1/*
2 * Copyright (c) 2012-2013 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29#ifndef _NETINET_MPTCP_VAR_H_
30#define	_NETINET_MPTCP_VAR_H_
31
32#ifdef PRIVATE
33#include <netinet/in.h>
34#include <netinet/tcp.h>
35#endif
36
37#ifdef BSD_KERNEL_PRIVATE
38#include <sys/queue.h>
39#include <sys/protosw.h>
40#include <kern/locks.h>
41#include <mach/boolean.h>
42#include <netinet/mp_pcb.h>
43
44/*
45 * MPTCP Session
46 *
47 * This is an extension to the multipath PCB specific for MPTCP, protected by
48 * the per-PCB mpp_lock (also the socket's lock); MPTCP thread signalling uses
49 * its own mpte_thread_lock due to lock ordering constraints.
50 */
51struct mptses {
52	struct mppcb	*mpte_mppcb;		/* back ptr to multipath PCB */
53	struct mptcb	*mpte_mptcb;		/* ptr to MPTCP PCB */
54	TAILQ_HEAD(, mptopt) mpte_sopts;	/* list of socket options */
55	TAILQ_HEAD(, mptsub) mpte_subflows;	/* list of subflows */
56	uint16_t	mpte_numflows;		/* # of subflows in list */
57	uint16_t	mpte_nummpcapflows;	/* # of MP_CAP subflows */
58	associd_t	mpte_associd;		/* MPTCP association ID */
59	connid_t	mpte_connid_last;	/* last used connection ID */
60	/*
61	 * Threading (protected by mpte_thread_lock)
62	 */
63	decl_lck_mtx_data(, mpte_thread_lock);	/* thread lock */
64	struct thread	*mpte_thread;		/* worker thread */
65	uint32_t	mpte_thread_active;	/* thread is running */
66	uint32_t	mpte_thread_reqs;	/* # of requests for thread */
67	struct mptsub	*mpte_active_sub;	/* ptr to last active subf */
68	u_int8_t	mpte_flags;		/* per mptcp session flags */
69	u_int8_t	mpte_lost_aid;		/* storing lost address id */
70};
71
72/*
73 * Valid values for mpte_flags.
74 */
75#define	MPTE_SND_REM_ADDR	0x01		/* Send Remove_addr option */
76
77#define	mptompte(mp)	((struct mptses *)(mp)->mpp_pcbe)
78
79#define	MPTE_LOCK_ASSERT_HELD(_mpte)					\
80	lck_mtx_assert(&(_mpte)->mpte_mppcb->mpp_lock, LCK_MTX_ASSERT_OWNED)
81
82#define	MPTE_LOCK_ASSERT_NOTHELD(_mpte)					\
83	lck_mtx_assert(&(_mpte)->mpte_mppcb->mpp_lock, LCK_MTX_ASSERT_NOTOWNED)
84
85#define	MPTE_LOCK(_mpte)						\
86	lck_mtx_lock(&(_mpte)->mpte_mppcb->mpp_lock)
87
88#define	MPTE_LOCK_SPIN(_mpte)						\
89	lck_mtx_lock_spin(&(_mpte)->mpte_mppcb->mpp_lock)
90
91#define	MPTE_CONVERT_LOCK(_mpte) do {					\
92	MPTE_LOCK_ASSERT_HELD(_mpte);					\
93	lck_mtx_convert_spin(&(_mpte)->mpte_mppcb->mpp_lock);		\
94} while (0)
95
96#define	MPTE_UNLOCK(_mpte)						\
97	lck_mtx_unlock(&(_mpte)->mpte_mppcb->mpp_lock)
98
99/*
100 * MPTCP socket options
101 */
102struct mptopt {
103	TAILQ_ENTRY(mptopt)	mpo_entry;	/* glue to other options */
104	uint32_t		mpo_flags;	/* see flags below */
105	int			mpo_level;	/* sopt_level */
106	int			mpo_name;	/* sopt_name */
107	int			mpo_intval;	/* sopt_val */
108};
109
110#define	MPOF_ATTACHED		0x1	/* attached to MP socket */
111#define	MPOF_SUBFLOW_OK		0x2	/* can be issued on subflow socket */
112#define	MPOF_INTERIM		0x4	/* has not been issued on any subflow */
113
114/*
115 * Structure passed down to TCP during subflow connection establishment
116 * containing information pertaining to the MPTCP.
