/*
* INET An implementation of the TCP/IP protocol suite for the LINUX
* operating system. INET is implemented using the BSD Socket
* interface as the means of communication with the user level.
*
* Implementation of the Transmission Control Protocol(TCP).
*
* Version: @(#)tcp_input.c 1.0.16 05/25/93
*
* Authors: Ross Biro, <bir7@leland.Stanford.Edu>
* Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
* Mark Evans, <evansmp@uhura.aston.ac.uk>
* Corey Minyard <wf-rch!minyard@relay.EU.net>
* Florian La Roche, <flla@stud.uni-sb.de>
* Charles Hedrick, <hedrick@klinzhai.rutgers.edu>
* Linus Torvalds, <torvalds@cs.helsinki.fi>
* Alan Cox, <gw4pts@gw4pts.ampr.org>
* Matthew Dillon, <dillon@apollo.west.oic.com>
* Arnt Gulbrandsen, <agulbra@nvg.unit.no>
* Jorge Cwik, <jorge@laser.satlink.net>
*
* FIXES
* Pedro Roque : Double ACK bug
* Eric Schenk : Fixes to slow start algorithm.
* Eric Schenk : Yet another double ACK bug.
* Eric Schenk : Delayed ACK bug fixes.
* Eric Schenk : Floyd style fast retrans war avoidance.
* Eric Schenk : Skip fast retransmit on small windows.
* Eric schenk : Fixes to retransmission code to
* : avoid extra retransmission.
* Theodore Ts'o : Do secure TCP sequence numbers.
*/
#include <linux/config.h>
#include <linux/types.h>
#include <linux/random.h>
#include <net/tcp.h>
/*
* Policy code extracted so it's now separate
*/
/*
* Called each time to estimate the delayed ack timeout. This is
* how it should be done so a fast link isn't impacted by ack delay.
*/
extern __inline__ void tcp_delack_estimator(struct sock *sk)
{
/*
* Delayed ACK time estimator.
*/
if (sk->lrcvtime == 0)
{
sk->lrcvtime = jiffies;
sk->ato = HZ/3;
}
else
{
int m;
m = jiffies - sk->lrcvtime;
sk->lrcvtime = jiffies;
if (m <= 0)
m = 1;
/* This used to test against sk->rtt.
* On a purely receiving link, there is no rtt measure.
* The result is that we lose delayed ACKs on one-way links.
* Therefore we test against sk->rto, which will always
* at least have a default value.
*/
if (m > sk->rto)
{
sk->ato = sk->rto;
/*
* printk(KERN_DEBUG "ato: rtt %lu\n", sk->ato);
*/
}
else
{
/*
* Very fast acting estimator.
* May fluctuate too much. Probably we should be
* doing something like the rtt estimator here.
*/
sk->ato = (sk->ato >> 1) + m;
/*
* printk(KERN_DEBUG "ato: m %lu\n", sk->ato);
*/
}
}
}
/*
* Called on frames that were known _not_ to have been
* retransmitted [see Karn/Partridge Proceedings SIGCOMM 87].
* The algorithm is from the SIGCOMM 88 piece by Van Jacobson.
*/
extern __inline__ void tcp_rtt_estimator(struct sock *sk, struct sk_buff *oskb)
{
long m;
/*
* The following amusing code comes from Jacobson's
* article in SIGCOMM '88. Note that rtt and mdev
* are scaled versions of rtt and mean deviation.
* This is designed to be as fast as possible
* m stands for "measurement".
*/
m = jiffies - oskb->when; /* RTT */
if (sk->rtt != 0) {
if(m<=0)
m=1; /* IS THIS RIGHT FOR <0 ??? */
m -= (sk->rtt >> 3); /* m is now error in rtt est */
sk->rtt += m; /* rtt = 7/8 rtt + 1/8 new */
if (m < 0)
m = -m; /* m is now abs(error) */
m -= (sk->mdev >> 2); /* similar update on mdev */
sk->mdev += m; /* mdev = 3/4 mdev + 1/4 new */
} else {
/* no previous measure. */
sk->rtt = m<<3; /* take the measured time to be rtt */
sk->mdev = m<<1; /* make sure rto = 3*rtt */
}
/*
* Now update timeout. Note that this removes any backoff.
*/
/* Jacobson's algorithm calls for rto = R + 4V.
* We diverge from Jacobson's algorithm here. See the commentary
* in tcp_ack to understand why.
*/
sk->rto = (sk->rtt >> 3) + sk->mdev;
sk->rto += (sk->rto>>2) + (sk->rto >> (sk->cong_window-1));
if (sk->rto > 120*HZ)
sk->rto = 120*HZ;
if (sk->rto < HZ/5) /* Was 1*HZ - keep .2 as minimum cos of the BSD delayed acks */
sk->rto = HZ/5;
sk->backoff = 0;
}
/*
* Cached last hit socket
*/
static volatile unsigned long th_cache_saddr, th_cache_daddr;
static volatile unsigned short th_cache_dport, th_cache_sport;
static volatile struct sock *th_cache_sk;
void tcp_cache_zap(void)
{
th_cache_sk=NULL;
}
/*
* Find the socket, using the last hit cache if applicable. The cache is not quite
* right...
*/
static inline struct sock * get_tcp_sock(u32 saddr, u16 sport, u32 daddr, u16 dport, u32 paddr, u16 pport)
{
struct sock * sk;
sk = (struct sock *) th_cache_sk;
if (!sk || saddr != th_cache_saddr || daddr != th_cache_daddr ||
sport != th_cache_sport || dport != th_cache_dport) {
sk = get_sock(&tcp_prot, dport, saddr, sport, daddr, paddr, pport);
if (sk) {
th_cache_saddr=saddr;
th_cache_daddr=daddr;
th_cache_dport=dport;
th_cache_sport=sport;
th_cache_sk=sk;
}
}
return sk;
}
/*
* React to a out-of-window TCP sequence number in an incoming packet
*/
static void bad_tcp_sequence(struct sock *sk, struct tcphdr *th, u32 end_seq,
struct device *dev)
{
if (th->rst)
return;
/*
* Send a reset if we get something not ours and we are
* unsynchronized. Note: We don't do anything to our end. We
* are just killing the bogus remote connection then we will
* connect again and it will work (with luck).
*/
if (sk->state==TCP_SYN_SENT || sk->state==TCP_SYN_RECV)
{
tcp_send_reset(sk->saddr,sk->daddr,th,sk->prot,NULL,dev,0,255);
return;
}
/*
* This packet is old news. Usually this is just a resend
* from the far end, but sometimes it means the far end lost
* an ACK we sent, so we better send an ACK.
*/
/*
* BEWARE! Unconditional answering by ack to out-of-window ack
* can result in infinite exchange of empty acks.
* This check cures bug, found by Michiel Boland, but
* not another possible cases.
* If we are in TCP_TIME_WAIT, we have already received
* FIN, so that our peer need not window update. If our
* ACK were lost, peer would retransmit his FIN anyway. --ANK
*/
if (sk->state != TCP_TIME_WAIT || ntohl(th->seq) != end_seq)
tcp_send_ack(sk);
}
/*
* This functions checks to see if the tcp header is actually acceptable.
*/
extern __inline__ int tcp_sequence(struct sock *sk, u32 seq, u32 end_seq)
{
u32 end_window = sk->lastwin_seq + sk->window;
return /* if start is at end of window, end must be too (zero window) */
(seq == end_window && seq == end_seq) ||
/* if start is before end of window, check for interest */
(before(seq, end_window) && !before(end_seq, sk->acked_seq));
}
/*
* When we get a reset we do this. This probably is a tcp_output routine
* really.
*/
static int tcp_reset(struct sock *sk, struct sk_buff *skb)
{
sk->zapped = 1;
/*
* We want the right error as BSD sees it (and indeed as we do).
