From owner-svn-src-head@freebsd.org Mon Feb 26 03:03:42 2018 Return-Path: Delivered-To: svn-src-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 94218F22A1C; Mon, 26 Feb 2018 03:03:42 +0000 (UTC) (envelope-from pkelsey@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48CEA7E19E; Mon, 26 Feb 2018 03:03:42 +0000 (UTC) (envelope-from pkelsey@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 2A8A315C7C; Mon, 26 Feb 2018 03:03:42 +0000 (UTC) (envelope-from pkelsey@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w1Q33gA5017376; Mon, 26 Feb 2018 03:03:42 GMT (envelope-from pkelsey@FreeBSD.org) Received: (from pkelsey@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w1Q33f27017366; Mon, 26 Feb 2018 03:03:41 GMT (envelope-from pkelsey@FreeBSD.org) Message-Id: <201802260303.w1Q33f27017366@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pkelsey set sender to pkelsey@FreeBSD.org using -f From: Patrick Kelsey Date: Mon, 26 Feb 2018 03:03:41 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r330002 - in head/sys: amd64/conf arm64/conf netinet X-SVN-Group: head X-SVN-Commit-Author: pkelsey X-SVN-Commit-Paths: in head/sys: amd64/conf arm64/conf netinet X-SVN-Commit-Revision: 330002 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 26 Feb 2018 03:03:43 -0000 Author: pkelsey Date: Mon Feb 26 03:03:41 2018 New Revision: 330002 URL: https://svnweb.freebsd.org/changeset/base/330002 Log: Greatly reduce the number of #ifdefs supporting the TCP_RFC7413 kernel option. The conditional compilation support is now centralized in tcp_fastopen.h and tcp_var.h. This doesn't provide the minimum theoretical code/data footprint when TCP_RFC7413 is disabled, but nearly all the TFO code should wind up being removed by the optimizer, the additional footprint in the syncache entries is a single pointer, and the additional overhead in the tcpcb is at the end of the structure. This enables the TCP_RFC7413 kernel option by default in amd64 and arm64 GENERIC. Reviewed by: hiren MFC after: 1 month Sponsored by: Limelight Networks Differential Revision: https://reviews.freebsd.org/D14048 Modified: head/sys/amd64/conf/GENERIC head/sys/arm64/conf/GENERIC head/sys/netinet/tcp_fastopen.h head/sys/netinet/tcp_input.c head/sys/netinet/tcp_output.c head/sys/netinet/tcp_subr.c head/sys/netinet/tcp_syncache.c head/sys/netinet/tcp_syncache.h head/sys/netinet/tcp_usrreq.c head/sys/netinet/tcp_var.h Modified: head/sys/amd64/conf/GENERIC ============================================================================== --- head/sys/amd64/conf/GENERIC Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/amd64/conf/GENERIC Mon Feb 26 03:03:41 2018 (r330002) @@ -33,6 +33,7 @@ options IPSEC # IP (v4/v6) security options IPSEC_SUPPORT # Allow kldload of ipsec and tcpmd5 options TCP_OFFLOAD # TCP offload options TCP_HHOOK # hhook(9) framework for TCP +options TCP_RFC7413 # TCP Fast Open options SCTP # Stream Control Transmission Protocol options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support Modified: head/sys/arm64/conf/GENERIC ============================================================================== --- head/sys/arm64/conf/GENERIC Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/arm64/conf/GENERIC Mon Feb 26 03:03:41 2018 (r330002) @@ -33,6 +33,7 @@ options IPSEC # IP (v4/v6) security options IPSEC_SUPPORT # Allow kldload of ipsec and tcpmd5 options TCP_HHOOK # hhook(9) framework for TCP options TCP_OFFLOAD # TCP offload +options TCP_RFC7413 # TCP Fast Open options SCTP # Stream Control Transmission Protocol options FFS # Berkeley Fast Filesystem options SOFTUPDATES # Enable FFS soft updates support Modified: head/sys/netinet/tcp_fastopen.h ============================================================================== --- head/sys/netinet/tcp_fastopen.h Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_fastopen.h Mon Feb 26 03:03:41 2018 (r330002) @@ -31,13 +31,20 @@ #ifdef _KERNEL +#include "opt_inet.h" + #define TCP_FASTOPEN_COOKIE_LEN 8 /* SipHash24 64-bit output */ +#ifdef TCP_RFC7413 VNET_DECLARE(unsigned int, tcp_fastopen_client_enable); #define V_tcp_fastopen_client_enable VNET(tcp_fastopen_client_enable) VNET_DECLARE(unsigned int, tcp_fastopen_server_enable); #define V_tcp_fastopen_server_enable VNET(tcp_fastopen_server_enable) +#else +#define V_tcp_fastopen_client_enable 0 +#define V_tcp_fastopen_server_enable 0 +#endif /* TCP_RFC7413 */ union tcp_fastopen_ip_addr { struct in_addr v4; @@ -74,6 +81,7 @@ struct tcp_fastopen_ccache { uint32_t secret; }; +#ifdef TCP_RFC7413 void tcp_fastopen_init(void); void tcp_fastopen_destroy(void); unsigned int *tcp_fastopen_alloc_counter(void); @@ -84,6 +92,17 @@ void tcp_fastopen_connect(struct tcpcb *); void tcp_fastopen_disable_path(struct tcpcb *); void tcp_fastopen_update_cache(struct tcpcb *, uint16_t, uint8_t, uint8_t *); +#else +#define tcp_fastopen_init() ((void)0) +#define tcp_fastopen_destroy() ((void)0) +#define tcp_fastopen_alloc_counter() NULL +#define tcp_fastopen_decrement_counter(c) ((void)0) +#define tcp_fastopen_check_cookie(i, c, l, lc) (-1) +#define tcp_fastopen_connect(t) ((void)0) +#define tcp_fastopen_disable_path(t) ((void)0) +#define tcp_fastopen_update_cache(t, m, l, c) ((void)0) +#endif /* TCP_RFC7413 */ + #endif /* _KERNEL */ #endif /* _TCP_FASTOPEN_H_ */ Modified: head/sys/netinet/tcp_input.c ============================================================================== --- head/sys/netinet/tcp_input.c Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_input.c Mon Feb 26 03:03:41 2018 (r330002) @@ -108,9 +108,7 @@ __FBSDID("$FreeBSD$"); #include #include #include -#ifdef TCP_RFC7413 #include -#endif #ifdef TCPPCAP #include #endif @@ -1130,9 +1128,7 @@ relocked: rstreason = BANDLIM_RST_OPENPORT; goto dropwithreset; } -#ifdef TCP_RFC7413 tfo_socket_result: -#endif if (so == NULL) { /* * We completed the 3-way handshake @@ -1375,12 +1371,9 @@ tfo_socket_result: #endif TCP_PROBE3(debug__input, tp, th, m); tcp_dooptions(&to, optp, optlen, TO_SYN); -#ifdef TCP_RFC7413 if (syncache_add(&inc, &to, th, inp, &so, m, NULL, NULL)) goto tfo_socket_result; -#else - syncache_add(&inc, &to, th, inp, &so, m, NULL, NULL); -#endif + /* * Entry added to syncache and mbuf consumed. * Only