1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright (c) 1991, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2016 Joyent, Inc.
24 * Copyright 2013 Nexenta Systems, Inc. All rights reserved.
25 * Copyright (c) 2013 by Delphix. All rights reserved.
26 */
27 /* Copyright (c) 1990 Mentat Inc. */
28
29 #include <inet/ip.h>
30 #include <inet/tcp_impl.h>
31 #include <sys/multidata.h>
32 #include <sys/sunddi.h>
33
34 /* Max size IP datagram is 64k - 1 */
35 #define TCP_MSS_MAX_IPV4 (IP_MAXPACKET - (sizeof (ipha_t) + sizeof (tcpha_t)))
36 #define TCP_MSS_MAX_IPV6 (IP_MAXPACKET - (sizeof (ip6_t) + sizeof (tcpha_t)))
37
38 /* Max of the above */
39 #define TCP_MSS_MAX TCP_MSS_MAX_IPV4
40
41 /*
42 * Set the RFC 1948 pass phrase
43 */
44 /* ARGSUSED */
45 static int
46 tcp_set_1948phrase(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
47 const char *ifname, const void* pr_val, uint_t flags)
48 {
49 if (flags & MOD_PROP_DEFAULT)
50 return (ENOTSUP);
51
52 /*
53 * Basically, value contains a new pass phrase. Pass it along!
54 */
55 tcp_iss_key_init((uint8_t *)pr_val, strlen(pr_val),
56 stack->netstack_tcp);
57 return (0);
58 }
59
60 /*
61 * returns the current list of listener limit configuration.
62 */
63 /* ARGSUSED */
64 static int
65 tcp_listener_conf_get(netstack_t *stack, mod_prop_info_t *pinfo,
66 const char *ifname, void *val, uint_t psize, uint_t flags)
67 {
68 tcp_stack_t *tcps = stack->netstack_tcp;
69 tcp_listener_t *tl;
70 char *pval = val;
71 size_t nbytes = 0, tbytes = 0;
72 uint_t size;
73 int err = 0;
74
75 bzero(pval, psize);
76 size = psize;
77
78 if (flags & (MOD_PROP_DEFAULT|MOD_PROP_PERM|MOD_PROP_POSSIBLE))
79 return (0);
80
81 mutex_enter(&tcps->tcps_listener_conf_lock);
82 for (tl = list_head(&tcps->tcps_listener_conf); tl != NULL;
83 tl = list_next(&tcps->tcps_listener_conf, tl)) {
84 if (psize == size)
85 nbytes = snprintf(pval, size, "%d:%d", tl->tl_port,
86 tl->tl_ratio);
87 else
88 nbytes = snprintf(pval, size, ",%d:%d", tl->tl_port,
89 tl->tl_ratio);
90 size -= nbytes;
91 pval += nbytes;
92 tbytes += nbytes;
93 if (tbytes >= psize) {
94 /* Buffer overflow, stop copying information */
95 err = ENOBUFS;
96 break;
97 }
98 }
99
100 mutex_exit(&tcps->tcps_listener_conf_lock);
101 return (err);
102 }
103
104 /*
105 * add a new listener limit configuration.
106 */
107 /* ARGSUSED */
108 static int
109 tcp_listener_conf_add(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
110 const char *ifname, const void* pval, uint_t flags)
111 {
112 tcp_listener_t *new_tl;
113 tcp_listener_t *tl;
114 long lport;
115 long ratio;
116 char *colon;
117 tcp_stack_t *tcps = stack->netstack_tcp;
118
119 if (flags & MOD_PROP_DEFAULT)
120 return (ENOTSUP);
121
122 if (ddi_strtol(pval, &colon, 10, &lport) != 0 || lport <= 0 ||
123 lport > USHRT_MAX || *colon != ':') {
124 return (EINVAL);
125 }
126 if (ddi_strtol(colon + 1, NULL, 10, &ratio) != 0 || ratio <= 0)
127 return (EINVAL);
128
129 mutex_enter(&tcps->tcps_listener_conf_lock);
130 for (tl = list_head(&tcps->tcps_listener_conf); tl != NULL;
131 tl = list_next(&tcps->tcps_listener_conf, tl)) {
132 /* There is an existing entry, so update its ratio value. */
133 if (tl->tl_port == lport) {
134 tl->tl_ratio = ratio;
135 mutex_exit(&tcps->tcps_listener_conf_lock);
136 return (0);
137 }
138 }
139
140 if ((new_tl = kmem_alloc(sizeof (tcp_listener_t), KM_NOSLEEP)) ==
141 NULL) {
142 mutex_exit(&tcps->tcps_listener_conf_lock);
143 return (ENOMEM);
144 }
145
146 new_tl->tl_port = lport;
147 new_tl->tl_ratio = ratio;
148 list_insert_tail(&tcps->tcps_listener_conf, new_tl);
149 mutex_exit(&tcps->tcps_listener_conf_lock);
150 return (0);
151 }
152
153 /*
154 * remove a listener limit configuration.
