1/*
2 * Copyright (c) 2012-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29#ifndef _NETINET_MPTCP_VAR_H_
30#define _NETINET_MPTCP_VAR_H_
31
32#ifdef PRIVATE
33#include <netinet/in.h>
34#include <netinet/tcp.h>
35#endif
36
37#ifdef BSD_KERNEL_PRIVATE
38#include <sys/queue.h>
39#include <sys/protosw.h>
40#include <kern/locks.h>
41#include <mach/boolean.h>
42#include <netinet/mp_pcb.h>
43#include <netinet/tcp_var.h>
44#include <os/log.h>
45
46struct mpt_itf_info {
47 uint32_t ifindex;
48 uint32_t has_v4_conn:1,
49 has_v6_conn:1,
50 has_nat64_conn:1,
51 no_mptcp_support:1;
52};
53
54/*
55 * MPTCP Session
56 *
57 * This is an extension to the multipath PCB specific for MPTCP, protected by
58 * the per-PCB mpp_lock (also the socket's lock);
59 */
60struct mptses {
61 struct mppcb *mpte_mppcb; /* back ptr to multipath PCB */
62 struct mptcb *mpte_mptcb; /* ptr to MPTCP PCB */
63 TAILQ_HEAD(, mptopt) mpte_sopts; /* list of socket options */
64 TAILQ_HEAD(, mptsub) mpte_subflows; /* list of subflows */
65#define MPTCP_MAX_NUM_SUBFLOWS 256
66 uint16_t mpte_numflows; /* # of subflows in list */
67 uint16_t mpte_nummpcapflows; /* # of MP_CAP subflows */
68 sae_associd_t mpte_associd; /* MPTCP association ID */
69 sae_connid_t mpte_connid_last; /* last used connection ID */
70
71 uint64_t mpte_time_target;
72 thread_call_t mpte_time_thread;
73 thread_call_t mpte_stop_urgency;
74
75 uint32_t mpte_last_cellicon_set;
76 uint32_t mpte_cellicon_increments;
77
78 union {
79 /* Source address of initial subflow */
80 struct sockaddr _mpte_src;
81 struct sockaddr_in _mpte_src_v4;
82 struct sockaddr_in6 _mpte_src_v6;
83 } mpte_u_src;
84#define mpte_src mpte_u_src._mpte_src
85#define __mpte_src_v4 mpte_u_src._mpte_src_v4
86#define __mpte_src_v6 mpte_u_src._mpte_src_v6
87 union {
88 /* Destination address of initial subflow */
89 struct sockaddr _mpte_dst;
90 struct sockaddr_in _mpte_dst_v4;
91 struct sockaddr_in6 _mpte_dst_v6;
92 } mpte_u_dst;
93#define mpte_dst mpte_u_dst._mpte_dst
94#define __mpte_dst_v4 mpte_u_dst._mpte_dst_v4
95#define __mpte_dst_v6 mpte_u_dst._mpte_dst_v6
96
97 struct sockaddr_in mpte_sub_dst_v4;
98 struct sockaddr_in6 mpte_sub_dst_v6;
99 uint8_t sub_dst_addr_id_v4;
100 uint8_t sub_dst_addr_id_v6;
101
102 uint16_t mpte_alternate_port; /* Alternate port for subflow establishment (network-byte-order) */
103
104 int mpte_epid;
105 uuid_t mpte_euuid;
106
107 struct mptsub *mpte_active_sub; /* ptr to last active subf */
108 uint16_t mpte_flags; /* per mptcp session flags */
109#define MPTE_SND_REM_ADDR 0x01 /* Send Remove_addr option */
110#define MPTE_SVCTYPE_CHECKED 0x02 /* Did entitlement-check for service-type */
111#define MPTE_FIRSTPARTY 0x04 /* First-party app used multipath_extended entitlement */
112#define MPTE_ACCESS_GRANTED 0x08 /* Access to cellular has been granted for this connection */
113#define MPTE_FORCE_ENABLE 0x10 /* For MPTCP regardless of heuristics to detect middleboxes */
114#define MPTE_IN_WORKLOOP 0x20 /* Are we currently inside the workloop ? */
115#define MPTE_WORKLOOP_RELAUNCH 0x40 /* Another event got queued, we should restart the workloop */
116#define MPTE_UNICAST_IP 0x80 /* New subflows are only being established towards the unicast IP in the ADD_ADDR */
117#define MPTE_CELL_PROHIBITED 0x100 /* Cell access has been prohibited based on signal quality */
118#define MPTE_FORCE_V0 0x200 /* Force MPTCP to use version 0 regradless of tcp cache */
119#define MPTE_FORCE_V1 0x400 /* Force MPTCP to use version 1 regradless of tcp cache */
120#define MPTE_ITFINFO_INIT 0x800 /* Set when the itfinfo has been initialized */
121 uint8_t mpte_svctype; /* MPTCP Service type */
122 uint8_t mpte_lost_aid; /* storing lost address id */
123 uint8_t mpte_addrid_last; /* storing address id parm */
124
125#define MPTE_ITFINFO_SIZE 4
