1eda7acddSPeter Krystad // SPDX-License-Identifier: GPL-2.0 2eda7acddSPeter Krystad /* Multipath TCP 3eda7acddSPeter Krystad * 4eda7acddSPeter Krystad * Copyright (c) 2017 - 2019, Intel Corporation. 5eda7acddSPeter Krystad */ 6eda7acddSPeter Krystad 7eda7acddSPeter Krystad #include <linux/kernel.h> 8eda7acddSPeter Krystad #include <net/tcp.h> 9eda7acddSPeter Krystad #include <net/mptcp.h> 10eda7acddSPeter Krystad #include "protocol.h" 11eda7acddSPeter Krystad 1265492c5aSPaolo Abeni static bool mptcp_cap_flag_sha256(u8 flags) 1365492c5aSPaolo Abeni { 1465492c5aSPaolo Abeni return (flags & MPTCP_CAP_FLAG_MASK) == MPTCP_CAP_HMAC_SHA256; 1565492c5aSPaolo Abeni } 1665492c5aSPaolo Abeni 17cc7972eaSChristoph Paasch void mptcp_parse_option(const struct sk_buff *skb, const unsigned char *ptr, 18cc7972eaSChristoph Paasch int opsize, struct tcp_options_received *opt_rx) 19eda7acddSPeter Krystad { 20eda7acddSPeter Krystad struct mptcp_options_received *mp_opt = &opt_rx->mptcp; 21eda7acddSPeter Krystad u8 subtype = *ptr >> 4; 22648ef4b8SMat Martineau int expected_opsize; 23eda7acddSPeter Krystad u8 version; 24eda7acddSPeter Krystad u8 flags; 25eda7acddSPeter Krystad 26eda7acddSPeter Krystad switch (subtype) { 27eda7acddSPeter Krystad case MPTCPOPT_MP_CAPABLE: 28cc7972eaSChristoph Paasch /* strict size checking */ 29cc7972eaSChristoph Paasch if (!(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)) { 30cc7972eaSChristoph Paasch if (skb->len > tcp_hdr(skb)->doff << 2) 31cc7972eaSChristoph Paasch expected_opsize = TCPOLEN_MPTCP_MPC_ACK_DATA; 32cc7972eaSChristoph Paasch else 33cc7972eaSChristoph Paasch expected_opsize = TCPOLEN_MPTCP_MPC_ACK; 34cc7972eaSChristoph Paasch } else { 35cc7972eaSChristoph Paasch if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_ACK) 36cc7972eaSChristoph Paasch expected_opsize = TCPOLEN_MPTCP_MPC_SYNACK; 37cc7972eaSChristoph Paasch else 38cc7972eaSChristoph Paasch expected_opsize = TCPOLEN_MPTCP_MPC_SYN; 39cc7972eaSChristoph Paasch } 40cc7972eaSChristoph Paasch if (opsize != expected_opsize) 41eda7acddSPeter Krystad break; 42eda7acddSPeter Krystad 43cc7972eaSChristoph Paasch /* try to be gentle vs future versions on the initial syn */ 44eda7acddSPeter Krystad version = *ptr++ & MPTCP_VERSION_MASK; 45cc7972eaSChristoph Paasch if (opsize != TCPOLEN_MPTCP_MPC_SYN) { 46eda7acddSPeter Krystad if (version != MPTCP_SUPPORTED_VERSION) 47eda7acddSPeter Krystad break; 48cc7972eaSChristoph Paasch } else if (version < MPTCP_SUPPORTED_VERSION) { 49cc7972eaSChristoph Paasch break; 50cc7972eaSChristoph Paasch } 51eda7acddSPeter Krystad 52eda7acddSPeter Krystad flags = *ptr++; 5365492c5aSPaolo Abeni if (!mptcp_cap_flag_sha256(flags) || 54eda7acddSPeter Krystad (flags & MPTCP_CAP_EXTENSIBILITY)) 55eda7acddSPeter Krystad break; 56eda7acddSPeter Krystad 57eda7acddSPeter Krystad /* RFC 6824, Section 3.1: 58eda7acddSPeter Krystad * "For the Checksum Required bit (labeled "A"), if either 59eda7acddSPeter Krystad * host requires the use of checksums, checksums MUST be used. 60eda7acddSPeter Krystad * In other words, the only way for checksums not to be used 61eda7acddSPeter Krystad * is if both hosts in their SYNs set A=0." 62eda7acddSPeter Krystad * 63eda7acddSPeter Krystad * Section 3.3.0: 64eda7acddSPeter Krystad * "If a checksum is not present when its use has been 65eda7acddSPeter Krystad * negotiated, the receiver MUST close the subflow with a RST as 66eda7acddSPeter Krystad * it is considered broken." 67eda7acddSPeter Krystad * 68eda7acddSPeter Krystad * We don't implement DSS checksum - fall back to TCP. 69eda7acddSPeter Krystad */ 70eda7acddSPeter Krystad if (flags & MPTCP_CAP_CHECKSUM_REQD) 71eda7acddSPeter Krystad break; 72eda7acddSPeter Krystad 73eda7acddSPeter Krystad mp_opt->mp_capable = 1; 74cc7972eaSChristoph Paasch if (opsize >= TCPOLEN_MPTCP_MPC_SYNACK) { 75eda7acddSPeter Krystad mp_opt->sndr_key = get_unaligned_be64(ptr); 76eda7acddSPeter Krystad ptr += 8; 77cc7972eaSChristoph Paasch } 78cc7972eaSChristoph Paasch if (opsize >= TCPOLEN_MPTCP_MPC_ACK) { 79eda7acddSPeter Krystad mp_opt->rcvr_key = get_unaligned_be64(ptr); 80eda7acddSPeter Krystad ptr += 8; 81eda7acddSPeter Krystad } 82cc7972eaSChristoph Paasch if (opsize == TCPOLEN_MPTCP_MPC_ACK_DATA) { 83cc7972eaSChristoph Paasch /* Section 3.1.: 84cc7972eaSChristoph Paasch * "the data parameters in a MP_CAPABLE are semantically 85cc7972eaSChristoph Paasch * equivalent to those in a DSS option and can be used 86cc7972eaSChristoph Paasch * interchangeably." 87cc7972eaSChristoph Paasch */ 88cc7972eaSChristoph Paasch mp_opt->dss = 1; 89cc7972eaSChristoph Paasch mp_opt->use_map = 1; 90cc7972eaSChristoph Paasch mp_opt->mpc_map = 1; 91cc7972eaSChristoph Paasch mp_opt->data_len = get_unaligned_be16(ptr); 92cc7972eaSChristoph Paasch ptr += 2; 93cc7972eaSChristoph Paasch } 94cc7972eaSChristoph Paasch pr_debug("MP_CAPABLE version=%x, flags=%x, optlen=%d sndr=%llu, rcvr=%llu len=%d", 95cc7972eaSChristoph Paasch version, flags, opsize, mp_opt->sndr_key, 96cc7972eaSChristoph Paasch mp_opt->rcvr_key, mp_opt->data_len); 97eda7acddSPeter Krystad break; 98eda7acddSPeter Krystad 99*f296234cSPeter Krystad case MPTCPOPT_MP_JOIN: 100*f296234cSPeter Krystad mp_opt->mp_join = 1; 101*f296234cSPeter Krystad if (opsize == TCPOLEN_MPTCP_MPJ_SYN) { 102*f296234cSPeter Krystad mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP; 103*f296234cSPeter Krystad mp_opt->join_id = *ptr++; 104*f296234cSPeter Krystad mp_opt->token = get_unaligned_be32(ptr); 105*f296234cSPeter Krystad ptr += 4; 106*f296234cSPeter Krystad mp_opt->nonce = get_unaligned_be32(ptr); 107*f296234cSPeter Krystad ptr += 4; 108*f296234cSPeter Krystad pr_debug("MP_JOIN bkup=%u, id=%u, token=%u, nonce=%u", 109*f296234cSPeter Krystad mp_opt->backup, mp_opt->join_id, 