1 // SPDX-License-Identifier: GPL-2.0 2 /* Multipath TCP 3 * 4 * Copyright (c) 2017 - 2019, Intel Corporation. 5 */ 6 7 #define pr_fmt(fmt) "MPTCP: " fmt 8 9 #include <linux/kernel.h> 10 #include <crypto/sha2.h> 11 #include <net/tcp.h> 12 #include <net/mptcp.h> 13 #include "protocol.h" 14 #include "mib.h" 15 16 static bool mptcp_cap_flag_sha256(u8 flags) 17 { 18 return (flags & MPTCP_CAP_FLAG_MASK) == MPTCP_CAP_HMAC_SHA256; 19 } 20 21 static void mptcp_parse_option(const struct sk_buff *skb, 22 const unsigned char *ptr, int opsize, 23 struct mptcp_options_received *mp_opt) 24 { 25 u8 subtype = *ptr >> 4; 26 int expected_opsize; 27 u8 version; 28 u8 flags; 29 30 switch (subtype) { 31 case MPTCPOPT_MP_CAPABLE: 32 /* strict size checking */ 33 if (!(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)) { 34 if (skb->len > tcp_hdr(skb)->doff << 2) 35 expected_opsize = TCPOLEN_MPTCP_MPC_ACK_DATA; 36 else 37 expected_opsize = TCPOLEN_MPTCP_MPC_ACK; 38 } else { 39 if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_ACK) 40 expected_opsize = TCPOLEN_MPTCP_MPC_SYNACK; 41 else 42 expected_opsize = TCPOLEN_MPTCP_MPC_SYN; 43 } 44 if (opsize != expected_opsize) 45 break; 46 47 /* try to be gentle vs future versions on the initial syn */ 48 version = *ptr++ & MPTCP_VERSION_MASK; 49 if (opsize != TCPOLEN_MPTCP_MPC_SYN) { 50 if (version != MPTCP_SUPPORTED_VERSION) 51 break; 52 } else if (version < MPTCP_SUPPORTED_VERSION) { 53 break; 54 } 55 56 flags = *ptr++; 57 if (!mptcp_cap_flag_sha256(flags) || 58 (flags & MPTCP_CAP_EXTENSIBILITY)) 59 break; 60 61 /* RFC 6824, Section 3.1: 62 * "For the Checksum Required bit (labeled "A"), if either 63 * host requires the use of checksums, checksums MUST be used. 64 * In other words, the only way for checksums not to be used 65 * is if both hosts in their SYNs set A=0." 66 * 67 * Section 3.3.0: 68 * "If a checksum is not present when its use has been 69 * negotiated, the receiver MUST close the subflow with a RST as 70 * it is considered broken." 71 * 72 * We don't implement DSS checksum - fall back to TCP. 73 */ 74 if (flags & MPTCP_CAP_CHECKSUM_REQD) 75 break; 76 77 mp_opt->mp_capable = 1; 78 if (opsize >= TCPOLEN_MPTCP_MPC_SYNACK) { 79 mp_opt->sndr_key = get_unaligned_be64(ptr); 80 ptr += 8; 81 } 82 if (opsize >= TCPOLEN_MPTCP_MPC_ACK) { 83 mp_opt->rcvr_key = get_unaligned_be64(ptr); 84 ptr += 8; 85 } 86 if (opsize == TCPOLEN_MPTCP_MPC_ACK_DATA) { 87 /* Section 3.1.: 88 * "the data parameters in a MP_CAPABLE are semantically 89 * equivalent to those in a DSS option and can be used 90 * interchangeably." 91 */ 92 mp_opt->dss = 1; 93 mp_opt->use_map = 1; 94 mp_opt->mpc_map = 1; 95 mp_opt->data_len = get_unaligned_be16(ptr); 96 ptr += 2; 97 } 98 pr_debug("MP_CAPABLE version=%x, flags=%x, optlen=%d sndr=%llu, rcvr=%llu len=%d", 99 version, flags, opsize, mp_opt->sndr_key, 100 mp_opt->rcvr_key, mp_opt->data_len); 101 break; 102 103 case MPTCPOPT_MP_JOIN: 104 mp_opt->mp_join = 1; 105 if (opsize == TCPOLEN_MPTCP_MPJ_SYN) { 106 mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP; 107 mp_opt->join_id = *ptr++; 108 mp_opt->token = get_unaligned_be32(ptr); 109 ptr += 4; 110 mp_opt->nonce = get_unaligned_be32(ptr); 111 ptr += 4; 112 pr_debug("MP_JOIN bkup=%u, id=%u, token=%u, nonce=%u", 113 mp_opt->backup, mp_opt->join_id, 114 mp_opt->token, mp_opt->nonce); 115 } else if (opsize == TCPOLEN_MPTCP_MPJ_SYNACK) { 116 mp_opt->backup = *ptr++ & MPTCPOPT_BACKUP; 117 mp_opt->join_id = *ptr++; 118 mp_opt->thmac = get_unaligned_be64(ptr); 119 ptr += 8; 120 mp_opt->nonce = get_unaligned_be32(ptr); 121 ptr += 4; 122 pr_debug("MP_JOIN bkup=%u, id=%u, thmac=%llu, nonce=%u", 123 mp_opt->backup, mp_opt->join_id, 124 mp_opt->thmac, mp_opt->nonce); 125 } else if (opsize == TCPOLEN_MPTCP_MPJ_ACK) { 126 ptr += 2; 127 memcpy(mp_opt->hmac, ptr, MPTCPOPT_HMAC_LEN); 128 pr_debug("MP_JOIN hmac"); 129 } else { 130 pr_warn("MP_JOIN bad option size"); 131 mp_opt->mp_join = 0; 132 } 133 break; 134 135 case MPTCPOPT_DSS: 136 pr_debug("DSS"); 137 ptr++; 138 139 /* we must clear 'mpc_map' be able to detect MP_CAPABLE 140 * map vs DSS map in mptcp_incoming_options(), and reconstruct 141 * map info accordingly 142 */ 143 mp_opt->mpc_map = 0; 144 flags = (*ptr++) & MPTCP_DSS_FLAG_MASK; 145 mp_opt->data_fin = (flags & MPTCP_DSS_DATA_FIN) != 0; 146 mp_opt->dsn64 = (flags & MPTCP_DSS_DSN64) != 0; 147 mp_opt->use_map = (flags & MPTCP_DSS_HAS_MAP) != 0; 148 mp_opt->ack64 = (flags & MPTCP_DSS_ACK64) != 0; 149 mp_opt->use_ack = (flags & MPTCP_DSS_HAS_ACK); 150 151 pr_debug("data_fin=%d dsn64=%d use_map=%d ack64=%d use_ack=%d", 152 mp_opt->data_fin, mp_opt->dsn64, 153 mp_opt->use_map, mp_opt->ack64, 154 mp_opt->use_ack); 155 156 expected_opsize = TCPOLEN_MPTCP_DSS_BASE; 157 158 if (mp_opt->use_ack) { 159 if (mp_opt->ack64) 160 expected_opsize += TCPOLEN_MPTCP_DSS_ACK64; 161 else 162 expected_opsize += TCPOLEN_MPTCP_DSS_ACK32; 163 } 164 165 if (mp_opt->use_map) { 166 if (mp_opt->dsn64) 167 expected_opsize += TCPOLEN_MPTCP_DSS_MAP64; 168 else 169 expected_opsize += TCPOLEN_MPTCP_DSS_MAP32; 170 } 171 172 /* RFC 6824, Section 3.3: 173 * If a checksum is present, but its use had 174 * not been negotiated in the MP_CAPABLE handshake, 175 * the checksum field MUST be ignored. 