117 */
118struct mptsub_connreq {
119	uint32_t	mpcr_type;	/* see MPTSUB_CONNREQ_* below */
120	uint32_t	mpcr_ifscope;	/* ifscope parameter to connectx(2) */
121	struct proc	*mpcr_proc;	/* process issuing connectx(2) */
122};
123
124/* valid values for mpcr_type */
125#define	MPTSUB_CONNREQ_MP_ENABLE	1	/* enable MPTCP */
126#define	MPTSUB_CONNREQ_MP_ADD		2	/* join an existing MPTCP */
127
128/*
129 * MPTCP subflow
130 *
131 * Protected by the the per-subflow mpts_lock.  Note that mpts_flags
132 * and mpts_evctl are modified via atomic operations.
133 */
134struct mptsub {
135	decl_lck_mtx_data(, mpts_lock);		/* per-subflow lock */
136	TAILQ_ENTRY(mptsub)	mpts_entry;	/* glue to peer subflows */
137	uint32_t		mpts_refcnt;	/* reference count */
138	uint32_t		mpts_flags;	/* see flags below */
139	uint32_t		mpts_evctl;	/* subflow control events */
140	uint32_t		mpts_family;	/* address family */
141	connid_t		mpts_connid;	/* subflow connection ID */
142	int			mpts_oldintval;	/* sopt_val before sosetopt  */
143	uint32_t		mpts_rank;	/* subflow priority/rank */
144	int32_t			mpts_soerror;	/* most recent subflow error */
145	struct mptses		*mpts_mpte;	/* back ptr to MPTCP session */
146	struct socket		*mpts_socket;	/* subflow socket */
147	struct sockaddr_list	*mpts_src_sl;	/* source list */
148	struct sockaddr_list	*mpts_dst_sl;	/* destination list */
149	struct ifnet		*mpts_outif;	/* outbound interface */
150	u_int64_t		mpts_sndnxt;	/* next byte to send in mp so */
151	u_int32_t		mpts_rel_seq;	/* running count of subflow # */
152	struct {
153		u_int64_t	mptsl_dsn;	/* Data Sequence Number */
154		u_int32_t	mptsl_sseq;	/* Corresponding Data Seq */
155		u_int32_t	mptsl_len;	/* length of mapping */
156	} mpts_lastmap;
157	struct protosw		*mpts_oprotosw;	/* original protosw */
158	struct mptsub_connreq	mpts_mpcr;	/* connection request */
159};
160
161/*
162 * Valid values for mpts_flags.  In particular:
163 *
164 *    - MP_CAPABLE means that the connection is successfully established as
165 *	MPTCP and data transfer may occur, but is not yet ready for multipath-
166 *	related semantics until MP_READY.  I.e. if this is on the first subflow,
167 *	it causes the MPTCP socket to transition to a connected state, except
168 *	that additional subflows will not be established; they will be marked
169 *	with PENDING and will be processed when the first subflow is marked
170 *	with MP_READY.
171 *
172 *    - MP_READY implies that an MP_CAPABLE connection has been confirmed as
173 *	an MPTCP connection.  See notes above.
174 *
175 *    - MP_DEGRADED implies that the connection has lost its MPTCP capabilities
176 *	but data transfer on the MPTCP socket is unaffected.  Any existing
177 *	PENDING subflows will be disconnected, and further attempts to connect
178 *	additional subflows will be rejected.
179 *
180 * Note that these are per-subflow flags.  The setting and clearing of MP_READY
181 * reflects the state of the MPTCP connection with regards to its multipath
182 * semantics, via the MPTCPF_JOIN_READY flag.  Until that flag is set (meaning
183 * until at least a subflow is marked with MP_READY), further connectx(2)
184 * attempts to join will be queued.  When the flag is cleared (after it has
185 * been set), further connectx(2) will fail (and existing queued ones will be
186 * aborted) and the MPTCP connection loses all of its multipath semantics.
