1 /*
2 * Copyright (c) 2012-2020 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 #ifndef _NETINET_MPTCP_VAR_H_
30 #define _NETINET_MPTCP_VAR_H_
31
32 #ifdef PRIVATE
33 #include <netinet/in.h>
34 #include <netinet/tcp.h>
35 #endif
36
37 #ifdef BSD_KERNEL_PRIVATE
38 #include <sys/queue.h>
39 #include <sys/protosw.h>
40 #include <kern/locks.h>
41 #include <mach/boolean.h>
42 #include <netinet/mp_pcb.h>
43 #include <netinet/tcp_var.h>
44 #include <os/log.h>
45 #include <libkern/crypto/sha1.h>
46 #include <libkern/crypto/sha2.h>
47
48 struct mpt_itf_info {
49 uint32_t ifindex;
50 uint32_t has_v4_conn:1,
51 has_v6_conn:1,
52 has_nat64_conn:1,
53 no_mptcp_support:1;
54 };
55
56 /*
57 * MPTCP Session
58 *
59 * This is an extension to the multipath PCB specific for MPTCP, protected by
60 * the per-PCB mpp_lock (also the socket's lock);
61 */
62 struct mptses {
63 struct mppcb *mpte_mppcb; /* back ptr to multipath PCB */
64 struct mptcb *mpte_mptcb; /* ptr to MPTCP PCB */
65 TAILQ_HEAD(, mptopt) mpte_sopts; /* list of socket options */
66 TAILQ_HEAD(, mptsub) mpte_subflows; /* list of subflows */
67 #define MPTCP_MAX_NUM_SUBFLOWS 256
68 uint16_t mpte_numflows; /* # of subflows in list */
69 uint16_t mpte_nummpcapflows; /* # of MP_CAP subflows */
70 sae_associd_t mpte_associd; /* MPTCP association ID */
71 sae_connid_t mpte_connid_last; /* last used connection ID */
72
73 uint64_t mpte_time_target;
74 thread_call_t mpte_time_thread;
75 thread_call_t mpte_stop_urgency;
76
77 uint32_t mpte_last_cellicon_set;
78 uint32_t mpte_cellicon_increments;
79
80 union {
81 /* Source address of initial subflow */
82 struct sockaddr _mpte_src;
83 struct sockaddr_in _mpte_src_v4;
84 struct sockaddr_in6 _mpte_src_v6;
85 } mpte_u_src;
86 #define mpte_src mpte_u_src._mpte_src
87 #define __mpte_src_v4 mpte_u_src._mpte_src_v4
88 #define __mpte_src_v6 mpte_u_src._mpte_src_v6
89 union {
90 /* Destination address of initial subflow */
91 struct sockaddr _mpte_dst;
92 struct sockaddr_in _mpte_dst_v4;
93 struct sockaddr_in6 _mpte_dst_v6;
94 } mpte_u_dst;
95 #define mpte_dst mpte_u_dst._mpte_dst
96 #define __mpte_dst_v4 mpte_u_dst._mpte_dst_v4
97 #define __mpte_dst_v6 mpte_u_dst._mpte_dst_v6
98
99 struct sockaddr_in mpte_sub_dst_v4;
100 struct sockaddr_in6 mpte_sub_dst_v6;
101 uint8_t sub_dst_addr_id_v4;
102 uint8_t sub_dst_addr_id_v6;
103
104 uint16_t mpte_alternate_port; /* Alternate port for subflow establishment (network-byte-order) */
105
106 int mpte_epid;
107 uuid_t mpte_euuid;
108
109 struct mptsub *mpte_active_sub; /* ptr to last active subf */
110 uint16_t mpte_flags; /* per mptcp session flags */
111 #define MPTE_SND_REM_ADDR 0x01 /* Send Remove_addr option */
112 #define MPTE_SVCTYPE_CHECKED 0x02 /* Did entitlement-check for service-type */
113 #define MPTE_FIRSTPARTY 0x04 /* First-party app used multipath_extended entitlement */
114 #define MPTE_ACCESS_GRANTED 0x08 /* Access to cellular has been granted for this connection */
115 #define MPTE_FORCE_ENABLE 0x10 /* For MPTCP regardless of heuristics to detect middleboxes */
116 #define MPTE_IN_WORKLOOP 0x20 /* Are we currently inside the workloop ? */
117 #define MPTE_WORKLOOP_RELAUNCH 0x40 /* Another event got queued, we should restart the workloop */
118 #define MPTE_UNICAST_IP 0x80 /* New subflows are only being established towards the unicast IP in the ADD_ADDR */
119 #define MPTE_CELL_PROHIBITED 0x100 /* Cell access has been prohibited based on signal quality */
120 #define MPTE_FORCE_V0 0x200 /* Force MPTCP to use version 0 regradless of tcp cache */
121 #define MPTE_FORCE_V1 0x400 /* Force MPTCP to use version 1 regradless of tcp cache */
122 #define MPTE_ITFINFO_INIT 0x800 /* Set when the itfinfo has been initialized */
123 uint8_t mpte_svctype; /* MPTCP Service type */
124 uint8_t mpte_lost_aid; /* storing lost address id */
125 uint8_t mpte_addrid_last; /* storing address id parm */
126
127 #define MPTE_ITFINFO_SIZE 4
128 uint32_t mpte_itfinfo_size;
