struct tcp_log_rack is not used, therefore remove it.
Reviewed by: Peter Lei
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D49669
(cherry picked from commit b1c62081feec535a4f2eeb4f8deb58913d9e281c)
The sendfile black box logging struct is much smaller than the
encompassing stack specific logging union. Be sure to clear the
trailing unused memory when logging.
Reviewed by: tuexen
Sponsored by: Netflix, Inc.
(cherry picked from commit 3bd1e85fc13cb90853046300dcaa31d63b45ee21)
Initialize the fields in the tcp_log_buffer in the sequence they
appear in the structure and add the initialization of tlb_flex1,
tlb_flex2, and _pad[].
Reviewed by: rrs, Peter Lei
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D49652
(cherry picked from commit 94acddd2ad0142221124c3fb7fe3778a5a1f8036)
Thanks to glebius@ for pointing to the problem.
Reported by: syzbot+1d5c164f1c10de84ad8a@syzkaller.appspotmail.com
Fixes: 2d5c48eccd ("sctp: Tighten up locking around sctp_aloc_assoc()")
(cherry picked from commit e8623834ca29b562687db945bdd12a3e2fe4aeb1)
These routines were all assuming that the sysctl handler has some new
value, but this is not the case. SYSCTL_IN() returns 0 in this
scenario, so they were all operating on an uninitialized address. This
is mostly harmless, but trips KMSAN checks, so let's fix them.
Reviewed by: zlei, rrs, glebius
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D49348
(cherry picked from commit 3ff865c6a7948b2cfc01d7056c619145b696700a)
If timestamps are enabled, the actions performed by a retransmission
timeout were rolled back, when they should not.
It is needed to make sure the incoming segment advances SND.UNA.
To do this, remove the incorrect upfront check and extend the check in
the fast path to handle also the case of timestamps.
PR: 282605
Reviewed by: cc, rscheff, Peter Lei
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D49414
(cherry picked from commit fbcf3b74e8f2c0c5ba37f1839bfe9395eb2fd0b1)
The SUS doesn't mention this error code as a possible one [1]. The FreeBSD
manual page specifies a possible ECONNRESET for close(2):
[ECONNRESET] The underlying object was a stream socket that was
shut down by the peer before all pending data was
delivered.
In the past it had been EINVAL (see 21367f630d), and this EINVAL was
added as a safety measure in 623dce13c6. After conversion to
ECONNRESET it had been documented in the manual page in 78e3a7fdd5, but
I bet wasn't ever tested to actually be ever returned, cause the
tcp-testsuite[2] didn't exist back then. So documentation is incorrect
since 2006, if my bet wins. Anyway, in the modern FreeBSD the condition
described above doesn't end up with ECONNRESET error code from close(2).
The error condition is reported via SO_ERROR socket option, though. This
can be checked using the tcp-testsuite, temporarily disabling the
getsockopt(SO_ERROR) lines using sed command [3]. Most of these
getsockopt(2)s are followed by '+0.00 close(3) = 0', which will confirm
that close(2) doesn't return ECONNRESET even on a socket that has the
error stored, neither it is returned in the case described in the manual
page. The latter case is covered by multiple tests residing in tcp-
testsuite/state-event-engine/rcv-rst-*.
However, the deleted block of code could be entered in a race condition
between close(2) and processing of incoming packet, when connection had
already been half-closed with shutdown(SHUT_WR) and sits in TCPS_LAST_ACK.
This was reported in the bug 146845. With the block deleted, we will
continue into tcp_disconnect() which has proper handling of INP_DROPPED.
The race explanation follows. The connection is in TCPS_LAST_ACK. The
network input thread acquires the tcpcb lock first, sets INP_DROPPED,
acquires the socket lock in soisdisconnected() and clears SS_ISCONNECTED.
Meanwhile, the syscall thread goes through sodisconnect() which checks for
SS_ISCONNECTED locklessly(!). The check passes and the thread blocks on
the tcpcb lock in tcp_usr_disconnect(). Once input thread releases the
lock, the syscall thread observes INP_DROPPED and returns ECONNRESET.
- Thread 1: tcp_do_segment()->tcp_close()->in_pcbdrop(),soisdisconnected()
- Thread 2: sys_close()...->soclose()->sodisconnect()->tcp_usr_disconnect()
Note that the lockless operation in sodisconnect() isn't correct, but
enforcing the socket lock there will not fix the problem.
