2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994
3 * The Regents of the University of California. All rights reserved.
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
13 * 3. Neither the name of the University nor the names of its contributors
14 * may be used to endorse or promote products derived from this software
15 * without specific prior written permission.
17 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * @(#)tcp_input.c 8.5 (Berkeley) 4/10/94
30 * tcp_input.c,v 1.10 1994/10/13 18:36:32 wollman Exp
34 * Changes and additions relating to SLiRP
35 * Copyright (c) 1995 Danny Gasparovski.
37 * Please read the file COPYRIGHT for the
38 * terms and conditions of the copyright.
41 #include "qemu/osdep.h"
45 #define TCPREXMTTHRESH 3
47 #define TCP_PAWS_IDLE (24 * 24 * 60 * 60 * PR_SLOWHZ)
49 /* for modulo comparisons of timestamps */
50 #define TSTMP_LT(a,b) ((int)((a)-(b)) < 0)
51 #define TSTMP_GEQ(a,b) ((int)((a)-(b)) >= 0)
54 * Insert segment ti into reassembly queue of tcp with
55 * control block tp. Return TH_FIN if reassembly now includes
56 * a segment with FIN. The macro form does the common case inline
57 * (segment is the next to be received on an established connection,
58 * and the queue is empty), avoiding linkage into and removal
59 * from the queue and repetition of various conversions.
60 * Set DELACK for segments received in order, but ack immediately
61 * when segments are out of order (so fast retransmit can work).
64 #define TCP_REASS(tp, ti, m, so, flags) {\
65 if ((ti)->ti_seq == (tp)->rcv_nxt && \
66 tcpfrag_list_empty(tp) && \
67 (tp)->t_state == TCPS_ESTABLISHED) {\
68 if (ti->ti_flags & TH_PUSH) \
69 tp->t_flags |= TF_ACKNOW; \
71 tp->t_flags |= TF_DELACK; \
72 (tp)->rcv_nxt += (ti)->ti_len; \
73 flags = (ti)->ti_flags & TH_FIN; \
75 if (tcp_emu((so),(m))) sbappend((so), (m)); \
77 sbappend((so), (m)); \
79 (flags) = tcp_reass((tp), (ti), (m)); \
80 tp->t_flags |= TF_ACKNOW; \
84 #define TCP_REASS(tp, ti, m, so, flags) { \
85 if ((ti)->ti_seq == (tp)->rcv_nxt && \
86 tcpfrag_list_empty(tp) && \
87 (tp)->t_state == TCPS_ESTABLISHED) { \
88 tp->t_flags |= TF_DELACK; \
89 (tp)->rcv_nxt += (ti)->ti_len; \
90 flags = (ti)->ti_flags & TH_FIN; \
92 if (tcp_emu((so),(m))) sbappend(so, (m)); \
94 sbappend((so), (m)); \
96 (flags) = tcp_reass((tp), (ti), (m)); \
97 tp->t_flags |= TF_ACKNOW; \
101 static void tcp_dooptions(struct tcpcb *tp, u_char *cp, int cnt,
102 struct tcpiphdr *ti);
103 static void tcp_xmit_timer(register struct tcpcb *tp, int rtt);
106 tcp_reass(register struct tcpcb *tp, register struct tcpiphdr *ti,
109 register struct tcpiphdr *q;
110 struct socket *so = tp->t_socket;
114 * Call with ti==NULL after become established to
115 * force pre-ESTABLISHED data up to user socket.
121 * Find a segment which begins after this one does.
123 for (q = tcpfrag_list_first(tp); !tcpfrag_list_end(q, tp);
124 q = tcpiphdr_next(q))
125 if (SEQ_GT(q->ti_seq, ti->ti_seq))
129 * If there is a preceding segment, it may provide some of
130 * our data already. If so, drop the data from the incoming
131 * segment. If it provides all of our data, drop us.
133 if (!tcpfrag_list_end(tcpiphdr_prev(q), tp)) {
135 q = tcpiphdr_prev(q);
136 /* conversion to int (in i) handles seq wraparound */
137 i = q->ti_seq + q->ti_len - ti->ti_seq;
139 if (i >= ti->ti_len) {
142 * Try to present any queued data
143 * at the left window edge to the user.
144 * This is needed after the 3-WHS
147 goto present; /* ??? */
153 q = tcpiphdr_next(q);
158 * While we overlap succeeding segments trim them or,
159 * if they are completely covered, dequeue them.
161 while (!tcpfrag_list_end(q, tp)) {
162 register int i = (ti->ti_seq + ti->ti_len) - q->ti_seq;
168 m_adj(q->ti_mbuf, i);
171 q = tcpiphdr_next(q);
172 m = tcpiphdr_prev(q)->ti_mbuf;
173 remque(tcpiphdr2qlink(tcpiphdr_prev(q)));
178 * Stick new segment in its place.
180 insque(tcpiphdr2qlink(ti), tcpiphdr2qlink(tcpiphdr_prev(q)));
184 * Present data to user, advancing rcv_nxt through
185 * completed sequence space.
187 if (!TCPS_HAVEESTABLISHED(tp->t_state))
189 ti = tcpfrag_list_first(tp);
190 if (tcpfrag_list_end(ti, tp) || ti->ti_seq != tp->rcv_nxt)
192 if (tp->t_state == TCPS_SYN_RECEIVED && ti->ti_len)
195 tp->rcv_nxt += ti->ti_len;
196 flags = ti->ti_flags & TH_FIN;
197 remque(tcpiphdr2qlink(ti));
199 ti = tcpiphdr_next(ti);
200 if (so->so_state & SS_FCANTSENDMORE)
204 if (tcp_emu(so,m)) sbappend(so, m);
208 } while (ti != (struct tcpiphdr *)tp && ti->ti_seq == tp->rcv_nxt);
213 * TCP input routine, follows pages 65-76 of the
214 * protocol specification dated September, 1981 very closely.
