blob: dcaf72f10216c22f00ef918963d260d4ce472b99 [file] [log] [blame]
#include <linux/rcupdate.h>
#include <linux/spinlock.h>
#include <linux/jiffies.h>
#include <linux/module.h>
#include <linux/cache.h>
#include <linux/slab.h>
#include <linux/init.h>
#include <linux/tcp.h>
#include <linux/hash.h>
#include <linux/tcp_metrics.h>
#include <linux/vmalloc.h>
#include <net/inet_connection_sock.h>
#include <net/net_namespace.h>
#include <net/request_sock.h>
#include <net/inetpeer.h>
#include <net/sock.h>
#include <net/ipv6.h>
#include <net/dst.h>
#include <net/tcp.h>
#include <net/genetlink.h>
int sysctl_tcp_nometrics_save __read_mostly;
static struct tcp_metrics_block *__tcp_get_metrics(const struct inetpeer_addr *saddr,
const struct inetpeer_addr *daddr,
struct net *net, unsigned int hash);
struct tcp_fastopen_metrics {
u16 mss;
u16 syn_loss:10; /* Recurring Fast Open SYN losses */
unsigned long last_syn_loss; /* Last Fast Open SYN loss */
struct tcp_fastopen_cookie cookie;
};
/* TCP_METRIC_MAX includes 2 extra fields for userspace compatibility
* Kernel only stores RTT and RTTVAR in usec resolution
*/
#define TCP_METRIC_MAX_KERNEL (TCP_METRIC_MAX - 2)
struct tcp_metrics_block {
struct tcp_metrics_block __rcu *tcpm_next;
struct inetpeer_addr tcpm_saddr;
struct inetpeer_addr tcpm_daddr;
unsigned long tcpm_stamp;
u32 tcpm_ts;
u32 tcpm_ts_stamp;
u32 tcpm_lock;
u32 tcpm_vals[TCP_METRIC_MAX_KERNEL + 1];
struct tcp_fastopen_metrics tcpm_fastopen;
struct rcu_head rcu_head;
};
static bool tcp_metric_locked(struct tcp_metrics_block *tm,
enum tcp_metric_index idx)
{
return tm->tcpm_lock & (1 << idx);
}
static u32 tcp_metric_get(struct tcp_metrics_block *tm,
enum tcp_metric_index idx)
{
return tm->tcpm_vals[idx];
}
static void tcp_metric_set(struct tcp_metrics_block *tm,
enum tcp_metric_index idx,
u32 val)
{
tm->tcpm_vals[idx] = val;
}
static bool addr_same(const struct inetpeer_addr *a,
const struct inetpeer_addr *b)
{
const struct in6_addr *a6, *b6;
if (a->family != b->family)
return false;
if (a->family == AF_INET)
return a->addr.a4 == b->addr.a4;
a6 = (const struct in6_addr *) &a->addr.a6[0];
b6 = (const struct in6_addr *) &b->addr.a6[0];
return ipv6_addr_equal(a6, b6);
}
struct tcpm_hash_bucket {
struct tcp_metrics_block __rcu *chain;
};
static DEFINE_SPINLOCK(tcp_metrics_lock);
static void tcpm_suck_dst(struct tcp_metrics_block *tm,
const struct dst_entry *dst,
bool fastopen_clear)
{
u32 msval;
u32 val;
tm->tcpm_stamp = jiffies;
val = 0;
if (dst_metric_locked(dst, RTAX_RTT))
val |= 1 << TCP_METRIC_RTT;
if (dst_metric_locked(dst, RTAX_RTTVAR))
val |= 1 << TCP_METRIC_RTTVAR;
if (dst_metric_locked(dst, RTAX_SSTHRESH))
val |= 1 << TCP_METRIC_SSTHRESH;
if (dst_metric_locked(dst, RTAX_CWND))
val |= 1 << TCP_METRIC_CWND;
if (dst_metric_locked(dst, RTAX_REORDERING))
val |= 1 << TCP_METRIC_REORDERING;
tm->tcpm_lock = val;
msval = dst_metric_raw(dst, RTAX_RTT);
tm->tcpm_vals[TCP_METRIC_RTT] = msval * USEC_PER_MSEC;
msval = dst_metric_raw(dst, RTAX_RTTVAR);
tm->tcpm_vals[TCP_METRIC_RTTVAR] = msval * USEC_PER_MSEC;
tm->tcpm_vals[TCP_METRIC_SSTHRESH] = dst_metric_raw(dst, RTAX_SSTHRESH);
tm->tcpm_vals[TCP_METRIC_CWND] = dst_metric_raw(dst, RTAX_CWND);
tm->tcpm_vals[TCP_METRIC_REORDERING] = dst_metric_raw(dst, RTAX_REORDERING);
tm->tcpm_ts = 0;
tm->tcpm_ts_stamp = 0;
if (fastopen_clear) {
tm->tcpm_fastopen.mss = 0;
tm->tcpm_fastopen.syn_loss = 0;
tm->tcpm_fastopen.cookie.len = 0;
}
}
#define TCP_METRICS_TIMEOUT (60 * 60 * HZ)
static void tcpm_check_stamp(struct tcp_metrics_block *tm, struct dst_entry *dst)
{
if (tm && unlikely(time_after(jiffies, tm->tcpm_stamp + TCP_METRICS_TIMEOUT)))
tcpm_suck_dst(tm, dst, false);
}
#define TCP_METRICS_RECLAIM_DEPTH 5
#define TCP_METRICS_RECLAIM_PTR (struct tcp_metrics_block *) 0x1UL
static struct tcp_metrics_block *tcpm_new(struct dst_entry *dst,
struct inetpeer_addr *saddr,
struct inetpeer_addr *daddr,
unsigned int hash)
{
struct tcp_metrics_block *tm;
struct net *net;
bool reclaim = false;
spin_lock_bh(&tcp_metrics_lock);
net = dev_net(dst->dev);
/* While waiting for the spin-lock the cache might have been populated
* with this entry and so we have to check again.