155 */
156 /* ARGSUSED */
157 static int
158 tcp_listener_conf_del(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
159 const char *ifname, const void* pval, uint_t flags)
160 {
161 tcp_listener_t *tl;
162 long lport;
163 tcp_stack_t *tcps = stack->netstack_tcp;
164
165 if (flags & MOD_PROP_DEFAULT)
166 return (ENOTSUP);
167
168 if (ddi_strtol(pval, NULL, 10, &lport) != 0 || lport <= 0 ||
169 lport > USHRT_MAX) {
170 return (EINVAL);
171 }
172 mutex_enter(&tcps->tcps_listener_conf_lock);
173 for (tl = list_head(&tcps->tcps_listener_conf); tl != NULL;
174 tl = list_next(&tcps->tcps_listener_conf, tl)) {
175 if (tl->tl_port == lport) {
176 list_remove(&tcps->tcps_listener_conf, tl);
177 mutex_exit(&tcps->tcps_listener_conf_lock);
178 kmem_free(tl, sizeof (tcp_listener_t));
179 return (0);
180 }
181 }
182 mutex_exit(&tcps->tcps_listener_conf_lock);
183 return (ESRCH);
184 }
185
186 static int
187 tcp_set_buf_prop(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
188 const char *ifname, const void *pval, uint_t flags)
189 {
190 return (mod_set_buf_prop(stack->netstack_tcp->tcps_propinfo_tbl, stack,
191 cr, pinfo, ifname, pval, flags));
192 }
193
194 static int
195 tcp_get_buf_prop(netstack_t *stack, mod_prop_info_t *pinfo, const char *ifname,
196 void *val, uint_t psize, uint_t flags)
197 {
198 return (mod_get_buf_prop(stack->netstack_tcp->tcps_propinfo_tbl, stack,
199 pinfo, ifname, val, psize, flags));
200 }
201
202 /*
203 * Special checkers for smallest/largest anonymous port so they don't
204 * ever happen to be (largest < smallest).
205 */
206 /* ARGSUSED */
207 static int
208 tcp_smallest_anon_set(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
209 const char *ifname, const void *pval, uint_t flags)
210 {
211 unsigned long new_value;
212 tcp_stack_t *tcps = stack->netstack_tcp;
213 int err;
214
215 if ((err = mod_uint32_value(pval, pinfo, flags, &new_value)) != 0)
216 return (err);
217 /* mod_uint32_value() + pinfo guarantees we're in TCP port range. */
218 if ((uint32_t)new_value > tcps->tcps_largest_anon_port)
219 return (ERANGE);
220 pinfo->prop_cur_uval = (uint32_t)new_value;
221 return (0);
222 }
223
224 /* ARGSUSED */
225 static int
226 tcp_largest_anon_set(netstack_t *stack, cred_t *cr, mod_prop_info_t *pinfo,
227 const char *ifname, const void *pval, uint_t flags)
228 {
229 unsigned long new_value;
230 tcp_stack_t *tcps = stack->netstack_tcp;
231 int err;
232
233 if ((err = mod_uint32_value(pval, pinfo, flags, &new_value)) != 0)
234 return (err);
235 /* mod_uint32_value() + pinfo guarantees we're in TCP port range. */
236 if ((uint32_t)new_value < tcps->tcps_smallest_anon_port)
237 return (ERANGE);
238 pinfo->prop_cur_uval = (uint32_t)new_value;
239 return (0);
240 }
241
242 /*
243 * All of these are alterable, within the min/max values given, at run time.
244 *
245 * Note: All those tunables which do not start with "_" are Committed and
246 * therefore are public. See PSARC 2010/080.