*/
switch (sk->state) {
case TCP_TIME_WAIT:
break;
case TCP_SYN_SENT:
sk->err = ECONNREFUSED;
break;
case TCP_CLOSE_WAIT:
sk->err = EPIPE;
break;
default:
sk->err = ECONNRESET;
}
#ifdef CONFIG_TCP_RFC1337
/*
* Time wait assassination protection [RFC1337]
*
* This is a good idea, but causes more sockets to take time to close.
*
* Ian Heavens has since shown this is an inadequate fix for the protocol
* bug in question.
*/
if(sk->state!=TCP_TIME_WAIT)
{
tcp_set_state(sk,TCP_CLOSE);
sk->shutdown = SHUTDOWN_MASK;
}
#else
tcp_set_state(sk,TCP_CLOSE);
sk->shutdown = SHUTDOWN_MASK;
#endif
if (!sk->dead)
sk->state_change(sk);
kfree_skb(skb, FREE_READ);
return(0);
}
/*
* Look for tcp options. Parses everything but only knows about MSS.
* This routine is always called with the packet containing the SYN.
* However it may also be called with the ack to the SYN. So you
* can't assume this is always the SYN. It's always called after
* we have set up sk->mtu to our own MTU.
*
* We need at minimum to add PAWS support here. Possibly large windows
* as Linux gets deployed on 100Mb/sec networks.
*/
static void tcp_options(struct sock *sk, struct tcphdr *th)
{
unsigned char *ptr;
int length=(th->doff*4)-sizeof(struct tcphdr);
int mss_seen = 0;
ptr = (unsigned char *)(th + 1);
while(length>0)
{
int opcode=*ptr++;
int opsize=*ptr++;
switch(opcode)
{
case TCPOPT_EOL:
return;
case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */
length--;
ptr--; /* the opsize=*ptr++ above was a mistake */
continue;
default:
if(opsize<=2) /* Avoid silly options looping forever */
return;
switch(opcode)
{
case TCPOPT_MSS:
if(opsize==4 && th->syn)
{
sk->mtu=min(sk->mtu,ntohs(*(unsigned short *)ptr));
mss_seen = 1;
}
break;
/* Add other options here as people feel the urge to implement stuff like large windows */
}
ptr+=opsize-2;
length-=opsize;
}
}
if (th->syn)
{
if (! mss_seen)
sk->mtu=min(sk->mtu, 536); /* default MSS if none sent */
}
#ifdef CONFIG_INET_PCTCP
sk->mss = min(sk->max_window >> 1, sk->mtu);
#else
sk->mss = min(sk->max_window, sk->mtu);
sk->max_unacked = 2 * sk->mss;
#endif
}
/*
* This routine handles a connection request.
* It should make sure we haven't already responded.
* Because of the way BSD works, we have to send a syn/ack now.
* This also means it will be harder to close a socket which is
* listening.
*/
static void tcp_conn_request(struct sock *sk, struct sk_buff *skb,
u32 daddr, u32 saddr, struct options *opt, struct device *dev, u32 seq)
{
struct sock *newsk;
struct tcphdr *th;
struct rtable *rt;
th = skb->h.th;
/* If the socket is dead, don't accept the connection. */
if (!sk->dead)
{
sk->data_ready(sk,0);
}
else
{
if(sk->debug)
printk("Reset on %p: Connect on dead socket.\n",sk);
tcp_send_reset(daddr, saddr, th, sk->prot, opt, dev, 0,255);
tcp_statistics.TcpAttemptFails++;
kfree_skb(skb, FREE_READ);
return;
}
/*
* Make sure we can accept more. This will prevent a
* flurry of syns from eating up all our memory.
*
* BSD does some funnies here and allows 3/2 times the
* set backlog as a fudge factor. That's just too gross.
*/
if (sk->ack_backlog >= sk->max_ack_backlog)
{
tcp_statistics.TcpAttemptFails++;
kfree_skb(skb, FREE_READ);
return;
}
/*
* We need to build a new sock struct.
* It is sort of bad to have a socket without an inode attached
* to it, but the wake_up's will just wake up the listening socket,
* and if the listening socket is destroyed before this is taken
* off of the queue, this will take care of it.
*/
newsk = (struct sock *) kmalloc(sizeof(struct sock), GFP_ATOMIC);
if (newsk == NULL)
{
/* just ignore the syn. It will get retransmitted. */
tcp_statistics.TcpAttemptFails++;
kfree_skb(skb, FREE_READ);
return;
}
memcpy(newsk, sk, sizeof(*newsk));
newsk->opt = NULL;
newsk->ip_route_cache = NULL;
if (opt && opt->optlen)
{
sk->opt = (struct options*)kmalloc(sizeof(struct options)+opt->optlen, GFP_ATOMIC);
if (!sk->opt)
{
kfree_s(newsk, sizeof(struct sock));
tcp_statistics.TcpAttemptFails++;
kfree_skb(skb, FREE_READ);
return;
}
if (ip_options_echo(sk->opt, opt, daddr, saddr, skb))
{
kfree_s(sk->opt, sizeof(struct options)+opt->optlen);
kfree_s(newsk, sizeof(struct sock));
tcp_statistics.TcpAttemptFails++;
kfree_skb(skb, FREE_READ);
return;
}
}
skb->when = jiffies; /* For timeout */
skb_queue_head_init(&newsk->write_queue);
skb_queue_head_init(&newsk->receive_queue);
newsk->send_head = NULL;
newsk->send_tail = NULL;
newsk->send_next = NULL;
skb_queue_head_init(&newsk->back_log);
newsk->rtt = 0;
newsk->rto = TCP_TIMEOUT_INIT;
newsk->mdev = TCP_TIMEOUT_INIT;
newsk->max_window = 0;
/*
* See draft-stevens-tcpca-spec-01 for discussion of the
* initialization of these values.
*/
newsk->cong_window = 1;
newsk->cong_count = 0;
newsk->ssthresh = 0x7fffffff;
newsk->lrcvtime = 0;
newsk->idletime = 0;
newsk->high_seq = 0;
newsk->backoff = 0;
newsk->blog = 0;
newsk->intr = 0;
newsk->proc = 0;
newsk->done = 0;
newsk->partial = NULL;
newsk->pair = NULL;
newsk->wmem_alloc = 0;
newsk->rmem_alloc = 0;
newsk->localroute = sk->localroute;
newsk->max_unacked = MAX_WINDOW - TCP_WINDOW_DIFF;
newsk->err = 0;
newsk->shutdown = 0;
newsk->ack_backlog = 0;
newsk->acked_seq = skb->seq+1;
newsk->lastwin_seq = skb->seq+1;
newsk->delay_acks = 1;
newsk->copied_seq = skb->seq+1;
newsk->fin_seq = skb->seq;
newsk->syn_seq = skb->seq;
newsk->state = TCP_SYN_RECV;
newsk->timeout = 0;
newsk->ip_xmit_timeout = 0;
newsk->write_seq = seq;
newsk->window_seq = newsk->write_seq;
newsk->rcv_ack_seq = newsk->write_seq;
newsk->urg_data = 0;
newsk->retransmits = 0;
newsk->linger=0;
newsk->destroy = 0;
init_timer(&newsk->timer);
newsk->timer.data = (unsigned long)newsk;
newsk->timer.function = &net_timer;
init_timer(&newsk->delack_timer);
newsk->delack_timer.data = (unsigned long)newsk;
newsk->delack_timer.function = tcp_delack_timer;
init_timer(&newsk->retransmit_timer);
newsk->retransmit_timer.data = (unsigned long)newsk;
newsk->retransmit_timer.function = tcp_retransmit_timer;
newsk->dummy_th.source = skb->h.th->dest;
newsk->dummy_th.dest = skb->h.th->source;
newsk->users=0;
#ifdef CONFIG_IP_TRANSPARENT_PROXY
/*
* Deal with possibly redirected traffic by setting num to
* the intended destination port of the received packet.