187 *
188 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
189 */
190#define	MPTSF_ATTACHED		0x1	/* attached to MPTCP PCB */
191#define	MPTSF_CONNECTING	0x2	/* connection was attempted */
192#define	MPTSF_CONNECT_PENDING	0x4	/* will connect when MPTCP is ready */
193#define	MPTSF_CONNECTED		0x8	/* connection is established */
194#define	MPTSF_DISCONNECTING	0x10	/* disconnection was attempted */
195#define	MPTSF_DISCONNECTED	0x20	/* has been disconnected */
196#define	MPTSF_MP_CAPABLE	0x40	/* connected as a MPTCP subflow */
197#define	MPTSF_MP_READY		0x80	/* MPTCP has been confirmed */
198#define	MPTSF_MP_DEGRADED	0x100	/* has lost its MPTCP capabilities */
199#define	MPTSF_SUSPENDED		0x200	/* write-side is flow controlled */
200#define	MPTSF_BOUND_IF		0x400	/* subflow bound to an interface */
201#define	MPTSF_BOUND_IP		0x800	/* subflow bound to a src address */
202#define	MPTSF_BOUND_PORT	0x1000	/* subflow bound to a src port */
203#define	MPTSF_PREFERRED		0x2000	/* primary/preferred subflow */
204#define	MPTSF_SOPT_OLDVAL	0x4000	/* old option value is valid */
205#define	MPTSF_SOPT_INPROG	0x8000	/* sosetopt in progress */
206#define	MPTSF_DELETEOK		0x10000	/* subflow can be deleted */
207#define	MPTSF_FAILINGOVER	0x20000	/* subflow not used for output */
208#define	MPTSF_ACTIVE		0x40000	/* subflow currently in use */
209#define	MPTSF_MPCAP_CTRSET	0x80000	/* mpcap counter */
210
211#define	MPTSF_BITS \
212	"\020\1ATTACHED\2CONNECTING\3PENDING\4CONNECTED\5DISCONNECTING" \
213	"\6DISCONNECTED\7MP_CAPABLE\10MP_READY\11MP_DEGRADED\12SUSPENDED" \
214	"\13BOUND_IF\14BOUND_IP\15BOUND_PORT\16PREFERRED\17SOPT_OLDVAL" \
215	"\20SOPT_INPROG\21NOLINGER\22FAILINGOVER\23ACTIVE\24MPCAP_CTRSET"
216
217#define	MPTS_LOCK_ASSERT_HELD(_mpts)					\
218	lck_mtx_assert(&(_mpts)->mpts_lock, LCK_MTX_ASSERT_OWNED)
219
220#define	MPTS_LOCK_ASSERT_NOTHELD(_mpts)					\
221	lck_mtx_assert(&(_mpts)->mpts_lock, LCK_MTX_ASSERT_NOTOWNED)
222
223#define	MPTS_LOCK(_mpts)						\
224	lck_mtx_lock(&(_mpts)->mpts_lock)
225
226#define	MPTS_LOCK_SPIN(_mpts)						\
227	lck_mtx_lock_spin(&(_mpts)->mpts_lock)
228
229#define	MPTS_CONVERT_LOCK(_mpts) do {					\
230	MPTS_LOCK_ASSERT_HELD(_mpts);					\
231	lck_mtx_convert_spin(&(_mpts)->mpts_lock);			\
232} while (0)
233
234#define	MPTS_UNLOCK(_mpts)						\
235	lck_mtx_unlock(&(_mpts)->mpts_lock)
236