217 tcp_input(struct mbuf *m, int iphlen, struct socket *inso, unsigned short af)
219 struct ip save_ip, *ip;
220 register struct tcpiphdr *ti;
224 register struct tcpcb *tp = NULL;
225 register int tiflags;
226 struct socket *so = NULL;
227 int todrop, acked, ourfinisacked, needoutput = 0;
231 struct sockaddr_storage lhost, fhost;
232 struct sockaddr_in *lhost4, *fhost4;
233 struct ex_list *ex_ptr;
236 DEBUG_CALL("tcp_input");
237 DEBUG_ARGS((dfd, " m = %p iphlen = %2d inso = %p\n",
241 * If called with m == 0, then we're continuing the connect
247 /* Re-set a few variables */
253 tiflags = ti->ti_flags;
261 if (iphlen > sizeof(struct ip)) {
262 ip_stripoptions(m, (struct mbuf *)0);
263 iphlen = sizeof(struct ip);
265 /* XXX Check if too short */
269 * Save a copy of the IP header in case we want restore it
270 * for sending an ICMP error message in response.
272 ip = mtod(m, struct ip *);
274 save_ip.ip_len += iphlen;
277 * Get IP and TCP header together in first mbuf.
278 * Note: IP leaves IP header in first mbuf.
280 m->m_data -= sizeof(struct tcpiphdr) - sizeof(struct ip)
281 - sizeof(struct tcphdr);
282 m->m_len += sizeof(struct tcpiphdr) - sizeof(struct ip)
283 - sizeof(struct tcphdr);
284 ti = mtod(m, struct tcpiphdr *);
287 * Checksum extended TCP header and data.
290 tcpiphdr2qlink(ti)->next = tcpiphdr2qlink(ti)->prev = NULL;
291 memset(&ti->ih_mbuf, 0 , sizeof(struct mbuf_ptr));
292 memset(&ti->ti, 0, sizeof(ti->ti));
294 ti->ti_src = save_ip.ip_src;
295 ti->ti_dst = save_ip.ip_dst;
296 ti->ti_pr = save_ip.ip_p;
297 ti->ti_len = htons((uint16_t)tlen);
298 len = ((sizeof(struct tcpiphdr) - sizeof(struct tcphdr)) + tlen);
305 g_assert_not_reached();
309 * Check that TCP offset makes sense,
310 * pull out TCP options and adjust length. XXX
312 off = ti->ti_off << 2;
313 if (off < sizeof (struct tcphdr) || off > tlen) {
318 if (off > sizeof (struct tcphdr)) {
319 optlen = off - sizeof (struct tcphdr);
320 optp = mtod(m, caddr_t) + sizeof (struct tcpiphdr);
322 tiflags = ti->ti_flags;
325 * Convert TCP protocol specific fields to host format.
333 * Drop TCP, IP headers and TCP options.
335 m->m_data += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
336 m->m_len -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
339 * Locate pcb for segment.
342 lhost.ss_family = af;
343 fhost.ss_family = af;
346 lhost4 = (struct sockaddr_in *) &lhost;
347 lhost4->sin_addr = ti->ti_src;
348 lhost4->sin_port = ti->ti_sport;
349 fhost4 = (struct sockaddr_in *) &fhost;
350 fhost4->sin_addr = ti->ti_dst;
351 fhost4->sin_port = ti->ti_dport;
354 g_assert_not_reached();
357 so = solookup(&slirp->tcp_last_so, &slirp->tcb, &lhost, &fhost);
360 * If the state is CLOSED (i.e., TCB does not exist) then
361 * all data in the incoming segment is discarded.
362 * If the TCB exists but is in CLOSED state, it is embryonic,
363 * but should either do a listen or a connect soon.
365 * state == CLOSED means we've done socreate() but haven't
366 * attached it to a protocol yet...
368 * XXX If a TCB does not exist, and the TH_SYN flag is
369 * the only flag set, then create a session, mark it
370 * as if it was LISTENING, and continue...
373 if (slirp->restricted) {
374 /* Any hostfwds will have an existing socket, so we only get here
375 * for non-hostfwd connections. These should be dropped, unless it
376 * happens to be a guestfwd.
378 for (ex_ptr = slirp->exec_list; ex_ptr; ex_ptr = ex_ptr->ex_next) {
379 if (ex_ptr->ex_fport == ti->ti_dport &&
380 ti->ti_dst.s_addr == ex_ptr->ex_addr.s_addr) {
389 if ((tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) != TH_SYN)
392 if ((so = socreate(slirp)) == NULL)
394 if (tcp_attach(so) < 0) {
395 free(so); /* Not sofree (if it failed, it's not insqued) */
399 sbreserve(&so->so_snd, TCP_SNDSPACE);
400 sbreserve(&so->so_rcv, TCP_RCVSPACE);
402 so->lhost.ss = lhost;
403 so->fhost.ss = fhost;
405 so->so_iptos = tcp_tos(so);
406 if (so->so_iptos == 0) {
409 so->so_iptos = ((struct ip *)ti)->ip_tos;
412 g_assert_not_reached();
417 tp->t_state = TCPS_LISTEN;
421 * If this is a still-connecting socket, this probably
422 * a retransmit of the SYN. Whether it's a retransmit SYN
423 * or something else, we nuke it.
425 if (so->so_state & SS_ISFCONNECTING)
430 /* XXX Should never fail */
433 if (tp->t_state == TCPS_CLOSED)
439 * Segment received on connection.
440 * Reset idle time and keep-alive timer.