176 */ 177 if (opsize != expected_opsize && 178 opsize != expected_opsize + TCPOLEN_MPTCP_DSS_CHECKSUM) 179 break; 180 181 mp_opt->dss = 1; 182 183 if (mp_opt->use_ack) { 184 if (mp_opt->ack64) { 185 mp_opt->data_ack = get_unaligned_be64(ptr); 186 ptr += 8; 187 } else { 188 mp_opt->data_ack = get_unaligned_be32(ptr); 189 ptr += 4; 190 } 191 192 pr_debug("data_ack=%llu", mp_opt->data_ack); 193 } 194 195 if (mp_opt->use_map) { 196 if (mp_opt->dsn64) { 197 mp_opt->data_seq = get_unaligned_be64(ptr); 198 ptr += 8; 199 } else { 200 mp_opt->data_seq = get_unaligned_be32(ptr); 201 ptr += 4; 202 } 203 204 mp_opt->subflow_seq = get_unaligned_be32(ptr); 205 ptr += 4; 206 207 mp_opt->data_len = get_unaligned_be16(ptr); 208 ptr += 2; 209 210 pr_debug("data_seq=%llu subflow_seq=%u data_len=%u", 211 mp_opt->data_seq, mp_opt->subflow_seq, 212 mp_opt->data_len); 213 } 214 215 break; 216 217 case MPTCPOPT_ADD_ADDR: 218 mp_opt->echo = (*ptr++) & MPTCP_ADDR_ECHO; 219 if (!mp_opt->echo) { 220 if (opsize == TCPOLEN_MPTCP_ADD_ADDR || 221 opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT) 222 mp_opt->family = MPTCP_ADDR_IPVERSION_4; 223 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 224 else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6 || 225 opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT) 226 mp_opt->family = MPTCP_ADDR_IPVERSION_6; 227 #endif 228 else 229 break; 230 } else { 231 if (opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE || 232 opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT) 233 mp_opt->family = MPTCP_ADDR_IPVERSION_4; 234 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 235 else if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE || 236 opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT) 237 mp_opt->family = MPTCP_ADDR_IPVERSION_6; 238 #endif 239 else 240 break; 241 } 242 243 mp_opt->add_addr = 1; 244 mp_opt->addr_id = *ptr++; 245 if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) { 246 memcpy((u8 *)&mp_opt->addr.s_addr, (u8 *)ptr, 4); 247 ptr += 4; 248 if (opsize == TCPOLEN_MPTCP_ADD_ADDR_PORT || 249 opsize == TCPOLEN_MPTCP_ADD_ADDR_BASE_PORT) { 250 mp_opt->port = get_unaligned_be16(ptr); 251 ptr += 2; 252 } 253 } 254 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 255 else { 256 memcpy(mp_opt->addr6.s6_addr, (u8 *)ptr, 16); 257 ptr += 16; 258 if (opsize == TCPOLEN_MPTCP_ADD_ADDR6_PORT || 259 opsize == TCPOLEN_MPTCP_ADD_ADDR6_BASE_PORT) { 260 mp_opt->port = get_unaligned_be16(ptr); 261 ptr += 2; 262 } 263 } 264 #endif 265 if (!mp_opt->echo) { 266 mp_opt->ahmac = get_unaligned_be64(ptr); 267 ptr += 8; 268 } 269 pr_debug("ADD_ADDR%s: id=%d, ahmac=%llu, echo=%d, port=%d", 270 (mp_opt->family == MPTCP_ADDR_IPVERSION_6) ? "6" : "", 271 mp_opt->addr_id, mp_opt->ahmac, mp_opt->echo, mp_opt->port); 272 break; 273 274 case MPTCPOPT_RM_ADDR: 275 if (opsize != TCPOLEN_MPTCP_RM_ADDR_BASE) 276 break; 277 278 ptr++; 279 280 mp_opt->rm_addr = 1; 281 mp_opt->rm_id = *ptr++; 282 pr_debug("RM_ADDR: id=%d", mp_opt->rm_id); 283 break; 284 285 case MPTCPOPT_MP_PRIO: 286 if (opsize != TCPOLEN_MPTCP_PRIO) 287 break; 288 289 mp_opt->mp_prio = 1; 290 mp_opt->backup = *ptr++ & MPTCP_PRIO_BKUP; 291 pr_debug("MP_PRIO: prio=%d", mp_opt->backup); 292 break; 293 294 case MPTCPOPT_MP_FASTCLOSE: 295 if (opsize != TCPOLEN_MPTCP_FASTCLOSE) 296 break; 297 298 ptr += 2; 299 mp_opt->rcvr_key = get_unaligned_be64(ptr); 300 ptr += 8; 301 mp_opt->fastclose = 1; 302 break; 303 304 default: 305 break; 306 } 307 } 308 309 void mptcp_get_options(const struct sk_buff *skb, 310 struct mptcp_options_received *mp_opt) 311 { 312 const struct tcphdr *th = tcp_hdr(skb); 313 const unsigned char *ptr; 314 int length; 315 316 /* initialize option status */ 317 mp_opt->mp_capable = 0; 318 mp_opt->mp_join = 0; 319 mp_opt->add_addr = 0; 320 mp_opt->ahmac = 0; 321 mp_opt->fastclose = 0; 322 mp_opt->port = 0; 323 mp_opt->rm_addr = 0; 324 mp_opt->dss = 0; 325 mp_opt->mp_prio = 0; 326 327 length = (th->doff * 4) - sizeof(struct tcphdr); 328 ptr = (const unsigned char *)(th + 1); 329 330 while (length > 0) { 331 int opcode = *ptr++; 332 int opsize; 333 334 switch (opcode) { 335 case TCPOPT_EOL: 336 return; 337 case TCPOPT_NOP: /* Ref: RFC 793 section 3.1 */ 338 length--; 339 continue; 340 default: 341 opsize = *ptr++; 342 if (opsize < 2) /* "silly options" */ 343 return; 344 if (opsize > length) 345 return; /* don't parse partial options */ 346 if (opcode == TCPOPT_MPTCP) 347 mptcp_parse_option(skb, ptr, opsize, mp_opt); 348 ptr += opsize - 2; 349 length -= opsize; 350 } 351 } 352 } 353 354 bool mptcp_syn_options(struct sock *sk, const struct sk_buff *skb, 355 unsigned int *size, struct mptcp_out_options *opts) 356 { 357 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 358 359 /* we will use snd_isn to detect first pkt [re]transmission 360 * in mptcp_established_options_mp() 361 */ 362 subflow->snd_isn = TCP_SKB_CB(skb)->end_seq; 363 if (subflow->request_mptcp) { 364 opts->suboptions = OPTION_MPTCP_MPC_SYN; 365 *size = TCPOLEN_MPTCP_MPC_SYN; 366 return true; 367 } else if (subflow->request_join) { 368 pr_debug("remote_token=%u, nonce=%u", subflow->remote_token, 369 subflow->local_nonce); 370 opts->suboptions = OPTION_MPTCP_MPJ_SYN; 371 opts->join_id = subflow->local_id; 372 opts->token = subflow->remote_token; 373 opts->nonce = subflow->local_nonce; 374 opts->backup = subflow->request_bkup; 375 *size = TCPOLEN_MPTCP_MPJ_SYN; 376 return true; 377 } 378 return false; 379 } 380 381 /* MP_JOIN client subflow must wait for 4th ack before sending any data: 382 * TCP can't schedule delack timer before the subflow is fully established. 383 * MPTCP uses the delack timer to do 3rd ack retransmissions 384 */ 385 static void schedule_3rdack_retransmission(struct sock *sk) 386 { 387 struct inet_connection_sock *icsk = inet_csk(sk); 388 struct tcp_sock *tp = tcp_sk(sk); 389 unsigned long timeout; 390 391 /* reschedule with a timeout above RTT, as we must look only for drop */ 392 if (tp->srtt_us) 393 timeout = tp->srtt_us << 1; 394 else 395 timeout = TCP_TIMEOUT_INIT; 396 397 WARN_ON_ONCE(icsk->icsk_ack.pending & ICSK_ACK_TIMER); 398 icsk->icsk_ack.pending |= ICSK_ACK_SCHED | ICSK_ACK_TIMER; 399 icsk->icsk_ack.timeout = timeout; 400 sk_reset_timer(sk, &icsk->icsk_delack_timer, timeout); 401 } 402 403 static void clear_3rdack_retransmission(struct sock *sk) 404 { 405 struct inet_connection_sock *icsk = inet_csk(sk); 406 407 sk_stop_timer(sk, &icsk->icsk_delack_timer); 408 icsk->icsk_ack.timeout = 0; 409 icsk->icsk_ack.ato = 0; 410 icsk->icsk_ack.pending &= ~(ICSK_ACK_SCHED | ICSK_ACK_TIMER); 411 } 412 413 static bool mptcp_established_options_mp(struct sock *sk, struct sk_buff *skb, 414 unsigned int *size, 415 unsigned int remaining, 416 struct mptcp_out_options *opts) 417 { 418 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 419 struct mptcp_ext *mpext; 420 unsigned int data_len; 421 422 /* When skb is not available, we better over-estimate the emitted 423 * options len. A full DSS option (28 bytes) is longer than 424 * TCPOLEN_MPTCP_MPC_ACK_DATA(22) or TCPOLEN_MPTCP_MPJ_ACK(24), so 425 * tell the caller to defer the estimate to 426 * mptcp_established_options_dss(), which will reserve enough space. 427 */ 428 if (!skb) 429 return false; 430 431 /* MPC/MPJ needed only on 3rd ack packet */ 432 if (subflow->fully_established || 433 subflow->snd_isn != TCP_SKB_CB(skb)->seq) 434 return false; 435 436 if (subflow->mp_capable) { 437 mpext = mptcp_get_ext(skb); 438 data_len = mpext ? mpext->data_len : 0; 439 440 /* we will check ext_copy.data_len in mptcp_write_options() to 441 * discriminate between TCPOLEN_MPTCP_MPC_ACK_DATA and 442 * TCPOLEN_MPTCP_MPC_ACK 443 */ 444 opts->ext_copy.data_len = data_len; 445 opts->suboptions = OPTION_MPTCP_MPC_ACK; 446 opts->sndr_key = subflow->local_key; 447 opts->rcvr_key = subflow->remote_key; 448 449 /* Section 3.1. 450 * The MP_CAPABLE option is carried on the SYN, SYN/ACK, and ACK 451 * packets that start the first subflow of an MPTCP connection, 452 * as well as the first packet that carries data 453 */ 454 if (data_len > 0) 455 *size = ALIGN(TCPOLEN_MPTCP_MPC_ACK_DATA, 4); 456 else 457 *size = TCPOLEN_MPTCP_MPC_ACK; 458 459 pr_debug("subflow=%p, local_key=%llu, remote_key=%llu map_len=%d", 460 subflow, subflow->local_key, subflow->remote_key, 461 data_len); 462 463 return true; 464 } else if (subflow->mp_join) { 465 opts->suboptions = OPTION_MPTCP_MPJ_ACK; 466 memcpy(opts->hmac, subflow->hmac, MPTCPOPT_HMAC_LEN); 467 *size = TCPOLEN_MPTCP_MPJ_ACK; 468 pr_debug("subflow=%p", subflow); 469 470 schedule_3rdack_retransmission(sk); 471 return true; 472 } 473 return false; 474 } 475 476 static void mptcp_write_data_fin(struct mptcp_subflow_context *subflow, 477 struct sk_buff *skb, struct mptcp_ext *ext) 478 { 479 /* The write_seq value has already been incremented, so the actual 480 * sequence number for the DATA_FIN is one less. 481 */ 482 u64 data_fin_tx_seq = READ_ONCE(mptcp_sk(subflow->conn)->write_seq) - 1; 483 484 if (!ext->use_map || !skb->len) { 485 /* RFC6824 requires a DSS mapping with specific values 486 * if DATA_FIN is set but no data payload is mapped 487 */ 488 ext->data_fin = 1; 489 ext->use_map = 1; 490 ext->dsn64 = 1; 491 ext->data_seq = data_fin_tx_seq; 492 ext->subflow_seq = 0; 493 ext->data_len = 1; 494 } else if (ext->data_seq + ext->data_len == data_fin_tx_seq) { 495 /* If there's an existing DSS mapping and it is the 496 * final mapping, DATA_FIN consumes 1 additional byte of 497 * mapping space. 