237#define	MPTS_ADDREF(_mpts)						\
238	mptcp_subflow_addref(_mpts, 0)
239
240#define	MPTS_ADDREF_LOCKED(_mpts)					\
241	mptcp_subflow_addref(_mpts, 1)
242
243#define	MPTS_REMREF(_mpts)						\
244	mptcp_subflow_remref(_mpts)
245
246/*
247 * MPTCP states
248 * Keep in sync with bsd/dev/dtrace/mptcp.d
249 */
250typedef enum mptcp_state {
251	MPTCPS_CLOSED		= 0,	/* closed */
252	MPTCPS_LISTEN		= 1,	/* not yet implemented */
253	MPTCPS_ESTABLISHED	= 2,	/* MPTCP connection established */
254	MPTCPS_CLOSE_WAIT	= 3,	/* rcvd DFIN, waiting for close */
255	MPTCPS_FIN_WAIT_1	= 4,	/* have closed, sent DFIN */
256	MPTCPS_CLOSING		= 5,	/* closed xchd DFIN, waiting DFIN ACK */
257	MPTCPS_LAST_ACK		= 6,	/* had DFIN and close; await DFIN ACK */
258	MPTCPS_FIN_WAIT_2	= 7,	/* have closed, DFIN is acked */
259	MPTCPS_TIME_WAIT	= 8,	/* in 2*MSL quiet wait after close */
260	MPTCPS_FASTCLOSE_WAIT	= 9,	/* sent MP_FASTCLOSE */
261} mptcp_state_t;
262
263typedef u_int64_t	mptcp_key_t;
264typedef u_int32_t	mptcp_token_t;
265typedef u_int8_t	mptcp_addr_id;
266
267
268/* Address ID list */
269struct mptcp_subf_auth_entry {
270	LIST_ENTRY(mptcp_subf_auth_entry) msae_next;
271	u_int32_t	msae_laddr_rand;	/* Local nonce */
272	u_int32_t	msae_raddr_rand;	/* Remote nonce */
273	mptcp_addr_id	msae_laddr_id;		/* Local addr ID */
274	mptcp_addr_id	msae_raddr_id;		/* Remote addr ID */
275};
276
277/*
278 * MPTCP Protocol Control Block
279 *
280 * Protected by per-MPTCP mpt_lock.
281 * Keep in sync with bsd/dev/dtrace/scripts/mptcp.d.
282 */
283struct mptcb {
284	decl_lck_mtx_data(, mpt_lock);		/* per MPTCP PCB lock */
285	struct mptses	*mpt_mpte;		/* back ptr to MPTCP session */
286	mptcp_state_t	mpt_state;		/* MPTCP state */
287	u_int32_t	mpt_flags;		/* see flags below */
288	u_int32_t	mpt_refcnt;		/* references held on mptcb */
289	u_int32_t	mpt_version;		/* MPTCP proto version */
290	int		mpt_softerror;		/* error not yet reported */
291	/*
292	 * Authentication and metadata invariants
293	 */
294	mptcp_key_t	*mpt_localkey;		/* in network byte order */
295	mptcp_key_t	mpt_remotekey;		/* in network byte order */
296	mptcp_token_t	mpt_localtoken;		/* HMAC SHA1 of local key */
297	mptcp_token_t	mpt_remotetoken;	/* HMAC SHA1 of remote key */
298
299	/*
300	 * Timer vars for scenarios where subflow level acks arrive, but
301	 * Data ACKs do not.