444 tp->t_timer[TCPT_KEEP] = TCPTV_KEEPINTVL;
446 tp->t_timer[TCPT_KEEP] = TCPTV_KEEP_IDLE;
449 * Process options if not in LISTEN state,
450 * else do it below (after getting remote address).
452 if (optp && tp->t_state != TCPS_LISTEN)
453 tcp_dooptions(tp, (u_char *)optp, optlen, ti);
456 * Header prediction: check for the two common cases
457 * of a uni-directional data xfer. If the packet has
458 * no control flags, is in-sequence, the window didn't
459 * change and we're not retransmitting, it's a
460 * candidate. If the length is zero and the ack moved
461 * forward, we're the sender side of the xfer. Just
462 * free the data acked & wake any higher level process
463 * that was blocked waiting for space. If the length
464 * is non-zero and the ack didn't move, we're the
465 * receiver side. If we're getting packets in-order
466 * (the reassembly queue is empty), add the data to
467 * the socket buffer and note that we need a delayed ack.
469 * XXX Some of these tests are not needed
470 * eg: the tiwin == tp->snd_wnd prevents many more
471 * predictions.. with no *real* advantage..
473 if (tp->t_state == TCPS_ESTABLISHED &&
474 (tiflags & (TH_SYN|TH_FIN|TH_RST|TH_URG|TH_ACK)) == TH_ACK &&
475 ti->ti_seq == tp->rcv_nxt &&
476 tiwin && tiwin == tp->snd_wnd &&
477 tp->snd_nxt == tp->snd_max) {
478 if (ti->ti_len == 0) {
479 if (SEQ_GT(ti->ti_ack, tp->snd_una) &&
480 SEQ_LEQ(ti->ti_ack, tp->snd_max) &&
481 tp->snd_cwnd >= tp->snd_wnd) {
483 * this is a pure ack for outstanding data.
486 SEQ_GT(ti->ti_ack, tp->t_rtseq))
487 tcp_xmit_timer(tp, tp->t_rtt);
488 acked = ti->ti_ack - tp->snd_una;
489 sbdrop(&so->so_snd, acked);
490 tp->snd_una = ti->ti_ack;
494 * If all outstanding data are acked, stop
495 * retransmit timer, otherwise restart timer
496 * using current (possibly backed-off) value.
497 * If process is waiting for space,
498 * wakeup/selwakeup/signal. If data
499 * are ready to send, let tcp_output
500 * decide between more output or persist.
502 if (tp->snd_una == tp->snd_max)
503 tp->t_timer[TCPT_REXMT] = 0;
504 else if (tp->t_timer[TCPT_PERSIST] == 0)
505 tp->t_timer[TCPT_REXMT] = tp->t_rxtcur;
508 * This is called because sowwakeup might have
509 * put data into so_snd. Since we don't so sowwakeup,
510 * we don't need this.. XXX???
512 if (so->so_snd.sb_cc)
513 (void) tcp_output(tp);
517 } else if (ti->ti_ack == tp->snd_una &&
518 tcpfrag_list_empty(tp) &&
519 ti->ti_len <= sbspace(&so->so_rcv)) {
521 * this is a pure, in-sequence data packet
522 * with nothing on the reassembly queue and
523 * we have enough buffer space to take it.
525 tp->rcv_nxt += ti->ti_len;
527 * Add data to socket buffer.
530 if (tcp_emu(so,m)) sbappend(so, m);
535 * If this is a short packet, then ACK now - with Nagel
536 * congestion avoidance sender won't send more until
539 * It is better to not delay acks at all to maximize
540 * TCP throughput. See RFC 2581.
542 tp->t_flags |= TF_ACKNOW;
546 } /* header prediction */
548 * Calculate amount of space in receive window,
549 * and then do TCP input processing.
550 * Receive window is amount of space in rcv queue,
551 * but not less than advertised window.
554 win = sbspace(&so->so_rcv);
557 tp->rcv_wnd = max(win, (int)(tp->rcv_adv - tp->rcv_nxt));
560 switch (tp->t_state) {
563 * If the state is LISTEN then ignore segment if it contains an RST.
564 * If the segment contains an ACK then it is bad and send a RST.
565 * If it does not contain a SYN then it is not interesting; drop it.
566 * Don't bother responding if the destination was a broadcast.
567 * Otherwise initialize tp->rcv_nxt, and tp->irs, select an initial
568 * tp->iss, and send a segment:
569 * <SEQ=ISS><ACK=RCV_NXT><CTL=SYN,ACK>
570 * Also initialize tp->snd_nxt to tp->iss+1 and tp->snd_una to tp->iss.
571 * Fill in remote peer address fields if not previously specified.
572 * Enter SYN_RECEIVED state, and process any other fields of this
573 * segment in this state.
577 if (tiflags & TH_RST)
579 if (tiflags & TH_ACK)
581 if ((tiflags & TH_SYN) == 0)
585 * This has way too many gotos...