247 */
248 mod_prop_info_t tcp_propinfo_tbl[] = {
249 /* tunable - 0 */
250 { "_time_wait_interval", MOD_PROTO_TCP,
251 mod_set_uint32, mod_get_uint32,
252 {1*SECONDS, TCP_TIME_WAIT_MAX, 1*MINUTES}, {1*MINUTES} },
253
254 { "_conn_req_max_q", MOD_PROTO_TCP,
255 mod_set_uint32, mod_get_uint32,
256 {1, UINT32_MAX, 128}, {128} },
257
258 { "_conn_req_max_q0", MOD_PROTO_TCP,
259 mod_set_uint32, mod_get_uint32,
260 {0, UINT32_MAX, 1024}, {1024} },
261
262 { "_conn_req_min", MOD_PROTO_TCP,
263 mod_set_uint32, mod_get_uint32,
264 {1, 1024, 1}, {1} },
265
266 { "_conn_grace_period", MOD_PROTO_TCP,
267 mod_set_uint32, mod_get_uint32,
268 {0*MS, 20*SECONDS, 0*MS}, {0*MS} },
269
270 { "_cwnd_max", MOD_PROTO_TCP,
271 mod_set_uint32, mod_get_uint32,
272 {128, ULP_MAX_BUF, 1024*1024}, {1024*1024} },
273
274 { "_debug", MOD_PROTO_TCP,
275 mod_set_uint32, mod_get_uint32,
276 {0, 10, 0}, {0} },
277
278 { "smallest_nonpriv_port", MOD_PROTO_TCP,
279 mod_set_uint32, mod_get_uint32,
280 {1024, (32*1024), 1024}, {1024} },
281
282 { "_ip_abort_cinterval", MOD_PROTO_TCP,
283 mod_set_uint32, mod_get_uint32,
284 {1*SECONDS, UINT32_MAX, 3*MINUTES}, {3*MINUTES} },
285
286 { "_ip_abort_linterval", MOD_PROTO_TCP,
287 mod_set_uint32, mod_get_uint32,
288 {1*SECONDS, UINT32_MAX, 3*MINUTES}, {3*MINUTES} },
289
290 /* tunable - 10 */
291 { "_ip_abort_interval", MOD_PROTO_TCP,
292 mod_set_uint32, mod_get_uint32,
293 {500*MS, UINT32_MAX, 5*MINUTES}, {5*MINUTES} },
294
295 { "_ip_notify_cinterval", MOD_PROTO_TCP,
296 mod_set_uint32, mod_get_uint32,
297 {1*SECONDS, UINT32_MAX, 10*SECONDS},
298 {10*SECONDS} },
299
300 { "_ip_notify_interval", MOD_PROTO_TCP,
301 mod_set_uint32, mod_get_uint32,
302 {500*MS, UINT32_MAX, 10*SECONDS}, {10*SECONDS} },
303
304 { "_ipv4_ttl", MOD_PROTO_TCP,
305 mod_set_uint32, mod_get_uint32,
306 {1, 255, 64}, {64} },
307
308 { "_keepalive_interval", MOD_PROTO_TCP,
309 mod_set_uint32, mod_get_uint32,
310 {1*SECONDS, 10*DAYS, 2*HOURS}, {2*HOURS} },
311
312 { "_maxpsz_multiplier", MOD_PROTO_TCP,
313 mod_set_uint32, mod_get_uint32,
314 {0, 100, 10}, {10} },
315
316 { "_mss_def_ipv4", MOD_PROTO_TCP,
317 mod_set_uint32, mod_get_uint32,
318 {1, TCP_MSS_MAX_IPV4, 536}, {536} },
319
320 { "_mss_max_ipv4", MOD_PROTO_TCP,
321 mod_set_uint32, mod_get_uint32,
322 {1, TCP_MSS_MAX_IPV4, TCP_MSS_MAX_IPV4},
323 {TCP_MSS_MAX_IPV4} },
324
325 { "_mss_min", MOD_PROTO_TCP,
326 mod_set_uint32, mod_get_uint32,
327 {1, TCP_MSS_MAX, 108}, {108} },
328
329 { "_naglim_def", MOD_PROTO_TCP,
330 mod_set_uint32, mod_get_uint32,
331 {1, (64*1024)-1, (4*1024)-1}, {(4*1024)-1} },
332
333 /* tunable - 20 */
334 { "_rexmit_interval_initial", MOD_PROTO_TCP,
335 mod_set_uint32, mod_get_uint32,
336 {1*MS, 20*SECONDS, 1*SECONDS}, {1*SECONDS} },
337
338 { "_rexmit_interval_max", MOD_PROTO_TCP,
339 mod_set_uint32, mod_get_uint32,
