]> Git Repo - linux.git/blob - net/ipv4/tcp_fastopen.c
drm/vc4: Run DRM default client setup
[linux.git] / net / ipv4 / tcp_fastopen.c
1 // SPDX-License-Identifier: GPL-2.0
2 #include <linux/kernel.h>
3 #include <linux/tcp.h>
4 #include <linux/rcupdate.h>
5 #include <net/tcp.h>
6
7 void tcp_fastopen_init_key_once(struct net *net)
8 {
9         u8 key[TCP_FASTOPEN_KEY_LENGTH];
10         struct tcp_fastopen_context *ctxt;
11
12         rcu_read_lock();
13         ctxt = rcu_dereference(net->ipv4.tcp_fastopen_ctx);
14         if (ctxt) {
15                 rcu_read_unlock();
16                 return;
17         }
18         rcu_read_unlock();
19
20         /* tcp_fastopen_reset_cipher publishes the new context
21          * atomically, so we allow this race happening here.
22          *
23          * All call sites of tcp_fastopen_cookie_gen also check
24          * for a valid cookie, so this is an acceptable risk.
25          */
26         get_random_bytes(key, sizeof(key));
27         tcp_fastopen_reset_cipher(net, NULL, key, NULL);
28 }
29
30 static void tcp_fastopen_ctx_free(struct rcu_head *head)
31 {
32         struct tcp_fastopen_context *ctx =
33             container_of(head, struct tcp_fastopen_context, rcu);
34
35         kfree_sensitive(ctx);
36 }
37
38 void tcp_fastopen_destroy_cipher(struct sock *sk)
39 {
40         struct tcp_fastopen_context *ctx;
41
42         ctx = rcu_dereference_protected(
43                         inet_csk(sk)->icsk_accept_queue.fastopenq.ctx, 1);
44         if (ctx)
45                 call_rcu(&ctx->rcu, tcp_fastopen_ctx_free);
46 }
47
48 void tcp_fastopen_ctx_destroy(struct net *net)
49 {
50         struct tcp_fastopen_context *ctxt;
51
52         ctxt = unrcu_pointer(xchg(&net->ipv4.tcp_fastopen_ctx, NULL));
53
54         if (ctxt)
55                 call_rcu(&ctxt->rcu, tcp_fastopen_ctx_free);
56 }
57
58 int tcp_fastopen_reset_cipher(struct net *net, struct sock *sk,
59                               void *primary_key, void *backup_key)
60 {
61         struct tcp_fastopen_context *ctx, *octx;
62         struct fastopen_queue *q;
63         int err = 0;
64
65         ctx = kmalloc(sizeof(*ctx), GFP_KERNEL);
66         if (!ctx) {
67                 err = -ENOMEM;
68                 goto out;
69         }
70
71         ctx->key[0].key[0] = get_unaligned_le64(primary_key);
72         ctx->key[0].key[1] = get_unaligned_le64(primary_key + 8);
73         if (backup_key) {
74                 ctx->key[1].key[0] = get_unaligned_le64(backup_key);
75                 ctx->key[1].key[1] = get_unaligned_le64(backup_key + 8);
76                 ctx->num = 2;
77         } else {
78                 ctx->num = 1;
79         }
80
81         if (sk) {
82                 q = &inet_csk(sk)->icsk_accept_queue.fastopenq;
83                 octx = unrcu_pointer(xchg(&q->ctx, RCU_INITIALIZER(ctx)));
84         } else {
85                 octx = unrcu_pointer(xchg(&net->ipv4.tcp_fastopen_ctx,
86                                           RCU_INITIALIZER(ctx)));
87         }
88
89         if (octx)
90                 call_rcu(&octx->rcu, tcp_fastopen_ctx_free);
91 out:
92         return err;
93 }
94
95 int tcp_fastopen_get_cipher(struct net *net, struct inet_connection_sock *icsk,
96                             u64 *key)
97 {
98         struct tcp_fastopen_context *ctx;
99         int n_keys = 0, i;
100
101         rcu_read_lock();
102         if (icsk)