*/
tm = __tcp_get_metrics(saddr, daddr, net, hash);
if (tm == TCP_METRICS_RECLAIM_PTR) {
reclaim = true;
tm = NULL;
}
if (tm) {
tcpm_check_stamp(tm, dst);
goto out_unlock;
}
if (unlikely(reclaim)) {
struct tcp_metrics_block *oldest;
oldest = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain);
for (tm = rcu_dereference(oldest->tcpm_next); tm;
tm = rcu_dereference(tm->tcpm_next)) {
if (time_before(tm->tcpm_stamp, oldest->tcpm_stamp))
oldest = tm;
}
tm = oldest;
} else {
tm = kmalloc(sizeof(*tm), GFP_ATOMIC);
if (!tm)
goto out_unlock;
}
tm->tcpm_saddr = *saddr;
tm->tcpm_daddr = *daddr;
tcpm_suck_dst(tm, dst, true);
if (likely(!reclaim)) {
tm->tcpm_next = net->ipv4.tcp_metrics_hash[hash].chain;
rcu_assign_pointer(net->ipv4.tcp_metrics_hash[hash].chain, tm);
}
out_unlock:
spin_unlock_bh(&tcp_metrics_lock);
return tm;
}
static struct tcp_metrics_block *tcp_get_encode(struct tcp_metrics_block *tm, int depth)
{
if (tm)
return tm;
if (depth > TCP_METRICS_RECLAIM_DEPTH)
return TCP_METRICS_RECLAIM_PTR;
return NULL;
}
static struct tcp_metrics_block *__tcp_get_metrics(const struct inetpeer_addr *saddr,
const struct inetpeer_addr *daddr,
struct net *net, unsigned int hash)
{
struct tcp_metrics_block *tm;
int depth = 0;
for (tm = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain); tm;
tm = rcu_dereference(tm->tcpm_next)) {
if (addr_same(&tm->tcpm_saddr, saddr) &&
addr_same(&tm->tcpm_daddr, daddr))
break;
depth++;
}
return tcp_get_encode(tm, depth);
}
static struct tcp_metrics_block *__tcp_get_metrics_req(struct request_sock *req,
struct dst_entry *dst)
{
struct tcp_metrics_block *tm;
struct inetpeer_addr saddr, daddr;
unsigned int hash;
struct net *net;
saddr.family = req->rsk_ops->family;
daddr.family = req->rsk_ops->family;
switch (daddr.family) {
case AF_INET:
saddr.addr.a4 = inet_rsk(req)->ir_loc_addr;
daddr.addr.a4 = inet_rsk(req)->ir_rmt_addr;
hash = (__force unsigned int) daddr.addr.a4;
break;
#if IS_ENABLED(CONFIG_IPV6)
case AF_INET6:
*(struct in6_addr *)saddr.addr.a6 = inet_rsk(req)->ir_v6_loc_addr;
*(struct in6_addr *)daddr.addr.a6 = inet_rsk(req)->ir_v6_rmt_addr;
hash = ipv6_addr_hash(&inet_rsk(req)->ir_v6_rmt_addr);
break;
#endif
default:
return NULL;
}
net = dev_net(dst->dev);
hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
for (tm = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain); tm;
tm = rcu_dereference(tm->tcpm_next)) {
if (addr_same(&tm->tcpm_saddr, &saddr) &&
addr_same(&tm->tcpm_daddr, &daddr))
break;
}
tcpm_check_stamp(tm, dst);
return tm;
}
static struct tcp_metrics_block *__tcp_get_metrics_tw(struct inet_timewait_sock *tw)
{
struct tcp_metrics_block *tm;
struct inetpeer_addr saddr, daddr;
unsigned int hash;
struct net *net;
if (tw->tw_family == AF_INET) {
saddr.family = AF_INET;
saddr.addr.a4 = tw->tw_rcv_saddr;
daddr.family = AF_INET;
daddr.addr.a4 = tw->tw_daddr;
hash = (__force unsigned int) daddr.addr.a4;
}
#if IS_ENABLED(CONFIG_IPV6)
else if (tw->tw_family == AF_INET6) {
if (ipv6_addr_v4mapped(&tw->tw_v6_daddr)) {
saddr.family = AF_INET;
saddr.addr.a4 = tw->tw_rcv_saddr;
daddr.family = AF_INET;
daddr.addr.a4 = tw->tw_daddr;
hash = (__force unsigned int) daddr.addr.a4;
} else {
saddr.family = AF_INET6;
*(struct in6_addr *)saddr.addr.a6 = tw->tw_v6_rcv_saddr;
daddr.family = AF_INET6;
*(struct in6_addr *)daddr.addr.a6 = tw->tw_v6_daddr;
hash = ipv6_addr_hash(&tw->tw_v6_daddr);
}
}
#endif
else
return NULL;
net = twsk_net(tw);
hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
for (tm = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain); tm;
tm = rcu_dereference(tm->tcpm_next)) {
if (addr_same(&tm->tcpm_saddr, &saddr) &&
addr_same(&tm->tcpm_daddr, &daddr))
break;
}
return tm;
}