110*f296234cSPeter Krystad mp_opt->token, mp_opt->nonce); 111*f296234cSPeter Krystad } else if (opsize == TCPOLEN_MPTCP_MPJ_SYNACK) { 112*f296234cSPeter Krystad mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP; 113*f296234cSPeter Krystad mp_opt->join_id = *ptr++; 114*f296234cSPeter Krystad mp_opt->thmac = get_unaligned_be64(ptr); 115*f296234cSPeter Krystad ptr += 8; 116*f296234cSPeter Krystad mp_opt->nonce = get_unaligned_be32(ptr); 117*f296234cSPeter Krystad ptr += 4; 118*f296234cSPeter Krystad pr_debug("MP_JOIN bkup=%u, id=%u, thmac=%llu, nonce=%u", 119*f296234cSPeter Krystad mp_opt->backup, mp_opt->join_id, 120*f296234cSPeter Krystad mp_opt->thmac, mp_opt->nonce); 121*f296234cSPeter Krystad } else if (opsize == TCPOLEN_MPTCP_MPJ_ACK) { 122*f296234cSPeter Krystad ptr += 2; 123*f296234cSPeter Krystad memcpy(mp_opt->hmac, ptr, MPTCPOPT_HMAC_LEN); 124*f296234cSPeter Krystad pr_debug("MP_JOIN hmac"); 125*f296234cSPeter Krystad } else { 126*f296234cSPeter Krystad pr_warn("MP_JOIN bad option size"); 127*f296234cSPeter Krystad mp_opt->mp_join = 0; 128*f296234cSPeter Krystad } 129*f296234cSPeter Krystad break; 130*f296234cSPeter Krystad 131eda7acddSPeter Krystad case MPTCPOPT_DSS: 132eda7acddSPeter Krystad pr_debug("DSS"); 133648ef4b8SMat Martineau ptr++; 134648ef4b8SMat Martineau 135cc7972eaSChristoph Paasch /* we must clear 'mpc_map' be able to detect MP_CAPABLE 136cc7972eaSChristoph Paasch * map vs DSS map in mptcp_incoming_options(), and reconstruct 137cc7972eaSChristoph Paasch * map info accordingly 138cc7972eaSChristoph Paasch */ 139cc7972eaSChristoph Paasch mp_opt->mpc_map = 0; 140648ef4b8SMat Martineau flags = (*ptr++) & MPTCP_DSS_FLAG_MASK; 141648ef4b8SMat Martineau mp_opt->data_fin = (flags & MPTCP_DSS_DATA_FIN) != 0; 142648ef4b8SMat Martineau mp_opt->dsn64 = (flags & MPTCP_DSS_DSN64) != 0; 143648ef4b8SMat Martineau mp_opt->use_map = (flags & MPTCP_DSS_HAS_MAP) != 0; 144648ef4b8SMat Martineau mp_opt->ack64 = (flags & MPTCP_DSS_ACK64) != 0; 145648ef4b8SMat Martineau mp_opt->use_ack = (flags & MPTCP_DSS_HAS_ACK); 146648ef4b8SMat Martineau 147648ef4b8SMat Martineau pr_debug("data_fin=%d dsn64=%d use_map=%d ack64=%d use_ack=%d", 148648ef4b8SMat Martineau mp_opt->data_fin, mp_opt->dsn64, 149648ef4b8SMat Martineau mp_opt->use_map, mp_opt->ack64, 150648ef4b8SMat Martineau mp_opt->use_ack); 151648ef4b8SMat Martineau 152648ef4b8SMat Martineau expected_opsize = TCPOLEN_MPTCP_DSS_BASE; 153648ef4b8SMat Martineau 154648ef4b8SMat Martineau if (mp_opt->use_ack) { 155648ef4b8SMat Martineau if (mp_opt->ack64) 156648ef4b8SMat Martineau expected_opsize += TCPOLEN_MPTCP_DSS_ACK64; 157648ef4b8SMat Martineau else 158648ef4b8SMat Martineau expected_opsize += TCPOLEN_MPTCP_DSS_ACK32; 159648ef4b8SMat Martineau } 160648ef4b8SMat Martineau 161648ef4b8SMat Martineau if (mp_opt->use_map) { 162648ef4b8SMat Martineau if (mp_opt->dsn64) 163648ef4b8SMat Martineau expected_opsize += TCPOLEN_MPTCP_DSS_MAP64; 164648ef4b8SMat Martineau else 165648ef4b8SMat Martineau expected_opsize += TCPOLEN_MPTCP_DSS_MAP32; 166648ef4b8SMat Martineau } 167648ef4b8SMat Martineau 168648ef4b8SMat Martineau /* RFC 6824, Section 3.3: 169648ef4b8SMat Martineau * If a checksum is present, but its use had 170648ef4b8SMat Martineau * not been negotiated in the MP_CAPABLE handshake, 171648ef4b8SMat Martineau * the checksum field MUST be ignored. 172648ef4b8SMat Martineau */ 173648ef4b8SMat Martineau if (opsize != expected_opsize && 174648ef4b8SMat Martineau opsize != expected_opsize + TCPOLEN_MPTCP_DSS_CHECKSUM) 175648ef4b8SMat Martineau break; 176648ef4b8SMat Martineau 177eda7acddSPeter Krystad mp_opt->dss = 1; 178648ef4b8SMat Martineau 179648ef4b8SMat Martineau if (mp_opt->use_ack) { 180648ef4b8SMat Martineau if (mp_opt->ack64) { 181648ef4b8SMat Martineau mp_opt->data_ack = get_unaligned_be64(ptr); 182648ef4b8SMat Martineau ptr += 8; 183648ef4b8SMat Martineau } else { 184648ef4b8SMat Martineau mp_opt->data_ack = get_unaligned_be32(ptr); 185648ef4b8SMat Martineau ptr += 4; 186648ef4b8SMat Martineau } 187648ef4b8SMat Martineau 188648ef4b8SMat Martineau pr_debug("data_ack=%llu", mp_opt->data_ack); 189648ef4b8SMat Martineau } 190648ef4b8SMat Martineau 191648ef4b8SMat Martineau if (mp_opt->use_map) { 192648ef4b8SMat Martineau if (mp_opt->dsn64) { 193648ef4b8SMat Martineau mp_opt->data_seq = get_unaligned_be64(ptr); 194648ef4b8SMat Martineau ptr += 8; 195648ef4b8SMat Martineau } else { 196648ef4b8SMat Martineau mp_opt->data_seq = get_unaligned_be32(ptr); 197648ef4b8SMat Martineau ptr += 4; 198648ef4b8SMat Martineau } 199648ef4b8SMat Martineau 200648ef4b8SMat Martineau mp_opt->subflow_seq = get_unaligned_be32(ptr); 201648ef4b8SMat Martineau ptr += 4; 202648ef4b8SMat Martineau 203648ef4b8SMat Martineau mp_opt->data_len = get_unaligned_be16(ptr); 204648ef4b8SMat Martineau ptr += 2; 205648ef4b8SMat Martineau 206648ef4b8SMat Martineau pr_debug("data_seq=%llu subflow_seq=%u data_len=%u", 207648ef4b8SMat Martineau mp_opt->data_seq, mp_opt->subflow_seq, 208648ef4b8SMat Martineau mp_opt->data_len); 209648ef4b8SMat Martineau } 210648ef4b8SMat Martineau 211eda7acddSPeter Krystad break; 212eda7acddSPeter Krystad 2133df523abSPeter Krystad case MPTCPOPT_ADD_ADDR: 2143df523abSPeter Krystad mp_opt->echo = (*ptr++) & MPTCP_ADDR_ECHO; 2153df523abSPeter Krystad if (!mp_opt->echo) { 2163df523abSPeter Krystad if (opsize == TCPOLEN_MPTCP_ADD_ADDR || 2173df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT) 2183df523abSPeter Krystad mp_opt->family = MPTCP_ADDR_IPVERSION_4; 2193df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 2203df523abSPeter Krystad else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6 || 2213df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT) 2223df523abSPeter Krystad mp_opt->family = MPTCP_ADDR_IPVERSION_6; 