1 /* $NetBSD: tcp_output.c,v 1.141 2005/12/24 20:45:09 perry Exp $ */ 2 3 /* 4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 3. Neither the name of the project nor the names of its contributors 16 * may be used to endorse or promote products derived from this software 17 * without specific prior written permission. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 /* 33 * @(#)COPYRIGHT 1.1 (NRL) 17 January 1995 34 * 35 * NRL grants permission for redistribution and use in source and binary 36 * forms, with or without modification, of the software and documentation 37 * created at NRL provided that the following conditions are met: 38 * 39 * 1. Redistributions of source code must retain the above copyright 40 * notice, this list of conditions and the following disclaimer. 41 * 2. Redistributions in binary form must reproduce the above copyright 42 * notice, this list of conditions and the following disclaimer in the 43 * documentation and/or other materials provided with the distribution. 44 * 3. All advertising materials mentioning features or use of this software 45 * must display the following acknowledgements: 46 * This product includes software developed by the University of 47 * California, Berkeley and its contributors. 48 * This product includes software developed at the Information 49 * Technology Division, US Naval Research Laboratory. 50 * 4. Neither the name of the NRL nor the names of its contributors 51 * may be used to endorse or promote products derived from this software 52 * without specific prior written permission. 53 * 54 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS 55 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 56 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A 57 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR 58 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 59 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 60 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 61 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 62 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 63 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 64 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 65 * 66 * The views and conclusions contained in the software and documentation 67 * are those of the authors and should not be interpreted as representing 68 * official policies, either expressed or implied, of the US Naval 69 * Research Laboratory (NRL). 70 */ 71 72 /*- 73 * Copyright (c) 1997, 1998, 2001, 2005 The NetBSD Foundation, Inc. 74 * All rights reserved. 75 * 76 * This code is derived from software contributed to The NetBSD Foundation 77 * by Jason R. Thorpe and Kevin M. Lahey of the Numerical Aerospace Simulation 78 * Facility, NASA Ames Research Center. 79 * This code is derived from software contributed to The NetBSD Foundation 80 * by Charles M. Hannum. 81 * 82 * Redistribution and use in source and binary forms, with or without 83 * modification, are permitted provided that the following conditions 84 * are met: 85 * 1. Redistributions of source code must retain the above copyright 86 * notice, this list of conditions and the following disclaimer. 87 * 2. Redistributions in binary form must reproduce the above copyright 88 * notice, this list of conditions and the following disclaimer in the 89 * documentation and/or other materials provided with the distribution. 90 * 3. All advertising materials mentioning features or use of this software 91 * must display the following acknowledgement: 92 * This product includes software developed by the NetBSD 93 * Foundation, Inc. and its contributors. 94 * 4. Neither the name of The NetBSD Foundation nor the names of its 95 * contributors may be used to endorse or promote products derived 96 * from this software without specific prior written permission. 97 * 98 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 99 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 100 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 101 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 102 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 103 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 104 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 105 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 106 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 107 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 108 * POSSIBILITY OF SUCH DAMAGE. 109 */ 110 111 /* 112 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1995 113 * The Regents of the University of California. All rights reserved. 114 * 115 * Redistribution and use in source and binary forms, with or without 116 * modification, are permitted provided that the following conditions 117 * are met: 118 * 1. Redistributions of source code must retain the above copyright 119 * notice, this list of conditions and the following disclaimer. 120 * 2. Redistributions in binary form must reproduce the above copyright 121 * notice, this list of conditions and the following disclaimer in the 122 * documentation and/or other materials provided with the distribution. 123 * 3. Neither the name of the University nor the names of its contributors 124 * may be used to endorse or promote products derived from this software 125 * without specific prior written permission. 126 * 127 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 128 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 129 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 130 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 131 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 132 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 133 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 134 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 135 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 136 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 137 * SUCH DAMAGE. 