103                 ctx = rcu_dereference(icsk->icsk_accept_queue.fastopenq.ctx);
104         else
105                 ctx = rcu_dereference(net->ipv4.tcp_fastopen_ctx);
106         if (ctx) {
107                 n_keys = tcp_fastopen_context_len(ctx);
108                 for (i = 0; i < n_keys; i++) {
109                         put_unaligned_le64(ctx->key[i].key[0], key + (i * 2));
110                         put_unaligned_le64(ctx->key[i].key[1], key + (i * 2) + 1);
111                 }
112         }
113         rcu_read_unlock();
114
115         return n_keys;
116 }
117
118 static bool __tcp_fastopen_cookie_gen_cipher(struct request_sock *req,
119                                              struct sk_buff *syn,
120                                              const siphash_key_t *key,
121                                              struct tcp_fastopen_cookie *foc)
122 {
123         BUILD_BUG_ON(TCP_FASTOPEN_COOKIE_SIZE != sizeof(u64));
124
125         if (req->rsk_ops->family == AF_INET) {
126                 const struct iphdr *iph = ip_hdr(syn);
127
128                 foc->val[0] = cpu_to_le64(siphash(&iph->saddr,
129                                           sizeof(iph->saddr) +
130                                           sizeof(iph->daddr),
131                                           key));
132                 foc->len = TCP_FASTOPEN_COOKIE_SIZE;
133                 return true;
134         }
135 #if IS_ENABLED(CONFIG_IPV6)
136         if (req->rsk_ops->family == AF_INET6) {
137                 const struct ipv6hdr *ip6h = ipv6_hdr(syn);
138
139                 foc->val[0] = cpu_to_le64(siphash(&ip6h->saddr,
140                                           sizeof(ip6h->saddr) +
141                                           sizeof(ip6h->daddr),
142                                           key));
143                 foc->len = TCP_FASTOPEN_COOKIE_SIZE;
144                 return true;
145         }
146 #endif
147         return false;
148 }
149
150 /* Generate the fastopen cookie by applying SipHash to both the source and
151  * destination addresses.
152  */
153 static void tcp_fastopen_cookie_gen(struct sock *sk,
154                                     struct request_sock *req,
155                                     struct sk_buff *syn,
156                                     struct tcp_fastopen_cookie *foc)
157 {
158         struct tcp_fastopen_context *ctx;
159
160         rcu_read_lock();
161         ctx = tcp_fastopen_get_ctx(sk);
162         if (ctx)
163                 __tcp_fastopen_cookie_gen_cipher(req, syn, &ctx->key[0], foc);
164         rcu_read_unlock();
165 }
166
167 /* If an incoming SYN or SYNACK frame contains a payload and/or FIN,
168  * queue this additional data / FIN.
169  */
170 void tcp_fastopen_add_skb(struct sock *sk, struct sk_buff *skb)
171 {
172         struct tcp_sock *tp = tcp_sk(sk);
173
174         if (TCP_SKB_CB(skb)->end_seq == tp->rcv_nxt)
175                 return;
176
177         skb = skb_clone(skb, GFP_ATOMIC);
178         if (!skb)
179                 return;
180
181         skb_dst_drop(skb);
182         /* segs_in has been initialized to 1 in tcp_create_openreq_child().
183          * Hence, reset segs_in to 0 before calling tcp_segs_in()
184          * to avoid double counting.  Also, tcp_segs_in() expects
185          * skb->len to include the tcp_hdrlen.  Hence, it should
186          * be called before __skb_pull().
