1 /* $NetBSD: tcp_usrreq.c,v 1.129.2.3 2009/09/05 13:58:48 bouyer Exp $ */
2
3 /*
4 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 /*-
33 * Copyright (c) 1997, 1998, 2005, 2006 The NetBSD Foundation, Inc.
34 * All rights reserved.
35 *
36 * This code is derived from software contributed to The NetBSD Foundation
37 * by Jason R. Thorpe and Kevin M. Lahey of the Numerical Aerospace Simulation
38 * Facility, NASA Ames Research Center.
39 * This code is derived from software contributed to The NetBSD Foundation
40 * by Charles M. Hannum.
41 * This code is derived from software contributed to The NetBSD Foundation
42 * by Rui Paulo.
43 *
44 * Redistribution and use in source and binary forms, with or without
45 * modification, are permitted provided that the following conditions
46 * are met:
47 * 1. Redistributions of source code must retain the above copyright
48 * notice, this list of conditions and the following disclaimer.
49 * 2. Redistributions in binary form must reproduce the above copyright
50 * notice, this list of conditions and the following disclaimer in the
51 * documentation and/or other materials provided with the distribution.
52 * 3. All advertising materials mentioning features or use of this software
53 * must display the following acknowledgement:
54 * This product includes software developed by the NetBSD
55 * Foundation, Inc. and its contributors.
56 * 4. Neither the name of The NetBSD Foundation nor the names of its
57 * contributors may be used to endorse or promote products derived
58 * from this software without specific prior written permission.
59 *
60 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
61 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
62 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
63 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
64 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
65 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
66 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
67 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
68 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
69 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
70 * POSSIBILITY OF SUCH DAMAGE.
71 */
72
73 /*
74 * Copyright (c) 1982, 1986, 1988, 1993, 1995
75 * The Regents of the University of California. All rights reserved.
76 *
77 * Redistribution and use in source and binary forms, with or without
78 * modification, are permitted provided that the following conditions
79 * are met:
80 * 1. Redistributions of source code must retain the above copyright
81 * notice, this list of conditions and the following disclaimer.
82 * 2. Redistributions in binary form must reproduce the above copyright
83 * notice, this list of conditions and the following disclaimer in the
84 * documentation and/or other materials provided with the distribution.
85 * 3. Neither the name of the University nor the names of its contributors
86 * may be used to endorse or promote products derived from this software
87 * without specific prior written permission.
88 *
89 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
90 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
91 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
92 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
93 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
94 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
95 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
96 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
97 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
98 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
99 * SUCH DAMAGE.
100 *
101 * @(#)tcp_usrreq.c 8.5 (Berkeley) 6/21/95
102 */
103
104 #include <sys/cdefs.h>
105 __KERNEL_RCSID(0, "$NetBSD: tcp_usrreq.c,v 1.129.2.3 2009/09/05 13:58:48 bouyer Exp $");
106
107 #include "opt_inet.h"
108 #include "opt_ipsec.h"
109 #include "opt_tcp_debug.h"
110 #include "opt_mbuftrace.h"
111 #include "rnd.h"
112
113 #include <sys/param.h>
114 #include <sys/systm.h>
115 #include <sys/kernel.h>
116 #include <sys/malloc.h>
117 #include <sys/mbuf.h>
118 #include <sys/socket.h>
119 #include <sys/socketvar.h>
120 #include <sys/protosw.h>
121 #include <sys/errno.h>
122 #include <sys/stat.h>
123 #include <sys/proc.h>
124 #include <sys/domain.h>
125 #include <sys/sysctl.h>
126 #include <sys/kauth.h>
127
128 #include <net/if.h>
129 #include <net/route.h>
130
131 #include <netinet/in.h>
132 #include <netinet/in_systm.h>
133 #include <netinet/in_var.h>
134 #include <netinet/ip.h>
135 #include <netinet/in_pcb.h>
136 #include <netinet/ip_var.h>
137 #include <netinet/in_offload.h>
138
139 #ifdef INET6
140 #ifndef INET
141 #include <netinet/in.h>
142 #endif
143 #include <netinet/ip6.h>
144 #include <netinet6/in6_pcb.h>
145 #include <netinet6/ip6_var.h>
146 #endif
147
148 #include <netinet/tcp.h>
149 #include <netinet/tcp_fsm.h>
150 #include <netinet/tcp_seq.h>
151 #include <netinet/tcp_timer.h>
152 #include <netinet/tcp_var.h>
153 #include <netinet/tcp_congctl.h>
154 #include <netinet/tcpip.h>
155 #include <netinet/tcp_debug.h>
156
157 #include "opt_tcp_space.h"
158
159 #ifdef IPSEC
160 #include <netinet6/ipsec.h>
161 #endif /*IPSEC*/
162
163 /*
164 * TCP protocol interface to socket abstraction.
165 */
166
167 /*
168 * Process a TCP user request for TCP tb. If this is a send request
169 * then m is the mbuf chain of send data. If this is a timer expiration
170 * (called from the software clock routine), then timertype tells which timer.
171 */
172 /*ARGSUSED*/
173 int
174 tcp_usrreq(struct socket *so, int req,
175 struct mbuf *m, struct mbuf *nam, struct mbuf *control, struct lwp *l)
176 {
177 struct inpcb *inp;
178 #ifdef INET6
179 struct in6pcb *in6p;
180 #endif
181 struct tcpcb *tp = NULL;
182 int s;
183 int error = 0;
184 #ifdef TCP_DEBUG
185 int ostate = 0;
186 #endif
187 int family; /* family of the socket */
188
189 family = so->so_proto->pr_domain->dom_family;
190
191 if (req == PRU_CONTROL) {
192 switch (family) {
193 #ifdef INET
194 case PF_INET:
195 return (in_control(so, (long)m, (caddr_t)nam,
196 (struct ifnet *)control, l));
197 #endif
198 #ifdef INET6
199 case PF_INET6:
200 return (in6_control(so, (long)m, (caddr_t)nam,
201 (struct ifnet *)control, l));
202 #endif
203 default:
204 return EAFNOSUPPORT;
205 }
206 }
207
208 s = splsoftnet();
209
210 if (req == PRU_PURGEIF) {
211 switch (family) {
212 #ifdef INET
213 case PF_INET:
214 in_pcbpurgeif0(&tcbtable, (struct ifnet *)control);
215 in_purgeif((struct ifnet *)control);
216 in_pcbpurgeif(&tcbtable, (struct ifnet *)control);
217 break;
218 #endif
219 #ifdef INET6
220 case PF_INET6:
221 in6_pcbpurgeif0(&tcbtable, (struct ifnet *)control);
222 in6_purgeif((struct ifnet *)control);
223 in6_pcbpurgeif(&tcbtable, (struct ifnet *)control);
224 break;
225 #endif
226 default:
227 splx(s);
228 return (EAFNOSUPPORT);
229 }
230 splx(s);
231 return (0);
232 }
233
234 switch (family) {
235 #ifdef INET
236 case PF_INET:
237 inp = sotoinpcb(so);
238 #ifdef INET6
239 in6p = NULL;
240 #endif
241 break;
242 #endif
243 #ifdef INET6
244 case PF_INET6:
245 inp = NULL;
246 in6p = sotoin6pcb(so);
247 break;
248 #endif
249 default:
250 splx(s);
251 return EAFNOSUPPORT;
252 }
253
254 #ifdef DIAGNOSTIC
255 #ifdef INET6
256 if (inp && in6p)
257 panic("tcp_usrreq: both inp and in6p set to non-NULL");
258 #endif
259 if (req != PRU_SEND && req != PRU_SENDOOB && control)
260 panic("tcp_usrreq: unexpected control mbuf");
261 #endif
262 /*
263 * When a TCP is attached to a socket, then there will be
264 * a (struct inpcb) pointed at by the socket, and this
265 * structure will point at a subsidary (struct tcpcb).
266 */
267 #ifndef INET6
268 if (inp == 0 && req != PRU_ATTACH)
269 #else
270 if ((inp == 0 && in6p == 0) && req != PRU_ATTACH)
271 #endif
272 {
273 error = EINVAL;
274 goto release;
275 }
276 #ifdef INET
277 if (inp) {
278 tp = intotcpcb(inp);
279 /* WHAT IF TP IS 0? */
280 #ifdef KPROF
281 tcp_acounts[tp->t_state][req]++;
282 #endif
283 #ifdef TCP_DEBUG
284 ostate = tp->t_state;
285 #endif
286 }
287 #endif
288 #ifdef INET6
289 if (in6p) {
290 tp = in6totcpcb(in6p);
291 /* WHAT IF TP IS 0? */
292 #ifdef KPROF
293 tcp_acounts[tp->t_state][req]++;
294 #endif
295 #ifdef TCP_DEBUG
296 ostate = tp->t_state;
297 #endif
298 }
299 #endif
300
301 switch (req) {
302
303 /*
304 * TCP attaches to socket via PRU_ATTACH, reserving space,
305 * and an internet control block.