the listen socket is unlocked by syncache_add(). @@ -1550,9 +1543,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru struct in_conninfo *inc; struct mbuf *mfree; struct tcpopt to; -#ifdef TCP_RFC7413 int tfo_syn; -#endif #ifdef TCPDEBUG /* @@ -1717,7 +1708,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru if ((tp->t_flags & TF_SACK_PERMIT) && (to.to_flags & TOF_SACKPERM) == 0) tp->t_flags &= ~TF_SACK_PERMIT; -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) { if (to.to_flags & TOF_FASTOPEN) tcp_fastopen_update_cache(tp, to.to_mss, @@ -1725,7 +1715,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru else tcp_fastopen_disable_path(tp); } -#endif } /* @@ -1983,7 +1972,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru rstreason = BANDLIM_RST_OPENPORT; goto dropwithreset; } -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) { /* * When a TFO connection is in SYN_RECEIVED, the @@ -2004,7 +1992,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru goto drop; } } -#endif break; /* @@ -2423,13 +2410,11 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru if ((thflags & TH_ACK) == 0) { if (tp->t_state == TCPS_SYN_RECEIVED || (tp->t_flags & TF_NEEDSYN)) { -#ifdef TCP_RFC7413 if (tp->t_state == TCPS_SYN_RECEIVED && IS_FASTOPEN(tp->t_flags)) { tp->snd_wnd = tiwin; cc_conn_init(tp); } -#endif goto step6; } else if (tp->t_flags & TF_ACKNOW) goto dropafterack; @@ -2470,8 +2455,7 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru tcp_state_change(tp, TCPS_ESTABLISHED); TCP_PROBE5(accept__established, NULL, tp, m, tp, th); -#ifdef TCP_RFC7413 - if (tp->t_tfo_pending) { + if (IS_FASTOPEN(tp->t_flags) && tp->t_tfo_pending) { tcp_fastopen_decrement_counter(tp->t_tfo_pending); tp->t_tfo_pending = NULL; @@ -2489,7 +2473,6 @@ tcp_do_segment(struct mbuf *m, struct tcphdr *th, stru * is retransmitted. */ if (!IS_FASTOPEN(tp->t_flags)) -#endif cc_conn_init(tp); tcp_timer_activate(tp, TT_KEEP, TP_KEEPIDLE(tp)); } @@ -3055,12 +3038,8 @@ dodata: /* XXX */ * case PRU_RCVD). If a FIN has already been received on this * connection then we just ignore the text. */ -#ifdef TCP_RFC7413 tfo_syn = ((tp->t_state == TCPS_SYN_RECEIVED) && IS_FASTOPEN(tp->t_flags)); -#else -#define tfo_syn (false) -#endif if ((tlen || (thflags & TH_FIN) || tfo_syn) && TCPS_HAVERCVDFIN(tp->t_state) == 0) { tcp_seq save_start = th->th_seq; @@ -3284,9 +3263,6 @@ drop: if (tp != NULL) INP_WUNLOCK(tp->t_inpcb); m_freem(m); -#ifndef TCP_RFC7413 -#undef tfo_syn -#endif } /* @@ -3440,7 +3416,6 @@ tcp_dooptions(struct tcpopt *to, u_char *cp, int cnt, to->to_sacks = cp + 2; TCPSTAT_INC(tcps_sack_rcv_blocks); break; -#ifdef TCP_RFC7413 case TCPOPT_FAST_OPEN: /* * Cookie length validation is performed by the @@ -3456,7 +3431,6 @@ tcp_dooptions(struct tcpopt *to, u_char *cp, int cnt, to->to_tfo_len = optlen - 2; to->to_tfo_cookie = to->to_tfo_len ? cp + 2 : NULL; break; -#endif default: continue; } Modified: head/sys/netinet/tcp_output.c ============================================================================== --- head/sys/netinet/tcp_output.c Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_output.c