static struct tcp_metrics_block *tcp_get_metrics(struct sock *sk,
struct dst_entry *dst,
bool create)
{
struct tcp_metrics_block *tm;
struct inetpeer_addr saddr, daddr;
unsigned int hash;
struct net *net;
if (sk->sk_family == AF_INET) {
saddr.family = AF_INET;
saddr.addr.a4 = inet_sk(sk)->inet_saddr;
daddr.family = AF_INET;
daddr.addr.a4 = inet_sk(sk)->inet_daddr;
hash = (__force unsigned int) daddr.addr.a4;
}
#if IS_ENABLED(CONFIG_IPV6)
else if (sk->sk_family == AF_INET6) {
if (ipv6_addr_v4mapped(&sk->sk_v6_daddr)) {
saddr.family = AF_INET;
saddr.addr.a4 = inet_sk(sk)->inet_saddr;
daddr.family = AF_INET;
daddr.addr.a4 = inet_sk(sk)->inet_daddr;
hash = (__force unsigned int) daddr.addr.a4;
} else {
saddr.family = AF_INET6;
*(struct in6_addr *)saddr.addr.a6 = sk->sk_v6_rcv_saddr;
daddr.family = AF_INET6;
*(struct in6_addr *)daddr.addr.a6 = sk->sk_v6_daddr;
hash = ipv6_addr_hash(&sk->sk_v6_daddr);
}
}
#endif
else
return NULL;
net = dev_net(dst->dev);
hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
tm = __tcp_get_metrics(&saddr, &daddr, net, hash);
if (tm == TCP_METRICS_RECLAIM_PTR)
tm = NULL;
if (!tm && create)
tm = tcpm_new(dst, &saddr, &daddr, hash);
else
tcpm_check_stamp(tm, dst);
return tm;
}
/* Save metrics learned by this TCP session. This function is called
* only, when TCP finishes successfully i.e. when it enters TIME-WAIT
* or goes from LAST-ACK to CLOSE.
*/
void tcp_update_metrics(struct sock *sk)
{
const struct inet_connection_sock *icsk = inet_csk(sk);
struct dst_entry *dst = __sk_dst_get(sk);
struct tcp_sock *tp = tcp_sk(sk);
struct tcp_metrics_block *tm;
unsigned long rtt;
u32 val;
int m;
if (sysctl_tcp_nometrics_save || !dst)
return;
if (dst->flags & DST_HOST)
dst_confirm(dst);
rcu_read_lock();
if (icsk->icsk_backoff || !tp->srtt_us) {
/* This session failed to estimate rtt. Why?
* Probably, no packets returned in time. Reset our
* results.
*/
tm = tcp_get_metrics(sk, dst, false);
if (tm && !tcp_metric_locked(tm, TCP_METRIC_RTT))
tcp_metric_set(tm, TCP_METRIC_RTT, 0);
goto out_unlock;
} else
tm = tcp_get_metrics(sk, dst, true);
if (!tm)
goto out_unlock;
rtt = tcp_metric_get(tm, TCP_METRIC_RTT);
m = rtt - tp->srtt_us;
/* If newly calculated rtt larger than stored one, store new
* one. Otherwise, use EWMA. Remember, rtt overestimation is
* always better than underestimation.
*/
if (!tcp_metric_locked(tm, TCP_METRIC_RTT)) {
if (m <= 0)
rtt = tp->srtt_us;
else
rtt -= (m >> 3);
tcp_metric_set(tm, TCP_METRIC_RTT, rtt);
}
if (!tcp_metric_locked(tm, TCP_METRIC_RTTVAR)) {
unsigned long var;
if (m < 0)
m = -m;
/* Scale deviation to rttvar fixed point */
m >>= 1;
if (m < tp->mdev_us)
m = tp->mdev_us;
var = tcp_metric_get(tm, TCP_METRIC_RTTVAR);
if (m >= var)
var = m;
else
var -= (var - m) >> 2;
tcp_metric_set(tm, TCP_METRIC_RTTVAR, var);
}
if (tcp_in_initial_slowstart(tp)) {
/* Slow start still did not finish. */
if (!tcp_metric_locked(tm, TCP_METRIC_SSTHRESH)) {
val = tcp_metric_get(tm, TCP_METRIC_SSTHRESH);
if (val && (tp->snd_cwnd >> 1) > val)
tcp_metric_set(tm, TCP_METRIC_SSTHRESH,
tp->snd_cwnd >> 1);
}
if (!tcp_metric_locked(tm, TCP_METRIC_CWND)) {
val = tcp_metric_get(tm, TCP_METRIC_CWND);
if (tp->snd_cwnd > val)
tcp_metric_set(tm, TCP_METRIC_CWND,
tp->snd_cwnd);
}
} else if (tp->snd_cwnd > tp->snd_ssthresh &&
icsk->icsk_ca_state == TCP_CA_Open) {
/* Cong. avoidance phase, cwnd is reliable. */
if (!tcp_metric_locked(tm, TCP_METRIC_SSTHRESH))
tcp_metric_set(tm, TCP_METRIC_SSTHRESH,
max(tp->snd_cwnd >> 1, tp->snd_ssthresh));
if (!tcp_metric_locked(tm, TCP_METRIC_CWND)) {
val = tcp_metric_get(tm, TCP_METRIC_CWND);
tcp_metric_set(tm, TCP_METRIC_CWND, (val + tp->snd_cwnd) >> 1);
}
} else {
/* Else slow start did not finish, cwnd is non-sense,
* ssthresh may be also invalid.