586 * But a bit of spaghetti code never hurt anybody :)
590 * If this is destined for the control address, then flag to
591 * tcp_ctl once connected, otherwise connect
594 (so->so_faddr.s_addr & slirp->vnetwork_mask.s_addr) ==
595 slirp->vnetwork_addr.s_addr) {
596 if (so->so_faddr.s_addr != slirp->vhost_addr.s_addr &&
597 so->so_faddr.s_addr != slirp->vnameserver_addr.s_addr) {
598 /* May be an add exec */
599 for (ex_ptr = slirp->exec_list; ex_ptr;
600 ex_ptr = ex_ptr->ex_next) {
601 if(ex_ptr->ex_fport == so->so_fport &&
602 so->so_faddr.s_addr == ex_ptr->ex_addr.s_addr) {
603 so->so_state |= SS_CTL;
607 if (so->so_state & SS_CTL) {
611 /* CTL_ALIAS: Do nothing, tcp_fconnect will be called on it */
614 if (so->so_emu & EMU_NOCONNECT) {
615 so->so_emu &= ~EMU_NOCONNECT;
619 if ((tcp_fconnect(so, so->so_ffamily) == -1) &&
620 (errno != EINPROGRESS) && (errno != EWOULDBLOCK)
623 DEBUG_MISC((dfd, " tcp fconnect errno = %d-%s\n",
624 errno,strerror(errno)));
625 if(errno == ECONNREFUSED) {
626 /* ACK the SYN, send RST to refuse the connection */
627 tcp_respond(tp, ti, m, ti->ti_seq + 1, (tcp_seq) 0,
628 TH_RST | TH_ACK, af);
632 code = ICMP_UNREACH_NET;
633 if (errno == EHOSTUNREACH) {
634 code = ICMP_UNREACH_HOST;
638 g_assert_not_reached();
640 HTONL(ti->ti_seq); /* restore tcp header */
644 m->m_data -= sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
645 m->m_len += sizeof(struct tcpiphdr)+off-sizeof(struct tcphdr);
648 m->m_data += sizeof(struct tcpiphdr) - sizeof(struct ip)
649 - sizeof(struct tcphdr);
650 m->m_len -= sizeof(struct tcpiphdr) - sizeof(struct ip)
651 - sizeof(struct tcphdr);
653 icmp_send_error(m, ICMP_UNREACH, code, 0, strerror(errno));
656 g_assert_not_reached();
663 * Haven't connected yet, save the current mbuf
665 * XXX Some OS's don't tell us whether the connect()
666 * succeeded or not. So we must time it out.
670 tp->t_timer[TCPT_KEEP] = TCPTV_KEEP_INIT;
671 tp->t_state = TCPS_SYN_RECEIVED;
678 * Check if the connect succeeded
680 if (so->so_state & SS_NOFDREF) {
688 tcp_dooptions(tp, (u_char *)optp, optlen, ti);
693 tp->iss = slirp->tcp_iss;
694 slirp->tcp_iss += TCP_ISSINCR/2;
695 tp->irs = ti->ti_seq;
698 tp->t_flags |= TF_ACKNOW;
699 tp->t_state = TCPS_SYN_RECEIVED;
700 tp->t_timer[TCPT_KEEP] = TCPTV_KEEP_INIT;
702 } /* case TCPS_LISTEN */
705 * If the state is SYN_SENT:
706 * if seg contains an ACK, but not for our SYN, drop the input.
707 * if seg contains a RST, then drop the connection.
708 * if seg does not contain SYN, then drop it.
709 * Otherwise this is an acceptable SYN segment
710 * initialize tp->rcv_nxt and tp->irs
711 * if seg contains ack then advance tp->snd_una
712 * if SYN has been acked change to ESTABLISHED else SYN_RCVD state
713 * arrange for segment to be acked (eventually)
714 * continue processing rest of data/controls, beginning with URG
717 if ((tiflags & TH_ACK) &&
718 (SEQ_LEQ(ti->ti_ack, tp->iss) ||
719 SEQ_GT(ti->ti_ack, tp->snd_max)))
722 if (tiflags & TH_RST) {
723 if (tiflags & TH_ACK) {
724 tcp_drop(tp, 0); /* XXX Check t_softerror! */
729 if ((tiflags & TH_SYN) == 0)
731 if (tiflags & TH_ACK) {
732 tp->snd_una = ti->ti_ack;
733 if (SEQ_LT(tp->snd_nxt, tp->snd_una))
734 tp->snd_nxt = tp->snd_una;
737 tp->t_timer[TCPT_REXMT] = 0;
738 tp->irs = ti->ti_seq;
740 tp->t_flags |= TF_ACKNOW;
741 if (tiflags & TH_ACK && SEQ_GT(tp->snd_una, tp->iss)) {
743 tp->t_state = TCPS_ESTABLISHED;
745 (void) tcp_reass(tp, (struct tcpiphdr *)0,
748 * if we didn't have to retransmit the SYN,
749 * use its rtt as our initial srtt & rtt var.
752 tcp_xmit_timer(tp, tp->t_rtt);
754 tp->t_state = TCPS_SYN_RECEIVED;
758 * Advance ti->ti_seq to correspond to first data byte.
759 * If data, trim to stay within window,
760 * dropping FIN if necessary.
763 if (ti->ti_len > tp->rcv_wnd) {
764 todrop = ti->ti_len - tp->rcv_wnd;
766 ti->ti_len = tp->rcv_wnd;
769 tp->snd_wl1 = ti->ti_seq - 1;
770 tp->rcv_up = ti->ti_seq;
772 } /* switch tp->t_state */
774 * States other than LISTEN or SYN_SENT.
775 * Check that at least some bytes of segment are within
776 * receive window. If segment begins before rcv_nxt,
777 * drop leading data (and SYN); if nothing left, just ack.
779 todrop = tp->rcv_nxt - ti->ti_seq;
781 if (tiflags & TH_SYN) {
791 * Following if statement from Stevens, vol. 2, p. 960.
793 if (todrop > ti->ti_len
794 || (todrop == ti->ti_len && (tiflags & TH_FIN) == 0)) {
796 * Any valid FIN must be to the left of the window.
797 * At this point the FIN must be a duplicate or out
798 * of sequence; drop it.
803 * Send an ACK to resynchronize and drop any data.
804 * But keep on processing for RST or ACK.
806 tp->t_flags |= TF_ACKNOW;
810 ti->ti_seq += todrop;
811 ti->ti_len -= todrop;
812 if (ti->ti_urp > todrop)
813 ti->ti_urp -= todrop;
820 * If new data are received on a connection after the
821 * user processes are gone, then RST the other end.