Mon Feb 26 03:03:41 2018 (r330002) @@ -79,9 +79,7 @@ __FBSDID("$FreeBSD$"); #include #include #include -#ifdef TCP_RFC7413 #include -#endif #ifdef TCPPCAP #include #endif @@ -212,10 +210,8 @@ tcp_output(struct tcpcb *tp) struct sackhole *p; int tso, mtu; struct tcpopt to; -#ifdef TCP_RFC7413 unsigned int wanted_cookie = 0; unsigned int dont_sendalot = 0; -#endif #if 0 int maxburst = TCP_MAXBURST; #endif @@ -233,7 +229,6 @@ tcp_output(struct tcpcb *tp) return (tcp_offload_output(tp)); #endif -#ifdef TCP_RFC7413 /* * For TFO connections in SYN_RECEIVED, only allow the initial * SYN|ACK and those sent by the retransmit timer. @@ -243,7 +238,7 @@ tcp_output(struct tcpcb *tp) SEQ_GT(tp->snd_max, tp->snd_una) && /* initial SYN|ACK sent */ (tp->snd_nxt != tp->snd_una)) /* not a retransmit */ return (0); -#endif + /* * Determine length of data that should be transmitted, * and flags that will be used. @@ -429,7 +424,6 @@ after_sack_rexmit: if ((flags & TH_SYN) && SEQ_GT(tp->snd_nxt, tp->snd_una)) { if (tp->t_state != TCPS_SYN_RECEIVED) flags &= ~TH_SYN; -#ifdef TCP_RFC7413 /* * When sending additional segments following a TFO SYN|ACK, * do not include the SYN bit. @@ -437,7 +431,6 @@ after_sack_rexmit: if (IS_FASTOPEN(tp->t_flags) && (tp->t_state == TCPS_SYN_RECEIVED)) flags &= ~TH_SYN; -#endif off--, len++; } @@ -451,7 +444,6 @@ after_sack_rexmit: flags &= ~TH_FIN; } -#ifdef TCP_RFC7413 /* * On TFO sockets, ensure no data is sent in the following cases: * @@ -470,7 +462,6 @@ after_sack_rexmit: (tp->t_tfo_client_cookie_len == 0)) || (flags & TH_RST))) len = 0; -#endif if (len <= 0) { /* * If FIN has been sent but not acked, @@ -774,7 +765,7 @@ send: tp->snd_nxt = tp->iss; to.to_mss = tcp_mssopt(&tp->t_inpcb->inp_inc); to.to_flags |= TOF_MSS; -#ifdef TCP_RFC7413 + /* * On SYN or SYN|ACK transmits on TFO connections, * only include the TFO option if it is not a @@ -807,7 +798,6 @@ send: dont_sendalot = 1; } } -#endif } /* Window scaling. */ if ((flags & TH_SYN) && (tp->t_flags & TF_REQ_SCALE)) { @@ -851,7 +841,6 @@ send: /* Processing the options. */ hdrlen += optlen = tcp_addoptions(&to, opt); -#ifdef TCP_RFC7413 /* * If we wanted a TFO option to be added, but it was unable * to fit, ensure no data is sent. @@ -859,7 +848,6 @@ send: if (IS_FASTOPEN(tp->t_flags) && wanted_cookie && !(to.to_flags & TOF_FASTOPEN)) len = 0; -#endif } /* @@ -1004,10 +992,8 @@ send: } else { len = tp->t_maxseg - optlen - ipoptlen; sendalot = 1; -#ifdef TCP_RFC7413 if (dont_sendalot) sendalot = 0; -#endif } } else tso = 0; @@ -1811,7 +1797,6 @@ tcp_addoptions(struct tcpopt *to, u_char *optp) TCPSTAT_INC(tcps_sack_send_blocks); break; } -#ifdef TCP_RFC7413 case TOF_FASTOPEN: { int total_len; @@ -1831,7 +1816,6 @@ tcp_addoptions(struct tcpopt *to, u_char *optp) optlen += total_len; break; } -#endif default: panic("%s: unknown TCP option type", __func__); break; Modified: head/sys/netinet/tcp_subr.c ============================================================================== --- head/sys/netinet/tcp_subr.c Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_subr.c Mon Feb 26 03:03:41 2018 (r330002) @@ -104,9 +104,7 @@ __FBSDID("$FreeBSD$"); #include #endif #include -#ifdef TCP_RFC7413 #include -#endif #ifdef TCPPCAP #include #endif @@ -755,9 +753,7 @@ tcp_init(void) V_sack_hole_zone = uma_zcreate("sackhole", sizeof(struct sackhole), NULL, NULL, NULL, NULL, UMA_ALIGN_PTR, 0); -#ifdef TCP_RFC7413 tcp_fastopen_init(); -#endif /* Skip initialization of globals for non-default instances. */ if (!IS_DEFAULT_VNET(curvnet)) @@ -844,13 +840,11 @@ tcp_destroy(void *unused __unused) uma_zdestroy(V_sack_hole_zone); uma_zdestroy(V_tcpcb_zone); -#ifdef TCP_RFC7413 /* * Cannot free the zone until all tcpcbs are released as we attach * the allocations to them. */ tcp_fastopen_destroy(); -#endif #ifdef TCP_HHOOK error = hhook_head_deregister(V_tcp_hhh[HHOOK_TCP_EST_IN]); @@ -1647,7 +1641,6 @@ tcp_close(struct tcpcb *tp) if (tp->t_state == TCPS_LISTEN) tcp_offload_listen_stop(tp); #endif -#ifdef TCP_RFC7413 /* * This releases the TFO pending counter resource for TFO listen * sockets as well as passively-created TFO sockets that transition @@ -1657,7 +1650,6 @@ tcp_close(struct tcpcb *tp) tcp_fastopen_decrement_counter(tp->t_tfo_pending); tp->t_tfo_pending = NULL; } -#endif in_pcbdrop(inp); TCPSTAT_INC(tcps_closed); if (tp->t_state != TCPS_CLOSED) @@ -2407,10 +2399,8 @@ tcp_drop_syn_sent(struct inpcb *inp, int errno) if (tp->t_state != TCPS_SYN_SENT) return (inp); -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) tcp_fastopen_disable_path(tp); -#endif tp = tcp_drop(tp, errno); if (tp != NULL) Modified: head/sys/netinet/tcp_syncache.c ============================================================================== --- head/sys/netinet/tcp_syncache.c Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_syncache.c Mon Feb 26 03:03:41 2018 (r330002) @@ -83,9 +83,7 @@ __FBSDID("$FreeBSD$"); #include #endif #include -#ifdef TCP_RFC7413 #include -#endif #include #include #include @@ -1176,7 +1174,6 @@ failed: return (0); } -#ifdef TCP_RFC7413 static void syncache_tfo_expand(struct syncache *sc, struct socket **lsop, struct mbuf *m, uint64_t response_cookie) @@ -1208,7 +1205,6 @@ syncache_tfo_expand(struct syncache *sc, struct socket TCPSTAT_INC(tcps_sc_completed); } } -#endif /* TCP_RFC7413 */ /* * Given a LISTEN socket and an inbound SYN request, add @@ -1251,12 +1247,10 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t #endif struct syncache scs; struct ucred *cred; -#ifdef TCP_RFC7413 uint64_t tfo_response_cookie; unsigned int *tfo_pending = NULL; int tfo_cookie_valid = 0; int tfo_response_cookie_valid = 0; -#endif INP_WLOCK_ASSERT(inp); /* listen socket */ KASSERT((th->th_flags & (TH_RST|TH_ACK|TH_SYN)) == TH_SYN, @@ -1281,7 +1275,6 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t win = so->sol_sbrcv_hiwat; ltflags = (tp->t_flags & (TF_NOOPT | TF_SIGNATURE)); -#ifdef TCP_RFC7413 if (V_tcp_fastopen_server_enable && IS_FASTOPEN(tp->t_flags) && (tp->t_tfo_pending != NULL) && (to->to_flags & TOF_FASTOPEN)) { @@ -1308,7 +1301,6 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t */ tfo_pending = tp->t_tfo_pending; } -#endif /* By the time we drop the lock these