129 struct mpt_itf_info _mpte_itfinfo[MPTE_ITFINFO_SIZE];
130 struct mpt_itf_info *mpte_itfinfo __counted_by(mpte_itfinfo_size);
131
132 struct mbuf *mpte_reinjectq;
133
134 /* The below is used for stats */
135 uint32_t mpte_subflow_switches; /* Number of subflow-switches in sending */
136 uint32_t mpte_used_cell:1,
137 mpte_used_wifi:1,
138 mpte_initial_cell:1,
139 mpte_triggered_cell,
140 mpte_handshake_success:1,
141 mpte_last_added_addr_is_v4:1;
142
143 struct mptcp_itf_stats mpte_itfstats[MPTCP_ITFSTATS_SIZE];
144 uint64_t mpte_init_txbytes __attribute__((aligned(8)));
145 uint64_t mpte_init_rxbytes __attribute__((aligned(8)));
146 };
147
148 static inline struct socket *
mptetoso(struct mptses * mpte)149 mptetoso(struct mptses *mpte)
150 {
151 return mpte->mpte_mppcb->mpp_socket;
152 }
153
154 static inline struct mptses *
mptompte(struct mppcb * mp)155 mptompte(struct mppcb *mp)
156 {
157 return (struct mptses *)mp->mpp_pcbe;
158 }
159
160 static inline struct mptses *
mpsotompte(struct socket * so)161 mpsotompte(struct socket *so)
162 {
163 return mptompte(mpsotomppcb(so));
164 }
165
166 static inline boolean_t
mpp_try_lock(struct mppcb * mp)167 mpp_try_lock(struct mppcb *mp)
168 {
169 if (!lck_mtx_try_lock(&mp->mpp_lock)) {
170 return false;
171 }
172
173 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
174 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
175 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
176
177 return true;
178 }
179
180 static inline void
mpp_lock(struct mppcb * mp)181 mpp_lock(struct mppcb *mp)
182 {
183 lck_mtx_lock(&mp->mpp_lock);
184 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
185 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
186 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
187 }
188
189 static inline void
mpp_unlock(struct mppcb * mp)190 mpp_unlock(struct mppcb *mp)
191 {
192 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
193 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
194 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
195 lck_mtx_unlock(&mp->mpp_lock);
196 }
197
198 static inline lck_mtx_t *
mpp_getlock(struct mppcb * mp,int flags)199 mpp_getlock(struct mppcb *mp, int flags)
200 {
201 if (flags & PR_F_WILLUNLOCK) {
202 VERIFY(!(mp->mpp_flags & MPP_INSIDE_OUTPUT));
203 VERIFY(!(mp->mpp_flags & MPP_INSIDE_INPUT));
204 VERIFY(!(mp->mpp_flags & MPP_INSIDE_SETGETOPT));
205 }
206
207 return &mp->mpp_lock;
208 }
209
210 static inline int
mptcp_subflow_cwnd_space(struct socket * so)211 mptcp_subflow_cwnd_space(struct socket *so)
212 {
213 struct tcpcb *tp = sototcpcb(so);
214 int cwnd = (int)(MIN(tp->snd_wnd, tp->snd_cwnd) - (so->so_snd.sb_cc));
215
216 return MIN(cwnd, sbspace(&so->so_snd));
217 }
218
219 static inline bool
mptcp_subflows_need_backup_flag(struct mptses * mpte)220 mptcp_subflows_need_backup_flag(struct mptses *mpte)
221 {
222 return mpte->mpte_svctype < MPTCP_SVCTYPE_AGGREGATE ||
223 mpte->mpte_svctype == MPTCP_SVCTYPE_PURE_HANDOVER;
224 }
225
226 /*
227 * MPTCP socket options
228 */
229 struct mptopt {
230 TAILQ_ENTRY(mptopt) mpo_entry; /* glue to other options */
231 uint32_t mpo_flags; /* see flags below */
232 int mpo_level; /* sopt_level */
233 int mpo_name; /* sopt_name */
234 int mpo_intval; /* sopt_val */
235 };
236
237 #define MPOF_ATTACHED 0x1 /* attached to MP socket */
238 #define MPOF_SUBFLOW_OK 0x2 /* can be issued on subflow socket */
239 #define MPOF_INTERIM 0x4 /* has not been issued on any subflow */
240
241 /*
242 * MPTCP subflow
243 */
244 struct mptsub {
245 TAILQ_ENTRY(mptsub) mpts_entry; /* glue to peer subflows */
246 uint32_t mpts_refcnt; /* reference count */
247 uint32_t mpts_flags; /* see flags below */
248 uint32_t mpts_evctl; /* subflow control events */
249 sae_connid_t mpts_connid; /* subflow connection ID */
250 int mpts_oldintval; /* sopt_val before sosetopt */
251 struct mptses *mpts_mpte; /* back ptr to MPTCP session */
252 struct socket *mpts_socket; /* subflow socket */