302	 */
303	int		mpt_rxtshift;		/* num of consecutive retrans */
304	u_int32_t	mpt_rxtstart;		/* time at which rxt started */
305	u_int64_t	mpt_rtseq;		/* seq # being tracked */
306	u_int32_t	mpt_timer_vals;		/* timer related values */
307	u_int32_t	mpt_timewait;		/* timewait */
308	/*
309	 * Sending side
310	 */
311	u_int64_t	mpt_snduna;		/* DSN of last unacked byte */
312	u_int64_t	mpt_sndnxt;		/* DSN of next byte to send */
313	u_int64_t	mpt_sndmax;		/* DSN of max byte sent */
314	u_int64_t	mpt_local_idsn;		/* First byte's DSN */
315	u_int32_t	mpt_sndwnd;
316	/*
317	 * Receiving side
318	 */
319	u_int64_t	mpt_rcvnxt;		/* Next expected DSN */
320	u_int64_t	mpt_rcvatmark;		/* mpsocket marker of rcvnxt */
321	u_int64_t	mpt_remote_idsn;	/* Peer's IDSN */
322	u_int32_t	mpt_rcvwnd;
323	LIST_HEAD(, mptcp_subf_auth_entry) mpt_subauth_list; /* address IDs */
324	/*
325	 * Fastclose
326	 */
327	u_int64_t	mpt_dsn_at_csum_fail;   /* MPFail Opt DSN */
328	/*
329	 * Zombie handling
330	 */
331#define	MPT_GC_TICKS	(60)
332	int32_t		mpt_gc_ticks;		/* Used for zombie deletion */
333};
334
335/* valid values for mpt_flags (see also notes on mpts_flags above) */
336#define	MPTCPF_CHECKSUM		0x1	/* checksum DSS option */
337#define	MPTCPF_FALLBACK_TO_TCP	0x2	/* Fallback to TCP */
338#define	MPTCPF_JOIN_READY	0x4	/* Ready to start 2 or more subflows */
339#define	MPTCPF_RECVD_MPFAIL	0x8	/* Received MP_FAIL option */
340#define	MPTCPF_PEEL_OFF		0x10	/* Peel off this socket */
341#define	MPTCPF_SND_64BITDSN	0x20	/* Send full 64-bit DSN */
342#define	MPTCPF_SND_64BITACK	0x40	/* Send 64-bit ACK response */
343#define	MPTCPF_RCVD_64BITACK	0x80	/* Received 64-bit Data ACK */
344
345#define	MPTCPF_BITS \
346	"\020\1CHECKSUM\2FALLBACK_TO_TCP\3JOIN_READY\4RECVD_MPFAIL\5PEEL_OFF" \
347	"\6SND_64BITDSN\7SND_64BITACK\10RCVD_64BITACK"
348
349/* valid values for mpt_timer_vals */
350#define	MPTT_REXMT	0x01	/* Starting Retransmit Timer */
351#define	MPTT_TW		0x02	/* Starting Timewait Timer */
352#define	MPTT_FASTCLOSE	0x04	/* Starting Fastclose wait timer */
353
354#define	MPT_LOCK_ASSERT_HELD(_mpt)					\
355	lck_mtx_assert(&(_mpt)->mpt_lock, LCK_MTX_ASSERT_OWNED)
356
357#define	MPT_LOCK_ASSERT_NOTHELD(_mpt)					\
358	lck_mtx_assert(&(_mpt)->mpt_lock, LCK_MTX_ASSERT_NOTOWNED)
359
360#define	MPT_LOCK(_mpt)							\
361	lck_mtx_lock(&(_mpt)->mpt_lock)
362
363#define	MPT_LOCK_SPIN(_mpt)						\
364	lck_mtx_lock_spin(&(_mpt)->mpt_lock)
365
366#define	MPT_CONVERT_LOCK(_mpt) do {					\
367	MPT_LOCK_ASSERT_HELD(_mpt);					\
368	lck_mtx_convert_spin(&(_mpt)->mpt_lock);			\
369} while (0)
370
371#define	MPT_UNLOCK(_mpt)						\
372	lck_mtx_unlock(&(_mpt)->mpt_lock)
373
374/* events for close FSM */
375#define	MPCE_CLOSE		0x1
376#define	MPCE_RECV_DATA_ACK	0x2
377#define	MPCE_RECV_DATA_FIN	0x4
378
379/* mptcb manipulation */
380#define	tptomptp(tp)	((struct mptcb *)((tp)->t_mptcb))
381
382/*
383 * MPTCP control block and state structures are allocated along with
384 * the MP protocol control block; the folllowing represents the layout.