340 {1*MS, 2*HOURS, 60*SECONDS}, {60*SECONDS} },
341
342 { "_rexmit_interval_min", MOD_PROTO_TCP,
343 mod_set_uint32, mod_get_uint32,
344 {1*MS, 2*HOURS, 400*MS}, {400*MS} },
345
346 { "_deferred_ack_interval", MOD_PROTO_TCP,
347 mod_set_uint32, mod_get_uint32,
348 {1*MS, 1*MINUTES, 100*MS}, {100*MS} },
349
350 { "_snd_lowat_fraction", MOD_PROTO_TCP,
351 mod_set_uint32, mod_get_uint32,
352 {0, 16, 10}, {10} },
353
354 { "_dupack_fast_retransmit", MOD_PROTO_TCP,
355 mod_set_uint32, mod_get_uint32,
356 {1, 10000, 3}, {3} },
357
358 { "_ignore_path_mtu", MOD_PROTO_TCP,
359 mod_set_boolean, mod_get_boolean,
360 {B_FALSE}, {B_FALSE} },
361
362 { "smallest_anon_port", MOD_PROTO_TCP,
363 tcp_smallest_anon_set, mod_get_uint32,
364 {1024, ULP_MAX_PORT, 32*1024}, {32*1024} },
365
366 { "largest_anon_port", MOD_PROTO_TCP,
367 tcp_largest_anon_set, mod_get_uint32,
368 {1024, ULP_MAX_PORT, ULP_MAX_PORT},
369 {ULP_MAX_PORT} },
370
371 { "send_buf", MOD_PROTO_TCP,
372 tcp_set_buf_prop, tcp_get_buf_prop,
373 {TCP_XMIT_LOWATER, ULP_MAX_BUF, TCP_XMIT_HIWATER},
374 {TCP_XMIT_HIWATER} },
375
376 /* tunable - 30 */
377 { "_xmit_lowat", MOD_PROTO_TCP,
378 mod_set_uint32, mod_get_uint32,
379 {TCP_XMIT_LOWATER, ULP_MAX_BUF, TCP_XMIT_LOWATER},
380 {TCP_XMIT_LOWATER} },
381
382 { "recv_buf", MOD_PROTO_TCP,
383 tcp_set_buf_prop, tcp_get_buf_prop,
384 {TCP_RECV_LOWATER, ULP_MAX_BUF, TCP_RECV_HIWATER},
385 {TCP_RECV_HIWATER} },
386
387 { "_recv_hiwat_minmss", MOD_PROTO_TCP,
388 mod_set_uint32, mod_get_uint32,
389 {1, 65536, 4}, {4} },
390
391 { "_fin_wait_2_flush_interval", MOD_PROTO_TCP,
392 mod_set_uint32, mod_get_uint32,
393 {1*SECONDS, 2*HOURS, 60*SECONDS},
394 {60*SECONDS} },
395
396 { "max_buf", MOD_PROTO_TCP,
397 mod_set_uint32, mod_get_uint32,
398 {8192, ULP_MAX_BUF, 1024*1024}, {1024*1024} },
399
400 { "_strong_iss", MOD_PROTO_TCP,
401 mod_set_uint32, mod_get_uint32,
402 {0, 2, 2}, {2} },
403
404 { "_rtt_updates", MOD_PROTO_TCP,
405 mod_set_uint32, mod_get_uint32,
406 {0, 65536, 20}, {20} },
407
408 { "_wscale_always", MOD_PROTO_TCP,
409 mod_set_boolean, mod_get_boolean,
410 {B_TRUE}, {B_TRUE} },
411
412 { "_tstamp_always", MOD_PROTO_TCP,
413 mod_set_boolean, mod_get_boolean,
414 {B_FALSE}, {B_FALSE} },
415
416 { "_tstamp_if_wscale", MOD_PROTO_TCP,
417 mod_set_boolean, mod_get_boolean,
418 {B_TRUE}, {B_TRUE} },
419
420 /* tunable - 40 */
421 { "_rexmit_interval_extra", MOD_PROTO_TCP,
422 mod_set_uint32, mod_get_uint32,
423 {0*MS, 2*HOURS, 0*MS}, {0*MS} },
424
425 { "_deferred_acks_max", MOD_PROTO_TCP,
426 mod_set_uint32, mod_get_uint32,
427 {0, 16, 2}, {2} },
428
429 { "_slow_start_after_idle", MOD_PROTO_TCP,
430 mod_set_uint32, mod_get_uint32,
431 {0, 16384, 0}, {0} },
432
433 { "_slow_start_initial", MOD_PROTO_TCP,
434 mod_set_uint32, mod_get_uint32,
435 {0, 16, 0}, {0} },
436
437 { "sack", MOD_PROTO_TCP,