306 */
307 case PRU_ATTACH:
308 #ifndef INET6
309 if (inp != 0)
310 #else
311 if (inp != 0 || in6p != 0)
312 #endif
313 {
314 error = EISCONN;
315 break;
316 }
317 error = tcp_attach(so);
318 if (error)
319 break;
320 if ((so->so_options & SO_LINGER) && so->so_linger == 0)
321 so->so_linger = TCP_LINGERTIME;
322 tp = sototcpcb(so);
323 break;
324
325 /*
326 * PRU_DETACH detaches the TCP protocol from the socket.
327 */
328 case PRU_DETACH:
329 tp = tcp_disconnect(tp);
330 break;
331
332 /*
333 * Give the socket an address.
334 */
335 case PRU_BIND:
336 switch (family) {
337 #ifdef INET
338 case PF_INET:
339 error = in_pcbbind(inp, nam, l);
340 break;
341 #endif
342 #ifdef INET6
343 case PF_INET6:
344 error = in6_pcbbind(in6p, nam, l);
345 if (!error) {
346 /* mapped addr case */
347 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_laddr))
348 tp->t_family = AF_INET;
349 else
350 tp->t_family = AF_INET6;
351 }
352 break;
353 #endif
354 }
355 break;
356
357 /*
358 * Prepare to accept connections.
359 */
360 case PRU_LISTEN:
361 #ifdef INET
362 if (inp && inp->inp_lport == 0) {
363 error = in_pcbbind(inp, (struct mbuf *)0,
364 (struct lwp *)0);
365 if (error)
366 break;
367 }
368 #endif
369 #ifdef INET6
370 if (in6p && in6p->in6p_lport == 0) {
371 error = in6_pcbbind(in6p, (struct mbuf *)0,
372 (struct lwp *)0);
373 if (error)
374 break;
375 }
376 #endif
377 tp->t_state = TCPS_LISTEN;
378 break;
379
380 /*
381 * Initiate connection to peer.
382 * Create a template for use in transmissions on this connection.
383 * Enter SYN_SENT state, and mark socket as connecting.
384 * Start keep-alive timer, and seed output sequence space.
385 * Send initial segment on connection.
386 */
387 case PRU_CONNECT:
388 #ifdef INET
389 if (inp) {
390 if (inp->inp_lport == 0) {
391 error = in_pcbbind(inp, (struct mbuf *)0,
392 (struct lwp *)0);
393 if (error)
394 break;
395 }
396 error = in_pcbconnect(inp, nam, l);
397 }
398 #endif
399 #ifdef INET6
400 if (in6p) {
401 if (in6p->in6p_lport == 0) {
402 error = in6_pcbbind(in6p, (struct mbuf *)0,
403 (struct lwp *)0);
404 if (error)
405 break;
406 }
407 error = in6_pcbconnect(in6p, nam, l);
408 if (!error) {
409 /* mapped addr case */
410 if (IN6_IS_ADDR_V4MAPPED(&in6p->in6p_faddr))
411 tp->t_family = AF_INET;
412 else
413 tp->t_family = AF_INET6;
414 }
415 }
416 #endif
417 if (error)
418 break;
419 tp->t_template = tcp_template(tp);
420 if (tp->t_template == 0) {
421 #ifdef INET
422 if (inp)
423 in_pcbdisconnect(inp);
424 #endif
425 #ifdef INET6
426 if (in6p)
427 in6_pcbdisconnect(in6p);
428 #endif
429 error = ENOBUFS;
430 break;
431 }
432 /* Compute window scaling to request. */
433 while (tp->request_r_scale < TCP_MAX_WINSHIFT &&
434 (TCP_MAXWIN << tp->request_r_scale) < so->so_rcv.sb_hiwat)
435 tp->request_r_scale++;
436 soisconnecting(so);
437 tcpstat.tcps_connattempt++;
438 tp->t_state = TCPS_SYN_SENT;
439 TCP_TIMER_ARM(tp, TCPT_KEEP, TCPTV_KEEP_INIT);
440 tp->iss = tcp_new_iss(tp, 0);
441 tcp_sendseqinit(tp);
442 error = tcp_output(tp);
443 break;
444
445 /*
446 * Create a TCP connection between two sockets.
447 */
448 case PRU_CONNECT2:
449 error = EOPNOTSUPP;
450 break;
451
452 /*
453 * Initiate disconnect from peer.
454 * If connection never passed embryonic stage, just drop;
455 * else if don't need to let data drain, then can just drop anyways,
456 * else have to begin TCP shutdown process: mark socket disconnecting,
457 * drain unread data, state switch to reflect user close, and
458 * send segment (e.g. FIN) to peer. Socket will be really disconnected
459 * when peer sends FIN and acks ours.
460 *
461 * SHOULD IMPLEMENT LATER PRU_CONNECT VIA REALLOC TCPCB.
462 */
463 case PRU_DISCONNECT:
464 tp = tcp_disconnect(tp);
465 break;
466
467 /*
468 * Accept a connection. Essentially all the work is
469 * done at higher levels; just return the address
470 * of the peer, storing through addr.
471 */
472 case PRU_ACCEPT:
473 #ifdef INET
474 if (inp)
475 in_setpeeraddr(inp, nam);
476 #endif
477 #ifdef INET6
478 if (in6p)
479 in6_setpeeraddr(in6p, nam);
480 #endif
481 break;
482
483 /*
484 * Mark the connection as being incapable of further output.
485 */
486 case PRU_SHUTDOWN:
487 socantsendmore(so);
488 tp = tcp_usrclosed(tp);
489 if (tp)
490 error = tcp_output(tp);
491 break;
492
493 /*
494 * After a receive, possibly send window update to peer.
495 */
496 case PRU_RCVD:
497 /*
498 * soreceive() calls this function when a user receives
499 * ancillary data on a listening socket. We don't call
500 * tcp_output in such a case, since there is no header
501 * template for a listening socket and hence the kernel
502 * will panic.
503 */
504 if ((so->so_state & (SS_ISCONNECTED|SS_ISCONNECTING)) != 0)
505 (void) tcp_output(tp);
506 break;
507
508 /*
509 * Do a send by putting data in output queue and updating urgent
510 * marker if URG set. Possibly send more data.
511 */
512 case PRU_SEND:
513 if (control && control->m_len) {
514 m_freem(control);
515 m_freem(m);
516 error = EINVAL;
517 break;
518 }
519 sbappendstream(&so->so_snd, m);
520 error = tcp_output(tp);
521 break;
522
523 /*
524 * Abort the TCP.
525 */
526 case PRU_ABORT:
527 tp = tcp_drop(tp, ECONNABORTED);
528 break;
529
530 case PRU_SENSE:
531 /*
532 * stat: don't bother with a blocksize.
533 */
534 splx(s);
535 return (0);
536
537 case PRU_RCVOOB:
538 if (control && control->m_len) {
539 m_freem(control);
540 m_freem(m);
541 error = EINVAL;
542 break;
543 }
544 if ((so->so_oobmark == 0 &&
545 (so->so_state & SS_RCVATMARK) == 0) ||
546 so->so_options & SO_OOBINLINE ||
547 tp->t_oobflags & TCPOOB_HADDATA) {
548 error = EINVAL;
549 break;
550 }
551 if ((tp->t_oobflags & TCPOOB_HAVEDATA) == 0) {
552 error = EWOULDBLOCK;
553 break;
554 }
555 m->m_len = 1;
556 *mtod(m, caddr_t) = tp->t_iobc;
557 if (((long)nam & MSG_PEEK) == 0)
558 tp->t_oobflags ^= (TCPOOB_HAVEDATA | TCPOOB_HADDATA);
559 break;
560
561 case PRU_SENDOOB:
562 if (sbspace(&so->so_snd) < -512) {
563 m_freem(m);
564 error = ENOBUFS;
565 break;
566 }
567 /*
568 * According to RFC961 (Assigned Protocols),
569 * the urgent pointer points to the last octet
570 * of urgent data. We continue, however,
571 * to consider it to indicate the first octet
572 * of data past the urgent section.
573 * Otherwise, snd_up should be one lower.