385 */
386struct mpp_mtp {
387	struct mppcb		mpp;		/* Multipath PCB */
388	struct mptses		mpp_ses;	/* MPTCP session */
389	struct mptcb		mtcb;		/* MPTCP PCB */
390};
391
392#ifdef SYSCTL_DECL
393SYSCTL_DECL(_net_inet_mptcp);
394#endif /* SYSCTL_DECL */
395
396extern struct mppcbinfo mtcbinfo;
397extern struct pr_usrreqs mptcp_usrreqs;
398
399/* Encryption algorithm related definitions */
400#define	MPTCP_SHA1_RESULTLEN    20
401#define	SHA1_TRUNCATED		8
402
403/* List of valid keys to use for MPTCP connections */
404#define	MPTCP_KEY_DIGEST_LEN		(MPTCP_SHA1_RESULTLEN)
405#define	MPTCP_MX_KEY_ALLOCS		(256)
406#define	MPTCP_KEY_PREALLOCS_MX		(16)
407#define	MPTCP_MX_PREALLOC_ZONE_SZ	(8192)
408
409struct mptcp_key_entry {
410	LIST_ENTRY(mptcp_key_entry)	mkey_next;
411	mptcp_key_t			mkey_value;
412#define	MKEYF_FREE	0x0
413#define	MKEYF_INUSE	0x1
414	u_int32_t			mkey_flags;
415	char				mkey_digest[MPTCP_KEY_DIGEST_LEN];
416};
417
418/* structure for managing unique key list */
419struct mptcp_keys_pool_head {
420	struct mptcp_key_entry *lh_first;	/* list of keys */
421	u_int32_t	mkph_count;		/* total keys in pool */
422	vm_size_t	mkph_key_elm_sz;	/* size of key entry */
423	struct zone	*mkph_key_entry_zone;	/* zone for key entry */
424	decl_lck_mtx_data(, mkph_lock);		/* lock for key list */
425};
426
427/* MPTCP Receive Window */
428#define	MPTCP_RWIN_MAX	(1<<16)
429
430/* MPTCP Debugging Levels */
431#define	MP_NODEBUG		0x0
432#define	MP_ERR_DEBUG		0x1
433#define	MP_VERBOSE_DEBUG_1	0x2
434#define	MP_VERBOSE_DEBUG_2	0x3
435#define	MP_VERBOSE_DEBUG_3	0x4
436#define	MP_VERBOSE_DEBUG_4	0x5	/* output path debugging */
437
438/* Mask to obtain 32-bit portion of data sequence number */
439#define	MPTCP_DATASEQ_LOW32_MASK	(0xffffffff)
440#define	MPTCP_DATASEQ_LOW32(seq)	(seq & MPTCP_DATASEQ_LOW32_MASK)
441
442/* Mask to obtain upper 32-bit portion of data sequence number */
443#define	MPTCP_DATASEQ_HIGH32_MASK	(0xffffffff00000000)
444#define	MPTCP_DATASEQ_HIGH32(seq)	(seq & MPTCP_DATASEQ_HIGH32_MASK)
445
446/* Mask to obtain 32-bit portion of data ack */
447#define	MPTCP_DATAACK_LOW32_MASK	(0xffffffff)
448#define	MPTCP_DATAACK_LOW32(ack)	(ack & MPTCP_DATAACK_LOW32_MASK)
449
450/* Mask to obtain upper 32-bit portion of data ack */
451#define	MPTCP_DATAACK_HIGH32_MASK	(0xffffffff00000000)
452#define	MPTCP_DATAACK_HIGH32(ack)	(ack & MPTCP_DATAACK_HIGH32_MASK)
453
454/*
455 * x is the 64-bit data sequence number, y the 32-bit data seq number to be
456 * extended. z is y extended to the appropriate 64-bit value.
457 * This algorithm is based on the fact that subflow level window sizes are
458 * at the maximum 2**30 (in reality, they are a lot lesser). A high throughput
459 * application sending on a large number of subflows can in theory have very
460 * large MPTCP level send and receive windows. In which case, 64 bit DSNs
461 * must be sent in place of 32 bit DSNs on wire. For us, with 2 subflows at
462 * 512K each, sequence wraparound detection can be done by checking whether
463 * the 32-bit value obtained on wire is 2**31 bytes apart from the stored
464 * lower 32-bits of the Data Sequence Number. Bogus DSNs are dropped by
465 * comparing against rwnd. Bogus DSNs within rwnd cannot be protected against
466 * and are as weak as bogus TCP sequence numbers.