438 mod_set_uint32, mod_get_uint32,
439 {0, 2, 2}, {2} },
440
441 { "_ipv6_hoplimit", MOD_PROTO_TCP,
442 mod_set_uint32, mod_get_uint32,
443 {0, IPV6_MAX_HOPS, IPV6_DEFAULT_HOPS},
444 {IPV6_DEFAULT_HOPS} },
445
446 { "_mss_def_ipv6", MOD_PROTO_TCP,
447 mod_set_uint32, mod_get_uint32,
448 {1, TCP_MSS_MAX_IPV6, 1220}, {1220} },
449
450 { "_mss_max_ipv6", MOD_PROTO_TCP,
451 mod_set_uint32, mod_get_uint32,
452 {1, TCP_MSS_MAX_IPV6, TCP_MSS_MAX_IPV6},
453 {TCP_MSS_MAX_IPV6} },
454
455 { "_rev_src_routes", MOD_PROTO_TCP,
456 mod_set_boolean, mod_get_boolean,
457 {B_FALSE}, {B_FALSE} },
458
459 { "_local_dack_interval", MOD_PROTO_TCP,
460 mod_set_uint32, mod_get_uint32,
461 {10*MS, 500*MS, 50*MS}, {50*MS} },
462
463 /* tunable - 50 */
464 { "_local_dacks_max", MOD_PROTO_TCP,
465 mod_set_uint32, mod_get_uint32,
466 {0, 16, 8}, {8} },
467
468 { "ecn", MOD_PROTO_TCP,
469 mod_set_uint32, mod_get_uint32,
470 {0, 2, 1}, {1} },
471
472 { "_rst_sent_rate_enabled", MOD_PROTO_TCP,
473 mod_set_boolean, mod_get_boolean,
474 {B_TRUE}, {B_TRUE} },
475
476 { "_rst_sent_rate", MOD_PROTO_TCP,
477 mod_set_uint32, mod_get_uint32,
478 {0, UINT32_MAX, 40}, {40} },
479
480 { "_push_timer_interval", MOD_PROTO_TCP,
481 mod_set_uint32, mod_get_uint32,
482 {0, 100*MS, 50*MS}, {50*MS} },
483
484 { "_use_smss_as_mss_opt", MOD_PROTO_TCP,
485 mod_set_boolean, mod_get_boolean,
486 {B_FALSE}, {B_FALSE} },
487
488 { "_keepalive_abort_interval", MOD_PROTO_TCP,
489 mod_set_uint32, mod_get_uint32,
490 {0, UINT32_MAX, 8*MINUTES}, {8*MINUTES} },
491
492 /*
493 * tcp_wroff_xtra is the extra space in front of TCP/IP header for link
494 * layer header. It has to be a multiple of 8.
495 */
496 { "_wroff_xtra", MOD_PROTO_TCP,
497 mod_set_aligned, mod_get_uint32,
498 {0, 256, 32}, {32} },
499
500 { "_dev_flow_ctl", MOD_PROTO_TCP,
501 mod_set_boolean, mod_get_boolean,
502 {B_FALSE}, {B_FALSE} },
503
504 { "_reass_timeout", MOD_PROTO_TCP,
505 mod_set_uint32, mod_get_uint32,
506 {0, UINT32_MAX, 100*SECONDS}, {100*SECONDS} },
507
508 /* tunable - 60 */
509 { "extra_priv_ports", MOD_PROTO_TCP,
510 mod_set_extra_privports, mod_get_extra_privports,
511 {1, ULP_MAX_PORT, 0}, {0} },
512
513 { "_1948_phrase", MOD_PROTO_TCP,
514 tcp_set_1948phrase, NULL, {0}, {0} },
515
516 { "_listener_limit_conf", MOD_PROTO_TCP,
517 NULL, tcp_listener_conf_get, {0}, {0} },
518
519 { "_listener_limit_conf_add", MOD_PROTO_TCP,
520 tcp_listener_conf_add, NULL, {0}, {0} },
521
522 { "_listener_limit_conf_del", MOD_PROTO_TCP,
523 tcp_listener_conf_del, NULL, {0}, {0} },
524
525 { "_iss_incr", MOD_PROTO_TCP,
526 mod_set_uint32, mod_get_uint32,
527 {1, ISS_INCR, ISS_INCR},
528 {ISS_INCR} },
529
530 { "?", MOD_PROTO_TCP, NULL, mod_get_allprop, {0}, {0} },
531
532 { NULL, 0, NULL, NULL, {0}, {0} }
533 };
534
535 int tcp_propinfo_count = A_CNT(tcp_propinfo_tbl);