*/
newsk->num = ntohs(skb->h.th->dest);
#endif
/*
* Swap these two, they are from our point of view.
*/
newsk->daddr = saddr;
newsk->saddr = daddr;
newsk->rcv_saddr = daddr;
put_sock(newsk->num,newsk);
newsk->acked_seq = skb->seq + 1;
newsk->copied_seq = skb->seq + 1;
newsk->socket = NULL;
/*
* Grab the ttl and tos values and use them
*/
newsk->ip_ttl=sk->ip_ttl;
newsk->ip_tos=skb->ip_hdr->tos;
/*
* Use 512 or whatever user asked for
*/
/*
* Note use of sk->user_mss, since user has no direct access to newsk
*/
rt = ip_rt_route(newsk->opt && newsk->opt->srr ? newsk->opt->faddr : saddr, 0);
newsk->ip_route_cache = rt;
if(rt!=NULL && (rt->rt_flags&RTF_WINDOW))
newsk->window_clamp = rt->rt_window;
else
newsk->window_clamp = 0;
if (sk->user_mss)
newsk->mtu = sk->user_mss;
else if (rt)
newsk->mtu = rt->rt_mtu - sizeof(struct iphdr) - sizeof(struct tcphdr);
else
newsk->mtu = 576 - sizeof(struct iphdr) - sizeof(struct tcphdr);
/*
* But not bigger than device MTU
*/
newsk->mtu = min(newsk->mtu, dev->mtu - sizeof(struct iphdr) - sizeof(struct tcphdr));
#ifdef CONFIG_SKIP
/*
* SKIP devices set their MTU to 65535. This is so they can take packets
* unfragmented to security process then fragment. They could lie to the
* TCP layer about a suitable MTU, but it's easier to let skip sort it out
* simply because the final package we want unfragmented is going to be
*
* [IPHDR][IPSP][Security data][Modified TCP data][Security data]
*/
if(skip_pick_mtu!=NULL) /* If SKIP is loaded.. */
sk->mtu=skip_pick_mtu(sk->mtu,dev);
#endif
/*
* This will min with what arrived in the packet
*/
tcp_options(newsk,skb->h.th);
tcp_cache_zap();
tcp_send_synack(newsk, sk, skb);
}
/*
* Handle a TCP window that shrunk on us. It shouldn't happen,
* but..
*
* We may need to move packets from the send queue
* to the write queue, if the window has been shrunk on us.
* The RFC says you are not allowed to shrink your window
* like this, but if the other end does, you must be able
* to deal with it.
*/
void tcp_window_shrunk(struct sock * sk, u32 window_seq)
{
struct sk_buff *skb;
struct sk_buff *skb2;
struct sk_buff *wskb = NULL;
skb2 = sk->send_head;
sk->send_head = NULL;
sk->send_tail = NULL;
sk->send_next = NULL;
/*
* This is an artifact of a flawed concept. We want one
* queue and a smarter send routine when we send all.
*/
cli();
while (skb2 != NULL)
{
skb = skb2;
skb2 = skb->link3;
skb->link3 = NULL;
if (after(skb->end_seq, window_seq))
{
if (sk->packets_out > 0)
sk->packets_out--;
/* We may need to remove this from the dev send list. */
if (skb->next != NULL)
{
skb_unlink(skb);
}
/* Now add it to the write_queue. */
if (wskb == NULL)
skb_queue_head(&sk->write_queue,skb);
else
skb_append(wskb,skb);
wskb = skb;
}
else
{
if (sk->send_head == NULL)
{
sk->send_head = skb;
sk->send_tail = skb;
sk->send_next = skb;
}
else
{
sk->send_tail->link3 = skb;
sk->send_tail = skb;
}
skb->link3 = NULL;
}
}
sti();
}
/*
* This routine deals with incoming acks, but not outgoing ones.
*
* This routine is totally _WRONG_. The list structuring is wrong,
* the algorithm is wrong, the code is wrong.
*/
static int tcp_ack(struct sock *sk, struct tcphdr *th, u32 ack, int len)
{
int flag = 0;
u32 window_seq;
/*
* 1 - there was data in packet as well as ack or new data is sent or
* in shutdown state
* 2 - data from retransmit queue was acked and removed
* 4 - window shrunk or data from retransmit queue was acked and removed
*/
if(sk->zapped)
return(1); /* Dead, can't ack any more so why bother */
/*
* We have dropped back to keepalive timeouts. Thus we have
* no retransmits pending.
*/
if (sk->ip_xmit_timeout == TIME_KEEPOPEN)
sk->retransmits = 0;
/*
* If the ack is newer than sent or older than previous acks
* then we can probably ignore it.
*/
if (after(ack, sk->sent_seq) || before(ack, sk->rcv_ack_seq))
goto uninteresting_ack;
/*
* Have we discovered a larger window
*/
window_seq = ntohs(th->window);
if (window_seq > sk->max_window)
{
sk->max_window = window_seq;
#ifdef CONFIG_INET_PCTCP
/* Hack because we don't send partial packets to non SWS
handling hosts */
sk->mss = min(window_seq>>1, sk->mtu);
#else
sk->mss = min(window_seq, sk->mtu);
#endif
}
window_seq += ack;
/*
* See if our window has been shrunk.
*/
if (after(sk->window_seq, window_seq))
tcp_window_shrunk(sk, window_seq);
/*
* Pipe has emptied
*/
if (sk->send_tail == NULL || sk->send_head == NULL)
{
sk->send_head = NULL;
sk->send_tail = NULL;
sk->send_next = NULL;
sk->packets_out= 0;
}
/*
* We don't want too many packets out there.
*/
if (sk->ip_xmit_timeout == TIME_WRITE &&
sk->cong_window < 2048 && after(ack, sk->rcv_ack_seq))
{
/*
* This is Jacobson's slow start and congestion avoidance.
* SIGCOMM '88, p. 328. Because we keep cong_window in integral
* mss's, we can't do cwnd += 1 / cwnd. Instead, maintain a
* counter and increment it once every cwnd times. It's possible
* that this should be done only if sk->retransmits == 0. I'm
* interpreting "new data is acked" as including data that has
* been retransmitted but is just now being acked.
*/
if (sk->cong_window <= sk->ssthresh)
/*
* In "safe" area, increase
*/
sk->cong_window++;
else
{
/*
* In dangerous area, increase slowly. In theory this is
* sk->cong_window += 1 / sk->cong_window
*/
if (sk->cong_count >= sk->cong_window)
{
sk->cong_window++;
sk->cong_count = 0;
}
else
sk->cong_count++;
}
}
/*
* Remember the highest ack received and update the
* right hand window edge of the host.
* We do a bit of work here to track number of times we've
* seen this ack without a change in the right edge of the
* window and no data in the packet.
* This will allow us to do fast retransmits.
*/
/* We are looking for duplicate ACKs here.
* An ACK is a duplicate if:
* (1) it has the same sequence number as the largest number we've seen,
* (2) it has the same window as the last ACK,
* (3) we have outstanding data that has not been ACKed
* (4) The packet was not carrying any data.
* (5) [From Floyd's paper on fast retransmit wars]
* The packet acked data after high_seq;
* I've tried to order these in occurrence of most likely to fail
* to least likely to fail.
* [These are an extension of the rules BSD stacks use to
* determine if an ACK is a duplicate.]
