summaryrefslogtreecommitdiff
path: root/sys/netinet/tcp_input.c
Commit message (Collapse)AuthorAgeFilesLines
* Greatly simplify the unlocking logic by holding the TCP protocol lock untilJeffrey Hsu2003-03-131-8/+2
| | | | | | | | | after FIN_WAIT_2 processing. Helped with debugging: Doug Barton Notes: svn path=/head/; revision=112191
* Add support for RFC 3390, which allows for a variable-sizedJeffrey Hsu2003-03-131-2/+9
| | | | | | | initial congestion window. Notes: svn path=/head/; revision=112171
* Implement the Limited Transmit algorithm (RFC 3042).Jeffrey Hsu2003-03-121-0/+14
| | | | Notes: svn path=/head/; revision=112162
* Remove a panic(); if the zone allocator can't provide more timewaitJonathan Lemon2003-03-081-4/+3
| | | | | | | | | | structures, reuse the oldest one. Also move the expiry timer from a per-structure callout to the tcp slow timer. Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=112009
* In timewait state, if the incoming segment is a pure in-sequence ackJonathan Lemon2003-02-261-2/+4
| | | | | | | | | | | | that matches snd_max, then do not respond with an ack, just drop the segment. This fixes a problem where a simultaneous close results in an ack loop between two time-wait states. Test case supplied by: Tim Robbins <tjr@FreeBSD.ORG> Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=111560
* The TCP protocol lock may still be held if the reassembly queue dropped FIN.Jonathan Lemon2003-02-261-1/+2
| | | | | | | | | Detect this case and drop the lock accordingly. Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=111549
* tcp_twstart() need to be called with the TCP protocol lock held to avoidJeffrey Hsu2003-02-241-6/+8
| | | | | | | a race condition with the TCP timer routines. Notes: svn path=/head/; revision=111389
* Pass the right function to callout_reset() for a compressedJeffrey Hsu2003-02-241-1/+1
| | | | | | | TIME-WAIT control block. Notes: svn path=/head/; revision=111386
* Yesterday just wasn't my day. Remove testing delta that crept into the diff.Jonathan Lemon2003-02-231-1/+1
| | | | | | | Pointy hat provided by: sam Notes: svn path=/head/; revision=111319
* Check to see if the TF_DELACK flag is set before returning fromJonathan Lemon2003-02-221-8/+7
| | | | | | | | | | | tcp_input(). This unbreaks delack handling, while still preserving correct T/TCP behavior Tested by: maxim Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=111266
* Add a TCP TIMEWAIT state which uses less space than a fullblown TCPJonathan Lemon2003-02-191-30/+186
| | | | | | | | | | | control block. Allow the socket and tcpcb structures to be freed earlier than inpcb. Update code to understand an inp w/o a socket. Reviewed by: hsu, silby, jayanth Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=111145
* Correct comments.Jonathan Lemon2003-02-191-7/+4
| | | | Notes: svn path=/head/; revision=111140
* Clean up delayed acks and T/TCP interactions:Jonathan Lemon2003-02-191-28/+27
| | | | | | | | | | | - delay acks for T/TCP regardless of delack setting - fix bug where a single pass through tcp_input might not delay acks - use callout_active() instead of callout_pending() Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=111139
* The protocol lock is always held in the dropafterack case, so we don'tJeffrey Hsu2003-02-131-2/+2
| | | | | | | need to check for it at runtime. Notes: svn path=/head/; revision=110830
* Add the TCP flags to the log message whenever log_in_vain is 1, notCrist J. Clark2003-02-021-8/+3
| | | | | | | | | | just when set to 2. PR: kern/43348 MFC after: 5 days Notes: svn path=/head/; revision=110251
* Fix NewReno.Jeffrey Hsu2003-01-131-41/+44
| | | | | | | Reviewed by: Tom Henderson <thomas.r.henderson@boeing.com> Notes: svn path=/head/; revision=109175
* Remove the PAWS ack-on-ack debugging printf().Matthew Dillon2002-12-301-5/+2