should no longer be used. */ so = NULL; @@ -1321,9 +1313,7 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t } else mac_syncache_create(maclabel, inp); #endif -#ifdef TCP_RFC7413 if (!tfo_cookie_valid) -#endif INP_WUNLOCK(inp); /* @@ -1369,10 +1359,8 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t sc = syncache_lookup(inc, &sch); /* returns locked entry */ SCH_LOCK_ASSERT(sch); if (sc != NULL) { -#ifdef TCP_RFC7413 if (tfo_cookie_valid) INP_WUNLOCK(inp); -#endif TCPSTAT_INC(tcps_sc_dupsyn); if (ipopts) { /* @@ -1415,13 +1403,11 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t goto done; } -#ifdef TCP_RFC7413 if (tfo_cookie_valid) { bzero(&scs, sizeof(scs)); sc = &scs; goto skip_alloc; } -#endif sc = uma_zalloc(V_tcp_syncache.zone, M_NOWAIT | M_ZERO); if (sc == NULL) { @@ -1449,11 +1435,9 @@ syncache_add(struct in_conninfo *inc, struct tcpopt *t } } -#ifdef TCP_RFC7413 skip_alloc: if (!tfo_cookie_valid && tfo_response_cookie_valid) sc->sc_tfo_cookie = &tfo_response_cookie; -#endif /* * Fill in the syncache values. @@ -1562,14 +1546,12 @@ skip_alloc: #endif SCH_UNLOCK(sch); -#ifdef TCP_RFC7413 if (tfo_cookie_valid) { syncache_tfo_expand(sc, lsop, m, tfo_response_cookie); /* INP_WUNLOCK(inp) will be performed by the caller */ rv = 1; goto tfo_expanded; } -#endif /* * Do a standard 3-way handshake. @@ -1592,7 +1574,6 @@ done: *lsop = NULL; m_freem(m); } -#ifdef TCP_RFC7413 /* * If tfo_pending is not NULL here, then a TFO SYN that did not * result in a new socket was processed and the associated pending @@ -1603,7 +1584,6 @@ done: tcp_fastopen_decrement_counter(tfo_pending); tfo_expanded: -#endif if (cred != NULL) crfree(cred); #ifdef MAC @@ -1740,7 +1720,6 @@ syncache_respond(struct syncache *sc, struct syncache_ if (sc->sc_flags & SCF_SIGNATURE) to.to_flags |= TOF_SIGNATURE; #endif -#ifdef TCP_RFC7413 if (sc->sc_tfo_cookie) { to.to_flags |= TOF_FASTOPEN; to.to_tfo_len = TCP_FASTOPEN_COOKIE_LEN; @@ -1748,7 +1727,6 @@ syncache_respond(struct syncache *sc, struct syncache_ /* don't send cookie again when retransmitting response */ sc->sc_tfo_cookie = NULL; } -#endif optlen = tcp_addoptions(&to, (u_char *)(th + 1)); /* Adjust headers by option size. */ Modified: head/sys/netinet/tcp_syncache.h ============================================================================== --- head/sys/netinet/tcp_syncache.h Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_syncache.h Mon Feb 26 03:03:41 2018 (r330002) @@ -75,9 +75,7 @@ struct syncache { #endif struct label *sc_label; /* MAC label reference */ struct ucred *sc_cred; /* cred cache for jail checks */ -#ifdef TCP_RFC7413 void *sc_tfo_cookie; /* for TCP Fast Open response */ -#endif void *sc_pspare; /* TCP_SIGNATURE */ u_int32_t sc_spare[2]; /* UTO */ }; Modified: head/sys/netinet/tcp_usrreq.c ============================================================================== --- head/sys/netinet/tcp_usrreq.c Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_usrreq.c Mon Feb 26 03:03:41 2018 (r330002) @@ -92,9 +92,7 @@ __FBSDID("$FreeBSD$"); #include #include #include -#ifdef TCP_RFC7413 #include -#endif #ifdef