2233df523abSPeter Krystad #endif 2243df523abSPeter Krystad else 2253df523abSPeter Krystad break; 2263df523abSPeter Krystad } else { 2273df523abSPeter Krystad if (opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE || 2283df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT) 2293df523abSPeter Krystad mp_opt->family = MPTCP_ADDR_IPVERSION_4; 2303df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 2313df523abSPeter Krystad else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE || 2323df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT) 2333df523abSPeter Krystad mp_opt->family = MPTCP_ADDR_IPVERSION_6; 2343df523abSPeter Krystad #endif 2353df523abSPeter Krystad else 2363df523abSPeter Krystad break; 2373df523abSPeter Krystad } 2383df523abSPeter Krystad 2393df523abSPeter Krystad mp_opt->add_addr = 1; 2403df523abSPeter Krystad mp_opt->port = 0; 2413df523abSPeter Krystad mp_opt->addr_id = *ptr++; 2423df523abSPeter Krystad pr_debug("ADD_ADDR: id=%d", mp_opt->addr_id); 2433df523abSPeter Krystad if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) { 2443df523abSPeter Krystad memcpy((u8 *)&mp_opt->addr.s_addr, (u8 *)ptr, 4); 2453df523abSPeter Krystad ptr += 4; 2463df523abSPeter Krystad if (opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT || 2473df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT) { 2483df523abSPeter Krystad mp_opt->port = get_unaligned_be16(ptr); 2493df523abSPeter Krystad ptr += 2; 2503df523abSPeter Krystad } 2513df523abSPeter Krystad } 2523df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 2533df523abSPeter Krystad else { 2543df523abSPeter Krystad memcpy(mp_opt->addr6.s6_addr, (u8 *)ptr, 16); 2553df523abSPeter Krystad ptr += 16; 2563df523abSPeter Krystad if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT || 2573df523abSPeter Krystad opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT) { 2583df523abSPeter Krystad mp_opt->port = get_unaligned_be16(ptr); 2593df523abSPeter Krystad ptr += 2; 2603df523abSPeter Krystad } 2613df523abSPeter Krystad } 2623df523abSPeter Krystad #endif 2633df523abSPeter Krystad if (!mp_opt->echo) { 2643df523abSPeter Krystad mp_opt->ahmac = get_unaligned_be64(ptr); 2653df523abSPeter Krystad ptr += 8; 2663df523abSPeter Krystad } 2673df523abSPeter Krystad break; 2683df523abSPeter Krystad 2693df523abSPeter Krystad case MPTCPOPT_RM_ADDR: 2703df523abSPeter Krystad if (opsize != TCPOLEN_MPTCP_RM_ADDR_BASE) 2713df523abSPeter Krystad break; 2723df523abSPeter Krystad 2733df523abSPeter Krystad mp_opt->rm_addr = 1; 2743df523abSPeter Krystad mp_opt->rm_id = *ptr++; 2753df523abSPeter Krystad pr_debug("RM_ADDR: id=%d", mp_opt->rm_id); 2763df523abSPeter Krystad break; 2773df523abSPeter Krystad 278eda7acddSPeter Krystad default: 279eda7acddSPeter Krystad break; 280eda7acddSPeter Krystad } 281eda7acddSPeter Krystad } 282eda7acddSPeter Krystad 283cec37a6eSPeter Krystad void mptcp_get_options(const struct sk_buff *skb, 284cec37a6eSPeter Krystad struct tcp_options_received *opt_rx) 285cec37a6eSPeter Krystad { 286cec37a6eSPeter Krystad const unsigned char *ptr; 287cec37a6eSPeter Krystad const struct tcphdr *th = tcp_hdr(skb); 288cec37a6eSPeter Krystad int length = (th->doff * 4) - sizeof(struct tcphdr); 289cec37a6eSPeter Krystad 290cec37a6eSPeter Krystad ptr = (const unsigned char *)(th + 1); 291cec37a6eSPeter Krystad 292cec37a6eSPeter Krystad while (length > 0) { 293cec37a6eSPeter Krystad int opcode = *ptr++; 294cec37a6eSPeter Krystad int opsize; 295cec37a6eSPeter Krystad 296cec37a6eSPeter Krystad switch (opcode) { 297cec37a6eSPeter Krystad case TCPOPT_EOL: 298cec37a6eSPeter Krystad return; 299cec37a6eSPeter Krystad case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */ 300cec37a6eSPeter Krystad length--; 301cec37a6eSPeter Krystad continue; 302cec37a6eSPeter Krystad default: 303cec37a6eSPeter Krystad opsize = *ptr++; 304cec37a6eSPeter Krystad if (opsize < 2) /* "silly options" */ 305cec37a6eSPeter Krystad return; 306cec37a6eSPeter Krystad if (opsize > length) 307cec37a6eSPeter Krystad return; /* don't parse partial options */ 308cec37a6eSPeter Krystad if (opcode == TCPOPT_MPTCP) 309cc7972eaSChristoph Paasch mptcp_parse_option(skb, ptr, opsize, opt_rx); 310cec37a6eSPeter Krystad ptr += opsize - 2; 311cec37a6eSPeter Krystad length -= opsize; 312cec37a6eSPeter Krystad } 313cec37a6eSPeter Krystad } 314cec37a6eSPeter Krystad } 315cec37a6eSPeter Krystad 316cc7972eaSChristoph Paasch bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb, 317cc7972eaSChristoph Paasch unsigned int *size, struct mptcp_out_options *opts) 318cec37a6eSPeter Krystad { 319cec37a6eSPeter Krystad struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 320cec37a6eSPeter Krystad 321cc7972eaSChristoph Paasch /* we will use snd_isn to detect first pkt [re]transmission 322cc7972eaSChristoph Paasch * in mptcp_established_options_mp() 323cc7972eaSChristoph Paasch */ 324cc7972eaSChristoph Paasch subflow->snd_isn = TCP_SKB_CB(skb)->end_seq; 325cec37a6eSPeter Krystad if (subflow->request_mptcp) { 326cec37a6eSPeter Krystad pr_debug("local_key=%llu", subflow->local_key); 327cec37a6eSPeter Krystad opts->suboptions = OPTION_MPTCP_MPC_SYN; 328cec37a6eSPeter Krystad opts->sndr_key = subflow->local_key; 329cec37a6eSPeter Krystad *size = TCPOLEN_MPTCP_MPC_SYN; 330cec37a6eSPeter Krystad return true; 331cec37a6eSPeter Krystad } 332cec37a6eSPeter Krystad return false; 333cec37a6eSPeter Krystad } 334cec37a6eSPeter Krystad 335cec37a6eSPeter Krystad void mptcp_rcv_synsent(struct sock *sk) 336cec37a6eSPeter Krystad { 337cec37a6eSPeter Krystad struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 338cec37a6eSPeter Krystad struct tcp_sock *tp = tcp_sk(sk); 339cec37a6eSPeter Krystad 340cec37a6eSPeter Krystad pr_debug("subflow=%p", subflow); 341cec37a6eSPeter