| | | | | | | | | | | | | Note that the original RFC 1323 (PAWS) says in 4.2.1 that the out of order / reverse-time-indexed packet should be acknowledged as specified in RFC-793 page 69 then dropped. The original PAWS code in FreeBSD (1994) simply acknowledged the segment unconditionally, which is incorrect, and was fixed in 1.183 (2002). At the moment we do not do checks for SYN or FIN in addition to (tlen != 0), which may or may not be correct, but the worst that ought to happen should be a retry by the sender. Notes: svn path=/head/; revision=108464
* Unravel a nested conditional.Jeffrey Hsu2002-12-201-21/+12
| | | | | | | Remove an unneeded local variable. Notes: svn path=/head/; revision=108123
* Fix syntax in last commit.Matthew Dillon2002-12-171-3/+3
| | | | Notes: svn path=/head/; revision=107961
* Bruce forwarded this tidbit from an analysis Van Jacobson did on anMatthew Dillon2002-12-141-1/+6
| | | | | | | | | | | | | apparent ack-on-ack problem with FreeBSD. Prof. Jacobson noticed a case in our TCP stack which would acknowledge a received ack-only packet, which is not legal in TCP. Submitted by: Van Jacobson <van@packetdesign.com>, bmah@packetdesign.com (Bruce A. Mah) MFC after: 7 days Notes: svn path=/head/; revision=107854
* a better solution to building FAST_IPSEC w/o INET6Sam Leffler2002-11-101-4/+0
| | | | | | | Submitted by: Jeffrey Hsu <hsu@FreeBSD.org> Notes: svn path=/head/; revision=106736
* fixup FAST_IPSEC build w/o INET6Sam Leffler2002-11-081-1/+4
| | | | Notes: svn path=/head/; revision=106679
* - Consistently update snd_wl1, snd_wl2, and rcv_up in the headerJeff Roberson2002-10-311-1/+15
| | | | | | | | | | | | | | prediction code. Previously, 2GB worth of header predicted data could leave these variables too far out of sequence which would cause problems after receiving a packet that did not match the header prediction. Submitted by: Bill Baumann <bbaumann@isilon.com> Sponsored by: Isilon Systems, Inc. Reviewed by: hsu, pete@isilon.com, neal@isilon.com, aaronp@isilon.com Notes: svn path=/head/; revision=106271
* Don't need to check if SO_OOBINLINE is defined.Jeffrey Hsu2002-10-301-13/+8
| | | | | | | | Don't need to protect isipv6 conditional with INET6. Fix leading indentation in 2 lines. Notes: svn path=/head/; revision=106198
* Tie new "Fast IPsec" code into the build. This involves the usualSam Leffler2002-10-161-0/+19
| | | | | | | | | | | | | | | configuration stuff as well as conditional code in the IPv4 and IPv6 areas. Everything is conditional on FAST_IPSEC which is mutually exclusive with IPSEC (KAME IPsec implmentation). As noted previously, don't use FAST_IPSEC with INET6 at the moment. Reviewed by: KAME, rwatson Approved by: silence Supported by: Vernier Networks Notes: svn path=/head/; revision=105199
* Replace aux mbufs with packet tags:Sam Leffler2002-10-161-1/+1
| | | | | | | | | | | | | | | | | | | | | | o instead of a list of mbufs use a list of m_tag structures a la openbsd o for netgraph et. al. extend the stock openbsd m_tag to include a 32-bit ABI/module number cookie o for openbsd compatibility define a well-known cookie MTAG_ABI_COMPAT and use this in defining openbsd-compatible m_tag_find and m_tag_get routines o rewrite KAME use of aux mbufs in terms of packet tags o eliminate the most heavily used aux mbufs by adding an additional struct inpcb parameter to ip_output and ip6_output to allow the IPsec code to locate the security policy to apply to outbound packets o bump __FreeBSD_version so code can be conditionalized o fixup ipfilter's call to ip_output based on __FreeBSD_version Reviewed by: julian, luigi (silent), -arch, -net, darren Approved by: julian, silence from everyone else Obtained from: openbsd (mostly) MFC after: 1 month Notes: svn path=/head/; revision=105194