*/
if (sk->rcv_ack_seq == ack
&& sk->window_seq == window_seq
&& len != th->doff*4
&& before(ack, sk->sent_seq)
&& after(ack, sk->high_seq))
{
/* Prevent counting of duplicate ACKs if the congestion
* window is smaller than 3. Note that since we reduce
* the congestion window when we do a fast retransmit,
* we must be careful to keep counting if we were already
* counting. The idea behind this is to avoid doing
* fast retransmits if the congestion window is so small
* that we cannot get 3 ACKs due to the loss of a packet
* unless we are getting ACKs for retransmitted packets.
*/
if (sk->cong_window >= 3 || sk->rcv_ack_cnt > MAX_DUP_ACKS+1)
sk->rcv_ack_cnt++;
/* See draft-stevens-tcpca-spec-01 for explanation
* of what we are doing here.
*/
if (sk->rcv_ack_cnt == MAX_DUP_ACKS+1) {
int tmp;
/* We need to be a bit careful to preserve the
* count of packets that are out in the system here.
*/
sk->ssthresh = max(sk->cong_window >> 1, 2);
sk->cong_window = sk->ssthresh+MAX_DUP_ACKS+1;
tmp = sk->packets_out;
tcp_do_retransmit(sk,0);
sk->packets_out = tmp;
} else if (sk->rcv_ack_cnt > MAX_DUP_ACKS+1) {
sk->cong_window++;
/*
* At this point we are suppose to transmit a NEW
* packet (not retransmit the missing packet,
* this would only get us into a retransmit war.)
* I think that having just adjusted cong_window
* we will transmit the new packet below.
*/
}
}
else
{
if (sk->rcv_ack_cnt > MAX_DUP_ACKS) {
sk->cong_window = sk->ssthresh;
}
sk->window_seq = window_seq;
sk->rcv_ack_seq = ack;
sk->rcv_ack_cnt = 1;
}
/*
* We passed data and got it acked, remove any soft error
* log. Something worked...
*/
sk->err_soft = 0;
/*
* If this ack opens up a zero window, clear backoff. It was
* being used to time the probes, and is probably far higher than
* it needs to be for normal retransmission.
*/
if (sk->ip_xmit_timeout == TIME_PROBE0)
{
sk->retransmits = 0; /* Our probe was answered */
/*
* Was it a usable window open ?
*/
if (!skb_queue_empty(&sk->write_queue) && /* should always be true */
! before (sk->window_seq, sk->write_queue.next->end_seq))
{
sk->backoff = 0;
/*
* Recompute rto from rtt. this eliminates any backoff.
*/
/*
* Appendix C of Van Jacobson's final version of
* the SIGCOMM 88 paper states that although
* the original paper suggested that
* RTO = R*2V
* was the correct calculation experience showed
* better results using
* RTO = R*4V
* In particular this gives better performance over
* slow links, and should not effect fast links.
*
* Note: Jacobson's algorithm is fine on BSD which
* has a 1/2 second granularity clock, but with our
* 1/100 second granularity clock we become too
* sensitive to minor changes in the round trip time.
* We add in two compensating factors.
* First we multiply by 5/4. For large congestion
* windows this allows us to tolerate burst traffic
* delaying up to 1/4 of our packets.
* We also add in a rtt / cong_window term.
* For small congestion windows this allows
* a single packet delay, but has negligible effect
* on the compensation for large windows.
*/
sk->rto = (sk->rtt >> 3) + sk->mdev;
sk->rto += (sk->rto>>2) + (sk->rto >> (sk->cong_window-1));
if (sk->rto > 120*HZ)
sk->rto = 120*HZ;
if (sk->rto < HZ/5) /* Was 1*HZ, then 1 - turns out we must allow about
.2 of a second because of BSD delayed acks - on a 100Mb/sec link
.2 of a second is going to need huge windows (SIGH) */
sk->rto = HZ/5;
}
}
/*
* See if we can take anything off of the retransmit queue.
*/
for (;;) {
struct sk_buff * skb = sk->send_head;
if (!skb)
break;
/* Check for a bug. */
if (skb->link3 && after(skb->end_seq, skb->link3->end_seq))
printk("INET: tcp.c: *** bug send_list out of order.\n");
/*
* If our packet is before the ack sequence we can
* discard it as it's confirmed to have arrived the other end.
*/
if (after(skb->end_seq, ack))
break;
if (sk->retransmits)
{
/*
* We were retransmitting. don't count this in RTT est
*/
flag |= 2;
}
if ((sk->send_head = skb->link3) == NULL)
{
sk->send_tail = NULL;
sk->send_next = NULL;
sk->retransmits = 0;
}
/*
* advance the send_next pointer if needed.
*/
if (sk->send_next == skb)
sk->send_next = sk->send_head;
/*
* Note that we only reset backoff and rto in the
* rtt recomputation code. And that doesn't happen
* if there were retransmissions in effect. So the
* first new packet after the retransmissions is
* sent with the backoff still in effect. Not until
* we get an ack from a non-retransmitted packet do
* we reset the backoff and rto. This allows us to deal
* with a situation where the network delay has increased
* suddenly. I.e. Karn's algorithm. (SIGCOMM '87, p5.)
*/
/*
* We have one less packet out there.
*/
if (sk->packets_out > 0)
sk->packets_out --;
/* This is really only supposed to be called when we
* are actually ACKing new data, which should exclude
* the ACK handshake on an initial SYN packet as well.
* Rather than introducing a new test here for this
* special case, we just reset the initial values for
* rtt immediately after we move to the established state.
*/
if (!(flag&2)) /* Not retransmitting */
tcp_rtt_estimator(sk,skb);
IS_SKB(skb);
/*
* We may need to remove this from the dev send list.
*/
cli();
if (skb->next)
skb_unlink(skb);
sti();
kfree_skb(skb, FREE_WRITE); /* write. */
if (!sk->dead)
sk->write_space(sk);
}
/*
* Maybe we can take some stuff off of the write queue,
* and put it onto the xmit queue.
* There is bizarre case being tested here, to check if
* the data at the head of the queue ends before the start of
* the sequence we already ACKed. This is not an error,
* it can occur when we send a packet directly off of the write_queue
* in a zero window probe.
*/
if (!skb_queue_empty(&sk->write_queue) &&
!before(sk->window_seq, sk->write_queue.next->end_seq) &&
(sk->retransmits == 0 ||
sk->ip_xmit_timeout != TIME_WRITE ||
!after(sk->write_queue.next->end_seq, sk->rcv_ack_seq)) &&
sk->packets_out < sk->cong_window)
{
/*
* Add more data to the send queue.
*/
tcp_write_xmit(sk);
}
/*
* Reset timers to reflect the new state.
*
* from TIME_WAIT we stay in TIME_WAIT as long as we rx packets
* from TCP_CLOSE we don't do anything
*
* from anything else, if there is queued data (or fin) pending,
* we use a TIME_WRITE timeout, if there is data to write but
* no room in the window we use TIME_PROBE0, else if keepalive
* we reset to a KEEPALIVE timeout, else we delete the timer.
*
* We do not set flag for nominal write data, otherwise we may
* force a state where we start to write itsy bitsy tidbits
* of data.
*/
switch(sk->state) {
case TCP_TIME_WAIT:
/*
* keep us in TIME_WAIT until we stop getting packets,
* reset the timeout.
*/
tcp_reset_msl_timer(sk, TIME_CLOSE, TCP_TIMEWAIT_LEN);
break;
case TCP_CLOSE:
/*
* don't touch the timer.
*/
break;
default:
/*
* Must check send_head and write_queue
* to determine which timeout to use.
*/
if (sk->send_head) {
tcp_reset_xmit_timer(sk, TIME_WRITE, sk->rto);
} else if (!skb_queue_empty(&sk->write_queue)
&& sk->ack_backlog == 0)
{
/*
* if the write queue is not empty when we get here
* then we failed to move any data to the retransmit
* queue above. (If we had send_head would be non-NULL).
