diff options
Diffstat (limited to 'target/linux/patches')
-rw-r--r-- | target/linux/patches/3.15.1/tcp-fastopen.patch | 1892 |
1 files changed, 30 insertions, 1862 deletions
diff --git a/target/linux/patches/3.15.1/tcp-fastopen.patch b/target/linux/patches/3.15.1/tcp-fastopen.patch index fc1d076ac..982d83305 100644 --- a/target/linux/patches/3.15.1/tcp-fastopen.patch +++ b/target/linux/patches/3.15.1/tcp-fastopen.patch @@ -1,6 +1,6 @@ -diff -Nur linux-3.15-rc7.orig/include/linux/tcp.h linux-3.15-rc7/include/linux/tcp.h ---- linux-3.15-rc7.orig/include/linux/tcp.h 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/include/linux/tcp.h 2014-05-31 22:42:49.024605293 +0200 +diff -Nur linux-3.15.1.orig/include/linux/tcp.h linux-3.15.1/include/linux/tcp.h +--- linux-3.15.1.orig/include/linux/tcp.h 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/include/linux/tcp.h 2014-06-28 10:10:20.616857903 +0200 @@ -359,6 +359,9 @@ return (struct tcp_timewait_sock *)sk; } @@ -34,9 +34,9 @@ diff -Nur linux-3.15-rc7.orig/include/linux/tcp.h linux-3.15-rc7/include/linux/t +#endif + #endif /* _LINUX_TCP_H */ -diff -Nur linux-3.15-rc7.orig/include/net/request_sock.h linux-3.15-rc7/include/net/request_sock.h ---- linux-3.15-rc7.orig/include/net/request_sock.h 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/include/net/request_sock.h 2014-05-31 22:42:49.024605293 +0200 +diff -Nur linux-3.15.1.orig/include/net/request_sock.h linux-3.15.1/include/net/request_sock.h +--- linux-3.15.1.orig/include/net/request_sock.h 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/include/net/request_sock.h 2014-06-28 10:10:20.620857907 +0200 @@ -168,8 +168,13 @@ void __reqsk_queue_destroy(struct request_sock_queue *queue); @@ -51,9 +51,9 @@ diff -Nur linux-3.15-rc7.orig/include/net/request_sock.h linux-3.15-rc7/include/ static inline struct request_sock * reqsk_queue_yank_acceptq(struct request_sock_queue *queue) -diff -Nur linux-3.15-rc7.orig/include/net/tcp.h linux-3.15-rc7/include/net/tcp.h ---- linux-3.15-rc7.orig/include/net/tcp.h 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/include/net/tcp.h 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/include/net/tcp.h linux-3.15.1/include/net/tcp.h +--- linux-3.15.1.orig/include/net/tcp.h 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/include/net/tcp.h 2014-06-28 10:10:20.620857907 +0200 @@ -251,7 +251,11 @@ extern int sysctl_tcp_retries2; extern int sysctl_tcp_orphan_retries; @@ -79,1613 +79,9 @@ diff -Nur linux-3.15-rc7.orig/include/net/tcp.h linux-3.15-rc7/include/net/tcp.h extern struct tcp_fastopen_context __rcu *tcp_fastopen_ctx; int tcp_fastopen_reset_cipher(void *key, unsigned int len); -diff -Nur linux-3.15-rc7.orig/include/net/tcp.h.orig linux-3.15-rc7/include/net/tcp.h.orig ---- linux-3.15-rc7.orig/include/net/tcp.h.orig 1970-01-01 01:00:00.000000000 +0100 -+++ linux-3.15-rc7/include/net/tcp.h.orig 2014-05-26 01:06:00.000000000 +0200 -@@ -0,0 +1,1600 @@ -+/* -+ * INET An implementation of the TCP/IP protocol suite for the LINUX -+ * operating system. INET is implemented using the BSD Socket -+ * interface as the means of communication with the user level. -+ * -+ * Definitions for the TCP module. -+ * -+ * Version: @(#)tcp.h 1.0.5 05/23/93 -+ * -+ * Authors: Ross Biro -+ * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+#ifndef _TCP_H -+#define _TCP_H -+ -+#define FASTRETRANS_DEBUG 1 -+ -+#include <linux/list.h> -+#include <linux/tcp.h> -+#include <linux/bug.h> -+#include <linux/slab.h> -+#include <linux/cache.h> -+#include <linux/percpu.h> -+#include <linux/skbuff.h> -+#include <linux/dmaengine.h> -+#include <linux/crypto.h> -+#include <linux/cryptohash.h> -+#include <linux/kref.h> -+#include <linux/ktime.h> -+ -+#include <net/inet_connection_sock.h> -+#include <net/inet_timewait_sock.h> -+#include <net/inet_hashtables.h> -+#include <net/checksum.h> -+#include <net/request_sock.h> -+#include <net/sock.h> -+#include <net/snmp.h> -+#include <net/ip.h> -+#include <net/tcp_states.h> -+#include <net/inet_ecn.h> -+#include <net/dst.h> -+ -+#include <linux/seq_file.h> -+#include <linux/memcontrol.h> -+ -+extern struct inet_hashinfo tcp_hashinfo; -+ -+extern struct percpu_counter tcp_orphan_count; -+void tcp_time_wait(struct sock *sk, int state, int timeo); -+ -+#define MAX_TCP_HEADER (128 + MAX_HEADER) -+#define MAX_TCP_OPTION_SPACE 40 -+ -+/* -+ * Never offer a window over 32767 without using window scaling. Some -+ * poor stacks do signed 16bit maths! -+ */ -+#define MAX_TCP_WINDOW 32767U -+ -+/* Minimal accepted MSS. It is (60+60+8) - (20+20). */ -+#define TCP_MIN_MSS 88U -+ -+/* The least MTU to use for probing */ -+#define TCP_BASE_MSS 512 -+ -+/* After receiving this amount of duplicate ACKs fast retransmit starts. */ -+#define TCP_FASTRETRANS_THRESH 3 -+ -+/* Maximal reordering. */ -+#define TCP_MAX_REORDERING 127 -+ -+/* Maximal number of ACKs sent quickly to accelerate slow-start. */ -+#define TCP_MAX_QUICKACKS 16U -+ -+/* urg_data states */ -+#define TCP_URG_VALID 0x0100 -+#define TCP_URG_NOTYET 0x0200 -+#define TCP_URG_READ 0x0400 -+ -+#define TCP_RETR1 3 /* -+ * This is how many retries it does before it -+ * tries to figure out if the gateway is -+ * down. Minimal RFC value is 3; it corresponds -+ * to ~3sec-8min depending on RTO. -+ */ -+ -+#define TCP_RETR2 15 /* -+ * This should take at least -+ * 90 minutes to time out. -+ * RFC1122 says that the limit is 100 sec. -+ * 15 is ~13-30min depending on RTO. -+ */ -+ -+#define TCP_SYN_RETRIES 6 /* This is how many retries are done -+ * when active opening a connection. -+ * RFC1122 says the minimum retry MUST -+ * be at least 180secs. Nevertheless -+ * this value is corresponding to -+ * 63secs of retransmission with the -+ * current initial RTO. -+ */ -+ -+#define TCP_SYNACK_RETRIES 5 /* This is how may retries are done -+ * when passive opening a connection. -+ * This is corresponding to 31secs of -+ * retransmission with the current -+ * initial RTO. -+ */ -+ -+#define TCP_TIMEWAIT_LEN (60*HZ) /* how long to wait to destroy TIME-WAIT -+ * state, about 60 seconds */ -+#define TCP_FIN_TIMEOUT TCP_TIMEWAIT_LEN -+ /* BSD style FIN_WAIT2 deadlock breaker. -+ * It used to be 3min, new value is 60sec, -+ * to combine FIN-WAIT-2 timeout with -+ * TIME-WAIT timer. -+ */ -+ -+#define TCP_DELACK_MAX ((unsigned)(HZ/5)) /* maximal time to delay before sending an ACK */ -+#if HZ >= 100 -+#define TCP_DELACK_MIN ((unsigned)(HZ/25)) /* minimal time to delay before sending an ACK */ -+#define TCP_ATO_MIN ((unsigned)(HZ/25)) -+#else -+#define TCP_DELACK_MIN 4U -+#define TCP_ATO_MIN 4U -+#endif -+#define TCP_RTO_MAX ((unsigned)(120*HZ)) -+#define TCP_RTO_MIN ((unsigned)(HZ/5)) -+#define TCP_TIMEOUT_INIT ((unsigned)(1*HZ)) /* RFC6298 2.1 initial RTO value */ -+#define TCP_TIMEOUT_FALLBACK ((unsigned)(3*HZ)) /* RFC 1122 initial RTO value, now -+ * used as a fallback RTO for the -+ * initial data transmission if no -+ * valid RTT sample has been acquired, -+ * most likely due to retrans in 3WHS. -+ */ -+ -+#define TCP_RESOURCE_PROBE_INTERVAL ((unsigned)(HZ/2U)) /* Maximal interval between probes -+ * for local resources. -+ */ -+ -+#define TCP_KEEPALIVE_TIME (120*60*HZ) /* two hours */ -+#define TCP_KEEPALIVE_PROBES 9 /* Max of 9 keepalive probes */ -+#define TCP_KEEPALIVE_INTVL (75*HZ) -+ -+#define MAX_TCP_KEEPIDLE 32767 -+#define MAX_TCP_KEEPINTVL 32767 -+#define MAX_TCP_KEEPCNT 127 -+#define MAX_TCP_SYNCNT 127 -+ -+#define TCP_SYNQ_INTERVAL (HZ/5) /* Period of SYNACK timer */ -+ -+#define TCP_PAWS_24DAYS (60 * 60 * 24 * 24) -+#define TCP_PAWS_MSL 60 /* Per-host timestamps are invalidated -+ * after this time. It should be equal -+ * (or greater than) TCP_TIMEWAIT_LEN -+ * to provide reliability equal to one -+ * provided by timewait state. -+ */ -+#define TCP_PAWS_WINDOW 1 /* Replay window for per-host -+ * timestamps. It must be less than -+ * minimal timewait lifetime. -+ */ -+/* -+ * TCP option -+ */ -+ -+#define TCPOPT_NOP 1 /* Padding */ -+#define TCPOPT_EOL 0 /* End of options */ -+#define TCPOPT_MSS 2 /* Segment size negotiating */ -+#define TCPOPT_WINDOW 3 /* Window scaling */ -+#define TCPOPT_SACK_PERM 4 /* SACK Permitted */ -+#define TCPOPT_SACK 5 /* SACK Block */ -+#define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */ -+#define TCPOPT_MD5SIG 19 /* MD5 Signature (RFC2385) */ -+#define TCPOPT_EXP 254 /* Experimental */ -+/* Magic number to be after the option value for sharing TCP -+ * experimental options. See draft-ietf-tcpm-experimental-options-00.txt -+ */ -+#define TCPOPT_FASTOPEN_MAGIC 0xF989 -+ -+/* -+ * TCP option lengths -+ */ -+ -+#define TCPOLEN_MSS 4 -+#define TCPOLEN_WINDOW 3 -+#define TCPOLEN_SACK_PERM 2 -+#define TCPOLEN_TIMESTAMP 10 -+#define TCPOLEN_MD5SIG 18 -+#define TCPOLEN_EXP_FASTOPEN_BASE 4 -+ -+/* But this is what stacks really send out. */ -+#define TCPOLEN_TSTAMP_ALIGNED 12 -+#define TCPOLEN_WSCALE_ALIGNED 4 -+#define TCPOLEN_SACKPERM_ALIGNED 4 -+#define TCPOLEN_SACK_BASE 2 -+#define TCPOLEN_SACK_BASE_ALIGNED 4 -+#define TCPOLEN_SACK_PERBLOCK 8 -+#define TCPOLEN_MD5SIG_ALIGNED 20 -+#define TCPOLEN_MSS_ALIGNED 4 -+ -+/* Flags in tp->nonagle */ -+#define TCP_NAGLE_OFF 1 /* Nagle's algo is disabled */ -+#define TCP_NAGLE_CORK 2 /* Socket is corked */ -+#define TCP_NAGLE_PUSH 4 /* Cork is overridden for already queued data */ -+ -+/* TCP thin-stream limits */ -+#define TCP_THIN_LINEAR_RETRIES 6 /* After 6 linear retries, do exp. backoff */ -+ -+/* TCP initial congestion window as per draft-hkchu-tcpm-initcwnd-01 */ -+#define TCP_INIT_CWND 10 -+ -+/* Bit Flags for sysctl_tcp_fastopen */ -+#define TFO_CLIENT_ENABLE 1 -+#define TFO_SERVER_ENABLE 2 -+#define TFO_CLIENT_NO_COOKIE 4 /* Data in SYN w/o cookie option */ -+ -+/* Process SYN data but skip cookie validation */ -+#define TFO_SERVER_COOKIE_NOT_CHKED 0x100 -+/* Accept SYN data w/o any cookie option */ -+#define TFO_SERVER_COOKIE_NOT_REQD 0x200 -+ -+/* Force enable TFO on all listeners, i.e., not requiring the -+ * TCP_FASTOPEN socket option. SOCKOPT1/2 determine how to set max_qlen. -+ */ -+#define TFO_SERVER_WO_SOCKOPT1 0x400 -+#define TFO_SERVER_WO_SOCKOPT2 0x800 -+/* Always create TFO child sockets on a TFO listener even when -+ * cookie/data not present. (For testing purpose!) -+ */ -+#define TFO_SERVER_ALWAYS 0x1000 -+ -+extern struct inet_timewait_death_row tcp_death_row; -+ -+/* sysctl variables for tcp */ -+extern int sysctl_tcp_timestamps; -+extern int sysctl_tcp_window_scaling; -+extern int sysctl_tcp_sack; -+extern int sysctl_tcp_fin_timeout; -+extern int sysctl_tcp_keepalive_time; -+extern int sysctl_tcp_keepalive_probes; -+extern int sysctl_tcp_keepalive_intvl; -+extern int sysctl_tcp_syn_retries; -+extern int sysctl_tcp_synack_retries; -+extern int sysctl_tcp_retries1; -+extern int sysctl_tcp_retries2; -+extern int sysctl_tcp_orphan_retries; -+extern int sysctl_tcp_syncookies; -+extern int sysctl_tcp_fastopen; -+extern int sysctl_tcp_retrans_collapse; -+extern int sysctl_tcp_stdurg; -+extern int sysctl_tcp_rfc1337; -+extern int sysctl_tcp_abort_on_overflow; -+extern int sysctl_tcp_max_orphans; -+extern int sysctl_tcp_fack; -+extern int sysctl_tcp_reordering; -+extern int sysctl_tcp_dsack; -+extern long sysctl_tcp_mem[3]; -+extern int sysctl_tcp_wmem[3]; -+extern int sysctl_tcp_rmem[3]; -+extern int sysctl_tcp_app_win; -+extern int sysctl_tcp_adv_win_scale; -+extern int sysctl_tcp_tw_reuse; -+extern int sysctl_tcp_frto; -+extern int sysctl_tcp_low_latency; -+extern int sysctl_tcp_dma_copybreak; -+extern int sysctl_tcp_nometrics_save; -+extern int sysctl_tcp_moderate_rcvbuf; -+extern int sysctl_tcp_tso_win_divisor; -+extern int sysctl_tcp_mtu_probing; -+extern int sysctl_tcp_base_mss; -+extern int sysctl_tcp_workaround_signed_windows; -+extern int sysctl_tcp_slow_start_after_idle; -+extern int sysctl_tcp_thin_linear_timeouts; -+extern int sysctl_tcp_thin_dupack; -+extern int sysctl_tcp_early_retrans; -+extern int sysctl_tcp_limit_output_bytes; -+extern int sysctl_tcp_challenge_ack_limit; -+extern unsigned int sysctl_tcp_notsent_lowat; -+extern int sysctl_tcp_min_tso_segs; -+extern int sysctl_tcp_autocorking; -+ -+extern atomic_long_t tcp_memory_allocated; -+extern struct percpu_counter tcp_sockets_allocated; -+extern int tcp_memory_pressure; -+ -+/* -+ * The next routines deal with comparing 32 bit unsigned ints -+ * and worry about wraparound (automatic with unsigned arithmetic). -+ */ -+ -+static inline bool before(__u32 seq1, __u32 seq2) -+{ -+ return (__s32)(seq1-seq2) < 0; -+} -+#define after(seq2, seq1) before(seq1, seq2) -+ -+/* is s2<=s1<=s3 ? */ -+static inline bool between(__u32 seq1, __u32 seq2, __u32 seq3) -+{ -+ return seq3 - seq2 >= seq1 - seq2; -+} -+ -+static inline bool tcp_out_of_memory(struct sock *sk) -+{ -+ if (sk->sk_wmem_queued > SOCK_MIN_SNDBUF && -+ sk_memory_allocated(sk) > sk_prot_mem_limits(sk, 2)) -+ return true; -+ return false; -+} -+ -+static inline bool tcp_too_many_orphans(struct sock *sk, int shift) -+{ -+ struct percpu_counter *ocp = sk->sk_prot->orphan_count; -+ int orphans = percpu_counter_read_positive(ocp); -+ -+ if (orphans << shift > sysctl_tcp_max_orphans) { -+ orphans = percpu_counter_sum_positive(ocp); -+ if (orphans << shift > sysctl_tcp_max_orphans) -+ return true; -+ } -+ return false; -+} -+ -+bool tcp_check_oom(struct sock *sk, int shift); -+ -+/* syncookies: remember time of last synqueue overflow */ -+static inline void tcp_synq_overflow(struct sock *sk) -+{ -+ tcp_sk(sk)->rx_opt.ts_recent_stamp = jiffies; -+} -+ -+/* syncookies: no recent synqueue overflow on this listening socket? */ -+static inline bool tcp_synq_no_recent_overflow(const struct sock *sk) -+{ -+ unsigned long last_overflow = tcp_sk(sk)->rx_opt.ts_recent_stamp; -+ return time_after(jiffies, last_overflow + TCP_TIMEOUT_FALLBACK); -+} -+ -+extern struct proto tcp_prot; -+ -+#define TCP_INC_STATS(net, field) SNMP_INC_STATS((net)->mib.tcp_statistics, field) -+#define TCP_INC_STATS_BH(net, field) SNMP_INC_STATS_BH((net)->mib.tcp_statistics, field) -+#define TCP_DEC_STATS(net, field) SNMP_DEC_STATS((net)->mib.tcp_statistics, field) -+#define TCP_ADD_STATS_USER(net, field, val) SNMP_ADD_STATS_USER((net)->mib.tcp_statistics, field, val) -+#define TCP_ADD_STATS(net, field, val) SNMP_ADD_STATS((net)->mib.tcp_statistics, field, val) -+ -+void tcp_tasklet_init(void); -+ -+void tcp_v4_err(struct sk_buff *skb, u32); -+ -+void tcp_shutdown(struct sock *sk, int how); -+ -+void tcp_v4_early_demux(struct sk_buff *skb); -+int tcp_v4_rcv(struct sk_buff *skb); -+ -+int tcp_v4_tw_remember_stamp(struct inet_timewait_sock *tw); -+int tcp_sendmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, -+ size_t size); -+int tcp_sendpage(struct sock *sk, struct page *page, int offset, size_t size, -+ int flags); -+void tcp_release_cb(struct sock *sk); -+void tcp_wfree(struct sk_buff *skb); -+void tcp_write_timer_handler(struct sock *sk); -+void tcp_delack_timer_handler(struct sock *sk); -+int tcp_ioctl(struct sock *sk, int cmd, unsigned long arg); -+int tcp_rcv_state_process(struct sock *sk, struct sk_buff *skb, -+ const struct tcphdr *th, unsigned int len); -+void tcp_rcv_established(struct sock *sk, struct sk_buff *skb, -+ const struct tcphdr *th, unsigned int len); -+void tcp_rcv_space_adjust(struct sock *sk); -+void tcp_cleanup_rbuf(struct sock *sk, int copied); -+int tcp_twsk_unique(struct sock *sk, struct sock *sktw, void *twp); -+void tcp_twsk_destructor(struct sock *sk); -+ssize_t tcp_splice_read(struct socket *sk, loff_t *ppos, -+ struct pipe_inode_info *pipe, size_t len, -+ unsigned int flags); -+ -+static inline void tcp_dec_quickack_mode(struct sock *sk, -+ const unsigned int pkts) -+{ -+ struct inet_connection_sock *icsk = inet_csk(sk); -+ -+ if (icsk->icsk_ack.quick) { -+ if (pkts >= icsk->icsk_ack.quick) { -+ icsk->icsk_ack.quick = 0; -+ /* Leaving quickack mode we deflate ATO. */ -+ icsk->icsk_ack.ato = TCP_ATO_MIN; -+ } else -+ icsk->icsk_ack.quick -= pkts; -+ } -+} -+ -+#define TCP_ECN_OK 1 -+#define TCP_ECN_QUEUE_CWR 2 -+#define TCP_ECN_DEMAND_CWR 4 -+#define TCP_ECN_SEEN 8 -+ -+enum tcp_tw_status { -+ TCP_TW_SUCCESS = 0, -+ TCP_TW_RST = 1, -+ TCP_TW_ACK = 2, -+ TCP_TW_SYN = 3 -+}; -+ -+ -+enum tcp_tw_status tcp_timewait_state_process(struct inet_timewait_sock *tw, -+ struct sk_buff *skb, -+ const struct tcphdr *th); -+struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb, -+ struct request_sock *req, struct request_sock **prev, -+ bool fastopen); -+int tcp_child_process(struct