*/
if (!tcp_metric_locked(tm, TCP_METRIC_CWND)) {
val = tcp_metric_get(tm, TCP_METRIC_CWND);
tcp_metric_set(tm, TCP_METRIC_CWND,
(val + tp->snd_ssthresh) >> 1);
}
if (!tcp_metric_locked(tm, TCP_METRIC_SSTHRESH)) {
val = tcp_metric_get(tm, TCP_METRIC_SSTHRESH);
if (val && tp->snd_ssthresh > val)
tcp_metric_set(tm, TCP_METRIC_SSTHRESH,
tp->snd_ssthresh);
}
if (!tcp_metric_locked(tm, TCP_METRIC_REORDERING)) {
val = tcp_metric_get(tm, TCP_METRIC_REORDERING);
if (val < tp->reordering &&
tp->reordering != sysctl_tcp_reordering)
tcp_metric_set(tm, TCP_METRIC_REORDERING,
tp->reordering);
}
}
tm->tcpm_stamp = jiffies;
out_unlock:
rcu_read_unlock();
}
/* Initialize metrics on socket. */
void tcp_init_metrics(struct sock *sk)
{
struct dst_entry *dst = __sk_dst_get(sk);
struct tcp_sock *tp = tcp_sk(sk);
struct tcp_metrics_block *tm;
u32 val, crtt = 0; /* cached RTT scaled by 8 */
if (dst == NULL)
goto reset;
dst_confirm(dst);
rcu_read_lock();
tm = tcp_get_metrics(sk, dst, true);
if (!tm) {
rcu_read_unlock();
goto reset;
}
if (tcp_metric_locked(tm, TCP_METRIC_CWND))
tp->snd_cwnd_clamp = tcp_metric_get(tm, TCP_METRIC_CWND);
val = tcp_metric_get(tm, TCP_METRIC_SSTHRESH);
if (val) {
tp->snd_ssthresh = val;
if (tp->snd_ssthresh > tp->snd_cwnd_clamp)
tp->snd_ssthresh = tp->snd_cwnd_clamp;
} else {
/* ssthresh may have been reduced unnecessarily during.
* 3WHS. Restore it back to its initial default.
*/
tp->snd_ssthresh = TCP_INFINITE_SSTHRESH;
}
val = tcp_metric_get(tm, TCP_METRIC_REORDERING);
if (val && tp->reordering != val) {
tcp_disable_fack(tp);
tcp_disable_early_retrans(tp);
tp->reordering = val;
}
crtt = tcp_metric_get(tm, TCP_METRIC_RTT);
rcu_read_unlock();
reset:
/* The initial RTT measurement from the SYN/SYN-ACK is not ideal
* to seed the RTO for later data packets because SYN packets are
* small. Use the per-dst cached values to seed the RTO but keep
* the RTT estimator variables intact (e.g., srtt, mdev, rttvar).
* Later the RTO will be updated immediately upon obtaining the first
* data RTT sample (tcp_rtt_estimator()). Hence the cached RTT only
* influences the first RTO but not later RTT estimation.
*
* But if RTT is not available from the SYN (due to retransmits or
* syn cookies) or the cache, force a conservative 3secs timeout.
*
* A bit of theory. RTT is time passed after "normal" sized packet
* is sent until it is ACKed. In normal circumstances sending small
* packets force peer to delay ACKs and calculation is correct too.
* The algorithm is adaptive and, provided we follow specs, it
* NEVER underestimate RTT. BUT! If peer tries to make some clever
* tricks sort of "quick acks" for time long enough to decrease RTT
* to low value, and then abruptly stops to do it and starts to delay
* ACKs, wait for troubles.
*/
if (crtt > tp->srtt_us) {
/* Set RTO like tcp_rtt_estimator(), but from cached RTT. */
crtt /= 8 * USEC_PER_MSEC;
inet_csk(sk)->icsk_rto = crtt + max(2 * crtt, tcp_rto_min(sk));
} else if (tp->srtt_us == 0) {
/* RFC6298: 5.7 We've failed to get a valid RTT sample from
* 3WHS. This is most likely due to retransmission,
* including spurious one. Reset the RTO back to 3secs
* from the more aggressive 1sec to avoid more spurious
* retransmission.
*/
tp->rttvar_us = jiffies_to_usecs(TCP_TIMEOUT_FALLBACK);
tp->mdev_us = tp->mdev_max_us = tp->rttvar_us;
inet_csk(sk)->icsk_rto = TCP_TIMEOUT_FALLBACK;
}
/* Cut cwnd down to 1 per RFC5681 if SYN or SYN-ACK has been
* retransmitted. In light of RFC6298 more aggressive 1sec
* initRTO, we only reset cwnd when more than 1 SYN/SYN-ACK
* retransmission has occurred.