126 uint32_t mpte_itfinfo_size;
127 struct mpt_itf_info _mpte_itfinfo[MPTE_ITFINFO_SIZE];
128 struct mpt_itf_info *mpte_itfinfo;
129
130 struct mbuf *mpte_reinjectq;
131
132 /* The below is used for stats */
133 uint32_t mpte_subflow_switches; /* Number of subflow-switches in sending */
134 uint32_t mpte_used_cell:1,
135 mpte_used_wifi:1,
136 mpte_initial_cell:1,
137 mpte_triggered_cell,
138 mpte_handshake_success:1,
139 mpte_last_added_addr_is_v4:1;
140
141 struct mptcp_itf_stats mpte_itfstats[MPTCP_ITFSTATS_SIZE];
142 uint64_t mpte_init_txbytes __attribute__((aligned(8)));
143 uint64_t mpte_init_rxbytes __attribute__((aligned(8)));
144};
145
146static inline struct socket *
147mptetoso(struct mptses *mpte)
148{
149 return mpte->mpte_mppcb->mpp_socket;
150}
151
152static inline struct mptses *
153mptompte(struct mppcb *mp)
154{
155 return (struct mptses *)mp->mpp_pcbe;
156}
157
158static inline struct mptses *
159mpsotompte(struct socket *so)
160{
161 return mptompte(mp: mpsotomppcb(mp_so: so));
162}
163
164static inline boolean_t
165mpp_try_lock(struct mppcb *mp)
166{
167 if (!lck_mtx_try_lock(lck: &mp->mpp_lock)) {
168 return false;
169 }
170
171 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
172 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
173 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
174
175 return true;
176}
177
178static inline void
179mpp_lock(struct mppcb *mp)
180{
181 lck_mtx_lock(lck: &mp->mpp_lock);
182 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
183 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
184 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
185}
186
187static inline void
188mpp_unlock(struct mppcb *mp)
189{
190 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
191 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
192 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
193 lck_mtx_unlock(lck: &mp->mpp_lock);
194}
195
196static inline lck_mtx_t *
197mpp_getlock(struct mppcb *mp, int flags)
198{
199 if (flags & PR_F_WILLUNLOCK) {
200 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
201 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
202 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
203 }
204
205 return &mp->mpp_lock;
206}
207
208static inline int
209mptcp_subflow_cwnd_space(struct socket *so)
210{
211 struct tcpcb *tp = sototcpcb(so);
212 int cwnd = (int)(MIN(tp->snd_wnd, tp->snd_cwnd) - (so->so_snd.sb_cc));
213
214 return MIN(cwnd, sbspace(&so->so_snd));
215}
216
217static inline bool
218mptcp_subflows_need_backup_flag(struct mptses *mpte)
219{
220 return mpte->mpte_svctype < MPTCP_SVCTYPE_AGGREGATE ||
221 mpte->mpte_svctype == MPTCP_SVCTYPE_PURE_HANDOVER;
222}
223
224/*
225 * MPTCP socket options
226 */
227struct mptopt {
228 TAILQ_ENTRY(mptopt) mpo_entry; /* glue to other options */
229 uint32_t mpo_flags; /* see flags below */
230 int mpo_level; /* sopt_level */
231 int mpo_name; /* sopt_name */
232 int mpo_intval; /* sopt_val */
233};
234
235#define MPOF_ATTACHED 0x1 /* attached to MP socket */
236#define MPOF_SUBFLOW_OK 0x2 /* can be issued on subflow socket */
237#define MPOF_INTERIM 0x4 /* has not been issued on any subflow */
238
239/*
240 * MPTCP subflow
241 */
242struct mptsub {
243 TAILQ_ENTRY(mptsub) mpts_entry; /* glue to peer subflows */
244 uint32_t mpts_refcnt; /* reference count */
245 uint32_t mpts_flags; /* see flags below */
246 uint32_t mpts_evctl; /* subflow control events */
247 sae_connid_t mpts_connid; /* subflow connection ID */
248 int mpts_oldintval; /* sopt_val before sosetopt */
249 struct mptses *mpts_mpte; /* back ptr to MPTCP session */
250 struct socket *mpts_socket; /* subflow socket */
251 struct sockaddr *mpts_src; /* source address */
252
253 union {
254 /* destination address */