138 * 139 * @(#)tcp_output.c 8.4 (Berkeley) 5/24/95 140 */ 141 142 #include <sys/cdefs.h> 143 __KERNEL_RCSID(0, "$NetBSD: tcp_output.c,v 1.141 2005/12/24 20:45:09 perry Exp $"); 144 145 #include "opt_inet.h" 146 #include "opt_ipsec.h" 147 #include "opt_tcp_debug.h" 148 149 #include <sys/param.h> 150 #include <sys/systm.h> 151 #include <sys/malloc.h> 152 #include <sys/mbuf.h> 153 #include <sys/protosw.h> 154 #include <sys/socket.h> 155 #include <sys/socketvar.h> 156 #include <sys/errno.h> 157 #include <sys/domain.h> 158 #include <sys/kernel.h> 159 #ifdef TCP_SIGNATURE 160 #include <sys/md5.h> 161 #endif 162 163 #include <net/if.h> 164 #include <net/route.h> 165 166 #include <netinet/in.h> 167 #include <netinet/in_systm.h> 168 #include <netinet/ip.h> 169 #include <netinet/in_pcb.h> 170 #include <netinet/ip_var.h> 171 172 #ifdef INET6 173 #ifndef INET 174 #include <netinet/in.h> 175 #endif 176 #include <netinet/ip6.h> 177 #include <netinet6/in6_var.h> 178 #include <netinet6/ip6_var.h> 179 #include <netinet6/in6_pcb.h> 180 #include <netinet6/nd6.h> 181 #endif 182 183 #ifdef FAST_IPSEC 184 #include <netipsec/ipsec.h> 185 #include <netipsec/key.h> 186 #endif /* FAST_IPSEC*/ 187 #ifdef IPSEC 188 #include <netinet6/ipsec.h> 189 #endif 190 191 #include <netinet/tcp.h> 192 #define TCPOUTFLAGS 193 #include <netinet/tcp_fsm.h> 194 #include <netinet/tcp_seq.h> 195 #include <netinet/tcp_timer.h> 196 #include <netinet/tcp_var.h> 197 #include <netinet/tcpip.h> 198 #include <netinet/tcp_debug.h> 199 #include <netinet/in_offload.h> 200 201 #ifdef IPSEC 202 #include <netkey/key.h> 203 #endif 204 205 #ifdef notyet 206 extern struct mbuf *m_copypack(); 207 #endif 208 209 /* 210 * Knob to enable Congestion Window Monitoring, and control 211 * the burst size it allows. Default burst is 4 packets, per 212 * the Internet draft. 213 */ 214 int tcp_cwm = 0; 215 int tcp_cwm_burstsize = 4; 216 217 #ifdef TCP_OUTPUT_COUNTERS 218 #include <sys/device.h> 219 220 extern struct evcnt tcp_output_bigheader; 221 extern struct evcnt tcp_output_predict_hit; 222 extern struct evcnt tcp_output_predict_miss; 223 extern struct evcnt tcp_output_copysmall; 224 extern struct evcnt tcp_output_copybig; 225 extern struct evcnt tcp_output_refbig; 226 227 #define TCP_OUTPUT_COUNTER_INCR(ev) (ev)->ev_count++ 228 #else 229 230 #define TCP_OUTPUT_COUNTER_INCR(ev) /* nothing */ 231 232 #endif /* TCP_OUTPUT_COUNTERS */ 233 234 static 235 #ifndef GPROF 236 inline 237 #endif 238 int 239 tcp_segsize(struct tcpcb *tp, int *txsegsizep, int *rxsegsizep) 240 { 241 #ifdef INET 242 struct inpcb *inp = tp->t_inpcb; 243 #endif 244 #ifdef INET6 245 struct in6pcb *in6p = tp->t_in6pcb; 246 #endif 247 struct socket *so = NULL; 248 struct rtentry *rt; 249 struct ifnet *ifp; 250 int size; 251 int iphlen; 252 int optlen; 253 254 #ifdef DIAGNOSTIC 255 if (tp->t_inpcb && tp->t_in6pcb) 256 panic("tcp_segsize: both t_inpcb and t_in6pcb are set"); 257 #endif 258 switch (tp->t_family) { 259 #ifdef INET 260 case AF_INET: 261 iphlen = sizeof(struct ip); 262 break; 263 #endif 264 #ifdef INET6 265 case AF_INET6: 266 iphlen = sizeof(struct ip6_hdr); 267 break; 268 #endif 269 default: 270 size = tcp_mssdflt; 271 goto out; 272 } 273 274 rt = NULL; 275 #ifdef INET 276 if (inp) { 277 rt = in_pcbrtentry(inp); 278 so = inp->inp_socket; 279 } 280 #endif 281 #ifdef INET6 282 if (in6p) { 283 rt = in6_pcbrtentry(in6p); 284 so = in6p->in6p_socket; 285 } 286 #endif 287 if (rt == NULL) { 288 size = tcp_mssdflt; 289 goto out; 290 } 291 292 ifp = rt->rt_ifp; 293 294 size = tcp_mssdflt; 295 if (tp->t_mtudisc && rt->rt_rmx.rmx_mtu != 0) { 296 #ifdef INET6 297 if (in6p && rt->rt_rmx.rmx_mtu < IPV6_MMTU) { 298 /* 299 * RFC2460 section 5, last paragraph: if path MTU is 300 * smaller than 1280, use 1280 as packet size and 301 * attach fragment header. 302 */ 303 size = IPV6_MMTU - iphlen - sizeof(struct ip6_frag) - 304 sizeof(struct tcphdr); 305 } else 306 size = rt->rt_rmx.rmx_mtu - iphlen - 307 sizeof(struct tcphdr); 308 #else 309 size = rt->rt_rmx.rmx_mtu - iphlen - sizeof(struct tcphdr); 310 #endif 311 } else if (ifp->if_flags & IFF_LOOPBACK) 312 size = ifp->if_mtu - iphlen - sizeof(struct tcphdr); 313 #ifdef INET 314 else if (inp && tp->t_mtudisc) 315 size = ifp->if_mtu - iphlen - sizeof(struct tcphdr); 316 else if (inp && in_localaddr(inp->inp_faddr)) 317 size = ifp->if_mtu - iphlen - sizeof(struct tcphdr); 318 #endif 319 #ifdef INET6 320 else if (in6p) { 321 #ifdef INET 322 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr)) { 323 /* mapped addr case */ 324 struct in_addr d; 325 bcopy(&in6p->in6p_faddr.s6_addr32[3], &d, sizeof(d)); 326 if (tp->t_mtudisc || in_localaddr(d)) 327 size = ifp->if_mtu - iphlen - sizeof(struct tcphdr); 328 } else 329 #endif 330 { 331 /* 332 * for IPv6, path MTU discovery is always turned on, 333 * or the node must use packet size <= 1280. 334 */ 335 size = tp->t_mtudisc ? IN6_LINKMTU(ifp) : IPV6_MMTU; 336 size -= (iphlen + sizeof(struct tcphdr)); 337 } 338 } 339 #endif 340 out: 341 /* 342 * Now we must make room for whatever extra TCP/IP options are in 343 * the packet. 344 */ 345 optlen = tcp_optlen(tp); 346 347 /* 348 * XXX tp->t_ourmss should have the right size, but without this code 349 * fragmentation will occur... need more investigation 350 */ 351 #ifdef INET 352 if (inp) { 353 #if defined(IPSEC) || defined(FAST_IPSEC) 354 if (! IPSEC_PCB_SKIP_IPSEC(inp->inp_sp, IPSEC_DIR_OUTBOUND)) 355 optlen += ipsec4_hdrsiz_tcp(tp); 356 #endif 357 optlen += ip_optlen(inp); 358 } 359 #endif 360 #ifdef INET6 361 #ifdef INET 362 if (in6p && tp->t_family == AF_INET) { 363 #if defined(IPSEC) || defined(FAST_IPSEC) 364 if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) 365 optlen += ipsec4_hdrsiz_tcp(tp); 366 #endif 367 /* XXX size -= ip_optlen(in6p); */ 368 } else 369 #endif 370 if (in6p && tp->t_family == AF_INET6) { 371 #ifdef IPSEC 372 if (! IPSEC_PCB_SKIP_IPSEC(in6p->in6p_sp, IPSEC_DIR_OUTBOUND)) 373 optlen += ipsec6_hdrsiz_tcp(tp); 374 #endif 375 optlen += ip6_optlen(in6p); 376 } 377 #endif 378 size -= optlen; 379 380 /* there may not be any room for data if mtu is too small */ 381 if (size < 0) 382 return (EMSGSIZE); 383 384 /* 385 * *rxsegsizep holds *estimated* inbound segment size (estimation 386 * assumes that path MTU is the same for both ways). this is only 387 * for silly window avoidance, do not use the value for other purposes. 388 * 389 * ipseclen is subtracted from both sides, this may not be right. 390 * I'm not quite sure about this (could someone comment). 391 */ 392 *txsegsizep = min(tp->t_peermss - optlen, size); 393 /* 394 * Never send more than half a buffer full. This insures that we can 395 * always keep 2 packets on the wire, no matter what SO_SNDBUF is, and 396 * therefore acks will never be delayed unless we run out of data to 397 * transmit. 398 */ 399 if (so) 400 *txsegsizep = min(so->so_snd.sb_hiwat >> 1, *txsegsizep); 401 *rxsegsizep = min(tp->t_ourmss - optlen, size); 402 403 if (*txsegsizep != tp->t_segsz) { 404 /* 405 * If the new segment size is larger, we don't want to 406 * mess up the congestion window, but if it is smaller 407 * we'll have to reduce the congestion window to ensure 408 * that we don't get into trouble with initial windows 409 * and the rest. In any case, if the segment size 410 * has changed, chances are the path has, too, and 411 * our congestion window will be different. 412 */ 413 if (*txsegsizep < tp->t_segsz) { 414 tp->snd_cwnd = max((tp->snd_cwnd / tp->t_segsz) 415 * *txsegsizep, *txsegsizep); 416 tp->snd_ssthresh = max((tp->snd_ssthresh / tp->t_segsz) 417 * *txsegsizep, *txsegsizep); 418 } 419 tp->t_segsz = *txsegsizep; 420 } 421 422 return (0); 423 } 424 425 static 426 #ifndef GPROF 427 inline 428 #endif 429 int 430 tcp_build_datapkt(struct tcpcb *tp, struct socket *so, int off, 431 long len, int hdrlen, struct mbuf **mp) 432 { 433 struct mbuf *m, *m0; 434 435 if (tp->t_force && len == 1) 436 tcpstat.tcps_sndprobe++; 437 else if (SEQ_LT(tp->snd_nxt, tp->snd_max)) { 438 tcpstat.tcps_sndrexmitpack++; 439 tcpstat.tcps_sndrexmitbyte += len; 440 } else { 441 tcpstat.tcps_sndpack++; 442 tcpstat.tcps_sndbyte += len; 443 } 444 #ifdef notyet 445 if ((m = m_copypack(so->so_snd.sb_mb, off, 446 (int)len, max_linkhdr + hdrlen)) == 0) 447 return (ENOBUFS); 448 /* 449 * m_copypack left space for our hdr; use it. 450 */ 451 m->m_len += hdrlen; 452 m->m_data -= hdrlen; 453 #else 454 MGETHDR(m, M_DONTWAIT, MT_HEADER); 455 if (__predict_false(m == NULL)) 456 return (ENOBUFS); 457 MCLAIM(m, &tcp_tx_mowner); 458 459 /* 460 * XXX Because other code assumes headers will fit in 461 * XXX one header mbuf. 462 * 463 * (This code should almost *never* be run.) 464 */ 465 if (__predict_false((max_linkhdr + hdrlen) > MHLEN)) { 466 TCP_OUTPUT_COUNTER_INCR(&tcp_output_bigheader); 467 MCLGET(m, M_DONTWAIT); 468 if ((m->m_flags & M_EXT) == 0) { 469 m_freem(m); 470 return (ENOBUFS); 471 } 472 } 473 474 m->m_data += max_linkhdr; 475 m->m_len = hdrlen; 476 477 /* 478 * To avoid traversing the whole sb_mb chain for correct 479 * data to send, remember last sent mbuf, its offset and 480 * the sent size. When called the next time, see if the 481 * data to send is directly following the previous transfer. 482 * This is important for large TCP windows. 483 */ 484 if (off == 0 || tp->t_lastm == NULL || 485 (tp->t_lastoff + tp->t_lastlen) != off) { 486 TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_miss); 487 /* 488 * Either a new packet or a retransmit. 489 * Start from the beginning. 490 */ 491 tp->t_lastm = so->so_snd.sb_mb; 492 tp->t_inoff = off; 493 } else { 494 TCP_OUTPUT_COUNTER_INCR(&tcp_output_predict_hit); 495 tp->t_inoff += tp->t_lastlen; 496 } 497 498 /* Traverse forward to next packet */ 499 while (tp->t_inoff > 0) { 500 if (tp->t_lastm == NULL) 501 panic("tp->t_lastm == NULL"); 502 if (tp->t_inoff < tp->t_lastm->m_len) 503 break; 504 tp->t_inoff -= tp->t_lastm->m_len; 505 tp->t_lastm = tp->t_lastm->m_next; 506 } 507 508 tp->t_lastoff = off; 509 tp->t_lastlen = len; 510 m0 = tp->t_lastm; 511 off = tp->t_inoff; 512 513 if (len <= M_TRAILINGSPACE(m)) { 514 m_copydata(m0, off, (int) len, mtod(m, caddr_t) + hdrlen); 515 m->m_len += len; 516 TCP_OUTPUT_COUNTER_INCR(&tcp_output_copysmall); 517 } else { 518 m->m_next = m_copy(m0, off, (int) len); 519 if (m->m_next == NULL) { 520 m_freem(m); 521 return (ENOBUFS); 522 } 523 #ifdef TCP_OUTPUT_COUNTERS 524 if (m->m_next->m_flags & M_EXT) 525 TCP_OUTPUT_COUNTER_INCR(&tcp_output_refbig); 526 else 527 TCP_OUTPUT_COUNTER_INCR(&tcp_output_copybig); 528 #endif /* TCP_OUTPUT_COUNTERS */ 529 } 530 #endif 531 532 *mp = m; 533 return (0); 534 } 535 536 /* 537 * Tcp output routine: figure out what should be sent and send it. 538 */ 539 int 540 tcp_output(struct tcpcb *tp) 541 { 542 struct socket *so; 543 struct route *ro; 544 long len, win; 545 int off, flags, error; 546 struct mbuf *m; 547 struct ip *ip; 548 #ifdef INET6 549 struct ip6_hdr *ip6; 550 #endif 551 struct tcphdr *th; 552 u_char opt[MAX_TCPOPTLEN]; 553 unsigned optlen, hdrlen, packetlen; 554 unsigned int sack_numblks; 555 int idle, sendalot, txsegsize, rxsegsize; 556 int txsegsize_nosack; 557 int maxburst = TCP_MAXBURST; 558 int af; /* address family on the wire */ 559 int iphdrlen; 560 int has_tso, use_tso; 561 int sack_rxmit; 562 int sack_bytes_rxmt; 563 struct sackhole *p; 564 #ifdef TCP_SIGNATURE 565 int sigoff = 0; 566 #endif 567 568 #ifdef DIAGNOSTIC 569 if (tp->t_inpcb && tp->t_in6pcb) 570 panic("tcp_output: both t_inpcb and t_in6pcb are set"); 571 #endif 572 so = NULL; 573 ro = NULL; 574 if (tp->t_inpcb) { 575 so = tp->t_inpcb->inp_socket; 576 ro = &tp->t_inpcb->inp_route; 577 } 578 #ifdef INET6 579 else if (tp->t_in6pcb) { 580 so = tp->t_in6pcb->in6p_socket; 581 ro = (struct route *)&tp->t_in6pcb->in6p_route; 582 } 583 #endif 584 585 switch (af = tp->t_family) { 586 #ifdef INET 587 case AF_INET: 588 if (tp->t_inpcb) 589 break; 590 #ifdef INET6 591 /* mapped addr case */ 592 if (tp->t_in6pcb) 593 break; 594 #endif 595 return (EINVAL); 596 #endif 597 #ifdef INET6 598 case AF_INET6: 599 if (tp->t_in6pcb) 600 break; 601 return (EINVAL); 602 #endif 603 default: 604 return (EAFNOSUPPORT); 605 } 606 607 if (tcp_segsize(tp, &txsegsize, &rxsegsize)) 608 return (EMSGSIZE); 609 610 idle = (tp->snd_max == tp->snd_una); 611 612 /* 613 * Determine if we can use TCP segmentation offload: 614 * - If we're using IPv4 615 * - If there is not an IPsec policy that prevents it 616 * - If the interface can do it 617 */ 618 has_tso = tp->t_inpcb != NULL && 619 #if defined(IPSEC) || defined(FAST_IPSEC) 620 IPSEC_PCB_SKIP_IPSEC(tp->t_inpcb->inp_sp, 621 IPSEC_DIR_OUTBOUND) && 622 #endif 623 tp->t_inpcb->inp_route.ro_rt != NULL && 624 (tp->t_inpcb->inp_route.ro_rt->rt_ifp->if_capenable & 625 IFCAP_TSOv4) != 0; 626 627 /* 628 * Restart Window computation. From draft-floyd-incr-init-win-03: 629 * 630 * Optionally, a TCP MAY set the restart window to the 631 * minimum of the value used for the initial window and 632 * the current value of cwnd (in other words, using a 633 * larger value for the restart window should never increase 634 * the size of cwnd). 635 */ 636 if (tcp_cwm) { 637 /* 638 * Hughes/Touch/Heidemann Congestion Window Monitoring. 639 * Count the number of packets currently pending 640 * acknowledgement, and limit our congestion window 641 * to a pre-determined allowed burst size plus that count. 642 * This prevents bursting once all pending packets have 643 * been acknowledged (i.e. transmission is idle). 644 * 645 * XXX Link this to Initial Window? 646 */ 647 tp->snd_cwnd = min(tp->snd_cwnd, 648 (tcp_cwm_burstsize * txsegsize) + 649 (tp->snd_nxt - tp->snd_una)); 650 } else { 651 if (idle && (tcp_now - tp->t_rcvtime) >= tp->t_rxtcur) { 652 /* 653 * We have been idle for "a while" and no acks are 654 * expected to clock out any data we send -- 655 * slow start to get ack "clock" running again. 656 */ 657 int ss = tcp_init_win; 658 #ifdef INET 659 if (tp->t_inpcb && 660 in_localaddr(tp->t_inpcb->inp_faddr)) 661 ss = tcp_init_win_local; 662 #endif 663 #ifdef INET6 664 if (tp->t_in6pcb && 665 in6_localaddr(&tp->t_in6pcb->in6p_faddr)) 666 ss = tcp_init_win_local; 667 #endif 668 tp->snd_cwnd = min(tp->snd_cwnd, 669 TCP_INITIAL_WINDOW(ss, txsegsize)); 670 } 671 } 672 673 txsegsize_nosack = txsegsize; 674 again: 675 use_tso = has_tso; 676 TCP_REASS_LOCK(tp); 677 sack_numblks = tcp_sack_numblks(tp); 678 if (sack_numblks) { 679 if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) { 680 /* don't duplicate D-SACK. */ 681 use_tso = 0; 682 } 683 txsegsize = txsegsize_nosack - TCP_SACK_OPTLEN(sack_numblks); 684 } else { 685 txsegsize = txsegsize_nosack; 686 } 687 688 /* 689 * Determine length of data that should be transmitted, and 690 * flags that should be used. If there is some data or critical 691 * controls (SYN, RST) to send, then transmit; otherwise, 692 * investigate further. 693 * 694 * Readjust SACK information to avoid resending duplicate data. 695 */ 696 if (TCP_SACK_ENABLED(tp) && SEQ_LT(tp->snd_nxt, tp->snd_max)) 697 tcp_sack_adjust(tp); 698 sendalot = 0; 699 off = tp->snd_nxt - tp->snd_una; 700 win = min(tp->snd_wnd, tp->snd_cwnd); 701 702 flags = tcp_outflags[tp->t_state]; 703 704 /* 705 * Send any SACK-generated retransmissions. If we're explicitly trying 706 * to send out new data (when sendalot is 1), bypass this function. 707 * If we retransmit in fast recovery mode, decrement snd_cwnd, since 708 * we're replacing a (future) new transmission with a retransmission 709 * now, and we previously incremented snd_cwnd in tcp_input(). 710 */ 711 /* 712 * Still in sack recovery , reset rxmit flag to zero. 713 */ 714 sack_rxmit = 0; 715 sack_bytes_rxmt = 0; 716 len = 0; 717 p = NULL; 718 do { 719 long cwin; 720 if (!TCP_SACK_ENABLED(tp)) 721 break; 722 if (tp->t_partialacks < 0) 723 break; 724 p = tcp_sack_output(tp, &sack_bytes_rxmt); 725 if (p == NULL) 726 break; 727 728 cwin = min(tp->snd_wnd, tp->snd_cwnd) - sack_bytes_rxmt; 729 if (cwin < 0) 730 cwin = 0; 731 /* Do not retransmit SACK segments beyond snd_recover */ 732 if (SEQ_GT(p->end, tp->snd_recover)) { 733 /* 734 * (At least) part of sack hole extends beyond 735 * snd_recover. Check to see if we can rexmit data 736 * for this hole. 737 */ 738 if (SEQ_GEQ(p->rxmit, tp->snd_recover)) { 739 /* 740 * Can't rexmit any more data for this hole. 741 * That data will be rexmitted in the next 742 * sack recovery episode, when snd_recover 743 * moves past p->rxmit. 744 */ 745 p = NULL; 746 break; 747 } 748 /* Can rexmit part of the current hole */ 749 len = ((long)ulmin(cwin, tp->snd_recover - p->rxmit)); 750 } else 751 len = ((long)ulmin(cwin, p->end - p->rxmit)); 752 off = p->rxmit - tp->snd_una; 753 if (off + len > so->so_snd.sb_cc) { 754 /* 1 for TH_FIN */ 755 KASSERT(off + len == so->so_snd.sb_cc + 1); 756 KASSERT(p->rxmit + len == tp->snd_max); 757 len = so->so_snd.sb_cc - off; 758 } 759 if (len > 0) { 760 sack_rxmit = 1; 761 sendalot = 1; 762 } 763 } while (/*CONSTCOND*/0); 764 765 /* 766 * If in persist timeout with window of 0, send 1 byte. 767 * Otherwise, if window is small but nonzero 768 * and timer expired, we will send what we can 769 * and go to transmit state. 770 */ 771 if (tp->t_force) { 772 if (win == 0) { 773 /* 774 * If we still have some data to send, then 775 * clear the FIN bit. Usually this would 776 * happen below when it realizes that we 777 * aren't sending all the data. However, 778 * if we have exactly 1 byte of unset data, 779 * then it won't clear the FIN bit below, 780 * and if we are in persist state, we wind 781 * up sending the packet without recording 782 * that we sent the FIN bit. 783 * 784 * We can't just blindly clear the FIN bit, 785 * because if we don't have any more data 786 * to send then the probe will be the FIN 787 * itself. 788 */ 789 if (off < so->so_snd.sb_cc) 790 flags &= ~TH_FIN; 791 win = 1; 792 } else { 793 TCP_TIMER_DISARM(tp, TCPT_PERSIST); 794 tp->t_rxtshift = 0; 795 } 796 } 797 798 if (!TCP_SACK_ENABLED(tp)) { 799 if (win < so->so_snd.sb_cc) { 800 len = win - off; 801 flags &= ~TH_FIN; 802 } else 803 len = so->so_snd.sb_cc - off; 804 } else if (sack_rxmit == 0) { 805 if (sack_bytes_rxmt != 0) { 806 long cwin; 807 808 /* 809 * We are inside of a SACK recovery episode and are 810 * sending new data, having retransmitted all the 811 * data possible in the scoreboard. 812 */ 813 if (tp->snd_wnd < so->so_snd.sb_cc) { 814 len = tp->snd_wnd - off; 815 flags &= ~TH_FIN; 816 } else { 817 len = so->so_snd.sb_cc - off; 818 } 819 820 /* 821 * From FreeBSD: 822 * Don't remove this (len > 0) check ! 823 * We explicitly check for len > 0 here (although it 824 * isn't really necessary), to work around a gcc 825 * optimization issue - to force gcc to compute 826 * len above. Without this check, the computation 827 * of len is bungled by the optimizer. 828 */ 829 if (len > 0) { 830 cwin = tp->snd_cwnd - 831 (tp->snd_nxt - tp->sack_newdata) - 832 sack_bytes_rxmt; 833 if (cwin < 0) 834 cwin = 0; 835 if (cwin < len) { 836 len = cwin; 837 flags &= ~TH_FIN; 838 } 839 } 840 } else if (win < so->so_snd.sb_cc) { 841 len = win - off; 842 flags &= ~TH_FIN; 843 } else 844 len = so->so_snd.sb_cc - off; 845 } 846 847 if (len < 0) { 848 /* 849 * If FIN has been sent but not acked, 850 * but we haven't been called to retransmit, 851 * len will be -1. Otherwise, window shrank 852 * after we sent into it. If window shrank to 0, 853 * cancel pending retransmit, pull snd_nxt back 854 * to (closed) window, and set the persist timer 855 * if it isn't already going. If the window didn't 856 * close completely, just wait for an ACK. 857 * 858 * If we have a pending FIN, either it has already been 859 * transmitted or it is outside the window, so drop it. 860 * If the FIN has been transmitted, but this is not a 861 * retransmission, then len must be -1. Therefore we also 862 * prevent here the sending of `gratuitous FINs'. This 863 * eliminates the need to check for that case below (e.g. 864 * to back up snd_nxt before the FIN so that the sequence 865 * number is correct). 866 */ 867 len = 0; 868 flags &= ~TH_FIN; 869 if (win == 0) { 870 TCP_TIMER_DISARM(tp, TCPT_REXMT); 871 tp->t_rxtshift = 0; 872 tp->snd_nxt = tp->snd_una; 873 if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) 874 tcp_setpersist(tp); 875 } 876 } 877 if (len > txsegsize) { 878 if (use_tso) { 879 /* 880 * Truncate TSO transfers to IP_MAXPACKET, and make 881 * sure that we send equal size transfers down the 882 * stack (rather than big-small-big-small-...). 883 */ 884 len = (min(len, IP_MAXPACKET) / txsegsize) * txsegsize; 885 if (len <= txsegsize) { 886 use_tso = 0; 887 } 888 } else 889 len = txsegsize; 890 flags &= ~TH_FIN; 891 sendalot = 1; 892 } else 893 use_tso = 0; 894 if (sack_rxmit) { 895 if (SEQ_LT(p->rxmit + len, tp->snd_una + so->so_snd.sb_cc)) 896 flags &= ~TH_FIN; 897 } 898 899 win = sbspace(&so->so_rcv); 900 901 /* 902 * Sender silly window avoidance. If connection is idle 903 * and can send all data, a maximum segment, 904 * at least a maximum default-size segment do it, 905 * or are forced, do it; otherwise don't bother. 906 * If peer's buffer is tiny, then send 907 * when window is at least half open. 908 * If retransmitting (possibly after persist timer forced us 909 * to send into a small window), then must resend. 910 */ 911 if (len) { 912 if (len >= txsegsize) 913 goto send; 914 if ((so->so_state & SS_MORETOCOME) == 0 && 915 ((idle || tp->t_flags & TF_NODELAY) && 916 len + off >= so->so_snd.sb_cc)) 917 goto send; 918 if (tp->t_force) 919 goto send; 920 if (len >= tp->max_sndwnd / 2) 921 goto send; 922 if (SEQ_LT(tp->snd_nxt, tp->snd_max)) 923 goto send; 924 if (sack_rxmit) 925 goto send; 926 } 927 928 /* 929 * Compare available window to amount of window known to peer 930 * (as advertised window less next expected input). If the 931 * difference is at least twice the size of the largest segment 932 * we expect to receive (i.e. two segments) or at least 50% of 933 * the maximum possible window, then want to send a window update 934 * to peer. 935 */ 936 if (win > 0) { 937 /* 938 * "adv" is the amount we can increase the window, 939 * taking into account that we are limited by 940 * TCP_MAXWIN << tp->rcv_scale. 941 */ 942 long adv = min(win, (long)TCP_MAXWIN << tp->rcv_scale) - 943 (tp->rcv_adv - tp->rcv_nxt); 944 945 if (adv >= (long) (2 * rxsegsize)) 946 goto send; 947 if (2 * adv >= (long) so->so_rcv.sb_hiwat) 948 goto send; 949 } 950 951 /* 952 * Send if we owe peer an ACK. 953 */ 954 if (tp->t_flags & TF_ACKNOW) 955 goto send; 956 if (flags & (TH_SYN|TH_FIN|TH_RST)) 957 goto send; 958 if (SEQ_GT(tp->snd_up, tp->snd_una)) 959 goto send; 960 /* 961 * In SACK, it is possible for tcp_output to fail to send a segment 962 * after the retransmission timer has been turned off. Make sure 963 * that the retransmission timer is set. 964 */ 965 if (TCP_SACK_ENABLED(tp) && SEQ_GT(tp->snd_max, tp->snd_una) && 966 !TCP_TIMER_ISARMED(tp, TCPT_REXMT) && 967 !TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) { 968 TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur); 969 goto just_return; 970 } 971 972 /* 973 * TCP window updates are not reliable, rather a polling protocol 974 * using ``persist'' packets is used to insure receipt of window 975 * updates. The three ``states'' for the output side are: 976 * idle not doing retransmits or persists 977 * persisting to move a small or zero window 978 * (re)transmitting and thereby not persisting 979 * 980 * tp->t_timer[TCPT_PERSIST] 981 * is set when we are in persist state. 982 * tp->t_force 983 * is set when we are called to send a persist packet. 984 * tp->t_timer[TCPT_REXMT] 985 * is set when we are retransmitting 986 * The output side is idle when both timers are zero. 987 * 988 * If send window is too small, there is data to transmit, and no 989 * retransmit or persist is pending, then go to persist state. 990 * If nothing happens soon, send when timer expires: 991 * if window is nonzero, transmit what we can, 992 * otherwise force out a byte. 993 */ 994 if (so->so_snd.sb_cc && TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 && 995 TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) { 996 tp->t_rxtshift = 0; 997 tcp_setpersist(tp); 998 } 999 1000 /* 1001 * No reason to send a segment, just return. 1002 */ 1003 just_return: 1004 TCP_REASS_UNLOCK(tp); 1005 return (0); 1006 1007 send: 1008 /* 1009 * Before ESTABLISHED, force sending of initial options 1010 * unless TCP set not to do any options. 