*/
if (tp->total_retrans > 1)
tp->snd_cwnd = 1;
else
tp->snd_cwnd = tcp_init_cwnd(tp, dst);
tp->snd_cwnd_stamp = tcp_time_stamp;
}
bool tcp_peer_is_proven(struct request_sock *req, struct dst_entry *dst, bool paws_check)
{
struct tcp_metrics_block *tm;
bool ret;
if (!dst)
return false;
rcu_read_lock();
tm = __tcp_get_metrics_req(req, dst);
if (paws_check) {
if (tm &&
(u32)get_seconds() - tm->tcpm_ts_stamp < TCP_PAWS_MSL &&
(s32)(tm->tcpm_ts - req->ts_recent) > TCP_PAWS_WINDOW)
ret = false;
else
ret = true;
} else {
if (tm && tcp_metric_get(tm, TCP_METRIC_RTT) && tm->tcpm_ts_stamp)
ret = true;
else
ret = false;
}
rcu_read_unlock();
return ret;
}
EXPORT_SYMBOL_GPL(tcp_peer_is_proven);
void tcp_fetch_timewait_stamp(struct sock *sk, struct dst_entry *dst)
{
struct tcp_metrics_block *tm;
rcu_read_lock();
tm = tcp_get_metrics(sk, dst, true);
if (tm) {
struct tcp_sock *tp = tcp_sk(sk);
if ((u32)get_seconds() - tm->tcpm_ts_stamp <= TCP_PAWS_MSL) {
tp->rx_opt.ts_recent_stamp = tm->tcpm_ts_stamp;
tp->rx_opt.ts_recent = tm->tcpm_ts;
}
}
rcu_read_unlock();
}
EXPORT_SYMBOL_GPL(tcp_fetch_timewait_stamp);
/* VJ's idea. Save last timestamp seen from this destination and hold
* it at least for normal timewait interval to use for duplicate
* segment detection in subsequent connections, before they enter
* synchronized state.
*/
bool tcp_remember_stamp(struct sock *sk)
{
struct dst_entry *dst = __sk_dst_get(sk);
bool ret = false;
if (dst) {
struct tcp_metrics_block *tm;
rcu_read_lock();
tm = tcp_get_metrics(sk, dst, true);
if (tm) {
struct tcp_sock *tp = tcp_sk(sk);
if ((s32)(tm->tcpm_ts - tp->rx_opt.ts_recent) <= 0 ||
((u32)get_seconds() - tm->tcpm_ts_stamp > TCP_PAWS_MSL &&
tm->tcpm_ts_stamp <= (u32)tp->rx_opt.ts_recent_stamp)) {
tm->tcpm_ts_stamp = (u32)tp->rx_opt.ts_recent_stamp;
tm->tcpm_ts = tp->rx_opt.ts_recent;
}
ret = true;
}
rcu_read_unlock();
}
return ret;
}
bool tcp_tw_remember_stamp(struct inet_timewait_sock *tw)
{
struct tcp_metrics_block *tm;
bool ret = false;
rcu_read_lock();
tm = __tcp_get_metrics_tw(tw);
if (tm) {
const struct tcp_timewait_sock *tcptw;
struct sock *sk = (struct sock *) tw;
tcptw = tcp_twsk(sk);
if ((s32)(tm->tcpm_ts - tcptw->tw_ts_recent) <= 0 ||
((u32)get_seconds() - tm->tcpm_ts_stamp > TCP_PAWS_MSL &&
tm->tcpm_ts_stamp <= (u32)tcptw->tw_ts_recent_stamp)) {
tm->tcpm_ts_stamp = (u32)tcptw->tw_ts_recent_stamp;
tm->tcpm_ts = tcptw->tw_ts_recent;
}
ret = true;
}
rcu_read_unlock();
return ret;
}
static DEFINE_SEQLOCK(fastopen_seqlock);
void tcp_fastopen_cache_get(struct sock *sk, u16 *mss,
struct tcp_fastopen_cookie *cookie,
int *syn_loss, unsigned long *last_syn_loss)
{
struct tcp_metrics_block *tm;
rcu_read_lock();
tm = tcp_get_metrics(sk, __sk_dst_get(sk), false);
if (tm) {
struct tcp_fastopen_metrics *tfom = &tm->tcpm_fastopen;
unsigned int seq;
do {
seq = read_seqbegin(&fastopen_seqlock);
if (tfom->mss)
*mss = tfom->mss;
*cookie = tfom->cookie;
*syn_loss = tfom->syn_loss;
*last_syn_loss = *syn_loss ? tfom->last_syn_loss : 0;
} while (read_seqretry(&fastopen_seqlock, seq));
}
rcu_read_unlock();
}
void tcp_fastopen_cache_set(struct sock *sk, u16 mss,
struct tcp_fastopen_cookie *cookie, bool syn_lost)
{
struct dst_entry *dst = __sk_dst_get(sk);
struct tcp_metrics_block *tm;
if (!dst)
return;
rcu_read_lock();
tm = tcp_get_metrics(sk, dst, true);
if (tm) {
struct tcp_fastopen_metrics *tfom = &tm->tcpm_fastopen;
write_seqlock_bh(&fastopen_seqlock);
if (mss)
tfom->mss = mss;
if (cookie && cookie->len > 0)
tfom->cookie = *cookie;