498 */ 499 ext->data_fin = 1; 500 ext->data_len++; 501 } 502 } 503 504 static bool mptcp_established_options_dss(struct sock *sk, struct sk_buff *skb, 505 unsigned int *size, 506 unsigned int remaining, 507 struct mptcp_out_options *opts) 508 { 509 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 510 struct mptcp_sock *msk = mptcp_sk(subflow->conn); 511 u64 snd_data_fin_enable, ack_seq; 512 unsigned int dss_size = 0; 513 struct mptcp_ext *mpext; 514 unsigned int ack_size; 515 bool ret = false; 516 517 mpext = skb ? mptcp_get_ext(skb) : NULL; 518 snd_data_fin_enable = mptcp_data_fin_enabled(msk); 519 520 if (!skb || (mpext && mpext->use_map) || snd_data_fin_enable) { 521 unsigned int map_size; 522 523 map_size = TCPOLEN_MPTCP_DSS_BASE + TCPOLEN_MPTCP_DSS_MAP64; 524 525 remaining -= map_size; 526 dss_size = map_size; 527 if (mpext) 528 opts->ext_copy = *mpext; 529 530 if (skb && snd_data_fin_enable) 531 mptcp_write_data_fin(subflow, skb, &opts->ext_copy); 532 ret = true; 533 } 534 535 /* passive sockets msk will set the 'can_ack' after accept(), even 536 * if the first subflow may have the already the remote key handy 537 */ 538 opts->ext_copy.use_ack = 0; 539 if (!READ_ONCE(msk->can_ack)) { 540 *size = ALIGN(dss_size, 4); 541 return ret; 542 } 543 544 ack_seq = READ_ONCE(msk->ack_seq); 545 if (READ_ONCE(msk->use_64bit_ack)) { 546 ack_size = TCPOLEN_MPTCP_DSS_ACK64; 547 opts->ext_copy.data_ack = ack_seq; 548 opts->ext_copy.ack64 = 1; 549 } else { 550 ack_size = TCPOLEN_MPTCP_DSS_ACK32; 551 opts->ext_copy.data_ack32 = (uint32_t)ack_seq; 552 opts->ext_copy.ack64 = 0; 553 } 554 opts->ext_copy.use_ack = 1; 555 WRITE_ONCE(msk->old_wspace, __mptcp_space((struct sock *)msk)); 556 557 /* Add kind/length/subtype/flag overhead if mapping is not populated */ 558 if (dss_size == 0) 559 ack_size += TCPOLEN_MPTCP_DSS_BASE; 560 561 dss_size += ack_size; 562 563 *size = ALIGN(dss_size, 4); 564 return true; 565 } 566 567 static u64 add_addr_generate_hmac(u64 key1, u64 key2, u8 addr_id, 568 struct in_addr *addr) 569 { 570 u8 hmac[SHA256_DIGEST_SIZE]; 571 u8 msg[7]; 572 573 msg[0] = addr_id; 574 memcpy(&msg[1], &addr->s_addr, 4); 575 msg[5] = 0; 576 msg[6] = 0; 577 578 mptcp_crypto_hmac_sha(key1, key2, msg, 7, hmac); 579 580 return get_unaligned_be64(&hmac[SHA256_DIGEST_SIZE - sizeof(u64)]); 581 } 582 583 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 584 static u64 add_addr6_generate_hmac(u64 key1, u64 key2, u8 addr_id, 585 struct in6_addr *addr) 586 { 587 u8 hmac[SHA256_DIGEST_SIZE]; 588 u8 msg[19]; 589 590 msg[0] = addr_id; 591 memcpy(&msg[1], &addr->s6_addr, 16); 592 msg[17] = 0; 593 msg[18] = 0; 594 595 mptcp_crypto_hmac_sha(key1, key2, msg, 19, hmac); 596 597 return get_unaligned_be64(&hmac[SHA256_DIGEST_SIZE - sizeof(u64)]); 598 } 599 #endif 600 601 static bool mptcp_established_options_add_addr(struct sock *sk, struct sk_buff *skb, 602 unsigned int *size, 603 unsigned int remaining, 604 struct mptcp_out_options *opts) 605 { 606 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 607 struct mptcp_sock *msk = mptcp_sk(subflow->conn); 608 bool drop_other_suboptions = false; 609 unsigned int opt_size = *size; 610 struct mptcp_addr_info saddr; 611 bool echo; 612 bool port; 613 int len; 614 615 if ((mptcp_pm_should_add_signal_ipv6(msk) || 616 mptcp_pm_should_add_signal_port(msk)) && 617 skb && skb_is_tcp_pure_ack(skb)) { 618 pr_debug("drop other suboptions"); 619 opts->suboptions = 0; 620 opts->ext_copy.use_ack = 0; 621 opts->ext_copy.use_map = 0; 622 remaining += opt_size; 623 drop_other_suboptions = true; 624 } 625 626 if (!mptcp_pm_should_add_signal(msk) || 627 !(mptcp_pm_add_addr_signal(msk, remaining, &saddr, &echo, &port))) 628 return false; 629 630 len = mptcp_add_addr_len(saddr.family, echo, port); 631 if (remaining < len) 632 return false; 633 634 *size = len; 635 if (drop_other_suboptions) 636 *size -= opt_size; 637 opts->addr_id = saddr.id; 638 if (port) 639 opts->port = ntohs(saddr.port); 640 if (saddr.family == AF_INET) { 641 opts->suboptions |= OPTION_MPTCP_ADD_ADDR; 642 opts->addr = saddr.addr; 643 if (!echo) { 644 opts->ahmac = add_addr_generate_hmac(msk->local_key, 645 msk->remote_key, 646 opts->addr_id, 647 &opts->addr); 648 } 649 } 650 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 651 else if (saddr.family == AF_INET6) { 652 opts->suboptions |= OPTION_MPTCP_ADD_ADDR6; 653 opts->addr6 = saddr.addr6; 654 if (!echo) { 655 opts->ahmac = add_addr6_generate_hmac(msk->local_key, 656 msk->remote_key, 657 opts->addr_id, 658 &opts->addr6); 659 } 660 } 661 #endif 662 pr_debug("addr_id=%d, ahmac=%llu, echo=%d, port=%d", 663 opts->addr_id, opts->ahmac, echo, opts->port); 664 665 return true; 666 } 667 668 static bool mptcp_established_options_rm_addr(struct sock *sk, 669 unsigned int *size, 670 unsigned int remaining, 671 struct mptcp_out_options *opts) 672 { 673 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 674 struct mptcp_sock *msk = mptcp_sk(subflow->conn); 675 u8 rm_id; 676 677 if (!mptcp_pm_should_rm_signal(msk) || 678 !