[1] https://pubs.opengroup.org/onlinepubs/9799919799/
[2] https://github.com/freebsd-net/tcp-testsuite
[3] sed -i "" -Ee '/\+0\.00 getsockopt\(3, SOL_SOCKET, SO_ERROR, \[ECONNRESET\]/d' $(grep -lr ECONNRESET tcp-testsuite)
PR: 146845
Reviewed by: tuexen, rrs, imp
Differential Revision: https://reviews.freebsd.org/D48148
(cherry picked from commit 053a988497342a6fd0a717cc097d09c23f83e103)
One variable that became critical to correctly calculate
the cwnd during limited transmit was not properly reverted
on detection of spurious timeouts.
PR: 282605
Reviewed By: cc, tuexen, #transport
MFC after: 3 days
Sponsored by: NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D48652
(cherry picked from commit 6f6c07813b38ab04d8b1b2bb87c0291dbae25a25)
The section 4 in the draft proposal [1] explicitly states that 0.0.0.0,
aka INADDR_ANY, retains its existing special meanings.
[1] https://datatracker.ietf.org/doc/draft-schoen-intarea-unicast-0
Reviewed by: glebius
Fixes: efe58855f3 IPv4: experimental changes to allow net 0/8, 240/4, part of 127/8
MFC after: 5 days
Differential Revision: https://reviews.freebsd.org/D49157
(cherry picked from commit f7174eb2b4c45573bb9e836edad2b179a445a88f)
It is used as a boolean function everywhere.
No functional change intended.
MFC after: 1 week
(cherry picked from commit 69beb162848b15c967d3b45ac56501dbd8b94e91)
The function in_localip() was changed to return bool but the comment was
left unchanged.
Fixes: c8ee75f231 Use network epoch to protect local IPv4 addresses hash
MFC after: 3 days
(cherry picked from commit a5e380e51cdba64a392846a4eeda000f948f42ce)
It's only needed for in_pcb.c and in6_pcb.c, so can go to the private
header.
No functional change intended.
Reported by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
(cherry picked from commit ca94f92c23fd09b28ac3398657ae2ae9367bcdf5)
As with net.inet.{tcp,udp}.bind_all_fibs, this causes raw sockets to
accept only packets from the same FIB.
Reviewed by: glebius
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48707
(cherry picked from commit 4009a98fe80b8a51837d471076152e6ff505b675)
In particular, we store a FIB number in both struct socket and in struct
inpcb. When updating the FIB number with setsockopt(SO_SETFIB), make
the update atomic. This is required to support the new bind_all_fibs
mode, since in that mode changing the FIB of a bound socket is not
permitted.
This requires a bit more code, but avoids a layering violation in
sosetopt(), where we hard-code the list of protocol families that
implement SO_SETFIB.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48666
(cherry picked from commit caccbaef8e263b1d769e7bcac1c4617bdc12d484)
Introduce the net.inet.udp.bind_all_fibs tunable, set to 1 by default
for compatibility with current behaviour. When set to 0, all received
datagrams will be dropped unless an inpcb bound to the same FIB exists.
No functional change intended, as the new behaviour is not enabled by
default.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48664
(cherry picked from commit 08e638c089ab57531f08994d03c9dde54c4744f9)
Introduce the net.inet.tcp.bind_all_fibs tunable, set to 1 by default
for compatibility with current behaviour. When set to 0, all TCP
listening sockets are private to their FIB. Inbound connection requests
will only succeed if a matching inpcb is bound to the same FIB as the
request.
No functional change intended, as the new behaviour is not enabled by
default.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48663
(cherry picked from commit 5dc99e9bb985dce58e8fc85c09ef4e49bf051971)
Allow protocol layers to look up an inpcb belonging to a particular FIB.
This is indicated by setting INPLOOKUP_FIB; if it is set, the FIB to be
used is obtained from the specificed mbuf or ifnet.
No functional change intended.
Reviewed by: glebius, melifaro
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48662
(cherry picked from commit da806e8db685eead02bc67888b16ebac6badb6b6)
Add a flag, INPBIND_FIB, which means that the inpcb is local to its FIB
number. When this flag is specified, duplicate bindings are permitted,
so long as each FIB contains at most one inpcb bound to the same
address/port. If an inpcb is bound with this flag, it'll have the
INP_BOUNDFIB flag set.