if (syn_lost) {
++tfom->syn_loss;
tfom->last_syn_loss = jiffies;
} else
tfom->syn_loss = 0;
write_sequnlock_bh(&fastopen_seqlock);
}
rcu_read_unlock();
}
static struct genl_family tcp_metrics_nl_family = {
.id = GENL_ID_GENERATE,
.hdrsize = 0,
.name = TCP_METRICS_GENL_NAME,
.version = TCP_METRICS_GENL_VERSION,
.maxattr = TCP_METRICS_ATTR_MAX,
.netnsok = true,
};
static struct nla_policy tcp_metrics_nl_policy[TCP_METRICS_ATTR_MAX + 1] = {
[TCP_METRICS_ATTR_ADDR_IPV4] = { .type = NLA_U32, },
[TCP_METRICS_ATTR_ADDR_IPV6] = { .type = NLA_BINARY,
.len = sizeof(struct in6_addr), },
/* Following attributes are not received for GET/DEL,
* we keep them for reference
*/
#if 0
[TCP_METRICS_ATTR_AGE] = { .type = NLA_MSECS, },
[TCP_METRICS_ATTR_TW_TSVAL] = { .type = NLA_U32, },
[TCP_METRICS_ATTR_TW_TS_STAMP] = { .type = NLA_S32, },
[TCP_METRICS_ATTR_VALS] = { .type = NLA_NESTED, },
[TCP_METRICS_ATTR_FOPEN_MSS] = { .type = NLA_U16, },
[TCP_METRICS_ATTR_FOPEN_SYN_DROPS] = { .type = NLA_U16, },
[TCP_METRICS_ATTR_FOPEN_SYN_DROP_TS] = { .type = NLA_MSECS, },
[TCP_METRICS_ATTR_FOPEN_COOKIE] = { .type = NLA_BINARY,
.len = TCP_FASTOPEN_COOKIE_MAX, },
#endif
};
/* Add attributes, caller cancels its header on failure */
static int tcp_metrics_fill_info(struct sk_buff *msg,
struct tcp_metrics_block *tm)
{
struct nlattr *nest;
int i;
switch (tm->tcpm_daddr.family) {
case AF_INET:
if (nla_put_be32(msg, TCP_METRICS_ATTR_ADDR_IPV4,
tm->tcpm_daddr.addr.a4) < 0)
goto nla_put_failure;
if (nla_put_be32(msg, TCP_METRICS_ATTR_SADDR_IPV4,
tm->tcpm_saddr.addr.a4) < 0)
goto nla_put_failure;
break;
case AF_INET6:
if (nla_put(msg, TCP_METRICS_ATTR_ADDR_IPV6, 16,
tm->tcpm_daddr.addr.a6) < 0)
goto nla_put_failure;
if (nla_put(msg, TCP_METRICS_ATTR_SADDR_IPV6, 16,
tm->tcpm_saddr.addr.a6) < 0)
goto nla_put_failure;
break;
default:
return -EAFNOSUPPORT;
}
if (nla_put_msecs(msg, TCP_METRICS_ATTR_AGE,
jiffies - tm->tcpm_stamp) < 0)
goto nla_put_failure;
if (tm->tcpm_ts_stamp) {
if (nla_put_s32(msg, TCP_METRICS_ATTR_TW_TS_STAMP,
(s32) (get_seconds() - tm->tcpm_ts_stamp)) < 0)
goto nla_put_failure;
if (nla_put_u32(msg, TCP_METRICS_ATTR_TW_TSVAL,
tm->tcpm_ts) < 0)
goto nla_put_failure;
}
{
int n = 0;
nest = nla_nest_start(msg, TCP_METRICS_ATTR_VALS);
if (!nest)
goto nla_put_failure;
for (i = 0; i < TCP_METRIC_MAX_KERNEL + 1; i++) {
u32 val = tm->tcpm_vals[i];
if (!val)
continue;
if (i == TCP_METRIC_RTT) {
if (nla_put_u32(msg, TCP_METRIC_RTT_US + 1,
val) < 0)
goto nla_put_failure;
n++;
val = max(val / 1000, 1U);
}
if (i == TCP_METRIC_RTTVAR) {
if (nla_put_u32(msg, TCP_METRIC_RTTVAR_US + 1,
val) < 0)
goto nla_put_failure;
n++;
val = max(val / 1000, 1U);
}
if (nla_put_u32(msg, i + 1, val) < 0)
goto nla_put_failure;
n++;
}
if (n)
nla_nest_end(msg, nest);
else
nla_nest_cancel(msg, nest);
}
{
struct tcp_fastopen_metrics tfom_copy[1], *tfom;
unsigned int seq;
do {
seq = read_seqbegin(&fastopen_seqlock);
tfom_copy[0] = tm->tcpm_fastopen;
} while (read_seqretry(&fastopen_seqlock, seq));
tfom = tfom_copy;
if (tfom->mss &&
nla_put_u16(msg, TCP_METRICS_ATTR_FOPEN_MSS,
tfom->mss) < 0)
goto nla_put_failure;
if (tfom->syn_loss &&
(nla_put_u16(msg, TCP_METRICS_ATTR_FOPEN_SYN_DROPS,
tfom->syn_loss) < 0 ||
nla_put_msecs(msg, TCP_METRICS_ATTR_FOPEN_SYN_DROP_TS,
jiffies - tfom->last_syn_loss) < 0))
goto nla_put_failure;
if (tfom->cookie.len > 0 &&
nla_put(msg, TCP_METRICS_ATTR_FOPEN_COOKIE,
tfom->cookie.len, tfom->cookie.val) < 0)
goto nla_put_failure;
}
return 0;
nla_put_failure:
return -EMSGSIZE;
}