(mptcp_pm_rm_addr_signal(msk, remaining, &rm_id))) 679 return false; 680 681 if (remaining < TCPOLEN_MPTCP_RM_ADDR_BASE) 682 return false; 683 684 *size = TCPOLEN_MPTCP_RM_ADDR_BASE; 685 opts->suboptions |= OPTION_MPTCP_RM_ADDR; 686 opts->rm_id = rm_id; 687 688 pr_debug("rm_id=%d", opts->rm_id); 689 690 return true; 691 } 692 693 static bool mptcp_established_options_mp_prio(struct sock *sk, 694 unsigned int *size, 695 unsigned int remaining, 696 struct mptcp_out_options *opts) 697 { 698 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 699 700 if (!subflow->send_mp_prio) 701 return false; 702 703 /* account for the trailing 'nop' option */ 704 if (remaining < TCPOLEN_MPTCP_PRIO_ALIGN) 705 return false; 706 707 *size = TCPOLEN_MPTCP_PRIO_ALIGN; 708 opts->suboptions |= OPTION_MPTCP_PRIO; 709 opts->backup = subflow->request_bkup; 710 711 pr_debug("prio=%d", opts->backup); 712 713 return true; 714 } 715 716 bool mptcp_established_options(struct sock *sk, struct sk_buff *skb, 717 unsigned int *size, unsigned int remaining, 718 struct mptcp_out_options *opts) 719 { 720 unsigned int opt_size = 0; 721 bool ret = false; 722 723 opts->suboptions = 0; 724 725 if (unlikely(mptcp_check_fallback(sk))) 726 return false; 727 728 /* prevent adding of any MPTCP related options on reset packet 729 * until we support MP_TCPRST/MP_FASTCLOSE 730 */ 731 if (unlikely(skb && TCP_SKB_CB(skb)->tcp_flags & TCPHDR_RST)) 732 return false; 733 734 if (mptcp_established_options_mp(sk, skb, &opt_size, remaining, opts)) 735 ret = true; 736 else if (mptcp_established_options_dss(sk, skb, &opt_size, remaining, 737 opts)) 738 ret = true; 739 740 /* we reserved enough space for the above options, and exceeding the 741 * TCP option space would be fatal 742 */ 743 if (WARN_ON_ONCE(opt_size > remaining)) 744 return false; 745 746 *size += opt_size; 747 remaining -= opt_size; 748 if (mptcp_established_options_add_addr(sk, skb, &opt_size, remaining, opts)) { 749 *size += opt_size; 750 remaining -= opt_size; 751 ret = true; 752 } else if (mptcp_established_options_rm_addr(sk, &opt_size, remaining, opts)) { 753 *size += opt_size; 754 remaining -= opt_size; 755 ret = true; 756 } 757 758 if (mptcp_established_options_mp_prio(sk, &opt_size, remaining, opts)) { 759 *size += opt_size; 760 remaining -= opt_size; 761 ret = true; 762 } 763 764 return ret; 765 } 766 767 bool mptcp_synack_options(const struct request_sock *req, unsigned int *size, 768 struct mptcp_out_options *opts) 769 { 770 struct mptcp_subflow_request_sock *subflow_req = mptcp_subflow_rsk(req); 771 772 if (subflow_req->mp_capable) { 773 opts->suboptions = OPTION_MPTCP_MPC_SYNACK; 774 opts->sndr_key = subflow_req->local_key; 775 *size = TCPOLEN_MPTCP_MPC_SYNACK; 776 pr_debug("subflow_req=%p, local_key=%llu", 777 subflow_req, subflow_req->local_key); 778 return true; 779 } else if (subflow_req->mp_join) { 780 opts->suboptions = OPTION_MPTCP_MPJ_SYNACK; 781 opts->backup = subflow_req->backup; 782 opts->join_id = subflow_req->local_id; 783 opts->thmac = subflow_req->thmac; 784 opts->nonce = subflow_req->local_nonce; 785 pr_debug("req=%p, bkup=%u, id=%u, thmac=%llu, nonce=%u", 786 subflow_req, opts->backup, opts->join_id, 787 opts->thmac, opts->nonce); 788 *size = TCPOLEN_MPTCP_MPJ_SYNACK; 789 return true; 790 } 791 return false; 792 } 793 794 static bool check_fully_established(struct mptcp_sock *msk, struct sock *ssk, 795 struct mptcp_subflow_context *subflow, 796 struct sk_buff *skb, 797 struct mptcp_options_received *mp_opt) 798 { 799 /* here we can process OoO, in-window pkts, only in-sequence 4th ack 800 * will make the subflow fully established 801 */ 802 if (likely(subflow->fully_established)) { 803 /* on passive sockets, check for 3rd ack retransmission 804 * note that msk is always set by subflow_syn_recv_sock() 805 * for mp_join subflows 806 */ 807 if (TCP_SKB_CB(skb)->seq == subflow->ssn_offset + 1 && 808 TCP_SKB_CB(skb)->end_seq == TCP_SKB_CB(skb)->seq && 809 subflow->mp_join && mp_opt->mp_join && 810 READ_ONCE(msk->pm.server_side)) 811 tcp_send_ack(ssk); 812 goto fully_established; 813 } 814 815 /* we must process OoO packets before the first subflow is fully 816 * established. OoO packets are instead a protocol violation 817 * for MP_JOIN subflows as the peer must not send any data 818 * before receiving the forth ack - cfr. RFC 8684 section 3.2. 