574 */
575 sbappendstream(&so->so_snd, m);
576 tp->snd_up = tp->snd_una + so->so_snd.sb_cc;
577 tp->t_force = 1;
578 error = tcp_output(tp);
579 tp->t_force = 0;
580 break;
581
582 case PRU_SOCKADDR:
583 #ifdef INET
584 if (inp)
585 in_setsockaddr(inp, nam);
586 #endif
587 #ifdef INET6
588 if (in6p)
589 in6_setsockaddr(in6p, nam);
590 #endif
591 break;
592
593 case PRU_PEERADDR:
594 #ifdef INET
595 if (inp)
596 in_setpeeraddr(inp, nam);
597 #endif
598 #ifdef INET6
599 if (in6p)
600 in6_setpeeraddr(in6p, nam);
601 #endif
602 break;
603
604 default:
605 panic("tcp_usrreq");
606 }
607 #ifdef TCP_DEBUG
608 if (tp && (so->so_options & SO_DEBUG))
609 tcp_trace(TA_USER, ostate, tp, NULL, req);
610 #endif
611
612 release:
613 splx(s);
614 return (error);
615 }
616
617 int
618 tcp_ctloutput(int op, struct socket *so, int level, int optname,
619 struct mbuf **mp)
620 {
621 int error = 0, s;
622 struct inpcb *inp;
623 #ifdef INET6
624 struct in6pcb *in6p;
625 #endif
626 struct tcpcb *tp;
627 struct mbuf *m;
628 int i;
629 int family; /* family of the socket */
630
631 family = so->so_proto->pr_domain->dom_family;
632
633 s = splsoftnet();
634 switch (family) {
635 #ifdef INET
636 case PF_INET:
637 inp = sotoinpcb(so);
638 #ifdef INET6
639 in6p = NULL;
640 #endif
641 break;
642 #endif
643 #ifdef INET6
644 case PF_INET6:
645 inp = NULL;
646 in6p = sotoin6pcb(so);
647 break;
648 #endif
649 default:
650 splx(s);
651 panic("%s: af %d", __func__, family);
652 }
653 #ifndef INET6
654 if (inp == NULL)
655 #else
656 if (inp == NULL && in6p == NULL)
657 #endif
658 {
659 splx(s);
660 if (op == PRCO_SETOPT && *mp)
661 (void) m_free(*mp);
662 return (ECONNRESET);
663 }
664 if (level != IPPROTO_TCP) {
665 switch (family) {
666 #ifdef INET
667 case PF_INET:
668 error = ip_ctloutput(op, so, level, optname, mp);
669 break;
670 #endif
671 #ifdef INET6
672 case PF_INET6:
673 error = ip6_ctloutput(op, so, level, optname, mp);
674 break;
675 #endif
676 }
677 splx(s);
678 return (error);
679 }
680 if (inp)
681 tp = intotcpcb(inp);
682 #ifdef INET6
683 else if (in6p)
684 tp = in6totcpcb(in6p);
685 #endif
686 else
687 tp = NULL;
688
689 switch (op) {
690
691 case PRCO_SETOPT:
692 m = *mp;
693 switch (optname) {
694
695 #ifdef TCP_SIGNATURE
696 case TCP_MD5SIG:
697 if (m == NULL || m->m_len < sizeof (int))
698 error = EINVAL;
699 if (error)
700 break;
701 if (*mtod(m, int *) > 0)
702 tp->t_flags |= TF_SIGNATURE;
703 else
704 tp->t_flags &= ~TF_SIGNATURE;
705 break;
706 #endif /* TCP_SIGNATURE */
707
708 case TCP_NODELAY:
709 if (m == NULL || m->m_len < sizeof (int))
710 error = EINVAL;
711 else if (*mtod(m, int *))
712 tp->t_flags |= TF_NODELAY;
713 else
714 tp->t_flags &= ~TF_NODELAY;
715 break;
716
717 case TCP_MAXSEG:
718 if (m && (i = *mtod(m, int *)) > 0 &&
719 i <= tp->t_peermss)
720 tp->t_peermss = i; /* limit on send size */
721 else
722 error = EINVAL;
723 break;
724 #ifdef notyet
725 case TCP_CONGCTL:
726 if (m == NULL)
727 error = EINVAL;
728 error = tcp_congctl_select(tp, mtod(m, char *));
729 #endif
730 break;
731
732 default:
733 error = ENOPROTOOPT;
734 break;
735 }
736 if (m)
737 (void) m_free(m);
738 break;
739
740 case PRCO_GETOPT:
741 *mp = m = m_get(M_WAIT, MT_SOOPTS);
742 m->m_len = sizeof(int);
743 MCLAIM(m, so->so_mowner);
744
745 switch (optname) {
746 #ifdef TCP_SIGNATURE
747 case TCP_MD5SIG:
748 *mtod(m, int *) = (tp->t_flags & TF_SIGNATURE) ? 1 : 0;
749 break;
750 #endif
751 case TCP_NODELAY:
752 *mtod(m, int *) = tp->t_flags & TF_NODELAY;
753 break;
754 case TCP_MAXSEG:
755 *mtod(m, int *) = tp->t_peermss;
756 break;
757 #ifdef notyet
758 case TCP_CONGCTL:
759 break;
760 #endif
761 default:
762 error = ENOPROTOOPT;
763 break;
764 }
765 break;
766 }
767 splx(s);
768 return (error);
769 }
770
771 #ifndef TCP_SENDSPACE
772 #define TCP_SENDSPACE 1024*32
773 #endif
774 int tcp_sendspace = TCP_SENDSPACE;
775 #ifndef TCP_RECVSPACE
776 #define TCP_RECVSPACE 1024*32
777 #endif
778 int tcp_recvspace = TCP_RECVSPACE;
779
780 /*
781 * Attach TCP protocol to socket, allocating
782 * internet protocol control block, tcp control block,
783 * bufer space, and entering LISTEN state if to accept connections.
784 */
785 int
786 tcp_attach(struct socket *so)
787 {
788 struct tcpcb *tp;
789 struct inpcb *inp;
790 #ifdef INET6
791 struct in6pcb *in6p;
792 #endif
793 int error;
794 int family; /* family of the socket */
795
796 family = so->so_proto->pr_domain->dom_family;
797
798 #ifdef MBUFTRACE
799 so->so_mowner = &tcp_mowner;
800 so->so_rcv.sb_mowner = &tcp_rx_mowner;
801 so->so_snd.sb_mowner = &tcp_tx_mowner;
802 #endif
803 if (so->so_snd.sb_hiwat == 0 || so->so_rcv.sb_hiwat == 0) {
804 error = soreserve(so, tcp_sendspace, tcp_recvspace);
805 if (error)
806 return (error);
807 }
808 switch (family) {
809 #ifdef INET
810 case PF_INET:
811 error = in_pcballoc(so, &tcbtable);
812 if (error)
813 return (error);
814 inp = sotoinpcb(so);
815 #ifdef INET6
816 in6p = NULL;
817 #endif
818 break;
819 #endif
820 #ifdef INET6
821 case PF_INET6:
822 error = in6_pcballoc(so, &tcbtable);
823 if (error)
824 return (error);
825 inp = NULL;
826 in6p = sotoin6pcb(so);
827 break;
828 #endif
829 default:
830 return EAFNOSUPPORT;
831 }
832 if (inp)
833 tp = tcp_newtcpcb(family, (void *)inp);
834 #ifdef INET6
835 else if (in6p)
836 tp = tcp_newtcpcb(family, (void *)in6p);
837 #endif
838 else
839 tp = NULL;
840
841 if (tp == 0) {
842 int nofd = so->so_state & SS_NOFDREF; /* XXX */
843
844 so->so_state &= ~SS_NOFDREF; /* don't free the socket yet */
845 #ifdef INET
846 if (inp)
847 in_pcbdetach(inp);
848 #endif
849 #ifdef INET6
850 if (in6p)
851 in6_pcbdetach(in6p);
852 #endif
853 so->so_state |= nofd;
854 return (ENOBUFS);
855 }
856 tp->t_state = TCPS_CLOSED;
857 return (0);
858 }
859
860 /*
861 * Initiate (or continue) disconnect.
862 * If embryonic state, just send reset (once).
863 * If in ``let data drain'' option and linger null, just drop.
864 * Otherwise (hard), mark socket disconnecting and drop
865 * current input data; switch states based on user close, and
866 * send segment to peer (with FIN).
867 */
868 struct tcpcb *
869 tcp_disconnect(struct tcpcb *tp)
870 {
871 struct socket *so;
872
873 if (tp->t_inpcb)
874 so = tp->t_inpcb->inp_socket;
875 #ifdef INET6
876 else if (tp->t_in6pcb)
877 so = tp->t_in6pcb->in6p_socket;
878 #endif
879 else
880 so = NULL;
881
882 if (TCPS_HAVEESTABLISHED(tp->t_state) == 0)
883 tp = tcp_close(tp);
884 else if ((so->so_options & SO_LINGER) && so->so_linger == 0)
885 tp = tcp_drop(tp, 0);
886 else {
887 soisdisconnecting(so);
888 sbflush(&so->so_rcv);
889 tp = tcp_usrclosed(tp);
890 if (tp)
891 (void) tcp_output(tp);
892 }
893 return (tp);
894 }
895
896 /*
897 * User issued close, and wish to trail through shutdown states:
898 * if never received SYN, just forget it. If got a SYN from peer,
899 * but haven't sent FIN, then go to FIN_WAIT_1 state to send peer a FIN.