Krystad if (subflow->request_mptcp && tp->rx_opt.mptcp.mp_capable) { 342cec37a6eSPeter Krystad subflow->mp_capable = 1; 343d22f4988SChristoph Paasch subflow->can_ack = 1; 344cec37a6eSPeter Krystad subflow->remote_key = tp->rx_opt.mptcp.sndr_key; 345cec37a6eSPeter Krystad } else { 346cec37a6eSPeter Krystad tcp_sk(sk)->is_mptcp = 0; 347cec37a6eSPeter Krystad } 348cec37a6eSPeter Krystad } 349cec37a6eSPeter Krystad 350cc7972eaSChristoph Paasch static bool mptcp_established_options_mp(struct sock *sk, struct sk_buff *skb, 351cc7972eaSChristoph Paasch unsigned int *size, 3526d0060f6SMat Martineau unsigned int remaining, 353cec37a6eSPeter Krystad struct mptcp_out_options *opts) 354cec37a6eSPeter Krystad { 355cec37a6eSPeter Krystad struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 356cc7972eaSChristoph Paasch struct mptcp_ext *mpext; 357cc7972eaSChristoph Paasch unsigned int data_len; 358cec37a6eSPeter Krystad 3590be534f5SPaolo Abeni pr_debug("subflow=%p fully established=%d seq=%x:%x remaining=%d", 3600be534f5SPaolo Abeni subflow, subflow->fully_established, subflow->snd_isn, 361cc7972eaSChristoph Paasch skb ? TCP_SKB_CB(skb)->seq : 0, remaining); 362cc7972eaSChristoph Paasch 3630be534f5SPaolo Abeni if (subflow->mp_capable && !subflow->fully_established && skb && 364cc7972eaSChristoph Paasch subflow->snd_isn == TCP_SKB_CB(skb)->seq) { 365cc7972eaSChristoph Paasch /* When skb is not available, we better over-estimate the 366cc7972eaSChristoph Paasch * emitted options len. A full DSS option is longer than 367cc7972eaSChristoph Paasch * TCPOLEN_MPTCP_MPC_ACK_DATA, so let's the caller try to fit 368cc7972eaSChristoph Paasch * that. 369cc7972eaSChristoph Paasch */ 370cc7972eaSChristoph Paasch mpext = mptcp_get_ext(skb); 371cc7972eaSChristoph Paasch data_len = mpext ? mpext->data_len : 0; 372cc7972eaSChristoph Paasch 373cc7972eaSChristoph Paasch /* we will check ext_copy.data_len in mptcp_write_options() to 374cc7972eaSChristoph Paasch * discriminate between TCPOLEN_MPTCP_MPC_ACK_DATA and 375cc7972eaSChristoph Paasch * TCPOLEN_MPTCP_MPC_ACK 376cc7972eaSChristoph Paasch */ 377cc7972eaSChristoph Paasch opts->ext_copy.data_len = data_len; 378cec37a6eSPeter Krystad opts->suboptions = OPTION_MPTCP_MPC_ACK; 379cec37a6eSPeter Krystad opts->sndr_key = subflow->local_key; 380cec37a6eSPeter Krystad opts->rcvr_key = subflow->remote_key; 381cc7972eaSChristoph Paasch 382cc7972eaSChristoph Paasch /* Section 3.1. 383cc7972eaSChristoph Paasch * The MP_CAPABLE option is carried on the SYN, SYN/ACK, and ACK 384cc7972eaSChristoph Paasch * packets that start the first subflow of an MPTCP connection, 385cc7972eaSChristoph Paasch * as well as the first packet that carries data 386cc7972eaSChristoph Paasch */ 387cc7972eaSChristoph Paasch if (data_len > 0) 388cc7972eaSChristoph Paasch *size = ALIGN(TCPOLEN_MPTCP_MPC_ACK_DATA, 4); 389cc7972eaSChristoph Paasch else 390cec37a6eSPeter Krystad *size = TCPOLEN_MPTCP_MPC_ACK; 391cc7972eaSChristoph Paasch 392cc7972eaSChristoph Paasch pr_debug("subflow=%p, local_key=%llu, remote_key=%llu map_len=%d", 393cc7972eaSChristoph Paasch subflow, subflow->local_key, subflow->remote_key, 394cc7972eaSChristoph Paasch data_len); 395cc7972eaSChristoph Paasch 396cec37a6eSPeter Krystad return true; 397cec37a6eSPeter Krystad } 398cec37a6eSPeter Krystad return false; 399cec37a6eSPeter Krystad } 400cec37a6eSPeter Krystad 4016d0060f6SMat Martineau static void mptcp_write_data_fin(struct mptcp_subflow_context *subflow, 4026d0060f6SMat Martineau struct mptcp_ext *ext) 4036d0060f6SMat Martineau { 4046d0060f6SMat Martineau if (!ext->use_map) { 4056d0060f6SMat Martineau /* RFC6824 requires a DSS mapping with specific values 4066d0060f6SMat Martineau * if DATA_FIN is set but no data payload is mapped 4076d0060f6SMat Martineau */ 4086d37a0b8SMat Martineau ext->data_fin = 1; 4096d0060f6SMat Martineau ext->use_map = 1; 4106d0060f6SMat Martineau ext->dsn64 = 1; 41176c42a29SMat Martineau ext->data_seq = subflow->data_fin_tx_seq; 4126d0060f6SMat Martineau ext->subflow_seq = 0; 4136d0060f6SMat Martineau ext->data_len = 1; 4146d37a0b8SMat Martineau } else if (ext->data_seq + ext->data_len == subflow->data_fin_tx_seq) { 4156d37a0b8SMat Martineau /* If there's an existing DSS mapping and it is the 4166d37a0b8SMat Martineau * final mapping, DATA_FIN consumes 1 additional byte of 4176d37a0b8SMat Martineau * mapping space. 4186d0060f6SMat Martineau */ 4196d37a0b8SMat Martineau ext->data_fin = 1; 4206d0060f6SMat Martineau ext->data_len++; 4216d0060f6SMat Martineau } 4226d0060f6SMat Martineau } 4236d0060f6SMat Martineau 4246d0060f6SMat Martineau static bool mptcp_established_options_dss(struct sock *sk, struct sk_buff *skb, 4256d0060f6SMat Martineau unsigned int *size, 4266d0060f6SMat Martineau unsigned int remaining, 4276d0060f6SMat Martineau struct mptcp_out_options *opts) 4286d0060f6SMat Martineau { 4296d0060f6SMat Martineau struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 4306d0060f6SMat Martineau unsigned int dss_size = 0; 4316d0060f6SMat Martineau struct mptcp_ext *mpext; 4326d0060f6SMat Martineau struct mptcp_sock *msk; 4336d0060f6SMat Martineau unsigned int ack_size; 434d22f4988SChristoph Paasch bool ret = false; 4356d0060f6SMat Martineau u8 tcp_fin; 4366d0060f6SMat Martineau 4376d0060f6SMat Martineau if (skb) { 4386d0060f6SMat Martineau mpext = mptcp_get_ext(skb); 4396d0060f6SMat Martineau tcp_fin = TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN; 4406d0060f6SMat Martineau } else { 4416d0060f6SMat Martineau mpext = NULL; 4426d0060f6SMat Martineau tcp_fin = 0; 4436d0060f6SMat Martineau } 4446d0060f6SMat Martineau 4456d0060f6SMat Martineau if (!skb || (mpext && mpext->use_map) || tcp_fin) { 4466d0060f6SMat Martineau unsigned int map_size; 4476d0060f6SMat Martineau 