* Guido found another bug. There is a situation withMatthew Dillon2002-09-301-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | timestamped TCP packets where FreeBSD will send DATA+FIN and A W2K box will ack just the DATA portion. If this occurs after FreeBSD has done a (NewReno) fast-retransmit and is recovering it (dupacks > threshold) it triggers a case in tcp_newreno_partial_ack() (tcp_newreno() in stable) where tcp_output() is called with the expectation that the retransmit timer will be reloaded. But tcp_output() falls through and returns without doing anything, causing the persist timer to be loaded instead. This causes the connection to hang until W2K gives up. This occurs because in the case where only the FIN must be acked, the 'len' calculation in tcp_output() will be 0, a lot of checks will be skipped, and the FIN check will also be skipped because it is designed to handle FIN retransmits, not forced transmits from tcp_newreno(). The solution is to simply set TF_ACKNOW before calling tcp_output() to absolute guarentee that it will run the send code and reset the retransmit timer. TF_ACKNOW is already used for this purpose in other cases. For some unknown reason this patch also seems to greatly reduce the number of duplicate acks received when Guido runs his tests over a lossy network. It is quite possible that there are other tcp_newreno{_partial_ack()} cases which were not generating the expected output which this patch also fixes. X-MFC after: Will be MFC'd after the freeze is over Notes: svn path=/head/; revision=104226
* Fix issue where shutdown(socket, SHUT_RD) was effectivelyMike Silbersack2002-09-221-3/+10
| | | | | | | | | | | ignored for TCP sockets. NetBSD PR: 18185 Submitted by: Sean Boudreau <seanb@qnx.com> MFC after: 3 days Notes: svn path=/head/; revision=103776
* Guido reported an interesting bug where an FTP connection between aMatthew Dillon2002-09-171-5/+23
| | | | | | | | | | | | | | | | | | | | | | Windows 2000 box and a FreeBSD box could stall. The problem turned out to be a timestamp reply bug in the W2K TCP stack. FreeBSD sends a timestamp with the SYN, W2K returns a timestamp of 0 in the SYN+ACK causing FreeBSD to calculate an insane SRTT and RTT, resulting in a maximal retransmit timeout (60 seconds). If there is any packet loss on the connection for the first six or so packets the retransmit case may be hit (the window will still be too small for fast-retransmit), causing a 60+ second pause. The W2K box gives up and closes the connection. This commit works around the W2K bug. 15:04:59.374588 FREEBSD.20 > W2K.1036: S 1420807004:1420807004(0) win 65535 <mss 1460,nop,wscale 2,nop,nop,timestamp 188297344 0> (DF) [tos 0x8] 15:04:59.377558 W2K.1036 > FREEBSD.20: S 4134611565:4134611565(0) ack 1420807005 win 17520 <mss 1460,nop,wscale 0,nop,nop,timestamp 0 0> (DF) Bug reported by: Guido van Rooij <guido@gvr.org> Notes: svn path=/head/; revision=103505
* Replace various spelling with FALLTHROUGH which is lint()ablePhilippe Charnier2002-08-251-1/+1
| | | | Notes: svn path=/head/; revision=102412
* Enclose IPv6 addresses in brackets when they are displayed printable with aJuli Mallett2002-08-191-3/+7
| | | | | | | | | | | TCP/UDP port seperated by a colon. This is for the log_in_vain facility. Pointed out by: Edward J. M. Brocklesby Reviewed by: ume MFC after: 2 weeks Notes: svn path=/head/; revision=102131
* Implement TCP bandwidth delay product window limiting, similar to (butMatthew Dillon2002-08-171-0/+6
| | | | | | | | | | | | | | | not meant to duplicate) TCP/Vegas. Add four sysctls and default the implementation to 'off'. net.inet.tcp.inflight_enable enable algorithm (defaults to 0=off) net.inet.tcp.inflight_debug debugging (defaults to 1=on) net.inet.tcp.inflight_min minimum window limit net.inet.tcp.inflight_max maximum window limit MFC after: 1 week Notes: svn path=/head/; revision=102017