467 */
468#define	MPTCP_EXTEND_DSN(x, y, z) {					\
469	if ((MPTCP_DATASEQ_LOW32(x) > y) &&				\
470	    ((((u_int32_t)MPTCP_DATASEQ_LOW32(x)) - (u_int32_t)y) >=	\
471	    (u_int32_t)(1 << 31))) {					\
472		/*							\
473		 * y wrapped around and x and y are 2**31 bytes  apart	\
474		 */							\
475		z = MPTCP_DATASEQ_HIGH32(x) + 0x100000000;		\
476		z |= y;							\
477	} else if ((MPTCP_DATASEQ_LOW32(x) < y) &&			\
478	    (((u_int32_t)y -						\
479	    ((u_int32_t)MPTCP_DATASEQ_LOW32(x))) >=			\
480	    (u_int32_t)(1 << 31))) {					\
481		/*							\
482		 * x wrapped around and x and y are 2**31 apart		\
483		 */							\
484		z = MPTCP_DATASEQ_HIGH32(x) - 0x100000000;		\
485		z |= y;							\
486	} else {							\
487		z = MPTCP_DATASEQ_HIGH32(x) | y;			\
488	}								\
489}
490
491#define	mptcplog(x)	do { if (mptcp_verbose >= 1) log x; } while (0)
492#define	mptcplog2(x)	do { if (mptcp_verbose >= 2) log x; } while (0)
493#define	mptcplog3(x)	do { if (mptcp_verbose >= 3) log x; } while (0)
494
495extern int mptcp_enable;	/* Multipath TCP */
496extern int mptcp_dbg;		/* Multipath TCP DBG */
497extern int mptcp_mpcap_retries;	/* Multipath TCP retries */
498extern int mptcp_join_retries;	/* Multipath TCP Join retries */
499extern int mptcp_dss_csum;	/* Multipath DSS Option checksum */
500extern int mptcp_fail_thresh;	/* Multipath failover thresh of retransmits */
501extern int mptcp_subflow_keeptime; /* Multipath subflow TCP_KEEPALIVE opt */
502extern int mptcp_mpprio_enable;	/* MP_PRIO option enable/disable */
503extern int mptcp_remaddr_enable;/* REMOVE_ADDR option enable/disable */
504extern uint32_t mptcp_verbose;	/* verbose and mptcp_dbg must be unified */
505#define MPPCB_LIMIT	16
506extern uint32_t mptcp_socket_limit; /* max number of mptcp sockets allowed */
507extern int tcp_jack_rxmt;	/* Join ACK retransmission value in msecs */
508
509__BEGIN_DECLS
510extern void mptcp_init(struct protosw *, struct domain *);
511extern int mptcp_ctloutput(struct socket *, struct sockopt *);
512extern struct mptses *mptcp_sescreate(struct socket *, struct mppcb *);
513extern void mptcp_drain(void);
514extern struct mptses *mptcp_drop(struct mptses *, struct mptcb *, int);
515extern struct mptses *mptcp_close(struct mptses *, struct mptcb *);
516extern int mptcp_lock(struct socket *, int, void *);
517extern int mptcp_unlock(struct socket *, int, void *);
518extern lck_mtx_t *mptcp_getlock(struct socket *, int);
519extern void mptcp_thread_signal(struct mptses *);
520extern void mptcp_flush_sopts(struct mptses *);
521extern int mptcp_setconnorder(struct mptses *, connid_t, uint32_t);
522extern int mptcp_getconnorder(struct mptses *, connid_t, uint32_t *);
523
524extern struct mptopt *mptcp_sopt_alloc(int);
525extern const char *mptcp_sopt2str(int, int, char *, int);
526extern void mptcp_sopt_free(struct mptopt *);
527extern void mptcp_sopt_insert(struct mptses *, struct mptopt *);
528extern void mptcp_sopt_remove(struct mptses *, struct mptopt *);
529extern struct mptopt *mptcp_sopt_find(struct mptses *, struct sockopt *);
530
531extern struct mptsub *mptcp_subflow_alloc(int);
532extern void mptcp_subflow_free(struct mptsub *);