819 */ 820 if (TCP_SKB_CB(skb)->seq != subflow->ssn_offset + 1) { 821 if (subflow->mp_join) 822 goto reset; 823 return subflow->mp_capable; 824 } 825 826 if (mp_opt->dss && mp_opt->use_ack) { 827 /* subflows are fully established as soon as we get any 828 * additional ack. 829 */ 830 subflow->fully_established = 1; 831 WRITE_ONCE(msk->fully_established, true); 832 goto fully_established; 833 } 834 835 if (mp_opt->add_addr) { 836 WRITE_ONCE(msk->fully_established, true); 837 return true; 838 } 839 840 /* If the first established packet does not contain MP_CAPABLE + data 841 * then fallback to TCP. Fallback scenarios requires a reset for 842 * MP_JOIN subflows. 843 */ 844 if (!mp_opt->mp_capable) { 845 if (subflow->mp_join) 846 goto reset; 847 subflow->mp_capable = 0; 848 pr_fallback(msk); 849 __mptcp_do_fallback(msk); 850 return false; 851 } 852 853 if (unlikely(!READ_ONCE(msk->pm.server_side))) 854 pr_warn_once("bogus mpc option on established client sk"); 855 mptcp_subflow_fully_established(subflow, mp_opt); 856 857 fully_established: 858 /* if the subflow is not already linked into the conn_list, we can't 859 * notify the PM: this subflow is still on the listener queue 860 * and the PM possibly acquiring the subflow lock could race with 861 * the listener close 862 */ 863 if (likely(subflow->pm_notified) || list_empty(&subflow->node)) 864 return true; 865 866 subflow->pm_notified = 1; 867 if (subflow->mp_join) { 868 clear_3rdack_retransmission(ssk); 869 mptcp_pm_subflow_established(msk, subflow); 870 } else { 871 mptcp_pm_fully_established(msk, ssk, GFP_ATOMIC); 872 } 873 return true; 874 875 reset: 876 mptcp_subflow_reset(ssk); 877 return false; 878 } 879 880 static u64 expand_ack(u64 old_ack, u64 cur_ack, bool use_64bit) 881 { 882 u32 old_ack32, cur_ack32; 883 884 if (use_64bit) 885 return cur_ack; 886 887 old_ack32 = (u32)old_ack; 888 cur_ack32 = (u32)cur_ack; 889 cur_ack = (old_ack & GENMASK_ULL(63, 32)) + cur_ack32; 890 if (unlikely(before(cur_ack32, old_ack32))) 891 return cur_ack + (1LL << 32); 892 return cur_ack; 893 } 894 895 static void ack_update_msk(struct mptcp_sock *msk, 896 struct sock *ssk, 897 struct mptcp_options_received *mp_opt) 898 { 899 u64 new_wnd_end, new_snd_una, snd_nxt = READ_ONCE(msk->snd_nxt); 900 struct sock *sk = (struct sock *)msk; 901 u64 old_snd_una; 902 903 mptcp_data_lock(sk); 904 905 /* avoid ack expansion on update conflict, to reduce the risk of 906 * wrongly expanding to a future ack sequence number, which is way 907 * more dangerous than missing an ack 908 */ 909 old_snd_una = msk->snd_una; 910 new_snd_una = expand_ack(old_snd_una, mp_opt->data_ack, mp_opt->ack64); 911 912 /* ACK for data not even sent yet? Ignore. */ 913 if (after64(new_snd_una, snd_nxt)) 914 new_snd_una = old_snd_una; 915 916 new_wnd_end = new_snd_una + tcp_sk(ssk)->snd_wnd; 917 918 if (after64(new_wnd_end, msk->wnd_end)) 919 msk->wnd_end = new_wnd_end; 920 921 /* this assumes mptcp_incoming_options() is invoked after tcp_ack() */ 922 if (after64(msk->wnd_end, READ_ONCE(msk->snd_nxt))) 923 __mptcp_check_push(sk, ssk); 924 925 if (after64(new_snd_una, old_snd_una)) { 926 msk->snd_una = new_snd_una; 927 __mptcp_data_acked(sk); 928 } 929 mptcp_data_unlock(sk); 930 } 931 932 bool mptcp_update_rcv_data_fin(struct mptcp_sock *msk, u64 data_fin_seq, bool use_64bit) 933 { 934 /* Skip if DATA_FIN was already received. 935 * If updating simultaneously with the recvmsg loop, values 936 * should match. If they mismatch, the peer is misbehaving and 937 * we will prefer the most recent information. 938 */ 939 if (READ_ONCE(msk->rcv_data_fin) || !READ_ONCE(msk->first)) 940 return false; 941 942 WRITE_ONCE(msk->rcv_data_fin_seq, 943 expand_ack(READ_ONCE(msk->ack_seq), data_fin_seq, use_64bit)); 944 WRITE_ONCE(msk->rcv_data_fin, 1); 945 946 return true; 947 } 948 949 static bool add_addr_hmac_valid(struct mptcp_sock *msk, 950 struct mptcp_options_received *mp_opt) 951 { 952 u64 hmac = 0; 953 954 if (mp_opt->echo) 955 return true; 956 957 if (mp_opt->family == MPTCP_ADDR_IPVERSION_4) 958 hmac = add_addr_generate_hmac(msk->remote_key, 959 msk->local_key, 960 mp_opt->addr_id, &mp_opt->addr); 961 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 962 else 963 hmac = add_addr6_generate_hmac(msk->remote_key, 964 msk->local_key, 965 mp_opt->addr_id, &mp_opt->addr6); 966 #endif 967 968 pr_debug("msk=%p, ahmac=%llu, mp_opt->ahmac=%llu\n", 969 msk, (unsigned long long)hmac, 970 (unsigned long long)mp_opt->ahmac); 971 972 return hmac == mp_opt->ahmac; 973 } 974 975 void mptcp_incoming_options(struct sock *sk, struct sk_buff *skb) 976 { 977 struct mptcp_subflow_context *subflow = mptcp_subflow_ctx(sk); 978 struct mptcp_sock *msk = mptcp_sk(subflow->conn); 979 struct mptcp_options_received mp_opt; 980 struct mptcp_ext *mpext; 981 982 if (__mptcp_check_fallback(msk)) { 983 /* Keep it simple and unconditionally trigger send data cleanup and 984 * pending queue spooling. We will need to acquire the data lock 985 * for more accurate checks, and once the lock is acquired, such 986 * helpers are cheap. 