187          */
188         tp->segs_in = 0;
189         tcp_segs_in(tp, skb);
190         __skb_pull(skb, tcp_hdrlen(skb));
191         sk_forced_mem_schedule(sk, skb->truesize);
192         skb_set_owner_r(skb, sk);
193
194         TCP_SKB_CB(skb)->seq++;
195         TCP_SKB_CB(skb)->tcp_flags &= ~TCPHDR_SYN;
196
197         tp->rcv_nxt = TCP_SKB_CB(skb)->end_seq;
198         __skb_queue_tail(&sk->sk_receive_queue, skb);
199         tp->syn_data_acked = 1;
200
201         /* u64_stats_update_begin(&tp->syncp) not needed here,
202          * as we certainly are not changing upper 32bit value (0)
203          */
204         tp->bytes_received = skb->len;
205
206         if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN)
207                 tcp_fin(sk);
208 }
209
210 /* returns 0 - no key match, 1 for primary, 2 for backup */
211 static int tcp_fastopen_cookie_gen_check(struct sock *sk,
212                                          struct request_sock *req,
213                                          struct sk_buff *syn,
214                                          struct tcp_fastopen_cookie *orig,
215                                          struct tcp_fastopen_cookie *valid_foc)
216 {
217         struct tcp_fastopen_cookie search_foc = { .len = -1 };
218         struct tcp_fastopen_cookie *foc = valid_foc;
219         struct tcp_fastopen_context *ctx;
220         int i, ret = 0;
221
222         rcu_read_lock();
223         ctx = tcp_fastopen_get_ctx(sk);
224         if (!ctx)
225                 goto out;
226         for (i = 0; i < tcp_fastopen_context_len(ctx); i++) {
227                 __tcp_fastopen_cookie_gen_cipher(req, syn, &ctx->key[i], foc);
228                 if (tcp_fastopen_cookie_match(foc, orig)) {
229                         ret = i + 1;
230                         goto out;
231                 }
232                 foc = &search_foc;
233         }
234 out:
235         rcu_read_unlock();
236         return ret;
237 }
238
239 static struct sock *tcp_fastopen_create_child(struct sock *sk,
240                                               struct sk_buff *skb,
241                                               struct request_sock *req)
242 {
243         struct tcp_sock *tp;
244         struct request_sock_queue *queue = &inet_csk(sk)->icsk_accept_queue;
245         struct sock *child;
246         bool own_req;
247
248         child = inet_csk(sk)->icsk_af_ops->syn_recv_sock(sk, skb, req, NULL,
249                                                          NULL, &own_req);
250         if (!child)
251                 return NULL;
252
253         spin_lock(&queue->fastopenq.lock);
254         queue->fastopenq.qlen++;
255         spin_unlock(&queue->fastopenq.lock);
256
257         /* Initialize the child socket. Have to fix some values to take
258          * into account the child is a Fast Open socket and is created
259          * only out of the bits carried in the SYN packet.
260          */
261         tp = tcp_sk(child);
262
263         rcu_assign_pointer(tp->fastopen_rsk, req);
264         tcp_rsk(req)->tfo_listener = true;
265
266         /* RFC1323: The window in SYN & SYN/ACK segments is never
267          * scaled. So correct it appropriately.
268          */
269         tp->snd_wnd = ntohs(tcp_hdr(skb)->window);
270         tp->max_window = tp->snd_wnd;
271
272         /* Activate the retrans timer so that SYNACK can be retransmitted.
273          * The request socket is not added to the ehash
274          * because it's been added to the accept queue directly.
275          */
276         req->timeout = tcp_timeout_init(child);
277         inet_csk_reset_xmit_timer(child, ICSK_TIME_RETRANS,
278                                   req->timeout, TCP_RTO_MAX);
279
280         refcount_set(&req->rsk_refcnt, 2);
281
282         /* Now finish processing the fastopen child socket. */
283         tcp_init_transfer(child, BPF_SOCK_OPS_PASSIVE_ESTABLISHED_CB, skb);
284
285         tp->rcv_nxt = TCP_SKB_CB(skb)->seq + 1;
286
287         tcp_fastopen_add_skb(child, skb);
288
289         tcp_rsk(req)->rcv_nxt = tp->rcv_nxt;
290         tp->rcv_wup = tp->rcv_nxt;
291         /* tcp_conn_request() is sending the SYNACK,
292          * and queues the child into listener accept queue.