255 struct sockaddr _mpts_dst;
256 struct sockaddr_in _mpts_dst_v4;
257 struct sockaddr_in6 _mpts_dst_v6;
258 } mpts_u_dst;
259#define mpts_dst mpts_u_dst._mpts_dst
260#define __mpts_dst_v4 mpts_u_dst._mpts_dst_v4
261#define __mpts_dst_v6 mpts_u_dst._mpts_dst_v6
262 u_int32_t mpts_rel_seq; /* running count of subflow # */
263 u_int32_t mpts_iss; /* Initial sequence number, taking TFO into account */
264 u_int32_t mpts_ifscope; /* scoped to the interface */
265 uint32_t mpts_probesoon; /* send probe after probeto */
266 uint32_t mpts_probecnt; /* number of probes sent */
267 uint32_t mpts_maxseg; /* cached value of t_maxseg */
268};
269
270/*
271 * Valid values for mpts_flags. In particular:
272 *
273 * - MP_CAPABLE means that the connection is successfully established as
274 * MPTCP and data transfer may occur, but is not yet ready for multipath-
275 * related semantics until MP_READY. I.e. if this is on the first subflow,
276 * it causes the MPTCP socket to transition to a connected state, except
277 * that additional subflows will not be established; they will be marked
278 * with PENDING and will be processed when the first subflow is marked
279 * with MP_READY.
280 *
281 * - MP_READY implies that an MP_CAPABLE connection has been confirmed as
282 * an MPTCP connection. See notes above.
283 *
284 * - MP_DEGRADED implies that the connection has lost its MPTCP capabilities
285 * but data transfer on the MPTCP socket is unaffected. Any existing
286 * PENDING subflows will be disconnected, and further attempts to connect
287 * additional subflows will be rejected.
288 *
289 * Note that these are per-subflow flags. The setting and clearing of MP_READY
290 * reflects the state of the MPTCP connection with regards to its multipath
291 * semantics, via the MPTCPF_JOIN_READY flag. Until that flag is set (meaning
292 * until at least a subflow is marked with MP_READY), further connectx(2)
293 * attempts to join will be queued. When the flag is cleared (after it has
294 * been set), further connectx(2) will fail (and existing queued ones will be
295 * aborted) and the MPTCP connection loses all of its multipath semantics.
296 *
297 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
298 */
299#define MPTSF_CONNECTING 0x00000002 /* connection was attempted */
300#define MPTSF_CONNECT_PENDING 0x00000004 /* will connect when MPTCP is ready */
301#define MPTSF_CONNECTED 0x00000008 /* connection is established */
302#define MPTSF_DISCONNECTING 0x00000010 /* disconnection was attempted */
303#define MPTSF_DISCONNECTED 0x00000020 /* has been disconnected */
304#define MPTSF_MP_CAPABLE 0x00000040 /* connected as a MPTCP subflow */
305#define MPTSF_MP_READY 0x00000080 /* MPTCP has been confirmed */
306#define MPTSF_MP_DEGRADED 0x00000100 /* has lost its MPTCP capabilities */
307#define MPTSF_PREFERRED 0x00000200 /* primary/preferred subflow */
308#define MPTSF_SOPT_OLDVAL 0x00000400 /* old option value is valid */
309#define MPTSF_SOPT_INPROG 0x00000800 /* sosetopt in progress */
310#define MPTSF_FAILINGOVER 0x00001000 /* subflow not used for output */
311#define MPTSF_ACTIVE 0x00002000 /* subflow currently in use */
312#define MPTSF_MPCAP_CTRSET 0x00004000 /* mpcap counter */
313#define MPTSF_CLOSED 0x00008000 /* soclose_locked has been called on this subflow */
314#define MPTSF_TFO_REQD 0x00010000 /* TFO requested */
315#define MPTSF_CLOSE_REQD 0x00020000 /* A close has been requested from NECP */
316#define MPTSF_INITIAL_SUB 0x00040000 /* This is the initial subflow */
317#define MPTSF_READ_STALL 0x00080000 /* A read-stall has been detected */
318#define MPTSF_WRITE_STALL 0x00100000 /* A write-stall has been detected */
319#define MPTSF_FULLY_ESTABLISHED 0x00200000 /* Subflow is fully established and it has been confirmed
320 * whether or not it supports MPTCP.
