From owner-svn-src-all@freebsd.org Mon Aug 10 20:24:49 2020 Return-Path: Delivered-To: svn-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 564B93AE126; Mon, 10 Aug 2020 20:24:49 +0000 (UTC) (envelope-from tuexen@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4BQSB91h17z4mQr; Mon, 10 Aug 2020 20:24:49 +0000 (UTC) (envelope-from tuexen@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 19BACF7CD; Mon, 10 Aug 2020 20:24:49 +0000 (UTC) (envelope-from tuexen@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 07AKOmFL062127; Mon, 10 Aug 2020 20:24:48 GMT (envelope-from tuexen@FreeBSD.org) Received: (from tuexen@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 07AKOmiT062126; Mon, 10 Aug 2020 20:24:48 GMT (envelope-from tuexen@FreeBSD.org) Message-Id: <202008102024.07AKOmiT062126@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: tuexen set sender to tuexen@FreeBSD.org using -f From: Michael Tuexen Date: Mon, 10 Aug 2020 20:24:48 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r364089 - head/sys/netinet X-SVN-Group: head X-SVN-Commit-Author: tuexen X-SVN-Commit-Paths: head/sys/netinet X-SVN-Commit-Revision: 364089 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Aug 2020 20:24:49 -0000 Author: tuexen Date: Mon Aug 10 20:24:48 2020 New Revision: 364089 URL: https://svnweb.freebsd.org/changeset/base/364089 Log: Fix the following issues related to the TCP SYN-cache: * Let the accepted TCP/IPv4 socket inherit the configured TTL and TOS value. * Let the accepted TCP/IPv6 socket inherit the configured Hop Limit. * Use the configured Hop Limit and Traffic Class when sending IPv6 packets. Reviewed by: rrs, lutz_donnerhacke.de MFC after: 1 week Sponsored by: Netflix, Inc. Differential Revision: https://reviews.freebsd.org/D25909 Modified: head/sys/netinet/tcp_syncache.c head/sys/netinet/tcp_syncache.h Modified: head/sys/netinet/tcp_syncache.c ============================================================================== --- head/sys/netinet/tcp_syncache.c Mon Aug 10 19:37:06 2020 (r364088) +++ head/sys/netinet/tcp_syncache.c Mon Aug 10 20:24:48 2020 (r364089) @@ -831,6 +831,8 @@ syncache_socket(struct syncache *sc, struct socket *ls inp->inp_vflag &= ~INP_IPV6; inp->inp_vflag |= INP_IPV4; #endif + inp->inp_ip_ttl = sc->sc_ip_ttl; + inp->inp_ip_tos = sc->sc_ip_tos; inp->inp_laddr = sc->sc_inc.inc_laddr; #ifdef INET6 } @@ -866,6 +868,7 @@ syncache_socket(struct syncache *sc, struct socket *ls if (oinp->in6p_outputopts) inp->in6p_outputopts = ip6_copypktopts(oinp->in6p_outputopts, M_NOWAIT); + inp->in6p_hops = oinp->in6p_hops; } if (sc->sc_inc.inc_flags & INC_ISIPV6) { @@ -1389,12 +1392,28 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t cred = crhold(so->so_cred); #ifdef INET6 - if ((inc->inc_flags & INC_ISIPV6) && - (inp->inp_flags & IN6P_AUTOFLOWLABEL)) - autoflowlabel = 1; + if (inc->inc_flags & INC_ISIPV6) { + if (inp->inp_flags & IN6P_AUTOFLOWLABEL) { + autoflowlabel = 1; + } + ip_ttl = in6_selecthlim(inp, NULL); + if ((inp->in6p_outputopts == NULL) || + (inp->in6p_outputopts->ip6po_tclass == -1)) { + ip_tos = 0; + } else { + ip_tos = inp->in6p_outputopts->ip6po_tclass; + } + } #endif - ip_ttl = inp->inp_ip_ttl; - ip_tos = inp->inp_ip_tos; +#if defined(INET6) && defined(INET) + else +#endif +#ifdef INET + { + ip_ttl = inp->inp_ip_ttl; + ip_tos = inp->inp_ip_tos; + } +#endif win = so->sol_sbrcv_hiwat; ltflags = (tp->t_flags & (TF_NOOPT | TF_SIGNATURE)); @@ -1599,13 +1618,8 @@ skip_alloc: cred = NULL; sc->sc_ipopts = ipopts; bcopy(inc, &sc->sc_inc, sizeof(struct in_conninfo)); -#ifdef INET6 - if (!(inc->inc_flags & INC_ISIPV6)) -#endif - { - sc->sc_ip_tos = ip_tos; - sc->sc_ip_ttl = ip_ttl; - } + sc->sc_ip_tos = ip_tos; + sc->sc_ip_ttl = ip_ttl; #ifdef TCP_OFFLOAD sc->sc_tod = tod; sc->sc_todctx = todctx; @@ -1807,6 +1821,7 @@ syncache_respond(struct syncache *sc, const struct mbu /* Zero out traffic class and flow label. */ ip6->ip6_flow &= ~IPV6_FLOWINFO_MASK; ip6->ip6_flow |= sc->sc_flowlabel; + ip6->ip6_flow |= htonl(sc->sc_ip_tos << 20); th = (struct tcphdr *)(ip6 + 1); } @@ -1935,7 +1950,7 @@ syncache_respond(struct syncache *sc, const struct mbu m->m_pkthdr.csum_flags = CSUM_TCP_IPV6; th->th_sum = in6_cksum_pseudo(ip6, tlen + optlen - hlen, IPPROTO_TCP, 0); - ip6->ip6_hlim = in6_selecthlim(NULL, NULL); + ip6->ip6_hlim = sc->sc_ip_ttl; #ifdef TCP_OFFLOAD if (ADDED_BY_TOE(sc)) { struct toedev *tod = sc->sc_tod; Modified: head/sys/netinet/tcp_syncache.h ============================================================================== --- head/sys/netinet/tcp_syncache.h Mon Aug 10 19:37:06 2020 (r364088) +++ head/sys/netinet/tcp_syncache.h Mon Aug 10 20:24:48 2020 (r364089) @@ -63,8 +63,8 @@ struct syncache { struct mbuf *sc_ipopts; /* source route */ u_int16_t sc_peer_mss; /* peer's MSS */ u_int16_t sc_wnd; /* advertised window */ - u_int8_t sc_ip_ttl; /* IPv4 TTL */ - u_int8_t sc_ip_tos; /* IPv4 TOS */ + u_int8_t sc_ip_ttl; /* TTL / Hop Limit */ + u_int8_t sc_ip_tos; /* TOS / Traffic Class */ u_int8_t sc_requested_s_scale:4, sc_requested_r_scale:4; u_int16_t sc_flags;