293          */
294         return child;
295 }
296
297 static bool tcp_fastopen_queue_check(struct sock *sk)
298 {
299         struct fastopen_queue *fastopenq;
300         int max_qlen;
301
302         /* Make sure the listener has enabled fastopen, and we don't
303          * exceed the max # of pending TFO requests allowed before trying
304          * to validating the cookie in order to avoid burning CPU cycles
305          * unnecessarily.
306          *
307          * XXX (TFO) - The implication of checking the max_qlen before
308          * processing a cookie request is that clients can't differentiate
309          * between qlen overflow causing Fast Open to be disabled
310          * temporarily vs a server not supporting Fast Open at all.
311          */
312         fastopenq = &inet_csk(sk)->icsk_accept_queue.fastopenq;
313         max_qlen = READ_ONCE(fastopenq->max_qlen);
314         if (max_qlen == 0)
315                 return false;
316
317         if (fastopenq->qlen >= max_qlen) {
318                 struct request_sock *req1;
319                 spin_lock(&fastopenq->lock);
320                 req1 = fastopenq->rskq_rst_head;
321                 if (!req1 || time_after(req1->rsk_timer.expires, jiffies)) {
322                         __NET_INC_STATS(sock_net(sk),
323                                         LINUX_MIB_TCPFASTOPENLISTENOVERFLOW);
324                         spin_unlock(&fastopenq->lock);
325                         return false;
326                 }
327                 fastopenq->rskq_rst_head = req1->dl_next;
328                 fastopenq->qlen--;
329                 spin_unlock(&fastopenq->lock);
330                 reqsk_put(req1);
331         }
332         return true;
333 }
334
335 static bool tcp_fastopen_no_cookie(const struct sock *sk,
336                                    const struct dst_entry *dst,
337                                    int flag)
338 {
339         return (READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen) & flag) ||
340                tcp_sk(sk)->fastopen_no_cookie ||
341                (dst && dst_metric(dst, RTAX_FASTOPEN_NO_COOKIE));
342 }
343
344 /* Returns true if we should perform Fast Open on the SYN. The cookie (foc)
345  * may be updated and return the client in the SYN-ACK later. E.g., Fast Open
346  * cookie request (foc->len == 0).
347  */
348 struct sock *tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
349                               struct request_sock *req,
350                               struct tcp_fastopen_cookie *foc,
351                               const struct dst_entry *dst)
352 {
353         bool syn_data = TCP_SKB_CB(skb)->end_seq != TCP_SKB_CB(skb)->seq + 1;
354         int tcp_fastopen = READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen);
355         struct tcp_fastopen_cookie valid_foc = { .len = -1 };
356         struct sock *child;
357         int ret = 0;
358
359         if (foc->len == 0) /* Client requests a cookie */
360                 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENCOOKIEREQD);
361
362         if (!((tcp_fastopen & TFO_SERVER_ENABLE) &&
363               (syn_data || foc->len >= 0) &&
364               tcp_fastopen_queue_check(sk))) {
365                 foc->len = -1;
366                 return NULL;
367         }
368
369         if (tcp_fastopen_no_cookie(sk, dst, TFO_SERVER_COOKIE_NOT_REQD))
370                 goto fastopen;
371
372         if (foc->len == 0) {
373                 /* Client requests a cookie. */
374                 tcp_fastopen_cookie_gen(sk, req, skb, &valid_foc);
375         } else if (foc->len > 0) {
376                 ret = tcp_fastopen_cookie_gen_check(sk, req, skb, foc,
377                                                     &valid_foc);
378                 if (!ret) {
379                         NET_INC_STATS(sock_net(sk),
380                                       LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
381                 } else {
382                         /* Cookie is valid. Create a (full) child socket to
383                          * accept the data in SYN before returning a SYN-ACK to
384                          * ack the data. If we fail to create the socket, fall
385                          * back and ack the ISN only but includes the same
386                          * cookie.
387                          *
388                          * Note: Data-less SYN with valid cookie is allowed to
389                          * send data in SYN_RECV state.