823 if ((so->so_state & SS_NOFDREF) &&
824 tp->t_state > TCPS_CLOSE_WAIT && ti->ti_len) {
830 * If segment ends after window, drop trailing data
831 * (and PUSH and FIN); if nothing left, just ACK.
833 todrop = (ti->ti_seq+ti->ti_len) - (tp->rcv_nxt+tp->rcv_wnd);
835 if (todrop >= ti->ti_len) {
837 * If a new connection request is received
838 * while in TIME_WAIT, drop the old connection
839 * and start over if the sequence numbers
840 * are above the previous ones.
842 if (tiflags & TH_SYN &&
843 tp->t_state == TCPS_TIME_WAIT &&
844 SEQ_GT(ti->ti_seq, tp->rcv_nxt)) {
845 iss = tp->rcv_nxt + TCP_ISSINCR;
850 * If window is closed can only take segments at
851 * window edge, and have to drop data and PUSH from
852 * incoming segments. Continue processing, but
853 * remember to ack. Otherwise, drop segment
856 if (tp->rcv_wnd == 0 && ti->ti_seq == tp->rcv_nxt) {
857 tp->t_flags |= TF_ACKNOW;
863 ti->ti_len -= todrop;
864 tiflags &= ~(TH_PUSH|TH_FIN);
868 * If the RST bit is set examine the state:
869 * SYN_RECEIVED STATE:
870 * If passive open, return to LISTEN state.
871 * If active open, inform user that connection was refused.
872 * ESTABLISHED, FIN_WAIT_1, FIN_WAIT2, CLOSE_WAIT STATES:
873 * Inform user that connection was reset, and close tcb.
874 * CLOSING, LAST_ACK, TIME_WAIT STATES
877 if (tiflags&TH_RST) switch (tp->t_state) {
879 case TCPS_SYN_RECEIVED:
880 case TCPS_ESTABLISHED:
881 case TCPS_FIN_WAIT_1:
882 case TCPS_FIN_WAIT_2:
883 case TCPS_CLOSE_WAIT:
884 tp->t_state = TCPS_CLOSED;
896 * If a SYN is in the window, then this is an
897 * error and we send an RST and drop the connection.
899 if (tiflags & TH_SYN) {
905 * If the ACK bit is off we drop the segment and return.
907 if ((tiflags & TH_ACK) == 0) goto drop;
912 switch (tp->t_state) {
914 * In SYN_RECEIVED state if the ack ACKs our SYN then enter
915 * ESTABLISHED state and continue processing, otherwise
916 * send an RST. una<=ack<=max
918 case TCPS_SYN_RECEIVED:
920 if (SEQ_GT(tp->snd_una, ti->ti_ack) ||
921 SEQ_GT(ti->ti_ack, tp->snd_max))
923 tp->t_state = TCPS_ESTABLISHED;
925 * The sent SYN is ack'ed with our sequence number +1
926 * The first data byte already in the buffer will get
927 * lost if no correction is made. This is only needed for
928 * SS_CTL since the buffer is empty otherwise.
931 tp->snd_una=ti->ti_ack;
932 if (so->so_state & SS_CTL) {
933 /* So tcp_ctl reports the right state */
937 so->so_state &= ~SS_CTL; /* success XXX */
938 } else if (ret == 2) {
939 so->so_state &= SS_PERSISTENT_MASK;
940 so->so_state |= SS_NOFDREF; /* CTL_CMD */
943 tp->t_state = TCPS_FIN_WAIT_1;
949 (void) tcp_reass(tp, (struct tcpiphdr *)0, (struct mbuf *)0);
950 tp->snd_wl1 = ti->ti_seq - 1;
951 /* Avoid ack processing; snd_una==ti_ack => dup ack */
956 * In ESTABLISHED state: drop duplicate ACKs; ACK out of range
957 * ACKs. If the ack is in the range
958 * tp->snd_una < ti->ti_ack <= tp->snd_max
959 * then advance tp->snd_una to ti->ti_ack and drop
960 * data from the retransmission queue. If this ACK reflects
961 * more up to date window information we update our window information.
963 case TCPS_ESTABLISHED:
964 case TCPS_FIN_WAIT_1:
965 case TCPS_FIN_WAIT_2:
966 case TCPS_CLOSE_WAIT:
971 if (SEQ_LEQ(ti->ti_ack, tp->snd_una)) {
972 if (ti->ti_len == 0 && tiwin == tp->snd_wnd) {
973 DEBUG_MISC((dfd, " dup ack m = %p so = %p\n",
976 * If we have outstanding data (other than
977 * a window probe), this is a completely
978 * duplicate ack (ie, window info didn't
979 * change), the ack is the biggest we've
980 * seen and we've seen exactly our rexmt
981 * threshold of them, assume a packet
982 * has been dropped and retransmit it.
983 * Kludge snd_nxt & the congestion
984 * window so we send only this one
987 * We know we're losing at the current
988 * window size so do congestion avoidance
989 * (set ssthresh to half the current window
990 * and pull our congestion window back to
993 * Dup acks mean that packets have left the
994 * network (they're now cached at the receiver)
995 * so bump cwnd by the amount in the receiver
996 * to keep a constant cwnd packets in the
999 if (tp->t_timer[TCPT_REXMT] == 0 ||
1000 ti->ti_ack != tp->snd_una)
1002 else if (++tp->t_dupacks == TCPREXMTTHRESH) {
1003 tcp_seq onxt = tp->snd_nxt;
1005 min(tp->snd_wnd, tp->snd_cwnd) / 2 /
1010 tp->snd_ssthresh = win * tp->t_maxseg;
1011 tp->t_timer[TCPT_REXMT] = 0;
1013 tp->snd_nxt = ti->ti_ack;
1014 tp->snd_cwnd = tp->t_maxseg;
1015 (void) tcp_output(tp);
1016 tp->snd_cwnd = tp->snd_ssthresh +
1017 tp->t_maxseg * tp->t_dupacks;
1018 if (SEQ_GT(onxt, tp->snd_nxt))
1021 } else if (tp->t_dupacks > TCPREXMTTHRESH) {
1022 tp->snd_cwnd += tp->t_maxseg;
1023 (void) tcp_output(tp);
1032 * If the congestion window was inflated to account
1033 * for the other side's cached packets, retract it.
