Commit 7f9b838b authored by Daniel Lee's avatar Daniel Lee Committed by David S. Miller

tcp: RFC7413 option support for Fast Open server

Fast Open has been using the experimental option with a magic number
(RFC6994) to request and grant Fast Open cookies. This patch enables
the server to support the official IANA option 34 in RFC7413 in
addition.

The change has passed all existing Fast Open tests with both
old and new options at Google.
Signed-off-by: default avatarDaniel Lee <Longinus00@gmail.com>
Signed-off-by: default avatarYuchung Cheng <ycheng@google.com>
Signed-off-by: default avatarNeal Cardwell <ncardwell@google.com>
Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parent 812034f1
...@@ -58,6 +58,7 @@ static inline unsigned int tcp_optlen(const struct sk_buff *skb) ...@@ -58,6 +58,7 @@ static inline unsigned int tcp_optlen(const struct sk_buff *skb)
struct tcp_fastopen_cookie { struct tcp_fastopen_cookie {
s8 len; s8 len;
u8 val[TCP_FASTOPEN_COOKIE_MAX]; u8 val[TCP_FASTOPEN_COOKIE_MAX];
bool exp; /* In RFC6994 experimental option format */
}; };
/* This defines a selective acknowledgement block. */ /* This defines a selective acknowledgement block. */
......
...@@ -179,6 +179,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo); ...@@ -179,6 +179,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo);
#define TCPOPT_SACK 5 /* SACK Block */ #define TCPOPT_SACK 5 /* SACK Block */
#define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */ #define TCPOPT_TIMESTAMP 8 /* Better RTT estimations/PAWS */
#define TCPOPT_MD5SIG 19 /* MD5 Signature (RFC2385) */ #define TCPOPT_MD5SIG 19 /* MD5 Signature (RFC2385) */
#define TCPOPT_FASTOPEN 34 /* Fast open (RFC7413) */
#define TCPOPT_EXP 254 /* Experimental */ #define TCPOPT_EXP 254 /* Experimental */
/* Magic number to be after the option value for sharing TCP /* Magic number to be after the option value for sharing TCP
* experimental options. See draft-ietf-tcpm-experimental-options-00.txt * experimental options. See draft-ietf-tcpm-experimental-options-00.txt
...@@ -194,6 +195,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo); ...@@ -194,6 +195,7 @@ void tcp_time_wait(struct sock *sk, int state, int timeo);
#define TCPOLEN_SACK_PERM 2 #define TCPOLEN_SACK_PERM 2
#define TCPOLEN_TIMESTAMP 10 #define TCPOLEN_TIMESTAMP 10
#define TCPOLEN_MD5SIG 18 #define TCPOLEN_MD5SIG 18
#define TCPOLEN_FASTOPEN_BASE 2
#define TCPOLEN_EXP_FASTOPEN_BASE 4 #define TCPOLEN_EXP_FASTOPEN_BASE 4
/* But this is what stacks really send out. */ /* But this is what stacks really send out. */
......
...@@ -303,6 +303,7 @@ bool tcp_try_fastopen(struct sock *sk, struct sk_buff *skb, ...@@ -303,6 +303,7 @@ bool tcp_try_fastopen(struct sock *sk, struct sk_buff *skb,
} else if (foc->len > 0) /* Client presents an invalid cookie */ } else if (foc->len > 0) /* Client presents an invalid cookie */
NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPFASTOPENPASSIVEFAIL); NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPFASTOPENPASSIVEFAIL);
valid_foc.exp = foc->exp;
*foc = valid_foc; *foc = valid_foc;
return false; return false;
} }
......
...@@ -3603,6 +3603,23 @@ static int tcp_ack(struct sock *sk, const struct sk_buff *skb, int flag) ...@@ -3603,6 +3603,23 @@ static int tcp_ack(struct sock *sk, const struct sk_buff *skb, int flag)
return 0; return 0;
} }
static void tcp_parse_fastopen_option(int len, const unsigned char *cookie,
bool syn, struct tcp_fastopen_cookie *foc,
bool exp_opt)
{
/* Valid only in SYN or SYN-ACK with an even length. */