* Cosmetic-only changes for readability.Jeffrey Hsu2002-08-171-326/+278
| | | | | | | | Reviewed by: (early form passed by) bde Approved by: itojun (from core@kame.net) Notes: svn path=/head/; revision=102002
* Rename mac_check_socket_receive() to mac_check_socket_deliver() so thatRobert Watson2002-08-151-1/+1
| | | | | | | | | | | we can use the names _receive() and _send() for the receive() and send() checks. Rename related constants, policy implementations, etc. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101934
* Reset dupack count in header prediction.Jeffrey Hsu2002-08-151-0/+1
| | | | | | | | | Follow-on to rev 1.39. Reviewed by: jayanth, Thomas R Henderson <thomas.r.henderson@boeing.com>, silby, dillon Notes: svn path=/head/; revision=101928
* Introduce support for Mandatory Access Control and extensibleRobert Watson2002-07-311-0/+13
| | | | | | | | | | | | | | | | | | | | | kernel access control. Instrument the TCP socket code for packet generation and delivery: label outgoing mbufs with the label of the socket, and check socket and mbuf labels before permitting delivery to a socket. Assign labels to newly accepted connections when the syncache/cookie code has done its business. Also set peer labels as convenient. Currently, MAC policies cannot influence the PCB matching algorithm, so cannot implement polyinstantiation. Note that there is at least one case where a PCB is not available due to the TCP packet not being associated with any socket, so we don't label in that case, but need to handle it in a special manner. Obtained from: TrustedBSD Project Sponsored by: DARPA, NAI Labs Notes: svn path=/head/; revision=101106
* Don't shrink socket buffers in tcp_mss(), application might have alreadyRuslan Ermilov2002-07-221-2/+4
| | | | | | | | | | configured them with setsockopt(SO_*BUF), for RFC1323's scaled windows. PR: kern/11966 MFC after: 1 week Notes: svn path=/head/; revision=100534
* Add the tcps_sndrexmitbad statistic, keep track of late acks that causedMatthew Dillon2002-07-191-0/+1
| | | | | | | unnecessary retransmissions. Notes: svn path=/head/; revision=100373
* Avoid unlocking the inp twice if badport_bandlim() returns -1.Jeffrey Hsu2002-06-241-2/+4
| | | | | | | Reported by: jlemon Notes: svn path=/head/; revision=98781
* Style bug: fix 4 space indentations that should have been tabs.Jeffrey Hsu2002-06-241-5/+5
| | | | | | | Submitted by: jlemon Notes: svn path=/head/; revision=98769
* Move two global variables to automatic variables within theLuigi Rizzo2002-06-231-2/+3
| | | | | | | only function where they are used (they are used with TCPDEBUG only). Notes: svn path=/head/; revision=98703
* Remove (almost all) global variables that were used to holdLuigi Rizzo2002-06-221-9/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | packet forwarding state ("annotations") during ip processing. The code is considerably cleaner now. The variables removed by this change are: ip_divert_cookie used by divert sockets ip_fw_fwd_addr used for transparent ip redirection last_pkt used by dynamic pipes in dummynet Removal of the first two has been done by carrying the annotations into volatile structs prepended to the mbuf chains, and adding appropriate code to add/remove annotations in the routines which make use of them, i.e. ip_input(), ip_output(), tcp_input(), bdg_forward(), ether_demux(), ether_output_frame(), div_output(). On passing, remove a bug in divert handling of fragmented packet. Now it is the fragment at offset 0 which sets the divert status of the whole packet, whereas formerly it was the last incoming fragment to decide. Removal of last_pkt required a change in the interface of ip_fw_chk() and dummynet_io(). On passing, use the same mechanism for dummynet annotations and for divert/forward annotations. option