1035 if (tp->t_dupacks > TCPREXMTTHRESH &&
1036 tp->snd_cwnd > tp->snd_ssthresh)
1037 tp->snd_cwnd = tp->snd_ssthresh;
1039 if (SEQ_GT(ti->ti_ack, tp->snd_max)) {
1042 acked = ti->ti_ack - tp->snd_una;
1045 * If transmit timer is running and timed sequence
1046 * number was acked, update smoothed round trip time.
1047 * Since we now have an rtt measurement, cancel the
1048 * timer backoff (cf., Phil Karn's retransmit alg.).
1049 * Recompute the initial retransmit timer.
1051 if (tp->t_rtt && SEQ_GT(ti->ti_ack, tp->t_rtseq))
1052 tcp_xmit_timer(tp,tp->t_rtt);
1055 * If all outstanding data is acked, stop retransmit
1056 * timer and remember to restart (more output or persist).
1057 * If there is more data to be acked, restart retransmit
1058 * timer, using current (possibly backed-off) value.
1060 if (ti->ti_ack == tp->snd_max) {
1061 tp->t_timer[TCPT_REXMT] = 0;
1063 } else if (tp->t_timer[TCPT_PERSIST] == 0)
1064 tp->t_timer[TCPT_REXMT] = tp->t_rxtcur;
1066 * When new data is acked, open the congestion window.
1067 * If the window gives us less than ssthresh packets
1068 * in flight, open exponentially (maxseg per packet).
1069 * Otherwise open linearly: maxseg per window
1070 * (maxseg^2 / cwnd per packet).
1073 register u_int cw = tp->snd_cwnd;
1074 register u_int incr = tp->t_maxseg;
1076 if (cw > tp->snd_ssthresh)
1077 incr = incr * incr / cw;
1078 tp->snd_cwnd = min(cw + incr, TCP_MAXWIN<<tp->snd_scale);
1080 if (acked > so->so_snd.sb_cc) {
1081 tp->snd_wnd -= so->so_snd.sb_cc;
1082 sbdrop(&so->so_snd, (int )so->so_snd.sb_cc);
1085 sbdrop(&so->so_snd, acked);
1086 tp->snd_wnd -= acked;
1089 tp->snd_una = ti->ti_ack;
1090 if (SEQ_LT(tp->snd_nxt, tp->snd_una))
1091 tp->snd_nxt = tp->snd_una;
1093 switch (tp->t_state) {
1096 * In FIN_WAIT_1 STATE in addition to the processing
1097 * for the ESTABLISHED state if our FIN is now acknowledged
1098 * then enter FIN_WAIT_2.
1100 case TCPS_FIN_WAIT_1:
1101 if (ourfinisacked) {
1103 * If we can't receive any more
1104 * data, then closing user can proceed.
1105 * Starting the timer is contrary to the
1106 * specification, but if we don't get a FIN
1107 * we'll hang forever.
1109 if (so->so_state & SS_FCANTRCVMORE) {
1110 tp->t_timer[TCPT_2MSL] = TCP_MAXIDLE;
1112 tp->t_state = TCPS_FIN_WAIT_2;
1117 * In CLOSING STATE in addition to the processing for
1118 * the ESTABLISHED state if the ACK acknowledges our FIN
1119 * then enter the TIME-WAIT state, otherwise ignore
1123 if (ourfinisacked) {
1124 tp->t_state = TCPS_TIME_WAIT;
1125 tcp_canceltimers(tp);
1126 tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL;
1131 * In LAST_ACK, we may still be waiting for data to drain
1132 * and/or to be acked, as well as for the ack of our FIN.
1133 * If our FIN is now acknowledged, delete the TCB,
1134 * enter the closed state and return.
1137 if (ourfinisacked) {
1144 * In TIME_WAIT state the only thing that should arrive
1145 * is a retransmission of the remote FIN. Acknowledge
1146 * it and restart the finack timer.
1148 case TCPS_TIME_WAIT:
1149 tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL;
1152 } /* switch(tp->t_state) */
1156 * Update window information.
1157 * Don't look at window if no ACK: TAC's send garbage on first SYN.
1159 if ((tiflags & TH_ACK) &&
1160 (SEQ_LT(tp->snd_wl1, ti->ti_seq) ||
1161 (tp->snd_wl1 == ti->ti_seq && (SEQ_LT(tp->snd_wl2, ti->ti_ack) ||
1162 (tp->snd_wl2 == ti->ti_ack && tiwin > tp->snd_wnd))))) {
1163 tp->snd_wnd = tiwin;
1164 tp->snd_wl1 = ti->ti_seq;
1165 tp->snd_wl2 = ti->ti_ack;
1166 if (tp->snd_wnd > tp->max_sndwnd)
1167 tp->max_sndwnd = tp->snd_wnd;
1172 * Process segments with URG.
1174 if ((tiflags & TH_URG) && ti->ti_urp &&
1175 TCPS_HAVERCVDFIN(tp->t_state) == 0) {
1177 * This is a kludge, but if we receive and accept
1178 * random urgent pointers, we'll crash in
1179 * soreceive. It's hard to imagine someone
1180 * actually wanting to send this much urgent data.
1182 if (ti->ti_urp + so->so_rcv.sb_cc > so->so_rcv.sb_datalen) {
1188 * If this segment advances the known urgent pointer,
1189 * then mark the data stream. This should not happen
1190 * in CLOSE_WAIT, CLOSING, LAST_ACK or TIME_WAIT STATES since
1191 * a FIN has been received from the remote side.
1192 * In these states we ignore the URG.
1194 * According to RFC961 (Assigned Protocols),
1195 * the urgent pointer points to the last octet
1196 * of urgent data. We continue, however,
1197 * to consider it to indicate the first octet
1198 * of data past the urgent section as the original
1199 * spec states (in one of two places).
1201 if (SEQ_GT(ti->ti_seq+ti->ti_urp, tp->rcv_up)) {
1202 tp->rcv_up = ti->ti_seq + ti->ti_urp;
1203 so->so_urgc = so->so_rcv.sb_cc +
1204 (tp->rcv_up - tp->rcv_nxt); /* -1; */
1205 tp->rcv_up = ti->ti_seq + ti->ti_urp;
1210 * If no out of band data is expected,
1211 * pull receive urgent pointer along
1212 * with the receive window.
1214 if (SEQ_GT(tp->rcv_nxt, tp->rcv_up))
1215 tp->rcv_up = tp->rcv_nxt;
1219 * If this is a small packet, then ACK now - with Nagel
1220 * congestion avoidance sender won't send more until
1223 if (ti->ti_len && (unsigned)ti->ti_len <= 5 &&
1224 ((struct tcpiphdr_2 *)ti)->first_char == (char)27) {
1225 tp->t_flags |= TF_ACKNOW;
1229 * Process the segment text, merging it into the TCP sequencing queue,
1230 * and arranging for acknowledgment of receipt if necessary.
1231 * This process logically involves adjusting tp->rcv_wnd as data
1232 * is presented to the user (this happens in tcp_usrreq.c,
1233 * case PRU_RCVD). If a FIN has already been received on this
1234 * connection then we just ignore the text.
1236 if ((ti->ti_len || (tiflags&TH_FIN)) &&
1237 TCPS_HAVERCVDFIN(tp->t_state) == 0) {
1238 TCP_REASS(tp, ti, m, so, tiflags);
1245 * If FIN is received ACK the FIN and let the user know
1246 * that the connection is closing.
1248 if (tiflags & TH_FIN) {
1249 if (TCPS_HAVERCVDFIN(tp->t_state) == 0) {
1251 * If we receive a FIN we can't send more data,
1253 * Shutdown the socket if there is no rx data in the
1255 * soread() is called on completion of shutdown() and
1256 * will got to TCPS_LAST_ACK, and use tcp_output()
1261 tp->t_flags |= TF_ACKNOW;
1264 switch (tp->t_state) {
1267 * In SYN_RECEIVED and ESTABLISHED STATES
1268 * enter the CLOSE_WAIT state.
1270 case TCPS_SYN_RECEIVED:
1271 case TCPS_ESTABLISHED:
1272 if(so->so_emu == EMU_CTL) /* no shutdown on socket */
1273 tp->t_state = TCPS_LAST_ACK;
1275 tp->t_state = TCPS_CLOSE_WAIT;
1279 * If still in FIN_WAIT_1 STATE FIN has not been acked so
1280 * enter the CLOSING state.
1282 case TCPS_FIN_WAIT_1:
1283 tp->t_state = TCPS_CLOSING;
1287 * In FIN_WAIT_2 state enter the TIME_WAIT state,
1288 * starting the time-wait timer, turning off the other
1291 case TCPS_FIN_WAIT_2:
1292 tp->t_state = TCPS_TIME_WAIT;
1293 tcp_canceltimers(tp);
1294 tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL;
1298 * In TIME_WAIT state restart the 2 MSL time_wait timer.
1300 case TCPS_TIME_WAIT:
1301 tp->t_timer[TCPT_2MSL] = 2 * TCPTV_MSL;
1307 * Return any desired output.
1309 if (needoutput || (tp->t_flags & TF_ACKNOW)) {
1310 (void) tcp_output(tp);
1316 * Generate an ACK dropping incoming segment if it occupies
1317 * sequence space, where the ACK reflects our state.
1319 if (tiflags & TH_RST)
1322 tp->t_flags |= TF_ACKNOW;
1323 (void) tcp_output(tp);
1327 /* reuses m if m!=NULL, m_free() unnecessary */
1328 if (tiflags & TH_ACK)
1329 tcp_respond(tp, ti, m, (tcp_seq)0, ti->ti_ack, TH_RST, af);
1331 if (tiflags & TH_SYN) ti->ti_len++;
1332 tcp_respond(tp, ti, m, ti->ti_seq + ti->ti_len, (tcp_seq) 0,
1333 TH_RST | TH_ACK, af);
1340 * Drop space held by incoming segment and return.
1346 tcp_dooptions(struct tcpcb *tp, u_char *cp, int cnt, struct tcpiphdr *ti)
1351 DEBUG_CALL("tcp_dooptions");
1352 DEBUG_ARGS((dfd, " tp = %p cnt=%i\n", tp, cnt));
1354 for (; cnt > 0; cnt -= optlen, cp += optlen) {
1356 if (opt == TCPOPT_EOL)
1358 if (opt == TCPOPT_NOP)
1371 if (optlen != TCPOLEN_MAXSEG)
1373 if (!(ti->ti_flags & TH_SYN))
1375 memcpy((char *) &mss, (char *) cp + 2, sizeof(mss));
1377 (void) tcp_mss(tp, mss); /* sets t_maxseg */
1385 * Pull out of band byte out of a segment so
1386 * it doesn't appear in the user's data queue.
