diff options
Diffstat (limited to 'freebsd/sys/netinet/tcp_syncache.h')
| -rw-r--r-- | freebsd/sys/netinet/tcp_syncache.h | 47 |
1 files changed, 32 insertions, 15 deletions
diff --git a/freebsd/sys/netinet/tcp_syncache.h b/freebsd/sys/netinet/tcp_syncache.h index c55bfbcd..6b12c13a 100644 --- a/freebsd/sys/netinet/tcp_syncache.h +++ b/freebsd/sys/netinet/tcp_syncache.h @@ -41,13 +41,11 @@ void syncache_destroy(void); void syncache_unreach(struct in_conninfo *, struct tcphdr *); int syncache_expand(struct in_conninfo *, struct tcpopt *, struct tcphdr *, struct socket **, struct mbuf *); -void syncache_add(struct in_conninfo *, struct tcpopt *, - struct tcphdr *, struct inpcb *, struct socket **, struct mbuf *); -void tcp_offload_syncache_add(struct in_conninfo *, struct tcpopt *, - struct tcphdr *, struct inpcb *, struct socket **, void *, void *); +int syncache_add(struct in_conninfo *, struct tcpopt *, + struct tcphdr *, struct inpcb *, struct socket **, struct mbuf *, + void *, void *); void syncache_chkrst(struct in_conninfo *, struct tcphdr *); void syncache_badack(struct in_conninfo *); -int syncache_pcbcount(void); int syncache_pcblist(struct sysctl_req *req, int max_pcbs, int *pcbs_exported); struct syncache { @@ -75,7 +73,10 @@ struct syncache { #endif struct label *sc_label; /* MAC label reference */ struct ucred *sc_cred; /* cred cache for jail checks */ - +#ifdef TCP_RFC7413 + void *sc_tfo_cookie; /* for TCP Fast Open response */ +#endif + void *sc_pspare; /* TCP_SIGNATURE */ u_int32_t sc_spare[2]; /* UTO */ }; @@ -91,20 +92,23 @@ struct syncache { #define SCF_SACK 0x80 /* send SACK option */ #define SCF_ECN 0x100 /* send ECN setup packet */ -#define SYNCOOKIE_SECRET_SIZE 8 /* dwords */ -#define SYNCOOKIE_LIFETIME 16 /* seconds */ - struct syncache_head { - struct vnet *sch_vnet; struct mtx sch_mtx; TAILQ_HEAD(sch_head, syncache) sch_bucket; struct callout sch_timer; int sch_nextc; u_int sch_length; - u_int sch_oddeven; - u_int32_t sch_secbits_odd[SYNCOOKIE_SECRET_SIZE]; - u_int32_t sch_secbits_even[SYNCOOKIE_SECRET_SIZE]; - u_int sch_reseed; /* time_uptime, seconds */ + struct tcp_syncache *sch_sc; +}; + +#define SYNCOOKIE_SECRET_SIZE 16 +#define SYNCOOKIE_LIFETIME 15 /* seconds */ + +struct syncookie_secret { + volatile u_int oddeven; + uint8_t key[2][SYNCOOKIE_SECRET_SIZE]; + struct callout reseed; + u_int lifetime; }; struct tcp_syncache { @@ -115,7 +119,20 @@ struct tcp_syncache { u_int bucket_limit; u_int cache_limit; u_int rexmt_limit; - u_int hash_secret; + uint32_t hash_secret; + struct vnet *vnet; + struct syncookie_secret secret; +}; + +/* Internal use for the syncookie functions. */ +union syncookie { + uint8_t cookie; + struct { + uint8_t odd_even:1, + sack_ok:1, + wscale_idx:3, + mss_idx:3; + } flags; }; #endif /* _KERNEL */ |