321 * No need for further middlebox-detection.
322 */
323#define MPTSF_CELLICON_SET 0x00400000 /* This subflow set the cellicon */
324
325/*
326 * MPTCP states
327 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d
328 */
329typedef enum mptcp_state {
330 MPTCPS_CLOSED = 0, /* closed */
331 MPTCPS_LISTEN = 1, /* not yet implemented */
332 MPTCPS_ESTABLISHED = 2, /* MPTCP connection established */
333 MPTCPS_CLOSE_WAIT = 3, /* rcvd DFIN, waiting for close */
334 MPTCPS_FIN_WAIT_1 = 4, /* have closed, sent DFIN */
335 MPTCPS_CLOSING = 5, /* closed xchd DFIN, waiting DFIN ACK */
336 MPTCPS_LAST_ACK = 6, /* had DFIN and close; await DFIN ACK */
337 MPTCPS_FIN_WAIT_2 = 7, /* have closed, DFIN is acked */
338 MPTCPS_TIME_WAIT = 8, /* in 2*MSL quiet wait after close */
339 MPTCPS_TERMINATE = 9, /* terminal state */
340} mptcp_state_t;
341
342/*
343 * WiFi Quality states from MPTCP's perspective
344 */
345typedef enum mptcp_wifi_quality {
346 MPTCP_WIFI_QUALITY_GOOD,
347 MPTCP_WIFI_QUALITY_BAD,
348 MPTCP_WIFI_QUALITY_UNSURE,
349} mptcp_wifi_quality_t;
350
351typedef u_int64_t mptcp_key_t;
352typedef u_int32_t mptcp_token_t;
353typedef u_int8_t mptcp_addr_id;
354
355
356/* Address ID list */
357struct mptcp_subf_auth_entry {
358 LIST_ENTRY(mptcp_subf_auth_entry) msae_next;
359 u_int32_t msae_laddr_rand; /* Local nonce */
360 u_int32_t msae_raddr_rand; /* Remote nonce */
361 mptcp_addr_id msae_laddr_id; /* Local addr ID */
362 mptcp_addr_id msae_raddr_id; /* Remote addr ID */
363};
364
365/*
366 * MPTCP Protocol Control Block
367 *
368 * Protected by per-MPTCP mpt_lock.
369 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
370 */
371struct mptcb {
372 struct mptses *mpt_mpte; /* back ptr to MPTCP session */
373 mptcp_state_t mpt_state; /* MPTCP state */
374 uint32_t mpt_flags; /* see flags below */
375 uint8_t mpt_version; /* MPTCP proto version */
376 u_short mpt_softerror; /* error not yet reported */
377 /*
378 * Authentication and metadata invariants
379 */
380 mptcp_key_t mpt_localkey; /* in network byte order */
381 mptcp_key_t mpt_remotekey; /* in network byte order */
382 mptcp_token_t mpt_localtoken; /* HMAC SHA1 of local key */
383 mptcp_token_t mpt_remotetoken; /* HMAC SHA1 of remote key */
384
385 /*
386 * Timer vars for scenarios where subflow level acks arrive, but
387 * Data ACKs do not.