* Furthermore, since the send_head is NULL here
* we must not be in retransmit mode at this point.
* This implies we have no packets in flight,
* hence sk->packets_out < sk->cong_window.
* Examining the conditions for the test to move
* data to the retransmission queue we find that
* we must therefore have a zero window.
* Hence, if the ack_backlog is 0 we should initiate
* a zero probe.
* We don't do a zero probe if we have a delayed
* ACK in hand since the other side may have a
* window opening, but they are waiting to hear
* from us before they tell us about it.
* (They are applying Nagle's rule).
* So, we don't set up the zero window probe
* just yet. We do have to clear the timer
* though in this case...
*/
tcp_reset_xmit_timer(sk, TIME_PROBE0, sk->rto);
} else if (sk->keepopen) {
tcp_reset_xmit_timer(sk, TIME_KEEPOPEN, TCP_TIMEOUT_LEN);
} else {
del_timer(&sk->retransmit_timer);
sk->ip_xmit_timeout = 0;
}
break;
}
/*
* We have nothing queued but space to send. Send any partial
* packets immediately (end of Nagle rule application).
*/
if (sk->packets_out == 0
&& sk->partial != NULL
&& skb_queue_empty(&sk->write_queue)
&& sk->send_head == NULL)
{
tcp_send_partial(sk);
}
/*
* In the LAST_ACK case, the other end FIN'd us. We then FIN'd them, and
* we are now waiting for an acknowledge to our FIN. The other end is
* already in TIME_WAIT.
*
* Move to TCP_CLOSE on success.
*/
if (sk->state == TCP_LAST_ACK)
{
if (!sk->dead)
sk->state_change(sk);
if(sk->debug)
printk("rcv_ack_seq: %X==%X, acked_seq: %X==%X\n",
sk->rcv_ack_seq,sk->write_seq,sk->acked_seq,sk->fin_seq);
if (sk->rcv_ack_seq == sk->write_seq /*&& sk->acked_seq == sk->fin_seq*/)
{
sk->shutdown = SHUTDOWN_MASK;
tcp_set_state(sk,TCP_CLOSE);
return 1;
}
}
/*
* Incoming ACK to a FIN we sent in the case of our initiating the close.
*
* Move to FIN_WAIT2 to await a FIN from the other end. Set
* SEND_SHUTDOWN but not RCV_SHUTDOWN as data can still be coming in.
*/
if (sk->state == TCP_FIN_WAIT1)
{
if (!sk->dead)
sk->state_change(sk);
if (sk->rcv_ack_seq == sk->write_seq)
{
sk->shutdown |= SEND_SHUTDOWN;
tcp_set_state(sk, TCP_FIN_WAIT2);
/* If the socket is dead, then there is no
* user process hanging around using it.
* We want to set up a FIN_WAIT2 timeout ala BSD.
*/
if (sk->dead)
tcp_reset_msl_timer(sk, TIME_CLOSE, TCP_FIN_TIMEOUT);
}
}
/*
* Incoming ACK to a FIN we sent in the case of a simultaneous close.
*
* Move to TIME_WAIT
*/
if (sk->state == TCP_CLOSING)
{
if (!sk->dead)
sk->state_change(sk);
if (sk->rcv_ack_seq == sk->write_seq)
{
tcp_time_wait(sk);
}
}
/*
* Final ack of a three way shake
*/
if (sk->state==TCP_SYN_RECV)
{
tcp_set_state(sk, TCP_ESTABLISHED);
tcp_options(sk,th);
sk->dummy_th.dest=th->source;
sk->copied_seq = sk->acked_seq;
if(!sk->dead)
sk->state_change(sk);
if(sk->max_window==0)
{
sk->max_window=32; /* Sanity check */
sk->mss=min(sk->max_window,sk->mtu);
}
/* Reset the RTT estimator to the initial
* state rather than testing to avoid
* updating it on the ACK to the SYN packet.
*/
sk->rtt = 0;
sk->rto = TCP_TIMEOUT_INIT;
sk->mdev = TCP_TIMEOUT_INIT;
}
/*
* The following code has been greatly simplified from the
* old hacked up stuff. The wonders of properly setting the
* retransmission timeouts.
*
* If we are retransmitting, and we acked a packet on the retransmit
* queue, and there is still something in the retransmit queue,
* then we can output some retransmission packets.
*/
if (sk->send_head != NULL && (flag&2) && sk->retransmits)
{
tcp_do_retransmit(sk, 1);
}
return 1;
uninteresting_ack:
if(sk->debug)
printk("Ack ignored %u %u\n",ack,sk->sent_seq);
/*
* Keepalive processing.
*/
if (after(ack, sk->sent_seq))
{
return 0;
}
/*
* Restart the keepalive timer.
*/
if (sk->keepopen)
{
if(sk->ip_xmit_timeout==TIME_KEEPOPEN)
tcp_reset_xmit_timer(sk, TIME_KEEPOPEN, TCP_TIMEOUT_LEN);
}
return 1;
}
/*
* Process the FIN bit. This now behaves as it is supposed to work
* and the FIN takes effect when it is validly part of sequence
* space. Not before when we get holes.
*
* If we are ESTABLISHED, a received fin moves us to CLOSE-WAIT
* (and thence onto LAST-ACK and finally, CLOSE, we never enter
* TIME-WAIT)
*
* If we are in FINWAIT-1, a received FIN indicates simultaneous
* close and we go into CLOSING (and later onto TIME-WAIT)
*
* If we are in FINWAIT-2, a received FIN moves us to TIME-WAIT.
*
*/
static int tcp_fin(struct sk_buff *skb, struct sock *sk, struct tcphdr *th)
{
sk->fin_seq = skb->end_seq;
if (!sk->dead)
{
sk->state_change(sk);
sock_wake_async(sk->socket, 1);
}
switch(sk->state)
{
case TCP_SYN_RECV:
case TCP_SYN_SENT:
case TCP_ESTABLISHED:
/*
* move to CLOSE_WAIT, tcp_data() already handled
* sending the ack.
*/
tcp_set_state(sk,TCP_CLOSE_WAIT);
if (th->rst)
sk->shutdown = SHUTDOWN_MASK;
break;
case TCP_CLOSE_WAIT:
case TCP_CLOSING:
/*
* received a retransmission of the FIN, do
* nothing.
*/
break;
case TCP_TIME_WAIT:
/*
* received a retransmission of the FIN,
* restart the TIME_WAIT timer.
*/
tcp_reset_msl_timer(sk, TIME_CLOSE, TCP_TIMEWAIT_LEN);
return(0);
case TCP_FIN_WAIT1:
/*
* This case occurs when a simultaneous close
* happens, we must ack the received FIN and
* enter the CLOSING state.
*
* This causes a WRITE timeout, which will either
* move on to TIME_WAIT when we timeout, or resend
* the FIN properly (maybe we get rid of that annoying
* FIN lost hang). The TIME_WRITE code is already correct
* for handling this timeout.
*/
if (sk->ip_xmit_timeout != TIME_WRITE) {
if (sk->send_head)
tcp_reset_xmit_timer(sk, TIME_WRITE, sk->rto);
else if (sk->ip_xmit_timeout != TIME_PROBE0
|| skb_queue_empty(&sk->write_queue)) {
/* BUG check case.
* We have a problem here if there
* is no timer running [leads to
* frozen socket] or no data in the
* write queue [means we sent a fin
* and lost it from the queue before
* changing the ack properly].