IPFIREWALL_FORWARD is effectively useless, the code to implement it is very small and is now in by default to avoid the obfuscation of conditionally compiled code. NOTES: * there is at least one global variable left, sro_fwd, in ip_output(). I am not sure if/how this can be removed. * I have deliberately avoided gratuitous style changes in this commit to avoid cluttering the diffs. Minor stule cleanup will likely be necessary * this commit only focused on the IP layer. I am sure there is a number of global variables used in the TCP and maybe UDP stack. * despite the number of files touched, there are absolutely no API's or data structures changed by this commit (except the interfaces of ip_fw_chk() and dummynet_io(), which are internal anyways), so an MFC is quite safe and unintrusive (and desirable, given the improved readability of the code). MFC after: 10 days Notes: svn path=/head/; revision=98613
* Remove so*_locked(), which were backed out by mistake.Seigo Tanimura2002-06-181-1/+1
| | | | Notes: svn path=/head/; revision=98385
* Lock up inpcb.Jeffrey Hsu2002-06-101-4/+45
| | | | | | | Submitted by: Jennifer Yang <yangjihui@yahoo.com> Notes: svn path=/head/; revision=98102
* Back out my lats commit of locking down a socket, it conflicts with hsu's work.Seigo Tanimura2002-05-311-86/+16
| | | | | | | Requested by: hsu Notes: svn path=/head/; revision=97658
* Lock down a socket, milestone 1.Seigo Tanimura2002-05-201-16/+86
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | o Add a mutex (sb_mtx) to struct sockbuf. This protects the data in a socket buffer. The mutex in the receive buffer also protects the data in struct socket. o Determine the lock strategy for each members in struct socket. o Lock down the following members: - so_count - so_options - so_linger - so_state o Remove *_locked() socket APIs. Make the following socket APIs touching the members above now require a locked socket: - sodisconnect() - soisconnected() - soisconnecting() - soisdisconnected() - soisdisconnecting() - sofree() - soref() - sorele() - sorwakeup() - sotryfree() - sowakeup() - sowwakeup() Reviewed by: alfred Notes: svn path=/head/; revision=96972
* Redo the sigio locking.Alfred Perlstein2002-05-011-6/+0
| | | | | | | | | | | | | | Turn the sigio sx into a mutex. Sigio lock is really only needed to protect interrupts from dereferencing the sigio pointer in an object when the sigio itself is being destroyed. In order to do this in the most unintrusive manner change pgsigio's sigio * argument into a **, that way we can lock internally to the function. Notes: svn path=/head/; revision=95883
* Revert the change of #includes in sys/filedesc.h and sys/socketvar.h.Seigo Tanimura2002-04-301-6/+9
| | | | | | | | | | | | | Requested by: bde Since locking sigio_lock is usually followed by calling pgsigio(), move the declaration of sigio_lock and the definitions of SIGIO_*() to sys/signalvar.h. While I am here, sort include files alphabetically, where possible. Notes: svn path=/head/; revision=95759
* Add a global sx sigio_lock to protect the pointer to the sigio objectSeigo Tanimura2002-04-271-1/+5
| | | | | | | | | | | | | of a socket. This avoids lock order reversal caused by locking a process in pgsigio(). sowakeup() and the callers of it (sowwakeup, soisconnected, etc.) now require sigio_lock to be locked. Provide sowwakeup_locked(), soisconnected_locked(), and so on in case where we have to modify a socket and wake up a process atomically. Notes: svn path=/head/; revision=95552
* just merged cosmetic changes from KAME to ease sync between KAME and FreeBSD.SUZUKI Shinsuke2002-04-191-0/+2
| | | | | | | | | | (based on freebsd4-snap-20020128) Reviewed by: ume MFC after: 1 week Notes: svn path=/head/; revision=95023
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-23 01:08:41 +0000