) { 1484 tcp_seq startseq = tp->snd_nxt; 1485 1486 /* 1487 * Advance snd_nxt over sequence space of this segment. 1488 * There are no states in which we send both a SYN and a FIN, 1489 * so we collapse the tests for these flags. 1490 */ 1491 if (flags & (TH_SYN|TH_FIN)) 1492 tp->snd_nxt++; 1493 if (sack_rxmit) 1494 goto timer; 1495 tp->snd_nxt += len; 1496 if (SEQ_GT(tp->snd_nxt, tp->snd_max)) { 1497 tp->snd_max = tp->snd_nxt; 1498 /* 1499 * Time this transmission if not a retransmission and 1500 * not currently timing anything. 1501 */ 1502 if (tp->t_rtttime == 0) { 1503 tp->t_rtttime = tcp_now; 1504 tp->t_rtseq = startseq; 1505 TCP_STATINC(TCP_STAT_SEGSTIMED); 1506 } 1507 } 1508 1509 /* 1510 * Set retransmit timer if not currently set, 1511 * and not doing an ack or a keep-alive probe. 1512 * Initial value for retransmit timer is smoothed 1513 * round-trip time + 2 * round-trip time variance. 1514 * Initialize shift counter which is used for backoff 1515 * of retransmit time. 1516 */ 1517 timer: 1518 if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 && 1519 ((sack_rxmit && tp->snd_nxt != tp->snd_max) || 1520 tp->snd_nxt != tp->snd_una)) { 1521 if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) { 1522 TCP_TIMER_DISARM(tp, TCPT_PERSIST); 1523 tp->t_rxtshift = 0; 1524 } 1525 TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur); 1526 } 1527 } else 1528 if (SEQ_GT(tp->snd_nxt + len, tp->snd_max)) 1529 tp->snd_max = tp->snd_nxt + len; 1530 1531 #ifdef TCP_DEBUG 1532 /* 1533 * Trace. 1534 */ 1535 if (so->so_options & SO_DEBUG) 1536 tcp_trace(TA_OUTPUT, tp->t_state, tp, m, 0); 1537 #endif 1538 1539 /* 1540 * Fill in IP length and desired time to live and 1541 * send to IP level. There should be a better way 1542 * to handle ttl and tos; we could keep them in 1543 * the template, but need a way to checksum without them. 1544 */ 1545 m->m_pkthdr.len = hdrlen + len; 1546 1547 switch (af) { 1548 #ifdef INET 1549 case AF_INET: 1550 ip->ip_len = htons(m->m_pkthdr.len); 1551 packetlen = m->m_pkthdr.len; 1552 if (tp->t_inpcb) { 1553 ip->ip_ttl = tp->t_inpcb->inp_ip.ip_ttl; 1554 ip->ip_tos = tp->t_inpcb->inp_ip.ip_tos | ecn_tos; 1555 } 1556 #ifdef INET6 1557 else if (tp->t_in6pcb) { 1558 ip->ip_ttl = in6_selecthlim(tp->t_in6pcb, NULL); /*XXX*/ 1559 ip->ip_tos = ecn_tos; /*XXX*/ 1560 } 1561 #endif 1562 break; 1563 #endif 1564 #ifdef INET6 1565 case AF_INET6: 1566 packetlen = m->m_pkthdr.len; 1567 ip6->ip6_nxt = IPPROTO_TCP; 1568 if (tp->t_in6pcb) { 1569 /* 1570 * we separately set hoplimit for every segment, since 1571 * the user might want to change the value via 1572 * setsockopt. Also, desired default hop limit might 1573 * be changed via Neighbor Discovery. 