*/
printk(KERN_ERR "Lost timer or fin packet in tcp_fin.\n");
}
}
tcp_set_state(sk,TCP_CLOSING);
break;
case TCP_FIN_WAIT2:
/*
* received a FIN -- send ACK and enter TIME_WAIT
*/
tcp_reset_msl_timer(sk, TIME_CLOSE, TCP_TIMEWAIT_LEN);
sk->shutdown|=SHUTDOWN_MASK;
tcp_set_state(sk,TCP_TIME_WAIT);
break;
case TCP_CLOSE:
/*
* already in CLOSE
*/
break;
default:
tcp_set_state(sk,TCP_LAST_ACK);
/* Start the timers. */
tcp_reset_msl_timer(sk, TIME_CLOSE, TCP_TIMEWAIT_LEN);
return(0);
}
return(0);
}
/*
* Add a sk_buff to the TCP receive queue, calculating
* the ACK sequence as we go..
*/
static inline void tcp_insert_skb(struct sk_buff * skb, struct sk_buff_head * list)
{
struct sk_buff * prev, * next;
u32 seq;
/*
* Find where the new skb goes.. (This goes backwards,
* on the assumption that we get the packets in order)
*/
seq = skb->seq;
prev = list->prev;
next = (struct sk_buff *) list;
for (;;) {
if (prev == (struct sk_buff *) list || !after(prev->seq, seq))
break;
next = prev;
prev = prev->prev;
}
__skb_insert(skb, prev, next, list);
}
/*
* Called for each packet when we find a new ACK endpoint sequence in it
*/
static inline u32 tcp_queue_ack(struct sk_buff * skb, struct sock * sk)
{
/*
* When we ack the fin, we do the FIN
* processing.
*/
skb->acked = 1;
if (skb->h.th->fin)
tcp_fin(skb,sk,skb->h.th);
return skb->end_seq;
}
static void tcp_queue(struct sk_buff * skb, struct sock * sk, struct tcphdr *th)
{
u32 ack_seq;
tcp_insert_skb(skb, &sk->receive_queue);
/*
* Did we get anything new to ack?
*/
ack_seq = sk->acked_seq;
if (!after(skb->seq, ack_seq)) {
if (after(skb->end_seq, ack_seq)) {
/* the packet straddles our window end */
struct sk_buff_head * list = &sk->receive_queue;
struct sk_buff * next;
ack_seq = tcp_queue_ack(skb, sk);
/*
* Do we have any old packets to ack that the above
* made visible? (Go forward from skb)
*/
next = skb->next;
while (next != (struct sk_buff *) list) {
if (after(next->seq, ack_seq))
break;
if (after(next->end_seq, ack_seq))
ack_seq = tcp_queue_ack(next, sk);
next = next->next;
}
/*
* Ok, we found new data, update acked_seq as
* necessary (and possibly send the actual
* ACK packet).
*/
sk->acked_seq = ack_seq;
} else {
if (sk->debug)
printk("Ack duplicate packet.\n");
tcp_send_ack(sk);
return;
}
/*
* Delay the ack if possible. Send ack's to
* fin frames immediately as there shouldn't be
* anything more to come.
*/
if (!sk->delay_acks || th->fin) {
tcp_send_ack(sk);
} else {
/*
* If psh is set we assume it's an
* interactive session that wants quick
* acks to avoid nagling too much.
*/
int delay = HZ/2;
if (th->psh)
delay = HZ/50;
tcp_send_delayed_ack(sk, delay, sk->ato);
}
/*
* Tell the user we have some more data.
*/
if (!sk->dead)
sk->data_ready(sk,0);
}
else
{
/*
* If we've missed a packet, send an ack.
* Also start a timer to send another.
*
* 4.3reno machines look for these kind of acks so
* they can do fast recovery. Three identical 'old'
* acks lets it know that one frame has been lost
* and should be resent. Because this is before the
* whole window of data has timed out it can take
* one lost frame per window without stalling.
* [See Jacobson RFC1323, Stevens TCP/IP illus vol2]
*
* We also should be spotting triple bad sequences.
* [We now do this.]
*
*/
if (!skb->acked)
{
if(sk->debug)
printk("Ack past end of seq packet.\n");
tcp_send_ack(sk);
/*
* We need to be very careful here. We must
* not violate Jacobsons packet conservation condition.
* This means we should only send an ACK when a packet
* leaves the network. We can say a packet left the
* network when we see a packet leave the network, or
* when an rto measure expires.
*/
tcp_send_delayed_ack(sk,sk->rto,sk->rto);
}
}
}
/*
* This routine handles the data. If there is room in the buffer,
* it will be have already been moved into it. If there is no
* room, then we will just have to discard the packet.
*/
static int tcp_data(struct sk_buff *skb, struct sock *sk,
unsigned long saddr, unsigned int len)
{
struct tcphdr *th;
u32 new_seq, shut_seq;
th = skb->h.th;
skb_pull(skb,th->doff*4);
skb_trim(skb,len-(th->doff*4));
/*
* The bytes in the receive read/assembly queue has increased. Needed for the
* low memory discard algorithm
*/
sk->bytes_rcv += skb->len;
if (skb->len == 0 && !th->fin)
{
/*
* Don't want to keep passing ack's back and forth.
* (someone sent us dataless, boring frame)
*/
if (!th->ack)
tcp_send_ack(sk);
kfree_skb(skb, FREE_READ);
return(0);
}
/*
* We no longer have anyone receiving data on this connection.
*/
#ifndef TCP_DONT_RST_SHUTDOWN
if(sk->shutdown & RCV_SHUTDOWN)
{
/*
* FIXME: BSD has some magic to avoid sending resets to
* broken 4.2 BSD keepalives. Much to my surprise a few non
* BSD stacks still have broken keepalives so we want to
* cope with it.
*/
if(skb->len) /* We don't care if it's just an ack or
a keepalive/window probe */
{
new_seq = skb->seq + skb->len + th->syn; /* Right edge of _data_ part of frame */
/* Do this the way 4.4BSD treats it. Not what I'd
regard as the meaning of the spec but it's what BSD
does and clearly they know everything 8) */
/*
* This is valid because of two things
*
* a) The way tcp_data behaves at the bottom.
* b) A fin takes effect when read not when received.
*/
shut_seq = sk->acked_seq+1; /* Last byte */
if(after(new_seq,shut_seq))
{
if(sk->debug)
printk("Data arrived on %p after close [Data right edge %X, Socket shut on %X] %d\n",
sk, new_seq, shut_seq, sk->blog);
if(sk->dead)
{
sk->acked_seq = new_seq + th->fin;
tcp_send_reset(sk->saddr, sk->daddr, skb->h.th,
sk->prot, NULL, skb->dev, 0, 255);
tcp_statistics.TcpEstabResets++;
sk->err = EPIPE;
sk->error_report(sk);
sk->shutdown = SHUTDOWN_MASK;
tcp_set_state(sk,TCP_CLOSE);
kfree_skb(skb, FREE_READ);
return 0;
}
}
}
}
#endif
/*
* We should only call this if there is data in the frame.
*/
tcp_delack_estimator(sk);
tcp_queue(skb, sk, th);
return(0);
}
/*
* This routine is only called when we have urgent data
* signalled. Its the 'slow' part of tcp_urg. It could be
* moved inline now as tcp_urg is only called from one
* place. We handle URGent data wrong. We have to - as
* BSD still doesn't use the correction from RFC961.
*
* For 1003.1g we should support a new option TCP_STDURG to permit
* either form.
*/
static void tcp_check_urg(struct sock * sk, struct tcphdr * th)
{
u32 ptr = ntohs(th->urg_ptr);
if (ptr)
ptr--;
ptr += ntohl(th->seq);
/* ignore urgent data that we've already seen and read */
if (after(sk->copied_seq, ptr))
return;
/* do we already have a newer (or duplicate) urgent pointer? */
if (sk->urg_data && !after(ptr, sk->urg_seq))
return;
/* tell the world about our new urgent pointer */
if (sk->proc != 0) {
if (sk->proc > 0) {
kill_proc(sk->proc, SIGURG, 1);
} else {
kill_pg(-sk->proc, SIGURG, 1);
}
}
/*
* We may be adding urgent data when the last byte read was
* urgent. To do this requires some care. We cannot just ignore
* sk->copied_seq since we would read the last urgent byte again
* as data, nor can we alter copied_seq until this data arrives
* or we break the sematics of SIOCATMARK (and thus sockatmark())
*/
if (sk->urg_seq == sk->copied_seq)
sk->copied_seq++; /* Move the copied sequence on correctly */
sk->urg_data = URG_NOTYET;
sk->urg_seq = ptr;
}
/*
* This is the 'fast' part of urgent handling.