533extern void mptcp_subflow_addref(struct mptsub *, int);
534extern int mptcp_subflow_add(struct mptses *, struct mptsub *,
535    struct proc *, uint32_t);
536extern void mptcp_subflow_del(struct mptses *, struct mptsub *, boolean_t);
537extern void mptcp_subflow_remref(struct mptsub *);
538extern int mptcp_subflow_output(struct mptses *, struct mptsub *);
539extern void mptcp_subflow_disconnect(struct mptses *, struct mptsub *,
540    boolean_t);
541extern void mptcp_subflow_sopeeloff(struct mptses *, struct mptsub *,
542    struct socket *);
543extern int mptcp_subflow_sosetopt(struct mptses *, struct socket *,
544    struct mptopt *);
545extern int mptcp_subflow_sogetopt(struct mptses *, struct socket *,
546    struct mptopt *);
547
548extern void mptcp_input(struct mptses *, struct mbuf *);
549extern int mptcp_output(struct mptses *);
550extern void mptcp_close_fsm(struct mptcb *, uint32_t);
551
552extern mptcp_token_t mptcp_get_localtoken(void *);
553extern mptcp_token_t mptcp_get_remotetoken(void *);
554
555extern u_int64_t mptcp_get_localkey(void *);
556extern u_int64_t mptcp_get_remotekey(void *);
557
558extern void mptcp_free_key(mptcp_key_t *key);
559extern void mptcp_hmac_sha1(mptcp_key_t, mptcp_key_t, u_int32_t, u_int32_t,
560    u_char*, int);
561extern void mptcp_get_hmac(mptcp_addr_id, struct mptcb *, u_char *, int);
562extern void mptcp_get_rands(mptcp_addr_id, struct mptcb *, u_int32_t *,
563    u_int32_t *);
564extern void mptcp_set_raddr_rand(mptcp_addr_id, struct mptcb *, mptcp_addr_id,
565    u_int32_t);
566extern u_int64_t mptcp_get_trunced_hmac(mptcp_addr_id, struct mptcb *mp_tp);
567extern int mptcp_generate_token(char *, int, caddr_t, int);
568extern int mptcp_generate_idsn(char *, int, caddr_t, int);
569extern boolean_t mptcp_ok_to_keepalive(struct mptcb *);
570extern void mptcp_insert_dsn(struct mppcb *, struct mbuf *);
571extern void  mptcp_output_getm_dsnmap32(struct socket *, int, uint32_t,
572    u_int32_t *, u_int32_t *, u_int16_t *, u_int64_t *);
573extern void  mptcp_output_getm_dsnmap64(struct socket *, int, uint32_t,
574    u_int64_t *, u_int32_t *, u_int16_t *);
575extern void mptcp_send_dfin(struct socket *);
576extern void mptcp_act_on_txfail(struct socket *);
577extern struct mptsub *mptcp_get_subflow(struct mptses *, struct mptsub *);
578extern int mptcp_get_map_for_dsn(struct socket *, u_int64_t, u_int32_t *);
579extern int32_t mptcp_adj_sendlen(struct socket *so, int32_t off, int32_t len);
580extern int32_t mptcp_sbspace(struct mptcb *);
581extern void mptcp_notify_mpready(struct socket *);
582extern void mptcp_notify_mpfail(struct socket *);
583extern void mptcp_notify_close(struct socket *);
584__END_DECLS
585
586#endif /* BSD_KERNEL_PRIVATE */
587#ifdef PRIVATE
588typedef struct mptcp_flow {
589	uint32_t		flow_flags;
590	connid_t		flow_cid;
591	struct sockaddr_storage flow_src;
592	struct sockaddr_storage flow_dst;
593	conninfo_tcp_t		flow_ci;
594} mptcp_flow_t;
595
596typedef struct conninfo_mptcp {
597	size_t		mptcpci_len;
598	size_t		mptcpci_nflows;
599	uint32_t	mptcpci_state;
600	mptcp_flow_t	mptcpci_flows[1];
601} conninfo_mptcp_t;
602
603#endif /* PRIVATE */
604#endif /* _NETINET_MPTCP_VAR_H_ */
605