1011 * NOTE: we assume that the IP/TCP header plus TCP options 1012 * always fit in a single mbuf, leaving room for a maximum 1013 * link header, i.e. 1014 * max_linkhdr + sizeof (struct tcpiphdr) + optlen <= MCLBYTES 1015 */ 1016 optlen = 0; 1017 switch (af) { 1018 #ifdef INET 1019 case AF_INET: 1020 iphdrlen = sizeof(struct ip) + sizeof(struct tcphdr); 1021 break; 1022 #endif 1023 #ifdef INET6 1024 case AF_INET6: 1025 iphdrlen = sizeof(struct ip6_hdr) + sizeof(struct tcphdr); 1026 break; 1027 #endif 1028 default: /*pacify gcc*/ 1029 iphdrlen = 0; 1030 break; 1031 } 1032 hdrlen = iphdrlen; 1033 if (flags & TH_SYN) { 1034 struct rtentry *rt; 1035 1036 rt = NULL; 1037 #ifdef INET 1038 if (tp->t_inpcb) 1039 rt = in_pcbrtentry(tp->t_inpcb); 1040 #endif 1041 #ifdef INET6 1042 if (tp->t_in6pcb) 1043 rt = in6_pcbrtentry(tp->t_in6pcb); 1044 #endif 1045 1046 tp->snd_nxt = tp->iss; 1047 tp->t_ourmss = tcp_mss_to_advertise(rt != NULL ? 1048 rt->rt_ifp : NULL, af); 1049 if ((tp->t_flags & TF_NOOPT) == 0) { 1050 opt[0] = TCPOPT_MAXSEG; 1051 opt[1] = 4; 1052 opt[2] = (tp->t_ourmss >> 8) & 0xff; 1053 opt[3] = tp->t_ourmss & 0xff; 1054 optlen = 4; 1055 1056 if ((tp->t_flags & TF_REQ_SCALE) && 1057 ((flags & TH_ACK) == 0 || 1058 (tp->t_flags & TF_RCVD_SCALE))) { 1059 *((u_int32_t *) (opt + optlen)) = htonl( 1060 TCPOPT_NOP << 24 | 1061 TCPOPT_WINDOW << 16 | 1062 TCPOLEN_WINDOW << 8 | 1063 tp->request_r_scale); 1064 optlen += 4; 1065 } 1066 if (tcp_do_sack) { 1067 u_int8_t *cp = (u_int8_t *)(opt + optlen); 1068 1069 cp[0] = TCPOPT_SACK_PERMITTED; 1070 cp[1] = 2; 1071 cp[2] = TCPOPT_NOP; 1072 cp[3] = TCPOPT_NOP; 1073 optlen += 4; 1074 } 1075 } 1076 } 1077 1078 /* 1079 * Send a timestamp and echo-reply if this is a SYN and our side 1080 * wants to use timestamps (TF_REQ_TSTMP is set) or both our side 1081 * and our peer have sent timestamps in our SYN's. 1082 */ 1083 if ((tp->t_flags & (TF_REQ_TSTMP|TF_NOOPT)) == TF_REQ_TSTMP && 1084 (flags & TH_RST) == 0 && 1085 ((flags & (TH_SYN|TH_ACK)) == TH_SYN || 1086 (tp->t_flags & TF_RCVD_TSTMP))) { 1087 u_int32_t *lp = (u_int32_t *)(opt + optlen); 1088 1089 /* Form timestamp option as shown in appendix A of RFC 1323. */ 1090 *lp++ = htonl(TCPOPT_TSTAMP_HDR); 1091 *lp++ = htonl(TCP_TIMESTAMP(tp)); 1092 *lp = htonl(tp->ts_recent); 1093 optlen += TCPOLEN_TSTAMP_APPA; 1094 } 1095 1096 /* 1097 * Tack on the SACK block if it is necessary. 1098 */ 1099 if (sack_numblks) { 1100 int sack_len; 1101 u_char *bp = (u_char *)(opt + optlen); 1102 u_int32_t *lp = (u_int32_t *)(bp + 4); 1103 struct ipqent *tiqe; 1104 1105 sack_len = sack_numblks * 8 + 2; 1106 bp[0] = TCPOPT_NOP; 1107 bp[1] = TCPOPT_NOP; 1108 bp[2] = TCPOPT_SACK; 1109 bp[3] = sack_len; 1110 if ((tp->rcv_sack_flags & TCPSACK_HAVED) != 0) { 1111 sack_numblks--; 1112 *lp++ = htonl(tp->rcv_dsack_block.left); 1113 *lp++ = htonl(tp->rcv_dsack_block.right); 1114 tp->rcv_sack_flags &= ~TCPSACK_HAVED; 1115 } 1116 for (tiqe = TAILQ_FIRST(&tp->timeq); 1117 sack_numblks > 0; tiqe = TAILQ_NEXT(tiqe, ipqe_timeq)) { 1118 KASSERT(tiqe != NULL); 1119 sack_numblks--; 1120 *lp++ = htonl(tiqe->ipqe_seq); 1121 *lp++ = htonl(tiqe->ipqe_seq + tiqe->ipqe_len + 1122 ((tiqe->ipqe_flags & TH_FIN) != 0 ? 1 : 0)); 1123 } 1124 optlen += sack_len + 2; 1125 } 1126 TCP_REASS_UNLOCK(tp); 1127 1128 #ifdef TCP_SIGNATURE 1129 #if defined(INET6) && defined(FAST_IPSEC) 1130 if (tp->t_family == AF_INET) 1131 #endif 1132 if (tp->t_flags & TF_SIGNATURE) { 1133 u_char *bp; 1134 /* 1135 * Initialize TCP-MD5 option (RFC2385) 1136 */ 1137 bp = (u_char *)opt + optlen; 1138 *bp++ = TCPOPT_SIGNATURE; 1139 *bp++ = TCPOLEN_SIGNATURE; 1140 sigoff = optlen + 2; 1141 bzero(bp, TCP_SIGLEN); 1142 bp += TCP_SIGLEN; 1143 optlen += TCPOLEN_SIGNATURE; 1144 /* 1145 * Terminate options list and maintain 32-bit alignment. 1146 */ 1147 *bp++ = TCPOPT_NOP; 1148 *bp++ = TCPOPT_EOL; 1149 optlen += 2; 1150 } 1151 #endif /* TCP_SIGNATURE */ 1152 1153 hdrlen += optlen; 1154 1155 #ifdef DIAGNOSTIC 1156 if (!use_tso && len > txsegsize) 1157 panic("tcp data to be sent is larger than segment"); 1158 else if (use_tso && len > IP_MAXPACKET) 1159 panic("tcp data to be sent is larger than max TSO size"); 1160 if (max_linkhdr + hdrlen > MCLBYTES) 1161 panic("tcphdr too big"); 1162 #endif 1163 1164 /* 1165 * Grab a header mbuf, attaching a copy of data to 1166 * be transmitted, and initialize the header from 1167 * the template for sends on this connection. 1168 */ 1169 if (len) { 1170 error = tcp_build_datapkt(tp, so, off, len, hdrlen, &m); 1171 if (error) 1172 goto out; 1173 /* 1174 * If we're sending everything we've got, set PUSH. 1175 * (This will keep happy those implementations which only 1176 * give data to the user when a buffer fills or 1177 * a PUSH comes in.) 1178 */ 1179 if (off + len == so->so_snd.sb_cc) 1180 flags |= TH_PUSH; 1181 } else { 1182 if (tp->t_flags & TF_ACKNOW) 1183 tcpstat.tcps_sndacks++; 1184 else if (flags & (TH_SYN|TH_FIN|TH_RST)) 1185 tcpstat.tcps_sndctrl++; 1186 else if (SEQ_GT(tp->snd_up, tp->snd_una)) 1187 tcpstat.tcps_sndurg++; 1188 else 1189 tcpstat.tcps_sndwinup++; 1190 1191 MGETHDR(m, M_DONTWAIT, MT_HEADER); 1192 if (m != NULL && max_linkhdr + hdrlen > MHLEN) { 1193 MCLGET(m, M_DONTWAIT); 1194 if ((m->m_flags & M_EXT) == 0) { 1195 m_freem(m); 1196 m = NULL; 1197 } 1198 } 1199 if (m == NULL) { 1200 error = ENOBUFS; 1201 goto out; 1202 } 1203 MCLAIM(m, &tcp_tx_mowner); 1204 m->m_data += max_linkhdr; 1205 m->m_len = hdrlen; 1206 } 1207 m->m_pkthdr.rcvif = (struct ifnet *)0; 1208 switch (af) { 1209 #ifdef INET 1210 case AF_INET: 1211 ip = mtod(m, struct ip *); 1212 #ifdef INET6 1213 ip6 = NULL; 1214 #endif 1215 th = (struct tcphdr *)(ip + 1); 1216 break; 1217 #endif 1218 #ifdef INET6 1219 case AF_INET6: 1220 ip = NULL; 1221 ip6 = mtod(m, struct ip6_hdr *); 1222 th = (struct tcphdr *)(ip6 + 1); 1223 break; 1224 #endif 1225 default: /*pacify gcc*/ 1226 ip = NULL; 1227 #ifdef INET6 1228 ip6 = NULL; 1229 #endif 1230 th = NULL; 1231 break; 1232 } 1233 if (tp->t_template == 0) 1234 panic("tcp_output"); 1235 if (tp->t_template->m_len < iphdrlen) 1236 panic("tcp_output"); 1237 bcopy(mtod(tp->t_template, caddr_t), mtod(m, caddr_t), iphdrlen); 1238 1239 /* 1240 * If we are doing retransmissions, then snd_nxt will 1241 * not reflect the first unsent octet. For ACK only 1242 * packets, we do not want the sequence number of the 1243 * retransmitted packet, we want the sequence number 1244 * of the next unsent octet. So, if there is no data 1245 * (and no SYN or FIN), use snd_max instead of snd_nxt 1246 * when filling in ti_seq. But if we are in persist 1247 * state, snd_max might reflect one byte beyond the 1248 * right edge of the window, so use snd_nxt in that 1249 * case, since we know we aren't doing a retransmission. 