From owner-p4-projects@FreeBSD.ORG Wed Dec 12 06:39:43 2007 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5928516A420; Wed, 12 Dec 2007 06:39:43 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E08EE16A41B for ; Wed, 12 Dec 2007 06:39:42 +0000 (UTC) (envelope-from kmacy@freebsd.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id CBB1C13C46E for ; Wed, 12 Dec 2007 06:39:42 +0000 (UTC) (envelope-from kmacy@freebsd.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.1/8.14.1) with ESMTP id lBC6dgMI030163 for ; Wed, 12 Dec 2007 06:39:42 GMT (envelope-from kmacy@freebsd.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.1/8.14.1/Submit) id lBC6dg8C030160 for perforce@freebsd.org; Wed, 12 Dec 2007 06:39:42 GMT (envelope-from kmacy@freebsd.org) Date: Wed, 12 Dec 2007 06:39:42 GMT Message-Id: <200712120639.lBC6dg8C030160@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to kmacy@freebsd.org using -f From: Kip Macy To: Perforce Change Reviews Cc: Subject: PERFORCE change 130677 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Dec 2007 06:39:43 -0000 http://perforce.freebsd.org/chv.cgi?CH=130677 Change 130677 by kmacy@kmacy:storage:toehead on 2007/12/12 06:38:52 add interface to syncache to release external resources for offloaded connections Affected files ... .. //depot/projects/toehead/sys/netinet/tcp_ofld.h#4 edit .. //depot/projects/toehead/sys/netinet/tcp_syncache.c#3 edit .. //depot/projects/toehead/sys/netinet/tcp_syncache.h#2 edit Differences ... ==== //depot/projects/toehead/sys/netinet/tcp_ofld.h#4 (text+ko) ==== @@ -1,6 +1,8 @@ #ifndef _NETINET_TCP_OFLD_H_ #define _NETINET_TCP_OFLD_H_ +#define SC_ENTRY_PRESENT 1 +#define SC_DROP 2 #define tp_offload(tp) ((tp)->t_flags & TF_TOE) #define SO_OFFLOADABLE(so) ((so->so_options & SO_NOOFFLOAD) == 0) @@ -13,7 +15,6 @@ int ofld_disconnect(struct tcpcb *tp); int ofld_abort(struct tcpcb *tp); void ofld_detach(struct tcpcb *tp); - void ofld_listen_open(struct tcpcb *tp); void ofld_listen_close(struct tcpcb *tp); ==== //depot/projects/toehead/sys/netinet/tcp_syncache.c#3 (text+ko) ==== @@ -31,7 +31,7 @@ */ #include -__FBSDID("$FreeBSD: src/sys/netinet/tcp_syncache.c,v 1.138 2007/12/12 06:11:50 kmacy Exp $"); +__FBSDID("$FreeBSD: src/sys/netinet/tcp_syncache.c,v 1.137 2007/12/07 01:46:13 kmacy Exp $"); #include "opt_inet.h" #include "opt_inet6.h" @@ -78,6 +78,7 @@ #include #include #include +#include #ifdef INET6 #include #endif @@ -136,7 +137,8 @@ #define SCF_SIGNATURE 0x20 /* send MD5 digests */ #define SCF_SACK 0x80 /* send SACK option */ #ifndef DISABLE_TCP_OFFLOAD - void *sc_pspare[2]; /* toepcb / toe_usrreqs */ + struct toe_usrreqs *sc_tu; /* TOE operations */ + void *sc_toepcb; /* TOE protocol block */ #endif #ifdef MAC struct label *sc_label; /* MAC label reference */ @@ -356,6 +358,10 @@ TAILQ_REMOVE(&sch->sch_bucket, sc, sc_hash); sch->sch_length--; +#ifndef DISABLE_TCP_OFFLOAD + if (sc->sc_tu) + sc->sc_tu->tu_syncache_event(SC_DROP, sc->sc_toepcb); +#endif syncache_free(sc); tcp_syncache.cache_count--; } @@ -406,7 +412,6 @@ sch->sch_nextc = sc->sc_rxttime; continue; } - if (sc->sc_rxmits > tcp_syncache.rexmt_limit) { if ((s = tcp_log_addrs(&sc->sc_inc, NULL, NULL, NULL))) { log(LOG_DEBUG, "%s; %s: Retransmits exhausted, " @@ -873,7 +878,7 @@ * Segment validation: * ACK must match our initial sequence number + 1 (the SYN|ACK). */ - if (th->th_ack != sc->sc_iss + 1) { + if (th->th_ack != sc->sc_iss + 1 && sc->sc_toepcb == NULL) { if ((s = tcp_log_addrs(inc, th, NULL, NULL))) log(LOG_DEBUG, "%s; %s: ACK %u != ISS+1 %u, segment " "rejected\n", s, __func__, th->th_ack, sc->sc_iss); @@ -884,7 +889,7 @@ * number + 1 (the