TCPCT part 1c: sysctl_tcp_cookie_size, socket option TCP_COOKIE_TRANSACTIONS

Define sysctl (tcp_cookie_size) to turn on and off the cookie option default globally, instead of a compiled configuration option. Define per socket option (TCP_COOKIE_TRANSACTIONS) for setting constant data values, retrieving variable cookie values, and other facilities. Move inline tcp_clear_options() unchanged from net/tcp.h to linux/tcp.h, near its corresponding struct tcp_options_received (prior to changes). This is a straightforward re-implementation of an earlier (year-old) patch that no longer applies cleanly, with permission of the original author (Adam Langley): http://thread.gmane.org/gmane.linux.network/102586 These functions will also be used in subsequent patches that implement additional features. Requires: net: TCP_MSS_DEFAULT, TCP_MSS_DESIRED Signed-off-by: William.Allen.Simpson@gmail.com Signed-off-by: David S. Miller <davem@davemloft.net>
author: William Allen Simpson <william.allen.simpson@gmail.com> 2009-12-02 13:14:19 -0500
committer: David S. Miller <davem@davemloft.net> 2009-12-03 01:07:24 -0500
commit: 519855c508b9a17878c0977a3cdefc09b59b30df (patch)
tree: df6840c5c1560a84cb777b1855ec22c90c3df8d9 /include/linux/tcp.h
parent: da5c78c82629a167794436e4306b4cf1faddea90 (diff)
1 files changed, 32 insertions, 1 deletions
diff --git a/include/linux/tcp.h b/include/linux/tcp.h
index 32d7d77b4a01..eaa3113b3786 100644
--- a/include/linux/tcp.h
+++ b/include/linux/tcp.h
@@ -102,7 +102,9 @@ enum {
 #define TCP_QUICKACK            12      /* Block/reenable quick acks */
 #define TCP_CONGESTION          13      /* Congestion control algorithm */
 #define TCP_MD5SIG              14      /* TCP MD5 Signature (RFC2385) */
+#define TCP_COOKIE_TRANSACTIONS 15      /* TCP Cookie Transactions */
+/* for TCP_INFO socket option */
 #define TCPI_OPT_TIMESTAMPS     1
 #define TCPI_OPT_SACK           2
 #define TCPI_OPT_WSCALE         4
@@ -174,6 +176,30 @@ struct tcp_md5sig {
        __u8    tcpm_key[TCP_MD5SIG_MAXKEYLEN];         /* key (binary) */
 };
+/* for TCP_COOKIE_TRANSACTIONS (TCPCT) socket option */
+#define TCP_COOKIE_MIN           8              /*  64-bits */
+#define TCP_COOKIE_MAX          16              /* 128-bits */
+#define TCP_COOKIE_PAIR_SIZE    (2*TCP_COOKIE_MAX)
+/* Flags for both getsockopt and setsockopt */
+#define TCP_COOKIE_IN_ALWAYS    (1 << 0)        /* Discard SYN without cookie */
+#define TCP_COOKIE_OUT_NEVER    (1 << 1)        /* Prohibit outgoing cookies,
+                                                 * supercedes everything. */
+/* Flags for getsockopt */
+#define TCP_S_DATA_IN           (1 << 2)        /* Was data received? */
+#define TCP_S_DATA_OUT          (1 << 3)        /* Was data sent? */
+/* TCP_COOKIE_TRANSACTIONS data */
+struct tcp_cookie_transactions {
+        __u16   tcpct_flags;                    /* see above */
+        __u8    __tcpct_pad1;                   /* zero */
+        __u8    tcpct_cookie_desired;           /* bytes */
+        __u16   tcpct_s_data_desired;           /* bytes of variable data */
+        __u16   tcpct_used;                     /* bytes in value */
+        __u8    tcpct_value[TCP_MSS_DEFAULT];