253 struct sockaddr *mpts_src; /* source address */
254
255 union {
256 /* destination address */
257 struct sockaddr _mpts_dst;
258 struct sockaddr_in _mpts_dst_v4;
259 struct sockaddr_in6 _mpts_dst_v6;
260 } mpts_u_dst;
261 #define mpts_dst mpts_u_dst._mpts_dst
262 #define __mpts_dst_v4 mpts_u_dst._mpts_dst_v4
263 #define __mpts_dst_v6 mpts_u_dst._mpts_dst_v6
264 u_int32_t mpts_rel_seq; /* running count of subflow # */
265 u_int32_t mpts_iss; /* Initial sequence number, taking TFO into account */
266 u_int32_t mpts_ifscope; /* scoped to the interface */
267 uint32_t mpts_probesoon; /* send probe after probeto */
268 uint32_t mpts_probecnt; /* number of probes sent */
269 uint32_t mpts_maxseg; /* cached value of t_maxseg */
270 };
271
272 /*
273 * Valid values for mpts_flags. In particular:
274 *
275 * - MP_CAPABLE means that the connection is successfully established as
276 * MPTCP and data transfer may occur, but is not yet ready for multipath-
277 * related semantics until MP_READY. I.e. if this is on the first subflow,
278 * it causes the MPTCP socket to transition to a connected state, except
279 * that additional subflows will not be established; they will be marked
280 * with PENDING and will be processed when the first subflow is marked
281 * with MP_READY.
282 *
283 * - MP_READY implies that an MP_CAPABLE connection has been confirmed as
284 * an MPTCP connection. See notes above.
285 *
286 * - MP_DEGRADED implies that the connection has lost its MPTCP capabilities
287 * but data transfer on the MPTCP socket is unaffected. Any existing
288 * PENDING subflows will be disconnected, and further attempts to connect
289 * additional subflows will be rejected.
290 *
291 * Note that these are per-subflow flags. The setting and clearing of MP_READY
292 * reflects the state of the MPTCP connection with regards to its multipath
293 * semantics, via the MPTCPF_JOIN_READY flag. Until that flag is set (meaning
294 * until at least a subflow is marked with MP_READY), further connectx(2)
295 * attempts to join will be queued. When the flag is cleared (after it has
296 * been set), further connectx(2) will fail (and existing queued ones will be
297 * aborted) and the MPTCP connection loses all of its multipath semantics.
298 *
299 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
300 */
301 #define MPTSF_CONNECTING 0x00000002 /* connection was attempted */
302 #define MPTSF_CONNECT_PENDING 0x00000004 /* will connect when MPTCP is ready */
303 #define MPTSF_CONNECTED 0x00000008 /* connection is established */
304 #define MPTSF_DISCONNECTING 0x00000010 /* disconnection was attempted */
305 #define MPTSF_DISCONNECTED 0x00000020 /* has been disconnected */
306 #define MPTSF_MP_CAPABLE 0x00000040 /* connected as a MPTCP subflow */
307 #define MPTSF_MP_READY 0x00000080 /* MPTCP has been confirmed */
308 #define MPTSF_MP_DEGRADED 0x00000100 /* has lost its MPTCP capabilities */
309 #define MPTSF_PREFERRED 0x00000200 /* primary/preferred subflow */
310 #define MPTSF_SOPT_OLDVAL 0x00000400 /* old option value is valid */
311 #define MPTSF_SOPT_INPROG 0x00000800 /* sosetopt in progress */
312 #define MPTSF_FAILINGOVER 0x00001000 /* subflow not used for output */
313 #define MPTSF_ACTIVE 0x00002000 /* subflow currently in use */
314 #define MPTSF_MPCAP_CTRSET 0x00004000 /* mpcap counter */
315 #define MPTSF_CLOSED 0x00008000 /* soclose_locked has been called on this subflow */
316 #define MPTSF_TFO_REQD 0x00010000 /* TFO requested */
317 #define MPTSF_CLOSE_REQD 0x00020000 /* A close has been requested from NECP */
318 #define MPTSF_INITIAL_SUB 0x00040000 /* This is the initial subflow */
319 #define MPTSF_READ_STALL 0x00080000 /* A read-stall has been detected */
320 #define MPTSF_WRITE_STALL 0x00100000 /* A write-stall has been detected */
321 #define MPTSF_FULLY_ESTABLISHED 0x00200000 /* Subflow is fully established and it has been confirmed
322 * whether or not it supports MPTCP.