*/
static inline void tcp_urg(struct sock *sk, struct tcphdr *th, unsigned long len)
{
/*
* Check if we get a new urgent pointer - normally not
*/
if (th->urg)
tcp_check_urg(sk,th);
/*
* Do we wait for any urgent data? - normally not
*/
if (sk->urg_data == URG_NOTYET) {
u32 ptr;
/*
* Is the urgent pointer pointing into this packet?
*/
ptr = sk->urg_seq - ntohl(th->seq) + th->doff*4;
if (ptr < len) {
sk->urg_data = URG_VALID | *(ptr + (unsigned char *) th);
if (!sk->dead)
sk->data_ready(sk,0);
}
}
}
/*
* This should be a bit smarter and remove partially
* overlapping stuff too, but this should be good
* enough for any even remotely normal case (and the
* worst that can happen is that we have a few
* unnecessary packets in the receive queue).
*
* This function is never called with an empty list..
*/
static inline void tcp_remove_dups(struct sk_buff_head * list)
{
struct sk_buff * next = list->next;
for (;;) {
struct sk_buff * skb = next;
next = next->next;
if (next == (struct sk_buff *) list)
break;
if (before(next->end_seq, skb->end_seq)) {
__skb_unlink(next, list);
kfree_skb(next, FREE_READ);
next = skb;
continue;
}
if (next->seq != skb->seq)
continue;
__skb_unlink(skb, list);
kfree_skb(skb, FREE_READ);
}
}
/*
* Throw out all unnecessary packets: we've gone over the
* receive queue limit. This shouldn't happen in a normal
* TCP connection, but we might have gotten duplicates etc.
*/
static void prune_queue(struct sk_buff_head * list)
{
for (;;) {
struct sk_buff * skb = list->prev;
/* gone through it all? */
if (skb == (struct sk_buff *) list)
break;
if (!skb->acked) {
__skb_unlink(skb, list);
kfree_skb(skb, FREE_READ);
continue;
}
tcp_remove_dups(list);
break;
}
}
#ifdef CONFIG_IP_TRANSPARENT_PROXY
/*
* Check whether a received TCP packet might be for one of our
* connections.
*/
int tcp_chkaddr(struct sk_buff *skb)
{
struct iphdr *iph = skb->h.iph;
struct tcphdr *th = (struct tcphdr *)(skb->h.raw + iph->ihl*4);
struct sock *sk;
sk = get_sock(&tcp_prot, th->dest, iph->saddr, th->source, iph->daddr, 0, 0);
if (!sk) return 0;
/* 0 means accept all LOCAL addresses here, not all the world... */
if (sk->rcv_saddr == 0) return 0;
return 1;
}
#endif
/*
* A TCP packet has arrived.
* skb->h.raw is the TCP header.
*/
int tcp_rcv(struct sk_buff *skb, struct device *dev, struct options *opt,
__u32 daddr, unsigned short len,
__u32 saddr, int redo, struct inet_protocol * protocol)
{
struct tcphdr *th;
struct sock *sk;
__u32 seq;
#ifdef CONFIG_IP_TRANSPARENT_PROXY
int r;
#endif
/*
* "redo" is 1 if we have already seen this skb but couldn't
* use it at that time (the socket was locked). In that case
* we have already done a lot of the work (looked up the socket
* etc).
*/
th = skb->h.th;
sk = skb->sk;
if (!redo) {
tcp_statistics.TcpInSegs++;
if (skb->pkt_type!=PACKET_HOST)
goto discard_it;
/*
* Pull up the IP header.
*/
skb_pull(skb, skb->h.raw-skb->data);
/*
* Try to use the device checksum if provided.
*/
switch (skb->ip_summed)
{
case CHECKSUM_NONE:
skb->csum = csum_partial((char *)th, len, 0);
case CHECKSUM_HW:
if (tcp_check(th, len, saddr, daddr, skb->csum))
goto discard_it;
default:
/* CHECKSUM_UNNECESSARY */
}
sk = get_tcp_sock(saddr, th->source, daddr, th->dest, dev->pa_addr, skb->redirport);
if (!sk)
goto no_tcp_socket;
skb->sk = sk;
skb->seq = ntohl(th->seq);
skb->end_seq = skb->seq + th->syn + th->fin + len - th->doff*4;
skb->ack_seq = ntohl(th->ack_seq);
skb->acked = 0;
skb->used = 0;
skb->free = 1;
skb->saddr = daddr;
skb->daddr = saddr;
/*
* We may need to add it to the backlog here.
*/
if (sk->users)
{
__skb_queue_tail(&sk->back_log, skb);
return(0);
}
}
/*
* If this socket has got a reset it's to all intents and purposes
* really dead. Count closed sockets as dead.
*
* Note: BSD appears to have a bug here. A 'closed' TCP in BSD
* simply drops data. This seems incorrect as a 'closed' TCP doesn't
* exist so should cause resets as if the port was unreachable.
*/
if (sk->zapped || sk->state==TCP_CLOSE)
goto no_tcp_socket;
if (!sk->prot)
{
printk(KERN_CRIT "IMPOSSIBLE 3\n");
return(0);
}
/*
* Charge the memory to the socket.
*/
skb->sk=sk;
atomic_add(skb->truesize, &sk->rmem_alloc);
/*
* Mark the time of the last received packet.
*/
sk->idletime = jiffies;
/*
* We should now do header prediction.
*/
/*
* This basically follows the flow suggested by RFC793, with the corrections in RFC1122. We
* don't implement precedence and we process URG incorrectly (deliberately so) for BSD bug
* compatibility. We also set up variables more thoroughly [Karn notes in the
* KA9Q code the RFC793 incoming segment rules don't initialise the variables for all paths].
*/
if(sk->state!=TCP_ESTABLISHED) /* Skip this lot for normal flow */
{
/*
* Now deal with unusual cases.
*/
if(sk->state==TCP_LISTEN)
{
if(th->ack) /* These use the socket TOS.. might want to be the received TOS */
tcp_send_reset(daddr,saddr,th,sk->prot,opt,dev,0, 255);
/*
* We don't care for RST, and non SYN are absorbed (old segments)
* Broadcast/multicast SYN isn't allowed. Note - bug if you change the
* netmask on a running connection it can go broadcast. Even Sun's have
* this problem so I'm ignoring it
*/
#ifdef CONFIG_IP_TRANSPARENT_PROXY
/*
* We may get non-local addresses and still want to
* handle them locally, due to transparent proxying.
* Thus, narrow down the test to what is really meant.
*/
if(th->rst || !th->syn || th->ack || (r = ip_chk_addr(daddr)) == IS_BROADCAST || r == IS_MULTICAST)
#else
if(th->rst || !th->syn || th->ack || ip_chk_addr(daddr)!=IS_MYADDR)
#endif
{
kfree_skb(skb, FREE_READ);
return 0;
}
/*
* Guess we need to make a new socket up
*/
seq = secure_tcp_sequence_number(saddr, daddr,
skb->h.th->dest,
skb->h.th->source);
tcp_conn_request(sk, skb, daddr, saddr, opt, dev, seq);
/*
* Now we have several options: In theory there is nothing else
* in the frame. KA9Q has an option to send data with the syn,
* BSD accepts data with the syn up to the [to be] advertised window
* and Solaris 2.1 gives you a protocol error. For now we just ignore
* it, that fits the spec precisely and avoids incompatibilities. It
* would be nice in future to drop through and process the data.