No functional change intended.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48661
(cherry picked from commit bbd0084baf7539c7042ce94f8c6770210f83f765)
This is to enable a mode where duplicate inpcb bindings are permitted,
and we want to look up an inpcb with a particular FIB. Thus, add a
"fib" parameter to in_pcblookup() and related functions, and plumb it
through.
A fib value of RT_ALL_FIBS indicates that the lookup should ignore FIB
numbers when searching. Otherwise, it should refer to a valid FIB
number, and the returned inpcb should belong to the specific FIB. For
now, just add the fib parameter where needed, as there are several
layers to plumb through.
No functional change intended.
Reviewed by: glebius
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D48660
(cherry picked from commit 9a4131629bb3083ddc02a32950e4eb4806a07710)
in_pcblookup_hash_wild_* looks up unconnected inpcbs, so there is no
point in passing the foreign address and port, and indeed those
parameters are not used. So, remove them.
No functional change intended.
MFC after: 1 week
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D47385
(cherry picked from commit 21d7ac8c79a34cf3b7205d0c32014ee39f1f28ab)
Using the same random jitter for multiple rate limits allows an
attacker to use one rate limiter to figure out the current jitter
and then use this knowledge to de-randomize the other rate limiters.
This can be mitigated by using a separate randomized jitter for each
rate limiter.
This issue was reported as issue number 10 in Keyu Man et al.:
SCAD: Towards a Universal and Automated Network Side-Channel
Vulnerability Detection
Reviewed by: rrs, Peter Lei, glebius
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48804
(cherry picked from commit 923c223f27e792e51ca13c476428adbbf6887551)
reduce is uninitialized, if the code path for logging is reached via
goto old_method;.
Reviewed by: rrs, Peter Lei
CID: 1557359
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48346
(cherry picked from commit 4c89d59e0cdac4d83fb5841aefae9214545b2273)
Bring back the code, which was accidentally removed. While there,
indent a comment correctly.
Reviewed by: rrs
CID: 1540026
Fixes: e18b97bd63a8 ("Update to bring the rack stack with all its fixes in.")
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48340
(cherry picked from commit e8ec28047df5185582a95c5211ed75682fad5ec5)
bw is unsigned and not zero. So it cannot be smaller than 1.
No functional change intended.
Reviewed by: rrs, cc
CID: 1523791
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48323
(cherry picked from commit c28fefe1dc44b69743dd18d038440da38a2867a7)
Do not jump to a place in the code, which requires several variables
to be set (segsize, minseg, idle, len, sb_offset), which is not true.
To avoid using these variables, start the HPTS timer explicitly.
This fix only applies to the client side using TCP fast open.
Approved by: rrs
CID: 1523766
CID: 1523770
CID: 1523786
CID: 1523801
CID: 1523809
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48322
(cherry picked from commit bb9525f30214e8b6c53c6cccd9e8f02e8f8e8c42)
minslot is initialized to 0 and never changed. It is not clear to me
under which condition minslot should be set to which value.
Therefore, remove it and the code checking that it is not zero.
No functional change intended.
Reviewed by: rrs
CID: 1523812
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48321
(cherry picked from commit 84e894ce1309b426aa5d1a20ec194401f35dc478)
rc_bbr_substate is a 3-bit unsigned int, so it can't be larger than
or equal to 8. The wrap around already happens.
No functional change intended.
Reviewed by: rrs
CID: 1523795
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48320
(cherry picked from commit 4bce1a19fcfac0c9f22c11278daa510546ccd3f2)
There is no need to check partially for bbr->r_ctl.crte being NULL,
since this can't be true in this path.
No functional change intended.
Reviewed by: rrs
CID: 1523810
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48312
(cherry picked from commit 305c40dc552f9c150eacce95c181798031368cd9)
rsm cannot be NULL, when calling bbr_update_bbr_info().
So no need to check partially for it. No functional change intended.
Reviewed by: rrs
CID: 1523803
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48293
(cherry picked from commit 4173a3a009a42c47f1ec2d1cbfb99347aaf195da)
It is already known that rsm != NULL, so no need to check for it.
Reviewed by: rrs
CID: 1523815
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48282
(cherry picked from commit 8471791eb6eeedaedd4d70e1076cfd143bf12fca)
Indicate that the missing of the break is intentionally.
Reviewed by: rrs
CID: 1523782
Sponsored by: Netflix, Inc.
Differential Revision: https://reviews.freebsd.org/D48273
(cherry picked from commit 0ce13b1d580f05f96e3d85afb0824f672cb0c7a2)