388 */
389 int mpt_rxtshift; /* num of consecutive retrans */
390 uint64_t mpt_rxtstart; /* time at which rxt started */
391 uint64_t mpt_rtseq; /* seq # being tracked */
392 uint64_t mpt_timewait; /* timewait */
393 uint32_t mpt_timer_vals; /* timer related values */
394 /*
395 * Sending side
396 */
397 uint64_t mpt_snduna; /* DSN of last unacked byte */
398 uint64_t mpt_sndnxt; /* DSN of next byte to send */
399 uint64_t mpt_sndmax; /* DSN of max byte sent */
400 uint64_t mpt_local_idsn; /* First byte's DSN */
401 uint32_t mpt_sndwnd;
402 uint64_t mpt_sndwl1;
403 uint64_t mpt_sndwl2;
404 /*
405 * Receiving side
406 */
407 uint64_t mpt_rcvnxt; /* Next expected DSN */
408 uint64_t mpt_remote_idsn; /* Peer's IDSN */
409 uint64_t mpt_rcvadv;
410 uint32_t mpt_rcvwnd;
411 LIST_HEAD(, mptcp_subf_auth_entry) mpt_subauth_list; /* address IDs */
412 /*
413 * Fastclose
414 */
415 uint64_t mpt_dsn_at_csum_fail; /* MPFail Opt DSN */
416 uint32_t mpt_ssn_at_csum_fail; /* MPFail Subflow Seq */
417 /*
418 * Zombie handling
419 */
420#define MPT_GC_TICKS (30)
421#define MPT_GC_TICKS_FAST (10)
422 int32_t mpt_gc_ticks; /* Used for zombie deletion */
423
424 uint32_t mpt_notsent_lowat; /* TCP_NOTSENT_LOWAT support */
425
426 struct tsegqe_head mpt_segq;
427 uint32_t mpt_reassqlen; /* length of reassembly queue */
428};
429
430/* valid values for mpt_flags (see also notes on mpts_flags above) */
431#define MPTCPF_CHECKSUM 0x001 /* checksum DSS option */
432#define MPTCPF_FALLBACK_TO_TCP 0x002 /* Fallback to TCP */
433#define MPTCPF_JOIN_READY 0x004 /* Ready to start 2 or more subflows */
434#define MPTCPF_RECVD_MPFAIL 0x008 /* Received MP_FAIL option */
435#define MPTCPF_SND_64BITDSN 0x010 /* Send full 64-bit DSN */
436#define MPTCPF_SND_64BITACK 0x020 /* Send 64-bit ACK response */
437#define MPTCPF_RCVD_64BITACK 0x040 /* Received 64-bit Data ACK */
438#define MPTCPF_POST_FALLBACK_SYNC 0x080 /* Post fallback resend data */
439#define MPTCPF_FALLBACK_HEURISTIC 0x100 /* Send SYN without MP_CAPABLE due to heuristic */
440#define MPTCPF_HEURISTIC_TRAC 0x200 /* Tracked this connection in the heuristics as a failure */
441#define MPTCPF_REASS_INPROG 0x400 /* Reassembly is in progress */
442
443/* valid values for mpt_timer_vals */
444#define MPTT_REXMT 0x01 /* Starting Retransmit Timer */
445#define MPTT_TW 0x02 /* Starting Timewait Timer */
446#define MPTT_FASTCLOSE 0x04 /* Starting Fastclose wait timer */
447
448/* events for close FSM */
449#define MPCE_CLOSE 0x1
450#define MPCE_RECV_DATA_ACK 0x2
451#define MPCE_RECV_DATA_FIN 0x4
452
453/* mptcb manipulation */
454static inline struct mptcb *
455tptomptp(struct tcpcb *tp)
456{
457 return tp->t_mptcb;
458}
459
460/*
461 * MPTCP control block and state structures are allocated along with
462 * the MP protocol control block; the folllowing represents the layout.
463 */
464struct mpp_mtp {
465 struct mppcb mpp; /* Multipath PCB */
466 struct mptses mpp_ses; /* MPTCP session */
467 struct mptcb mtcb; /* MPTCP PCB */
468};
469
470#ifdef SYSCTL_DECL
471SYSCTL_DECL(_net_inet_mptcp);
472#endif /* SYSCTL_DECL */
473
474extern struct mppcbinfo mtcbinfo;
475extern struct pr_usrreqs mptcp_usrreqs;
476extern os_log_t mptcp_log_handle;
477
478/* Encryption algorithm related definitions */
479#define HMAC_TRUNCATED_SYNACK 8
480#define HMAC_TRUNCATED_ACK 20
481#define HMAC_TRUNCATED_ADD_ADDR 8
482
483/* Mask to obtain 32-bit portion of data sequence number */
484#define MPTCP_DATASEQ_LOW32_MASK (0xffffffff)
485#define MPTCP_DATASEQ_LOW32(seq) (seq & MPTCP_DATASEQ_LOW32_MASK)
486
487/* Mask to obtain upper 32-bit portion of data sequence number */
488#define MPTCP_DATASEQ_HIGH32_MASK (0xffffffff00000000)
489#define MPTCP_DATASEQ_HIGH32(seq) (seq & MPTCP_DATASEQ_HIGH32_MASK)
490
491/* Mask to obtain 32-bit portion of data ack */
492#define MPTCP_DATAACK_LOW32_MASK (0xffffffff)
493#define MPTCP_DATAACK_LOW32(ack) (ack & MPTCP_DATAACK_LOW32_MASK)
494
495/*
496 * x is the 64-bit data sequence number, y the 32-bit data seq number to be
497 * extended. z is y extended to the appropriate 64-bit value.