323 * No need for further middlebox-detection.
324 */
325 #define MPTSF_CELLICON_SET 0x00400000 /* This subflow set the cellicon */
326
327 /*
328 * MPTCP states
329 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d
330 */
331 typedef enum mptcp_state {
332 MPTCPS_CLOSED = 0, /* closed */
333 MPTCPS_LISTEN = 1, /* not yet implemented */
334 MPTCPS_ESTABLISHED = 2, /* MPTCP connection established */
335 MPTCPS_CLOSE_WAIT = 3, /* rcvd DFIN, waiting for close */
336 MPTCPS_FIN_WAIT_1 = 4, /* have closed, sent DFIN */
337 MPTCPS_CLOSING = 5, /* closed xchd DFIN, waiting DFIN ACK */
338 MPTCPS_LAST_ACK = 6, /* had DFIN and close; await DFIN ACK */
339 MPTCPS_FIN_WAIT_2 = 7, /* have closed, DFIN is acked */
340 MPTCPS_TIME_WAIT = 8, /* in 2*MSL quiet wait after close */
341 MPTCPS_TERMINATE = 9, /* terminal state */
342 } mptcp_state_t;
343
344 /*
345 * WiFi Quality states from MPTCP's perspective
346 */
347 typedef enum mptcp_wifi_quality {
348 MPTCP_WIFI_QUALITY_GOOD,
349 MPTCP_WIFI_QUALITY_BAD,
350 MPTCP_WIFI_QUALITY_UNSURE,
351 } mptcp_wifi_quality_t;
352
353 typedef u_int64_t mptcp_key_t;
354 typedef u_int32_t mptcp_token_t;
355 typedef u_int8_t mptcp_addr_id;
356
357
358 /* Address ID list */
359 struct mptcp_subf_auth_entry {
360 LIST_ENTRY(mptcp_subf_auth_entry) msae_next;
361 u_int32_t msae_laddr_rand; /* Local nonce */
362 u_int32_t msae_raddr_rand; /* Remote nonce */
363 mptcp_addr_id msae_laddr_id; /* Local addr ID */
364 mptcp_addr_id msae_raddr_id; /* Remote addr ID */
365 };
366
367 /*
368 * MPTCP Protocol Control Block
369 *
370 * Protected by per-MPTCP mpt_lock.
371 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
372 */
373 struct mptcb {
374 struct mptses *mpt_mpte; /* back ptr to MPTCP session */
375 mptcp_state_t mpt_state; /* MPTCP state */
376 uint32_t mpt_flags; /* see flags below */
377 uint8_t mpt_version; /* MPTCP proto version */
378 u_short mpt_softerror; /* error not yet reported */
379 /*
380 * Authentication and metadata invariants
381 */
382 mptcp_key_t mpt_localkey; /* in network byte order */
383 mptcp_key_t mpt_remotekey; /* in network byte order */
384 mptcp_token_t mpt_localtoken; /* HMAC SHA1 of local key */
385 mptcp_token_t mpt_remotetoken; /* HMAC SHA1 of remote key */
386
387 /*
388 * Timer vars for scenarios where subflow level acks arrive, but
389 * Data ACKs do not.