900 * If already got a FIN from peer, then almost done; go to LAST_ACK
901 * state. In all other cases, have already sent FIN to peer (e.g.
902 * after PRU_SHUTDOWN), and just have to play tedious game waiting
903 * for peer to send FIN or not respond to keep-alives, etc.
904 * We can let the user exit from the close as soon as the FIN is acked.
905 */
906 struct tcpcb *
907 tcp_usrclosed(struct tcpcb *tp)
908 {
909
910 switch (tp->t_state) {
911
912 case TCPS_CLOSED:
913 case TCPS_LISTEN:
914 case TCPS_SYN_SENT:
915 tp->t_state = TCPS_CLOSED;
916 tp = tcp_close(tp);
917 break;
918
919 case TCPS_SYN_RECEIVED:
920 case TCPS_ESTABLISHED:
921 tp->t_state = TCPS_FIN_WAIT_1;
922 break;
923
924 case TCPS_CLOSE_WAIT:
925 tp->t_state = TCPS_LAST_ACK;
926 break;
927 }
928 if (tp && tp->t_state >= TCPS_FIN_WAIT_2) {
929 struct socket *so;
930 if (tp->t_inpcb)
931 so = tp->t_inpcb->inp_socket;
932 #ifdef INET6
933 else if (tp->t_in6pcb)
934 so = tp->t_in6pcb->in6p_socket;
935 #endif
936 else
937 so = NULL;
938 if (so)
939 soisdisconnected(so);
940 /*
941 * If we are in FIN_WAIT_2, we arrived here because the
942 * application did a shutdown of the send side. Like the
943 * case of a transition from FIN_WAIT_1 to FIN_WAIT_2 after
944 * a full close, we start a timer to make sure sockets are
945 * not left in FIN_WAIT_2 forever.
946 */
947 if ((tp->t_state == TCPS_FIN_WAIT_2) && (tcp_maxidle > 0))
948 TCP_TIMER_ARM(tp, TCPT_2MSL, tcp_maxidle);
949 }
950 return (tp);
951 }
952
953 /*
954 * sysctl helper routine for net.inet.ip.mssdflt. it can't be less
955 * than 32.
956 */
957 static int
958 sysctl_net_inet_tcp_mssdflt(SYSCTLFN_ARGS)
959 {
960 int error, mssdflt;
961 struct sysctlnode node;
962
963 mssdflt = tcp_mssdflt;
964 node = *rnode;
965 node.sysctl_data = &mssdflt;
966 error = sysctl_lookup(SYSCTLFN_CALL(&node));
967 if (error || newp == NULL)
968 return (error);
969
970 if (mssdflt < 32)
971 return (EINVAL);
972 tcp_mssdflt = mssdflt;
973
974 return (0);
975 }
976
977 /*
978 * sysctl helper routine for setting port related values under
979 * net.inet.ip and net.inet6.ip6. does basic range checking and does
980 * additional checks for each type. this code has placed in
981 * tcp_input.c since INET and INET6 both use the same tcp code.
982 *
983 * this helper is not static so that both inet and inet6 can use it.
984 */
985 int
986 sysctl_net_inet_ip_ports(SYSCTLFN_ARGS)
987 {
988 int error, tmp;
989 int apmin, apmax;
990 #ifndef IPNOPRIVPORTS
991 int lpmin, lpmax;
992 #endif /* IPNOPRIVPORTS */
993 struct sysctlnode node;
994
995 if (namelen != 0)
996 return (EINVAL);
997
998 switch (name[-3]) {
999 #ifdef INET
1000 case PF_INET:
1001 apmin = anonportmin;
1002 apmax = anonportmax;
1003 #ifndef IPNOPRIVPORTS
1004 lpmin = lowportmin;
1005 lpmax = lowportmax;
1006 #endif /* IPNOPRIVPORTS */
1007 break;
1008 #endif /* INET */
1009 #ifdef INET6
1010 case PF_INET6:
1011 apmin = ip6_anonportmin;
1012 apmax = ip6_anonportmax;
1013 #ifndef IPNOPRIVPORTS
1014 lpmin = ip6_lowportmin;
1015 lpmax = ip6_lowportmax;
1016 #endif /* IPNOPRIVPORTS */
1017 break;
1018 #endif /* INET6 */
1019 default:
1020 return (EINVAL);
1021 }
1022
1023 /*
1024 * insert temporary copy into node, perform lookup on
1025 * temporary, then restore pointer
1026 */
1027 node = *rnode;
1028 tmp = *(int*)rnode->sysctl_data;
1029 node.sysctl_data = &tmp;
1030 error = sysctl_lookup(SYSCTLFN_CALL(&node));
1031 if (error || newp == NULL)
1032 return (error);
1033
1034 /*
1035 * simple port range check
1036 */
1037 if (tmp < 0 || tmp > 65535)
1038 return (EINVAL);
1039
1040 /*
1041 * per-node range checks
1042 */
1043 switch (rnode->sysctl_num) {
1044 case IPCTL_ANONPORTMIN:
1045 if (tmp >= apmax)
1046 return (EINVAL);
1047 #ifndef IPNOPRIVPORTS
1048 if (tmp < IPPORT_RESERVED)
1049 return (EINVAL);
1050 #endif /* IPNOPRIVPORTS */
1051 break;
1052
1053 case IPCTL_ANONPORTMAX:
1054 if (apmin >= tmp)
1055 return (EINVAL);
1056 #ifndef IPNOPRIVPORTS
1057 if (tmp < IPPORT_RESERVED)
1058 return (EINVAL);
1059 #endif /* IPNOPRIVPORTS */
1060 break;
1061
1062 #ifndef IPNOPRIVPORTS
1063 case IPCTL_LOWPORTMIN:
1064 if (tmp >= lpmax ||
1065 tmp > IPPORT_RESERVEDMAX ||
1066 tmp < IPPORT_RESERVEDMIN)
1067 return (EINVAL);
1068 break;
1069
1070 case IPCTL_LOWPORTMAX:
1071 if (lpmin >= tmp ||
1072 tmp > IPPORT_RESERVEDMAX ||
1073 tmp < IPPORT_RESERVEDMIN)
1074 return (EINVAL);
1075 break;
1076 #endif /* IPNOPRIVPORTS */
1077
1078 default:
1079 return (EINVAL);
1080 }
1081
1082 *(int*)rnode->sysctl_data = tmp;
1083
1084 return (0);
1085 }
1086
1087 /*
1088 * The superuser can drop any connection. Normal users can only drop
1089 * their own connections.
1090 */
1091 static inline int
1092 check_sockuid(struct socket *sockp, kauth_cred_t cred)
1093 {
1094 uid_t sockuid;
1095
1096 sockuid = sockp->so_uidinfo->ui_uid;
1097 if (kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL) == 0 ||
1098 sockuid == kauth_cred_getuid(cred) ||
1099 sockuid == kauth_cred_geteuid(cred))
1100 return 0;
1101 return EACCES;
1102 }
1103
1104 static inline int
1105 copyout_uid(struct socket *sockp, void *oldp, size_t *oldlenp)
1106 {
1107 size_t sz;
1108 int error;
1109 uid_t uid;
1110
1111 uid = sockp->so_uidinfo->ui_uid;
1112 if (oldp) {
1113 sz = MIN(sizeof(uid), *oldlenp);
1114 error = copyout(&uid, oldp, sz);
1115 if (error)
1116 return error;
1117 }
1118 *oldlenp = sizeof(uid);
1119 return 0;
1120 }
1121
1122 static inline int
1123 inet4_ident_core(struct in_addr raddr, u_int rport,
1124 struct in_addr laddr, u_int lport,
1125 void *oldp, size_t *oldlenp,
1126 struct lwp *l, int dodrop)
1127 {
1128 struct inpcb *inp;
1129 struct socket *sockp;
1130
1131 inp = in_pcblookup_connect(&tcbtable, raddr, rport, laddr, lport);
1132
1133 if (inp == NULL || (sockp = inp->inp_socket) == NULL)
1134 return ESRCH;
1135
1136 if (dodrop) {
1137 struct tcpcb *tp;
1138
1139 if (inp == NULL || (tp = intotcpcb(inp)) == NULL ||
1140 (inp->inp_socket->so_options & SO_ACCEPTCONN) != 0)
1141 return ESRCH;
1142
1143 if (check_sockuid(inp->inp_socket, l->l_cred) != 0)
1144 return EACCES;
1145
1146 (void)tcp_drop(tp, ECONNABORTED);
1147 return 0;
1148 }
1149 else
1150 return copyout_uid(sockp, oldp, oldlenp);
1151 }
1152
1153 #ifdef INET6
1154 static inline int
1155 inet6_ident_core(struct in6_addr *raddr, u_int rport,
1156 struct in6_addr *laddr, u_int lport,
1157 void *oldp, size_t *oldlenp,
1158 struct lwp *l, int dodrop)
1159 {
1160 struct in6pcb *in6p;
1161 struct socket *sockp;
1162
1163 in6p = in6_pcblookup_connect(&tcbtable, raddr, rport, laddr, lport, 0);
1164
1165 if (in6p == NULL || (sockp = in6p->in6p_socket) == NULL)
1166 return ESRCH;
1167
1168 if (dodrop) {
1169 struct tcpcb *tp;
1170
1171 if (in6p == NULL || (tp = in6totcpcb(in6p)) == NULL ||
1172 (in6p->in6p_socket->so_options & SO_ACCEPTCONN) != 0)
1173 return ESRCH;
1174
1175 if (check_sockuid(in6p->in6p_socket, l->l_cred) != 0)
1176 return EACCES;
1177
1178 (void)tcp_drop(tp, ECONNABORTED);
1179 return 0;
1180 }
1181 else
1182 return copyout_uid(sockp, oldp, oldlenp);
1183 }
1184 #endif
1185
1186 /*
1187 * sysctl helper routine for the net.inet.tcp.drop and
1188 * net.inet6.tcp6.drop nodes.