987 */ 988 mptcp_data_lock(subflow->conn); 989 if (sk_stream_memory_free(sk)) 990 __mptcp_check_push(subflow->conn, sk); 991 __mptcp_data_acked(subflow->conn); 992 mptcp_data_unlock(subflow->conn); 993 return; 994 } 995 996 mptcp_get_options(skb, &mp_opt); 997 if (!check_fully_established(msk, sk, subflow, skb, &mp_opt)) 998 return; 999 1000 if (mp_opt.fastclose && 1001 msk->local_key == mp_opt.rcvr_key) { 1002 WRITE_ONCE(msk->rcv_fastclose, true); 1003 mptcp_schedule_work((struct sock *)msk); 1004 } 1005 1006 if (mp_opt.add_addr && add_addr_hmac_valid(msk, &mp_opt)) { 1007 struct mptcp_addr_info addr; 1008 1009 addr.port = htons(mp_opt.port); 1010 addr.id = mp_opt.addr_id; 1011 if (mp_opt.family == MPTCP_ADDR_IPVERSION_4) { 1012 addr.family = AF_INET; 1013 addr.addr = mp_opt.addr; 1014 } 1015 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 1016 else if (mp_opt.family == MPTCP_ADDR_IPVERSION_6) { 1017 addr.family = AF_INET6; 1018 addr.addr6 = mp_opt.addr6; 1019 } 1020 #endif 1021 if (!mp_opt.echo) { 1022 mptcp_pm_add_addr_received(msk, &addr); 1023 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ADDADDR); 1024 } else { 1025 mptcp_pm_del_add_timer(msk, &addr); 1026 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_ECHOADD); 1027 } 1028 1029 if (mp_opt.port) 1030 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_PORTADD); 1031 1032 mp_opt.add_addr = 0; 1033 } 1034 1035 if (mp_opt.rm_addr) { 1036 mptcp_pm_rm_addr_received(msk, mp_opt.rm_id); 1037 mp_opt.rm_addr = 0; 1038 } 1039 1040 if (mp_opt.mp_prio) { 1041 mptcp_pm_mp_prio_received(sk, mp_opt.backup); 1042 MPTCP_INC_STATS(sock_net(sk), MPTCP_MIB_MPPRIORX); 1043 mp_opt.mp_prio = 0; 1044 } 1045 1046 if (!mp_opt.dss) 1047 return; 1048 1049 /* we can't wait for recvmsg() to update the ack_seq, otherwise 1050 * monodirectional flows will stuck 1051 */ 1052 if (mp_opt.use_ack) 1053 ack_update_msk(msk, sk, &mp_opt); 1054 1055 /* Zero-data-length packets are dropped by the caller and not 1056 * propagated to the MPTCP layer, so the skb extension does not 1057 * need to be allocated or populated. DATA_FIN information, if 1058 * present, needs to be updated here before the skb is freed. 1059 */ 1060 if (TCP_SKB_CB(skb)->seq == TCP_SKB_CB(skb)->end_seq) { 1061 if (mp_opt.data_fin && mp_opt.data_len == 1 && 1062 mptcp_update_rcv_data_fin(msk, mp_opt.data_seq, mp_opt.dsn64) && 1063 schedule_work(&msk->work)) 1064 sock_hold(subflow->conn); 1065 1066 return; 1067 } 1068 1069 mpext = skb_ext_add(skb, SKB_EXT_MPTCP); 1070 if (!mpext) 1071 return; 1072 1073 memset(mpext, 0, sizeof(*mpext)); 1074 1075 if (mp_opt.use_map) { 1076 if (mp_opt.mpc_map) { 1077 /* this is an MP_CAPABLE carrying MPTCP data 1078 * we know this map the first chunk of data 1079 */ 1080 mptcp_crypto_key_sha(subflow->remote_key, NULL, 1081 &mpext->data_seq); 1082 mpext->data_seq++; 1083 mpext->subflow_seq = 1; 1084 mpext->dsn64 = 1; 1085 mpext->mpc_map = 1; 1086 mpext->data_fin = 0; 1087 } else { 1088 mpext->data_seq = mp_opt.data_seq; 1089 mpext->subflow_seq = mp_opt.subflow_seq; 1090 mpext->dsn64 = mp_opt.dsn64; 1091 mpext->data_fin = mp_opt.data_fin; 1092 } 1093 mpext->data_len = mp_opt.data_len; 1094 mpext->use_map = 1; 1095 } 1096 } 1097 1098 static void mptcp_set_rwin(const struct tcp_sock *tp) 1099 { 1100 const struct sock *ssk = (const struct sock *)tp; 1101 const struct mptcp_subflow_context *subflow; 1102 struct mptcp_sock *msk; 1103 u64 ack_seq; 1104 1105 subflow = mptcp_subflow_ctx(ssk); 1106 msk = mptcp_sk(subflow->conn); 1107 1108 ack_seq = READ_ONCE(msk->ack_seq) + tp->rcv_wnd; 1109 1110 if (after64(ack_seq, READ_ONCE(msk->rcv_wnd_sent))) 1111 WRITE_ONCE(msk->rcv_wnd_sent, ack_seq); 1112 } 1113 1114 void mptcp_write_options(__be32 *ptr, const struct tcp_sock *tp, 1115 struct mptcp_out_options *opts) 1116 { 1117 if ((OPTION_MPTCP_MPC_SYN | OPTION_MPTCP_MPC_SYNACK | 1118 OPTION_MPTCP_MPC_ACK) & opts->suboptions) { 1119 u8 len; 1120 1121 if (OPTION_MPTCP_MPC_SYN & opts->suboptions) 1122 len = TCPOLEN_MPTCP_MPC_SYN; 1123 else if (OPTION_MPTCP_MPC_SYNACK & opts->suboptions) 1124 len = TCPOLEN_MPTCP_MPC_SYNACK; 1125 else if (opts->ext_copy.data_len) 1126 len = TCPOLEN_MPTCP_MPC_ACK_DATA; 1127 else 1128 len = TCPOLEN_MPTCP_MPC_ACK; 1129 1130 *ptr++ = mptcp_option(MPTCPOPT_MP_CAPABLE, len, 1131 MPTCP_SUPPORTED_VERSION, 1132 MPTCP_CAP_HMAC_SHA256); 1133 1134 if (!