From nobody Sat May 06 09:15:42 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4QD23253Nnz49KtH; Sat, 6 May 2023 09:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4QD2324WG7z3plf; Sat, 6 May 2023 09:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1683364542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9K9Xj/VpqvY6dXG8FYRINSjjNeB1oEeMngt+iEvZDCM=; b=IkDRYPmSizwQ+pzekNKltIV9446KTWO6OcO32YBZRTGCWtadhO/67Dxs9b3X7yOdZ8P23f Gv58QygQ6n8f58lCytcy3Ru5c/R/eN6v880xuoRuVx5XBfnipMZFxyQmL07OwIQecygCaB N4/j5Fxpkc4PnzVRbYf/uFXfzdPS51Iz2lCwIimMMVbZAQE1uVevf2uOMkN5s90ngD7jp2 He1C96oETxZhvwFvNfBPFiEKCb5SDVzaGWzrz7KMqKmJytx4JFWttsSPEsh79CL3fiZLp7 nzfbKGHu+nwU7wyUI+R8somZ/tkLB+CMnnVHyg47JBDrcG2GFSM3QkMEMl8dUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1683364542; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=9K9Xj/VpqvY6dXG8FYRINSjjNeB1oEeMngt+iEvZDCM=; b=veknetvTM/6hezrN7NtgSbZ8dapZMolHn0Uw7W52p3MzFyrj06oqONBuJ1A8I3O6JpzIRv AJ8kxlPGcQme0IhQqysLqkbQoK3c7LyEuqr+5TJBfbK9fwl8GkM4n9fL71fRpQFkFZHdAo t5s7++Hiaufptf809n3M2/y5Rg2cnalj8AOjIIA3+UcQ6nn1IAADDGWbRHPJO0f+Q71ckU QOq7iPbvttxDGyWEBnOVIyIuj5RGawTjAvFhfuok2cUpZp6rY37qCKmJRykeqRom5tPoHb xuCujJo01/CAi13t4XYR14iPXJnJYBy9PeeCiCpeO+6XKj+1fhc1E/DIHQA3zQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1683364542; a=rsa-sha256; cv=none; b=h0yn2udvTrtWU/Thtq4GvonagAPG70X7ABWtkPBUHXUcZhIJSY57wFvCCz7zl0g3rrzRCN tGyMa4xoqj3gzjedF+iqcyl46rdxEZQLHo5UKdTaO7Cg+o90p7a37N1YzRSKEgQfNSm1Ag s7QOd6HpTy+YLiD1/4TzEhPztb5POdHrJI0BRobDYcwgchwxLep5f/KMU4aDr3EmxhKTw0 l7FbmDJSn5Sj/jtZwwffV6/e6rL9F7RCKXzH2L919SEzs2tNDIFd3hb2iAWU/GTPFF+mDg XCVm/m8Nvlek7W4jCEx/g4LSrb2JRu9ALOYb9tiRY/X7yRd9G8eFtSM1LrdN1w== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4QD2323Zd5zWn8; Sat, 6 May 2023 09:15:42 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 3469FgSv078028; Sat, 6 May 2023 09:15:42 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 3469FgOo078027; Sat, 6 May 2023 09:15:42 GMT (envelope-from git) Date: Sat, 6 May 2023 09:15:42 GMT Message-Id: <202305060915.3469FgOo078027@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Michael Tuexen Subject: git: c2399dd2e227 - main - tcp: improve BBLoging for PRUs List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: tuexen X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: c2399dd2e2273df296b58781a6a3690d7b8f3715 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by tuexen: URL: https://cgit.FreeBSD.org/src/commit/?id=c2399dd2e2273df296b58781a6a3690d7b8f3715 commit c2399dd2e2273df296b58781a6a3690d7b8f3715 Author: Michael Tuexen AuthorDate: 2023-05-06 09:12:06 +0000 Commit: Michael Tuexen CommitDate: 2023-05-06 09:12:06 +0000 tcp: improve BBLoging for PRUs Log all errors for PRUs, except when INP_DROPPED is set. In that case, don't log it. Reviewed by: glebius, rrs Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D39591 --- sys/netinet/tcp_usrreq.c | 255 +++++++++++++++++++++++++++-------------------- 1 file changed, 145 insertions(+), 110 deletions(-) diff --git a/sys/netinet/tcp_usrreq.c b/sys/netinet/tcp_usrreq.c index d23dd9f97222..a9aee98f1332 100644 --- a/sys/netinet/tcp_usrreq.c +++ b/sys/netinet/tcp_usrreq.c @@ -136,9 +136,7 @@ tcp_bblog_pru(struct tcpcb *tp, uint32_t pru, int error) { struct tcp_log_buffer *lgb; - if (tp == NULL) { - return; - } + KASSERT(tp != NULL, ("tcp_bblog_pru: tp == NULL")); INP_WLOCK_ASSERT(tptoinpcb(tp)); if (tcp_bblogging_on(tp)) { lgb = tcp_log_event(tp, NULL, NULL, NULL, TCP_LOG_PRU, error, @@ -232,9 +230,18 @@ tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct sockaddr_in *sinp; + inp = sotoinpcb(so); + KASSERT(inp != NULL, ("tcp_usr_bind: inp == NULL")); + INP_WLOCK(inp); + if (inp->inp_flags & INP_DROPPED) { + INP_WUNLOCK(inp); + return (EINVAL); + } + tp = intotcpcb(inp); + sinp = (struct sockaddr_in *)nam; if (nam->sa_family != AF_INET) { /* @@ -242,28 +249,24 @@ tcp_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) */ if (nam->sa_family != AF_UNSPEC || nam->sa_len < offsetof(struct sockaddr_in, sin_zero) || - sinp->sin_addr.s_addr != INADDR_ANY) - return (EAFNOSUPPORT); + sinp->sin_addr.s_addr != INADDR_ANY) { + error = EAFNOSUPPORT; + goto out; + } nam->sa_family = AF_INET; } - if (nam->sa_len != sizeof(*sinp)) - return (EINVAL); - + if (nam->sa_len != sizeof(*sinp)) { + error = EINVAL; + goto out; + } /* * Must check for multicast addresses and disallow binding * to them. */ - if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) - return (EAFNOSUPPORT); - - inp = sotoinpcb(so); - KASSERT(inp != NULL, ("tcp_usr_bind: inp == NULL")); - INP_WLOCK(inp); - if (inp->inp_flags & INP_DROPPED) { - error = EINVAL; + if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { + error = EAFNOSUPPORT; goto out; } - tp = intotcpcb(inp); INP_HASH_WLOCK(&V_tcbinfo); error = in_pcbbind(inp, sinp, td->td_ucred); INP_HASH_WUNLOCK(&V_tcbinfo); @@ -282,32 +285,39 @@ tcp6_usr_bind(struct socket *so, struct sockaddr *nam, struct thread *td) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct sockaddr_in6 *sin6; u_char vflagsav; - sin6 = (struct sockaddr_in6 *)nam; - if (nam->sa_family != AF_INET6) - return (EAFNOSUPPORT); - if (nam->sa_len != sizeof(*sin6)) + inp = sotoinpcb(so); + KASSERT(inp != NULL, ("tcp6_usr_bind: inp == NULL")); + INP_WLOCK(inp); + if (inp->inp_flags & INP_DROPPED) { + INP_WUNLOCK(inp); return (EINVAL); + } + tp = intotcpcb(inp); + + vflagsav = inp->inp_vflag; + sin6 = (struct sockaddr_in6 *)nam; + if (nam->sa_family != AF_INET6) { + error = EAFNOSUPPORT; + goto out; + } + if (nam->sa_len != sizeof(*sin6)) { + error = EINVAL; + goto out; + } /* * Must check for multicast addresses and disallow binding * to them. */ - if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) - return (EAFNOSUPPORT); - - inp = sotoinpcb(so); - KASSERT(inp != NULL, ("tcp6_usr_bind: inp == NULL")); - INP_WLOCK(inp); - vflagsav = inp->inp_vflag; - if (inp->inp_flags & INP_DROPPED) { - error = EINVAL; + if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { + error = EAFNOSUPPORT; goto out; } - tp = intotcpcb(inp); + INP_HASH_WLOCK(&V_tcbinfo); inp->inp_vflag &= ~INP_IPV4; inp->inp_vflag |= INP_IPV6; @@ -353,16 +363,17 @@ tcp_usr_listen(struct socket *so, int backlog, struct thread *td) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp_usr_listen: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = EINVAL; - goto out; + INP_WUNLOCK(inp); + return (EINVAL); } tp = intotcpcb(inp); + SOCK_LOCK(so); error = solisten_proto_check(so); if (error != 0) { @@ -403,18 +414,20 @@ tcp6_usr_listen(struct socket *so, int backlog, struct thread *td) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; u_char vflagsav; inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp6_usr_listen: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = EINVAL; - goto out; + INP_WUNLOCK(inp); + return (EINVAL); } - vflagsav = inp->inp_vflag; tp = intotcpcb(inp); + + vflagsav = inp->inp_vflag; + SOCK_LOCK(so); error = solisten_proto_check(so); if (error != 0) { @@ -469,37 +482,44 @@ tcp_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) struct epoch_tracker et; int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct sockaddr_in *sinp; - sinp = (struct sockaddr_in *)nam; - if (nam->sa_family != AF_INET) - return (EAFNOSUPPORT); - if (nam->sa_len != sizeof (*sinp)) - return (EINVAL); - - /* - * Must disallow TCP ``connections'' to multicast addresses. - */ - if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) - return (EAFNOSUPPORT); - if (ntohl(sinp->sin_addr.s_addr) == INADDR_BROADCAST) - return (EACCES); - if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr)) != 0) - return (error); - inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp_usr_connect: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = ECONNREFUSED; + INP_WUNLOCK(inp); + return (ECONNREFUSED); + } + tp = intotcpcb(inp); + + sinp = (struct sockaddr_in *)nam; + if (nam->sa_family != AF_INET) { + error = EAFNOSUPPORT; + goto out; + } + if (nam->sa_len != sizeof (*sinp)) { + error = EINVAL; + goto out; + } + /* + * Must disallow TCP ``connections'' to multicast addresses. + */ + if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { + error = EAFNOSUPPORT; goto out; } + if (ntohl(sinp->sin_addr.s_addr) == INADDR_BROADCAST) { + error = EACCES; + goto out; + } + if ((error = prison_remote_ip4(td->td_ucred, &sinp->sin_addr)) != 0) + goto out; if (SOLISTENING(so)) { error = EOPNOTSUPP; goto out; } - tp = intotcpcb(inp); NET_EPOCH_ENTER(et); if ((error = tcp_connect(tp, sinp, td)) != 0) goto out_in_epoch; @@ -530,37 +550,43 @@ tcp6_usr_connect(struct socket *so, struct sockaddr *nam, struct thread *td) struct epoch_tracker et; int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct sockaddr_in6 *sin6; u_int8_t incflagsav; u_char vflagsav; - sin6 = (struct sockaddr_in6 *)nam; - if (nam->sa_family != AF_INET6) - return (EAFNOSUPPORT); - if (nam->sa_len != sizeof (*sin6)) - return (EINVAL); - - /* - * Must disallow TCP ``connections'' to multicast addresses. - */ - if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) - return (EAFNOSUPPORT); - inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp6_usr_connect: inp == NULL")); INP_WLOCK(inp); + if (inp->inp_flags & INP_DROPPED) { + INP_WUNLOCK(inp); + return (ECONNREFUSED); + } + tp = intotcpcb(inp); + vflagsav = inp->inp_vflag; incflagsav = inp->inp_inc.inc_flags; - if (inp->inp_flags & INP_DROPPED) { - error = ECONNREFUSED; + + sin6 = (struct sockaddr_in6 *)nam; + if (nam->sa_family != AF_INET6) { + error = EAFNOSUPPORT; + goto out; + } + if (nam->sa_len != sizeof (*sin6)) { + error = EINVAL; + goto out; + } + /* + * Must disallow TCP ``connections'' to multicast addresses. + */ + if (IN6_IS_ADDR_MULTICAST(&sin6->sin6_addr)) { + error = EAFNOSUPPORT; goto out; } if (SOLISTENING(so)) { error = EINVAL; goto out; } - tp = intotcpcb(inp); #ifdef INET /* * XXXRW: Some confusion: V4/V6 flags relate to binding, and @@ -672,10 +698,12 @@ tcp_usr_disconnect(struct socket *so) KASSERT(inp != NULL, ("tcp_usr_disconnect: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = ECONNRESET; - goto out; + INP_WUNLOCK(inp); + NET_EPOCH_EXIT(et); + return (ECONNRESET); } tp = intotcpcb(inp); + if (tp->t_state == TCPS_TIME_WAIT) goto out; tcp_disconnect(tp); @@ -696,23 +724,24 @@ static int tcp_usr_accept(struct socket *so, struct sockaddr **nam) { int error = 0; - struct inpcb *inp = NULL; - struct tcpcb *tp = NULL; + struct inpcb *inp; + struct tcpcb *tp; struct in_addr addr; in_port_t port = 0; - if (so->so_state & SS_ISDISCONNECTED) - return (ECONNABORTED); - inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp_usr_accept: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = ECONNABORTED; - goto out; + INP_WUNLOCK(inp); + return (ECONNABORTED); } tp = intotcpcb(inp); + if (so->so_state & SS_ISDISCONNECTED) { + error = ECONNABORTED; + goto out; + } /* * We inline in_getpeeraddr and COMMON_END here, so that we can * copy the data of interest and defer the malloc until