]> git.ipfire.org Git - thirdparty/linux.git/blob - net/mptcp/protocol.c
projects / thirdparty / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
gpu: host1x: Use SMMU on Tegra124 and Tegra210
[thirdparty/linux.git] / net / mptcp / protocol.c
1 // SPDX-License-Identifier: GPL-2.0
2 /* Multipath TCP
3 *
4 * Copyright (c) 2017 - 2019, Intel Corporation.
5 */
6
7 #define pr_fmt(fmt) "MPTCP: " fmt
8
9 #include <linux/kernel.h>
10 #include <linux/module.h>
11 #include <linux/netdevice.h>
12 #include <linux/sched/signal.h>
13 #include <linux/atomic.h>
14 #include <net/sock.h>
15 #include <net/inet_common.h>
16 #include <net/inet_hashtables.h>
17 #include <net/protocol.h>
18 #include <net/tcp.h>
19 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
20 #include <net/transp_v6.h>
21 #endif
22 #include <net/mptcp.h>
23 #include "protocol.h"
24 #include "mib.h"
25
26 #define MPTCP_SAME_STATE TCP_MAX_STATES
27
28 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
29 struct mptcp6_sock {
30 struct mptcp_sock msk;
31 struct ipv6_pinfo np;
32 };
33 #endif
34
35 struct mptcp_skb_cb {
36 u32 offset;
37 };
38
39 #define MPTCP_SKB_CB(__skb) ((struct mptcp_skb_cb *)&((__skb)->cb[0]))
40
41 static struct percpu_counter mptcp_sockets_allocated;
42
43 /* If msk has an initial subflow socket, and the MP_CAPABLE handshake has not
44 * completed yet or has failed, return the subflow socket.
45 * Otherwise return NULL.
46 */
47 static struct socket *__mptcp_nmpc_socket(const struct mptcp_sock *msk)
48 {
49 if (!msk->subflow || READ_ONCE(msk->can_ack))
50 return NULL;
51
52 return msk->subflow;
53 }
54
55 static bool __mptcp_needs_tcp_fallback(const struct mptcp_sock *msk)
56 {
57 return msk->first && !sk_is_mptcp(msk->first);
58 }
59
60 static struct socket *mptcp_is_tcpsk(struct sock *sk)
61 {
62 struct socket *sock = sk->sk_socket;
63
64 if (sock->sk != sk)
65 return NULL;
66
67 if (unlikely(sk->sk_prot == &tcp_prot)) {
68 /* we are being invoked after mptcp_accept() has
69 * accepted a non-mp-capable flow: sk is a tcp_sk,
70 * not an mptcp one.
71 *
72 * Hand the socket over to tcp so all further socket ops
73 * bypass mptcp.
74 */
75 sock->ops = &inet_stream_ops;
76 return sock;
77 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
78 } else if (unlikely(sk->sk_prot == &tcpv6_prot)) {
79 sock->ops = &inet6_stream_ops;
80 return sock;
81 #endif
82 }
83
84 return NULL;
85 }
86
87 static struct socket *__mptcp_tcp_fallback(struct mptcp_sock *msk)
88 {
89 struct socket *sock;
90
91 sock_owned_by_me((const struct sock *)msk);
92
93 sock = mptcp_is_tcpsk((struct sock *)msk);
94 if (unlikely(sock))
95 return sock;
96
97 if (likely(!__mptcp_needs_tcp_fallback(msk)))
98 return NULL;
99
100 if (msk->subflow) {
101 release_sock((struct sock *)msk);
102 return msk->subflow;
103 }
104
105 return NULL;
106 }
107
108 static bool __mptcp_can_create_subflow(const struct mptcp_sock *msk)
109 {
110 return !msk->first;
111 }
112
113 static struct socket *__mptcp_socket_create(struct mptcp_sock *msk, int state)
114 {
115 struct mptcp_subflow_context *subflow;
116 struct sock *sk = (struct sock *)msk;
117 struct socket *ssock;
118 int err;
119
120 ssock = __mptcp_tcp_fallback(msk);
121 if (unlikely(ssock))
122 return ssock;
123
124 ssock = __mptcp_nmpc_socket(msk);
125 if (ssock)
126 goto set_state;
127
128 if (!__mptcp_can_create_subflow(msk))
129 return ERR_PTR(-EINVAL);
130
131 err = mptcp_subflow_create_socket(sk, &ssock);
132 if (err)
133 return ERR_PTR(err);
134
135 msk->first = ssock->sk;
136 msk->subflow = ssock;
137 subflow = mptcp_subflow_ctx(ssock->sk);
138 list_add(&subflow->node, &msk->conn_list);
139 subflow->request_mptcp = 1;
140
141 set_state:
142 if (state != MPTCP_SAME_STATE)
143 inet_sk_state_store(sk, state);
144 return ssock;
145 }
146
147 static void __mptcp_move_skb(struct mptcp_sock *msk, struct sock *ssk,
148 struct sk_buff *skb,
149 unsigned int offset, size_t copy_len)
150 {
151 struct sock *sk = (struct sock *)msk;
152
153 __skb_unlink(skb, &ssk->sk_receive_queue);
154 skb_set_owner_r(skb, sk);
155 __skb_queue_tail(&sk->sk_receive_queue, skb);
156
157 msk->ack_seq += copy_len;
158 MPTCP_SKB_CB(skb)->offset = offset;
159 }
160
161 /* both sockets must be locked */
162 static bool mptcp_subflow_dsn_valid(const struct mptcp_sock *msk,
163 struct sock *ssk)
164 {
165 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
166 u64 dsn = mptcp_subflow_get_mapped_dsn(subflow);
167
168 /* revalidate data sequence number.
169 *
170 * mptcp_subflow_data_available() is usually called
171 * without msk lock. Its unlikely (but possible)
172 * that msk->ack_seq has been advanced since the last
173 * call found in-sequence data.
174 */
175 if (likely(dsn == msk->ack_seq))
176 return true;
177
178 subflow->data_avail = 0;
179 return mptcp_subflow_data_available(ssk);
180 }
181
182 static bool __mptcp_move_skbs_from_subflow(struct mptcp_sock *msk,
183 struct sock *ssk,
184 unsigned int *bytes)
185 {
186 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(ssk);
187 struct sock *sk = (struct sock *)msk;
188 unsigned int moved = 0;
189 bool more_data_avail;
190 struct tcp_sock *tp;
191 bool done = false;
192
193 if (!mptcp_subflow_dsn_valid(msk, ssk)) {
194 *bytes = 0;
195 return false;
196 }
197
198 if (!(sk->sk_userlocks & SOCK_RCVBUF_LOCK)) {
199 int rcvbuf = max(ssk->sk_rcvbuf, sk->sk_rcvbuf);
200
201 if (rcvbuf > sk->sk_rcvbuf)
202 sk->sk_rcvbuf = rcvbuf;
203 }
204
205 tp = tcp_sk(ssk);
206 do {
207 u32 map_remaining, offset;
208 u32 seq = tp->copied_seq;
209 struct sk_buff *skb;
210 bool fin;
211
212 /* try to move as much data as available */
213 map_remaining = subflow->map_data_len -
214 mptcp_subflow_get_map_offset(subflow);
215
216 skb = skb_peek(&ssk->sk_receive_queue);
217 if (!skb)
218 break;
219
220 offset = seq - TCP_SKB_CB(skb)->seq;
221 fin = TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN;
222 if (fin) {
223 done = true;
224 seq++;
225 }
226
227 if (offset < skb->len) {
228 size_t len = skb->len - offset;
229
230 if (tp->urg_data)
231 done = true;
232
233 __mptcp_move_skb(msk, ssk, skb, offset, len);
234 seq += len;
235 moved += len;
236
237 if (WARN_ON_ONCE(map_remaining < len))
238 break;
239 } else {
240 WARN_ON_ONCE(!fin);
241 sk_eat_skb(ssk, skb);
242 done = true;
243 }
244
245 WRITE_ONCE(tp->copied_seq, seq);
246 more_data_avail = mptcp_subflow_data_available(ssk);
247
248 if (atomic_read(&sk->sk_rmem_alloc) > READ_ONCE(sk->sk_rcvbuf)) {
249 done = true;
250 break;
251 }
252 } while (more_data_avail);
253
254 *bytes = moved;
255
256 return done;
257 }
258
259 /* In most cases we will be able to lock the mptcp socket. If its already
260 * owned, we need to defer to the work queue to avoid ABBA deadlock.