390 */
391 int mpt_rxtshift; /* num of consecutive retrans */
392 uint64_t mpt_rxtstart; /* time at which rxt started */
393 uint64_t mpt_rtseq; /* seq # being tracked */
394 uint64_t mpt_timewait; /* timewait */
395 uint32_t mpt_timer_vals; /* timer related values */
396 /*
397 * Sending side
398 */
399 uint64_t mpt_snduna; /* DSN of last unacked byte */
400 uint64_t mpt_sndnxt; /* DSN of next byte to send */
401 uint64_t mpt_sndmax; /* DSN of max byte sent */
402 uint64_t mpt_local_idsn; /* First byte's DSN */
403 uint32_t mpt_sndwnd;
404 uint64_t mpt_sndwl1;
405 uint64_t mpt_sndwl2;
406 /*
407 * Receiving side
408 */
409 uint64_t mpt_rcvnxt; /* Next expected DSN */
410 uint64_t mpt_remote_idsn; /* Peer's IDSN */
411 uint64_t mpt_rcvadv;
412 uint32_t mpt_rcvwnd;
413 LIST_HEAD(, mptcp_subf_auth_entry) mpt_subauth_list; /* address IDs */
414 /*
415 * Fastclose
416 */
417 uint64_t mpt_dsn_at_csum_fail; /* MPFail Opt DSN */
418 uint32_t mpt_ssn_at_csum_fail; /* MPFail Subflow Seq */
419 /*
420 * Zombie handling
421 */
422 #define MPT_GC_TICKS (30)
423 #define MPT_GC_TICKS_FAST (10)
424 int32_t mpt_gc_ticks; /* Used for zombie deletion */
425
426 uint32_t mpt_notsent_lowat; /* TCP_NOTSENT_LOWAT support */
427
428 struct tsegqe_head mpt_segq;
429 uint32_t mpt_reassqlen; /* length of reassembly queue */
430 };
431
432 /* valid values for mpt_flags (see also notes on mpts_flags above) */
433 #define MPTCPF_CHECKSUM 0x001 /* checksum DSS option */
434 #define MPTCPF_FALLBACK_TO_TCP 0x002 /* Fallback to TCP */
435 #define MPTCPF_JOIN_READY 0x004 /* Ready to start 2 or more subflows */
436 #define MPTCPF_RECVD_MPFAIL 0x008 /* Received MP_FAIL option */
437 #define MPTCPF_SND_64BITDSN 0x010 /* Send full 64-bit DSN */
438 #define MPTCPF_SND_64BITACK 0x020 /* Send 64-bit ACK response */
439 #define MPTCPF_RCVD_64BITACK 0x040 /* Received 64-bit Data ACK */
440 #define MPTCPF_POST_FALLBACK_SYNC 0x080 /* Post fallback resend data */
441 #define MPTCPF_FALLBACK_HEURISTIC 0x100 /* Send SYN without MP_CAPABLE due to heuristic */
442 #define MPTCPF_HEURISTIC_TRAC 0x200 /* Tracked this connection in the heuristics as a failure */
443 #define MPTCPF_REASS_INPROG 0x400 /* Reassembly is in progress */
444
445 /* valid values for mpt_timer_vals */
446 #define MPTT_REXMT 0x01 /* Starting Retransmit Timer */
447 #define MPTT_TW 0x02 /* Starting Timewait Timer */
448 #define MPTT_FASTCLOSE 0x04 /* Starting Fastclose wait timer */
449
450 /* events for close FSM */
451 #define MPCE_CLOSE 0x1
452 #define MPCE_RECV_DATA_ACK 0x2
453 #define MPCE_RECV_DATA_FIN 0x4
454
455 /* mptcb manipulation */
456 static inline struct mptcb *
tptomptp(struct tcpcb * tp)457 tptomptp(struct tcpcb *tp)
458 {
459 return tp->t_mptcb;
460 }
461
462 /*
463 * MPTCP control block and state structures are allocated along with
464 * the MP protocol control block; the folllowing represents the layout.
465 */
466 struct mpp_mtp {
467 struct mppcb mpp; /* Multipath PCB */
468 struct mptses mpp_ses; /* MPTCP session */
469 struct mptcb mtcb; /* MPTCP PCB */
470 };
471
472 #ifdef SYSCTL_DECL
473 SYSCTL_DECL(_net_inet_mptcp);
474 #endif /* SYSCTL_DECL */
475
476 extern struct mppcbinfo mtcbinfo;
477 extern struct pr_usrreqs mptcp_usrreqs;
478 extern os_log_t mptcp_log_handle;
479
480 /* Encryption algorithm related definitions */
481 #define HMAC_TRUNCATED_SYNACK 8
482 #define HMAC_TRUNCATED_ACK 20
483 #define HMAC_TRUNCATED_ADD_ADDR 8
484
485 /* Mask to obtain 32-bit portion of data sequence number */
486 #define MPTCP_DATASEQ_LOW32_MASK (0xffffffff)
487 #define MPTCP_DATASEQ_LOW32(seq) (seq & MPTCP_DATASEQ_LOW32_MASK)
488
489 /* Mask to obtain upper 32-bit portion of data sequence number */
490 #define MPTCP_DATASEQ_HIGH32_MASK (0xffffffff00000000)
491 #define MPTCP_DATASEQ_HIGH32(seq) (seq & MPTCP_DATASEQ_HIGH32_MASK)
492
493 /* Mask to obtain 32-bit portion of data ack */
494 #define MPTCP_DATAACK_LOW32_MASK (0xffffffff)
495 #define MPTCP_DATAACK_LOW32(ack) (ack & MPTCP_DATAACK_LOW32_MASK)
496
497 /*
498 * x is the 64-bit data sequence number, y the 32-bit data seq number to be
499 * extended. z is y extended to the appropriate 64-bit value.