498 * This algorithm is based on the fact that subflow level window sizes are
499 * at the maximum 2**30 (in reality, they are a lot lesser). A high throughput
500 * application sending on a large number of subflows can in theory have very
501 * large MPTCP level send and receive windows. In which case, 64 bit DSNs
502 * must be sent in place of 32 bit DSNs on wire. For us, with 2 subflows at
503 * 512K each, sequence wraparound detection can be done by checking whether
504 * the 32-bit value obtained on wire is 2**31 bytes apart from the stored
505 * lower 32-bits of the Data Sequence Number. Bogus DSNs are dropped by
506 * comparing against rwnd. Bogus DSNs within rwnd cannot be protected against
507 * and are as weak as bogus TCP sequence numbers.
508 */
509#define MPTCP_EXTEND_DSN(x, y, z) { \
510 if ((MPTCP_DATASEQ_LOW32(x) > y) && \
511 ((((u_int32_t)MPTCP_DATASEQ_LOW32(x)) - (u_int32_t)y) >= \
512 (u_int32_t)(1U << 31))) { \
513 /* \
514 * y wrapped around and x and y are 2**31 bytes apart \
515 */ \
516 z = MPTCP_DATASEQ_HIGH32(x) + 0x100000000; \
517 z |= y; \
518 } else if ((MPTCP_DATASEQ_LOW32(x) < y) && \
519 (((u_int32_t)y - \
520 ((u_int32_t)MPTCP_DATASEQ_LOW32(x))) >= \
521 (u_int32_t)(1U << 31))) { \
522 /* \
523 * x wrapped around and x and y are 2**31 apart \
524 */ \
525 z = MPTCP_DATASEQ_HIGH32(x) - 0x100000000; \
526 z |= y; \
527 } else { \
528 z = MPTCP_DATASEQ_HIGH32(x) | y; \
529 } \
530}
531
532extern int mptcp_enable; /* Multipath TCP */
533extern int mptcp_mpcap_retries; /* Multipath TCP retries */
534extern int mptcp_join_retries; /* Multipath TCP Join retries */
535extern int mptcp_dss_csum; /* Multipath DSS Option checksum */
536extern int mptcp_fail_thresh; /* Multipath failover thresh of retransmits */
537extern int mptcp_subflow_keeptime; /* Multipath subflow TCP_KEEPALIVE opt */
538extern int mptcp_developer_mode; /* Allow aggregation mode */
539extern uint32_t mptcp_cellicon_refcount;
540extern uint32_t mptcp_enable_v1;
541
542#define MPTCP_CELLICON_TOGGLE_RATE (5 * TCP_RETRANSHZ) /* Only toggle every 5 seconds */
543
544extern int tcp_jack_rxmt; /* Join ACK retransmission value in msecs */
545
546extern int mptcp_reass_total_qlen;
547
548__BEGIN_DECLS
549extern void mptcp_init(struct protosw *, struct domain *);
550extern int mptcp_ctloutput(struct socket *, struct sockopt *);
551extern int mptcp_session_create(struct mppcb *);
552extern boolean_t mptcp_ok_to_create_subflows(struct mptcb *mp_tp);
553extern void mptcp_check_subflows_and_add(struct mptses *mpte);
554extern void mptcp_check_subflows_and_remove(struct mptses *mpte);
555extern void mptcpstats_inc_switch(struct mptses *mpte, const struct mptsub *mpts);
556extern void mptcpstats_update(struct mptcp_itf_stats *stats, const struct mptsub *mpts);
557extern int mptcpstats_get_index_by_ifindex(struct mptcp_itf_stats *stats, u_short ifindex, boolean_t create);
558extern struct mptses *mptcp_drop(struct mptses *mpte, struct mptcb *mp_tp, u_short errno);
559extern struct mptses *mptcp_close(struct mptses *, struct mptcb *);
560extern int mptcp_lock(struct socket *, int, void *);
561extern int mptcp_unlock(struct socket *, int, void *);
562extern lck_mtx_t *mptcp_getlock(struct socket *, int);
563extern void mptcp_subflow_workloop(struct mptses *);
564
565extern void mptcp_sched_create_subflows(struct mptses *);
566
567extern void mptcp_finish_usrclosed(struct mptses *mpte);
568extern struct mptopt *mptcp_sopt_alloc(zalloc_flags_t);
569extern const char *mptcp_sopt2str(int, int);