*
* Now TTCP is starting to use we ought to queue this data.
*/
return 0;
}
/*
* Retransmitted SYN for our socket. This is uninteresting. If sk->state==TCP_LISTEN
* then it's a new connection
*/
if (sk->state == TCP_SYN_RECV && th->syn && skb->seq+1 == sk->acked_seq)
{
kfree_skb(skb, FREE_READ);
return 0;
}
/*
* SYN sent means we have to look for a suitable ack and either reset
* for bad matches or go to connected. The SYN_SENT case is unusual and should
* not be in line code. [AC]
*/
if(sk->state==TCP_SYN_SENT)
{
/* Crossed SYN or previous junk segment */
if(th->ack)
{
/* We got an ack, but it's not a good ack.
* We used to test this with a call to tcp_ack,
* but this loses, because it takes the SYN
* packet out of the send queue, even if
* the ACK doesn't have the SYN bit sent, and
* therefore isn't the one we are waiting for.
*/
if (after(skb->ack_seq, sk->sent_seq) || before(skb->ack_seq, sk->rcv_ack_seq))
{
/* Reset the ack - it's an ack from a
different connection [ th->rst is checked in tcp_send_reset()] */
tcp_statistics.TcpAttemptFails++;
tcp_send_reset(daddr, saddr, th,
sk->prot, opt,dev,0,255);
kfree_skb(skb, FREE_READ);
return(0);
}
if(th->rst)
return tcp_reset(sk,skb);
if(!th->syn)
{
/* A valid ack from a different connection
start. Shouldn't happen but cover it */
tcp_statistics.TcpAttemptFails++;
tcp_send_reset(daddr, saddr, th,
sk->prot, opt,dev,0,255);
kfree_skb(skb, FREE_READ);
return 0;
}
/* process the ACK, get the SYN packet out
* of the send queue, do other initial
* processing stuff. [We know it's good, and
* we know it's the SYN,ACK we want.]
*/
tcp_ack(sk,th,skb->ack_seq,len);
/*
* Ok.. it's good. Set up sequence numbers and
* move to established.
*/
sk->acked_seq = skb->seq+1;
sk->lastwin_seq = skb->seq+1;
sk->fin_seq = skb->seq;
tcp_send_ack(sk);
tcp_set_state(sk, TCP_ESTABLISHED);
tcp_options(sk,th);
sk->dummy_th.dest=th->source;
sk->copied_seq = sk->acked_seq;
if(!sk->dead)
{
sk->state_change(sk);
sock_wake_async(sk->socket, 0);
}
if(sk->max_window==0)
{
sk->max_window = 32;
sk->mss = min(sk->max_window, sk->mtu);
}
/* Reset the RTT estimator to the initial
* state rather than testing to avoid
* updating it on the ACK to the SYN packet.
*/
sk->rtt = 0;
sk->rto = TCP_TIMEOUT_INIT;
sk->mdev = TCP_TIMEOUT_INIT;
}
else
{
/* See if SYN's cross. Drop if boring */
if(th->syn && !th->rst)
{
/* Crossed SYN's are fine - but talking to
yourself is right out... */
if(sk->saddr==saddr && sk->daddr==daddr &&
sk->dummy_th.source==th->source &&
sk->dummy_th.dest==th->dest)
{
tcp_statistics.TcpAttemptFails++;
return tcp_reset(sk,skb);
}
tcp_set_state(sk,TCP_SYN_RECV);
/*
* FIXME:
* Must send SYN|ACK here
*/
}
/* Discard junk segment */
kfree_skb(skb, FREE_READ);
return 0;
}
/*
* SYN_RECV with data maybe.. drop through
*/
goto rfc_step6;
}
/*
* BSD has a funny hack with TIME_WAIT and fast reuse of a port. There is
* a more complex suggestion for fixing these reuse issues in RFC1644
* but not yet ready for general use. Also see RFC1379.
*
* Note the funny way we go back to the top of this function for
* this case ("goto try_next_socket"). That also takes care of
* checking "sk->users" for the new socket as well as doing all
* the normal tests on the packet.
*/
#define BSD_TIME_WAIT
#ifdef BSD_TIME_WAIT
if (sk->state == TCP_TIME_WAIT && th->syn && sk->dead &&
after(skb->seq, sk->acked_seq) && !th->rst)
{
u32 seq = sk->write_seq;
if(sk->debug)
printk("Doing a BSD time wait\n");
tcp_statistics.TcpEstabResets++;
atomic_sub(skb->truesize, &sk->rmem_alloc);
skb->sk = NULL;
sk->err=ECONNRESET;
tcp_set_state(sk, TCP_CLOSE);
sk->shutdown = SHUTDOWN_MASK;
sk=get_sock(&tcp_prot, th->dest, saddr, th->source, daddr, dev->pa_addr, skb->redirport);
/* this is not really correct: we should check sk->users */
if (sk && sk->state==TCP_LISTEN)
{
skb->sk = sk;
atomic_add(skb->truesize, &sk->rmem_alloc);
tcp_conn_request(sk, skb, daddr, saddr,opt, dev,seq+128000);
return 0;
}
kfree_skb(skb, FREE_READ);
return 0;
}
#endif
}
/*
* We are now in normal data flow (see the step list in the RFC)
* Note most of these are inline now. I'll inline the lot when
* I have time to test it hard and look at what gcc outputs
*/
if (!tcp_sequence(sk, skb->seq, skb->end_seq-th->syn))
{
bad_tcp_sequence(sk, th, skb->end_seq-th->syn, dev);
kfree_skb(skb, FREE_READ);
return 0;
}
if(th->rst)
return tcp_reset(sk,skb);
/*
* Check for a SYN, and ensure it matches the SYN we were
* first sent. We have to handle the rather unusual (but valid)
* sequence that KA9Q derived products may generate of
*
* SYN
* SYN|ACK Data
* ACK (lost)
* SYN|ACK Data + More Data
* .. we must ACK not RST...
*
* We keep syn_seq as the sequence space occupied by the
* original syn.
*/
if(th->syn && skb->seq!=sk->syn_seq)
{
tcp_send_reset(daddr,saddr,th, &tcp_prot, opt, dev,0, 255);
return tcp_reset(sk,skb);
}
/*
* Process the ACK
*/
if(th->ack && !tcp_ack(sk,th,skb->ack_seq,len))
{
/*
* Our three way handshake failed.
*/
if(sk->state==TCP_SYN_RECV)
{
tcp_send_reset(daddr, saddr, th,sk->prot, opt, dev,0,255);
}
kfree_skb(skb, FREE_READ);
return 0;
}
rfc_step6: /* I'll clean this up later */
/*
* If the accepted buffer put us over our queue size we
* now drop it (we must process the ack first to avoid
* deadlock cases).
*/
/*
* Process urgent data
*/
tcp_urg(sk, th, len);
/*
* Process the encapsulated data
*/
if(tcp_data(skb,sk, saddr, len))
kfree_skb(skb, FREE_READ);
/*
* If our receive queue has grown past its limits,
* try to prune away duplicates etc..
*/
if (sk->rmem_alloc > sk->rcvbuf)
prune_queue(&sk->receive_queue);
/*
* And done
*/
return 0;
no_tcp_socket:
/*
* No such TCB. If th->rst is 0 send a reset (checked in tcp_send_reset)
*/
tcp_send_reset(daddr, saddr, th, &tcp_prot, opt,dev,0,255);
discard_it:
/*
* Discard frame
*/
skb->sk = NULL;
kfree_skb(skb, FREE_READ);
return 0;
}