500 * This algorithm is based on the fact that subflow level window sizes are
501 * at the maximum 2**30 (in reality, they are a lot lesser). A high throughput
502 * application sending on a large number of subflows can in theory have very
503 * large MPTCP level send and receive windows. In which case, 64 bit DSNs
504 * must be sent in place of 32 bit DSNs on wire. For us, with 2 subflows at
505 * 512K each, sequence wraparound detection can be done by checking whether
506 * the 32-bit value obtained on wire is 2**31 bytes apart from the stored
507 * lower 32-bits of the Data Sequence Number. Bogus DSNs are dropped by
508 * comparing against rwnd. Bogus DSNs within rwnd cannot be protected against
509 * and are as weak as bogus TCP sequence numbers.
510 */
511 #define MPTCP_EXTEND_DSN(x, y, z) { \
512 if ((MPTCP_DATASEQ_LOW32(x) > y) && \
513 ((((u_int32_t)MPTCP_DATASEQ_LOW32(x)) - (u_int32_t)y) >= \
514 (u_int32_t)(1U << 31))) { \
515 /* \
516 * y wrapped around and x and y are 2**31 bytes apart \
517 */ \
518 z = MPTCP_DATASEQ_HIGH32(x) + 0x100000000; \
519 z |= y; \
520 } else if ((MPTCP_DATASEQ_LOW32(x) < y) && \
521 (((u_int32_t)y - \
522 ((u_int32_t)MPTCP_DATASEQ_LOW32(x))) >= \
523 (u_int32_t)(1U << 31))) { \
524 /* \
525 * x wrapped around and x and y are 2**31 apart \
526 */ \
527 z = MPTCP_DATASEQ_HIGH32(x) - 0x100000000; \
528 z |= y; \
529 } else { \
530 z = MPTCP_DATASEQ_HIGH32(x) | y; \
531 } \
532 }
533
534 extern int mptcp_enable; /* Multipath TCP */
535 extern int mptcp_mpcap_retries; /* Multipath TCP retries */
536 extern int mptcp_join_retries; /* Multipath TCP Join retries */
537 extern int mptcp_dss_csum; /* Multipath DSS Option checksum */
538 extern int mptcp_fail_thresh; /* Multipath failover thresh of retransmits */
539 extern int mptcp_subflow_keeptime; /* Multipath subflow TCP_KEEPALIVE opt */
540 extern int mptcp_developer_mode; /* Allow aggregation mode */
541 extern uint32_t mptcp_cellicon_refcount;
542 extern uint32_t mptcp_enable_v1;
543
544 #define MPTCP_CELLICON_TOGGLE_RATE (5 * TCP_RETRANSHZ) /* Only toggle every 5 seconds */
545
546 extern int tcp_jack_rxmt; /* Join ACK retransmission value in msecs */
547
548 extern int mptcp_reass_total_qlen;
549
550 __BEGIN_DECLS
551 extern void mptcp_init(struct protosw *, struct domain *);
552 extern int mptcp_ctloutput(struct socket *, struct sockopt *);
553 extern int mptcp_session_create(struct mppcb *);
554 extern boolean_t mptcp_ok_to_create_subflows(struct mptcb *mp_tp);
555 extern void mptcp_check_subflows_and_add(struct mptses *mpte);
556 extern void mptcp_check_subflows_and_remove(struct mptses *mpte);
557 extern void mptcpstats_inc_switch(struct mptses *mpte, const struct mptsub *mpts);
558 extern void mptcpstats_update(struct mptcp_itf_stats *stats __counted_by(stats_count), uint16_t stats_count, const struct mptsub *mpts);
559 extern int mptcpstats_get_index_by_ifindex(struct mptcp_itf_stats *stats __counted_by(stats_count), uint16_t stats_count, u_short ifindex, boolean_t create);
560 extern struct mptses *mptcp_drop(struct mptses *mpte, struct mptcb *mp_tp, u_short errno);
561 extern struct mptses *mptcp_close(struct mptses *, struct mptcb *);
562 extern int mptcp_lock(struct socket *, int, void *);
563 extern int mptcp_unlock(struct socket *, int, void *);
564 extern lck_mtx_t *mptcp_getlock(struct socket *, int);
565 extern void mptcp_subflow_workloop(struct mptses *);
566
567 extern void mptcp_sched_create_subflows(struct mptses *);
568
569 extern void mptcp_finish_usrclosed(struct mptses *mpte);
570 extern struct mptopt *mptcp_sopt_alloc(void);
571 extern const char *mptcp_sopt2str(int, int);