390                          */
391 fastopen:
392                         child = tcp_fastopen_create_child(sk, skb, req);
393                         if (child) {
394                                 if (ret == 2) {
395                                         valid_foc.exp = foc->exp;
396                                         *foc = valid_foc;
397                                         NET_INC_STATS(sock_net(sk),
398                                                       LINUX_MIB_TCPFASTOPENPASSIVEALTKEY);
399                                 } else {
400                                         foc->len = -1;
401                                 }
402                                 NET_INC_STATS(sock_net(sk),
403                                               LINUX_MIB_TCPFASTOPENPASSIVE);
404                                 return child;
405                         }
406                         NET_INC_STATS(sock_net(sk),
407                                       LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
408                 }
409         }
410         valid_foc.exp = foc->exp;
411         *foc = valid_foc;
412         return NULL;
413 }
414
415 bool tcp_fastopen_cookie_check(struct sock *sk, u16 *mss,
416                                struct tcp_fastopen_cookie *cookie)
417 {
418         const struct dst_entry *dst;
419
420         tcp_fastopen_cache_get(sk, mss, cookie);
421
422         /* Firewall blackhole issue check */
423         if (tcp_fastopen_active_should_disable(sk)) {
424                 cookie->len = -1;
425                 return false;
426         }
427
428         dst = __sk_dst_get(sk);
429
430         if (tcp_fastopen_no_cookie(sk, dst, TFO_CLIENT_NO_COOKIE)) {
431                 cookie->len = -1;
432                 return true;
433         }
434         if (cookie->len > 0)
435                 return true;
436         tcp_sk(sk)->fastopen_client_fail = TFO_COOKIE_UNAVAILABLE;
437         return false;
438 }
439
440 /* This function checks if we want to defer sending SYN until the first
441  * write().  We defer under the following conditions:
442  * 1. fastopen_connect sockopt is set
443  * 2. we have a valid cookie
444  * Return value: return true if we want to defer until application writes data
445  *               return false if we want to send out SYN immediately
446  */
447 bool tcp_fastopen_defer_connect(struct sock *sk, int *err)
448 {
449         struct tcp_fastopen_cookie cookie = { .len = 0 };
450         struct tcp_sock *tp = tcp_sk(sk);
451         u16 mss;
452
453         if (tp->fastopen_connect && !tp->fastopen_req) {
454                 if (tcp_fastopen_cookie_check(sk, &mss, &cookie)) {
455                         inet_set_bit(DEFER_CONNECT, sk);
456                         return true;
457                 }
458
459                 /* Alloc fastopen_req in order for FO option to be included
460                  * in SYN
461                  */
462                 tp->fastopen_req = kzalloc(sizeof(*tp->fastopen_req),
463                                            sk->sk_allocation);
464                 if (tp->fastopen_req)
465                         tp->fastopen_req->cookie = cookie;
466                 else
467                         *err = -ENOBUFS;
468         }
469         return false;
470 }
471 EXPORT_SYMBOL(tcp_fastopen_defer_connect);
472
473 /*
474  * The following code block is to deal with middle box issues with TFO:
475  * Middlebox firewall issues can potentially cause server's data being
476  * blackholed after a successful 3WHS using TFO.
477  * The proposed solution is to disable active TFO globally under the
478  * following circumstances:
479  *   1. client side TFO socket receives out of order FIN
480  *   2. client side TFO socket receives out of order RST
481  *   3. client side TFO socket has timed out three times consecutively during
482  *      or after handshake
483  * We disable active side TFO globally for 1hr at first. Then if it
484  * happens again, we disable it for 2h, then 4h, 8h, ...
485  * And we reset the timeout back to 1hr when we see a successful active
486  * TFO connection with data exchanges.
487  */
488
489 /* Disable active TFO and record current jiffies and
490  * tfo_active_disable_times
491  */
492 void tcp_fastopen_active_disable(struct sock *sk)
493 {
494         struct net *net = sock_net(sk);
495
496         if (!READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen_blackhole_timeout))
497                 return;
498
499         /* Paired with READ_ONCE() in tcp_fastopen_active_should_disable() */
500         WRITE_ONCE(net->ipv4.tfo_active_disable_stamp, jiffies);
501
502         /* Paired with smp_rmb() in tcp_fastopen_active_should_disable().