SYN) because we didn't ACK any data that * may have come with the SYN. */ - if (th->th_seq != sc->sc_irs + 1) { + if (th->th_seq != sc->sc_irs + 1 && sc->sc_toepcb == NULL) { if ((s = tcp_log_addrs(inc, th, NULL, NULL))) log(LOG_DEBUG, "%s; %s: SEQ %u != IRS+1 %u, segment " "rejected\n", s, __func__, th->th_seq, sc->sc_irs); @@ -901,7 +906,8 @@ * If timestamps were negotiated the reflected timestamp * must be equal to what we actually sent in the SYN|ACK. */ - if ((to->to_flags & TOF_TS) && to->to_tsecr != sc->sc_ts) { + if ((to->to_flags & TOF_TS) && to->to_tsecr != sc->sc_ts && + sc->sc_toepcb == NULL) { if ((s = tcp_log_addrs(inc, th, NULL, NULL))) log(LOG_DEBUG, "%s; %s: TSECR %u != TS %u, " "segment rejected\n", @@ -941,9 +947,10 @@ * consume all available buffer space if it were ACKed. By not ACKing * the data, we avoid this DoS scenario. */ -void -syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, - struct inpcb *inp, struct socket **lsop, struct mbuf *m) +static void +_syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, + struct inpcb *inp, struct socket **lsop, struct mbuf *m, + struct toe_usrreqs *tu, void *toepcb) { struct tcpcb *tp; struct socket *so; @@ -1021,6 +1028,11 @@ sc = syncache_lookup(inc, &sch); /* returns locked entry */ SCH_LOCK_ASSERT(sch); if (sc != NULL) { +#ifndef DISABLE_TCP_OFFLOAD + if (sc->sc_tu) + sc->sc_tu->tu_syncache_event(SC_ENTRY_PRESENT, + sc->sc_toepcb); +#endif tcpstat.tcps_sc_dupsyn++; if (ipopts) { /* @@ -1055,7 +1067,7 @@ s, __func__); free(s, M_TCPLOG); } - if (syncache_respond(sc) == 0) { + if ((sc->sc_toepcb == NULL) && syncache_respond(sc) == 0) { sc->sc_rxmits = 0; syncache_timeout(sc, sch, 1); tcpstat.tcps_sndacks++; @@ -1088,7 +1100,7 @@ } } } - + /* * Fill in the syncache values. */ @@ -1104,7 +1116,10 @@ sc->sc_ip_tos = ip_tos; sc->sc_ip_ttl = ip_ttl; } - +#ifndef DISABLE_TCP_OFFLOAD + sc->sc_tu = tu; + sc->sc_toepcb = toepcb; +#endif sc->sc_irs = th->th_seq; sc->sc_iss = arc4random(); sc->sc_flags = 0; @@ -1196,7 +1211,7 @@ /* * Do a standard 3-way handshake. */ - if (syncache_respond(sc) == 0) { + if (sc->sc_toepcb || syncache_respond(sc) == 0) { if (tcp_syncookies && tcp_syncookiesonly && sc != &scs) syncache_free(sc); else if (sc != &scs) @@ -1214,8 +1229,11 @@ if (sc == &scs) mac_syncache_destroy(&maclabel); #endif - *lsop = NULL; - m_freem(m); + if (m) { + + *lsop = NULL; + m_freem(m); + } return; } @@ -1374,6 +1392,21 @@ return (error); } +void +syncache_add(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th, + struct inpcb *inp, struct socket **lsop, struct mbuf *m) +{ + _syncache_add(inc, to, th, inp, lsop, m, NULL, NULL); +} + +void +syncache_offload_add(struct in_conninfo *inc, struct tcpopt *to, + struct tcphdr *th, struct inpcb *inp, struct socket **lsop, + struct toe_usrreqs *tu, void *toepcb) +{ + _syncache_add(inc, to, th, inp, lsop, NULL, tu, toepcb); +} + /* * The purpose of SYN cookies is to avoid keeping track of all SYN's we * receive and to be able to handle SYN floods from bogus source addresses @@ -1699,4 +1732,3 @@ *pcbs_exported = count; return error; } - ==== //depot/projects/toehead/sys/netinet/tcp_syncache.h#2 (text+ko) ==== @@ -40,6 +40,9 @@ struct tcphdr *, struct socket **, struct mbuf *); void syncache_add(struct in_conninfo *, struct tcpopt *, struct tcphdr *, struct inpcb *, struct socket **, struct mbuf *); +void syncache_offload_add(struct in_conninfo *, struct tcpopt *, + struct tcphdr *, struct inpcb *, struct socket **, + struct toe_usrreqs *tu, void *toepcb); void syncache_chkrst(struct in_conninfo *, struct tcphdr *); void syncache_badack(struct in_conninfo *); int syncache_pcbcount(void);