572 extern void mptcp_sopt_free(struct mptopt *);
573 extern void mptcp_sopt_insert(struct mptses *, struct mptopt *);
574 extern void mptcp_sopt_remove(struct mptses *, struct mptopt *);
575 extern struct mptopt *mptcp_sopt_find(struct mptses *, struct sockopt *);
576
577 extern int mptcp_subflow_add(struct mptses *, struct sockaddr *,
578 struct sockaddr *, uint32_t, sae_connid_t *);
579 extern void mptcp_subflow_del(struct mptses *, struct mptsub *);
580
581 extern void mptcp_handle_input(struct socket *so);
582 #define MPTCP_SUBOUT_PROBING 0x01
583 extern int mptcp_subflow_output(struct mptses *mpte, struct mptsub *mpts, int flags);
584 extern void mptcp_clean_reinjectq(struct mptses *mpte);
585 extern void mptcp_subflow_shutdown(struct mptses *, struct mptsub *);
586 extern void mptcp_subflow_disconnect(struct mptses *, struct mptsub *);
587 extern int mptcp_subflow_sosetopt(struct mptses *, struct mptsub *,
588 struct mptopt *);
589 extern int mptcp_subflow_sogetopt(struct mptses *, struct socket *,
590 struct mptopt *);
591
592 extern void mptcp_input(struct mptses *, struct mbuf *);
593 extern boolean_t mptcp_can_send_more(struct mptcb *mp_tp, boolean_t ignore_reinject);
594 extern int mptcp_output(struct mptses *);
595 extern void mptcp_close_fsm(struct mptcb *, uint32_t);
596
597 extern void mptcp_hmac_sha1(mptcp_key_t, mptcp_key_t, u_int32_t, u_int32_t,
598 u_char sha_digest[SHA1_RESULTLEN]);
599 extern void mptcp_hmac_sha256(mptcp_key_t, mptcp_key_t, u_char* __sized_by(msglen), uint16_t msglen,
600 u_char sha_digest[SHA256_DIGEST_LENGTH]);
601 extern void mptcp_get_mpjoin_hmac(mptcp_addr_id, struct mptcb *, u_char * __sized_by(digest_len), uint8_t digest_len);
602 extern void mptcp_get_rands(mptcp_addr_id, struct mptcb *, u_int32_t *,
603 u_int32_t *);
604 extern void mptcp_set_raddr_rand(mptcp_addr_id, struct mptcb *, mptcp_addr_id,
605 u_int32_t);
606 extern int mptcp_init_remote_parms(struct mptcb *);
607 extern boolean_t mptcp_ok_to_keepalive(struct mptcb *);
608 extern void mptcp_insert_dsn(struct mppcb *, struct mbuf *);
609 extern void mptcp_output_getm_dsnmap32(struct socket *so, int off,
610 uint32_t *dsn, uint32_t *relseq,
611 uint16_t *data_len, uint16_t *dss_csum);
612 extern void mptcp_output_getm_dsnmap64(struct socket *so, int off,
613 uint64_t *dsn, uint32_t *relseq,
614 uint16_t *data_len, uint16_t *dss_csum);
615 extern void mptcp_output_getm_data_level_details(struct socket *so, int off,
616 uint16_t *data_len, uint16_t *dss_csum);
617 extern void mptcp_act_on_txfail(struct socket *);
618 extern struct mptsub *mptcp_get_subflow(struct mptses *mpte, struct mptsub **preferred);
619 extern int mptcp_get_map_for_dsn(struct socket *so, uint64_t dsn_fail, uint32_t *tcp_seq);
620 extern int32_t mptcp_adj_sendlen(struct socket *so, int32_t off);
621 extern void mptcp_sbrcv_grow(struct mptcb *mp_tp);
622 extern int32_t mptcp_sbspace(struct mptcb *);
623 extern void mptcp_notify_mpready(struct socket *);
624 extern void mptcp_notify_mpfail(struct socket *);
625 extern void mptcp_notify_close(struct socket *);
626 extern boolean_t mptcp_no_rto_spike(struct socket*);
627 extern int mptcp_set_notsent_lowat(struct mptses *mpte, int optval);
628 extern u_int32_t mptcp_get_notsent_lowat(struct mptses *mpte);
629 extern int mptcp_notsent_lowat_check(struct socket *so);
630 extern void mptcp_ask_symptoms(struct mptses *mpte);
631 extern void mptcp_control_register(void);
632 extern mptcp_wifi_quality_t mptcp_wifi_quality_for_session(struct mptses *mpte);
633 extern boolean_t symptoms_is_wifi_lossy(void);