((OPTION_MPTCP_MPC_SYNACK | OPTION_MPTCP_MPC_ACK) & 1135 opts->suboptions)) 1136 goto mp_capable_done; 1137 1138 put_unaligned_be64(opts->sndr_key, ptr); 1139 ptr += 2; 1140 if (!((OPTION_MPTCP_MPC_ACK) & opts->suboptions)) 1141 goto mp_capable_done; 1142 1143 put_unaligned_be64(opts->rcvr_key, ptr); 1144 ptr += 2; 1145 if (!opts->ext_copy.data_len) 1146 goto mp_capable_done; 1147 1148 put_unaligned_be32(opts->ext_copy.data_len << 16 | 1149 TCPOPT_NOP << 8 | TCPOPT_NOP, ptr); 1150 ptr += 1; 1151 } 1152 1153 mp_capable_done: 1154 if ((OPTION_MPTCP_ADD_ADDR 1155 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 1156 | OPTION_MPTCP_ADD_ADDR6 1157 #endif 1158 ) & opts->suboptions) { 1159 u8 len = TCPOLEN_MPTCP_ADD_ADDR_BASE; 1160 u8 echo = MPTCP_ADDR_ECHO; 1161 1162 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 1163 if (OPTION_MPTCP_ADD_ADDR6 & opts->suboptions) 1164 len = TCPOLEN_MPTCP_ADD_ADDR6_BASE; 1165 #endif 1166 1167 if (opts->port) 1168 len += TCPOLEN_MPTCP_PORT_LEN; 1169 1170 if (opts->ahmac) { 1171 len += sizeof(opts->ahmac); 1172 echo = 0; 1173 } 1174 1175 *ptr++ = mptcp_option(MPTCPOPT_ADD_ADDR, 1176 len, echo, opts->addr_id); 1177 if (OPTION_MPTCP_ADD_ADDR & opts->suboptions) { 1178 memcpy((u8 *)ptr, (u8 *)&opts->addr.s_addr, 4); 1179 ptr += 1; 1180 } 1181 #if IS_ENABLED(CONFIG_MPTCP_IPV6) 1182 else if (OPTION_MPTCP_ADD_ADDR6 & opts->suboptions) { 1183 memcpy((u8 *)ptr, opts->addr6.s6_addr, 16); 1184 ptr += 4; 1185 } 1186 #endif 1187 1188 if (!opts->port) { 1189 if (opts->ahmac) { 1190 put_unaligned_be64(opts->ahmac, ptr); 1191 ptr += 2; 1192 } 1193 } else { 1194 if (opts->ahmac) { 1195 u8 *bptr = (u8 *)ptr; 1196 1197 put_unaligned_be16(opts->port, bptr); 1198 bptr += 2; 1199 put_unaligned_be64(opts->ahmac, bptr); 1200 bptr += 8; 1201 put_unaligned_be16(TCPOPT_NOP << 8 | 1202 TCPOPT_NOP, bptr); 1203 1204 ptr += 3; 1205 } else { 1206 put_unaligned_be32(opts->port << 16 | 1207 TCPOPT_NOP << 8 | 1208 TCPOPT_NOP, ptr); 1209 ptr += 1; 1210 } 1211 } 1212 } 1213 1214 if (OPTION_MPTCP_RM_ADDR & opts->suboptions) { 1215 *ptr++ = mptcp_option(MPTCPOPT_RM_ADDR, 1216 TCPOLEN_MPTCP_RM_ADDR_BASE, 1217 0, opts->rm_id); 1218 } 1219 1220 if (OPTION_MPTCP_PRIO & opts->suboptions) { 1221 const struct sock *ssk = (const struct sock *)tp; 1222 struct mptcp_subflow_context *subflow; 1223 1224 subflow = mptcp_subflow_ctx(ssk); 1225 subflow->send_mp_prio = 0; 1226 1227 *ptr++ = mptcp_option(MPTCPOPT_MP_PRIO, 1228 TCPOLEN_MPTCP_PRIO, 1229 opts->backup, TCPOPT_NOP); 1230 } 1231 1232 if (OPTION_MPTCP_MPJ_SYN & opts->suboptions) { 1233 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN, 1234 TCPOLEN_MPTCP_MPJ_SYN, 1235 opts->backup, opts->join_id); 1236 put_unaligned_be32(opts->token, ptr); 1237 ptr += 1; 1238 put_unaligned_be32(opts->nonce, ptr); 1239 ptr += 1; 1240 } 1241 1242 if (OPTION_MPTCP_MPJ_SYNACK & opts->suboptions) { 1243 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN, 1244 TCPOLEN_MPTCP_MPJ_SYNACK, 1245 opts->backup, opts->join_id); 1246 put_unaligned_be64(opts->thmac, ptr); 1247 ptr += 2; 1248 put_unaligned_be32(opts->nonce, ptr); 1249 ptr += 1; 1250 } 1251 1252 if (OPTION_MPTCP_MPJ_ACK & opts->suboptions) { 1253 *ptr++ = mptcp_option(MPTCPOPT_MP_JOIN, 1254 TCPOLEN_MPTCP_MPJ_ACK, 0, 0); 1255 memcpy(ptr, opts->hmac, MPTCPOPT_HMAC_LEN); 1256 ptr += 5; 1257 } 1258 1259 if (opts->ext_copy.use_ack || opts->ext_copy.use_map) { 1260 struct mptcp_ext *mpext = &opts->ext_copy; 1261 u8 len = TCPOLEN_MPTCP_DSS_BASE; 1262 u8 flags = 0; 1263 1264 if (mpext->use_ack) { 1265 flags = MPTCP_DSS_HAS_ACK; 1266 if (mpext->ack64) { 1267 len += TCPOLEN_MPTCP_DSS_ACK64; 1268 flags |= MPTCP_DSS_ACK64; 1269 } else { 1270 len += TCPOLEN_MPTCP_DSS_ACK32; 1271 } 1272 } 1273 1274 if (mpext->use_map) { 1275 len += TCPOLEN_MPTCP_DSS_MAP64; 1276 1277 /* Use only 64-bit mapping flags for now, add 1278 * support for optional 32-bit mappings later. 1279 */ 1280 flags |= MPTCP_DSS_HAS_MAP | MPTCP_DSS_DSN64; 1281 if (mpext->data_fin) 1282 flags |= MPTCP_DSS_DATA_FIN; 1283 } 1284 1285 *ptr++ = mptcp_option(MPTCPOPT_DSS, len, 0, flags); 1286 1287 if (mpext->use_ack) { 1288 if (mpext->ack64) { 1289 put_unaligned_be64(mpext->data_ack, ptr); 1290 ptr += 2; 1291 } else { 1292 put_unaligned_be32(mpext->data_ack32, ptr); 1293 ptr += 1; 1294 } 1295 } 1296 1297 if (mpext->use_map) { 1298 put_unaligned_be64(mpext->data_seq, ptr); 1299 ptr += 2; 1300 put_unaligned_be32(mpext->subflow_seq, ptr); 1301 ptr += 1; 1302 put_unaligned_be32(mpext->data_len << 16 | 1303 TCPOPT_NOP << 8 | TCPOPT_NOP, ptr); 1304 } 1305 } 1306 1307 if (tp) 1308 mptcp_set_rwin(tp); 1309 } 1310