261 */
262 static bool move_skbs_to_msk(struct mptcp_sock *msk, struct sock *ssk)
263 {
264 struct sock *sk = (struct sock *)msk;
265 unsigned int moved = 0;
266
267 if (READ_ONCE(sk->sk_lock.owned))
268 return false;
269
270 if (unlikely(!spin_trylock_bh(&sk->sk_lock.slock)))
271 return false;
272
273 /* must re-check after taking the lock */
274 if (!READ_ONCE(sk->sk_lock.owned))
275 __mptcp_move_skbs_from_subflow(msk, ssk, &moved);
276
277 spin_unlock_bh(&sk->sk_lock.slock);
278
279 return moved > 0;
280 }
281
282 void mptcp_data_ready(struct sock *sk, struct sock *ssk)
283 {
284 struct mptcp_sock *msk = mptcp_sk(sk);
285
286 set_bit(MPTCP_DATA_READY, &msk->flags);
287
288 if (atomic_read(&sk->sk_rmem_alloc) < READ_ONCE(sk->sk_rcvbuf) &&
289 move_skbs_to_msk(msk, ssk))
290 goto wake;
291
292 /* don't schedule if mptcp sk is (still) over limit */
293 if (atomic_read(&sk->sk_rmem_alloc) > READ_ONCE(sk->sk_rcvbuf))
294 goto wake;
295
296 /* mptcp socket is owned, release_cb should retry */
297 if (!test_and_set_bit(TCP_DELACK_TIMER_DEFERRED,
298 &sk->sk_tsq_flags)) {
299 sock_hold(sk);
300
301 /* need to try again, its possible release_cb() has already
302 * been called after the test_and_set_bit() above.
303 */
304 move_skbs_to_msk(msk, ssk);
305 }
306 wake:
307 sk->sk_data_ready(sk);
308 }
309
310 static void __mptcp_flush_join_list(struct mptcp_sock *msk)
311 {
312 if (likely(list_empty(&msk->join_list)))
313 return;
314
315 spin_lock_bh(&msk->join_list_lock);
316 list_splice_tail_init(&msk->join_list, &msk->conn_list);
317 spin_unlock_bh(&msk->join_list_lock);
318 }
319
320 static void mptcp_set_timeout(const struct sock *sk, const struct sock *ssk)
321 {
322 long tout = ssk && inet_csk(ssk)->icsk_pending ?
323 inet_csk(ssk)->icsk_timeout - jiffies : 0;
324
325 if (tout <= 0)
326 tout = mptcp_sk(sk)->timer_ival;
327 mptcp_sk(sk)->timer_ival = tout > 0 ? tout : TCP_RTO_MIN;
328 }
329
330 static bool mptcp_timer_pending(struct sock *sk)
331 {
332 return timer_pending(&inet_csk(sk)->icsk_retransmit_timer);
333 }
334
335 static void mptcp_reset_timer(struct sock *sk)
336 {
337 struct inet_connection_sock *icsk = inet_csk(sk);
338 unsigned long tout;
339
340 /* should never be called with mptcp level timer cleared */
341 tout = READ_ONCE(mptcp_sk(sk)->timer_ival);
342 if (WARN_ON_ONCE(!tout))
343 tout = TCP_RTO_MIN;
344 sk_reset_timer(sk, &icsk->icsk_retransmit_timer, jiffies + tout);
345 }
346
347 void mptcp_data_acked(struct sock *sk)
348 {
349 mptcp_reset_timer(sk);
350
351 if (!sk_stream_is_writeable(sk) &&
352 schedule_work(&mptcp_sk(sk)->work))
353 sock_hold(sk);
354 }
355
356 void mptcp_subflow_eof(struct sock *sk)
357 {
358 struct mptcp_sock *msk = mptcp_sk(sk);
359
360 if (!test_and_set_bit(MPTCP_WORK_EOF, &msk->flags) &&
361 schedule_work(&msk->work))
362 sock_hold(sk);
363 }
364
365 static void mptcp_stop_timer(struct sock *sk)
366 {
367 struct inet_connection_sock *icsk = inet_csk(sk);
368
369 sk_stop_timer(sk, &icsk->icsk_retransmit_timer);
370 mptcp_sk(sk)->timer_ival = 0;
371 }
372
373 static bool mptcp_ext_cache_refill(struct mptcp_sock *msk)
374 {
375 if (!msk->cached_ext)
376 msk->cached_ext = __skb_ext_alloc();
377
378 return !!msk->cached_ext;
379 }
380
381 static struct sock *mptcp_subflow_recv_lookup(const struct mptcp_sock *msk)
382 {
383 struct mptcp_subflow_context *subflow;
384 struct sock *sk = (struct sock *)msk;
385
386 sock_owned_by_me(sk);
387
388 mptcp_for_each_subflow(msk, subflow) {
389 if (subflow->data_avail)
390 return mptcp_subflow_tcp_sock(subflow);
391 }
392
393 return NULL;
394 }
395
396 static bool mptcp_skb_can_collapse_to(u64 write_seq,
397 const struct sk_buff *skb,
398 const struct mptcp_ext *mpext)
399 {
400 if (!tcp_skb_can_collapse_to(skb))
401 return false;
402
403 /* can collapse only if MPTCP level sequence is in order */
404 return mpext && mpext->data_seq + mpext->data_len == write_seq;
405 }
406
407 static bool mptcp_frag_can_collapse_to(const struct mptcp_sock *msk,
408 const struct page_frag *pfrag,
409 const struct mptcp_data_frag *df)
410 {
411 return df && pfrag->page == df->page &&
412 df->data_seq + df->data_len == msk->write_seq;
413 }
414
415 static void dfrag_uncharge(struct sock *sk, int len)
416 {
417 sk_mem_uncharge(sk, len);
418 sk_wmem_queued_add(sk, -len);
419 }
420
421 static void dfrag_clear(struct sock *sk, struct mptcp_data_frag *dfrag)
422 {
423 int len = dfrag->data_len + dfrag->overhead;
424
425 list_del(&dfrag->list);
426 dfrag_uncharge(sk, len);
427 put_page(dfrag->page);
428 }
429
430 static void mptcp_clean_una(struct sock *sk)
431 {
432 struct mptcp_sock *msk = mptcp_sk(sk);
433 struct mptcp_data_frag *dtmp, *dfrag;
434 u64 snd_una = atomic64_read(&msk->snd_una);
435 bool cleaned = false;
436
437 list_for_each_entry_safe(dfrag, dtmp, &msk->rtx_queue, list) {
438 if (after64(dfrag->data_seq + dfrag->data_len, snd_una))
439 break;
440
441 dfrag_clear(sk, dfrag);
442 cleaned = true;
443 }
444
445 dfrag = mptcp_rtx_head(sk);
446 if (dfrag && after64(snd_una, dfrag->data_seq)) {
447 u64 delta = dfrag->data_seq + dfrag->data_len - snd_una;
448
449 dfrag->data_seq += delta;
450 dfrag->data_len -= delta;
451
452 dfrag_uncharge(sk, delta);
453 cleaned = true;
454 }
455
456 if (cleaned) {
457 sk_mem_reclaim_partial(sk);
458
459 /* Only wake up writers if a subflow is ready */
460 if (test_bit(MPTCP_SEND_SPACE, &msk->flags))
461 sk_stream_write_space(sk);
462 }
463 }
464
465 /* ensure we get enough memory for the frag hdr, beyond some minimal amount of
466 * data
467 */
468 static bool mptcp_page_frag_refill(struct sock *sk, struct page_frag *pfrag)
469 {
470 if (likely(skb_page_frag_refill(32U + sizeof(struct mptcp_data_frag),
471 pfrag, sk->sk_allocation)))
472 return true;
473
474 sk->sk_prot->enter_memory_pressure(sk);
475 sk_stream_moderate_sndbuf(sk);
476 return false;
477 }
478
479 static struct mptcp_data_frag *
480 mptcp_carve_data_frag(const struct mptcp_sock *msk, struct page_frag *pfrag,
481 int orig_offset)
482 {
483 int offset = ALIGN(orig_offset, sizeof(long));
484 struct mptcp_data_frag *dfrag;
485
486 dfrag = (struct mptcp_data_frag *)(page_to_virt(pfrag->page) + offset);
487 dfrag->data_len = 0;
488 dfrag->data_seq = msk->write_seq;
489 dfrag->overhead = offset - orig_offset + sizeof(struct mptcp_data_frag);
490 dfrag->offset = offset + sizeof(struct mptcp_data_frag);
491 dfrag->page = pfrag->page;
492
493 return dfrag;
494 }
495
496 static int mptcp_sendmsg_frag(struct sock *sk, struct sock *ssk,
497 struct msghdr *msg, struct mptcp_data_frag *dfrag,
498 long *timeo, int *pmss_now,
499 int *ps_goal)
500 {
501 int mss_now, avail_size, size_goal, offset, ret, frag_truesize = 0;
502 bool dfrag_collapsed, can_collapse = false;
503 struct mptcp_sock *msk = mptcp_sk(sk);
504 struct mptcp_ext *mpext = NULL;
505 bool retransmission = !!dfrag;
506 struct sk_buff *skb, *tail;
507 struct page_frag *pfrag;
508 struct page *page;
509 u64 *write_seq;
510 size_t psize;
511
512 /* use the mptcp page cache so that we can easily move the data
513 * from one substream to another, but do per subflow memory accounting
514 * Note: pfrag is used only !retransmission, but the compiler if
515 * fooled into a warning if we don't init here
516 */
517 pfrag = sk_page_frag(sk);
518 while ((!retransmission && !mptcp_page_frag_refill(ssk, pfrag)) ||
519 !mptcp_ext_cache_refill(msk)) {
520 ret = sk_stream_wait_memory(ssk, timeo);
521 if (ret)
522 return ret;
523
524 /* if sk_stream_wait_memory() sleeps snd_una can change
525 * significantly, refresh the rtx queue
526 */
527 mptcp_clean_una(sk);
528
529 if (unlikely(__mptcp_needs_tcp_fallback(msk)))
530 return 0;
531 }
532 if (!retransmission) {
533 write_seq = &msk->write_seq;
534 page = pfrag->page;
535 } else {
536 write_seq = &dfrag->data_seq;
537 page = dfrag->page;
538 }
539
540 /* compute copy limit */
541 mss_now = tcp_send_mss(ssk, &size_goal, msg->msg_flags);
542 *pmss_now = mss_now;
543 *ps_goal = size_goal;
544 avail_size = size_goal;
545 skb = tcp_write_queue_tail(ssk);
546 if (skb) {
547 mpext = skb_ext_find(skb, SKB_EXT_MPTCP);
548
549 /* Limit the write to the size available in the
550 * current skb, if any, so that we create at most a new skb.