634 extern void mptcp_session_necp_cb(void *, int, uint32_t, uint32_t, bool *);
635 extern struct sockaddr *mptcp_get_session_dst(struct mptses *mpte,
636 boolean_t has_v6, boolean_t has_v4);
637 extern void mptcp_set_restrictions(struct socket *mp_so);
638 extern void mptcp_clear_cellicon(void);
639 extern void mptcp_unset_cellicon(struct mptses *mpte, struct mptsub *mpts, uint32_t val);
640 extern void mptcp_reset_rexmit_state(struct tcpcb *tp);
641 extern void mptcp_reset_keepalive(struct tcpcb *tp);
642 extern int mptcp_validate_csum(struct tcpcb *tp, struct mbuf *m, uint64_t dsn,
643 uint32_t sseq, uint16_t dlen, uint16_t csum, int dfin);
644 __END_DECLS
645
646 #endif /* BSD_KERNEL_PRIVATE */
647 #ifdef PRIVATE
648
649 typedef struct mptcp_flow {
650 uint64_t flow_len;
651 uint64_t flow_tcpci_offset;
652 uint32_t flow_flags;
653 sae_connid_t flow_cid;
654 struct sockaddr_storage flow_src;
655 struct sockaddr_storage flow_dst;
656 uint32_t flow_relseq; /* last subflow rel seq# */
657 int32_t flow_soerror; /* subflow level error */
658 uint32_t flow_probecnt; /* number of probes sent */
659 conninfo_tcp_t flow_ci; /* must be the last field */
660 } mptcp_flow_t;
661
662 typedef struct conninfo_mptcp {
663 uint64_t mptcpci_len;
664 uint64_t mptcpci_flow_offset; /* offsetof first flow */
665 uint64_t mptcpci_nflows; /* number of subflows */
666 uint32_t mptcpci_state; /* MPTCP level state */
667 uint32_t mptcpci_mpte_flags; /* Session flags */
668 uint32_t mptcpci_flags; /* MPTCB flags */
669 uint32_t mptcpci_ltoken; /* local token */
670 uint32_t mptcpci_rtoken; /* remote token */
671 uint32_t mptcpci_notsent_lowat; /* NOTSENT_LOWAT */
672
673 /* Send side */
674 uint64_t mptcpci_snduna; /* DSN of last unacked byte */
675 uint64_t mptcpci_sndnxt; /* DSN of next byte to send */
676 uint64_t mptcpci_sndmax; /* DSN of max byte sent */
677 uint64_t mptcpci_lidsn; /* Local IDSN */
678 uint32_t mptcpci_sndwnd; /* Send window snapshot */
679
680 /* Receive side */
681 uint64_t mptcpci_rcvnxt; /* Next expected DSN */
682 uint64_t mptcpci_rcvatmark; /* Session level rcvnxt */
683 uint64_t mptcpci_ridsn; /* Peer's IDSN */
684 uint32_t mptcpci_rcvwnd; /* Receive window */
685
686 uint8_t mptcpci_mpte_addrid; /* last addr id */
687
688 mptcp_flow_t mptcpci_flows[1];
689 } conninfo_mptcp_t;
690
691 /* Use SymptomsD notifications of wifi and cell status in subflow selection */
692 #define MPTCP_KERN_CTL_NAME "com.apple.network.advisory"
693 typedef struct symptoms_advisory {
694 union {
695 uint32_t sa_nwk_status_int;
696 struct {
697 union {
698 #define SYMPTOMS_ADVISORY_NOCOMMENT 0x0000
699 #define SYMPTOMS_ADVISORY_USEAPP 0xFFFF /* Very ugly workaround to avoid breaking backwards compatibility - ToDo: Fix it in +1 */
700 uint16_t sa_nwk_status;
701 struct {
702 #define SYMPTOMS_ADVISORY_WIFI_BAD 0x01
703 #define SYMPTOMS_ADVISORY_WIFI_OK 0x02
704 uint8_t sa_wifi_status;
705 #define SYMPTOMS_ADVISORY_CELL_BAD 0x01
706 #define SYMPTOMS_ADVISORY_CELL_OK 0x02
707 uint8_t sa_cell_status;
708 };
709 };
710 uint16_t sa_unused;
711 };
712 };
713 } symptoms_advisory_t;
714
715 #define MPTCP_TARGET_BASED_RSSI_THRESHOLD -75
716 struct mptcp_symptoms_answer {
717 struct symptoms_advisory advisory;
718 uuid_t uuid;
719 int32_t rssi;
720 };
721
722 struct mptcp_symptoms_ask_uuid {
723 uint32_t cmd;
724 #define MPTCP_SYMPTOMS_ASK_UUID 1
725 uuid_t uuid;
726 uint32_t priority;
727 #define MPTCP_SYMPTOMS_UNKNOWN 0
728 #define MPTCP_SYMPTOMS_BACKGROUND 1
729 #define MPTCP_SYMPTOMS_FOREGROUND 2
730 };
731
732 struct kev_mptcp_data {
733 int value;
734 };
735
736 #endif /* PRIVATE */
737 #endif /* _NETINET_MPTCP_VAR_H_ */
738