From nobody Thu Oct 20 19:49:52 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4MtdV85gVfz4gQCY; Thu, 20 Oct 2022 19:49:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4MtdV842Lxz3KqF; Thu, 20 Oct 2022 19:49:52 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666295392; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Vu7zTaUZCTk/V41O4kvuu/GX0ngjG3BTz+x20Qqq28w=; b=G4z7LJvlTorMKa0qgAB0Wc+wOy+vUHD0ZAI/as+TDTx5w/1Cxf/gYmGyXM0mdQUqHcp47H 1KKHVKubpmulN105SYDiSRsHk9/f4UC9n0zUHZJJLKAxDRIMJv7nTrPO580X9NncSzb7Ow Bk0QdtawbJGtRP1tmQukZ/4kxpjzbi/hh1tCeWKqofnqs8F6JYboCWYt4AageVa0f5YfB3 3ivh6Lf2ice3SHURTBgPCUwATTyu9guHLHD8N9mAruoZoumpfgDz6rEeX1mYykWU5rzidC jh00Ygs0kGwYCj5bVBa2njPoxWVUc8HovHbZWZ8wFNiiIQcMddCUy6b6pPQovg== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4MtdV82Y8szyk5; Thu, 20 Oct 2022 19:49:52 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 29KJnqM9039167; Thu, 20 Oct 2022 19:49:52 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 29KJnqJ6039166; Thu, 20 Oct 2022 19:49:52 GMT (envelope-from git) Date: Thu, 20 Oct 2022 19:49:52 GMT Message-Id: <202210201949.29KJnqJ6039166@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Richard Scheffenegger Subject: git: 83c1ec92e454 - main - tcp: ECN preparations for ECN++, AccECN (tcp_respond) List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: rscheff X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 83c1ec92e454a7592dd15b15b738d18ae36575e0 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1666295392; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Vu7zTaUZCTk/V41O4kvuu/GX0ngjG3BTz+x20Qqq28w=; b=uawe7qklFEHAVaGHNfVXeTWj13ra7p6XuBnL9+ABUL+MgaVpi1wvdSjYoBKMhTB0kAMH4O zRE8mCO2+o44V4Wx84HA1xllJGNgipDCpG/10VGz2clgGaLJxKFQ+S/bzvEMexRwj2a/4c zYvqFJGGaCjJVQTIGAvszh1oB/5QbhwF11oQ+1tLiOgRY4Q7M0DsUsowuLtoMny2FfZB23 k95Wr0RCQpB+dXTD/Kh1e7dGJScDgxcV+nUsaaOPZpBCvSE9OpDqqFy0KO/wSvt1MITWve Z2rEk35K9jR2WvOVpF6DhG4WOssdkHQaZj/1edXkpGC2hpMTruOpIOgW8XnQgg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1666295392; a=rsa-sha256; cv=none; b=gM6wppIK4ObwnvyxX9LIiTbhh8rATFpqrZYUGwl3SWraA9o6nB+UwFcUtVbd7QvFBHtrD5 ply4VZZln/T0D/YrM9mkpW++VuutgRgB5HXafzVbUr0MF5YTu1nytUTp0gNOrE5JYKuJL+ Ne45DUs0x7QBa47k1C3iigKcZu1d/Ay6bM77GeF7pfVzt6x6pNTn8iHkZAuS28UK257uad yZRwOlGsgIKXobFTFGWuT94vouxQBJNsOVlFMjcXfkaqH8QZRe3RTBy+9nw6Mem78+Dzv+ ZjDvJFPw6aNMaLbubbsqRxWm5atGGzfZoF5/o303h+AjnVqtkYqXBIQGOU2GhQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by rscheff: URL: https://cgit.FreeBSD.org/src/commit/?id=83c1ec92e454a7592dd15b15b738d18ae36575e0 commit 83c1ec92e454a7592dd15b15b738d18ae36575e0 Author: Richard Scheffenegger AuthorDate: 2022-10-20 19:20:13 +0000 Commit: Richard Scheffenegger CommitDate: 2022-10-20 19:48:27 +0000 tcp: ECN preparations for ECN++, AccECN (tcp_respond) tcp_respond is another function to build a tcp control packet quickly. With ECN++ and AccECN, both the IP ECN header, and the TCP ECN flags are supposed