1189 */
1190 #define sysctl_net_inet_tcp_drop sysctl_net_inet_tcp_ident
1191
1192 /*
1193 * sysctl helper routine for the net.inet.tcp.ident and
1194 * net.inet6.tcp6.ident nodes. contains backwards compat code for the
1195 * old way of looking up the ident information for ipv4 which involves
1196 * stuffing the port/addr pairs into the mib lookup.
1197 */
1198 static int
1199 sysctl_net_inet_tcp_ident(SYSCTLFN_ARGS)
1200 {
1201 #ifdef INET
1202 struct sockaddr_in *si4[2];
1203 #endif /* INET */
1204 #ifdef INET6
1205 struct sockaddr_in6 *si6[2];
1206 #endif /* INET6 */
1207 struct sockaddr_storage sa[2];
1208 int error, pf, dodrop, s;
1209
1210 dodrop = name[-1] == TCPCTL_DROP;
1211 if (dodrop) {
1212 if (oldp != NULL || *oldlenp != 0)
1213 return EINVAL;
1214 if (newp == NULL)
1215 return EPERM;
1216 if (newlen < sizeof(sa))
1217 return ENOMEM;
1218 }
1219 if (namelen != 4 && namelen != 0)
1220 return EINVAL;
1221 if (name[-2] != IPPROTO_TCP)
1222 return EINVAL;
1223 pf = name[-3];
1224
1225 /* old style lookup, ipv4 only */
1226 if (namelen == 4) {
1227 #ifdef INET
1228 struct in_addr laddr, raddr;
1229 u_int lport, rport;
1230
1231 if (pf != PF_INET)
1232 return EPROTONOSUPPORT;
1233 raddr.s_addr = (uint32_t)name[0];
1234 rport = (u_int)name[1];
1235 laddr.s_addr = (uint32_t)name[2];
1236 lport = (u_int)name[3];
1237
1238 s = splsoftnet();
1239 error = inet4_ident_core(raddr, rport, laddr, lport,
1240 oldp, oldlenp, l, dodrop);
1241 splx(s);
1242 return error;
1243 #else /* INET */
1244 return EINVAL;
1245 #endif /* INET */
1246 }
1247
1248 if (newp == NULL || newlen != sizeof(sa))
1249 return EINVAL;
1250 error = copyin(newp, &sa, newlen);
1251 if (error)
1252 return error;
1253
1254 /*
1255 * requested families must match
1256 */
1257 if (pf != sa[0].ss_family || sa[0].ss_family != sa[1].ss_family)
1258 return EINVAL;
1259
1260 switch (pf) {
1261 #ifdef INET
1262 case PF_INET:
1263 si4[0] = (struct sockaddr_in*)&sa[0];
1264 si4[1] = (struct sockaddr_in*)&sa[1];
1265 if (si4[0]->sin_len != sizeof(*si4[0]) ||
1266 si4[0]->sin_len != si4[1]->sin_len)
1267 return EINVAL;
1268
1269 s = splsoftnet();
1270 error = inet4_ident_core(si4[0]->sin_addr, si4[0]->sin_port,
1271 si4[1]->sin_addr, si4[1]->sin_port,
1272 oldp, oldlenp, l, dodrop);
1273 splx(s);
1274 return error;
1275 #endif /* INET */
1276 #ifdef INET6
1277 case PF_INET6:
1278 si6[0] = (struct sockaddr_in6*)&sa[0];
1279 si6[1] = (struct sockaddr_in6*)&sa[1];
1280 if (si6[0]->sin6_len != sizeof(*si6[0]) ||
1281 si6[0]->sin6_len != si6[1]->sin6_len)
1282 return EINVAL;
1283
1284 s = splsoftnet();
1285 error = inet6_ident_core(&si6[0]->sin6_addr, si6[0]->sin6_port,
1286 &si6[1]->sin6_addr, si6[1]->sin6_port,
1287 oldp, oldlenp, l, dodrop);
1288 splx(s);
1289 return error;
1290 #endif /* INET6 */
1291 default:
1292 return EPROTONOSUPPORT;
1293 }
1294 /* NOTREACHED */
1295 }
1296
1297 /*
1298 * sysctl helper for the inet and inet6 pcblists. handles tcp/udp and
1299 * inet/inet6, as well as raw pcbs for each. specifically not
1300 * declared static so that raw sockets and udp/udp6 can use it as
1301 * well.
1302 */
1303 int
1304 sysctl_inpcblist(SYSCTLFN_ARGS)
1305 {
1306 #ifdef INET
1307 struct sockaddr_in *in;
1308 const struct inpcb *inp;
1309 #endif
1310 #ifdef INET6
1311 struct sockaddr_in6 *in6;
1312 const struct in6pcb *in6p;
1313 #endif
1314 /*
1315 * sysctl_data is const, but CIRCLEQ_FOREACH can't use a const
1316 * struct inpcbtable pointer, so we have to discard const. :-/
1317 */
1318 struct inpcbtable *pcbtbl = __UNCONST(rnode->sysctl_data);
1319 const struct inpcb_hdr *inph;
1320 struct tcpcb *tp;
1321 struct kinfo_pcb pcb;
1322 char *dp;
1323 u_int op, arg;
1324 size_t len, needed, elem_size, out_size;
1325 int error, elem_count, pf, proto, pf2;
1326 int s;
1327
1328 if (namelen != 4)
1329 return (EINVAL);
1330
1331 if (oldp != NULL) {
1332 len = *oldlenp;
1333 elem_size = name[2];
1334 elem_count = name[3];
1335 if (elem_size != sizeof(pcb))
1336 return EINVAL;
1337 } else {
1338 len = 0;
1339 elem_count = INT_MAX;
1340 elem_size = sizeof(pcb);
1341 }
1342 error = 0;
1343 dp = oldp;
1344 op = name[0];
1345 arg = name[1];
1346 out_size = elem_size;
1347 needed = 0;
1348
1349 if (namelen == 1 && name[0] == CTL_QUERY)
1350 return (sysctl_query(SYSCTLFN_CALL(rnode)));
1351
1352 if (name - oname != 4)
1353 return (EINVAL);
1354
1355 pf = oname[1];
1356 proto = oname[2];
1357 pf2 = (oldp != NULL) ? pf : 0;
1358
1359 s = splnet();
1360 CIRCLEQ_FOREACH(inph, &pcbtbl->inpt_queue, inph_queue) {
1361 #ifdef INET
1362 inp = (const struct inpcb *)inph;
1363 #endif
1364 #ifdef INET6
1365 in6p = (const struct in6pcb *)inph;
1366 #endif
1367
1368 if (inph->inph_af != pf)
1369 continue;
1370
1371 if (kauth_authorize_network(l->l_cred, KAUTH_NETWORK_SOCKET,
1372 KAUTH_REQ_NETWORK_SOCKET_CANSEE, inph->inph_socket, NULL,
1373 NULL) != 0)
1374 continue;
1375
1376 memset(&pcb, 0, sizeof(pcb));
1377
1378 pcb.ki_family = pf;
1379 pcb.ki_type = proto;
1380
1381 switch (pf2) {
1382 case 0:
1383 /* just probing for size */
1384 break;
1385 #ifdef INET
1386 case PF_INET:
1387 pcb.ki_family = inp->inp_socket->so_proto->
1388 pr_domain->dom_family;
1389 pcb.ki_type = inp->inp_socket->so_proto->
1390 pr_type;
1391 pcb.ki_protocol = inp->inp_socket->so_proto->
1392 pr_protocol;
1393 pcb.ki_pflags = inp->inp_flags;
1394
1395 pcb.ki_sostate = inp->inp_socket->so_state;
1396 pcb.ki_prstate = inp->inp_state;
1397 if (proto == IPPROTO_TCP) {
1398 tp = intotcpcb(inp);
1399 pcb.ki_tstate = tp->t_state;
1400 pcb.ki_tflags = tp->t_flags;
1401 }
1402
1403 pcb.ki_pcbaddr = PTRTOUINT64(inp);
1404 pcb.ki_ppcbaddr = PTRTOUINT64(inp->inp_ppcb);
1405 pcb.ki_sockaddr = PTRTOUINT64(inp->inp_socket);
1406
1407 pcb.ki_rcvq = inp->inp_socket->so_rcv.sb_cc;
1408 pcb.ki_sndq = inp->inp_socket->so_snd.sb_cc;
1409
1410 in = satosin(&pcb.ki_src);
1411 in->sin_len = sizeof(*in);