551 * Explicitly tells TCP internals to avoid collapsing on later
552 * queue management operation, to avoid breaking the ext <->
553 * SSN association set here
554 */
555 can_collapse = (size_goal - skb->len > 0) &&
556 mptcp_skb_can_collapse_to(*write_seq, skb, mpext);
557 if (!can_collapse)
558 TCP_SKB_CB(skb)->eor = 1;
559 else
560 avail_size = size_goal - skb->len;
561 }
562
563 if (!retransmission) {
564 /* reuse tail pfrag, if possible, or carve a new one from the
565 * page allocator
566 */
567 dfrag = mptcp_rtx_tail(sk);
568 offset = pfrag->offset;
569 dfrag_collapsed = mptcp_frag_can_collapse_to(msk, pfrag, dfrag);
570 if (!dfrag_collapsed) {
571 dfrag = mptcp_carve_data_frag(msk, pfrag, offset);
572 offset = dfrag->offset;
573 frag_truesize = dfrag->overhead;
574 }
575 psize = min_t(size_t, pfrag->size - offset, avail_size);
576
577 /* Copy to page */
578 pr_debug("left=%zu", msg_data_left(msg));
579 psize = copy_page_from_iter(pfrag->page, offset,
580 min_t(size_t, msg_data_left(msg),
581 psize),
582 &msg->msg_iter);
583 pr_debug("left=%zu", msg_data_left(msg));
584 if (!psize)
585 return -EINVAL;
586
587 if (!sk_wmem_schedule(sk, psize + dfrag->overhead))
588 return -ENOMEM;
589 } else {
590 offset = dfrag->offset;
591 psize = min_t(size_t, dfrag->data_len, avail_size);
592 }
593
594 /* tell the TCP stack to delay the push so that we can safely
595 * access the skb after the sendpages call
596 */
597 ret = do_tcp_sendpages(ssk, page, offset, psize,
598 msg->msg_flags | MSG_SENDPAGE_NOTLAST);
599 if (ret <= 0)
600 return ret;
601
602 frag_truesize += ret;
603 if (!retransmission) {
604 if (unlikely(ret < psize))
605 iov_iter_revert(&msg->msg_iter, psize - ret);
606
607 /* send successful, keep track of sent data for mptcp-level
608 * retransmission
609 */
610 dfrag->data_len += ret;
611 if (!dfrag_collapsed) {
612 get_page(dfrag->page);
613 list_add_tail(&dfrag->list, &msk->rtx_queue);
614 sk_wmem_queued_add(sk, frag_truesize);
615 } else {
616 sk_wmem_queued_add(sk, ret);
617 }
618
619 /* charge data on mptcp rtx queue to the master socket
620 * Note: we charge such data both to sk and ssk
621 */
622 sk->sk_forward_alloc -= frag_truesize;
623 }
624
625 /* if the tail skb extension is still the cached one, collapsing
626 * really happened. Note: we can't check for 'same skb' as the sk_buff
627 * hdr on tail can be transmitted, freed and re-allocated by the
628 * do_tcp_sendpages() call
629 */
630 tail = tcp_write_queue_tail(ssk);
631 if (mpext && tail && mpext == skb_ext_find(tail, SKB_EXT_MPTCP)) {
632 WARN_ON_ONCE(!can_collapse);
633 mpext->data_len += ret;
634 goto out;
635 }
636
637 skb = tcp_write_queue_tail(ssk);
638 mpext = __skb_ext_set(skb, SKB_EXT_MPTCP, msk->cached_ext);
639 msk->cached_ext = NULL;
640
641 memset(mpext, 0, sizeof(*mpext));
642 mpext->data_seq = *write_seq;
643 mpext->subflow_seq = mptcp_subflow_ctx(ssk)->rel_write_seq;
644 mpext->data_len = ret;
645 mpext->use_map = 1;
646 mpext->dsn64 = 1;
647
648 pr_debug("data_seq=%llu subflow_seq=%u data_len=%u dsn64=%d",
649 mpext->data_seq, mpext->subflow_seq, mpext->data_len,
650 mpext->dsn64);
651
652 out:
653 if (!retransmission)
654 pfrag->offset += frag_truesize;
655 *write_seq += ret;
656 mptcp_subflow_ctx(ssk)->rel_write_seq += ret;
657
658 return ret;
659 }
660
661 static struct sock *mptcp_subflow_get_send(struct mptcp_sock *msk)
662 {
663 struct mptcp_subflow_context *subflow;
664 struct sock *backup = NULL;
665
666 sock_owned_by_me((const struct sock *)msk);
667
668 mptcp_for_each_subflow(msk, subflow) {
669 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
670
671 if (!sk_stream_memory_free(ssk)) {
672 struct socket *sock = ssk->sk_socket;
673
674 if (sock) {
675 clear_bit(MPTCP_SEND_SPACE, &msk->flags);
676 smp_mb__after_atomic();
677
678 /* enables sk->write_space() callbacks */
679 set_bit(SOCK_NOSPACE, &sock->flags);
680 }
681
682 return NULL;
683 }
684
685 if (subflow->backup) {
686 if (!backup)
687 backup = ssk;
688
689 continue;
690 }
691
692 return ssk;
693 }
694
695 return backup;
696 }
697
698 static void ssk_check_wmem(struct mptcp_sock *msk, struct sock *ssk)
699 {
700 struct socket *sock;
701
702 if (likely(sk_stream_is_writeable(ssk)))
703 return;
704
705 sock = READ_ONCE(ssk->sk_socket);
706
707 if (sock) {
708 clear_bit(MPTCP_SEND_SPACE, &msk->flags);
709 smp_mb__after_atomic();
710 /* set NOSPACE only after clearing SEND_SPACE flag */
711 set_bit(SOCK_NOSPACE, &sock->flags);
712 }
713 }
714
715 static int mptcp_sendmsg(struct sock *sk, struct msghdr *msg, size_t len)
716 {
717 int mss_now = 0, size_goal = 0, ret = 0;
718 struct mptcp_sock *msk = mptcp_sk(sk);
719 struct socket *ssock;
720 size_t copied = 0;
721 struct sock *ssk;
722 long timeo;
723
724 if (msg->msg_flags & ~(MSG_MORE | MSG_DONTWAIT | MSG_NOSIGNAL))
725 return -EOPNOTSUPP;
726
727 lock_sock(sk);
728
729 timeo = sock_sndtimeo(sk, msg->msg_flags & MSG_DONTWAIT);
730
731 if ((1 << sk->sk_state) & ~(TCPF_ESTABLISHED | TCPF_CLOSE_WAIT)) {
732 ret = sk_stream_wait_connect(sk, &timeo);
733 if (ret)
734 goto out;
735 }
736
737 ssock = __mptcp_tcp_fallback(msk);
738 if (unlikely(ssock)) {
739 fallback:
740 pr_debug("fallback passthrough");
741 ret = sock_sendmsg(ssock, msg);
742 return ret >= 0 ? ret + copied : (copied ? copied : ret);
743 }
744
745 mptcp_clean_una(sk);
746
747 __mptcp_flush_join_list(msk);
748 ssk = mptcp_subflow_get_send(msk);
749 while (!sk_stream_memory_free(sk) || !ssk) {
750 ret = sk_stream_wait_memory(sk, &timeo);
751 if (ret)
752 goto out;
753
754 mptcp_clean_una(sk);
755
756 ssk = mptcp_subflow_get_send(msk);
757 if (list_empty(&msk->conn_list)) {
758 ret = -ENOTCONN;
759 goto out;
760 }
761 }
762
763 pr_debug("conn_list->subflow=%p", ssk);
764
765 lock_sock(ssk);
766 while (msg_data_left(msg)) {
767 ret = mptcp_sendmsg_frag(sk, ssk, msg, NULL, &timeo, &mss_now,
768 &size_goal);
769 if (ret < 0)
770 break;
771 if (ret == 0 && unlikely(__mptcp_needs_tcp_fallback(msk))) {
772 release_sock(ssk);
773 ssock = __mptcp_tcp_fallback(msk);
774 goto fallback;
775 }
776
777 copied += ret;
778 }
779
780 mptcp_set_timeout(sk, ssk);
781 if (copied) {
782 ret = copied;
783 tcp_push(ssk, msg->msg_flags, mss_now, tcp_sk(ssk)->nonagle,
784 size_goal);
785
786 /* start the timer, if it's not pending */