570extern void mptcp_sopt_free(struct mptopt *);
571extern void mptcp_sopt_insert(struct mptses *, struct mptopt *);
572extern void mptcp_sopt_remove(struct mptses *, struct mptopt *);
573extern struct mptopt *mptcp_sopt_find(struct mptses *, struct sockopt *);
574
575extern int mptcp_subflow_add(struct mptses *, struct sockaddr *,
576 struct sockaddr *, uint32_t, sae_connid_t *);
577extern void mptcp_subflow_del(struct mptses *, struct mptsub *);
578
579extern void mptcp_handle_input(struct socket *so);
580#define MPTCP_SUBOUT_PROBING 0x01
581extern int mptcp_subflow_output(struct mptses *mpte, struct mptsub *mpts, int flags);
582extern void mptcp_clean_reinjectq(struct mptses *mpte);
583extern void mptcp_subflow_shutdown(struct mptses *, struct mptsub *);
584extern void mptcp_subflow_disconnect(struct mptses *, struct mptsub *);
585extern int mptcp_subflow_sosetopt(struct mptses *, struct mptsub *,
586 struct mptopt *);
587extern int mptcp_subflow_sogetopt(struct mptses *, struct socket *,
588 struct mptopt *);
589
590extern void mptcp_input(struct mptses *, struct mbuf *);
591extern boolean_t mptcp_can_send_more(struct mptcb *mp_tp, boolean_t ignore_reinject);
592extern int mptcp_output(struct mptses *);
593extern void mptcp_close_fsm(struct mptcb *, uint32_t);
594
595extern void mptcp_hmac_sha1(mptcp_key_t, mptcp_key_t, u_int32_t, u_int32_t,
596 u_char*);
597extern void mptcp_hmac_sha256(mptcp_key_t, mptcp_key_t, u_char*, uint16_t,
598 u_char*);
599extern void mptcp_get_mpjoin_hmac(mptcp_addr_id, struct mptcb *, u_char *, uint8_t);
600extern void mptcp_get_rands(mptcp_addr_id, struct mptcb *, u_int32_t *,
601 u_int32_t *);
602extern void mptcp_set_raddr_rand(mptcp_addr_id, struct mptcb *, mptcp_addr_id,
603 u_int32_t);
604extern int mptcp_init_remote_parms(struct mptcb *);
605extern boolean_t mptcp_ok_to_keepalive(struct mptcb *);
606extern void mptcp_insert_dsn(struct mppcb *, struct mbuf *);
607extern void mptcp_output_getm_dsnmap32(struct socket *so, int off,
608 uint32_t *dsn, uint32_t *relseq,
609 uint16_t *data_len, uint16_t *dss_csum);
610extern void mptcp_output_getm_dsnmap64(struct socket *so, int off,
611 uint64_t *dsn, uint32_t *relseq,
612 uint16_t *data_len, uint16_t *dss_csum);
613extern void mptcp_output_getm_data_level_details(struct socket *so, int off,
614 uint16_t *data_len, uint16_t *dss_csum);
615extern void mptcp_act_on_txfail(struct socket *);
616extern struct mptsub *mptcp_get_subflow(struct mptses *mpte, struct mptsub **preferred);
617extern int mptcp_get_map_for_dsn(struct socket *so, uint64_t dsn_fail, uint32_t *tcp_seq);
618extern int32_t mptcp_adj_sendlen(struct socket *so, int32_t off);
619extern void mptcp_sbrcv_grow(struct mptcb *mp_tp);
620extern int32_t mptcp_sbspace(struct mptcb *);
621extern void mptcp_notify_mpready(struct socket *);
622extern void mptcp_notify_mpfail(struct socket *);
623extern void mptcp_notify_close(struct socket *);
624extern boolean_t mptcp_no_rto_spike(struct socket*);
625extern int mptcp_set_notsent_lowat(struct mptses *mpte, int optval);
626extern u_int32_t mptcp_get_notsent_lowat(struct mptses *mpte);
627extern int mptcp_notsent_lowat_check(struct socket *so);
628extern void mptcp_ask_symptoms(struct mptses *mpte);
629extern void mptcp_control_register(void);
630extern mptcp_wifi_quality_t mptcp_wifi_quality_for_session(struct mptses *mpte);
631extern boolean_t symptoms_is_wifi_lossy(void);
632extern void mptcp_session_necp_cb(void *, int, uint32_t, uint32_t, bool *);