1412 in->sin_family = pf;
1413 in->sin_port = inp->inp_lport;
1414 in->sin_addr = inp->inp_laddr;
1415 if (pcb.ki_prstate >= INP_CONNECTED) {
1416 in = satosin(&pcb.ki_dst);
1417 in->sin_len = sizeof(*in);
1418 in->sin_family = pf;
1419 in->sin_port = inp->inp_fport;
1420 in->sin_addr = inp->inp_faddr;
1421 }
1422 break;
1423 #endif
1424 #ifdef INET6
1425 case PF_INET6:
1426 pcb.ki_family = in6p->in6p_socket->so_proto->
1427 pr_domain->dom_family;
1428 pcb.ki_type = in6p->in6p_socket->so_proto->pr_type;
1429 pcb.ki_protocol = in6p->in6p_socket->so_proto->
1430 pr_protocol;
1431 pcb.ki_pflags = in6p->in6p_flags;
1432
1433 pcb.ki_sostate = in6p->in6p_socket->so_state;
1434 pcb.ki_prstate = in6p->in6p_state;
1435 if (proto == IPPROTO_TCP) {
1436 tp = in6totcpcb(in6p);
1437 pcb.ki_tstate = tp->t_state;
1438 pcb.ki_tflags = tp->t_flags;
1439 }
1440
1441 pcb.ki_pcbaddr = PTRTOUINT64(in6p);
1442 pcb.ki_ppcbaddr = PTRTOUINT64(in6p->in6p_ppcb);
1443 pcb.ki_sockaddr = PTRTOUINT64(in6p->in6p_socket);
1444
1445 pcb.ki_rcvq = in6p->in6p_socket->so_rcv.sb_cc;
1446 pcb.ki_sndq = in6p->in6p_socket->so_snd.sb_cc;
1447
1448 in6 = satosin6(&pcb.ki_src);
1449 in6->sin6_len = sizeof(*in6);
1450 in6->sin6_family = pf;
1451 in6->sin6_port = in6p->in6p_lport;
1452 in6->sin6_flowinfo = in6p->in6p_flowinfo;
1453 in6->sin6_addr = in6p->in6p_laddr;
1454 in6->sin6_scope_id = 0; /* XXX? */
1455
1456 if (pcb.ki_prstate >= IN6P_CONNECTED) {
1457 in6 = satosin6(&pcb.ki_dst);
1458 in6->sin6_len = sizeof(*in6);
1459 in6->sin6_family = pf;
1460 in6->sin6_port = in6p->in6p_fport;
1461 in6->sin6_flowinfo = in6p->in6p_flowinfo;
1462 in6->sin6_addr = in6p->in6p_faddr;
1463 in6->sin6_scope_id = 0; /* XXX? */
1464 }
1465 break;
1466 #endif
1467 }
1468
1469 if (len >= elem_size && elem_count > 0) {
1470 error = copyout(&pcb, dp, out_size);
1471 if (error)
1472 return (error);
1473 dp += elem_size;
1474 len -= elem_size;
1475 }
1476 if (elem_count > 0) {
1477 needed += elem_size;
1478 if (elem_count != INT_MAX)
1479 elem_count--;
1480 }
1481 }
1482 splx(s);
1483
1484 *oldlenp = needed;
1485 if (oldp == NULL)
1486 *oldlenp += PCB_SLOP * sizeof(struct kinfo_pcb);
1487
1488 return (error);
1489 }
1490
1491 static int
1492 sysctl_tcp_congctl(SYSCTLFN_ARGS)
1493 {
1494 struct sysctlnode node;
1495 int error, r;
1496 char newname[TCPCC_MAXLEN];
1497
1498 strlcpy(newname, tcp_congctl_global_name, sizeof(newname) - 1);
1499
1500 node = *rnode;
1501 node.sysctl_data = newname;
1502 node.sysctl_size = sizeof(newname);
1503
1504 error = sysctl_lookup(SYSCTLFN_CALL(&node));
1505
1506 if (error ||
1507 newp == NULL ||
1508 strncmp(newname, tcp_congctl_global_name, sizeof(newname)) == 0)
1509 return error;
1510
1511 if ((r = tcp_congctl_select(NULL, newname)))
1512 return r;
1513
1514 return error;
1515 }
1516
1517 /*
1518 * this (second stage) setup routine is a replacement for tcp_sysctl()
1519 * (which is currently used for ipv4 and ipv6)
1520 */
1521 static void
1522 sysctl_net_inet_tcp_setup2(struct sysctllog **clog, int pf, const char *pfname,
1523 const char *tcpname)
1524 {
1525 const struct sysctlnode *sack_node;
1526 const struct sysctlnode *abc_node;
1527 const struct sysctlnode *ecn_node;
1528 const struct sysctlnode *congctl_node;
1529 #ifdef TCP_DEBUG
1530 extern struct tcp_debug tcp_debug[TCP_NDEBUG];
1531 extern int tcp_debx;
1532 #endif
1533
1534 sysctl_createv(clog, 0, NULL, NULL,
1535 CTLFLAG_PERMANENT,
1536 CTLTYPE_NODE, "net", NULL,
1537 NULL, 0, NULL, 0,
1538 CTL_NET, CTL_EOL);
1539 sysctl_createv(clog, 0, NULL, NULL,
1540 CTLFLAG_PERMANENT,
1541 CTLTYPE_NODE, pfname, NULL,
1542 NULL, 0, NULL, 0,
1543 CTL_NET, pf, CTL_EOL);
1544 sysctl_createv(clog, 0, NULL, NULL,
1545 CTLFLAG_PERMANENT,
1546 CTLTYPE_NODE, tcpname,
1547 SYSCTL_DESCR("TCP related settings"),
1548 NULL, 0, NULL, 0,
1549 CTL_NET, pf, IPPROTO_TCP, CTL_EOL);
1550
1551 sysctl_createv(clog, 0, NULL, NULL,
1552 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1553 CTLTYPE_INT, "rfc1323",
1554 SYSCTL_DESCR("Enable RFC1323 TCP extensions"),
1555 NULL, 0, &tcp_do_rfc1323, 0,
1556 CTL_NET, pf, IPPROTO_TCP, TCPCTL_RFC1323, CTL_EOL);
1557 sysctl_createv(clog, 0, NULL, NULL,
1558 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1559 CTLTYPE_INT, "sendspace",
1560 SYSCTL_DESCR("Default TCP send buffer size"),
1561 NULL, 0, &tcp_sendspace, 0,
1562 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SENDSPACE, CTL_EOL);
1563 sysctl_createv(clog, 0, NULL, NULL,
1564 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1565 CTLTYPE_INT, "recvspace",
1566 SYSCTL_DESCR("Default TCP receive buffer size"),
1567 NULL, 0, &tcp_recvspace, 0,
1568 CTL_NET, pf, IPPROTO_TCP, TCPCTL_RECVSPACE, CTL_EOL);
1569 sysctl_createv(clog, 0, NULL, NULL,
1570 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1571 CTLTYPE_INT, "mssdflt",
1572 SYSCTL_DESCR("Default maximum segment size"),
1573 sysctl_net_inet_tcp_mssdflt, 0, &tcp_mssdflt, 0,
1574 CTL_NET, pf, IPPROTO_TCP, TCPCTL_MSSDFLT, CTL_EOL);
1575 sysctl_createv(clog, 0, NULL, NULL,
1576 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1577 CTLTYPE_INT, "syn_cache_limit",
1578 SYSCTL_DESCR("Maximum number of entries in the TCP "
1579 "compressed state engine"),
1580 NULL, 0, &tcp_syn_cache_limit, 0,
1581 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SYN_CACHE_LIMIT,
1582 CTL_EOL);
1583 sysctl_createv(clog, 0, NULL, NULL,
1584 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1585 CTLTYPE_INT, "syn_bucket_limit",
1586 SYSCTL_DESCR("Maximum number of entries per hash "
1587 "bucket in the TCP compressed state "
1588 "engine"),
1589 NULL, 0, &tcp_syn_bucket_limit, 0,
1590 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SYN_BUCKET_LIMIT,
1591 CTL_EOL);
1592 #if 0 /* obsoleted */
1593 sysctl_createv(clog, 0, NULL, NULL,
1594 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1595 CTLTYPE_INT, "syn_cache_interval",