sock *parent, struct sock *child, -+ struct sk_buff *skb); -+void tcp_enter_loss(struct sock *sk, int how); -+void tcp_clear_retrans(struct tcp_sock *tp); -+void tcp_update_metrics(struct sock *sk); -+void tcp_init_metrics(struct sock *sk); -+void tcp_metrics_init(void); -+bool tcp_peer_is_proven(struct request_sock *req, struct dst_entry *dst, -+ bool paws_check); -+bool tcp_remember_stamp(struct sock *sk); -+bool tcp_tw_remember_stamp(struct inet_timewait_sock *tw); -+void tcp_fetch_timewait_stamp(struct sock *sk, struct dst_entry *dst); -+void tcp_disable_fack(struct tcp_sock *tp); -+void tcp_close(struct sock *sk, long timeout); -+void tcp_init_sock(struct sock *sk); -+unsigned int tcp_poll(struct file *file, struct socket *sock, -+ struct poll_table_struct *wait); -+int tcp_getsockopt(struct sock *sk, int level, int optname, -+ char __user *optval, int __user *optlen); -+int tcp_setsockopt(struct sock *sk, int level, int optname, -+ char __user *optval, unsigned int optlen); -+int compat_tcp_getsockopt(struct sock *sk, int level, int optname, -+ char __user *optval, int __user *optlen); -+int compat_tcp_setsockopt(struct sock *sk, int level, int optname, -+ char __user *optval, unsigned int optlen); -+void tcp_set_keepalive(struct sock *sk, int val); -+void tcp_syn_ack_timeout(struct sock *sk, struct request_sock *req); -+int tcp_recvmsg(struct kiocb *iocb, struct sock *sk, struct msghdr *msg, -+ size_t len, int nonblock, int flags, int *addr_len); -+void tcp_parse_options(const struct sk_buff *skb, -+ struct tcp_options_received *opt_rx, -+ int estab, struct tcp_fastopen_cookie *foc); -+const u8 *tcp_parse_md5sig_option(const struct tcphdr *th); -+ -+/* -+ * TCP v4 functions exported for the inet6 API -+ */ -+ -+void tcp_v4_send_check(struct sock *sk, struct sk_buff *skb); -+int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb); -+struct sock *tcp_create_openreq_child(struct sock *sk, -+ struct request_sock *req, -+ struct sk_buff *skb); -+struct sock *tcp_v4_syn_recv_sock(struct sock *sk, struct sk_buff *skb, -+ struct request_sock *req, -+ struct dst_entry *dst); -+int tcp_v4_do_rcv(struct sock *sk, struct sk_buff *skb); -+int tcp_v4_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len); -+int tcp_connect(struct sock *sk); -+struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst, -+ struct request_sock *req, -+ struct tcp_fastopen_cookie *foc); -+int tcp_disconnect(struct sock *sk, int flags); -+ -+void tcp_finish_connect(struct sock *sk, struct sk_buff *skb); -+int tcp_send_rcvq(struct sock *sk, struct msghdr *msg, size_t size); -+void inet_sk_rx_dst_set(struct sock *sk, const struct sk_buff *skb); -+ -+/* From syncookies.c */ -+int __cookie_v4_check(const struct iphdr *iph, const struct tcphdr *th, -+ u32 cookie); -+struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb, -+ struct ip_options *opt); -+#ifdef CONFIG_SYN_COOKIES -+ -+/* Syncookies use a monotonic timer which increments every 60 seconds. -+ * This counter is used both as a hash input and partially encoded into -+ * the cookie value. A cookie is only validated further if the delta -+ * between the current counter value and the encoded one is less than this, -+ * i.e. a sent cookie is valid only at most for 2*60 seconds (or less if -+ * the counter advances immediately after a cookie is generated). -+ */ -+#define MAX_SYNCOOKIE_AGE 2 -+ -+static inline u32 tcp_cookie_time(void) -+{ -+ u64 val = get_jiffies_64(); -+ -+ do_div(val, 60 * HZ); -+ return val; -+} -+ -+u32 __cookie_v4_init_sequence(const struct iphdr *iph, const struct tcphdr *th, -+ u16 *mssp); -+__u32 cookie_v4_init_sequence(struct sock *sk, struct sk_buff *skb, __u16 *mss); -+#else -+static inline __u32 cookie_v4_init_sequence(struct sock *sk, -+ struct sk_buff *skb, -+ __u16 *mss) -+{ -+ return 0; -+} -+#endif -+ -+__u32 cookie_init_timestamp(struct request_sock *req); -+bool cookie_check_timestamp(struct tcp_options_received *opt, struct net *net, -+ bool *ecn_ok); -+ -+/* From net/ipv6/syncookies.c */ -+int __cookie_v6_check(const struct ipv6hdr *iph, const struct tcphdr *th, -+ u32 cookie); -+struct sock *cookie_v6_check(struct sock *sk, struct sk_buff *skb); -+#ifdef CONFIG_SYN_COOKIES -+u32 __cookie_v6_init_sequence(const struct ipv6hdr *iph, -+ const struct tcphdr *th, u16 *mssp); -+__u32 cookie_v6_init_sequence(struct sock *sk, const struct sk_buff *skb, -+ __u16 *mss); -+#else -+static inline __u32 cookie_v6_init_sequence(struct sock *sk, -+ struct sk_buff *skb, -+ __u16 *mss) -+{ -+ return 0; -+} -+#endif -+/* tcp_output.c */ -+ -+void __tcp_push_pending_frames(struct sock *sk, unsigned int cur_mss, -+ int nonagle); -+bool tcp_may_send_now(struct sock *sk); -+int __tcp_retransmit_skb(struct sock *, struct sk_buff *); -+int tcp_retransmit_skb(struct sock *, struct sk_buff *); -+void tcp_retransmit_timer(struct sock *sk); -+void tcp_xmit_retransmit_queue(struct sock *); -+void tcp_simple_retransmit(struct sock *); -+int tcp_trim_head(struct sock *, struct sk_buff *, u32); -+int tcp_fragment(struct sock *, struct sk_buff *, u32, unsigned int); -+ -+void tcp_send_probe0(struct sock *); -+void tcp_send_partial(struct sock *); -+int tcp_write_wakeup(struct sock *); -+void tcp_send_fin(struct sock *sk); -+void tcp_send_active_reset(struct sock *sk, gfp_t priority); -+int tcp_send_synack(struct sock *); -+bool tcp_syn_flood_action(struct sock *sk, const struct sk_buff *skb, -+ const char *proto); -+void tcp_push_one(struct sock *, unsigned int mss_now); -+void tcp_send_ack(struct sock *sk); -+void tcp_send_delayed_ack(struct sock *sk); -+void tcp_send_loss_probe(struct sock *sk); -+bool tcp_schedule_loss_probe(struct sock *sk); -+ -+/* tcp_input.c */ -+void tcp_cwnd_application_limited(struct sock *sk); -+void tcp_resume_early_retransmit(struct sock *sk); -+void tcp_rearm_rto(struct sock *sk); -+void tcp_reset(struct sock *sk); -+ -+/* tcp_timer.c */ -+void tcp_init_xmit_timers(struct sock *); -+static inline void tcp_clear_xmit_timers(struct sock *sk) -+{ -+ inet_csk_clear_xmit_timers(sk); -+} -+ -+unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu); -+unsigned int tcp_current_mss(struct sock *sk); -+ -+/* Bound MSS / TSO packet size with the half of the window */ -+static inline int tcp_bound_to_half_wnd(struct tcp_sock *tp, int pktsize) -+{ -+ int cutoff; -+ -+ /* When peer uses tiny windows, there is no use in packetizing -+ * to sub-MSS pieces for the sake of SWS or making sure there -+ * are enough packets in the pipe for fast recovery. -+ * -+ * On the other hand, for extremely large MSS devices, handling -+ * smaller than MSS windows in this way does make sense. -+ */ -+ if (tp->max_window >= 512) -+ cutoff = (tp->max_window >> 1); -+ else -+ cutoff = tp->max_window; -+ -+ if (cutoff && pktsize > cutoff) -+ return max_t(int, cutoff, 68U - tp->tcp_header_len); -+ else -+ return pktsize; -+} -+ -+/* tcp.c */ -+void tcp_get_info(const struct sock *, struct tcp_info *); -+ -+/* Read 'sendfile()'-style from a TCP socket */ -+typedef int (*sk_read_actor_t)(read_descriptor_t *, struct sk_buff *, -+ unsigned int, size_t); -+int tcp_read_sock(struct sock *sk, read_descriptor_t *desc, -+ sk_read_actor_t recv_actor); -+ -+void tcp_initialize_rcv_mss(struct sock *sk); -+ -+int tcp_mtu_to_mss(struct sock *sk, int pmtu); -+int tcp_mss_to_mtu(struct sock *sk, int mss); -+void tcp_mtup_init(struct sock *sk); -+void tcp_init_buffer_space(struct sock *sk); -+ -+static inline void tcp_bound_rto(const struct sock *sk) -+{ -+ if (inet_csk(sk)->icsk_rto > TCP_RTO_MAX) -+ inet_csk(sk)->icsk_rto = TCP_RTO_MAX; -+} -+ -+static inline u32 __tcp_set_rto(const struct tcp_sock *tp) -+{ -+ return usecs_to_jiffies((tp->srtt_us >> 3) + tp->rttvar_us); -+} -+ -+static inline void __tcp_fast_path_on(struct tcp_sock *tp, u32 snd_wnd) -+{ -+ tp->pred_flags = htonl((tp->tcp_header_len << 26) | -+ ntohl(TCP_FLAG_ACK) | -+ snd_wnd); -+} -+ -+static inline void tcp_fast_path_on(struct tcp_sock *tp) -+{ -+ __tcp_fast_path_on(tp, tp->snd_wnd >> tp->rx_opt.snd_wscale); -+} -+ -+static inline void tcp_fast_path_check(struct sock *sk) -+{ -+ struct tcp_sock *tp = tcp_sk(sk); -+ -+ if (skb_queue_empty(&tp->out_of_order_queue) && -+ tp->rcv_wnd && -+ atomic_read(&sk->sk_rmem_alloc) < sk->sk_rcvbuf && -+ !tp->urg_data) -+ tcp_fast_path_on(tp); -+} -+ -+/* Compute the actual rto_min value */ -+static inline u32 tcp_rto_min(struct sock *sk) -+{ -+ const struct dst_entry *dst = __sk_dst_get(sk); -+ u32 rto_min = TCP_RTO_MIN; -+ -+ if (dst && dst_metric_locked(dst, RTAX_RTO_MIN)) -+ rto_min = dst_metric_rtt(dst, RTAX_RTO_MIN); -+ return rto_min; -+} -+ -+static inline u32 tcp_rto_min_us(struct sock *sk) -+{ -+ return jiffies_to_usecs(tcp_rto_min(sk)); -+} -+ -+/* Compute the actual receive window we are currently advertising. -+ * Rcv_nxt can be after the window if our peer push more data -+ * than the offered window. -+ */ -+static inline u32 tcp_receive_window(const struct tcp_sock *tp) -+{ -+ s32 win = tp->rcv_wup + tp->rcv_wnd - tp->rcv_nxt; -+ -+ if (win < 0) -+ win = 0; -+ return (u32) win; -+} -+ -+/* Choose a new window, without checks for shrinking, and without -+ * scaling applied to the result. The caller does these things -+ * if necessary. This is a "raw" window selection. -+ */ -+u32 __tcp_select_window(struct sock *sk); -+ -+void tcp_send_window_probe(struct sock *sk); -+ -+/* TCP timestamps are only 32-bits, this causes a slight -+ * complication on 64-bit systems since we store a snapshot -+ * of jiffies in the buffer control blocks below. We decided -+ * to use only the low 32-bits of jiffies and hide the ugly -+ * casts with the following macro. -+ */ -+#define tcp_time_stamp ((__u32)(jiffies)) -+ -+#define tcp_flag_byte(th) (((u_int8_t *)th)[13]) -+ -+#define TCPHDR_FIN 0x01 -+#define TCPHDR_SYN 0x02 -+#define TCPHDR_RST 0x04 -+#define TCPHDR_PSH 0x08 -+#define TCPHDR_ACK 0x10 -+#define TCPHDR_URG 0x20 -+#define TCPHDR_ECE 0x40 -+#define TCPHDR_CWR 0x80 -+ -+/* This is what the send packet queuing engine uses to pass -+ * TCP per-packet control information to the transmission code. -+ * We also store the host-order sequence numbers in here too. -+ * This is 44 bytes if IPV6 is enabled. -+ * If this grows please adjust skbuff.h:skbuff->cb[xxx] size appropriately. -+ */ -+struct tcp_skb_cb { -+ union { -+ struct inet_skb_parm h4; -+#if IS_ENABLED(CONFIG_IPV6) -+ struct inet6_skb_parm h6; -+#endif -+ } header; /* For incoming frames */ -+ __u32 seq; /* Starting sequence number */ -+ __u32 end_seq; /* SEQ + FIN + SYN + datalen */ -+ __u32 when; /* used to compute rtt's */ -+ __u8 tcp_flags; /* TCP header flags. (tcp[13]) */ -+ -+ __u8 sacked; /* State flags for SACK/FACK. */ -+#define TCPCB_SACKED_ACKED 0x01 /* SKB ACK'd by a SACK block */ -+#define TCPCB_SACKED_RETRANS 0x02 /* SKB retransmitted */ -+#define TCPCB_LOST 0x04 /* SKB is lost */ -+#define TCPCB_TAGBITS 0x07 /* All tag bits */ -+#define TCPCB_EVER_RETRANS 0x80 /* Ever retransmitted frame */ -+#define TCPCB_RETRANS (TCPCB_SACKED_RETRANS|TCPCB_EVER_RETRANS) -+ -+ __u8 ip_dsfield; /* IPv4 tos or IPv6 dsfield */ -+ /* 1 byte hole */ -+ __u32 ack_seq; /* Sequence number ACK'd */ -+}; -+ -+#define TCP_SKB_CB(__skb) ((struct tcp_skb_cb *)&((__skb)->cb[0])) -+ -+/* RFC3168 : 6.1.1 SYN packets must not have ECT/ECN bits set -+ * -+ * If we receive a SYN packet with these bits set, it means a network is -+ * playing bad games with TOS bits. In order to avoid possible false congestion -+ * notifications, we disable TCP ECN negociation. -+ */ -+static inline void -+TCP_ECN_create_request(struct request_sock *req, const struct sk_buff *skb, -+ struct net *net) -+{ -+ const struct tcphdr *th = tcp_hdr(skb); -+ -+ if (net->ipv4.sysctl_tcp_ecn && th->ece && th->cwr && -+ INET_ECN_is_not_ect(TCP_SKB_CB(skb)->ip_dsfield)) -+ inet_rsk(req)->ecn_ok = 1; -+} -+ -+/* Due to TSO, an SKB can be composed of multiple actual -+ * packets. To keep these tracked properly, we use this. -+ */ -+static inline int tcp_skb_pcount(const struct sk_buff *skb) -+{ -+ return skb_shinfo(skb)->gso_segs; -+} -+ -+/* This is valid iff tcp_skb_pcount() > 1. */ -+static inline int tcp_skb_mss(const struct sk_buff *skb) -+{ -+ return skb_shinfo(skb)->gso_size; -+} -+ -+/* Events passed to congestion control interface */ -+enum tcp_ca_event { -+ CA_EVENT_TX_START, /* first transmit when no packets in flight */ -+ CA_EVENT_CWND_RESTART, /* congestion window restart */ -+ CA_EVENT_COMPLETE_CWR, /* end of congestion recovery */ -+ CA_EVENT_LOSS, /* loss timeout */ -+ CA_EVENT_FAST_ACK, /* in sequence ack */ -+ CA_EVENT_SLOW_ACK, /* other ack */ -+}; -+ -+/* -+ * Interface for adding new TCP congestion control handlers -+ */ -+#define TCP_CA_NAME_MAX 16 -+#define TCP_CA_MAX 128 -+#define TCP_CA_BUF_MAX (TCP_CA_NAME_MAX*TCP_CA_MAX) -+ -+#define TCP_CONG_NON_RESTRICTED 0x1 -+ -+struct tcp_congestion_ops { -+ struct list_head list; -+ unsigned long flags; -+ -+ /* initialize private data (optional) */ -+ void (*init)(struct sock *sk); -+ /* cleanup private data (optional) */ -+ void (*release)(struct sock *sk); -+ -+ /* return slow start threshold (required) */ -+ u32 (*ssthresh)(struct sock *sk); -+ /* do new cwnd calculation (required) */ -+ void (*cong_avoid)(struct sock *sk, u32 ack, u32 acked, u32 in_flight); -+ /* call before changing ca_state (optional) */ -+ void (*set_state)(struct sock *sk, u8 new_state); -+ /* call when cwnd event occurs (optional) */ -+ void (*cwnd_event)(struct sock *sk, enum tcp_ca_event ev); -+ /* new value of cwnd after loss (optional) */ -+ u32 (*undo_cwnd)(struct sock *sk); -+ /* hook for packet ack accounting (optional) */ -+ void (*pkts_acked)(struct sock *sk, u32 num_acked, s32 rtt_us); -+ /* get info for inet_diag (optional) */ -+ void (*get_info)(struct sock *sk, u32 ext, struct sk_buff *skb); -+ -+ char name[TCP_CA_NAME_MAX]; -+ struct module *owner; -+}; -+ -+int tcp_register_congestion_control(struct tcp_congestion_ops *type); -+void tcp_unregister_congestion_control(struct tcp_congestion_ops *type); -+ -+void tcp_init_congestion_control(struct sock *sk); -+void tcp_cleanup_congestion_control(struct sock *sk); -+int tcp_set_default_congestion_control(const char *name); -+void tcp_get_default_congestion_control(char *name); -+void tcp_get_available_congestion_control(char *buf, size_t len); -+void tcp_get_allowed_congestion_control(char *buf, size_t len); -+int tcp_set_allowed_congestion_control(char *allowed); -+int tcp_set_congestion_control(struct sock *sk, const char *name); -+int tcp_slow_start(struct tcp_sock *tp, u32 acked); -+void tcp_cong_avoid_ai(struct tcp_sock *tp, u32 w); -+ -+extern struct tcp_congestion_ops tcp_init_congestion_ops; -+u32 tcp_reno_ssthresh(struct sock *sk); -+void tcp_reno_cong_avoid(struct sock *sk, u32 ack, u32 acked, u32 in_flight); -+extern struct tcp_congestion_ops tcp_reno; -+ -+static inline void tcp_set_ca_state(struct sock *sk, const u8 ca_state) -+{ -+ struct inet_connection_sock *icsk = inet_csk(sk); -+ -+ if (icsk->icsk_ca_ops->set_state) -+ icsk->icsk_ca_ops->set_state(sk, ca_state); -+ icsk->icsk_ca_state = ca_state; -+} -+ -+static inline void tcp_ca_event(struct sock *sk, const enum tcp_ca_event event) -+{ -+ const struct inet_connection_sock *icsk = inet_csk(sk); -+ -+ if (icsk->icsk_ca_ops->cwnd_event) -+ icsk->icsk_ca_ops->cwnd_event(sk, event); -+} -+ -+/* These functions determine how the current flow behaves in respect of SACK -+ * handling. SACK is negotiated with the peer, and therefore it can vary -+ * between different flows. -+ * -+ * tcp_is_sack - SACK enabled -+ * tcp_is_reno - No SACK -+ * tcp_is_fack - FACK enabled, implies SACK enabled -+ */ -+static inline int tcp_is_sack(const struct tcp_sock *tp) -+{ -+ return tp->rx_opt.sack_ok; -+} -+ -+static inline bool tcp_is_reno(const struct tcp_sock *tp) -+{ -+ return !tcp_is_sack(tp); -+} -+ -+static inline bool tcp_is_fack(const struct tcp_sock *tp) -+{ -+ return tp->rx_opt.sack_ok & TCP_FACK_ENABLED; -+} -+ -+static inline void tcp_enable_fack(struct tcp_sock *tp) -+{ -+ tp->rx_opt.sack_ok |= TCP_FACK_ENABLED; -+} -+ -+/* TCP early-retransmit (ER) is similar to but more conservative than -+ * the thin-dupack feature. Enable ER only if thin-dupack is disabled. -+ */ -+static inline void tcp_enable_early_retrans(struct tcp_sock *tp) -+{ -+ tp->do_early_retrans = sysctl_tcp_early_retrans && -+ sysctl_tcp_early_retrans < 4 && !sysctl_tcp_thin_dupack && -+ sysctl_tcp_reordering == 