1250 * (retransmit and persist are mutually exclusive...) 1251 */ 1252 if (TCP_SACK_ENABLED(tp) && sack_rxmit) { 1253 th->th_seq = htonl(p->rxmit); 1254 p->rxmit += len; 1255 } else { 1256 if (len || (flags & (TH_SYN|TH_FIN)) || 1257 TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) 1258 th->th_seq = htonl(tp->snd_nxt); 1259 else 1260 th->th_seq = htonl(tp->snd_max); 1261 } 1262 th->th_ack = htonl(tp->rcv_nxt); 1263 if (optlen) { 1264 bcopy((caddr_t)opt, (caddr_t)(th + 1), optlen); 1265 th->th_off = (sizeof (struct tcphdr) + optlen) >> 2; 1266 } 1267 th->th_flags = flags; 1268 /* 1269 * Calculate receive window. Don't shrink window, 1270 * but avoid silly window syndrome. 1271 */ 1272 if (win < (long)(so->so_rcv.sb_hiwat / 4) && win < (long)rxsegsize) 1273 win = 0; 1274 if (win > (long)TCP_MAXWIN << tp->rcv_scale) 1275 win = (long)TCP_MAXWIN << tp->rcv_scale; 1276 if (win < (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt)) 1277 win = (long)(int32_t)(tp->rcv_adv - tp->rcv_nxt); 1278 th->th_win = htons((u_int16_t) (win>>tp->rcv_scale)); 1279 if (SEQ_GT(tp->snd_up, tp->snd_nxt)) { 1280 u_int32_t urp = tp->snd_up - tp->snd_nxt; 1281 if (urp > IP_MAXPACKET) 1282 urp = IP_MAXPACKET; 1283 th->th_urp = htons((u_int16_t)urp); 1284 th->th_flags |= TH_URG; 1285 } else 1286 /* 1287 * If no urgent pointer to send, then we pull 1288 * the urgent pointer to the left edge of the send window 1289 * so that it doesn't drift into the send window on sequence 1290 * number wraparound. 1291 */ 1292 tp->snd_up = tp->snd_una; /* drag it along */ 1293 1294 #ifdef TCP_SIGNATURE 1295 #if defined(INET6) && defined(FAST_IPSEC) 1296 if (tp->t_family == AF_INET) /* XXX */ 1297 #endif 1298 if (sigoff && (tp->t_flags & TF_SIGNATURE)) { 1299 struct secasvar *sav; 1300 u_int8_t *sigp; 1301 1302 sav = tcp_signature_getsav(m, th); 1303 1304 if (sav == NULL) { 1305 if (m) 1306 m_freem(m); 1307 return (EPERM); 1308 } 1309 1310 m->m_pkthdr.len = hdrlen + len; 1311 sigp = (caddr_t)th + sizeof(*th) + sigoff; 1312 tcp_signature(m, th, (caddr_t)th - mtod(m, caddr_t), sav, sigp); 1313 1314 key_sa_recordxfer(sav, m); 1315 #ifdef FAST_IPSEC 1316 KEY_FREESAV(&sav); 1317 #else 1318 key_freesav(sav); 1319 #endif 1320 } 1321 #endif 1322 1323 /* 1324 * Set ourselves up to be checksummed just before the packet 1325 * hits the wire. 1326 */ 1327 switch (af) { 1328 #ifdef INET 1329 case AF_INET: 1330 m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum); 1331 if (use_tso) { 1332 m->m_pkthdr.segsz = txsegsize; 1333 m->m_pkthdr.csum_flags = M_CSUM_TSOv4; 1334 } else { 1335 m->m_pkthdr.csum_flags = M_CSUM_TCPv4; 1336 if (len + optlen) { 1337 /* Fixup the pseudo-header checksum. */ 1338 /* XXXJRT Not IP Jumbogram safe. */ 1339 th->th_sum = in_cksum_addword(th->th_sum, 1340 htons((u_int16_t) (len + optlen))); 1341 } 1342 } 1343 break; 1344 #endif 1345 #ifdef INET6 1346 case AF_INET6: 1347 m->m_pkthdr.csum_data = offsetof(struct tcphdr, th_sum); 1348 m->m_pkthdr.csum_flags = M_CSUM_TCPv6; 1349 if (len + optlen) { 1350 /* Fixup the pseudo-header checksum. */ 1351 /* XXXJRT: Not IPv6 Jumbogram safe. */ 1352 th->th_sum = in_cksum_addword(th->th_sum, 1353 htons((u_int16_t) (len + optlen))); 1354 } 1355 break; 1356 #endif 1357 } 1358 1359 /* 1360 * In transmit state, time the transmission and arrange for 1361 * the retransmit. In persist state, just set snd_max. 1362 */ 1363 if (tp->t_force == 0 || TCP_TIMER_ISARMED(tp, TCPT_PERSIST) == 0) { 1364 tcp_seq startseq = tp->snd_nxt; 1365 1366 /* 1367 * Advance snd_nxt over sequence space of this segment. 1368 * There are no states in which we send both a SYN and a FIN, 1369 * so we collapse the tests for these flags. 1370 */ 1371 if (flags & (TH_SYN|TH_FIN)) 1372 tp->snd_nxt++; 1373 if (sack_rxmit) 1374 goto timer; 1375 tp->snd_nxt += len; 1376 if (SEQ_GT(tp->snd_nxt, tp->snd_max)) { 1377 tp->snd_max = tp->snd_nxt; 1378 /* 1379 * Time this transmission if not a retransmission and 1380 * not currently timing anything. 1381 */ 1382 if (tp->t_rtttime == 0) { 1383 tp->t_rtttime = tcp_now; 1384 tp->t_rtseq = startseq; 1385 tcpstat.tcps_segstimed++; 1386 } 1387 } 1388 1389 /* 1390 * Set retransmit timer if not currently set, 1391 * and not doing an ack or a keep-alive probe. 1392 * Initial value for retransmit timer is smoothed 1393 * round-trip time + 2 * round-trip time variance. 1394 * Initialize shift counter which is used for backoff 1395 * of retransmit time. 1396 */ 1397 timer: 1398 if (TCP_TIMER_ISARMED(tp, TCPT_REXMT) == 0 && 1399 ((sack_rxmit && tp->snd_nxt != tp->snd_max) || 1400 tp->snd_nxt != tp->snd_una)) { 1401 if (TCP_TIMER_ISARMED(tp, TCPT_PERSIST)) { 1402 TCP_TIMER_DISARM(tp, TCPT_PERSIST); 1403 tp->t_rxtshift = 0; 1404 } 1405 TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur); 1406 } 1407 } else 1408 if (SEQ_GT(tp->snd_nxt + len, tp->snd_max)) 1409 tp->snd_max = tp->snd_nxt + len; 1410 1411 #ifdef TCP_DEBUG 1412 /* 1413 * Trace. 1414 */ 1415 if (so->so_options & SO_DEBUG) 1416 tcp_trace(TA_OUTPUT, tp->t_state, tp, m, 0); 1417 #endif 1418 1419 /* 1420 * Fill in IP length and desired time to live and 1421 * send to IP level. There should be a better way 1422 * to handle ttl and tos; we could keep them in 1423 * the template, but need a way to checksum without them. 1424 */ 1425 m->m_pkthdr.len = hdrlen + len; 1426 1427 switch (af) { 1428 #ifdef INET 1429 case AF_INET: 1430 ip->ip_len = htons(m->m_pkthdr.len); 1431 packetlen = m->m_pkthdr.len; 1432 if (tp->t_inpcb) { 1433 ip->ip_ttl = tp->t_inpcb->inp_ip.ip_ttl; 1434 ip->ip_tos = tp->t_inpcb->inp_ip.ip_tos; 1435 } 1436 #ifdef INET6 1437 else if (tp->t_in6pcb) { 1438 ip->ip_ttl = in6_selecthlim(tp->t_in6pcb, NULL); /*XXX*/ 1439 ip->ip_tos = 0; /*XXX*/ 1440 } 1441 #endif 1442 break; 1443 #endif 1444 #ifdef INET6 1445 case AF_INET6: 1446 packetlen = m->m_pkthdr.len; 1447 ip6->ip6_nxt = IPPROTO_TCP; 1448 if (tp->t_in6pcb) { 1449 /* 1450 * we separately set hoplimit for every segment, since 1451 * the user might want to change the value via 1452 * setsockopt. Also, desired default hop limit might 1453 * be changed via Neighbor Discovery. 