1596 SYSCTL_DESCR("TCP compressed state engine's timer interval"),
1597 NULL, 0, &tcp_syn_cache_interval, 0,
1598 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SYN_CACHE_INTER,
1599 CTL_EOL);
1600 #endif
1601 sysctl_createv(clog, 0, NULL, NULL,
1602 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1603 CTLTYPE_INT, "init_win",
1604 SYSCTL_DESCR("Initial TCP congestion window"),
1605 NULL, 0, &tcp_init_win, 0,
1606 CTL_NET, pf, IPPROTO_TCP, TCPCTL_INIT_WIN, CTL_EOL);
1607 sysctl_createv(clog, 0, NULL, NULL,
1608 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1609 CTLTYPE_INT, "mss_ifmtu",
1610 SYSCTL_DESCR("Use interface MTU for calculating MSS"),
1611 NULL, 0, &tcp_mss_ifmtu, 0,
1612 CTL_NET, pf, IPPROTO_TCP, TCPCTL_MSS_IFMTU, CTL_EOL);
1613 sysctl_createv(clog, 0, NULL, &sack_node,
1614 CTLFLAG_PERMANENT,
1615 CTLTYPE_NODE, "sack",
1616 SYSCTL_DESCR("RFC2018 Selective ACKnowledgement tunables"),
1617 NULL, 0, NULL, 0,
1618 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SACK, CTL_EOL);
1619
1620 /* Congctl subtree */
1621 sysctl_createv(clog, 0, NULL, &congctl_node,
1622 CTLFLAG_PERMANENT,
1623 CTLTYPE_NODE, "congctl",
1624 SYSCTL_DESCR("TCP Congestion Control"),
1625 NULL, 0, NULL, 0,
1626 CTL_NET, pf, IPPROTO_TCP, CTL_CREATE, CTL_EOL);
1627 sysctl_createv(clog, 0, &congctl_node, NULL,
1628 CTLFLAG_PERMANENT,
1629 CTLTYPE_STRING, "available",
1630 SYSCTL_DESCR("Available Congestion Control Mechanisms"),
1631 NULL, 0, &tcp_congctl_avail, 0, CTL_CREATE, CTL_EOL);
1632 sysctl_createv(clog, 0, &congctl_node, NULL,
1633 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1634 CTLTYPE_STRING, "selected",
1635 SYSCTL_DESCR("Selected Congestion Control Mechanism"),
1636 sysctl_tcp_congctl, 0, NULL, TCPCC_MAXLEN,
1637 CTL_CREATE, CTL_EOL);
1638
1639 sysctl_createv(clog, 0, NULL, NULL,
1640 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1641 CTLTYPE_INT, "win_scale",
1642 SYSCTL_DESCR("Use RFC1323 window scale options"),
1643 NULL, 0, &tcp_do_win_scale, 0,
1644 CTL_NET, pf, IPPROTO_TCP, TCPCTL_WSCALE, CTL_EOL);
1645 sysctl_createv(clog, 0, NULL, NULL,
1646 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1647 CTLTYPE_INT, "timestamps",
1648 SYSCTL_DESCR("Use RFC1323 time stamp options"),
1649 NULL, 0, &tcp_do_timestamps, 0,
1650 CTL_NET, pf, IPPROTO_TCP, TCPCTL_TSTAMP, CTL_EOL);
1651 sysctl_createv(clog, 0, NULL, NULL,
1652 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1653 CTLTYPE_INT, "compat_42",
1654 SYSCTL_DESCR("Enable workarounds for 4.2BSD TCP bugs"),
1655 NULL, 0, &tcp_compat_42, 0,
1656 CTL_NET, pf, IPPROTO_TCP, TCPCTL_COMPAT_42, CTL_EOL);
1657 sysctl_createv(clog, 0, NULL, NULL,
1658 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1659 CTLTYPE_INT, "cwm",
1660 SYSCTL_DESCR("Hughes/Touch/Heidemann Congestion Window "
1661 "Monitoring"),
1662 NULL, 0, &tcp_cwm, 0,
1663 CTL_NET, pf, IPPROTO_TCP, TCPCTL_CWM, CTL_EOL);
1664 sysctl_createv(clog, 0, NULL, NULL,
1665 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1666 CTLTYPE_INT, "cwm_burstsize",
1667 SYSCTL_DESCR("Congestion Window Monitoring allowed "
1668 "burst count in packets"),
1669 NULL, 0, &tcp_cwm_burstsize, 0,
1670 CTL_NET, pf, IPPROTO_TCP, TCPCTL_CWM_BURSTSIZE,
1671 CTL_EOL);
1672 sysctl_createv(clog, 0, NULL, NULL,
1673 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1674 CTLTYPE_INT, "ack_on_push",
1675 SYSCTL_DESCR("Immediately return ACK when PSH is "
1676 "received"),
1677 NULL, 0, &tcp_ack_on_push, 0,
1678 CTL_NET, pf, IPPROTO_TCP, TCPCTL_ACK_ON_PUSH, CTL_EOL);
1679 sysctl_createv(clog, 0, NULL, NULL,
1680 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1681 CTLTYPE_INT, "keepidle",
1682 SYSCTL_DESCR("Allowed connection idle ticks before a "
1683 "keepalive probe is sent"),
1684 NULL, 0, &tcp_keepidle, 0,
1685 CTL_NET, pf, IPPROTO_TCP, TCPCTL_KEEPIDLE, CTL_EOL);
1686 sysctl_createv(clog, 0, NULL, NULL,
1687 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1688 CTLTYPE_INT, "keepintvl",
1689 SYSCTL_DESCR("Ticks before next keepalive probe is sent"),
1690 NULL, 0, &tcp_keepintvl, 0,
1691 CTL_NET, pf, IPPROTO_TCP, TCPCTL_KEEPINTVL, CTL_EOL);
1692 sysctl_createv(clog, 0, NULL, NULL,
1693 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1694 CTLTYPE_INT, "keepcnt",
1695 SYSCTL_DESCR("Number of keepalive probes to send"),
1696 NULL, 0, &tcp_keepcnt, 0,
1697 CTL_NET, pf, IPPROTO_TCP, TCPCTL_KEEPCNT, CTL_EOL);
1698 sysctl_createv(clog, 0, NULL, NULL,
1699 CTLFLAG_PERMANENT|CTLFLAG_IMMEDIATE,
1700 CTLTYPE_INT, "slowhz",
1701 SYSCTL_DESCR("Keepalive ticks per second"),
1702 NULL, PR_SLOWHZ, NULL, 0,
1703 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SLOWHZ, CTL_EOL);
1704 sysctl_createv(clog, 0, NULL, NULL,
1705 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1706 CTLTYPE_INT, "log_refused",
1707 SYSCTL_DESCR("Log refused TCP connections"),
1708 NULL, 0, &tcp_log_refused, 0,
1709 CTL_NET, pf, IPPROTO_TCP, TCPCTL_LOG_REFUSED, CTL_EOL);
1710 #if 0 /* obsoleted */
1711 sysctl_createv(clog, 0, NULL, NULL,
1712 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1713 CTLTYPE_INT, "rstratelimit", NULL,
1714 NULL, 0, &tcp_rst_ratelim, 0,
1715 CTL_NET, pf, IPPROTO_TCP, TCPCTL_RSTRATELIMIT, CTL_EOL);
1716 #endif
1717 sysctl_createv(clog, 0, NULL, NULL,
1718 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1719 CTLTYPE_INT, "rstppslimit",
1720 SYSCTL_DESCR("Maximum number of RST packets to send "
1721 "per second"),
1722 NULL, 0, &tcp_rst_ppslim, 0,
1723 CTL_NET, pf, IPPROTO_TCP, TCPCTL_RSTPPSLIMIT, CTL_EOL);
1724 sysctl_createv(clog, 0, NULL, NULL,
1725 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1726 CTLTYPE_INT, "delack_ticks",
1727 SYSCTL_DESCR("Number of ticks to delay sending an ACK"),
1728 NULL, 0, &tcp_delack_ticks, 0,
1729 CTL_NET, pf, IPPROTO_TCP, TCPCTL_DELACK_TICKS, CTL_EOL);
1730 sysctl_createv(clog, 0, NULL, NULL,