3; -+} -+ -+static inline void tcp_disable_early_retrans(struct tcp_sock *tp) -+{ -+ tp->do_early_retrans = 0; -+} -+ -+static inline unsigned int tcp_left_out(const struct tcp_sock *tp) -+{ -+ return tp->sacked_out + tp->lost_out; -+} -+ -+/* This determines how many packets are "in the network" to the best -+ * of our knowledge. In many cases it is conservative, but where -+ * detailed information is available from the receiver (via SACK -+ * blocks etc.) we can make more aggressive calculations. -+ * -+ * Use this for decisions involving congestion control, use just -+ * tp->packets_out to determine if the send queue is empty or not. -+ * -+ * Read this equation as: -+ * -+ * "Packets sent once on transmission queue" MINUS -+ * "Packets left network, but not honestly ACKed yet" PLUS -+ * "Packets fast retransmitted" -+ */ -+static inline unsigned int tcp_packets_in_flight(const struct tcp_sock *tp) -+{ -+ return tp->packets_out - tcp_left_out(tp) + tp->retrans_out; -+} -+ -+#define TCP_INFINITE_SSTHRESH 0x7fffffff -+ -+static inline bool tcp_in_initial_slowstart(const struct tcp_sock *tp) -+{ -+ return tp->snd_ssthresh >= TCP_INFINITE_SSTHRESH; -+} -+ -+static inline bool tcp_in_cwnd_reduction(const struct sock *sk) -+{ -+ return (TCPF_CA_CWR | TCPF_CA_Recovery) & -+ (1 << inet_csk(sk)->icsk_ca_state); -+} -+ -+/* If cwnd > ssthresh, we may raise ssthresh to be half-way to cwnd. -+ * The exception is cwnd reduction phase, when cwnd is decreasing towards -+ * ssthresh. -+ */ -+static inline __u32 tcp_current_ssthresh(const struct sock *sk) -+{ -+ const struct tcp_sock *tp = tcp_sk(sk); -+ -+ if (tcp_in_cwnd_reduction(sk)) -+ return tp->snd_ssthresh; -+ else -+ return max(tp->snd_ssthresh, -+ ((tp->snd_cwnd >> 1) + -+ (tp->snd_cwnd >> 2))); -+} -+ -+/* Use define here intentionally to get WARN_ON location shown at the caller */ -+#define tcp_verify_left_out(tp) WARN_ON(tcp_left_out(tp) > tp->packets_out) -+ -+void tcp_enter_cwr(struct sock *sk, const int set_ssthresh); -+__u32 tcp_init_cwnd(const struct tcp_sock *tp, const struct dst_entry *dst); -+ -+/* The maximum number of MSS of available cwnd for which TSO defers -+ * sending if not using sysctl_tcp_tso_win_divisor. -+ */ -+static inline __u32 tcp_max_tso_deferred_mss(const struct tcp_sock *tp) -+{ -+ return 3; -+} -+ -+/* Slow start with delack produces 3 packets of burst, so that -+ * it is safe "de facto". This will be the default - same as -+ * the default reordering threshold - but if reordering increases, -+ * we must be able to allow cwnd to burst at least this much in order -+ * to not pull it back when holes are filled. -+ */ -+static __inline__ __u32 tcp_max_burst(const struct tcp_sock *tp) -+{ -+ return tp->reordering; -+} -+ -+/* Returns end sequence number of the receiver's advertised window */ -+static inline u32 tcp_wnd_end(const struct tcp_sock *tp) -+{ -+ return tp->snd_una + tp->snd_wnd; -+} -+bool tcp_is_cwnd_limited(const struct sock *sk, u32 in_flight); -+ -+static inline void tcp_check_probe_timer(struct sock *sk) -+{ -+ const struct tcp_sock *tp = tcp_sk(sk); -+ const struct inet_connection_sock *icsk = inet_csk(sk); -+ -+ if (!tp->packets_out && !icsk->icsk_pending) -+ inet_csk_reset_xmit_timer(sk, ICSK_TIME_PROBE0, -+ icsk->icsk_rto, TCP_RTO_MAX); -+} -+ -+static inline void tcp_init_wl(struct tcp_sock *tp, u32 seq) -+{ -+ tp->snd_wl1 = seq; -+} -+ -+static inline void tcp_update_wl(struct tcp_sock *tp, u32 seq) -+{ -+ tp->snd_wl1 = seq; -+} -+ -+/* -+ * Calculate(/check) TCP checksum -+ */ -+static inline __sum16 tcp_v4_check(int len, __be32 saddr, -+ __be32 daddr, __wsum base) -+{ -+ return csum_tcpudp_magic(saddr,daddr,len,IPPROTO_TCP,base); -+} -+ -+static inline __sum16 __tcp_checksum_complete(struct sk_buff *skb) -+{ -+ return __skb_checksum_complete(skb); -+} -+ -+static inline bool tcp_checksum_complete(struct sk_buff *skb) -+{ -+ return !skb_csum_unnecessary(skb) && -+ __tcp_checksum_complete(skb); -+} -+ -+/* Prequeue for VJ style copy to user, combined with checksumming. */ -+ -+static inline void tcp_prequeue_init(struct tcp_sock *tp) -+{ -+ tp->ucopy.task = NULL; -+ tp->ucopy.len = 0; -+ tp->ucopy.memory = 0; -+ skb_queue_head_init(&tp->ucopy.prequeue); -+#ifdef CONFIG_NET_DMA -+ tp->ucopy.dma_chan = NULL; -+ tp->ucopy.wakeup = 0; -+ tp->ucopy.pinned_list = NULL; -+ tp->ucopy.dma_cookie = 0; -+#endif -+} -+ -+bool tcp_prequeue(struct sock *sk, struct sk_buff *skb); -+ -+#undef STATE_TRACE -+ -+#ifdef STATE_TRACE -+static const char *statename[]={ -+ "Unused","Established","Syn Sent","Syn Recv", -+ "Fin Wait 1","Fin Wait 2","Time Wait", "Close", -+ "Close Wait","Last ACK","Listen","Closing" -+}; -+#endif -+void tcp_set_state(struct sock *sk, int state); -+ -+void tcp_done(struct sock *sk); -+ -+static inline void tcp_sack_reset(struct tcp_options_received *rx_opt) -+{ -+ rx_opt->dsack = 0; -+ rx_opt->num_sacks = 0; -+} -+ -+u32 tcp_default_init_rwnd(u32 mss); -+ -+/* Determine a window scaling and initial window to offer. */ -+void tcp_select_initial_window(int __space, __u32 mss, __u32 *rcv_wnd, -+ __u32 *window_clamp, int wscale_ok, -+ __u8 *rcv_wscale, __u32 init_rcv_wnd); -+ -+static inline int tcp_win_from_space(int space) -+{ -+ return sysctl_tcp_adv_win_scale<=0 ? -+ (space>>(-sysctl_tcp_adv_win_scale)) : -+ space - (space>>sysctl_tcp_adv_win_scale); -+} -+ -+/* Note: caller must be prepared to deal with negative returns */ -+static inline int tcp_space(const struct sock *sk) -+{ -+ return tcp_win_from_space(sk->sk_rcvbuf - -+ atomic_read(&sk->sk_rmem_alloc)); -+} -+ -+static inline int tcp_full_space(const struct sock *sk) -+{ -+ return tcp_win_from_space(sk->sk_rcvbuf); -+} -+ -+static inline void tcp_openreq_init(struct request_sock *req, -+ struct tcp_options_received *rx_opt, -+ struct sk_buff *skb) -+{ -+ struct inet_request_sock *ireq = inet_rsk(req); -+ -+ req->rcv_wnd = 0; /* So that tcp_send_synack() knows! */ -+ req->cookie_ts = 0; -+ tcp_rsk(req)->rcv_isn = TCP_SKB_CB(skb)->seq; -+ tcp_rsk(req)->rcv_nxt = TCP_SKB_CB(skb)->seq + 1; -+ tcp_rsk(req)->snt_synack = 0; -+ req->mss = rx_opt->mss_clamp; -+ req->ts_recent = rx_opt->saw_tstamp ? rx_opt->rcv_tsval : 0; -+ ireq->tstamp_ok = rx_opt->tstamp_ok; -+ ireq->sack_ok = rx_opt->sack_ok; -+ ireq->snd_wscale = rx_opt->snd_wscale; -+ ireq->wscale_ok = rx_opt->wscale_ok; -+ ireq->acked = 0; -+ ireq->ecn_ok = 0; -+ ireq->ir_rmt_port = tcp_hdr(skb)->source; -+ ireq->ir_num = ntohs(tcp_hdr(skb)->dest); -+} -+ -+void tcp_enter_memory_pressure(struct sock *sk); -+ -+static inline int keepalive_intvl_when(const struct tcp_sock *tp) -+{ -+ return tp->keepalive_intvl ? : sysctl_tcp_keepalive_intvl; -+} -+ -+static inline int keepalive_time_when(const struct tcp_sock *tp) -+{ -+ return tp->keepalive_time ? : sysctl_tcp_keepalive_time; -+} -+ -+static inline int keepalive_probes(const struct tcp_sock *tp) -+{ -+ return tp->keepalive_probes ? : sysctl_tcp_keepalive_probes; -+} -+ -+static inline u32 keepalive_time_elapsed(const struct tcp_sock *tp) -+{ -+ const struct inet_connection_sock *icsk = &tp->inet_conn; -+ -+ return min_t(u32, tcp_time_stamp - icsk->icsk_ack.lrcvtime, -+ tcp_time_stamp - tp->rcv_tstamp); -+} -+ -+static inline int tcp_fin_time(const struct sock *sk) -+{ -+ int fin_timeout = tcp_sk(sk)->linger2 ? : sysctl_tcp_fin_timeout; -+ const int rto = inet_csk(sk)->icsk_rto; -+ -+ if (fin_timeout < (rto << 2) - (rto >> 1)) -+ fin_timeout = (rto << 2) - (rto >> 1); -+ -+ return fin_timeout; -+} -+ -+static inline bool tcp_paws_check(const struct tcp_options_received *rx_opt, -+ int paws_win) -+{ -+ if ((s32)(rx_opt->ts_recent - rx_opt->rcv_tsval) <= paws_win) -+ return true; -+ if (unlikely(get_seconds() >= rx_opt->ts_recent_stamp + TCP_PAWS_24DAYS)) -+ return true; -+ /* -+ * Some OSes send SYN and SYNACK messages with tsval=0 tsecr=0, -+ * then following tcp messages have valid values. Ignore 0 value, -+ * or else 'negative' tsval might forbid us to accept their packets. -+ */ -+ if (!rx_opt->ts_recent) -+ return true; -+ return false; -+} -+ -+static inline bool tcp_paws_reject(const struct tcp_options_received *rx_opt, -+ int rst) -+{ -+ if (tcp_paws_check(rx_opt, 0)) -+ return false; -+ -+ /* RST segments are not recommended to carry