4486d0060f6SMat Martineau map_size = TCPOLEN_MPTCP_DSS_BASE + TCPOLEN_MPTCP_DSS_MAP64; 4496d0060f6SMat Martineau 4506d0060f6SMat Martineau remaining -= map_size; 4516d0060f6SMat Martineau dss_size = map_size; 4526d0060f6SMat Martineau if (mpext) 4536d0060f6SMat Martineau opts->ext_copy = *mpext; 4546d0060f6SMat Martineau 45576c42a29SMat Martineau if (skb && tcp_fin && subflow->data_fin_tx_enable) 4566d0060f6SMat Martineau mptcp_write_data_fin(subflow, &opts->ext_copy); 457d22f4988SChristoph Paasch ret = true; 458d22f4988SChristoph Paasch } 459d22f4988SChristoph Paasch 4602398e399SPaolo Abeni /* passive sockets msk will set the 'can_ack' after accept(), even 4612398e399SPaolo Abeni * if the first subflow may have the already the remote key handy 4622398e399SPaolo Abeni */ 463d22f4988SChristoph Paasch opts->ext_copy.use_ack = 0; 464d22f4988SChristoph Paasch msk = mptcp_sk(subflow->conn); 465dc093db5SPaolo Abeni if (!READ_ONCE(msk->can_ack)) { 466d22f4988SChristoph Paasch *size = ALIGN(dss_size, 4); 467d22f4988SChristoph Paasch return ret; 4686d0060f6SMat Martineau } 4696d0060f6SMat Martineau 4706d0060f6SMat Martineau ack_size = TCPOLEN_MPTCP_DSS_ACK64; 4716d0060f6SMat Martineau 4726d0060f6SMat Martineau /* Add kind/length/subtype/flag overhead if mapping is not populated */ 4736d0060f6SMat Martineau if (dss_size == 0) 4746d0060f6SMat Martineau ack_size += TCPOLEN_MPTCP_DSS_BASE; 4756d0060f6SMat Martineau 4766d0060f6SMat Martineau dss_size += ack_size; 4776d0060f6SMat Martineau 478dc093db5SPaolo Abeni opts->ext_copy.data_ack = msk->ack_seq; 4796d0060f6SMat Martineau opts->ext_copy.ack64 = 1; 4806d0060f6SMat Martineau opts->ext_copy.use_ack = 1; 4816d0060f6SMat Martineau 4826d0060f6SMat Martineau *size = ALIGN(dss_size, 4); 4836d0060f6SMat Martineau return true; 4846d0060f6SMat Martineau } 4856d0060f6SMat Martineau 4863df523abSPeter Krystad static u64 add_addr_generate_hmac(u64 key1, u64 key2, u8 addr_id, 4873df523abSPeter Krystad struct in_addr *addr) 4883df523abSPeter Krystad { 4893df523abSPeter Krystad u8 hmac[MPTCP_ADDR_HMAC_LEN]; 4903df523abSPeter Krystad u8 msg[7]; 4913df523abSPeter Krystad 4923df523abSPeter Krystad msg[0] = addr_id; 4933df523abSPeter Krystad memcpy(&msg[1], &addr->s_addr, 4); 4943df523abSPeter Krystad msg[5] = 0; 4953df523abSPeter Krystad msg[6] = 0; 4963df523abSPeter Krystad 4973df523abSPeter Krystad mptcp_crypto_hmac_sha(key1, key2, msg, 7, hmac); 4983df523abSPeter Krystad 4993df523abSPeter Krystad return get_unaligned_be64(hmac); 5003df523abSPeter Krystad } 5013df523abSPeter Krystad 5023df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 5033df523abSPeter Krystad static u64 add_addr6_generate_hmac(u64 key1, u64 key2, u8 addr_id, 5043df523abSPeter Krystad struct in6_addr *addr) 5053df523abSPeter Krystad { 5063df523abSPeter Krystad u8 hmac[MPTCP_ADDR_HMAC_LEN]; 5073df523abSPeter Krystad u8 msg[19]; 5083df523abSPeter Krystad 5093df523abSPeter Krystad msg[0] = addr_id; 5103df523abSPeter Krystad memcpy(&msg[1], &addr->s6_addr, 16); 5113df523abSPeter Krystad msg[17] = 0; 5123df523abSPeter Krystad msg[18] = 0; 5133df523abSPeter Krystad 5143df523abSPeter Krystad mptcp_crypto_hmac_sha(key1, key2, msg, 19, hmac); 5153df523abSPeter Krystad 5163df523abSPeter Krystad return get_unaligned_be64(hmac); 5173df523abSPeter Krystad } 5183df523abSPeter Krystad #endif 5193df523abSPeter Krystad 5203df523abSPeter Krystad static bool mptcp_established_options_addr(struct sock *sk, 5213df523abSPeter Krystad unsigned int *size, 5223df523abSPeter Krystad unsigned int remaining, 5233df523abSPeter Krystad struct mptcp_out_options *opts) 5243df523abSPeter Krystad { 5253df523abSPeter Krystad struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 5263df523abSPeter Krystad struct mptcp_sock *msk = mptcp_sk(subflow->conn); 5271b1c7a0eSPeter Krystad struct mptcp_addr_info saddr; 5281b1c7a0eSPeter Krystad int len; 5293df523abSPeter Krystad 5301b1c7a0eSPeter Krystad if (!mptcp_pm_should_signal(msk) || 5311b1c7a0eSPeter Krystad !(mptcp_pm_addr_signal(msk, remaining, &saddr))) 5323df523abSPeter Krystad return false; 5331b1c7a0eSPeter Krystad 5341b1c7a0eSPeter Krystad len = mptcp_add_addr_len(saddr.family); 5351b1c7a0eSPeter Krystad if (remaining < len) 5361b1c7a0eSPeter Krystad return false; 5371b1c7a0eSPeter Krystad 5381b1c7a0eSPeter Krystad *size = len; 5391b1c7a0eSPeter Krystad opts->addr_id = saddr.id; 5401b1c7a0eSPeter Krystad if (saddr.family == AF_INET) { 5413df523abSPeter Krystad opts->suboptions |= OPTION_MPTCP_ADD_ADDR; 5421b1c7a0eSPeter Krystad opts->addr = saddr.addr; 5433df523abSPeter Krystad opts->ahmac = add_addr_generate_hmac(msk->local_key, 5443df523abSPeter Krystad msk->remote_key, 5453df523abSPeter Krystad opts->addr_id, 5463df523abSPeter Krystad &opts->addr); 5473df523abSPeter Krystad } 5483df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 5491b1c7a0eSPeter Krystad else if (saddr.family == AF_INET6) { 5503df523abSPeter Krystad opts->suboptions |= OPTION_MPTCP_ADD_ADDR6; 5511b1c7a0eSPeter Krystad opts->addr6 = saddr.addr6; 5523df523abSPeter Krystad opts->ahmac = add_addr6_generate_hmac(msk->local_key, 5533df523abSPeter Krystad msk->remote_key, 5543df523abSPeter Krystad opts->addr_id, 5553df523abSPeter Krystad &opts->addr6); 5563df523abSPeter Krystad } 5573df523abSPeter Krystad #endif 5583df523abSPeter Krystad pr_debug("addr_id=%d, ahmac=%llu", opts->addr_id, opts->ahmac); 5593df523abSPeter Krystad 5603df523abSPeter Krystad return true; 5613df523abSPeter Krystad } 5623df523abSPeter Krystad 5636d0060f6SMat Martineau bool mptcp_established_options(struct sock *sk, struct sk_buff *skb, 5646d0060f6SMat Martineau unsigned int *size, unsigned int remaining, 5656d0060f6SMat Martineau struct mptcp_out_options *opts) 5666d0060f6SMat Martineau { 5676d0060f6SMat