after we @@ -735,28 +764,30 @@ out: static int tcp6_usr_accept(struct socket *so, struct sockaddr **nam) { - struct inpcb *inp = NULL; + struct inpcb *inp; int error = 0; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct in_addr addr; struct in6_addr addr6; struct epoch_tracker et; in_port_t port = 0; int v4 = 0; - if (so->so_state & SS_ISDISCONNECTED) - return (ECONNABORTED); - inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp6_usr_accept: inp == NULL")); - NET_EPOCH_ENTER(et); + NET_EPOCH_ENTER(et); /* XXXMT Why is this needed? */ INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = ECONNABORTED; - goto out; + INP_WUNLOCK(inp); + NET_EPOCH_EXIT(et); + return (ECONNABORTED); } tp = intotcpcb(inp); + if (so->so_state & SS_ISDISCONNECTED) { + error = ECONNABORTED; + goto out; + } /* * We inline in6_mapped_peeraddr and COMMON_END here, so that we can * copy the data of interest and defer the malloc until after we @@ -794,7 +825,7 @@ tcp_usr_shutdown(struct socket *so) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct epoch_tracker et; inp = sotoinpcb(so); @@ -805,6 +836,7 @@ tcp_usr_shutdown(struct socket *so) return (ECONNRESET); } tp = intotcpcb(inp); + NET_EPOCH_ENTER(et); socantsendmore(so); tcp_usrclosed(tp); @@ -826,7 +858,7 @@ tcp_usr_rcvd(struct socket *so, int flags) { struct epoch_tracker et; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; int outrv = 0, error = 0; inp = sotoinpcb(so); @@ -837,6 +869,7 @@ tcp_usr_rcvd(struct socket *so, int flags) return (ECONNRESET); } tp = intotcpcb(inp); + NET_EPOCH_ENTER(et); /* * For passively-created TFO connections, don't attempt a window @@ -876,7 +909,7 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, struct epoch_tracker et; int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; #ifdef INET #ifdef INET6 struct sockaddr_in sin; @@ -891,15 +924,6 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, u_char vflagsav; bool restoreflags; - if (control != NULL) { - /* TCP doesn't do control messages (rights, creds, etc) */ - if (control->m_len) { - m_freem(control); - return (EINVAL); - } - m_freem(control); /* empty control, just free it */ - } - inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp_usr_send: inp == NULL")); INP_WLOCK(inp); @@ -909,13 +933,23 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf *m, INP_WUNLOCK(inp); return (ECONNRESET); } + tp = intotcpcb(inp); vflagsav = inp->inp_vflag; incflagsav = inp->inp_inc.inc_flags; restoreflags = false; - tp = intotcpcb(inp); NET_EPOCH_ENTER(et); + if (control != NULL) { + /* TCP doesn't do control messages (rights, creds, etc) */ + if (control->m_len > 0) { + m_freem(control); + error = EINVAL; + goto out; + } + m_freem(control); /* empty control, just free it */ + } + if ((flags & PRUS_OOB) != 0 && (error = tcp_pru_options_support(tp, PRUS_OOB)) != 0) goto out; @@ -1222,7 +1256,7 @@ static void tcp_usr_abort(struct socket *so) { struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct epoch_tracker et; inp = sotoinpcb(so); @@ -1260,7 +1294,7 @@ static void tcp_usr_close(struct socket *so) { struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; struct epoch_tracker et; inp = sotoinpcb(so); @@ -1318,16 +1352,17 @@ tcp_usr_rcvoob(struct socket *so, struct mbuf *m, int flags) { int error = 0; struct inpcb *inp; - struct tcpcb *tp = NULL; + struct tcpcb *tp; inp = sotoinpcb(so); KASSERT(inp != NULL, ("tcp_usr_rcvoob: inp == NULL")); INP_WLOCK(inp); if (inp->inp_flags & INP_DROPPED) { - error = ECONNRESET; - goto out; + INP_WUNLOCK(inp); + return (ECONNRESET); } tp = intotcpcb(inp); + error = tcp_pru_options_support(tp, PRUS_OOB); if (error) { goto out;