timestamp, -+ and, if they do, it is recommended to ignore PAWS because -+ "their cleanup function should take precedence over timestamps." -+ Certainly, it is mistake. It is necessary to understand the reasons -+ of this constraint to relax it: if peer reboots, clock may go -+ out-of-sync and half-open connections will not be reset. -+ Actually, the problem would be not existing if all -+ the implementations followed draft about maintaining clock -+ via reboots. Linux-2.2 DOES NOT! -+ -+ However, we can relax time bounds for RST segments to MSL. -+ */ -+ if (rst && get_seconds() >= rx_opt->ts_recent_stamp + TCP_PAWS_MSL) -+ return false; -+ return true; -+} -+ -+static inline void tcp_mib_init(struct net *net) -+{ -+ /* See RFC 2012 */ -+ TCP_ADD_STATS_USER(net, TCP_MIB_RTOALGORITHM, 1); -+ TCP_ADD_STATS_USER(net, TCP_MIB_RTOMIN, TCP_RTO_MIN*1000/HZ); -+ TCP_ADD_STATS_USER(net, TCP_MIB_RTOMAX, TCP_RTO_MAX*1000/HZ); -+ TCP_ADD_STATS_USER(net, TCP_MIB_MAXCONN, -1); -+} -+ -+/* from STCP */ -+static inline void tcp_clear_retrans_hints_partial(struct tcp_sock *tp) -+{ -+ tp->lost_skb_hint = NULL; -+} -+ -+static inline void tcp_clear_all_retrans_hints(struct tcp_sock *tp) -+{ -+ tcp_clear_retrans_hints_partial(tp); -+ tp->retransmit_skb_hint = NULL; -+} -+ -+/* MD5 Signature */ -+struct crypto_hash; -+ -+union tcp_md5_addr { -+ struct in_addr a4; -+#if IS_ENABLED(CONFIG_IPV6) -+ struct in6_addr a6; -+#endif -+}; -+ -+/* - key database */ -+struct tcp_md5sig_key { -+ struct hlist_node node; -+ u8 keylen; -+ u8 family; /* AF_INET or AF_INET6 */ -+ union tcp_md5_addr addr; -+ u8 key[TCP_MD5SIG_MAXKEYLEN]; -+ struct rcu_head rcu; -+}; -+ -+/* - sock block */ -+struct tcp_md5sig_info { -+ struct hlist_head head; -+ struct rcu_head rcu; -+}; -+ -+/* - pseudo header */ -+struct tcp4_pseudohdr { -+ __be32 saddr; -+ __be32 daddr; -+ __u8 pad; -+ __u8 protocol; -+ __be16 len; -+}; -+ -+struct tcp6_pseudohdr { -+ struct in6_addr saddr; -+ struct in6_addr daddr; -+ __be32 len; -+ __be32 protocol; /* including padding */ -+}; -+ -+union tcp_md5sum_block { -+ struct tcp4_pseudohdr ip4; -+#if IS_ENABLED(CONFIG_IPV6) -+ struct tcp6_pseudohdr ip6; -+#endif -+}; -+ -+/* - pool: digest algorithm, hash description and scratch buffer */ -+struct tcp_md5sig_pool { -+ struct hash_desc md5_desc; -+ union tcp_md5sum_block md5_blk; -+}; -+ -+/* - functions */ -+int tcp_v4_md5_hash_skb(char *md5_hash, struct tcp_md5sig_key *key, -+ const struct sock *sk, const struct request_sock *req, -+ const struct sk_buff *skb); -+int tcp_md5_do_add(struct sock *sk, const union tcp_md5_addr *addr, -+ int family, const u8 *newkey, u8 newkeylen, gfp_t gfp); -+int tcp_md5_do_del(struct sock *sk, const union tcp_md5_addr *addr, -+ int family); -+struct tcp_md5sig_key *tcp_v4_md5_lookup(struct sock *sk, -+ struct sock *addr_sk); -+ -+#ifdef CONFIG_TCP_MD5SIG -+struct tcp_md5sig_key *tcp_md5_do_lookup(struct sock *sk, -+ const union tcp_md5_addr *addr, -+ int family); -+#define tcp_twsk_md5_key(twsk) ((twsk)->tw_md5_key) -+#else -+static inline struct tcp_md5sig_key *tcp_md5_do_lookup(struct sock *sk, -+ const union tcp_md5_addr *addr, -+ int family) -+{ -+ return NULL; -+} -+#define tcp_twsk_md5_key(twsk) NULL -+#endif -+ -+bool tcp_alloc_md5sig_pool(void); -+ -+struct tcp_md5sig_pool *tcp_get_md5sig_pool(void); -+static inline void tcp_put_md5sig_pool(void) -+{ -+ local_bh_enable(); -+} -+ -+int tcp_md5_hash_header(struct tcp_md5sig_pool *, const struct tcphdr *); -+int tcp_md5_hash_skb_data(struct tcp_md5sig_pool *, const struct sk_buff *, -+ unsigned int header_len); -+int tcp_md5_hash_key(struct tcp_md5sig_pool *hp, -+ const struct tcp_md5sig_key *key); -+ -+/* From tcp_fastopen.c */ -+void tcp_fastopen_cache_get(struct sock *sk, u16 *mss, -+ struct tcp_fastopen_cookie *cookie, int *syn_loss, -+ unsigned long *last_syn_loss); -+void tcp_fastopen_cache_set(struct sock *sk, u16 mss, -+ struct tcp_fastopen_cookie *cookie, bool syn_lost); -+struct tcp_fastopen_request { -+ /* Fast Open cookie. Size 0 means a cookie request */ -+ struct tcp_fastopen_cookie cookie; -+ struct msghdr *data; /* data in MSG_FASTOPEN */ -+ size_t size; -+ int copied; /* queued in tcp_connect() */ -+}; -+void tcp_free_fastopen_req(struct tcp_sock *tp); -+ -+extern struct tcp_fastopen_context __rcu *tcp_fastopen_ctx; -+int tcp_fastopen_reset_cipher(void *key, unsigned int len); -+void tcp_fastopen_cookie_gen(__be32 src, __be32 dst, -+ struct tcp_fastopen_cookie *foc); -+void tcp_fastopen_init_key_once(bool publish); -+#define TCP_FASTOPEN_KEY_LENGTH 16 -+ -+/* Fastopen key context */ -+struct tcp_fastopen_context { -+ struct crypto_cipher *tfm; -+ __u8 key[TCP_FASTOPEN_KEY_LENGTH]; -+ struct rcu_head rcu; -+}; -+ -+/* write queue abstraction */ -+static inline void tcp_write_queue_purge(struct sock *sk) -+{ -+ struct sk_buff *skb; -+ -+ while ((skb = __skb_dequeue(&sk->sk_write_queue)) != NULL) -+ sk_wmem_free_skb(sk, skb); -+ sk_mem_reclaim(sk); -+ tcp_clear_all_retrans_hints(tcp_sk(sk)); -+} -+ -+static inline struct sk_buff *tcp_write_queue_head(const struct sock *sk) -+{ -+ return skb_peek(&sk->sk_write_queue); -+} -+ -+static inline struct sk_buff *tcp_write_queue_tail(const struct sock *sk) -+{ -+ return skb_peek_tail(&sk->sk_write_queue); -+} -+ -+static inline struct sk_buff *tcp_write_queue_next(const struct sock *sk, -+ const struct sk_buff *skb) -+{ -+ return skb_queue_next(&sk->sk_write_queue, skb); -+} -+ -+static inline struct sk_buff *tcp_write_queue_prev(const struct sock *sk, -+ const struct sk_buff *skb) -+{ -+ return skb_queue_prev(&sk->sk_write_queue, skb); -+} -+ -+#define tcp_for_write_queue(skb, sk) \ -+ skb_queue_walk(&(sk)->sk_write_queue, skb) -+ -+#define tcp_for_write_queue_from(skb, sk) \ -+ skb_queue_walk_from(&(sk)->sk_write_queue, skb) -+ -+#define tcp_for_write_queue_from_safe(skb, tmp, sk) \ -+ skb_queue_walk_from_safe(&(sk)->sk_write_queue, skb, tmp) -+ -+static inline struct sk_buff *tcp_send_head(const struct sock *sk) -+{ -+ return sk->sk_send_head; -+} -+ -+static inline bool tcp_skb_is_last(const struct sock *sk, -+ const struct sk_buff *skb) -+{ -+ return skb_queue_is_last(&sk->sk_write_queue, skb); -+} -+ -+static inline void tcp_advance_send_head(struct sock *sk, const struct sk_buff *skb) -+{ -+ if (tcp_skb_is_last(sk, skb)) -+ sk->sk_send_head = NULL; -+ else -+ sk->sk_send_head = tcp_write_queue_next(sk, skb); -+} -+ -+static inline void tcp_check_send_head(struct sock *sk, struct sk_buff *skb_unlinked) -+{ -+ if (sk->sk_send_head == skb_unlinked) -+ sk->sk_send_head = NULL; -+} -+ -+static inline void tcp_init_send_head(struct sock *sk) -+{ -+ sk->sk_send_head = NULL; -+} -+ -+static inline void __tcp_add_write_queue_tail(struct sock *sk, struct sk_buff *skb) -+{ -+ __skb_queue_tail(&sk->sk_write_queue, skb); -+} -+ -+static inline void tcp_add_write_queue_tail(struct sock *sk, struct sk_buff *skb) -+{ -+ __tcp_add_write_queue_tail(sk, skb); -+ -+ /* Queue it, remembering where we must start sending. */ -+ if (sk->sk_send_head == NULL) { -+ sk->sk_send_head = skb; -+ -+ if (tcp_sk(sk)->highest_sack == NULL) -+ tcp_sk(sk)->highest_sack = skb; -+ } -+} -+ -+static inline void __tcp_add_write_queue_head(struct sock *sk, struct sk_buff *skb) -+{ -+ __skb_queue_head(&sk->sk_write_queue, skb); -+} -+ -+/* Insert buff after skb on the write queue of sk. */ -+static inline void tcp_insert_write_queue_after(struct sk_buff *skb, -+ struct sk_buff *buff, -+ struct sock *sk) -+{ -+ __skb_queue_after(&sk->sk_write_queue, skb, buff); -+} -+ -+/* Insert new before skb on the write queue of sk. */ -+static inline void tcp_insert_write_queue_before(struct sk_buff *new, -+ struct sk_buff *skb, -+ struct sock *sk) -+{ -+ __skb_queue_before(&sk->sk_write_queue, skb, new); -+ -+ if (sk->sk_send_head == skb) -+ sk->sk_send_head = new; -+} -+ -+static inline void tcp_unlink_write_queue(struct sk_buff *skb, struct sock *sk) -+{ -+ __skb_unlink(skb, &sk->sk_write_queue); -+} -+ -+static inline bool tcp_write_queue_empty(struct sock *sk) -+{ -+ return skb_queue_empty(&sk->sk_write_queue); -+} -+ -+static inline void tcp_push_pending_frames(struct sock *sk) -+{ -+ if (tcp_send_head(sk)) { -+ struct tcp_sock *tp = tcp_sk(sk); -+ -+ __tcp_push_pending_frames(sk, tcp_current_mss(sk), tp->nonagle); -+ } -+} -+ -+/* Start sequence of the skb just after the highest skb with SACKed -+ * bit, valid only if sacked_out > 0 or when the caller has ensured -+ * validity by itself. -+ */ -+static inline u32 tcp_highest_sack_seq(struct tcp_sock *tp) -+{ -+ if (!tp->sacked_out) -+ return tp->snd_una; -+ -+ if (tp->highest_sack == NULL) -+ return tp->snd_nxt; -+ -+ return TCP_SKB_CB(tp->highest_sack)->seq; -+} -+ -+static inline void tcp_advance_highest_sack(struct sock *sk, struct sk_buff *skb) -+{ -+ tcp_sk(sk)->highest_sack = tcp_skb_is_last(sk, skb) ? NULL : -+ tcp_write_queue_next(sk, skb); -+} -+ -+static inline struct sk_buff *tcp_highest_sack(struct sock *sk) -+{ -+ return tcp_sk(sk)->highest_sack; -+} -+ -+static inline void tcp_highest_sack_reset(struct sock *sk) -+{ -+ tcp_sk(sk)->highest_sack = tcp_write_queue_head(sk); -+} -+ -+/* Called when old skb is about to be deleted (to be combined with new skb) */ -+static inline void tcp_highest_sack_combine(struct sock *sk, -+ struct sk_buff *old, -+ struct sk_buff *new) -+{ -+ if (tcp_sk(sk)->sacked_out && (old == tcp_sk(sk)->highest_sack)) -+ tcp_sk(sk)->highest_sack = new; -+} -+ -+/* Determines whether this is a thin stream (which may suffer from -+ * increased latency). Used to trigger latency-reducing mechanisms. -+ */ -+static inline bool tcp_stream_is_thin(struct tcp_sock *tp) -+{ -+ return tp->packets_out < 4 && !tcp_in_initial_slowstart(tp); -+} -+ -+/* /proc */ -+enum tcp_seq_states { -+ TCP_SEQ_STATE_LISTENING, -+ TCP_SEQ_STATE_OPENREQ, -+ TCP_SEQ_STATE_ESTABLISHED, -+}; -+ -+int tcp_seq_open(struct inode *inode, struct file *file); -+ -+struct tcp_seq_afinfo { -+ char *name; -+ sa_family_t family; -+ const struct file_operations *seq_fops; -+ struct seq_operations seq_ops; -+}; -+ -+struct tcp_iter_state { -+ struct seq_net_private p; -+ sa_family_t family; -+ enum tcp_seq_states state; -+ struct sock *syn_wait_sk; -+ int bucket, offset, sbucket, num; -+ kuid_t uid; -+ loff_t last_pos; -+}; -+ -+int tcp_proc_register(struct net *net, struct tcp_seq_afinfo *afinfo); -+void tcp_proc_unregister(struct net *net, struct tcp_seq_afinfo *afinfo); -+ -+extern struct request_sock_ops tcp_request_sock_ops; -+extern struct request_sock_ops tcp6_request_sock_ops; -+ -+void tcp_v4_destroy_sock(struct sock *sk); -+ -+struct sk_buff *tcp_gso_segment(struct sk_buff *skb, -+ netdev_features_t features); -+struct sk_buff **tcp_gro_receive(struct sk_buff **head, struct sk_buff *skb); -+int tcp_gro_complete(struct sk_buff *skb); -+ -+void __tcp_v4_send_check(struct sk_buff *skb, __be32 saddr, __be32 daddr); -+ -+static inline u32 tcp_notsent_lowat(const struct tcp_sock *tp) -+{ -+ return tp->notsent_lowat ?: sysctl_tcp_notsent_lowat; -+} -+ -+static inline bool tcp_stream_memory_free(const struct sock *sk) -+{ -+ const struct tcp_sock *tp = tcp_sk(sk); -+ u32 notsent_bytes = tp->write_seq - tp->snd_nxt; -+ -+ return notsent_bytes < tcp_notsent_lowat(tp); -+} -+ -+#ifdef CONFIG_PROC_FS -+int tcp4_proc_init(void); -+void tcp4_proc_exit(void); -+#endif -+ -+/* TCP af-specific functions */ -+struct tcp_sock_af_ops { -+#ifdef CONFIG_TCP_MD5SIG -+ struct tcp_md5sig_key *(*md5_lookup) (struct sock *sk, -+ struct sock *addr_sk); -+ int (*calc_md5_hash) (char *location, -+ struct tcp_md5sig_key *md5, -+ const struct sock *sk, -+ const struct request_sock *req, -+ const struct sk_buff *skb); -+ int (*md5_parse) (struct sock *sk, -+ char __user *optval, -+ int optlen); -+#endif -+}; -+ -+struct tcp_request_sock_ops { -+#ifdef CONFIG_TCP_MD5SIG -+ struct tcp_md5sig_key *(*md5_lookup) (struct sock *sk, -+ struct request_sock *req); -+ int (*calc_md5_hash) (char *location, -+ struct tcp_md5sig_key *md5, -+ const struct sock *sk, -+ const struct request_sock *req, -+ const struct sk_buff *skb); -+#endif -+}; -+ -+int tcpv4_offload_init(void); -+ -+void tcp_v4_init(void); -+void tcp_init(void); -+ -+#endif /* _TCP_H */ -diff -Nur linux-3.15-rc7.orig/net/core/request_sock.c linux-3.15-rc7/net/core/request_sock.c ---- linux-3.15-rc7.orig/net/core/request_sock.c 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/core/request_sock.c 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/core/request_sock.c linux-3.15.1/net/core/request_sock.c +--- linux-3.15.1.orig/net/core/request_sock.c 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/core/request_sock.c 2014-06-28 10:10:20.624857911 +0200 @@ -131,6 +131,7 @@ kfree(lopt); } @@ -1699,237 +95,9 @@ diff -Nur linux-3.15-rc7.orig/net/core/request_sock.c linux-3.15-rc7/net/core/re sock_put(lsk); } +#endif -diff -Nur linux-3.15-rc7.orig/net/core/request_sock.c.orig linux-3.15-rc7/net/core/request_sock.c.orig ---- linux-3.15-rc7.orig/net/core/request_sock.c.orig 1970-01-01 01:00:00.000000000 +0100 -+++ linux-3.15-rc7/net/core/request_sock.c.orig 2014-05-26 01:06:00.000000000 +0200 -@@ -0,0 +1,224 @@ -+/* -+ * NET Generic infrastructure for Network protocols. -+ * -+ * Authors: Arnaldo Carvalho de Melo <acme@conectiva.com.br> -+ * -+ * From code originally in include/net/tcp.h -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+ -+#include <linux/module.h> -+#include <linux/random.h> -+#include <linux/slab.h> -+#include <linux/string.h> -+#include <linux/tcp.h> -+#include <linux/vmalloc.h> -+ -+#include <net/request_sock.h> -+ -+/* -+ * Maximum number of SYN_RECV sockets in queue per LISTEN socket. -+ * One SYN_RECV socket costs about 80bytes on a 32bit machine. -+ * It would be better to replace it with a global counter for all sockets -+ * but then some measure against one socket starving all other sockets -+ * would be needed. -+ * -+ * The minimum value of it is 128. Experiments with real servers show that -+ * it is absolutely not enough even at 100conn/sec. 256 cures most -+ * of problems. -+ * This value is adjusted to 128 for low memory machines, -+ * and it will increase in proportion to the memory of machine. -+ * Note : Dont forget somaxconn that may limit backlog too. -+ */ -+int sysctl_max_syn_backlog = 256; -+EXPORT_SYMBOL(sysctl_max_syn_backlog); -+ -+int reqsk_queue_alloc(struct request_sock_queue *queue, -+ unsigned int nr_table_entries) -+{ -+ size_t lopt_size = sizeof(struct listen_sock); -+ struct listen_sock *lopt; -+ -+ nr_table_entries = min_t(u32, nr_table_entries, sysctl_max_syn_backlog); -+ nr_table_entries = max_t(u32, nr_table_entries, 8); -+ nr_table_entries = roundup_pow_of_two(nr_table_entries + 1); -+ lopt_size += nr_table_entries * sizeof(struct request_sock *); -+ if (lopt_size > PAGE_SIZE) -+ lopt = vzalloc(lopt_size); -+ else -+ lopt = kzalloc(lopt_size, GFP_KERNEL); -+ if (lopt == NULL) -+ return -ENOMEM; -+ -+ for (lopt->max_qlen_log = 3; -+ (1 << lopt->max_qlen_log) < nr_table_entries; -+ lopt->max_qlen_log++); -+ -+ get_random_bytes(&lopt->hash_rnd, sizeof(lopt->hash_rnd)); -+ rwlock_init(&queue->syn_wait_lock); -+ queue->rskq_accept_head = NULL; -+ lopt->nr_table_entries = nr_table_entries; -+ -+ write_lock_bh(&queue->syn_wait_lock); -+ queue->listen_opt = lopt; -+ write_unlock_bh(&queue->syn_wait_lock); -+ -+ return 0; -+} -+ -+void __reqsk_queue_destroy(struct request_sock_queue *queue) -+{ -+ struct listen_sock *lopt; -+ size_t lopt_size; -+ -+ /* -+ * this is an error recovery path only -+ * no locking needed and the lopt is not NULL -+ */ -+ -+ lopt = queue->listen_opt; -+ lopt_size = sizeof(struct listen_sock) + -+ lopt->nr_table_entries * sizeof(struct request_sock *); -+ -+ if (lopt_size > PAGE_SIZE) -+ vfree(lopt); -+ else -+ kfree(lopt); -+} -+ -+static inline struct listen_sock *reqsk_queue_yank_listen_sk( -+ struct request_sock_queue *queue) -+{ -+ struct listen_sock *lopt; -+ -+ write_lock_bh(&queue->syn_wait_lock); -+ lopt = queue->listen_opt; -+ queue->listen_opt = NULL; -+ write_unlock_bh(&queue->syn_wait_lock); -+ -+ return lopt; -+} -+ -+void reqsk_queue_destroy(struct request_sock_queue *queue) -+{ -+ /* make all the listen_opt local to us */ -+ struct listen_sock *lopt = reqsk_queue_yank_listen_sk(queue); -+ size_t lopt_size = sizeof(struct listen_sock) + -+ lopt->nr_table_entries * sizeof(struct request_sock *); -+ -+ if (lopt->qlen != 0) { -+ unsigned int i; -+ -+ for (i = 0; i < lopt->nr_table_entries; i++) { -+ struct request_sock *req; -+ -+ while ((req = lopt->syn_table[i]) != NULL) { -+ lopt->syn_table[i] = req->dl_next; -+ lopt->qlen--; -+ reqsk_free(req); -+ } -+ } -+ } -+ -+ WARN_ON(lopt->qlen != 0); -+ if (lopt_size > PAGE_SIZE) -+ vfree(lopt); -+ else -+ kfree(lopt); -+} -+ -+/* -+ * This function is called to set a Fast Open socket's "fastopen_rsk" field -+ * to NULL when a TFO socket no longer needs to access the request_sock. -+ * This happens only after 3WHS has been either completed or aborted (e.g., -+ * RST is received). -+ * -+ * Before TFO, a child socket is created only after 3WHS is completed, -+ * hence it never needs to access the request_sock. things get a lot more -+ * complex with TFO. A child socket, accepted or not, has to access its -+ * request_sock for 3WHS processing, e.g., to retransmit SYN-ACK pkts, -+ * until 3WHS is either completed or aborted. Afterwards the req will stay -+ * until either the child socket is accepted, or in the rare case when the -+ * listener is closed before the child is accepted. -+ * -+ * In short, a request socket is only freed after BOTH 3WHS has completed -+ * (or aborted) and the child socket has been accepted (or listener closed). -+ * When a child socket is accepted, its corresponding req->sk is set to -+ * NULL since it's no longer needed. More importantly, "req->sk == NULL" -+ * will be used by the code below to determine if a child socket has been -+ * accepted or not, and the check is protected by the fastopenq->lock -+ * described below. -+ * -+ * Note that fastopen_rsk is only accessed from the child socket's context -+ * with its socket lock held. But a request_sock (req) can be accessed by -+ * both its child socket through fastopen_rsk, and a listener socket through -+ * icsk_accept_queue.rskq_accept_head. To protect the access a simple spin -+ * lock per listener "icsk->icsk_accept_queue.fastopenq->lock" is created. -+ * only in the rare case when both the listener and the child locks are held, -+ * e.g., in inet_csk_listen_stop() do we not need to acquire the lock. -+ * The lock also protects other fields such as fastopenq->qlen, which is -+ * decremented by this function when fastopen_rsk is no longer needed. -+ * -+ * Note that another solution was to simply use the existing socket lock -+ * from the listener. But first socket lock is difficult to use. It is not -+ * a simple spin lock - one must consider sock_owned_by_user() and arrange -+ * to use sk_add_backlog() stuff. But what really makes it infeasible is the -+ * locking hierarchy violation. E.g., inet_csk_listen_stop() may try to -+ * acquire a child's lock while holding listener's socket lock. A corner -+ * case might also exist in tcp_v4_hnd_req() that will trigger this locking -+ * order. -+ * -+ * When a TFO req is created, it needs to sock_hold its listener to prevent -+ * the latter data structure from going away. -+ * -+ * This function also sets "treq->listener" to NULL and unreference listener -+ * socket. treq->listener is used by the listener so it is protected by the -+ * fastopenq->lock in this function. -+ */ -+void reqsk_fastopen_remove(struct sock *sk, struct request_sock *req, -+ bool reset) -+{ -+ struct sock *lsk = tcp_rsk(req)->listener; -+ struct fastopen_queue *fastopenq = -+ inet_csk(lsk)->icsk_accept_queue.fastopenq; -+ -+ tcp_sk(sk)->fastopen_rsk = NULL; -+ spin_lock_bh(&fastopenq->lock); -+ fastopenq->qlen--; -+ tcp_rsk(req)->listener = NULL; -+ if (req->sk) /* the child socket hasn't been accepted yet */ -+ goto out; -+ -+ if (!reset || lsk->sk_state != TCP_LISTEN) { -+ /* If the listener has been closed don't bother with the -+ * special RST handling below. -+ */ -+ spin_unlock_bh(&fastopenq->lock); -+ sock_put(lsk); -+ reqsk_free(req); -+ return; -+ } -+ /* Wait for 60secs before removing a req that has triggered RST. -+ * This is a simple defense against TFO spoofing attack - by -+ * counting the req against fastopen.max_qlen, and disabling -+ * TFO when the qlen exceeds max_qlen. -+ * -+ * For more details see CoNext'11 "TCP Fast Open" paper. -+ */ -+ req->expires = jiffies + 60*HZ; -+ if (fastopenq->rskq_rst_head == NULL) -+ fastopenq->rskq_rst_head = req; -+ else -+ fastopenq->rskq_rst_tail->dl_next = req; -+ -+ req->dl_next = NULL; -+ fastopenq->rskq_rst_tail = req; -+ fastopenq->qlen++; -+out: -+ spin_unlock_bh(&fastopenq->lock); -+ sock_put(lsk); -+} -diff -Nur linux-3.15-rc7.orig/net/ipv4/Kconfig linux-3.15-rc7/net/ipv4/Kconfig ---- linux-3.15-rc7.orig/net/ipv4/Kconfig 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/ipv4/Kconfig 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/ipv4/Kconfig linux-3.15.1/net/ipv4/Kconfig +--- linux-3.15.1.orig/net/ipv4/Kconfig 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/ipv4/Kconfig 2014-06-28 10:10:20.624857911 +0200 @@ -307,6 +307,10 @@ the notion of a secure tunnel for IPSEC and then use routing protocol on top. @@ -1941,9 +109,9 @@ diff -Nur linux-3.15-rc7.orig/net/ipv4/Kconfig linux-3.15-rc7/net/ipv4/Kconfig config INET_AH tristate "IP: AH transformation" select XFRM_ALGO -diff -Nur linux-3.15-rc7.orig/net/ipv4/Makefile linux-3.15-rc7/net/ipv4/Makefile ---- linux-3.15-rc7.orig/net/ipv4/Makefile 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/ipv4/Makefile 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/ipv4/Makefile linux-3.15.1/net/ipv4/Makefile +--- linux-3.15.1.orig/net/ipv4/Makefile 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/ipv4/Makefile 2014-06-28 10:10:20.624857911 +0200 @@ -7,7 +7,7 @@ ip_output.o ip_sockglue.o inet_hashtables.o \ inet_timewait_sock.o inet_connection_sock.o \ @@ -1961,9 +129,9 @@ diff -Nur linux-3.15-rc7.orig/net/ipv4/Makefile linux-3.15-rc7/net/ipv4/Makefile obj-$(CONFIG_MEMCG_KMEM) += tcp_memcontrol.o obj-$(CONFIG_NETLABEL) += cipso_ipv4.o -diff -Nur linux-3.15-rc7.orig/net/ipv4/sysctl_net_ipv4.c linux-3.15-rc7/net/ipv4/sysctl_net_ipv4.c ---- linux-3.15-rc7.orig/net/ipv4/sysctl_net_ipv4.c 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/ipv4/sysctl_net_ipv4.c 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/ipv4/sysctl_net_ipv4.c linux-3.15.1/net/ipv4/sysctl_net_ipv4.c +--- linux-3.15.1.orig/net/ipv4/sysctl_net_ipv4.c 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/ipv4/sysctl_net_ipv4.c 2014-06-28 10:10:20.624857911 +0200 @@ -200,6 +200,7 @@ return ret; } @@ -1996,9 +164,9 @@ diff -Nur linux-3.15-rc7.orig/net/ipv4/sysctl_net_ipv4.c linux-3.15-rc7/net/ipv4 { .procname = "tcp_tw_recycle", .data = &tcp_death_row.sysctl_tw_recycle, -diff -Nur linux-3.15-rc7.orig/net/ipv4/tcp.c linux-3.15-rc7/net/ipv4/tcp.c ---- linux-3.15-rc7.orig/net/ipv4/tcp.c 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/ipv4/tcp.c 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/ipv4/tcp.c linux-3.15.1/net/ipv4/tcp.c +--- linux-3.15.1.orig/net/ipv4/tcp.c 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/ipv4/tcp.c 2014-06-28 10:10:20.624857911 +0200 @@ -1036,6 +1036,7 @@ return tmp; } @@ -2031,9 +199,9 @@ diff -Nur linux-3.15-rc7.orig/net/ipv4/tcp.c linux-3.15-rc7/net/ipv4/tcp.c timeo = sock_sndtimeo(sk, flags & MSG_DONTWAIT); -diff -Nur linux-3.15-rc7.orig/net/ipv4/tcp_ipv4.c linux-3.15-rc7/net/ipv4/tcp_ipv4.c ---- linux-3.15-rc7.orig/net/ipv4/tcp_ipv4.c 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/ipv4/tcp_ipv4.c 2014-05-31 22:42:49.032605359 +0200 +diff -Nur linux-3.15.1.orig/net/ipv4/tcp_ipv4.c linux-3.15.1/net/ipv4/tcp_ipv4.c +--- linux-3.15.1.orig/net/ipv4/tcp_ipv4.c 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/ipv4/tcp_ipv4.c 2014-06-28 10:10:20.624857911 +0200 @@ -1260,6 +1260,7 @@ }; #endif @@ -2066,9 +234,9 @@ diff -Nur linux-3.15-rc7.orig/net/ipv4/tcp_ipv4.c linux-3.15-rc7/net/ipv4/tcp_ip int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb) { -diff -Nur linux-3.15-rc7.orig/net/Kconfig linux-3.15-rc7/net/Kconfig ---- linux-3.15-rc7.orig/net/Kconfig 2014-05-26 01:06:00.000000000 +0200 -+++ linux-3.15-rc7/net/Kconfig 2014-05-31 22:42:49.028605326 +0200 +diff -Nur linux-3.15.1.orig/net/Kconfig linux-3.15.1/net/Kconfig +--- linux-3.15.1.orig/net/Kconfig 2014-06-16 22:44:27.000000000 +0200 ++++ linux-3.15.1/net/Kconfig 2014-06-28 10:10:20.628857913 +0200 @@ -53,8 +53,8 @@ config INET |