static int tcp_metrics_dump_info(struct sk_buff *skb,
struct netlink_callback *cb,
struct tcp_metrics_block *tm)
{
void *hdr;
hdr = genlmsg_put(skb, NETLINK_CB(cb->skb).portid, cb->nlh->nlmsg_seq,
&tcp_metrics_nl_family, NLM_F_MULTI,
TCP_METRICS_CMD_GET);
if (!hdr)
return -EMSGSIZE;
if (tcp_metrics_fill_info(skb, tm) < 0)
goto nla_put_failure;
return genlmsg_end(skb, hdr);
nla_put_failure:
genlmsg_cancel(skb, hdr);
return -EMSGSIZE;
}
static int tcp_metrics_nl_dump(struct sk_buff *skb,
struct netlink_callback *cb)
{
struct net *net = sock_net(skb->sk);
unsigned int max_rows = 1U << net->ipv4.tcp_metrics_hash_log;
unsigned int row, s_row = cb->args[0];
int s_col = cb->args[1], col = s_col;
for (row = s_row; row < max_rows; row++, s_col = 0) {
struct tcp_metrics_block *tm;
struct tcpm_hash_bucket *hb = net->ipv4.tcp_metrics_hash + row;
rcu_read_lock();
for (col = 0, tm = rcu_dereference(hb->chain); tm;
tm = rcu_dereference(tm->tcpm_next), col++) {
if (col < s_col)
continue;
if (tcp_metrics_dump_info(skb, cb, tm) < 0) {
rcu_read_unlock();
goto done;
}
}
rcu_read_unlock();
}
done:
cb->args[0] = row;
cb->args[1] = col;
return skb->len;
}
static int __parse_nl_addr(struct genl_info *info, struct inetpeer_addr *addr,
unsigned int *hash, int optional, int v4, int v6)
{
struct nlattr *a;
a = info->attrs[v4];
if (a) {
addr->family = AF_INET;
addr->addr.a4 = nla_get_be32(a);
if (hash)
*hash = (__force unsigned int) addr->addr.a4;
return 0;
}
a = info->attrs[v6];
if (a) {
if (nla_len(a) != sizeof(struct in6_addr))
return -EINVAL;
addr->family = AF_INET6;
memcpy(addr->addr.a6, nla_data(a), sizeof(addr->addr.a6));
if (hash)
*hash = ipv6_addr_hash((struct in6_addr *) addr->addr.a6);
return 0;
}
return optional ? 1 : -EAFNOSUPPORT;
}
static int parse_nl_addr(struct genl_info *info, struct inetpeer_addr *addr,
unsigned int *hash, int optional)
{
return __parse_nl_addr(info, addr, hash, optional,
TCP_METRICS_ATTR_ADDR_IPV4,
TCP_METRICS_ATTR_ADDR_IPV6);
}
static int parse_nl_saddr(struct genl_info *info, struct inetpeer_addr *addr)
{
return __parse_nl_addr(info, addr, NULL, 0,
TCP_METRICS_ATTR_SADDR_IPV4,
TCP_METRICS_ATTR_SADDR_IPV6);
}
static int tcp_metrics_nl_cmd_get(struct sk_buff *skb, struct genl_info *info)
{
struct tcp_metrics_block *tm;
struct inetpeer_addr saddr, daddr;
unsigned int hash;
struct sk_buff *msg;
struct net *net = genl_info_net(info);
void *reply;
int ret;
bool src = true;
ret = parse_nl_addr(info, &daddr, &hash, 0);
if (ret < 0)
return ret;
ret = parse_nl_saddr(info, &saddr);
if (ret < 0)
src = false;
msg = nlmsg_new(NLMSG_DEFAULT_SIZE, GFP_KERNEL);
if (!msg)
return -ENOMEM;
reply = genlmsg_put_reply(msg, info, &tcp_metrics_nl_family, 0,
info->genlhdr->cmd);
if (!reply)
goto nla_put_failure;
hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
ret = -ESRCH;
rcu_read_lock();
for (tm = rcu_dereference(net->ipv4.tcp_metrics_hash[hash].chain); tm;
tm = rcu_dereference(tm->tcpm_next)) {
if (addr_same(&tm->tcpm_daddr, &daddr) &&
(!src || addr_same(&tm->tcpm_saddr, &saddr))) {
ret = tcp_metrics_fill_info(msg, tm);
break;
}
}
rcu_read_unlock();
if (ret < 0)
goto out_free;
genlmsg_end(msg, reply);
return genlmsg_reply(msg, info);
nla_put_failure:
ret = -EMSGSIZE;
out_free:
nlmsg_free(msg);
return ret;
}
#define deref_locked_genl(p) \
rcu_dereference_protected(p, lockdep_genl_is_held() && \
lockdep_is_held(&tcp_metrics_lock))
#define deref_genl(p) rcu_dereference_protected(p, lockdep_genl_is_held())
static int tcp_metrics_flush_all(struct net *net)
{