1387 * It is still reflected in the segment length for
1388 * sequencing purposes.
1394 tcp_pulloutofband(so, ti, m)
1396 struct tcpiphdr *ti;
1397 register struct mbuf *m;
1399 int cnt = ti->ti_urp - 1;
1402 if (m->m_len > cnt) {
1403 char *cp = mtod(m, caddr_t) + cnt;
1404 struct tcpcb *tp = sototcpcb(so);
1407 tp->t_oobflags |= TCPOOB_HAVEDATA;
1408 memcpy(sp, cp+1, (unsigned)(m->m_len - cnt - 1));
1413 m = m->m_next; /* XXX WRONG! Fix it! */
1417 panic("tcp_pulloutofband");
1423 * Collect new round-trip time estimate
1424 * and update averages and current timeout.
1428 tcp_xmit_timer(register struct tcpcb *tp, int rtt)
1430 register short delta;
1432 DEBUG_CALL("tcp_xmit_timer");
1433 DEBUG_ARG("tp = %p", tp);
1434 DEBUG_ARG("rtt = %d", rtt);
1436 if (tp->t_srtt != 0) {
1438 * srtt is stored as fixed point with 3 bits after the
1439 * binary point (i.e., scaled by 8). The following magic
1440 * is equivalent to the smoothing algorithm in rfc793 with
1441 * an alpha of .875 (srtt = rtt/8 + srtt*7/8 in fixed
1442 * point). Adjust rtt to origin 0.
1444 delta = rtt - 1 - (tp->t_srtt >> TCP_RTT_SHIFT);
1445 if ((tp->t_srtt += delta) <= 0)
1448 * We accumulate a smoothed rtt variance (actually, a
1449 * smoothed mean difference), then set the retransmit
1450 * timer to smoothed rtt + 4 times the smoothed variance.
1451 * rttvar is stored as fixed point with 2 bits after the
1452 * binary point (scaled by 4). The following is
1453 * equivalent to rfc793 smoothing with an alpha of .75
1454 * (rttvar = rttvar*3/4 + |delta| / 4). This replaces
1455 * rfc793's wired-in beta.
1459 delta -= (tp->t_rttvar >> TCP_RTTVAR_SHIFT);
1460 if ((tp->t_rttvar += delta) <= 0)
1464 * No rtt measurement yet - use the unsmoothed rtt.
1465 * Set the variance to half the rtt (so our first
1466 * retransmit happens at 3*rtt).
1468 tp->t_srtt = rtt << TCP_RTT_SHIFT;
1469 tp->t_rttvar = rtt << (TCP_RTTVAR_SHIFT - 1);
1475 * the retransmit should happen at rtt + 4 * rttvar.
1476 * Because of the way we do the smoothing, srtt and rttvar
1477 * will each average +1/2 tick of bias. When we compute
1478 * the retransmit timer, we want 1/2 tick of rounding and
1479 * 1 extra tick because of +-1/2 tick uncertainty in the
1480 * firing of the timer. The bias will give us exactly the
1481 * 1.5 tick we need. But, because the bias is
1482 * statistical, we have to test that we don't drop below
1483 * the minimum feasible timer (which is 2 ticks).
1485 TCPT_RANGESET(tp->t_rxtcur, TCP_REXMTVAL(tp),
1486 (short)tp->t_rttmin, TCPTV_REXMTMAX); /* XXX */
1489 * We received an ack for a packet that wasn't retransmitted;
1490 * it is probably safe to discard any error indications we've
1491 * received recently. This isn't quite right, but close enough
1492 * for now (a route might have failed after we sent a segment,
1493 * and the return path might not be symmetrical).
1495 tp->t_softerror = 0;
1499 * Determine a reasonable value for maxseg size.
1500 * If the route is known, check route for mtu.
1501 * If none, use an mss that can be handled on the outgoing
1502 * interface without forcing IP to fragment; if bigger than
1503 * an mbuf cluster (MCLBYTES), round down to nearest multiple of MCLBYTES
1504 * to utilize large mbufs. If no route is found, route has no mtu,
1505 * or the destination isn't local, use a default, hopefully conservative
1506 * size (usually 512 or the default IP max size, but no more than the mtu
1507 * of the interface), as we can't discover anything about intervening
1508 * gateways or networks. We also initialize the congestion/slow start
1509 * window to be a single segment if the destination isn't local.
1510 * While looking at the routing entry, we also initialize other path-dependent
1511 * parameters from pre-set or cached values in the routing entry.
1515 tcp_mss(struct tcpcb *tp, u_int offer)
1517 struct socket *so = tp->t_socket;
1520 DEBUG_CALL("tcp_mss");
1521 DEBUG_ARG("tp = %p", tp);
1522 DEBUG_ARG("offer = %d", offer);
1524 switch (so->so_ffamily) {
1526 mss = min(IF_MTU, IF_MRU) - sizeof(struct tcphdr)
1527 + sizeof(struct ip);
1530 g_assert_not_reached();
1534 mss = min(mss, offer);
1536 if (mss < tp->t_maxseg || offer != 0)
1541 sbreserve(&so->so_snd, TCP_SNDSPACE + ((TCP_SNDSPACE % mss) ?
1542 (mss - (TCP_SNDSPACE % mss)) :
1544 sbreserve(&so->so_rcv, TCP_RCVSPACE + ((TCP_RCVSPACE % mss) ?
1545 (mss - (TCP_RCVSPACE % mss)) :
1548 DEBUG_MISC((dfd, " returning mss = %d\n", mss));
projects / qemu.git / blob