787 if (!mptcp_timer_pending(sk))
788 mptcp_reset_timer(sk);
789 }
790
791 ssk_check_wmem(msk, ssk);
792 release_sock(ssk);
793 out:
794 release_sock(sk);
795 return ret;
796 }
797
798 static void mptcp_wait_data(struct sock *sk, long *timeo)
799 {
800 DEFINE_WAIT_FUNC(wait, woken_wake_function);
801 struct mptcp_sock *msk = mptcp_sk(sk);
802
803 add_wait_queue(sk_sleep(sk), &wait);
804 sk_set_bit(SOCKWQ_ASYNC_WAITDATA, sk);
805
806 sk_wait_event(sk, timeo,
807 test_and_clear_bit(MPTCP_DATA_READY, &msk->flags), &wait);
808
809 sk_clear_bit(SOCKWQ_ASYNC_WAITDATA, sk);
810 remove_wait_queue(sk_sleep(sk), &wait);
811 }
812
813 static int __mptcp_recvmsg_mskq(struct mptcp_sock *msk,
814 struct msghdr *msg,
815 size_t len)
816 {
817 struct sock *sk = (struct sock *)msk;
818 struct sk_buff *skb;
819 int copied = 0;
820
821 while ((skb = skb_peek(&sk->sk_receive_queue)) != NULL) {
822 u32 offset = MPTCP_SKB_CB(skb)->offset;
823 u32 data_len = skb->len - offset;
824 u32 count = min_t(size_t, len - copied, data_len);
825 int err;
826
827 err = skb_copy_datagram_msg(skb, offset, msg, count);
828 if (unlikely(err < 0)) {
829 if (!copied)
830 return err;
831 break;
832 }
833
834 copied += count;
835
836 if (count < data_len) {
837 MPTCP_SKB_CB(skb)->offset += count;
838 break;
839 }
840
841 __skb_unlink(skb, &sk->sk_receive_queue);
842 __kfree_skb(skb);
843
844 if (copied >= len)
845 break;
846 }
847
848 return copied;
849 }
850
851 static bool __mptcp_move_skbs(struct mptcp_sock *msk)
852 {
853 unsigned int moved = 0;
854 bool done;
855
856 do {
857 struct sock *ssk = mptcp_subflow_recv_lookup(msk);
858
859 if (!ssk)
860 break;
861
862 lock_sock(ssk);
863 done = __mptcp_move_skbs_from_subflow(msk, ssk, &moved);
864 release_sock(ssk);
865 } while (!done);
866
867 return moved > 0;
868 }
869
870 static int mptcp_recvmsg(struct sock *sk, struct msghdr *msg, size_t len,
871 int nonblock, int flags, int *addr_len)
872 {
873 struct mptcp_sock *msk = mptcp_sk(sk);
874 struct socket *ssock;
875 int copied = 0;
876 int target;
877 long timeo;
878
879 if (msg->msg_flags & ~(MSG_WAITALL | MSG_DONTWAIT))
880 return -EOPNOTSUPP;
881
882 lock_sock(sk);
883 ssock = __mptcp_tcp_fallback(msk);
884 if (unlikely(ssock)) {
885 fallback:
886 pr_debug("fallback-read subflow=%p",
887 mptcp_subflow_ctx(ssock->sk));
888 copied = sock_recvmsg(ssock, msg, flags);
889 return copied;
890 }
891
892 timeo = sock_rcvtimeo(sk, nonblock);
893
894 len = min_t(size_t, len, INT_MAX);
895 target = sock_rcvlowat(sk, flags & MSG_WAITALL, len);
896 __mptcp_flush_join_list(msk);
897
898 while (len > (size_t)copied) {
899 int bytes_read;
900
901 bytes_read = __mptcp_recvmsg_mskq(msk, msg, len - copied);
902 if (unlikely(bytes_read < 0)) {
903 if (!copied)
904 copied = bytes_read;
905 goto out_err;
906 }
907
908 copied += bytes_read;
909
910 if (skb_queue_empty(&sk->sk_receive_queue) &&
911 __mptcp_move_skbs(msk))
912 continue;
913
914 /* only the master socket status is relevant here. The exit
915 * conditions mirror closely tcp_recvmsg()
916 */
917 if (copied >= target)
918 break;
919
920 if (copied) {
921 if (sk->sk_err ||
922 sk->sk_state == TCP_CLOSE ||
923 (sk->sk_shutdown & RCV_SHUTDOWN) ||
924 !timeo ||
925 signal_pending(current))
926 break;
927 } else {
928 if (sk->sk_err) {
929 copied = sock_error(sk);
930 break;
931 }
932
933 if (sk->sk_shutdown & RCV_SHUTDOWN)
934 break;
935
936 if (sk->sk_state == TCP_CLOSE) {
937 copied = -ENOTCONN;
938 break;
939 }
940
941 if (!timeo) {
942 copied = -EAGAIN;
943 break;
944 }
945
946 if (signal_pending(current)) {
947 copied = sock_intr_errno(timeo);
948 break;
949 }
950 }
951
952 pr_debug("block timeout %ld", timeo);
953 mptcp_wait_data(sk, &timeo);
954 if (unlikely(__mptcp_tcp_fallback(msk)))
955 goto fallback;
956 }
957
958 if (skb_queue_empty(&sk->sk_receive_queue)) {
959 /* entire backlog drained, clear DATA_READY. */
960 clear_bit(MPTCP_DATA_READY, &msk->flags);
961
962 /* .. race-breaker: ssk might have gotten new data
963 * after last __mptcp_move_skbs() returned false.
964 */
965 if (unlikely(__mptcp_move_skbs(msk)))
966 set_bit(MPTCP_DATA_READY, &msk->flags);
967 } else if (unlikely(!test_bit(MPTCP_DATA_READY, &msk->flags))) {
968 /* data to read but mptcp_wait_data() cleared DATA_READY */
969 set_bit(MPTCP_DATA_READY, &msk->flags);
970 }
971 out_err:
972 release_sock(sk);
973 return copied;
974 }
975
976 static void mptcp_retransmit_handler(struct sock *sk)
977 {
978 struct mptcp_sock *msk = mptcp_sk(sk);
979
980 if (atomic64_read(&msk->snd_una) == msk->write_seq) {
981 mptcp_stop_timer(sk);
982 } else {
983 set_bit(MPTCP_WORK_RTX, &msk->flags);
984 if (schedule_work(&msk->work))
985 sock_hold(sk);
986 }
987 }
988
989 static void mptcp_retransmit_timer(struct timer_list *t)
990 {
991 struct inet_connection_sock *icsk = from_timer(icsk, t,
992 icsk_retransmit_timer);
993 struct sock *sk = &icsk->icsk_inet.sk;
994
995 bh_lock_sock(sk);
996 if (!sock_owned_by_user(sk)) {
997 mptcp_retransmit_handler(sk);
998 } else {
999 /* delegate our work to tcp_release_cb() */
1000 if (!test_and_set_bit(TCP_WRITE_TIMER_DEFERRED,
1001 &sk->sk_tsq_flags))
1002 sock_hold(sk);
1003 }
1004 bh_unlock_sock(sk);
1005 sock_put(sk);
1006 }
1007
1008 /* Find an idle subflow. Return NULL if there is unacked data at tcp
1009 * level.
1010 *
1011 * A backup subflow is returned only if that is the only kind available.
1012 */
1013 static struct sock *mptcp_subflow_get_retrans(const struct mptcp_sock *msk)
1014 {
1015 struct mptcp_subflow_context *subflow;
1016 struct sock *backup = NULL;
1017
1018 sock_owned_by_me((const struct sock *)msk);
1019
1020 mptcp_for_each_subflow(msk, subflow) {
1021 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
1022
1023 /* still data outstanding at TCP level? Don't retransmit. */
1024 if (!tcp_write_queue_empty(ssk))
1025 return NULL;
1026
1027 if (subflow->backup) {
1028 if (!backup)
1029 backup = ssk;
1030 continue;
1031 }
1032
1033 return ssk;
1034 }
1035
1036 return backup;
1037 }
1038
1039 /* subflow sockets can be either outgoing (connect) or incoming
1040 * (accept).
1041 *
1042 * Outgoing subflows use in-kernel sockets.
1043 * Incoming subflows do not have their own 'struct socket' allocated,
1044 * so we need to use tcp_close() after detaching them from the mptcp
1045 * parent socket.