Martineau unsigned int opt_size = 0; 5686d0060f6SMat Martineau bool ret = false; 5696d0060f6SMat Martineau 5703df523abSPeter Krystad opts->suboptions = 0; 5713df523abSPeter Krystad 572cc7972eaSChristoph Paasch if (mptcp_established_options_mp(sk, skb, &opt_size, remaining, opts)) 5736d0060f6SMat Martineau ret = true; 5746d0060f6SMat Martineau else if (mptcp_established_options_dss(sk, skb, &opt_size, remaining, 5756d0060f6SMat Martineau opts)) 5766d0060f6SMat Martineau ret = true; 5776d0060f6SMat Martineau 5786d0060f6SMat Martineau /* we reserved enough space for the above options, and exceeding the 5796d0060f6SMat Martineau * TCP option space would be fatal 5806d0060f6SMat Martineau */ 5816d0060f6SMat Martineau if (WARN_ON_ONCE(opt_size > remaining)) 5826d0060f6SMat Martineau return false; 5836d0060f6SMat Martineau 5846d0060f6SMat Martineau *size += opt_size; 5856d0060f6SMat Martineau remaining -= opt_size; 5863df523abSPeter Krystad if (mptcp_established_options_addr(sk, &opt_size, remaining, opts)) { 5873df523abSPeter Krystad *size += opt_size; 5883df523abSPeter Krystad remaining -= opt_size; 5893df523abSPeter Krystad ret = true; 5903df523abSPeter Krystad } 5916d0060f6SMat Martineau 5926d0060f6SMat Martineau return ret; 5936d0060f6SMat Martineau } 5946d0060f6SMat Martineau 595cec37a6eSPeter Krystad bool mptcp_synack_options(const struct request_sock *req, unsigned int *size, 596cec37a6eSPeter Krystad struct mptcp_out_options *opts) 597cec37a6eSPeter Krystad { 598cec37a6eSPeter Krystad struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 599cec37a6eSPeter Krystad 600cec37a6eSPeter Krystad if (subflow_req->mp_capable) { 601cec37a6eSPeter Krystad opts->suboptions = OPTION_MPTCP_MPC_SYNACK; 602cec37a6eSPeter Krystad opts->sndr_key = subflow_req->local_key; 603cec37a6eSPeter Krystad *size = TCPOLEN_MPTCP_MPC_SYNACK; 604cec37a6eSPeter Krystad pr_debug("subflow_req=%p, local_key=%llu", 605cec37a6eSPeter Krystad subflow_req, subflow_req->local_key); 606cec37a6eSPeter Krystad return true; 607*f296234cSPeter Krystad } else if (subflow_req->mp_join) { 608*f296234cSPeter Krystad opts->suboptions = OPTION_MPTCP_MPJ_SYNACK; 609*f296234cSPeter Krystad opts->backup = subflow_req->backup; 610*f296234cSPeter Krystad opts->join_id = subflow_req->local_id; 611*f296234cSPeter Krystad opts->thmac = subflow_req->thmac; 612*f296234cSPeter Krystad opts->nonce = subflow_req->local_nonce; 613*f296234cSPeter Krystad pr_debug("req=%p, bkup=%u, id=%u, thmac=%llu, nonce=%u", 614*f296234cSPeter Krystad subflow_req, opts->backup, opts->join_id, 615*f296234cSPeter Krystad opts->thmac, opts->nonce); 616*f296234cSPeter Krystad *size = TCPOLEN_MPTCP_MPJ_SYNACK; 617*f296234cSPeter Krystad return true; 618cec37a6eSPeter Krystad } 619cec37a6eSPeter Krystad return false; 620cec37a6eSPeter Krystad } 621cec37a6eSPeter Krystad 622*f296234cSPeter Krystad static bool check_fully_established(struct mptcp_sock *msk, struct sock *sk, 623*f296234cSPeter Krystad struct mptcp_subflow_context *subflow, 624d22f4988SChristoph Paasch struct sk_buff *skb, 625d22f4988SChristoph Paasch struct mptcp_options_received *mp_opt) 626d22f4988SChristoph Paasch { 627d22f4988SChristoph Paasch /* here we can process OoO, in-window pkts, only in-sequence 4th ack 628*f296234cSPeter Krystad * will make the subflow fully established 629d22f4988SChristoph Paasch */ 630*f296234cSPeter Krystad if (likely(subflow->fully_established)) { 631*f296234cSPeter Krystad /* on passive sockets, check for 3rd ack retransmission 632*f296234cSPeter Krystad * note that msk is always set by subflow_syn_recv_sock() 633*f296234cSPeter Krystad * for mp_join subflows 634*f296234cSPeter Krystad */ 635*f296234cSPeter Krystad if (TCP_SKB_CB(skb)->seq == subflow->ssn_offset + 1 && 636*f296234cSPeter Krystad TCP_SKB_CB(skb)->end_seq == TCP_SKB_CB(skb)->seq && 637*f296234cSPeter Krystad subflow->mp_join && mp_opt->mp_join && 638*f296234cSPeter Krystad READ_ONCE(msk->pm.server_side)) 639*f296234cSPeter Krystad tcp_send_ack(sk); 640*f296234cSPeter Krystad goto fully_established; 641*f296234cSPeter Krystad } 642d22f4988SChristoph Paasch 643*f296234cSPeter Krystad /* we should process OoO packets before the first subflow is fully 644*f296234cSPeter Krystad * established, but not expected for MP_JOIN subflows 645*f296234cSPeter Krystad */ 646*f296234cSPeter Krystad if (TCP_SKB_CB(skb)->seq != subflow->ssn_offset + 1) 647*f296234cSPeter Krystad return subflow->mp_capable; 648*f296234cSPeter Krystad 649*f296234cSPeter Krystad if (mp_opt->use_ack) { 650*f296234cSPeter Krystad /* subflows are fully established as soon as we get any 651*f296234cSPeter Krystad * additional ack. 652*f296234cSPeter Krystad */ 6530be534f5SPaolo Abeni subflow->fully_established = 1; 654*f296234cSPeter Krystad goto fully_established; 655*f296234cSPeter Krystad } 656d22f4988SChristoph Paasch 657*f296234cSPeter Krystad WARN_ON_ONCE(subflow->can_ack); 658d22f4988SChristoph Paasch 659d22f4988SChristoph Paasch /* If the first established packet does not contain MP_CAPABLE + data 660d22f4988SChristoph Paasch * then fallback to TCP 661d22f4988SChristoph Paasch */ 662d22f4988SChristoph Paasch if (!mp_opt->mp_capable) { 663d22f4988SChristoph Paasch subflow->mp_capable = 0; 664*f296234cSPeter Krystad tcp_sk(sk)->is_mptcp = 0; 665d22f4988SChristoph Paasch return false; 666d22f4988SChristoph Paasch } 667*f296234cSPeter Krystad 668*f296234cSPeter Krystad subflow->fully_established = 1; 669d22f4988SChristoph Paasch subflow->remote_key = mp_opt->sndr_key; 670d22f4988SChristoph Paasch subflow->can_ack = 1; 671*f296234cSPeter Krystad 672*f296234cSPeter Krystad fully_established: 673*f296234cSPeter Krystad if (likely(subflow->pm_notified)) 674*f296234cSPeter Krystad return true; 675*f296234cSPeter Krystad 