633extern struct sockaddr *mptcp_get_session_dst(struct mptses *mpte,
634 boolean_t has_v6, boolean_t has_v4);
635extern void mptcp_set_restrictions(struct socket *mp_so);
636extern void mptcp_clear_cellicon(void);
637extern void mptcp_unset_cellicon(struct mptses *mpte, struct mptsub *mpts, uint32_t val);
638extern void mptcp_reset_rexmit_state(struct tcpcb *tp);
639extern void mptcp_reset_keepalive(struct tcpcb *tp);
640extern int mptcp_validate_csum(struct tcpcb *tp, struct mbuf *m, uint64_t dsn,
641 uint32_t sseq, uint16_t dlen, uint16_t csum, int dfin);
642__END_DECLS
643
644#endif /* BSD_KERNEL_PRIVATE */
645#ifdef PRIVATE
646
647typedef struct mptcp_flow {
648 uint64_t flow_len;
649 uint64_t flow_tcpci_offset;
650 uint32_t flow_flags;
651 sae_connid_t flow_cid;
652 struct sockaddr_storage flow_src;
653 struct sockaddr_storage flow_dst;
654 uint32_t flow_relseq; /* last subflow rel seq# */
655 int32_t flow_soerror; /* subflow level error */
656 uint32_t flow_probecnt; /* number of probes sent */
657 conninfo_tcp_t flow_ci; /* must be the last field */
658} mptcp_flow_t;
659
660typedef struct conninfo_mptcp {
661 uint64_t mptcpci_len;
662 uint64_t mptcpci_flow_offset; /* offsetof first flow */
663 uint64_t mptcpci_nflows; /* number of subflows */
664 uint32_t mptcpci_state; /* MPTCP level state */
665 uint32_t mptcpci_mpte_flags; /* Session flags */
666 uint32_t mptcpci_flags; /* MPTCB flags */
667 uint32_t mptcpci_ltoken; /* local token */
668 uint32_t mptcpci_rtoken; /* remote token */
669 uint32_t mptcpci_notsent_lowat; /* NOTSENT_LOWAT */
670
671 /* Send side */
672 uint64_t mptcpci_snduna; /* DSN of last unacked byte */
673 uint64_t mptcpci_sndnxt; /* DSN of next byte to send */
674 uint64_t mptcpci_sndmax; /* DSN of max byte sent */
675 uint64_t mptcpci_lidsn; /* Local IDSN */
676 uint32_t mptcpci_sndwnd; /* Send window snapshot */
677
678 /* Receive side */
679 uint64_t mptcpci_rcvnxt; /* Next expected DSN */
680 uint64_t mptcpci_rcvatmark; /* Session level rcvnxt */
681 uint64_t mptcpci_ridsn; /* Peer's IDSN */
682 uint32_t mptcpci_rcvwnd; /* Receive window */
683
684 uint8_t mptcpci_mpte_addrid; /* last addr id */
685
686 mptcp_flow_t mptcpci_flows[1];
687} conninfo_mptcp_t;
688
689/* Use SymptomsD notifications of wifi and cell status in subflow selection */
690#define MPTCP_KERN_CTL_NAME "com.apple.network.advisory"
691typedef struct symptoms_advisory {
692 union {
693 uint32_t sa_nwk_status_int;
694 struct {
695 union {
696#define SYMPTOMS_ADVISORY_NOCOMMENT 0x0000
697#define SYMPTOMS_ADVISORY_USEAPP 0xFFFF /* Very ugly workaround to avoid breaking backwards compatibility - ToDo: Fix it in +1 */
698 uint16_t sa_nwk_status;
699 struct {
700#define SYMPTOMS_ADVISORY_WIFI_BAD 0x01
701#define SYMPTOMS_ADVISORY_WIFI_OK 0x02
702 uint8_t sa_wifi_status;
703#define SYMPTOMS_ADVISORY_CELL_BAD 0x01
704#define SYMPTOMS_ADVISORY_CELL_OK 0x02
705 uint8_t sa_cell_status;
706 };
707 };
708 uint16_t sa_unused;
709 };
710 };
711} symptoms_advisory_t;
712
713#define MPTCP_TARGET_BASED_RSSI_THRESHOLD -75
714struct mptcp_symptoms_answer {
715 struct symptoms_advisory advisory;
716 uuid_t uuid;
717 int32_t rssi;
718};
719
720struct mptcp_symptoms_ask_uuid {
721 uint32_t cmd;
722#define MPTCP_SYMPTOMS_ASK_UUID 1
723 uuid_t uuid;
724 uint32_t priority;
725#define MPTCP_SYMPTOMS_UNKNOWN 0
726#define MPTCP_SYMPTOMS_BACKGROUND 1
727#define MPTCP_SYMPTOMS_FOREGROUND 2
728};
729
730struct kev_mptcp_data {
731 int value;
732};
733
734#endif /* PRIVATE */
735#endif /* _NETINET_MPTCP_VAR_H_ */
736