TCPPCAP #include #endif @@ -430,10 +428,9 @@ tcp_usr_listen(struct socket *so, int backlog, struct } SOCK_UNLOCK(so); -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) tp->t_tfo_pending = tcp_fastopen_alloc_counter(); -#endif + out: TCPDEBUG2(PRU_LISTEN); TCP_PROBE2(debug__user, tp, PRU_LISTEN); @@ -480,10 +477,9 @@ tcp6_usr_listen(struct socket *so, int backlog, struct } SOCK_UNLOCK(so); -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) tp->t_tfo_pending = tcp_fastopen_alloc_counter(); -#endif + out: TCPDEBUG2(PRU_LISTEN); TCP_PROBE2(debug__user, tp, PRU_LISTEN); @@ -848,7 +844,6 @@ tcp_usr_rcvd(struct socket *so, int flags) } tp = intotcpcb(inp); TCPDEBUG1(); -#ifdef TCP_RFC7413 /* * For passively-created TFO connections, don't attempt a window * update while still in SYN_RECEIVED as this may trigger an early @@ -859,7 +854,6 @@ tcp_usr_rcvd(struct socket *so, int flags) if (IS_FASTOPEN(tp->t_flags) && (tp->t_state == TCPS_SYN_RECEIVED)) goto out; -#endif #ifdef TCP_OFFLOAD if (tp->t_flags & TF_TOE) tcp_offload_rcvd(tp); @@ -950,12 +944,9 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf #endif if (error) goto out; -#ifdef TCP_RFC7413 if (IS_FASTOPEN(tp->t_flags)) tcp_fastopen_connect(tp); - else -#endif - { + else { tp->snd_wnd = TTCP_CLIENT_SND_WND; tcp_mss(tp, -1); } @@ -1004,13 +995,12 @@ tcp_usr_send(struct socket *so, int flags, struct mbuf * initialize window to default value, and * initialize maxseg using peer's cached MSS. */ -#ifdef TCP_RFC7413 + /* * Not going to contemplate SYN|URG */ if (IS_FASTOPEN(tp->t_flags)) tp->t_flags &= ~TF_FASTOPEN; -#endif #ifdef INET6 if (isipv6) error = tcp6_connect(tp, nam, td); @@ -1782,7 +1772,6 @@ unlock_and_done: goto unlock_and_done; #endif -#ifdef TCP_RFC7413 case TCP_FASTOPEN: { struct tcp_fastopen tfo_optval; @@ -1829,7 +1818,6 @@ unlock_and_done: tp->t_flags &= ~TF_FASTOPEN; goto unlock_and_done; } -#endif default: INP_WUNLOCK(inp); @@ -1911,14 +1899,11 @@ unlock_and_done: error = sooptcopyout(sopt, &optval, sizeof optval); break; #endif - -#ifdef TCP_RFC7413 case TCP_FASTOPEN: optval = tp->t_flags & TF_FASTOPEN; INP_WUNLOCK(inp); error = sooptcopyout(sopt, &optval, sizeof optval); break; -#endif default: INP_WUNLOCK(inp); error = ENOPROTOOPT; Modified: head/sys/netinet/tcp_var.h ============================================================================== --- head/sys/netinet/tcp_var.h Mon Feb 26 02:53:22 2018 (r330001) +++ head/sys/netinet/tcp_var.h Mon Feb 26 03:03:41 2018 (r330002) @@ -191,14 +191,12 @@ struct tcpcb { u_int t_flags2; /* More tcpcb flags storage */ struct tcp_function_block *t_fb;/* TCP function call block */ void *t_fb_ptr; /* Pointer to t_fb specific data */ -#ifdef TCP_RFC7413 uint8_t t_tfo_client_cookie_len; /* TCP Fast Open client cookie length */ unsigned int *t_tfo_pending; /* TCP Fast Open server pending counter */ union { uint8_t client[TCP_FASTOPEN_MAX_COOKIE_LEN]; uint64_t server; } t_tfo_cookie; /* TCP Fast Open cookie to send */ -#endif #ifdef TCPPCAP struct mbufq t_inpkts; /* List of saved input packets. */ struct mbufq t_outpkts; /* List of saved output packets. */