676*f296234cSPeter Krystad subflow->pm_notified = 1; 677*f296234cSPeter Krystad if (subflow->mp_join) 678*f296234cSPeter Krystad mptcp_pm_subflow_established(msk, subflow); 679*f296234cSPeter Krystad else 680*f296234cSPeter Krystad mptcp_pm_fully_established(msk); 681d22f4988SChristoph Paasch return true; 682d22f4988SChristoph Paasch } 683d22f4988SChristoph Paasch 6841b1c7a0eSPeter Krystad static bool add_addr_hmac_valid(struct mptcp_sock *msk, 6851b1c7a0eSPeter Krystad struct mptcp_options_received *mp_opt) 6861b1c7a0eSPeter Krystad { 6871b1c7a0eSPeter Krystad u64 hmac = 0; 6881b1c7a0eSPeter Krystad 6891b1c7a0eSPeter Krystad if (mp_opt->echo) 6901b1c7a0eSPeter Krystad return true; 6911b1c7a0eSPeter Krystad 6921b1c7a0eSPeter Krystad if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) 6931b1c7a0eSPeter Krystad hmac = add_addr_generate_hmac(msk->remote_key, 6941b1c7a0eSPeter Krystad msk->local_key, 6951b1c7a0eSPeter Krystad mp_opt->addr_id, &mp_opt->addr); 6961b1c7a0eSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 6971b1c7a0eSPeter Krystad else 6981b1c7a0eSPeter Krystad hmac = add_addr6_generate_hmac(msk->remote_key, 6991b1c7a0eSPeter Krystad msk->local_key, 7001b1c7a0eSPeter Krystad mp_opt->addr_id, &mp_opt->addr6); 7011b1c7a0eSPeter Krystad #endif 7021b1c7a0eSPeter Krystad 7031b1c7a0eSPeter Krystad pr_debug("msk=%p, ahmac=%llu, mp_opt->ahmac=%llu\n", 7041b1c7a0eSPeter Krystad msk, (unsigned long long)hmac, 7051b1c7a0eSPeter Krystad (unsigned long long)mp_opt->ahmac); 7061b1c7a0eSPeter Krystad 7071b1c7a0eSPeter Krystad return hmac == mp_opt->ahmac; 7081b1c7a0eSPeter Krystad } 7091b1c7a0eSPeter Krystad 710648ef4b8SMat Martineau void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb, 711648ef4b8SMat Martineau struct tcp_options_received *opt_rx) 712648ef4b8SMat Martineau { 713d22f4988SChristoph Paasch struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 7141b1c7a0eSPeter Krystad struct mptcp_sock *msk = mptcp_sk(subflow->conn); 715648ef4b8SMat Martineau struct mptcp_options_received *mp_opt; 716648ef4b8SMat Martineau struct mptcp_ext *mpext; 717648ef4b8SMat Martineau 718648ef4b8SMat Martineau mp_opt = &opt_rx->mptcp; 719*f296234cSPeter Krystad if (!check_fully_established(msk, sk, subflow, skb, mp_opt)) 720d22f4988SChristoph Paasch return; 721648ef4b8SMat Martineau 7221b1c7a0eSPeter Krystad if (mp_opt->add_addr && add_addr_hmac_valid(msk, mp_opt)) { 7231b1c7a0eSPeter Krystad struct mptcp_addr_info addr; 7241b1c7a0eSPeter Krystad 7251b1c7a0eSPeter Krystad addr.port = htons(mp_opt->port); 7261b1c7a0eSPeter Krystad addr.id = mp_opt->addr_id; 7271b1c7a0eSPeter Krystad if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) { 7281b1c7a0eSPeter Krystad addr.family = AF_INET; 7291b1c7a0eSPeter Krystad addr.addr = mp_opt->addr; 7301b1c7a0eSPeter Krystad } 7311b1c7a0eSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 7321b1c7a0eSPeter Krystad else if (mp_opt->family == MPTCP_ADDR_IPVERSION_6) { 7331b1c7a0eSPeter Krystad addr.family = AF_INET6; 7341b1c7a0eSPeter Krystad addr.addr6 = mp_opt->addr6; 7351b1c7a0eSPeter Krystad } 7361b1c7a0eSPeter Krystad #endif 7371b1c7a0eSPeter Krystad if (!mp_opt->echo) 7381b1c7a0eSPeter Krystad mptcp_pm_add_addr_received(msk, &addr); 7391b1c7a0eSPeter Krystad mp_opt->add_addr = 0; 7401b1c7a0eSPeter Krystad } 7411b1c7a0eSPeter Krystad 742648ef4b8SMat Martineau if (!mp_opt->dss) 743648ef4b8SMat Martineau return; 744648ef4b8SMat Martineau 745648ef4b8SMat Martineau mpext = skb_ext_add(skb, SKB_EXT_MPTCP); 746648ef4b8SMat Martineau if (!mpext) 747648ef4b8SMat Martineau return; 748648ef4b8SMat Martineau 749648ef4b8SMat Martineau memset(mpext, 0, sizeof(*mpext)); 750648ef4b8SMat Martineau 751648ef4b8SMat Martineau if (mp_opt->use_map) { 752cc7972eaSChristoph Paasch if (mp_opt->mpc_map) { 753cc7972eaSChristoph Paasch /* this is an MP_CAPABLE carrying MPTCP data 754cc7972eaSChristoph Paasch * we know this map the first chunk of data 755cc7972eaSChristoph Paasch */ 756cc7972eaSChristoph Paasch mptcp_crypto_key_sha(subflow->remote_key, NULL, 757cc7972eaSChristoph Paasch &mpext->data_seq); 758cc7972eaSChristoph Paasch mpext->data_seq++; 759cc7972eaSChristoph Paasch mpext->subflow_seq = 1; 760cc7972eaSChristoph Paasch mpext->dsn64 = 1; 761cc7972eaSChristoph Paasch mpext->mpc_map = 1; 762cc7972eaSChristoph Paasch } else { 763648ef4b8SMat Martineau mpext->data_seq = mp_opt->data_seq; 764648ef4b8SMat Martineau mpext->subflow_seq = mp_opt->subflow_seq; 765cc7972eaSChristoph Paasch mpext->dsn64 = mp_opt->dsn64; 766cc7972eaSChristoph Paasch } 767648ef4b8SMat Martineau mpext->data_len = mp_opt->data_len; 768648ef4b8SMat Martineau mpext->use_map = 1; 769648ef4b8SMat Martineau } 770648ef4b8SMat Martineau 771648ef4b8SMat Martineau if (mp_opt->use_ack) { 772648ef4b8SMat Martineau mpext->data_ack = mp_opt->data_ack; 773648ef4b8SMat Martineau mpext->use_ack = 1; 774648ef4b8SMat Martineau mpext->ack64 = mp_opt->ack64; 775648ef4b8SMat Martineau } 776648ef4b8SMat Martineau 777648ef4b8SMat Martineau mpext->data_fin = mp_opt->data_fin; 778648ef4b8SMat Martineau } 779648ef4b8SMat Martineau 780eda7acddSPeter Krystad void mptcp_write_options(__be32 *ptr, struct mptcp_out_options *opts) 781eda7acddSPeter Krystad { 782cc7972eaSChristoph Paasch if ((OPTION_MPTCP_MPC_SYN | OPTION_MPTCP_MPC_SYNACK | 783eda7acddSPeter Krystad OPTION_MPTCP_MPC_ACK) & opts->suboptions) { 784eda7acddSPeter Krystad u8 len; 785eda7acddSPeter Krystad 786eda7acddSPeter Krystad if (OPTION_MPTCP_MPC_SYN & opts->suboptions) 787eda7acddSPeter Krystad len = TCPOLEN_MPTCP_MPC_SYN; 788cec37a6eSPeter Krystad else if (OPTION_MPTCP_MPC_SYNACK & opts->suboptions) 789cec37a6eSPeter Krystad len = TCPOLEN_MPTCP_MPC_SYNACK; 790cc7972eaSChristoph Paasch else if (opts->ext_copy.data_len) 791cc7972eaSChristoph Paasch len = TCPOLEN_MPTCP_MPC_ACK_DATA; 792eda7acddSPeter Krystad else 793eda7acddSPeter Krystad len = TCPOLEN_MPTCP_MPC_ACK; 794eda7acddSPeter Krystad 7953df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_MP_CAPABLE, len, 7963df523abSPeter Krystad MPTCP_SUPPORTED_VERSION, 79765492c5aSPaolo Abeni MPTCP_CAP_HMAC_SHA256); 798cc7972eaSChristoph Paasch 799cc7972eaSChristoph Paasch if (!