1731 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1732 CTLTYPE_INT, "init_win_local",
1733 SYSCTL_DESCR("Initial TCP window size (in segments)"),
1734 NULL, 0, &tcp_init_win_local, 0,
1735 CTL_NET, pf, IPPROTO_TCP, TCPCTL_INIT_WIN_LOCAL,
1736 CTL_EOL);
1737 sysctl_createv(clog, 0, NULL, NULL,
1738 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1739 CTLTYPE_STRUCT, "ident",
1740 SYSCTL_DESCR("RFC1413 Identification Protocol lookups"),
1741 sysctl_net_inet_tcp_ident, 0, NULL, sizeof(uid_t),
1742 CTL_NET, pf, IPPROTO_TCP, TCPCTL_IDENT, CTL_EOL);
1743 sysctl_createv(clog, 0, NULL, NULL,
1744 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1745 CTLTYPE_INT, "do_loopback_cksum",
1746 SYSCTL_DESCR("Perform TCP checksum on loopback"),
1747 NULL, 0, &tcp_do_loopback_cksum, 0,
1748 CTL_NET, pf, IPPROTO_TCP, TCPCTL_LOOPBACKCKSUM,
1749 CTL_EOL);
1750 sysctl_createv(clog, 0, NULL, NULL,
1751 CTLFLAG_PERMANENT,
1752 CTLTYPE_STRUCT, "pcblist",
1753 SYSCTL_DESCR("TCP protocol control block list"),
1754 sysctl_inpcblist, 0, &tcbtable, 0,
1755 CTL_NET, pf, IPPROTO_TCP, CTL_CREATE,
1756 CTL_EOL);
1757
1758 /* ECN subtree */
1759 sysctl_createv(clog, 0, NULL, &ecn_node,
1760 CTLFLAG_PERMANENT,
1761 CTLTYPE_NODE, "ecn",
1762 SYSCTL_DESCR("RFC3168 Explicit Congestion Notification"),
1763 NULL, 0, NULL, 0,
1764 CTL_NET, pf, IPPROTO_TCP, CTL_CREATE, CTL_EOL);
1765 sysctl_createv(clog, 0, &ecn_node, NULL,
1766 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1767 CTLTYPE_INT, "enable",
1768 SYSCTL_DESCR("Enable TCP Explicit Congestion "
1769 "Notification"),
1770 NULL, 0, &tcp_do_ecn, 0, CTL_CREATE, CTL_EOL);
1771 sysctl_createv(clog, 0, &ecn_node, NULL,
1772 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1773 CTLTYPE_INT, "maxretries",
1774 SYSCTL_DESCR("Number of times to retry ECN setup "
1775 "before disabling ECN on the connection"),
1776 NULL, 0, &tcp_ecn_maxretries, 0, CTL_CREATE, CTL_EOL);
1777
1778 /* SACK gets it's own little subtree. */
1779 sysctl_createv(clog, 0, NULL, &sack_node,
1780 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1781 CTLTYPE_INT, "enable",
1782 SYSCTL_DESCR("Enable RFC2018 Selective ACKnowledgement"),
1783 NULL, 0, &tcp_do_sack, 0,
1784 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SACK, CTL_CREATE, CTL_EOL);
1785 sysctl_createv(clog, 0, NULL, &sack_node,
1786 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1787 CTLTYPE_INT, "maxholes",
1788 SYSCTL_DESCR("Maximum number of TCP SACK holes allowed per connection"),
1789 NULL, 0, &tcp_sack_tp_maxholes, 0,
1790 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SACK, CTL_CREATE, CTL_EOL);
1791 sysctl_createv(clog, 0, NULL, &sack_node,
1792 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1793 CTLTYPE_INT, "globalmaxholes",
1794 SYSCTL_DESCR("Global maximum number of TCP SACK holes"),
1795 NULL, 0, &tcp_sack_globalmaxholes, 0,
1796 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SACK, CTL_CREATE, CTL_EOL);
1797 sysctl_createv(clog, 0, NULL, &sack_node,
1798 CTLFLAG_PERMANENT,
1799 CTLTYPE_INT, "globalholes",
1800 SYSCTL_DESCR("Global number of TCP SACK holes"),
1801 NULL, 0, &tcp_sack_globalholes, 0,
1802 CTL_NET, pf, IPPROTO_TCP, TCPCTL_SACK, CTL_CREATE, CTL_EOL);
1803
1804 sysctl_createv(clog, 0, NULL, NULL,
1805 CTLFLAG_PERMANENT,
1806 CTLTYPE_STRUCT, "stats",
1807 SYSCTL_DESCR("TCP statistics"),
1808 NULL, 0, &tcpstat, sizeof(tcpstat),
1809 CTL_NET, pf, IPPROTO_TCP, TCPCTL_STATS,
1810 CTL_EOL);
1811 #ifdef TCP_DEBUG
1812 sysctl_createv(clog, 0, NULL, NULL,
1813 CTLFLAG_PERMANENT,
1814 CTLTYPE_STRUCT, "debug",
1815 SYSCTL_DESCR("TCP sockets debug information"),
1816 NULL, 0, &tcp_debug, sizeof(tcp_debug),
1817 CTL_NET, pf, IPPROTO_TCP, TCPCTL_DEBUG,
1818 CTL_EOL);
1819 sysctl_createv(clog, 0, NULL, NULL,
1820 CTLFLAG_PERMANENT,
1821 CTLTYPE_INT, "debx",
1822 SYSCTL_DESCR("Number of TCP debug sockets messages"),
1823 NULL, 0, &tcp_debx, sizeof(tcp_debx),
1824 CTL_NET, pf, IPPROTO_TCP, TCPCTL_DEBX,
1825 CTL_EOL);
1826 #endif
1827 sysctl_createv(clog, 0, NULL, NULL,
1828 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1829 CTLTYPE_STRUCT, "drop",
1830 SYSCTL_DESCR("TCP drop connection"),
1831 sysctl_net_inet_tcp_drop, 0, NULL, 0,
1832 CTL_NET, pf, IPPROTO_TCP, TCPCTL_DROP, CTL_EOL);
1833 #if NRND > 0
1834 sysctl_createv(clog, 0, NULL, NULL,
1835 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1836 CTLTYPE_INT, "iss_hash",
1837 SYSCTL_DESCR("Enable RFC 1948 ISS by cryptographic "
1838 "hash computation"),
1839 NULL, 0, &tcp_do_rfc1948, sizeof(tcp_do_rfc1948),
1840 CTL_NET, pf, IPPROTO_TCP, CTL_CREATE,
1841 CTL_EOL);
1842 #endif
1843
1844 /* ABC subtree */
1845
1846 sysctl_createv(clog, 0, NULL, &abc_node,
1847 CTLFLAG_PERMANENT, CTLTYPE_NODE, "abc",
1848 SYSCTL_DESCR("RFC3465 Appropriate Byte Counting (ABC)"),
1849 NULL, 0, NULL, 0,
1850 CTL_NET, pf, IPPROTO_TCP, CTL_CREATE, CTL_EOL);
1851 sysctl_createv(clog, 0, &abc_node, NULL,
1852 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1853 CTLTYPE_INT, "enable",
1854 SYSCTL_DESCR("Enable RFC3465 Appropriate Byte Counting"),
1855 NULL, 0, &tcp_do_abc, 0, CTL_CREATE, CTL_EOL);
1856 sysctl_createv(clog, 0, &abc_node, NULL,
1857 CTLFLAG_PERMANENT|CTLFLAG_READWRITE,
1858 CTLTYPE_INT, "aggressive",
1859 SYSCTL_DESCR("1: L=2*SMSS 0: L=1*SMSS"),
1860 NULL, 0, &tcp_abc_aggressive, 0, CTL_CREATE, CTL_EOL);
1861 }
1862
1863 /*
1864 * Sysctl for tcp variables.
1865 */
1866 #ifdef INET
1867 SYSCTL_SETUP(sysctl_net_inet_tcp_setup, "sysctl net.inet.tcp subtree setup")
1868 {
1869
1870 sysctl_net_inet_tcp_setup2(clog, PF_INET, "inet", "tcp");
1871 }
1872 #endif /* INET */
1873
1874 #ifdef INET6
1875 SYSCTL_SETUP(sysctl_net_inet6_tcp6_setup, "sysctl net.inet6.tcp6 subtree setup")
1876 {
1877
1878 sysctl_net_inet_tcp_setup2(clog, PF_INET6, "inet6", "tcp6");
1879 }
1880 #endif /* INET6 */
Cache object: 146dd53cfdc1b27011ff4fe0de065ade
|