1046 */
1047 static void __mptcp_close_ssk(struct sock *sk, struct sock *ssk,
1048 struct mptcp_subflow_context *subflow,
1049 long timeout)
1050 {
1051 struct socket *sock = READ_ONCE(ssk->sk_socket);
1052
1053 list_del(&subflow->node);
1054
1055 if (sock && sock != sk->sk_socket) {
1056 /* outgoing subflow */
1057 sock_release(sock);
1058 } else {
1059 /* incoming subflow */
1060 tcp_close(ssk, timeout);
1061 }
1062 }
1063
1064 static unsigned int mptcp_sync_mss(struct sock *sk, u32 pmtu)
1065 {
1066 return 0;
1067 }
1068
1069 static void mptcp_check_for_eof(struct mptcp_sock *msk)
1070 {
1071 struct mptcp_subflow_context *subflow;
1072 struct sock *sk = (struct sock *)msk;
1073 int receivers = 0;
1074
1075 mptcp_for_each_subflow(msk, subflow)
1076 receivers += !subflow->rx_eof;
1077
1078 if (!receivers && !(sk->sk_shutdown & RCV_SHUTDOWN)) {
1079 /* hopefully temporary hack: propagate shutdown status
1080 * to msk, when all subflows agree on it
1081 */
1082 sk->sk_shutdown |= RCV_SHUTDOWN;
1083
1084 smp_mb__before_atomic(); /* SHUTDOWN must be visible first */
1085 set_bit(MPTCP_DATA_READY, &msk->flags);
1086 sk->sk_data_ready(sk);
1087 }
1088 }
1089
1090 static void mptcp_worker(struct work_struct *work)
1091 {
1092 struct mptcp_sock *msk = container_of(work, struct mptcp_sock, work);
1093 struct sock *ssk, *sk = &msk->sk.icsk_inet.sk;
1094 int orig_len, orig_offset, ret, mss_now = 0, size_goal = 0;
1095 struct mptcp_data_frag *dfrag;
1096 u64 orig_write_seq;
1097 size_t copied = 0;
1098 struct msghdr msg;
1099 long timeo = 0;
1100
1101 lock_sock(sk);
1102 mptcp_clean_una(sk);
1103 __mptcp_flush_join_list(msk);
1104 __mptcp_move_skbs(msk);
1105
1106 if (test_and_clear_bit(MPTCP_WORK_EOF, &msk->flags))
1107 mptcp_check_for_eof(msk);
1108
1109 if (!test_and_clear_bit(MPTCP_WORK_RTX, &msk->flags))
1110 goto unlock;
1111
1112 dfrag = mptcp_rtx_head(sk);
1113 if (!dfrag)
1114 goto unlock;
1115
1116 ssk = mptcp_subflow_get_retrans(msk);
1117 if (!ssk)
1118 goto reset_unlock;
1119
1120 lock_sock(ssk);
1121
1122 msg.msg_flags = MSG_DONTWAIT;
1123 orig_len = dfrag->data_len;
1124 orig_offset = dfrag->offset;
1125 orig_write_seq = dfrag->data_seq;
1126 while (dfrag->data_len > 0) {
1127 ret = mptcp_sendmsg_frag(sk, ssk, &msg, dfrag, &timeo, &mss_now,
1128 &size_goal);
1129 if (ret < 0)
1130 break;
1131
1132 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_RETRANSSEGS);
1133 copied += ret;
1134 dfrag->data_len -= ret;
1135 dfrag->offset += ret;
1136 }
1137 if (copied)
1138 tcp_push(ssk, msg.msg_flags, mss_now, tcp_sk(ssk)->nonagle,
1139 size_goal);
1140
1141 dfrag->data_seq = orig_write_seq;
1142 dfrag->offset = orig_offset;
1143 dfrag->data_len = orig_len;
1144
1145 mptcp_set_timeout(sk, ssk);
1146 release_sock(ssk);
1147
1148 reset_unlock:
1149 if (!mptcp_timer_pending(sk))
1150 mptcp_reset_timer(sk);
1151
1152 unlock:
1153 release_sock(sk);
1154 sock_put(sk);
1155 }
1156
1157 static int __mptcp_init_sock(struct sock *sk)
1158 {
1159 struct mptcp_sock *msk = mptcp_sk(sk);
1160
1161 spin_lock_init(&msk->join_list_lock);
1162
1163 INIT_LIST_HEAD(&msk->conn_list);
1164 INIT_LIST_HEAD(&msk->join_list);
1165 INIT_LIST_HEAD(&msk->rtx_queue);
1166 __set_bit(MPTCP_SEND_SPACE, &msk->flags);
1167 INIT_WORK(&msk->work, mptcp_worker);
1168
1169 msk->first = NULL;
1170 inet_csk(sk)->icsk_sync_mss = mptcp_sync_mss;
1171
1172 mptcp_pm_data_init(msk);
1173
1174 /* re-use the csk retrans timer for MPTCP-level retrans */
1175 timer_setup(&msk->sk.icsk_retransmit_timer, mptcp_retransmit_timer, 0);
1176
1177 return 0;
1178 }
1179
1180 static int mptcp_init_sock(struct sock *sk)
1181 {
1182 struct net *net = sock_net(sk);
1183 int ret;
1184
1185 if (!mptcp_is_enabled(net))
1186 return -ENOPROTOOPT;
1187
1188 if (unlikely(!net->mib.mptcp_statistics) && !mptcp_mib_alloc(net))
1189 return -ENOMEM;
1190
1191 ret = __mptcp_init_sock(sk);
1192 if (ret)
1193 return ret;
1194
1195 sk_sockets_allocated_inc(sk);
1196 sk->sk_sndbuf = sock_net(sk)->ipv4.sysctl_tcp_wmem[2];
1197
1198 return 0;
1199 }
1200
1201 static void __mptcp_clear_xmit(struct sock *sk)
1202 {
1203 struct mptcp_sock *msk = mptcp_sk(sk);
1204 struct mptcp_data_frag *dtmp, *dfrag;
1205
1206 sk_stop_timer(sk, &msk->sk.icsk_retransmit_timer);
1207
1208 list_for_each_entry_safe(dfrag, dtmp, &msk->rtx_queue, list)
1209 dfrag_clear(sk, dfrag);
1210 }
1211
1212 static void mptcp_cancel_work(struct sock *sk)
1213 {
1214 struct mptcp_sock *msk = mptcp_sk(sk);
1215
1216 if (cancel_work_sync(&msk->work))
1217 sock_put(sk);
1218 }
1219
1220 static void mptcp_subflow_shutdown(struct sock *ssk, int how,
1221 bool data_fin_tx_enable, u64 data_fin_tx_seq)
1222 {
1223 lock_sock(ssk);
1224
1225 switch (ssk->sk_state) {
1226 case TCP_LISTEN:
1227 if (!(how & RCV_SHUTDOWN))
1228 break;
1229 /* fall through */
1230 case TCP_SYN_SENT:
1231 tcp_disconnect(ssk, O_NONBLOCK);
1232 break;
1233 default:
1234 if (data_fin_tx_enable) {
1235 struct mptcp_subflow_context *subflow;
1236
1237 subflow = mptcp_subflow_ctx(ssk);
1238 subflow->data_fin_tx_seq = data_fin_tx_seq;
1239 subflow->data_fin_tx_enable = 1;
1240 }
1241
1242 ssk->sk_shutdown |= how;
1243 tcp_shutdown(ssk, how);
1244 break;
1245 }
1246
1247 /* Wake up anyone sleeping in poll. */
1248 ssk->sk_state_change(ssk);
1249 release_sock(ssk);
1250 }
1251
1252 /* Called with msk lock held, releases such lock before returning */
1253 static void mptcp_close(struct sock *sk, long timeout)
1254 {
1255 struct mptcp_subflow_context *subflow, *tmp;
1256 struct mptcp_sock *msk = mptcp_sk(sk);
1257 LIST_HEAD(conn_list);
1258 u64 data_fin_tx_seq;
1259
1260 lock_sock(sk);
1261
1262 mptcp_token_destroy(msk->token);
1263 inet_sk_state_store(sk, TCP_CLOSE);
1264
1265 __mptcp_flush_join_list(msk);
1266
1267 list_splice_init(&msk->conn_list, &conn_list);
1268
1269 data_fin_tx_seq = msk->write_seq;
1270
1271 __mptcp_clear_xmit(sk);
1272
1273 release_sock(sk);
1274
1275 list_for_each_entry_safe(subflow, tmp, &conn_list, node) {
1276 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
1277
1278 subflow->data_fin_tx_seq = data_fin_tx_seq;
1279 subflow->data_fin_tx_enable = 1;
1280 __mptcp_close_ssk(sk, ssk, subflow, timeout);
1281 }
1282