((OPTION_MPTCP_MPC_SYNACK | OPTION_MPTCP_MPC_ACK) & 800cc7972eaSChristoph Paasch opts->suboptions)) 801cc7972eaSChristoph Paasch goto mp_capable_done; 802cc7972eaSChristoph Paasch 803eda7acddSPeter Krystad put_unaligned_be64(opts->sndr_key, ptr); 804eda7acddSPeter Krystad ptr += 2; 805cc7972eaSChristoph Paasch if (!((OPTION_MPTCP_MPC_ACK) & opts->suboptions)) 806cc7972eaSChristoph Paasch goto mp_capable_done; 807cc7972eaSChristoph Paasch 808eda7acddSPeter Krystad put_unaligned_be64(opts->rcvr_key, ptr); 809eda7acddSPeter Krystad ptr += 2; 810cc7972eaSChristoph Paasch if (!opts->ext_copy.data_len) 811cc7972eaSChristoph Paasch goto mp_capable_done; 812cc7972eaSChristoph Paasch 813cc7972eaSChristoph Paasch put_unaligned_be32(opts->ext_copy.data_len << 16 | 814cc7972eaSChristoph Paasch TCPOPT_NOP << 8 | TCPOPT_NOP, ptr); 815cc7972eaSChristoph Paasch ptr += 1; 816eda7acddSPeter Krystad } 8176d0060f6SMat Martineau 818cc7972eaSChristoph Paasch mp_capable_done: 8193df523abSPeter Krystad if (OPTION_MPTCP_ADD_ADDR & opts->suboptions) { 8203df523abSPeter Krystad if (opts->ahmac) 8213df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR, 8223df523abSPeter Krystad TCPOLEN_MPTCP_ADD_ADDR, 0, 8233df523abSPeter Krystad opts->addr_id); 8243df523abSPeter Krystad else 8253df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR, 8263df523abSPeter Krystad TCPOLEN_MPTCP_ADD_ADDR_BASE, 8273df523abSPeter Krystad MPTCP_ADDR_ECHO, 8283df523abSPeter Krystad opts->addr_id); 8293df523abSPeter Krystad memcpy((u8 *)ptr, (u8 *)&opts->addr.s_addr, 4); 8303df523abSPeter Krystad ptr += 1; 8313df523abSPeter Krystad if (opts->ahmac) { 8323df523abSPeter Krystad put_unaligned_be64(opts->ahmac, ptr); 8333df523abSPeter Krystad ptr += 2; 8343df523abSPeter Krystad } 8353df523abSPeter Krystad } 8363df523abSPeter Krystad 8373df523abSPeter Krystad #if IS_ENABLED(CONFIG_MPTCP_IPV6) 8383df523abSPeter Krystad if (OPTION_MPTCP_ADD_ADDR6 & opts->suboptions) { 8393df523abSPeter Krystad if (opts->ahmac) 8403df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR, 8413df523abSPeter Krystad TCPOLEN_MPTCP_ADD_ADDR6, 0, 8423df523abSPeter Krystad opts->addr_id); 8433df523abSPeter Krystad else 8443df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR, 8453df523abSPeter Krystad TCPOLEN_MPTCP_ADD_ADDR6_BASE, 8463df523abSPeter Krystad MPTCP_ADDR_ECHO, 8473df523abSPeter Krystad opts->addr_id); 8483df523abSPeter Krystad memcpy((u8 *)ptr, opts->addr6.s6_addr, 16); 8493df523abSPeter Krystad ptr += 4; 8503df523abSPeter Krystad if (opts->ahmac) { 8513df523abSPeter Krystad put_unaligned_be64(opts->ahmac, ptr); 8523df523abSPeter Krystad ptr += 2; 8533df523abSPeter Krystad } 8543df523abSPeter Krystad } 8553df523abSPeter Krystad #endif 8563df523abSPeter Krystad 8573df523abSPeter Krystad if (OPTION_MPTCP_RM_ADDR & opts->suboptions) { 8583df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_RM_ADDR, 8593df523abSPeter Krystad TCPOLEN_MPTCP_RM_ADDR_BASE, 8603df523abSPeter Krystad 0, opts->rm_id); 8613df523abSPeter Krystad } 8623df523abSPeter Krystad 863*f296234cSPeter Krystad if (OPTION_MPTCP_MPJ_SYNACK & opts->suboptions) { 864*f296234cSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN, 865*f296234cSPeter Krystad TCPOLEN_MPTCP_MPJ_SYNACK, 866*f296234cSPeter Krystad opts->backup, opts->join_id); 867*f296234cSPeter Krystad put_unaligned_be64(opts->thmac, ptr); 868*f296234cSPeter Krystad ptr += 2; 869*f296234cSPeter Krystad put_unaligned_be32(opts->nonce, ptr); 870*f296234cSPeter Krystad ptr += 1; 871*f296234cSPeter Krystad } 872*f296234cSPeter Krystad 8736d0060f6SMat Martineau if (opts->ext_copy.use_ack || opts->ext_copy.use_map) { 8746d0060f6SMat Martineau struct mptcp_ext *mpext = &opts->ext_copy; 8756d0060f6SMat Martineau u8 len = TCPOLEN_MPTCP_DSS_BASE; 8766d0060f6SMat Martineau u8 flags = 0; 8776d0060f6SMat Martineau 8786d0060f6SMat Martineau if (mpext->use_ack) { 8796d0060f6SMat Martineau len += TCPOLEN_MPTCP_DSS_ACK64; 8806d0060f6SMat Martineau flags = MPTCP_DSS_HAS_ACK | MPTCP_DSS_ACK64; 8816d0060f6SMat Martineau } 8826d0060f6SMat Martineau 8836d0060f6SMat Martineau if (mpext->use_map) { 8846d0060f6SMat Martineau len += TCPOLEN_MPTCP_DSS_MAP64; 8856d0060f6SMat Martineau 8866d0060f6SMat Martineau /* Use only 64-bit mapping flags for now, add 8876d0060f6SMat Martineau * support for optional 32-bit mappings later. 8886d0060f6SMat Martineau */ 8896d0060f6SMat Martineau flags |= MPTCP_DSS_HAS_MAP | MPTCP_DSS_DSN64; 8906d0060f6SMat Martineau if (mpext->data_fin) 8916d0060f6SMat Martineau flags |= MPTCP_DSS_DATA_FIN; 8926d0060f6SMat Martineau } 8936d0060f6SMat Martineau 8943df523abSPeter Krystad *ptr++ = mptcp_option(MPTCPOPT_DSS, len, 0, flags); 8956d0060f6SMat Martineau 8966d0060f6SMat Martineau if (mpext->use_ack) { 8976d0060f6SMat Martineau put_unaligned_be64(mpext->data_ack, ptr); 8986d0060f6SMat Martineau ptr += 2; 8996d0060f6SMat Martineau } 9006d0060f6SMat Martineau 9016d0060f6SMat Martineau if (mpext->use_map) { 9026d0060f6SMat Martineau put_unaligned_be64(mpext->data_seq, ptr); 9036d0060f6SMat Martineau ptr += 2; 9046d0060f6SMat Martineau put_unaligned_be32(mpext->subflow_seq, ptr); 9056d0060f6SMat Martineau ptr += 1; 9066d0060f6SMat Martineau put_unaligned_be32(mpext->data_len << 16 | 9076d0060f6SMat Martineau TCPOPT_NOP << 8 | TCPOPT_NOP, ptr); 9086d0060f6SMat Martineau } 9096d0060f6SMat Martineau } 910eda7acddSPeter Krystad } 911