if (!foc || !syn || len < 0 || (len & 1))
return;
if (len >= TCP_FASTOPEN_COOKIE_MIN &&
len <= TCP_FASTOPEN_COOKIE_MAX)
memcpy(foc->val, cookie, len);
else if (len != 0)
len = -1;
foc->len = len;
foc->exp = exp_opt;
}
/* Look for tcp options. Normally only called on SYN and SYNACK packets. /* Look for tcp options. Normally only called on SYN and SYNACK packets.
* But, this can also be called on packets in the established flow when * But, this can also be called on packets in the established flow when
* the fast version below fails. * the fast version below fails.
...@@ -3692,21 +3709,22 @@ void tcp_parse_options(const struct sk_buff *skb, ...@@ -3692,21 +3709,22 @@ void tcp_parse_options(const struct sk_buff *skb,
*/ */
break; break;
#endif #endif
case TCPOPT_FASTOPEN:
tcp_parse_fastopen_option(
opsize - TCPOLEN_FASTOPEN_BASE,
ptr, th->syn, foc, false);
break;
case TCPOPT_EXP: case TCPOPT_EXP:
/* Fast Open option shares code 254 using a /* Fast Open option shares code 254 using a
* 16 bits magic number. It's valid only in * 16 bits magic number.
* SYN or SYN-ACK with an even size.
*/ */
if (opsize < TCPOLEN_EXP_FASTOPEN_BASE || if (opsize >= TCPOLEN_EXP_FASTOPEN_BASE &&
get_unaligned_be16(ptr) != TCPOPT_FASTOPEN_MAGIC || get_unaligned_be16(ptr) ==
!foc || !th->syn || (opsize & 1)) TCPOPT_FASTOPEN_MAGIC)
break; tcp_parse_fastopen_option(opsize -
foc->len = opsize - TCPOLEN_EXP_FASTOPEN_BASE; TCPOLEN_EXP_FASTOPEN_BASE,
if (foc->len >= TCP_FASTOPEN_COOKIE_MIN && ptr + 2, th->syn, foc, true);
foc->len <= TCP_FASTOPEN_COOKIE_MAX)
memcpy(foc->val, ptr + 2, foc->len);
else if (foc->len != 0)
foc->len = -1;
break; break;
} }
......
...@@ -518,17 +518,26 @@ static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp, ...@@ -518,17 +518,26 @@ static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
if (unlikely(OPTION_FAST_OPEN_COOKIE & options)) { if (unlikely(OPTION_FAST_OPEN_COOKIE & options)) {
struct tcp_fastopen_cookie *foc = opts->fastopen_cookie; struct tcp_fastopen_cookie *foc = opts->fastopen_cookie;
u8 *p = (u8 *)ptr;
u32 len; /* Fast Open option length */
if (foc->exp) {
len = TCPOLEN_EXP_FASTOPEN_BASE + foc->len;
*ptr = htonl((TCPOPT_EXP << 24) | (len << 16) |
TCPOPT_FASTOPEN_MAGIC);
p += TCPOLEN_EXP_FASTOPEN_BASE;
} else {
len = TCPOLEN_FASTOPEN_BASE + foc->len;
*p++ = TCPOPT_FASTOPEN;
*p++ = len;
}
*ptr++ = htonl((TCPOPT_EXP << 24) | memcpy(p, foc->val, foc->len);
((TCPOLEN_EXP_FASTOPEN_BASE + foc->len) << 16) | if ((len & 3) == 2) {
TCPOPT_FASTOPEN_MAGIC); p[foc->len] = TCPOPT_NOP;
p[foc->len + 1] = TCPOPT_NOP;
memcpy(ptr, foc->val, foc->len);
if ((foc->len & 3) == 2) {
u8 *align = ((u8 *)ptr) + foc->len;
align[0] = align[1] = TCPOPT_NOP;
} }
ptr += (foc->len + 3) >> 2; ptr += (len + 3) >> 2;
} }
} }
...@@ -641,8 +650,11 @@ static unsigned int tcp_synack_options(struct sock *sk, ...@@ -641,8 +650,11 @@ static unsigned int tcp_synack_options(struct sock *sk,
if (unlikely(!ireq->tstamp_ok)) if (unlikely(!ireq->tstamp_ok))
remaining -= TCPOLEN_SACKPERM_ALIGNED; remaining -= TCPOLEN_SACKPERM_ALIGNED;
} }
if (foc && foc->len >= 0) { if (foc != NULL && foc->len >= 0) {
u32 need = TCPOLEN_EXP_FASTOPEN_BASE + foc->len; u32 need = foc->len;
need += foc->exp ? TCPOLEN_EXP_FASTOPEN_BASE :
TCPOLEN_FASTOPEN_BASE;
need = (need + 3) & ~3U; /* Align to 32 bits */ need = (need + 3) & ~3U; /* Align to 32 bits */
if (remaining >= need) { if (remaining >= need) {
opts->options |= OPTION_FAST_OPEN_COOKIE; opts->options |= OPTION_FAST_OPEN_COOKIE;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment