1 /*
2 * Copyright (c) 2012-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 #ifndef _NETINET_MPTCP_VAR_H_
30 #define _NETINET_MPTCP_VAR_H_
31
32 #include <netinet/in.h>
33 #include <netinet/tcp.h>
34 #include <netinet/tcp_private.h>
35 #include <sys/_types/_uuid_t.h>
36
37 #ifdef BSD_KERNEL_PRIVATE
38 #include <sys/queue.h>
39 #include <sys/protosw.h>
40 #include <kern/locks.h>
41 #include <mach/boolean.h>
42 #include <netinet/mp_pcb.h>
43 #include <netinet/tcp_var.h>
44 #include <os/log.h>
45 #include <libkern/crypto/sha1.h>
46 #include <libkern/crypto/sha2.h>
47
48 struct mpt_itf_info {
49 uint32_t ifindex;
50 uint32_t has_v4_conn:1,
51 has_v6_conn:1,
52 has_nat64_conn:1,
53 no_mptcp_support:1;
54 };
55
56 /*
57 * MPTCP Session
58 *
59 * This is an extension to the multipath PCB specific for MPTCP, protected by
60 * the per-PCB mpp_lock (also the socket's lock);
61 */
62 struct mptses {
63 struct mppcb *mpte_mppcb; /* back ptr to multipath PCB */
64 struct mptcb *mpte_mptcb; /* ptr to MPTCP PCB */
65 TAILQ_HEAD(, mptopt) mpte_sopts; /* list of socket options */
66 TAILQ_HEAD(, mptsub) mpte_subflows; /* list of subflows */
67 #define MPTCP_MAX_NUM_SUBFLOWS 256
68 uint16_t mpte_numflows; /* # of subflows in list */
69 uint16_t mpte_nummpcapflows; /* # of MP_CAP subflows */
70 sae_associd_t mpte_associd; /* MPTCP association ID */
71 sae_connid_t mpte_connid_last; /* last used connection ID */
72
73 uint64_t mpte_time_target;
74 thread_call_t mpte_time_thread;
75 thread_call_t mpte_stop_urgency;
76
77 uint32_t mpte_last_cellicon_set;
78 uint32_t mpte_cellicon_increments;
79
80 union {
81 /* Source address of initial subflow */
82 struct sockaddr _mpte_src;
83 struct sockaddr_in _mpte_src_v4;
84 struct sockaddr_in6 _mpte_src_v6;
85 } mpte_u_src;
86 #define mpte_src mpte_u_src._mpte_src
87 #define __mpte_src_v4 mpte_u_src._mpte_src_v4
88 #define __mpte_src_v6 mpte_u_src._mpte_src_v6
89 union {
90 /* Destination address of initial subflow */
91 struct sockaddr _mpte_dst;
92 struct sockaddr_in _mpte_dst_v4;
93 struct sockaddr_in6 _mpte_dst_v6;
94 } mpte_u_dst;
95 #define mpte_dst mpte_u_dst._mpte_dst
96 #define __mpte_dst_v4 mpte_u_dst._mpte_dst_v4
97 #define __mpte_dst_v6 mpte_u_dst._mpte_dst_v6
98
99 struct sockaddr_in mpte_sub_dst_v4;
100 struct sockaddr_in6 mpte_sub_dst_v6;
101 uint8_t sub_dst_addr_id_v4;
102 uint8_t sub_dst_addr_id_v6;
103
104 uint16_t mpte_alternate_port; /* Alternate port for subflow establishment (network-byte-order) */
105
106 int mpte_epid;
107 uuid_t mpte_euuid;
108
109 struct mptsub *mpte_active_sub; /* ptr to last active subf */
110 uint16_t mpte_flags; /* per mptcp session flags */
111 #define MPTE_SND_REM_ADDR 0x01 /* Send Remove_addr option */
112 #define MPTE_SVCTYPE_CHECKED 0x02 /* Did entitlement-check for service-type */
113 #define MPTE_FIRSTPARTY 0x04 /* First-party app used multipath_extended entitlement */
114 #define MPTE_ACCESS_GRANTED 0x08 /* Access to cellular has been granted for this connection */
115 #define MPTE_FORCE_ENABLE 0x10 /* For MPTCP regardless of heuristics to detect middleboxes */
116 #define MPTE_IN_WORKLOOP 0x20 /* Are we currently inside the workloop ? */
117 #define MPTE_WORKLOOP_RELAUNCH 0x40 /* Another event got queued, we should restart the workloop */
118 #define MPTE_UNICAST_IP 0x80 /* New subflows are only being established towards the unicast IP in the ADD_ADDR */
119 #define MPTE_CELL_PROHIBITED 0x100 /* Cell access has been prohibited based on signal quality */
120 #define MPTE_FORCE_V0 0x200 /* Force MPTCP to use version 0 regradless of tcp cache */
121 #define MPTE_FORCE_V1 0x400 /* Force MPTCP to use version 1 regradless of tcp cache */
122 #define MPTE_ITFINFO_INIT 0x800 /* Set when the itfinfo has been initialized */
123 uint8_t mpte_svctype; /* MPTCP Service type */
124 uint8_t mpte_lost_aid; /* storing lost address id */
125 uint8_t mpte_addrid_last; /* storing address id parm */
126
127 #define MPTE_ITFINFO_SIZE 4
128 uint32_t mpte_itfinfo_size;
129 struct mpt_itf_info _mpte_itfinfo[MPTE_ITFINFO_SIZE];
130 struct mpt_itf_info *mpte_itfinfo __counted_by(mpte_itfinfo_size);
131
132 struct mbuf *mpte_reinjectq;
133
134 /* The below is used for stats */
135 uint32_t mpte_subflow_switches; /* Number of subflow-switches in sending */
136 uint32_t mpte_used_cell:1,
137 mpte_used_wifi:1,
138 mpte_initial_cell:1,
139 mpte_triggered_cell,
140 mpte_handshake_success:1,
141 mpte_last_added_addr_is_v4:1;
142
143 struct mptcp_itf_stats mpte_itfstats[MPTCP_ITFSTATS_SIZE];
144 uint64_t mpte_init_txbytes __attribute__((aligned(8)));
145 uint64_t mpte_init_rxbytes __attribute__((aligned(8)));
146 };
147
148 static inline struct socket *
mptetoso(struct mptses * mpte)149 mptetoso(struct mptses *mpte)
150 {
151 return mpte->mpte_mppcb->mpp_socket;
152 }
153
154 static inline struct mptses *
mptompte(struct mppcb * mp)155 mptompte(struct mppcb *mp)
156 {
157 return (struct mptses *)mp->mpp_pcbe;
158 }
159
160 static inline struct mptses *
mpsotompte(struct socket * so)161 mpsotompte(struct socket *so)
162 {
163 return mptompte(mpsotomppcb(so));
164 }
165
166 static inline boolean_t
mpp_try_lock(struct mppcb * mp)167 mpp_try_lock(struct mppcb *mp)
168 {
169 if (!lck_mtx_try_lock(&mp->mpp_lock)) {
170 return false;
171 }
172
173 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
174 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
175 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
176
177 return true;
178 }
179
180 static inline void
mpp_lock(struct mppcb * mp)181 mpp_lock(struct mppcb *mp)
182 {
183 lck_mtx_lock(&mp->mpp_lock);
184 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
185 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
186 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
187 }
188
189 static inline void
mpp_unlock(struct mppcb * mp)190 mpp_unlock(struct mppcb *mp)
191 {
192 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
193 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
194 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
195 lck_mtx_unlock(&mp->mpp_lock);
196 }
197
198 static inline lck_mtx_t *
mpp_getlock(struct mppcb * mp,int flags)199 mpp_getlock(struct mppcb *mp, int flags)
200 {
201 if (flags & PR_F_WILLUNLOCK) {
202 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
203 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
204 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
205 }
206
207 return &mp->mpp_lock;
208 }
209
210 static inline int
mptcp_subflow_cwnd_space(struct socket * so)211 mptcp_subflow_cwnd_space(struct socket *so)
212 {
213 struct tcpcb *tp = sototcpcb(so);
214 int cwnd = (int)(MIN(tp->snd_wnd, tp->snd_cwnd) - (so->so_snd.sb_cc));
215
216 return MIN(cwnd, sbspace(&so->so_snd));
217 }
218
219 static inline bool
mptcp_subflows_need_backup_flag(struct mptses * mpte)220 mptcp_subflows_need_backup_flag(struct mptses *mpte)
221 {
222 return mpte->mpte_svctype < MPTCP_SVCTYPE_AGGREGATE ||
223 mpte->mpte_svctype == MPTCP_SVCTYPE_PURE_HANDOVER;
224 }
225
226 /*
227 * MPTCP socket options
228 */
229 struct mptopt {
230 TAILQ_ENTRY(mptopt) mpo_entry; /* glue to other options */
231 uint32_t mpo_flags; /* see flags below */
232 int mpo_level; /* sopt_level */
233 int mpo_name; /* sopt_name */
234 int mpo_intval; /* sopt_val */
235 };
236
237 #define MPOF_ATTACHED 0x1 /* attached to MP socket */
238 #define MPOF_SUBFLOW_OK 0x2 /* can be issued on subflow socket */
239 #define MPOF_INTERIM 0x4 /* has not been issued on any subflow */
240
241 /*
242 * MPTCP subflow
243 */
244 struct mptsub {
245 TAILQ_ENTRY(mptsub) mpts_entry; /* glue to peer subflows */
246 uint32_t mpts_refcnt; /* reference count */
247 uint32_t mpts_flags; /* see flags below */
248 uint32_t mpts_evctl; /* subflow control events */
249 sae_connid_t mpts_connid; /* subflow connection ID */
250 int mpts_oldintval; /* sopt_val before sosetopt */
251 struct mptses *mpts_mpte; /* back ptr to MPTCP session */
252 struct socket *mpts_socket; /* subflow socket */
253 struct sockaddr *mpts_src; /* source address */
254
255 union {
256 /* destination address */
257 struct sockaddr _mpts_dst;
258 struct sockaddr_in _mpts_dst_v4;
259 struct sockaddr_in6 _mpts_dst_v6;
260 } mpts_u_dst;
261 #define mpts_dst mpts_u_dst._mpts_dst
262 #define __mpts_dst_v4 mpts_u_dst._mpts_dst_v4
263 #define __mpts_dst_v6 mpts_u_dst._mpts_dst_v6
264 u_int32_t mpts_rel_seq; /* running count of subflow # */
265 u_int32_t mpts_iss; /* Initial sequence number, taking TFO into account */
266 u_int32_t mpts_ifscope; /* scoped to the interface */
267 uint32_t mpts_probesoon; /* send probe after probeto */
268 uint32_t mpts_probecnt; /* number of probes sent */
269 uint32_t mpts_maxseg; /* cached value of t_maxseg */
270 struct mpt_dsn_map mpts_rcv_map; /* Receive mapping list */
271 };
272
273 /*
274 * Valid values for mpts_flags. In particular:
275 *
276 * - MP_CAPABLE means that the connection is successfully established as
277 * MPTCP and data transfer may occur, but is not yet ready for multipath-
278 * related semantics until MP_READY. I.e. if this is on the first subflow,
279 * it causes the MPTCP socket to transition to a connected state, except
280 * that additional subflows will not be established; they will be marked
281 * with PENDING and will be processed when the first subflow is marked
282 * with MP_READY.
283 *
284 * - MP_READY implies that an MP_CAPABLE connection has been confirmed as
285 * an MPTCP connection. See notes above.
286 *
287 * - MP_DEGRADED implies that the connection has lost its MPTCP capabilities
288 * but data transfer on the MPTCP socket is unaffected. Any existing
289 * PENDING subflows will be disconnected, and further attempts to connect
290 * additional subflows will be rejected.
291 *
292 * Note that these are per-subflow flags. The setting and clearing of MP_READY
293 * reflects the state of the MPTCP connection with regards to its multipath
294 * semantics, via the MPTCPF_JOIN_READY flag. Until that flag is set (meaning
295 * until at least a subflow is marked with MP_READY), further connectx(2)
296 * attempts to join will be queued. When the flag is cleared (after it has
297 * been set), further connectx(2) will fail (and existing queued ones will be
298 * aborted) and the MPTCP connection loses all of its multipath semantics.
299 *
300 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
301 */
302 #define MPTSF_CONNECTING 0x00000002 /* connection was attempted */
303 #define MPTSF_CONNECT_PENDING 0x00000004 /* will connect when MPTCP is ready */
304 #define MPTSF_CONNECTED 0x00000008 /* connection is established */
305 #define MPTSF_DISCONNECTING 0x00000010 /* disconnection was attempted */
306 #define MPTSF_DISCONNECTED 0x00000020 /* has been disconnected */
307 #define MPTSF_MP_CAPABLE 0x00000040 /* connected as a MPTCP subflow */
308 #define MPTSF_MP_READY 0x00000080 /* MPTCP has been confirmed */
309 #define MPTSF_MP_DEGRADED 0x00000100 /* has lost its MPTCP capabilities */
310 #define MPTSF_PREFERRED 0x00000200 /* primary/preferred subflow */
311 #define MPTSF_SOPT_OLDVAL 0x00000400 /* old option value is valid */
312 #define MPTSF_SOPT_INPROG 0x00000800 /* sosetopt in progress */
313 #define MPTSF_FAILINGOVER 0x00001000 /* subflow not used for output */
314 #define MPTSF_ACTIVE 0x00002000 /* subflow currently in use */
315 #define MPTSF_MPCAP_CTRSET 0x00004000 /* mpcap counter */
316 #define MPTSF_CLOSED 0x00008000 /* soclose_locked has been called on this subflow */
317 #define MPTSF_TFO_REQD 0x00010000 /* TFO requested */
318 #define MPTSF_CLOSE_REQD 0x00020000 /* A close has been requested from NECP */
319 #define MPTSF_INITIAL_SUB 0x00040000 /* This is the initial subflow */
320 #define MPTSF_READ_STALL 0x00080000 /* A read-stall has been detected */
321 #define MPTSF_WRITE_STALL 0x00100000 /* A write-stall has been detected */
322 #define MPTSF_FULLY_ESTABLISHED 0x00200000 /* Subflow is fully established and it has been confirmed
323 * whether or not it supports MPTCP.
324 * No need for further middlebox-detection.
325 */
326 #define MPTSF_CELLICON_SET 0x00400000 /* This subflow set the cellicon */
327
328 /*
329 * MPTCP states
330 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d
331 */
332 typedef enum mptcp_state {
333 MPTCPS_CLOSED = 0, /* closed */
334 MPTCPS_LISTEN = 1, /* not yet implemented */
335 MPTCPS_ESTABLISHED = 2, /* MPTCP connection established */
336 MPTCPS_CLOSE_WAIT = 3, /* rcvd DFIN, waiting for close */
337 MPTCPS_FIN_WAIT_1 = 4, /* have closed, sent DFIN */
338 MPTCPS_CLOSING = 5, /* closed xchd DFIN, waiting DFIN ACK */
339 MPTCPS_LAST_ACK = 6, /* had DFIN and close; await DFIN ACK */
340 MPTCPS_FIN_WAIT_2 = 7, /* have closed, DFIN is acked */
341 MPTCPS_TIME_WAIT = 8, /* in 2*MSL quiet wait after close */
342 MPTCPS_TERMINATE = 9, /* terminal state */
343 } mptcp_state_t;
344
345 /*
346 * WiFi Quality states from MPTCP's perspective
347 */
348 typedef enum mptcp_wifi_quality {
349 MPTCP_WIFI_QUALITY_GOOD,
350 MPTCP_WIFI_QUALITY_BAD,
351 MPTCP_WIFI_QUALITY_UNSURE,
352 } mptcp_wifi_quality_t;
353
354 typedef u_int64_t mptcp_key_t;
355 typedef u_int32_t mptcp_token_t;
356 typedef u_int8_t mptcp_addr_id;
357
358
359 /* Address ID list */
360 struct mptcp_subf_auth_entry {
361 LIST_ENTRY(mptcp_subf_auth_entry) msae_next;
362 u_int32_t msae_laddr_rand; /* Local nonce */
363 u_int32_t msae_raddr_rand; /* Remote nonce */
364 mptcp_addr_id msae_laddr_id; /* Local addr ID */
365 mptcp_addr_id msae_raddr_id; /* Remote addr ID */
366 };
367
368 /*
369 * MPTCP Protocol Control Block
370 *
371 * Protected by per-MPTCP mpt_lock.
372 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
373 */
374 struct mptcb {
375 struct mptses *mpt_mpte; /* back ptr to MPTCP session */
376 mptcp_state_t mpt_state; /* MPTCP state */
377 uint32_t mpt_flags; /* see flags below */
378 uint8_t mpt_version; /* MPTCP proto version */
379 u_short mpt_softerror; /* error not yet reported */
380 /*
381 * Authentication and metadata invariants
382 */
383 mptcp_key_t mpt_localkey; /* in network byte order */
384 mptcp_key_t mpt_remotekey; /* in network byte order */
385 mptcp_token_t mpt_localtoken; /* HMAC SHA1 of local key */
386 mptcp_token_t mpt_remotetoken; /* HMAC SHA1 of remote key */
387
388 /*
389 * Timer vars for scenarios where subflow level acks arrive, but
390 * Data ACKs do not.
391 */
392 int mpt_rxtshift; /* num of consecutive retrans */
393 uint64_t mpt_rxtstart; /* time at which rxt started */
394 uint64_t mpt_rtseq; /* seq # being tracked */
395 uint64_t mpt_timewait; /* timewait */
396 uint32_t mpt_timer_vals; /* timer related values */
397 /*
398 * Sending side
399 */
400 uint64_t mpt_snduna; /* DSN of last unacked byte */
401 uint64_t mpt_sndnxt; /* DSN of next byte to send */
402 uint64_t mpt_sndmax; /* DSN of max byte sent */
403 uint64_t mpt_local_idsn; /* First byte's DSN */
404 uint32_t mpt_sndwnd;
405 uint64_t mpt_sndwl1;
406 uint64_t mpt_sndwl2;
407 /*
408 * Receiving side
409 */
410 uint64_t mpt_rcvnxt; /* Next expected DSN */
411 uint64_t mpt_remote_idsn; /* Peer's IDSN */
412 uint64_t mpt_rcvadv;
413 uint32_t mpt_rcvwnd;
414 LIST_HEAD(, mptcp_subf_auth_entry) mpt_subauth_list; /* address IDs */
415 /*
416 * Fastclose
417 */
418 uint64_t mpt_dsn_at_csum_fail; /* MPFail Opt DSN */
419 uint32_t mpt_ssn_at_csum_fail; /* MPFail Subflow Seq */
420 /*
421 * Zombie handling
422 */
423 #define MPT_GC_TICKS (30)
424 #define MPT_GC_TICKS_FAST (10)
425 int32_t mpt_gc_ticks; /* Used for zombie deletion */
426
427 uint32_t mpt_notsent_lowat; /* TCP_NOTSENT_LOWAT support */
428
429 struct tsegqe_head mpt_segq;
430 uint32_t mpt_reassqlen; /* length of reassembly queue */
431 };
432
433 /* valid values for mpt_flags (see also notes on mpts_flags above) */
434 #define MPTCPF_CHECKSUM 0x001 /* checksum DSS option */
435 #define MPTCPF_FALLBACK_TO_TCP 0x002 /* Fallback to TCP */
436 #define MPTCPF_JOIN_READY 0x004 /* Ready to start 2 or more subflows */
437 #define MPTCPF_RECVD_MPFAIL 0x008 /* Received MP_FAIL option */
438 #define MPTCPF_SND_64BITDSN 0x010 /* Send full 64-bit DSN */
439 #define MPTCPF_SND_64BITACK 0x020 /* Send 64-bit ACK response */
440 #define MPTCPF_RCVD_64BITACK 0x040 /* Received 64-bit Data ACK */
441 #define MPTCPF_POST_FALLBACK_SYNC 0x080 /* Post fallback resend data */
442 #define MPTCPF_FALLBACK_HEURISTIC 0x100 /* Send SYN without MP_CAPABLE due to heuristic */
443 #define MPTCPF_HEURISTIC_TRAC 0x200 /* Tracked this connection in the heuristics as a failure */
444 #define MPTCPF_REASS_INPROG 0x400 /* Reassembly is in progress */
445
446 /* valid values for mpt_timer_vals */
447 #define MPTT_REXMT 0x01 /* Starting Retransmit Timer */
448 #define MPTT_TW 0x02 /* Starting Timewait Timer */
449 #define MPTT_FASTCLOSE 0x04 /* Starting Fastclose wait timer */
450
451 /* events for close FSM */
452 #define MPCE_CLOSE 0x1
453 #define MPCE_RECV_DATA_ACK 0x2
454 #define MPCE_RECV_DATA_FIN 0x4
455
456 /* mptcb manipulation */
457 static inline struct mptcb *
tptomptp(struct tcpcb * tp)458 tptomptp(struct tcpcb *tp)
459 {
460 return tp->t_mptcb;
461 }
462
463 /*
464 * MPTCP control block and state structures are allocated along with
465 * the MP protocol control block; the folllowing represents the layout.
466 */
467 struct mpp_mtp {
468 struct mppcb mpp; /* Multipath PCB */
469 struct mptses mpp_ses; /* MPTCP session */
470 struct mptcb mtcb; /* MPTCP PCB */
471 };
472
473 #ifdef SYSCTL_DECL
474 SYSCTL_DECL(_net_inet_mptcp);
475 #endif /* SYSCTL_DECL */
476
477 extern struct mppcbinfo mtcbinfo;
478 extern struct pr_usrreqs mptcp_usrreqs;
479 extern os_log_t mptcp_log_handle;
480
481 /* Encryption algorithm related definitions */
482 #define HMAC_TRUNCATED_SYNACK 8
483 #define HMAC_TRUNCATED_ACK 20
484 #define HMAC_TRUNCATED_ADD_ADDR 8
485
486 /* Mask to obtain 32-bit portion of data sequence number */
487 #define MPTCP_DATASEQ_LOW32_MASK (0xffffffff)
488 #define MPTCP_DATASEQ_LOW32(seq) (seq & MPTCP_DATASEQ_LOW32_MASK)
489
490 /* Mask to obtain upper 32-bit portion of data sequence number */
491 #define MPTCP_DATASEQ_HIGH32_MASK (0xffffffff00000000)
492 #define MPTCP_DATASEQ_HIGH32(seq) (seq & MPTCP_DATASEQ_HIGH32_MASK)
493
494 /* Mask to obtain 32-bit portion of data ack */
495 #define MPTCP_DATAACK_LOW32_MASK (0xffffffff)
496 #define MPTCP_DATAACK_LOW32(ack) (ack & MPTCP_DATAACK_LOW32_MASK)
497
498 /*
499 * x is the 64-bit data sequence number, y the 32-bit data seq number to be
500 * extended. z is y extended to the appropriate 64-bit value.
501 * This algorithm is based on the fact that subflow level window sizes are
502 * at the maximum 2**30 (in reality, they are a lot lesser). A high throughput
503 * application sending on a large number of subflows can in theory have very
504 * large MPTCP level send and receive windows. In which case, 64 bit DSNs
505 * must be sent in place of 32 bit DSNs on wire. For us, with 2 subflows at
506 * 512K each, sequence wraparound detection can be done by checking whether
507 * the 32-bit value obtained on wire is 2**31 bytes apart from the stored
508 * lower 32-bits of the Data Sequence Number. Bogus DSNs are dropped by
509 * comparing against rwnd. Bogus DSNs within rwnd cannot be protected against
510 * and are as weak as bogus TCP sequence numbers.
511 */
512 #define MPTCP_EXTEND_DSN(x, y, z) { \
513 if ((MPTCP_DATASEQ_LOW32(x) > y) && \
514 ((((u_int32_t)MPTCP_DATASEQ_LOW32(x)) - (u_int32_t)y) >= \
515 (u_int32_t)(1U << 31))) { \
516 /* \
517 * y wrapped around and x and y are 2**31 bytes apart \
518 */ \
519 z = MPTCP_DATASEQ_HIGH32(x) + 0x100000000; \
520 z |= y; \
521 } else if ((MPTCP_DATASEQ_LOW32(x) < y) && \
522 (((u_int32_t)y - \
523 ((u_int32_t)MPTCP_DATASEQ_LOW32(x))) >= \
524 (u_int32_t)(1U << 31))) { \
525 /* \
526 * x wrapped around and x and y are 2**31 apart \
527 */ \
528 z = MPTCP_DATASEQ_HIGH32(x) - 0x100000000; \
529 z |= y; \
530 } else { \
531 z = MPTCP_DATASEQ_HIGH32(x) | y; \
532 } \
533 }
534
535 extern int mptcp_enable; /* Multipath TCP */
536 extern int mptcp_mpcap_retries; /* Multipath TCP retries */
537 extern int mptcp_join_retries; /* Multipath TCP Join retries */
538 extern int mptcp_dss_csum; /* Multipath DSS Option checksum */
539 extern int mptcp_fail_thresh; /* Multipath failover thresh of retransmits */
540 extern int mptcp_subflow_keeptime; /* Multipath subflow TCP_KEEPALIVE opt */
541 extern int mptcp_developer_mode; /* Allow aggregation mode */
542 extern uint32_t mptcp_cellicon_refcount;
543 extern uint32_t mptcp_enable_v1;
544
545 #define MPTCP_CELLICON_TOGGLE_RATE (5 * TCP_RETRANSHZ) /* Only toggle every 5 seconds */
546
547 extern int tcp_jack_rxmt; /* Join ACK retransmission value in msecs */
548
549 extern int mptcp_reass_total_qlen;
550
551 __BEGIN_DECLS
552 extern void mptcp_init(struct protosw *, struct domain *);
553 extern int mptcp_ctloutput(struct socket *, struct sockopt *);
554 extern int mptcp_session_create(struct mppcb *);
555 extern boolean_t mptcp_ok_to_create_subflows(struct mptcb *mp_tp);
556 extern void mptcp_check_subflows_and_add(struct mptses *mpte);
557 extern void mptcp_check_subflows_and_remove(struct mptses *mpte);
558 extern void mptcpstats_inc_switch(struct mptses *mpte, const struct mptsub *mpts);
559 extern void mptcpstats_update(struct mptcp_itf_stats *stats __counted_by(stats_count), uint16_t stats_count, const struct mptsub *mpts);
560 extern int mptcpstats_get_index_by_ifindex(struct mptcp_itf_stats *stats __counted_by(stats_count), uint16_t stats_count, u_short ifindex, boolean_t create);
561 extern struct mptses *mptcp_drop(struct mptses *mpte, struct mptcb *mp_tp, u_short errno);
562 extern struct mptses *mptcp_close(struct mptses *, struct mptcb *);
563 extern int mptcp_lock(struct socket *, int, void *);
564 extern int mptcp_unlock(struct socket *, int, void *);
565 extern lck_mtx_t *mptcp_getlock(struct socket *, int);
566 extern void mptcp_subflow_workloop(struct mptses *);
567
568 extern void mptcp_sched_create_subflows(struct mptses *);
569
570 extern void mptcp_finish_usrclosed(struct mptses *mpte);
571 extern struct mptopt *mptcp_sopt_alloc(void);
572 extern const char *mptcp_sopt2str(int, int);
573 extern void mptcp_sopt_free(struct mptopt *);
574 extern void mptcp_sopt_insert(struct mptses *, struct mptopt *);
575 extern void mptcp_sopt_remove(struct mptses *, struct mptopt *);
576 extern struct mptopt *mptcp_sopt_find(struct mptses *, struct sockopt *);
577
578 extern int mptcp_subflow_add(struct mptses *, struct sockaddr *,
579 struct sockaddr *, uint32_t, sae_connid_t *);
580 extern void mptcp_subflow_del(struct mptses *, struct mptsub *);
581
582 extern void mptcp_handle_input(struct socket *so);
583 #define MPTCP_SUBOUT_PROBING 0x01
584 extern int mptcp_subflow_output(struct mptses *mpte, struct mptsub *mpts, int flags);
585 extern void mptcp_clean_reinjectq(struct mptses *mpte);
586 extern void mptcp_subflow_shutdown(struct mptses *, struct mptsub *);
587 extern void mptcp_subflow_disconnect(struct mptses *, struct mptsub *);
588 extern int mptcp_subflow_sosetopt(struct mptses *, struct mptsub *,
589 struct mptopt *);
590 extern int mptcp_subflow_sogetopt(struct mptses *, struct socket *,
591 struct mptopt *);
592
593 extern void mptcp_input(struct mptses *, struct mbuf *);
594 extern boolean_t mptcp_can_send_more(struct mptcb *mp_tp, boolean_t ignore_reinject);
595 extern int mptcp_output(struct mptses *);
596 extern void mptcp_close_fsm(struct mptcb *, uint32_t);
597
598 extern void mptcp_hmac_sha1(mptcp_key_t, mptcp_key_t, u_int32_t, u_int32_t,
599 u_char sha_digest[SHA1_RESULTLEN]);
600 extern void mptcp_hmac_sha256(mptcp_key_t, mptcp_key_t, u_char* __sized_by(msglen), uint16_t msglen,
601 u_char sha_digest[SHA256_DIGEST_LENGTH]);
602 extern void mptcp_get_mpjoin_hmac(mptcp_addr_id, struct mptcb *, u_char * __sized_by(digest_len), uint8_t digest_len);
603 extern void mptcp_get_rands(mptcp_addr_id, struct mptcb *, u_int32_t *,
604 u_int32_t *);
605 extern void mptcp_set_raddr_rand(mptcp_addr_id, struct mptcb *, mptcp_addr_id,
606 u_int32_t);
607 extern int mptcp_init_remote_parms(struct mptcb *);
608 extern boolean_t mptcp_ok_to_keepalive(struct mptcb *);
609 extern void mptcp_insert_dsn(struct mppcb *, struct mbuf *);
610 extern void mptcp_output_getm_dsnmap32(struct socket *so, int off,
611 uint32_t *dsn, uint32_t *relseq,
612 uint16_t *data_len, uint16_t *dss_csum);
613 extern void mptcp_output_getm_dsnmap64(struct socket *so, int off,
614 uint64_t *dsn, uint32_t *relseq,
615 uint16_t *data_len, uint16_t *dss_csum);
616 extern void mptcp_output_getm_data_level_details(struct socket *so, int off,
617 uint16_t *data_len, uint16_t *dss_csum);
618 extern void mptcp_act_on_txfail(struct socket *);
619 extern struct mptsub *mptcp_get_subflow(struct mptses *mpte, struct mptsub **preferred);
620 extern int mptcp_get_map_for_dsn(struct socket *so, uint64_t dsn_fail, uint32_t *tcp_seq);
621 extern int32_t mptcp_adj_sendlen(struct socket *so, int32_t off);
622 extern void mptcp_sbrcv_grow(struct mptcb *mp_tp);
623 extern int32_t mptcp_sbspace(struct mptcb *);
624 extern void mptcp_notify_mpready(struct socket *);
625 extern void mptcp_notify_mpfail(struct socket *);
626 extern void mptcp_notify_close(struct socket *);
627 extern boolean_t mptcp_no_rto_spike(struct socket*);
628 extern int mptcp_set_notsent_lowat(struct mptses *mpte, int optval);
629 extern u_int32_t mptcp_get_notsent_lowat(struct mptses *mpte);
630 extern int mptcp_notsent_lowat_check(struct socket *so);
631 extern void mptcp_ask_symptoms(struct mptses *mpte);
632 extern void mptcp_control_register(void);
633 extern mptcp_wifi_quality_t mptcp_wifi_quality_for_session(struct mptses *mpte);
634 extern boolean_t symptoms_is_wifi_lossy(void);
635 extern void mptcp_session_necp_cb(void *, int, uint32_t, uint32_t, bool *);
636 extern struct sockaddr *mptcp_get_session_dst(struct mptses *mpte,
637 boolean_t has_v6, boolean_t has_v4);
638 extern void mptcp_set_restrictions(struct socket *mp_so);
639 extern void mptcp_clear_cellicon(void);
640 extern void mptcp_unset_cellicon(struct mptses *mpte, struct mptsub *mpts, uint32_t val);
641 extern void mptcp_reset_rexmit_state(struct tcpcb *tp);
642 extern void mptcp_reset_keepalive(struct tcpcb *tp);
643 extern int mptcp_validate_csum(struct tcpcb *tp, struct mbuf *m, uint64_t dsn,
644 uint32_t sseq, uint16_t dlen, uint16_t csum, int dfin);
645 __END_DECLS
646
647 #endif /* BSD_KERNEL_PRIVATE */
648
649 typedef struct mptcp_flow {
650 uint64_t flow_len;
651 uint64_t flow_tcpci_offset;
652 uint32_t flow_flags;
653 sae_connid_t flow_cid;
654 struct sockaddr_storage flow_src;
655 struct sockaddr_storage flow_dst;
656 uint32_t flow_relseq; /* last subflow rel seq# */
657 int32_t flow_soerror; /* subflow level error */
658 uint32_t flow_probecnt; /* number of probes sent */
659 conninfo_tcp_t flow_ci; /* must be the last field */
660 } mptcp_flow_t;
661
662 typedef struct conninfo_mptcp {
663 uint64_t mptcpci_len;
664 uint64_t mptcpci_flow_offset; /* offsetof first flow */
665 uint64_t mptcpci_nflows; /* number of subflows */
666 uint32_t mptcpci_state; /* MPTCP level state */
667 uint32_t mptcpci_mpte_flags; /* Session flags */
668 uint32_t mptcpci_flags; /* MPTCB flags */
669 uint32_t mptcpci_ltoken; /* local token */
670 uint32_t mptcpci_rtoken; /* remote token */
671 uint32_t mptcpci_notsent_lowat; /* NOTSENT_LOWAT */
672
673 /* Send side */
674 uint64_t mptcpci_snduna; /* DSN of last unacked byte */
675 uint64_t mptcpci_sndnxt; /* DSN of next byte to send */
676 uint64_t mptcpci_sndmax; /* DSN of max byte sent */
677 uint64_t mptcpci_lidsn; /* Local IDSN */
678 uint32_t mptcpci_sndwnd; /* Send window snapshot */
679
680 /* Receive side */
681 uint64_t mptcpci_rcvnxt; /* Next expected DSN */
682 uint64_t mptcpci_ridsn; /* Peer's IDSN */
683 uint32_t mptcpci_rcvwnd; /* Receive window */
684
685 uint8_t mptcpci_mpte_addrid; /* last addr id */
686
687 mptcp_flow_t mptcpci_flows[1];
688 } conninfo_mptcp_t;
689
690 /* Use SymptomsD notifications of wifi and cell status in subflow selection */
691 #define MPTCP_KERN_CTL_NAME "com.apple.network.advisory"
692 typedef struct symptoms_advisory {
693 union {
694 uint32_t sa_nwk_status_int;
695 struct {
696 union {
697 #define SYMPTOMS_ADVISORY_NOCOMMENT 0x0000
698 #define SYMPTOMS_ADVISORY_USEAPP 0xFFFF /* Very ugly workaround to avoid breaking backwards compatibility - ToDo: Fix it in +1 */
699 uint16_t sa_nwk_status;
700 struct {
701 #define SYMPTOMS_ADVISORY_WIFI_BAD 0x01
702 #define SYMPTOMS_ADVISORY_WIFI_OK 0x02
703 uint8_t sa_wifi_status;
704 #define SYMPTOMS_ADVISORY_CELL_BAD 0x01
705 #define SYMPTOMS_ADVISORY_CELL_OK 0x02
706 uint8_t sa_cell_status;
707 };
708 };
709 uint16_t sa_unused;
710 };
711 };
712 } symptoms_advisory_t;
713
714 #define MPTCP_TARGET_BASED_RSSI_THRESHOLD -75
715 struct mptcp_symptoms_answer {
716 struct symptoms_advisory advisory;
717 uuid_t uuid;
718 int32_t rssi;
719 };
720
721 struct mptcp_symptoms_ask_uuid {
722 uint32_t cmd;
723 #define MPTCP_SYMPTOMS_ASK_UUID 1
724 uuid_t uuid;
725 uint32_t priority;
726 #define MPTCP_SYMPTOMS_UNKNOWN 0
727 #define MPTCP_SYMPTOMS_BACKGROUND 1
728 #define MPTCP_SYMPTOMS_FOREGROUND 2
729 };
730
731 struct kev_mptcp_data {
732 int value;
733 };
734
735 #endif /* _NETINET_MPTCP_VAR_H_ */
736