503          * We want net->ipv4.tfo_active_disable_stamp to be updated first.
504          */
505         smp_mb__before_atomic();
506         atomic_inc(&net->ipv4.tfo_active_disable_times);
507
508         NET_INC_STATS(net, LINUX_MIB_TCPFASTOPENBLACKHOLE);
509 }
510
511 /* Calculate timeout for tfo active disable
512  * Return true if we are still in the active TFO disable period
513  * Return false if timeout already expired and we should use active TFO
514  */
515 bool tcp_fastopen_active_should_disable(struct sock *sk)
516 {
517         unsigned int tfo_bh_timeout =
518                 READ_ONCE(sock_net(sk)->ipv4.sysctl_tcp_fastopen_blackhole_timeout);
519         unsigned long timeout;
520         int tfo_da_times;
521         int multiplier;
522
523         if (!tfo_bh_timeout)
524                 return false;
525
526         tfo_da_times = atomic_read(&sock_net(sk)->ipv4.tfo_active_disable_times);
527         if (!tfo_da_times)
528                 return false;
529
530         /* Paired with smp_mb__before_atomic() in tcp_fastopen_active_disable() */
531         smp_rmb();
532
533         /* Limit timeout to max: 2^6 * initial timeout */
534         multiplier = 1 << min(tfo_da_times - 1, 6);
535
536         /* Paired with the WRITE_ONCE() in tcp_fastopen_active_disable(). */
537         timeout = READ_ONCE(sock_net(sk)->ipv4.tfo_active_disable_stamp) +
538                   multiplier * tfo_bh_timeout * HZ;
539         if (time_before(jiffies, timeout))
540                 return true;
541
542         /* Mark check bit so we can check for successful active TFO
543          * condition and reset tfo_active_disable_times
544          */
545         tcp_sk(sk)->syn_fastopen_ch = 1;
546         return false;
547 }
548
549 /* Disable active TFO if FIN is the only packet in the ofo queue
550  * and no data is received.
551  * Also check if we can reset tfo_active_disable_times if data is
552  * received successfully on a marked active TFO sockets opened on
553  * a non-loopback interface
554  */
555 void tcp_fastopen_active_disable_ofo_check(struct sock *sk)
556 {
557         struct tcp_sock *tp = tcp_sk(sk);
558         struct dst_entry *dst;
559         struct sk_buff *skb;
560
561         if (!tp->syn_fastopen)
562                 return;
563
564         if (!tp->data_segs_in) {
565                 skb = skb_rb_first(&tp->out_of_order_queue);
566                 if (skb && !skb_rb_next(skb)) {
567                         if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN) {
568                                 tcp_fastopen_active_disable(sk);
569                                 return;
570                         }
571                 }
572         } else if (tp->syn_fastopen_ch &&
573                    atomic_read(&sock_net(sk)->ipv4.tfo_active_disable_times)) {
574                 dst = sk_dst_get(sk);
575                 if (!(dst && dst->dev && (dst->dev->flags & IFF_LOOPBACK)))
576                         atomic_set(&sock_net(sk)->ipv4.tfo_active_disable_times, 0);
577                 dst_release(dst);
578         }
579 }
580
581 void tcp_fastopen_active_detect_blackhole(struct sock *sk, bool expired)
582 {
583         u32 timeouts = inet_csk(sk)->icsk_retransmits;
584         struct tcp_sock *tp = tcp_sk(sk);
585
586         /* Broken middle-boxes may black-hole Fast Open connection during or
587          * even after the handshake. Be extremely conservative and pause
588          * Fast Open globally after hitting the third consecutive timeout or
589          * exceeding the configured timeout limit.
590          */
591         if ((tp->syn_fastopen || tp->syn_data || tp->syn_data_acked) &&
592             (timeouts == 2 || (timeouts < 2 && expired))) {
593                 tcp_fastopen_active_disable(sk);
594                 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFASTOPENACTIVEFAIL);
595         }
596 }
This page took 0.064528 seconds and 4 git commands to generate.