unsigned int max_rows = 1U << net->ipv4.tcp_metrics_hash_log;
struct tcpm_hash_bucket *hb = net->ipv4.tcp_metrics_hash;
struct tcp_metrics_block *tm;
unsigned int row;
for (row = 0; row < max_rows; row++, hb++) {
spin_lock_bh(&tcp_metrics_lock);
tm = deref_locked_genl(hb->chain);
if (tm)
hb->chain = NULL;
spin_unlock_bh(&tcp_metrics_lock);
while (tm) {
struct tcp_metrics_block *next;
next = deref_genl(tm->tcpm_next);
kfree_rcu(tm, rcu_head);
tm = next;
}
}
return 0;
}
static int tcp_metrics_nl_cmd_del(struct sk_buff *skb, struct genl_info *info)
{
struct tcpm_hash_bucket *hb;
struct tcp_metrics_block *tm;
struct tcp_metrics_block __rcu **pp;
struct inetpeer_addr saddr, daddr;
unsigned int hash;
struct net *net = genl_info_net(info);
int ret;
bool src = true, found = false;
ret = parse_nl_addr(info, &daddr, &hash, 1);
if (ret < 0)
return ret;
if (ret > 0)
return tcp_metrics_flush_all(net);
ret = parse_nl_saddr(info, &saddr);
if (ret < 0)
src = false;
hash = hash_32(hash, net->ipv4.tcp_metrics_hash_log);
hb = net->ipv4.tcp_metrics_hash + hash;
pp = &hb->chain;
spin_lock_bh(&tcp_metrics_lock);
for (tm = deref_locked_genl(*pp); tm; tm = deref_locked_genl(*pp)) {
if (addr_same(&tm->tcpm_daddr, &daddr) &&
(!src || addr_same(&tm->tcpm_saddr, &saddr))) {
*pp = tm->tcpm_next;
kfree_rcu(tm, rcu_head);
found = true;
} else {
pp = &tm->tcpm_next;
}
}
spin_unlock_bh(&tcp_metrics_lock);
if (!found)
return -ESRCH;
return 0;
}
static const struct genl_ops tcp_metrics_nl_ops[] = {
{
.cmd = TCP_METRICS_CMD_GET,
.doit = tcp_metrics_nl_cmd_get,
.dumpit = tcp_metrics_nl_dump,
.policy = tcp_metrics_nl_policy,
.flags = GENL_ADMIN_PERM,
},
{
.cmd = TCP_METRICS_CMD_DEL,
.doit = tcp_metrics_nl_cmd_del,
.policy = tcp_metrics_nl_policy,
.flags = GENL_ADMIN_PERM,
},
};
static unsigned int tcpmhash_entries;
static int __init set_tcpmhash_entries(char *str)
{
ssize_t ret;
if (!str)
return 0;
ret = kstrtouint(str, 0, &tcpmhash_entries);
if (ret)
return 0;
return 1;
}
__setup("tcpmhash_entries=", set_tcpmhash_entries);
static int __net_init tcp_net_metrics_init(struct net *net)
{
size_t size;
unsigned int slots;
slots = tcpmhash_entries;
if (!slots) {
if (totalram_pages >= 128 * 1024)
slots = 16 * 1024;
else
slots = 8 * 1024;
}
net->ipv4.tcp_metrics_hash_log = order_base_2(slots);
size = sizeof(struct tcpm_hash_bucket) << net->ipv4.tcp_metrics_hash_log;
net->ipv4.tcp_metrics_hash = kzalloc(size, GFP_KERNEL | __GFP_NOWARN);
if (!net->ipv4.tcp_metrics_hash)
net->ipv4.tcp_metrics_hash = vzalloc(size);
if (!net->ipv4.tcp_metrics_hash)
return -ENOMEM;
return 0;
}
static void __net_exit tcp_net_metrics_exit(struct net *net)
{
unsigned int i;
for (i = 0; i < (1U << net->ipv4.tcp_metrics_hash_log) ; i++) {
struct tcp_metrics_block *tm, *next;
tm = rcu_dereference_protected(net->ipv4.tcp_metrics_hash[i].chain, 1);
while (tm) {
next = rcu_dereference_protected(tm->tcpm_next, 1);
kfree(tm);
tm = next;
}
}
if (is_vmalloc_addr(net->ipv4.tcp_metrics_hash))
vfree(net->ipv4.tcp_metrics_hash);
else
kfree(net->ipv4.tcp_metrics_hash);
}
static __net_initdata struct pernet_operations tcp_net_metrics_ops = {
.init = tcp_net_metrics_init,
.exit = tcp_net_metrics_exit,
};
void __init tcp_metrics_init(void)
{
int ret;
ret = register_pernet_subsys(&tcp_net_metrics_ops);
if (ret < 0)
goto cleanup;
ret = genl_register_family_with_ops(&tcp_metrics_nl_family,
tcp_metrics_nl_ops);
if (ret < 0)
goto cleanup_subsys;
return;
cleanup_subsys:
unregister_pernet_subsys(&tcp_net_metrics_ops);
cleanup:
return;
}