From owner-p4-projects@FreeBSD.ORG  Tue Jul 12 07:03:11 2011
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id B1A26106566C; Tue, 12 Jul 2011 07:03:10 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5B49E106564A
	for <perforce@freebsd.org>; Tue, 12 Jul 2011 07:03:10 +0000 (UTC)
	(envelope-from cnicutar@freebsd.org)
Received: from skunkworks.freebsd.org (skunkworks.freebsd.org
	[IPv6:2001:4f8:fff6::2d])
	by mx1.freebsd.org (Postfix) with ESMTP id 2FBDF8FC12
	for <perforce@freebsd.org>; Tue, 12 Jul 2011 07:03:10 +0000 (UTC)
Received: from skunkworks.freebsd.org (localhost [127.0.0.1])
	by skunkworks.freebsd.org (8.14.4/8.14.4) with ESMTP id p6C73A7Y091242
	for <perforce@freebsd.org>; Tue, 12 Jul 2011 07:03:10 GMT
	(envelope-from cnicutar@freebsd.org)
Received: (from perforce@localhost)
	by skunkworks.freebsd.org (8.14.4/8.14.4/Submit) id p6C73Avb091239
	for perforce@freebsd.org; Tue, 12 Jul 2011 07:03:10 GMT
	(envelope-from cnicutar@freebsd.org)
Date: Tue, 12 Jul 2011 07:03:10 GMT
Message-Id: <201107120703.p6C73Avb091239@skunkworks.freebsd.org>
X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to
	cnicutar@freebsd.org using -f
From: Catalin Nicutar <cnicutar@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Precedence: bulk
Cc: 
Subject: PERFORCE change 196047 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Jul 2011 07:03:11 -0000

http://p4web.freebsd.org/@@196047?ac=10

Change 196047 by cnicutar@cnicutar_cronos on 2011/07/12 07:02:07

	Add TCP UTO options and sysctls to tcp.4.

Affected files ...

.. //depot/projects/soc2011/cnicutar_tcputo_8/src/share/man/man4/tcp.4#2 edit

Differences ...

==== //depot/projects/soc2011/cnicutar_tcputo_8/src/share/man/man4/tcp.4#2 (text+ko) ====

@@ -116,7 +116,7 @@
 .Xr setsockopt 2
 and tested with
 .Xr getsockopt 2 :
-.Bl -tag -width ".Dv TCP_NODELAY"
+.Bl -tag -width ".Dv TCP_SNDUTO_TIMEOUT"
 .It Dv TCP_INFO
 Information about a socket's underlying TCP session may be retrieved
 by passing the read-only option
@@ -210,6 +210,46 @@
 will have an invalid digest option prepended, and the following error message
 will be visible on the system console:
 .Em "tcp_signature_compute: SADB lookup failed for %d.%d.%d.%d" .
+.It Dv TCP_SNDUTO_TIMEOUT
+By setting this option the user controls the exact time (in seconds) TCP will
+wait for an ACK before tearing the connection.
+.Pp
+Traditionally, a fixed number of retransmits
+.Dv TCP_MAXRXTSHIFT
+are performed before giving up.
+Using UTO completely overrides this and allows connections with stringent or
+relaxed timeouts.
+.Pp
+After setting the option the first subsequent segment will carry the specified
+value.
+This option is silently left out if (due to other options) not enough space
+is available.
+.It Dv TCP_RCVUTO_TIMEOUT
+By setting this option to a value larger than 1 the user allows a TCP to
+accept the timeout suggestion sent by the peer.
+The default value is 0.
+By getting this option the user can determine the actual timeout (in seconds)
+as advertised by the peer.
+.Pp
+When using both
+.Dv TCP_RCVUTO_TIMEOUT
+and
+.Dv TCP_SNDUTO_TIMEOUT,
+the larger value is chosen as User Timeout for the connection.
+.Pp
+The peer is allowed to send this option any number of times.
+Each time the user calls
+.Xr getsockopt 2
+the most recent value received is returned.
+.Pp
+A possible use of this option is allowing a user to request a large timeout
+(several hours) for a connection.
+Even if the user is offline for long periods of time the connection will be
+maintained.
+.Pp
+This option has security implications.
+An application must *not* enable this option before the user has
+authenticated in order to prevent DoS attacks.
 .El
 .Pp
 The option level for the
@@ -482,6 +522,13 @@
 .It Va sack.globalmaxholes
 Maximum number of SACK holes per system, across all connections.
 Defaults to 65536.
+.It Va uto.enable
+Globally permit or deny using UTO.
+.It Va uto.max_timeout
+Maximum value for TCP_SNDUTO_TIMEOUT for any connection. Setting this to a
+large value has security implications.
+.It Va uto.min_timeout
+Minimum value for TCP_RCVUTO_TIMEOUT for any connection.
 .It Va maxtcptw
 When a TCP connection enters the
 .Dv TIME_WAIT