1283 mptcp_cancel_work(sk);
1284 mptcp_pm_close(msk);
1285
1286 __skb_queue_purge(&sk->sk_receive_queue);
1287
1288 sk_common_release(sk);
1289 }
1290
1291 static void mptcp_copy_inaddrs(struct sock *msk, const struct sock *ssk)
1292 {
1293 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1294 const struct ipv6_pinfo *ssk6 = inet6_sk(ssk);
1295 struct ipv6_pinfo *msk6 = inet6_sk(msk);
1296
1297 msk->sk_v6_daddr = ssk->sk_v6_daddr;
1298 msk->sk_v6_rcv_saddr = ssk->sk_v6_rcv_saddr;
1299
1300 if (msk6 && ssk6) {
1301 msk6->saddr = ssk6->saddr;
1302 msk6->flow_label = ssk6->flow_label;
1303 }
1304 #endif
1305
1306 inet_sk(msk)->inet_num = inet_sk(ssk)->inet_num;
1307 inet_sk(msk)->inet_dport = inet_sk(ssk)->inet_dport;
1308 inet_sk(msk)->inet_sport = inet_sk(ssk)->inet_sport;
1309 inet_sk(msk)->inet_daddr = inet_sk(ssk)->inet_daddr;
1310 inet_sk(msk)->inet_saddr = inet_sk(ssk)->inet_saddr;
1311 inet_sk(msk)->inet_rcv_saddr = inet_sk(ssk)->inet_rcv_saddr;
1312 }
1313
1314 static int mptcp_disconnect(struct sock *sk, int flags)
1315 {
1316 lock_sock(sk);
1317 __mptcp_clear_xmit(sk);
1318 release_sock(sk);
1319 mptcp_cancel_work(sk);
1320 return tcp_disconnect(sk, flags);
1321 }
1322
1323 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1324 static struct ipv6_pinfo *mptcp_inet6_sk(const struct sock *sk)
1325 {
1326 unsigned int offset = sizeof(struct mptcp6_sock) - sizeof(struct ipv6_pinfo);
1327
1328 return (struct ipv6_pinfo *)(((u8 *)sk) + offset);
1329 }
1330 #endif
1331
1332 struct sock *mptcp_sk_clone(const struct sock *sk, struct request_sock *req)
1333 {
1334 struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req);
1335 struct sock *nsk = sk_clone_lock(sk, GFP_ATOMIC);
1336 struct mptcp_sock *msk;
1337 u64 ack_seq;
1338
1339 if (!nsk)
1340 return NULL;
1341
1342 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1343 if (nsk->sk_family == AF_INET6)
1344 inet_sk(nsk)->pinet6 = mptcp_inet6_sk(nsk);
1345 #endif
1346
1347 __mptcp_init_sock(nsk);
1348
1349 msk = mptcp_sk(nsk);
1350 msk->local_key = subflow_req->local_key;
1351 msk->token = subflow_req->token;
1352 msk->subflow = NULL;
1353
1354 if (unlikely(mptcp_token_new_accept(subflow_req->token, nsk))) {
1355 bh_unlock_sock(nsk);
1356
1357 /* we can't call into mptcp_close() here - possible BH context
1358 * free the sock directly
1359 */
1360 nsk->sk_prot->destroy(nsk);
1361 sk_free(nsk);
1362 return NULL;
1363 }
1364
1365 msk->write_seq = subflow_req->idsn + 1;
1366 atomic64_set(&msk->snd_una, msk->write_seq);
1367 if (subflow_req->remote_key_valid) {
1368 msk->can_ack = true;
1369 msk->remote_key = subflow_req->remote_key;
1370 mptcp_crypto_key_sha(msk->remote_key, NULL, &ack_seq);
1371 ack_seq++;
1372 msk->ack_seq = ack_seq;
1373 }
1374
1375 /* will be fully established after successful MPC subflow creation */
1376 inet_sk_state_store(nsk, TCP_SYN_RECV);
1377 bh_unlock_sock(nsk);
1378
1379 /* keep a single reference */
1380 __sock_put(nsk);
1381 return nsk;
1382 }
1383
1384 static struct sock *mptcp_accept(struct sock *sk, int flags, int *err,
1385 bool kern)
1386 {
1387 struct mptcp_sock *msk = mptcp_sk(sk);
1388 struct socket *listener;
1389 struct sock *newsk;
1390
1391 listener = __mptcp_nmpc_socket(msk);
1392 if (WARN_ON_ONCE(!listener)) {
1393 *err = -EINVAL;
1394 return NULL;
1395 }
1396
1397 pr_debug("msk=%p, listener=%p", msk, mptcp_subflow_ctx(listener->sk));
1398 newsk = inet_csk_accept(listener->sk, flags, err, kern);
1399 if (!newsk)
1400 return NULL;
1401
1402 pr_debug("msk=%p, subflow is mptcp=%d", msk, sk_is_mptcp(newsk));
1403
1404 if (sk_is_mptcp(newsk)) {
1405 struct mptcp_subflow_context *subflow;
1406 struct sock *new_mptcp_sock;
1407 struct sock *ssk = newsk;
1408
1409 subflow = mptcp_subflow_ctx(newsk);
1410 new_mptcp_sock = subflow->conn;
1411
1412 /* is_mptcp should be false if subflow->conn is missing, see
1413 * subflow_syn_recv_sock()
1414 */
1415 if (WARN_ON_ONCE(!new_mptcp_sock)) {
1416 tcp_sk(newsk)->is_mptcp = 0;
1417 return newsk;
1418 }
1419
1420 /* acquire the 2nd reference for the owning socket */
1421 sock_hold(new_mptcp_sock);
1422
1423 local_bh_disable();
1424 bh_lock_sock(new_mptcp_sock);
1425 msk = mptcp_sk(new_mptcp_sock);
1426 msk->first = newsk;
1427
1428 newsk = new_mptcp_sock;
1429 mptcp_copy_inaddrs(newsk, ssk);
1430 list_add(&subflow->node, &msk->conn_list);
1431
1432 bh_unlock_sock(new_mptcp_sock);
1433
1434 __MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPCAPABLEPASSIVEACK);
1435 local_bh_enable();
1436 } else {
1437 MPTCP_INC_STATS(sock_net(sk),
1438 MPTCP_MIB_MPCAPABLEPASSIVEFALLBACK);
1439 }
1440
1441 return newsk;
1442 }
1443
1444 static void mptcp_destroy(struct sock *sk)
1445 {
1446 struct mptcp_sock *msk = mptcp_sk(sk);
1447
1448 if (msk->cached_ext)
1449 __skb_ext_put(msk->cached_ext);
1450
1451 sk_sockets_allocated_dec(sk);
1452 }
1453
1454 static int mptcp_setsockopt(struct sock *sk, int level, int optname,
1455 char __user *optval, unsigned int optlen)
1456 {
1457 struct mptcp_sock *msk = mptcp_sk(sk);
1458 struct socket *ssock;
1459
1460 pr_debug("msk=%p", msk);
1461
1462 /* @@ the meaning of setsockopt() when the socket is connected and
1463 * there are multiple subflows is not yet defined. It is up to the
1464 * MPTCP-level socket to configure the subflows until the subflow
1465 * is in TCP fallback, when TCP socket options are passed through
1466 * to the one remaining subflow.
1467 */
1468 lock_sock(sk);
1469 ssock = __mptcp_tcp_fallback(msk);
1470 if (ssock)
1471 return tcp_setsockopt(ssock->sk, level, optname, optval,
1472 optlen);
1473
1474 release_sock(sk);
1475
1476 return -EOPNOTSUPP;
1477 }
1478
1479 static int mptcp_getsockopt(struct sock *sk, int level, int optname,
1480 char __user *optval, int __user *option)
1481 {
1482 struct mptcp_sock *msk = mptcp_sk(sk);
1483 struct socket *ssock;
1484
1485 pr_debug("msk=%p", msk);
1486
1487 /* @@ the meaning of setsockopt() when the socket is connected and
1488 * there are multiple subflows is not yet defined. It is up to the
1489 * MPTCP-level socket to configure the subflows until the subflow
1490 * is in TCP fallback, when socket options are passed through
1491 * to the one remaining subflow.