1454 */ 1455 ip6->ip6_hlim = in6_selecthlim(tp->t_in6pcb, 1456 ro->ro_rt ? ro->ro_rt->rt_ifp : NULL); 1457 } 1458 /* ip6->ip6_flow = ??? */ 1459 /* ip6_plen will be filled in ip6_output(). */ 1460 break; 1461 #endif 1462 default: /*pacify gcc*/ 1463 packetlen = 0; 1464 break; 1465 } 1466 1467 switch (af) { 1468 #ifdef INET 1469 case AF_INET: 1470 { 1471 struct mbuf *opts; 1472 1473 if (tp->t_inpcb) 1474 opts = tp->t_inpcb->inp_options; 1475 else 1476 opts = NULL; 1477 error = ip_output(m, opts, ro, 1478 (tp->t_mtudisc ? IP_MTUDISC : 0) | 1479 (so->so_options & SO_DONTROUTE), 1480 (struct ip_moptions *)0, so); 1481 break; 1482 } 1483 #endif 1484 #ifdef INET6 1485 case AF_INET6: 1486 { 1487 struct ip6_pktopts *opts; 1488 1489 if (tp->t_in6pcb) 1490 opts = tp->t_in6pcb->in6p_outputopts; 1491 else 1492 opts = NULL; 1493 error = ip6_output(m, opts, (struct route_in6 *)ro, 1494 so->so_options & SO_DONTROUTE, 1495 (struct ip6_moptions *)0, so, NULL); 1496 break; 1497 } 1498 #endif 1499 default: 1500 error = EAFNOSUPPORT; 1501 break; 1502 } 1503 if (error) { 1504 out: 1505 if (error == ENOBUFS) { 1506 tcpstat.tcps_selfquench++; 1507 #ifdef INET 1508 if (tp->t_inpcb) 1509 tcp_quench(tp->t_inpcb, 0); 1510 #endif 1511 #ifdef INET6 1512 if (tp->t_in6pcb) 1513 tcp6_quench(tp->t_in6pcb, 0); 1514 #endif 1515 error = 0; 1516 } else if ((error == EHOSTUNREACH || error == ENETDOWN) && 1517 TCPS_HAVERCVDSYN(tp->t_state)) { 1518 tp->t_softerror = error; 1519 error = 0; 1520 } 1521 1522 /* Back out the seqence number advance. */ 1523 if (sack_rxmit) 1524 p->rxmit -= len; 1525 1526 /* Restart the delayed ACK timer, if necessary. */ 1527 if (tp->t_flags & TF_DELACK) 1528 TCP_RESTART_DELACK(tp); 1529 1530 return (error); 1531 } 1532 1533 if (packetlen > tp->t_pmtud_mtu_sent) 1534 tp->t_pmtud_mtu_sent = packetlen; 1535 1536 tcpstat.tcps_sndtotal++; 1537 if (tp->t_flags & TF_DELACK) 1538 tcpstat.tcps_delack++; 1539 1540 /* 1541 * Data sent (as far as we can tell). 1542 * If this advertises a larger window than any other segment, 1543 * then remember the size of the advertised window. 1544 * Any pending ACK has now been sent. 1545 */ 1546 if (win > 0 && SEQ_GT(tp->rcv_nxt+win, tp->rcv_adv)) 1547 tp->rcv_adv = tp->rcv_nxt + win; 1548 tp->last_ack_sent = tp->rcv_nxt; 1549 tp->t_flags &= ~TF_ACKNOW; 1550 TCP_CLEAR_DELACK(tp); 1551 #ifdef DIAGNOSTIC 1552 if (maxburst < 0) 1553 printf("tcp_output: maxburst exceeded by %d\n", -maxburst); 1554 #endif 1555 if (sendalot && (!tcp_do_newreno || --maxburst)) 1556 goto again; 1557 return (0); 1558 } 1559 1560 void 1561 tcp_setpersist(struct tcpcb *tp) 1562 { 1563 int t = ((tp->t_srtt >> 2) + tp->t_rttvar) >> (1 + 2); 1564 int nticks; 1565 1566 if (TCP_TIMER_ISARMED(tp, TCPT_REXMT)) 1567 panic("tcp_output REXMT"); 1568 /* 1569 * Start/restart persistance timer. 1570 */ 1571 if (t < tp->t_rttmin) 1572 t = tp->t_rttmin; 1573 TCPT_RANGESET(nticks, t * tcp_backoff[tp->t_rxtshift], 1574 TCPTV_PERSMIN, TCPTV_PERSMAX); 1575 TCP_TIMER_ARM(tp, TCPT_PERSIST, nticks); 1576 if (tp->t_rxtshift < TCP_MAXRXTSHIFT) 1577 tp->t_rxtshift++; 1578 } 1579 1580 #if defined(INET) 1581 /* 1582 * tcp4_segment: handle M_CSUM_TSOv4 by software. 1583 * 1584 * => always consume m. 1585 * => call output_func with output_arg for each segments. 1586 */ 1587 1588 int 1589 tcp4_segment(struct mbuf *m, int (*output_func)(void *, struct mbuf *), 1590 void *output_arg) 1591 { 1592 int mss; 1593 int iphlen; 1594 int thlen; 1595 int hlen; 1596 int len; 1597 struct ip *iph; 1598 struct tcphdr *th; 1599 uint16_t ipid; 1600 uint32_t tcpseq; 1601 struct mbuf *hdr = NULL; 1602 struct mbuf *t; 1603 int error = 0; 1604 1605 KASSERT((m->m_flags & M_PKTHDR) != 0); 1606 KASSERT((m->m_pkthdr.csum_flags & M_CSUM_TSOv4) != 0); 1607 1608 m->m_pkthdr.csum_flags = 0; 1609 1610 len = m->m_pkthdr.len; 1611 KASSERT(len >= sizeof(*iph) + sizeof(*th)); 1612 1613 if (m->m_len < sizeof(*iph)) { 1614 m = m_pullup(m, sizeof(*iph)); 1615 if (m == NULL) { 1616 error = ENOMEM; 1617 goto quit; 1618 } 1619 } 1620 iph = mtod(m, struct ip *); 1621 iphlen = iph->ip_hl * 4; 1622 KASSERT(iph->ip_v == IPVERSION); 1623 KASSERT(iphlen >= sizeof(*iph)); 1624 KASSERT(iph->ip_p == IPPROTO_TCP); 1625 ipid = ntohs(iph->ip_id); 1626 1627 hlen = iphlen + sizeof(*th); 1628 if (m->m_len < hlen) { 1629 m = m_pullup(m, hlen); 1630 if (m == NULL) { 1631 error = ENOMEM; 1632 goto quit; 1633 } 1634 } 1635 th = (void *)(mtod(m, char *) + iphlen); 1636 tcpseq = ntohl(th->th_seq); 1637 thlen = th->th_off * 4; 1638 hlen = iphlen + thlen; 1639 1640 mss = m->m_pkthdr.segsz; 1641 KASSERT(mss != 0); 1642 KASSERT(len > hlen); 1643 1644 t = m_split(m, hlen, M_NOWAIT); 1645 if (t == NULL) { 1646 error = ENOMEM; 1647 goto quit; 1648 } 1649 hdr = m; 1650 m = t; 1651 len -= hlen; 1652 KASSERT(len % mss == 0); 1653 while (len > 0) { 1654 struct mbuf *n; 1655 1656 n = m_dup(hdr, 0, hlen, M_NOWAIT); 1657 if (n == NULL) { 1658 error = ENOMEM; 1659 goto quit; 1660 } 1661 KASSERT(n->m_len == hlen); /* XXX */ 1662 1663 t = m_split(m, mss, M_NOWAIT); 1664 if (t == NULL) { 1665 m_freem(n); 1666 error = ENOMEM; 1667 goto quit; 1668 } 1669 m_cat(n, m); 1670 m = t; 1671 1672 KASSERT(n->m_len >= hlen); /* XXX */ 1673 1674 n->m_pkthdr.len = hlen + mss; 1675 iph = mtod(n, struct ip *); 1676 KASSERT(iph->ip_v == IPVERSION); 1677 iph->ip_len = htons(n->m_pkthdr.len); 1678 iph->ip_id = htons(ipid); 1679 th = (void *)(mtod(n, char *) + iphlen); 1680 th->th_seq = htonl(tcpseq); 1681 iph->ip_sum = 0; 1682 iph->ip_sum = in_cksum(n, iphlen); 1683 th->th_sum = 0; 1684 th->th_sum = in4_cksum(n, IPPROTO_TCP, iphlen, thlen + mss); 1685 1686 error = (*output_func)(output_arg, n); 1687 if (error) { 1688 goto quit; 1689 } 1690 1691 tcpseq += mss; 1692 ipid++; 1693 len -= mss; 1694 } 1695 1696 quit: 1697 if (hdr != NULL) { 1698 m_freem(hdr); 1699 } 1700 if (m != NULL) { 1701 m_freem(m); 1702 } 1703 1704 return error; 1705 } 1706 #endif /* defined(INET) */ 1707