1574 */ 1575 ip6->ip6_hlim = in6_selecthlim(tp->t_in6pcb, 1576 (rt = rtcache_validate(ro)) != NULL ? rt->rt_ifp 1577 : NULL); 1578 } 1579 ip6->ip6_flow |= htonl(ecn_tos << 20); 1580 /* ip6->ip6_flow = ??? (from template) */ 1581 /* ip6_plen will be filled in ip6_output(). */ 1582 break; 1583 #endif 1584 default: /*pacify gcc*/ 1585 packetlen = 0; 1586 break; 1587 } 1588 1589 switch (af) { 1590 #ifdef INET 1591 case AF_INET: 1592 { 1593 struct mbuf *opts; 1594 1595 if (tp->t_inpcb) 1596 opts = tp->t_inpcb->inp_options; 1597 else 1598 opts = NULL; 1599 error = ip_output(m, opts, ro, 1600 (tp->t_mtudisc ? IP_MTUDISC : 0) | 1601 (so->so_options & SO_DONTROUTE), NULL, so); 1602 break; 1603 } 1604 #endif 1605 #ifdef INET6 1606 case AF_INET6: 1607 { 1608 struct ip6_pktopts *opts; 1609 1610 if (tp->t_in6pcb) 1611 opts = tp->t_in6pcb->in6p_outputopts; 1612 else 1613 opts = NULL; 1614 error = ip6_output(m, opts, ro, so->so_options & SO_DONTROUTE, 1615 NULL, so, NULL); 1616 break; 1617 } 1618 #endif 1619 default: 1620 error = EAFNOSUPPORT; 1621 break; 1622 } 1623 if (error) { 1624 out: 1625 if (error == ENOBUFS) { 1626 TCP_STATINC(TCP_STAT_SELFQUENCH); 1627 #ifdef INET 1628 if (tp->t_inpcb) 1629 tcp_quench(tp->t_inpcb, 0); 1630 #endif 1631 #ifdef INET6 1632 if (tp->t_in6pcb) 1633 tcp6_quench(tp->t_in6pcb, 0); 1634 #endif 1635 error = 0; 1636 } else if ((error == EHOSTUNREACH || error == ENETDOWN) && 1637 TCPS_HAVERCVDSYN(tp->t_state)) { 1638 tp->t_softerror = error; 1639 error = 0; 1640 } 1641 1642 /* Back out the seqence number advance. */ 1643 if (sack_rxmit) 1644 p->rxmit -= len; 1645 1646 /* Restart the delayed ACK timer, if necessary. */ 1647 if (tp->t_flags & TF_DELACK) 1648 TCP_RESTART_DELACK(tp); 1649 1650 return (error); 1651 } 1652 1653 if (packetlen > tp->t_pmtud_mtu_sent) 1654 tp->t_pmtud_mtu_sent = packetlen; 1655 1656 tcps = TCP_STAT_GETREF(); 1657 tcps[TCP_STAT_SNDTOTAL]++; 1658 if (tp->t_flags & TF_DELACK) 1659 tcps[TCP_STAT_DELACK]++; 1660 TCP_STAT_PUTREF(); 1661 1662 /* 1663 * Data sent (as far as we can tell). 1664 * If this advertises a larger window than any other segment, 1665 * then remember the size of the advertised window. 1666 * Any pending ACK has now been sent. 1667 */ 1668 if (win > 0 && SEQ_GT(tp->rcv_nxt+win, tp->rcv_adv)) 1669 tp->rcv_adv = tp->rcv_nxt + win; 1670 tp->last_ack_sent = tp->rcv_nxt; 1671 tp->t_flags &= ~TF_ACKNOW; 1672 TCP_CLEAR_DELACK(tp); 1673 #ifdef DIAGNOSTIC 1674 if (maxburst < 0) 1675 printf("tcp_output: maxburst exceeded by %d\n", -maxburst); 1676 #endif 1677 if (sendalot && (tp->t_congctl == &tcp_reno_ctl || --maxburst)) 1678 goto again; 1679 return (0); 1680 } 1681 1682 void 1683 tcp_setpersist(struct tcpcb *tp) 1684 { 1685 int t = ((tp->t_srtt >> 2) + tp->t_rttvar) >> (1 + 2); 1686 int nticks; 1687 1688 if (TCP_TIMER_ISARMED(tp, TCPT_REXMT)) 1689 panic("tcp_output REXMT"); 1690 /* 1691 * Start/restart persistance timer. 1692 */ 1693 if (t < tp->t_rttmin) 1694 t = tp->t_rttmin; 1695 TCPT_RANGESET(nticks, t * tcp_backoff[tp->t_rxtshift], 1696 TCPTV_PERSMIN, TCPTV_PERSMAX); 1697 TCP_TIMER_ARM(tp, TCPT_PERSIST, nticks); 1698 if (tp->t_rxtshift < TCP_MAXRXTSHIFT) 1699 tp->t_rxtshift++; 1700 } 1701