1492 */
1493 lock_sock(sk);
1494 ssock = __mptcp_tcp_fallback(msk);
1495 if (ssock)
1496 return tcp_getsockopt(ssock->sk, level, optname, optval,
1497 option);
1498
1499 release_sock(sk);
1500
1501 return -EOPNOTSUPP;
1502 }
1503
1504 #define MPTCP_DEFERRED_ALL (TCPF_DELACK_TIMER_DEFERRED | \
1505 TCPF_WRITE_TIMER_DEFERRED)
1506
1507 /* this is very alike tcp_release_cb() but we must handle differently a
1508 * different set of events
1509 */
1510 static void mptcp_release_cb(struct sock *sk)
1511 {
1512 unsigned long flags, nflags;
1513
1514 do {
1515 flags = sk->sk_tsq_flags;
1516 if (!(flags & MPTCP_DEFERRED_ALL))
1517 return;
1518 nflags = flags & ~MPTCP_DEFERRED_ALL;
1519 } while (cmpxchg(&sk->sk_tsq_flags, flags, nflags) != flags);
1520
1521 sock_release_ownership(sk);
1522
1523 if (flags & TCPF_DELACK_TIMER_DEFERRED) {
1524 struct mptcp_sock *msk = mptcp_sk(sk);
1525 struct sock *ssk;
1526
1527 ssk = mptcp_subflow_recv_lookup(msk);
1528 if (!ssk || !schedule_work(&msk->work))
1529 __sock_put(sk);
1530 }
1531
1532 if (flags & TCPF_WRITE_TIMER_DEFERRED) {
1533 mptcp_retransmit_handler(sk);
1534 __sock_put(sk);
1535 }
1536 }
1537
1538 static int mptcp_get_port(struct sock *sk, unsigned short snum)
1539 {
1540 struct mptcp_sock *msk = mptcp_sk(sk);
1541 struct socket *ssock;
1542
1543 ssock = __mptcp_nmpc_socket(msk);
1544 pr_debug("msk=%p, subflow=%p", msk, ssock);
1545 if (WARN_ON_ONCE(!ssock))
1546 return -EINVAL;
1547
1548 return inet_csk_get_port(ssock->sk, snum);
1549 }
1550
1551 void mptcp_finish_connect(struct sock *ssk)
1552 {
1553 struct mptcp_subflow_context *subflow;
1554 struct mptcp_sock *msk;
1555 struct sock *sk;
1556 u64 ack_seq;
1557
1558 subflow = mptcp_subflow_ctx(ssk);
1559 sk = subflow->conn;
1560 msk = mptcp_sk(sk);
1561
1562 if (!subflow->mp_capable) {
1563 MPTCP_INC_STATS(sock_net(sk),
1564 MPTCP_MIB_MPCAPABLEACTIVEFALLBACK);
1565 return;
1566 }
1567
1568 pr_debug("msk=%p, token=%u", sk, subflow->token);
1569
1570 mptcp_crypto_key_sha(subflow->remote_key, NULL, &ack_seq);
1571 ack_seq++;
1572 subflow->map_seq = ack_seq;
1573 subflow->map_subflow_seq = 1;
1574 subflow->rel_write_seq = 1;
1575
1576 /* the socket is not connected yet, no msk/subflow ops can access/race
1577 * accessing the field below
1578 */
1579 WRITE_ONCE(msk->remote_key, subflow->remote_key);
1580 WRITE_ONCE(msk->local_key, subflow->local_key);
1581 WRITE_ONCE(msk->token, subflow->token);
1582 WRITE_ONCE(msk->write_seq, subflow->idsn + 1);
1583 WRITE_ONCE(msk->ack_seq, ack_seq);
1584 WRITE_ONCE(msk->can_ack, 1);
1585 atomic64_set(&msk->snd_una, msk->write_seq);
1586
1587 mptcp_pm_new_connection(msk, 0);
1588 }
1589
1590 static void mptcp_sock_graft(struct sock *sk, struct socket *parent)
1591 {
1592 write_lock_bh(&sk->sk_callback_lock);
1593 rcu_assign_pointer(sk->sk_wq, &parent->wq);
1594 sk_set_socket(sk, parent);
1595 sk->sk_uid = SOCK_INODE(parent)->i_uid;
1596 write_unlock_bh(&sk->sk_callback_lock);
1597 }
1598
1599 bool mptcp_finish_join(struct sock *sk)
1600 {
1601 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
1602 struct mptcp_sock *msk = mptcp_sk(subflow->conn);
1603 struct sock *parent = (void *)msk;
1604 struct socket *parent_sock;
1605 bool ret;
1606
1607 pr_debug("msk=%p, subflow=%p", msk, subflow);
1608
1609 /* mptcp socket already closing? */
1610 if (inet_sk_state_load(parent) != TCP_ESTABLISHED)
1611 return false;
1612
1613 if (!msk->pm.server_side)
1614 return true;
1615
1616 /* passive connection, attach to msk socket */
1617 parent_sock = READ_ONCE(parent->sk_socket);
1618 if (parent_sock && !sk->sk_socket)
1619 mptcp_sock_graft(sk, parent_sock);
1620
1621 ret = mptcp_pm_allow_new_subflow(msk);
1622 if (ret) {
1623 /* active connections are already on conn_list */
1624 spin_lock_bh(&msk->join_list_lock);
1625 if (!WARN_ON_ONCE(!list_empty(&subflow->node)))
1626 list_add_tail(&subflow->node, &msk->join_list);
1627 spin_unlock_bh(&msk->join_list_lock);
1628 }
1629 return ret;
1630 }
1631
1632 bool mptcp_sk_is_subflow(const struct sock *sk)
1633 {
1634 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk);
1635
1636 return subflow->mp_join == 1;
1637 }
1638
1639 static bool mptcp_memory_free(const struct sock *sk, int wake)
1640 {
1641 struct mptcp_sock *msk = mptcp_sk(sk);
1642
1643 return wake ? test_bit(MPTCP_SEND_SPACE, &msk->flags) : true;
1644 }
1645
1646 static struct proto mptcp_prot = {
1647 .name = "MPTCP",
1648 .owner = THIS_MODULE,
1649 .init = mptcp_init_sock,
1650 .disconnect = mptcp_disconnect,
1651 .close = mptcp_close,
1652 .accept = mptcp_accept,
1653 .setsockopt = mptcp_setsockopt,
1654 .getsockopt = mptcp_getsockopt,
1655 .shutdown = tcp_shutdown,
1656 .destroy = mptcp_destroy,
1657 .sendmsg = mptcp_sendmsg,
1658 .recvmsg = mptcp_recvmsg,
1659 .release_cb = mptcp_release_cb,
1660 .hash = inet_hash,
1661 .unhash = inet_unhash,
1662 .get_port = mptcp_get_port,
1663 .sockets_allocated = &mptcp_sockets_allocated,
1664 .memory_allocated = &tcp_memory_allocated,
1665 .memory_pressure = &tcp_memory_pressure,
1666 .stream_memory_free = mptcp_memory_free,
1667 .sysctl_wmem_offset = offsetof(struct net, ipv4.sysctl_tcp_wmem),
1668 .sysctl_mem = sysctl_tcp_mem,
1669 .obj_size = sizeof(struct mptcp_sock),
1670 .no_autobind = true,
1671 };
1672
1673 static int mptcp_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len)
1674 {
1675 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1676 struct socket *ssock;
1677 int err;
1678
1679 lock_sock(sock->sk);
1680 ssock = __mptcp_socket_create(msk, MPTCP_SAME_STATE);
1681 if (IS_ERR(ssock)) {
1682 err = PTR_ERR(ssock);
1683 goto unlock;
1684 }
1685
1686 err = ssock->ops->bind(ssock, uaddr, addr_len);
1687 if (!err)
1688 mptcp_copy_inaddrs(sock->sk, ssock->sk);
1689
1690 unlock:
1691 release_sock(sock->sk);
1692 return err;
1693 }
1694
1695 static int mptcp_stream_connect(struct socket *sock, struct sockaddr *uaddr,
1696 int addr_len, int flags)
1697 {
1698 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1699 struct socket *ssock;
1700 int err;
1701
1702 lock_sock(sock->sk);
1703 ssock = __mptcp_socket_create(msk, TCP_SYN_SENT);
1704 if (IS_ERR(ssock)) {
1705 err = PTR_ERR(ssock);
1706 goto unlock;
1707 }
1708
1709 #ifdef CONFIG_TCP_MD5SIG
1710 /* no MPTCP if MD5SIG is enabled on this socket or we may run out of
1711 * TCP option space.
1712 */
1713 if (rcu_access_pointer(tcp_sk(ssock->sk)->md5sig_info))
1714 mptcp_subflow_ctx(ssock->sk)->request_mptcp = 0;
1715 #endif
1716
1717 err = ssock->ops->connect(ssock, uaddr, addr_len, flags);
1718 inet_sk_state_store(sock->sk, inet_sk_state_load(ssock->sk));
1719 mptcp_copy_inaddrs(sock->sk, ssock->sk);
1720
1721 unlock:
1722 release_sock(sock->sk);
1723 return err;
1724 }
1725
1726 static int mptcp_v4_getname(struct socket *sock, struct sockaddr *uaddr,
1727 int peer)
1728 {
1729 if (sock->sk->sk_prot == &tcp_prot) {
1730 /* we are being invoked from __sys_accept4, after
1731 * mptcp_accept() has just accepted a non-mp-capable
1732 * flow: sk is a tcp_sk, not an mptcp one.
1733 *
1734 * Hand the socket over to tcp so all further socket ops
1735 * bypass mptcp.
1736 */
1737 sock->ops = &inet_stream_ops;
1738 }
1739
1740 return inet_getname(sock, uaddr, peer);
1741 }
1742
1743 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1744 static int mptcp_v6_getname(struct socket *sock, struct sockaddr *uaddr,
1745 int peer)
1746 {
1747 if (sock->sk->sk_prot == &tcpv6_prot) {
1748 /* we are being invoked from __sys_accept4 after
1749 * mptcp_accept() has accepted a non-mp-capable
1750 * subflow: sk is a tcp_sk, not mptcp.
1751 *
1752 * Hand the socket over to tcp so all further
1753 * socket ops bypass mptcp.
1754 */
1755 sock->ops = &inet6_stream_ops;
1756 }
1757
1758 return inet6_getname(sock, uaddr, peer);
1759 }
1760 #endif
1761
1762 static int mptcp_listen(struct socket *sock, int backlog)
1763 {
1764 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1765 struct socket *ssock;
1766 int err;
1767
1768 pr_debug("msk=%p", msk);
1769
1770 lock_sock(sock->sk);
1771 ssock = __mptcp_socket_create(msk, TCP_LISTEN);
1772 if (IS_ERR(ssock)) {
1773 err = PTR_ERR(ssock);
1774 goto unlock;
1775 }
1776
1777 err = ssock->ops->listen(ssock, backlog);
1778 inet_sk_state_store(sock->sk, inet_sk_state_load(ssock->sk));
1779 if (!err)
1780 mptcp_copy_inaddrs(sock->sk, ssock->sk);
1781
1782 unlock:
1783 release_sock(sock->sk);
1784 return err;
1785 }
1786
1787 static bool is_tcp_proto(const struct proto *p)
1788 {
1789 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1790 return p == &tcp_prot || p == &tcpv6_prot;
1791 #else
1792 return p == &tcp_prot;
1793 #endif
1794 }
1795
1796 static int mptcp_stream_accept(struct socket *sock, struct socket *newsock,
1797 int flags, bool kern)
1798 {
1799 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1800 struct socket *ssock;
1801 int err;
1802
1803 pr_debug("msk=%p", msk);
1804
1805 lock_sock(sock->sk);
1806 if (sock->sk->sk_state != TCP_LISTEN)
1807 goto unlock_fail;
1808
1809 ssock = __mptcp_nmpc_socket(msk);
1810 if (!ssock)
1811 goto unlock_fail;
1812
1813 sock_hold(ssock->sk);
1814 release_sock(sock->sk);
1815
1816 err = ssock->ops->accept(sock, newsock, flags, kern);
1817 if (err == 0 && !is_tcp_proto(newsock->sk->sk_prot)) {
1818 struct mptcp_sock *msk = mptcp_sk(newsock->sk);
1819 struct mptcp_subflow_context *subflow;
1820
1821 /* set ssk->sk_socket of accept()ed flows to mptcp socket.