to reflect the correct state. Also ensure that on receiving multiple ECN SYN-ACKs, the responses triggered will reflect the latest state. Reviewed By: tuexen, #transport Sponsored by: NetApp, Inc. Differential Revision: https://reviews.freebsd.org/D36973 --- sys/netinet/tcp_ecn.c | 11 +++++++++++ sys/netinet/tcp_input.c | 1 + sys/netinet/tcp_stacks/bbr.c | 12 ++++++------ sys/netinet/tcp_stacks/rack.c | 12 ++++++------ sys/netinet/tcp_stacks/rack_bbr_common.c | 4 +++- sys/netinet/tcp_stacks/rack_bbr_common.h | 2 +- sys/netinet/tcp_subr.c | 8 ++++++-- sys/netinet/tcp_var.h | 2 +- 8 files changed, 35 insertions(+), 17 deletions(-) diff --git a/sys/netinet/tcp_ecn.c b/sys/netinet/tcp_ecn.c index 28a176dfad2a..c74f4fa7c514 100644 --- a/sys/netinet/tcp_ecn.c +++ b/sys/netinet/tcp_ecn.c @@ -116,6 +116,7 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) /* RFC3168 ECN handling */ if ((thflags & (TH_CWR | TH_ECE)) == (0 | TH_ECE)) { tp->t_flags2 |= TF2_ECN_PERMIT; + tp->t_flags2 &= ~TF2_ACE_PERMIT; TCPSTAT_INC(tcps_ecn_shs); } } else @@ -133,11 +134,13 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) /* RFC3168 SYN */ case (0|0|TH_ECE): tp->t_flags2 |= TF2_ECN_PERMIT; + tp->t_flags2 &= ~TF2_ACE_PERMIT; TCPSTAT_INC(tcps_ecn_shs); break; /* non-ECT SYN */ case (0|TH_CWR|0): tp->t_flags2 |= TF2_ACE_PERMIT; + tp->t_flags2 &= ~TF2_ECN_PERMIT; tp->t_scep = 5; TCPSTAT_INC(tcps_ecn_shs); TCPSTAT_INC(tcps_ace_nect); @@ -145,6 +148,7 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) /* ECT0 SYN */ case (TH_AE|0|0): tp->t_flags2 |= TF2_ACE_PERMIT; + tp->t_flags2 &= ~TF2_ECN_PERMIT; tp->t_scep = 5; TCPSTAT_INC(tcps_ecn_shs); TCPSTAT_INC(tcps_ace_ect0); @@ -152,6 +156,7 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) /* ECT1 SYN */ case (0|TH_CWR|TH_ECE): tp->t_flags2 |= TF2_ACE_PERMIT; + tp->t_flags2 &= ~TF2_ECN_PERMIT; tp->t_scep = 5; TCPSTAT_INC(tcps_ecn_shs); TCPSTAT_INC(tcps_ace_ect1); @@ -159,6 +164,7 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) /* CE SYN */ case (TH_AE|TH_CWR|0): tp->t_flags2 |= TF2_ACE_PERMIT; + tp->t_flags2 &= ~TF2_ECN_PERMIT; tp->t_scep = 6; /* * reduce the IW to 2 MSS (to @@ -170,6 +176,7 @@ tcp_ecn_input_syn_sent(struct tcpcb *tp, uint16_t thflags, int iptos) TCPSTAT_INC(tcps_ace_nect); break; default: + tp->t_flags2 &= ~(TF2_ECN_PERMIT | TF2_ACE_PERMIT); break; } /* @@ -211,6 +218,7 @@ tcp_ecn_input_parallel_syn(struct tcpcb *tp, uint16_t thflags, int iptos) /* RFC3168 ECN handling */ if ((thflags & (TH_CWR | TH_ECE)) == (TH_CWR | TH_ECE)) { tp->t_flags2 |= TF2_ECN_PERMIT; + tp->t_flags2 &= ~TF2_ACE_PERMIT; tp->t_flags2 |= TF2_ECN_SND_ECE; TCPSTAT_INC(tcps_ecn_shs); } @@ -221,14 +229,17 @@ tcp_ecn_input_parallel_syn(struct tcpcb *tp, uint16_t thflags, int iptos) switch (thflags & (TH_AE | TH_CWR | TH_ECE)) { default: case (0|0|0): + tp->t_flags2 &= ~(TF2_ECN_PERMIT | TF2_ACE_PERMIT); break; case (0|TH_CWR|TH_ECE): tp->t_flags2 |= TF2_ECN_PERMIT; + tp->t_flags2 &= ~TF2_ACE_PERMIT; tp->t_flags2 |= TF2_ECN_SND_ECE; TCPSTAT_INC(tcps_ecn_shs); break; case (TH_AE|TH_CWR|TH_ECE): tp->t_flags2 |= TF2_ACE_PERMIT; + tp->t_flags2 &= ~TF2_ECN_PERMIT; TCPSTAT_INC(tcps_ecn_shs); /* * Set the AccECN Codepoints on diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c index c1e1f58e315c..672776e4e882 100644 --- a/sys/netinet/tcp_input.c +++ b/sys/netinet/tcp_input.c @@ -2243,6 +2243,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, struct socket *so, tp = tcp_drop(tp, ECONNRESET); rstreason = BANDLIM_UNLIMITED; } else { + tcp_ecn_input_syn_sent(tp, thflags, iptos); /* Send challenge ACK. */ tcp_respond(tp, mtod(m, void *), th, m, tp->rcv_nxt, tp->snd_nxt, TH_ACK); diff --git a/sys/netinet/tcp_stacks/bbr.c b/sys/netinet/tcp_stacks/bbr.c index 40d3a40dbe38..4a768487b9f6 100644 --- a/sys/netinet/tcp_stacks/bbr.c +++ b/sys/netinet/tcp_stacks/bbr.c @@ -9259,7 +9259,7 @@ bbr_do_established(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -9355,7 +9355,7 @@ bbr_do_close_wait(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -9476,7 +9476,7 @@ bbr_do_fin_wait_1(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -9600,7 +9600,7 @@ bbr_do_closing(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -9710,7 +9710,7 @@ bbr_do_lastack(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -9822,7 +9822,7 @@ bbr_do_fin_wait_2(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } INP_WLOCK_ASSERT(tp->t_inpcb); diff --git a/sys/netinet/tcp_stacks/rack.c b/sys/netinet/tcp_stacks/rack.c index 74503bc8a1b2..997e032e4a08 100644 --- a/sys/netinet/tcp_stacks/rack.c +++ b/sys/netinet/tcp_stacks/rack.c @@ -11679,7 +11679,7 @@ rack_do_established(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -11779,7 +11779,7 @@ rack_do_close_wait(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -11909,7 +11909,7 @@ rack_do_fin_wait_1(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -12036,7 +12036,7 @@ rack_do_closing(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -12149,7 +12149,7 @@ rack_do_lastack(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* @@ -12263,7 +12263,7 @@ rack_do_fin_wait_2(struct mbuf *m, struct tcphdr *th, struct socket *so, * synchronized state. */ if (thflags & TH_SYN) { - ctf_challenge_ack(m, th, tp, &ret_val); + ctf_challenge_ack(m, th, tp, iptos, &ret_val); return (ret_val); } /* diff --git a/sys/netinet/tcp_stacks/rack_bbr_common.c b/sys/netinet/tcp_stacks/rack_bbr_common.c index d1150c4e4047..467e615fe250 100644 --- a/sys/netinet/tcp_stacks/rack_bbr_common.c +++ b/sys/netinet/tcp_stacks/rack_bbr_common.c @@ -95,6 +95,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -860,7 +861,7 @@ __ctf_process_rst(struct mbuf *m, struct tcphdr *th, struct socket *so, * and valid. */ void -ctf_challenge_ack(struct mbuf *m, struct tcphdr *th, struct tcpcb *tp, int32_t * ret_val) +ctf_challenge_ack(struct mbuf *m, struct tcphdr *th, struct tcpcb *tp, uint8_t iptos, int32_t * ret_val) { NET_EPOCH_ASSERT(); @@ -873,6 +874,7 @@ ctf_challenge_ack(struct mbuf *m, struct tcphdr *th, struct tcpcb *tp, int32_t * *ret_val = 1; ctf_do_drop(m, tp); } else { + tcp_ecn_input_syn_sent(tp, tcp_get_flags(th), iptos); /* Send challenge ACK. */ tcp_respond(tp, mtod(m, void *), th, m, tp->rcv_nxt, tp->snd_nxt, TH_ACK); diff --git a/sys/netinet/tcp_stacks/rack_bbr_common.h b/sys/netinet/tcp_stacks/rack_bbr_common.h index 9a711253d978..688c64dd92c3 100644 --- a/sys/netinet/tcp_stacks/rack_bbr_common.h +++ b/sys/netinet/tcp_stacks/rack_bbr_common.h @@ -125,7 +125,7 @@ __ctf_process_rst(struct mbuf *m, struct tcphdr *th, void ctf_challenge_ack(struct mbuf *m, struct tcphdr *th, - struct tcpcb *tp, int32_t * ret_val); + struct tcpcb *tp, uint8_t iptos, int32_t * ret_val); int ctf_ts_check(struct mbuf *m, struct tcphdr *th, diff --git a/sys/netinet/tcp_subr.c b/sys/netinet/tcp_subr.c index 8fdaab35fb19..b78967a0f20c 100644 --- a/sys/netinet/tcp_subr.c +++ b/sys/netinet/tcp_subr.c @@ -105,6 +105,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include #include @@ -1778,7 +1779,7 @@ tcpip_maketemplate(struct inpcb *inp) */ void tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, - tcp_seq ack, tcp_seq seq, int flags) + tcp_seq ack, tcp_seq seq, uint16_t flags) { struct tcpopt to; struct inpcb *inp; @@ -1793,6 +1794,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, int isipv6; #endif /* INET6 */ int optlen, tlen, win, ulen; + int ect = 0; bool incl_opts; uint16_t port; int output_ret; @@ -1980,6 +1982,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, m->m_len = tlen; to.to_flags = 0; if (incl_opts) { + ect = tcp_ecn_output_established(tp, &flags, 0, false); /* Make sure we have room. */ if (M_TRAILINGSPACE(m) < TCP_MAXOLEN) { m->m_next = m_get(M_NOWAIT, MT_DATA); @@ -2018,7 +2021,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, ulen = tlen - sizeof(struct ip6_hdr); uh->uh_ulen = htons(ulen); } - ip6->ip6_flow = 0; + ip6->ip6_flow = htonl(ect << 20); ip6->ip6_vfc = IPV6_VERSION; if (port) ip6->ip6_nxt = IPPROTO_UDP; @@ -2036,6 +2039,7 @@ tcp_respond(struct tcpcb *tp, void *ipgen, struct tcphdr *th, struct mbuf *m, ulen = tlen - sizeof(struct ip); uh->uh_ulen = htons(ulen); } + ip->ip_tos = ect; ip->ip_len = htons(tlen); ip->ip_ttl = V_ip_defttl; if (port) { diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h index 1c6e0bbccbab..1514e016ee13 100644 --- a/sys/netinet/tcp_var.h +++ b/sys/netinet/tcp_var.h @@ -1157,7 +1157,7 @@ struct tcpcb * int tcp_default_output(struct tcpcb *); void tcp_state_change(struct tcpcb *, int); void tcp_respond(struct tcpcb *, void *, - struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, int); + struct tcphdr *, struct mbuf *, tcp_seq, tcp_seq, uint16_t); bool tcp_twcheck(struct inpcb *, struct tcpopt *, struct tcphdr *, struct mbuf *, int); void tcp_setpersist(struct tcpcb *);