1822 * This is needed so NOSPACE flag can be set from tcp stack.
1823 */
1824 __mptcp_flush_join_list(msk);
1825 list_for_each_entry(subflow, &msk->conn_list, node) {
1826 struct sock *ssk = mptcp_subflow_tcp_sock(subflow);
1827
1828 if (!ssk->sk_socket)
1829 mptcp_sock_graft(ssk, newsock);
1830 }
1831 }
1832
1833 sock_put(ssock->sk);
1834 return err;
1835
1836 unlock_fail:
1837 release_sock(sock->sk);
1838 return -EINVAL;
1839 }
1840
1841 static __poll_t mptcp_poll(struct file *file, struct socket *sock,
1842 struct poll_table_struct *wait)
1843 {
1844 struct sock *sk = sock->sk;
1845 struct mptcp_sock *msk;
1846 struct socket *ssock;
1847 __poll_t mask = 0;
1848
1849 msk = mptcp_sk(sk);
1850 lock_sock(sk);
1851 ssock = __mptcp_tcp_fallback(msk);
1852 if (!ssock)
1853 ssock = __mptcp_nmpc_socket(msk);
1854 if (ssock) {
1855 mask = ssock->ops->poll(file, ssock, wait);
1856 release_sock(sk);
1857 return mask;
1858 }
1859
1860 release_sock(sk);
1861 sock_poll_wait(file, sock, wait);
1862 lock_sock(sk);
1863
1864 if (test_bit(MPTCP_DATA_READY, &msk->flags))
1865 mask = EPOLLIN | EPOLLRDNORM;
1866 if (sk_stream_is_writeable(sk) &&
1867 test_bit(MPTCP_SEND_SPACE, &msk->flags))
1868 mask |= EPOLLOUT | EPOLLWRNORM;
1869 if (sk->sk_shutdown & RCV_SHUTDOWN)
1870 mask |= EPOLLIN | EPOLLRDNORM | EPOLLRDHUP;
1871
1872 release_sock(sk);
1873
1874 return mask;
1875 }
1876
1877 static int mptcp_shutdown(struct socket *sock, int how)
1878 {
1879 struct mptcp_sock *msk = mptcp_sk(sock->sk);
1880 struct mptcp_subflow_context *subflow;
1881 struct socket *ssock;
1882 int ret = 0;
1883
1884 pr_debug("sk=%p, how=%d", msk, how);
1885
1886 lock_sock(sock->sk);
1887 ssock = __mptcp_tcp_fallback(msk);
1888 if (ssock) {
1889 release_sock(sock->sk);
1890 return inet_shutdown(ssock, how);
1891 }
1892
1893 if (how == SHUT_WR || how == SHUT_RDWR)
1894 inet_sk_state_store(sock->sk, TCP_FIN_WAIT1);
1895
1896 how++;
1897
1898 if ((how & ~SHUTDOWN_MASK) || !how) {
1899 ret = -EINVAL;
1900 goto out_unlock;
1901 }
1902
1903 if (sock->state == SS_CONNECTING) {
1904 if ((1 << sock->sk->sk_state) &
1905 (TCPF_SYN_SENT | TCPF_SYN_RECV | TCPF_CLOSE))
1906 sock->state = SS_DISCONNECTING;
1907 else
1908 sock->state = SS_CONNECTED;
1909 }
1910
1911 __mptcp_flush_join_list(msk);
1912 mptcp_for_each_subflow(msk, subflow) {
1913 struct sock *tcp_sk = mptcp_subflow_tcp_sock(subflow);
1914
1915 mptcp_subflow_shutdown(tcp_sk, how, 1, msk->write_seq);
1916 }
1917
1918 out_unlock:
1919 release_sock(sock->sk);
1920
1921 return ret;
1922 }
1923
1924 static const struct proto_ops mptcp_stream_ops = {
1925 .family = PF_INET,
1926 .owner = THIS_MODULE,
1927 .release = inet_release,
1928 .bind = mptcp_bind,
1929 .connect = mptcp_stream_connect,
1930 .socketpair = sock_no_socketpair,
1931 .accept = mptcp_stream_accept,
1932 .getname = mptcp_v4_getname,
1933 .poll = mptcp_poll,
1934 .ioctl = inet_ioctl,
1935 .gettstamp = sock_gettstamp,
1936 .listen = mptcp_listen,
1937 .shutdown = mptcp_shutdown,
1938 .setsockopt = sock_common_setsockopt,
1939 .getsockopt = sock_common_getsockopt,
1940 .sendmsg = inet_sendmsg,
1941 .recvmsg = inet_recvmsg,
1942 .mmap = sock_no_mmap,
1943 .sendpage = inet_sendpage,
1944 #ifdef CONFIG_COMPAT
1945 .compat_setsockopt = compat_sock_common_setsockopt,
1946 .compat_getsockopt = compat_sock_common_getsockopt,
1947 #endif
1948 };
1949
1950 static struct inet_protosw mptcp_protosw = {
1951 .type = SOCK_STREAM,
1952 .protocol = IPPROTO_MPTCP,
1953 .prot = &mptcp_prot,
1954 .ops = &mptcp_stream_ops,
1955 .flags = INET_PROTOSW_ICSK,
1956 };
1957
1958 void mptcp_proto_init(void)
1959 {
1960 mptcp_prot.h.hashinfo = tcp_prot.h.hashinfo;
1961
1962 if (percpu_counter_init(&mptcp_sockets_allocated, 0, GFP_KERNEL))
1963 panic("Failed to allocate MPTCP pcpu counter\n");
1964
1965 mptcp_subflow_init();
1966 mptcp_pm_init();
1967
1968 if (proto_register(&mptcp_prot, 1) != 0)
1969 panic("Failed to register MPTCP proto.\n");
1970
1971 inet_register_protosw(&mptcp_protosw);
1972
1973 BUILD_BUG_ON(sizeof(struct mptcp_skb_cb) > sizeof_field(struct sk_buff, cb));
1974 }
1975
1976 #if IS_ENABLED(CONFIG_MPTCP_IPV6)
1977 static const struct proto_ops mptcp_v6_stream_ops = {
1978 .family = PF_INET6,
1979 .owner = THIS_MODULE,
1980 .release = inet6_release,
1981 .bind = mptcp_bind,
1982 .connect = mptcp_stream_connect,
1983 .socketpair = sock_no_socketpair,
1984 .accept = mptcp_stream_accept,
1985 .getname = mptcp_v6_getname,
1986 .poll = mptcp_poll,
1987 .ioctl = inet6_ioctl,
1988 .gettstamp = sock_gettstamp,
1989 .listen = mptcp_listen,
1990 .shutdown = mptcp_shutdown,
1991 .setsockopt = sock_common_setsockopt,
1992 .getsockopt = sock_common_getsockopt,
1993 .sendmsg = inet6_sendmsg,
1994 .recvmsg = inet6_recvmsg,
1995 .mmap = sock_no_mmap,
1996 .sendpage = inet_sendpage,
1997 #ifdef CONFIG_COMPAT
1998 .compat_setsockopt = compat_sock_common_setsockopt,
1999 .compat_getsockopt = compat_sock_common_getsockopt,
2000 #endif
2001 };
2002
2003 static struct proto mptcp_v6_prot;
2004
2005 static void mptcp_v6_destroy(struct sock *sk)
2006 {
2007 mptcp_destroy(sk);
2008 inet6_destroy_sock(sk);
2009 }
2010
2011 static struct inet_protosw mptcp_v6_protosw = {
2012 .type = SOCK_STREAM,
2013 .protocol = IPPROTO_MPTCP,
2014 .prot = &mptcp_v6_prot,
2015 .ops = &mptcp_v6_stream_ops,
2016 .flags = INET_PROTOSW_ICSK,
2017 };
2018
2019 int mptcp_proto_v6_init(void)
2020 {
2021 int err;
2022
2023 mptcp_v6_prot = mptcp_prot;
2024 strcpy(mptcp_v6_prot.name, "MPTCPv6");
2025 mptcp_v6_prot.slab = NULL;
2026 mptcp_v6_prot.destroy = mptcp_v6_destroy;
2027 mptcp_v6_prot.obj_size = sizeof(struct mptcp6_sock);
2028
2029 err = proto_register(&mptcp_v6_prot, 1);
2030 if (err)
2031 return err;
2032
2033 err = inet6_register_protosw(&mptcp_v6_protosw);
2034 if (err)
2035 proto_unregister(&mptcp_v6_prot);
2036
2037 return err;
2038 }
2039 #endif
A mirror of Linus' kernel repository