+};
 #ifdef __KERNEL__
 #include <linux/skbuff.h>
@@ -227,6 +253,11 @@ struct tcp_options_received {
        u16     mss_clamp;      /* Maximal mss, negotiated at connection setup */
 };
+static inline void tcp_clear_options(struct tcp_options_received *rx_opt)
+{
+        rx_opt->tstamp_ok = rx_opt->sack_ok = rx_opt->wscale_ok = rx_opt->snd_wscale = 0;
+}
 /* This is the max number of SACKS that we'll generate and process. It's safe
 * to increse this, although since:
 *   size = TCPOLEN_SACK_BASE_ALIGNED (4) + n * TCPOLEN_SACK_PERBLOCK (8)
@@ -435,6 +466,6 @@ static inline struct tcp_timewait_sock *tcp_twsk(const struct sock *sk)
        return (struct tcp_timewait_sock *)sk;
 }
-#endif
+#endif  /* __KERNEL__ */
 #endif  /* _LINUX_TCP_H */
author	William Allen Simpson <william.allen.simpson@gmail.com>	2009-12-02 13:14:19 -0500
committer	David S. Miller <davem@davemloft.net>	2009-12-03 01:07:24 -0500
commit	519855c508b9a17878c0977a3cdefc09b59b30df (patch)
tree	df6840c5c1560a84cb777b1855ec22c90c3df8d9 /include/linux/tcp.h
parent	da5c78c82629a167794436e4306b4cf1faddea90 (diff)

diff --git a/include/linux/tcp.h b/include/linux/tcp.h index 32d7d77b4a01..eaa3113b3786 100644 --- a/include/linux/tcp.h +++ b/include/linux/tcp.h
@@ -102,7 +102,9 @@ enum {
102	#define TCP_QUICKACK 12 /* Block/reenable quick acks */	102	#define TCP_QUICKACK 12 /* Block/reenable quick acks */
103	#define TCP_CONGESTION 13 /* Congestion control algorithm */	103	#define TCP_CONGESTION 13 /* Congestion control algorithm */
104	#define TCP_MD5SIG 14 /* TCP MD5 Signature (RFC2385) */	104	#define TCP_MD5SIG 14 /* TCP MD5 Signature (RFC2385) */
		105	#define TCP_COOKIE_TRANSACTIONS 15 /* TCP Cookie Transactions */
105		106
		107	/* for TCP_INFO socket option */
106	#define TCPI_OPT_TIMESTAMPS 1	108	#define TCPI_OPT_TIMESTAMPS 1
107	#define TCPI_OPT_SACK 2	109	#define TCPI_OPT_SACK 2
108	#define TCPI_OPT_WSCALE 4	110	#define TCPI_OPT_WSCALE 4
@@ -174,6 +176,30 @@ struct tcp_md5sig {
174	__u8 tcpm_key[TCP_MD5SIG_MAXKEYLEN]; /* key (binary) */	176	__u8 tcpm_key[TCP_MD5SIG_MAXKEYLEN]; /* key (binary) */
175	};	177	};
176		178
		179	/* for TCP_COOKIE_TRANSACTIONS (TCPCT) socket option */
		180	#define TCP_COOKIE_MIN 8 /* 64-bits */
		181	#define TCP_COOKIE_MAX 16 /* 128-bits */
		182	#define TCP_COOKIE_PAIR_SIZE (2*TCP_COOKIE_MAX)
		183
		184	/* Flags for both getsockopt and setsockopt */
		185	#define TCP_COOKIE_IN_ALWAYS (1 << 0) /* Discard SYN without cookie */
		186	#define TCP_COOKIE_OUT_NEVER (1 << 1) /* Prohibit outgoing cookies,
		187	* supercedes everything. */
		188
		189	/* Flags for getsockopt */
		190	#define TCP_S_DATA_IN (1 << 2) /* Was data received? */
		191	#define TCP_S_DATA_OUT (1 << 3) /* Was data sent? */
		192
		193	/* TCP_COOKIE_TRANSACTIONS data */
		194	struct tcp_cookie_transactions {
		195	__u16 tcpct_flags; /* see above */
		196	__u8 __tcpct_pad1; /* zero */
		197	__u8 tcpct_cookie_desired; /* bytes */
		198	__u16 tcpct_s_data_desired; /* bytes of variable data */
		199	__u16 tcpct_used; /* bytes in value */
		200	__u8 tcpct_value[TCP_MSS_DEFAULT];
		201	};
		202
177	#ifdef __KERNEL__	203	#ifdef __KERNEL__
178		204
179	#include <linux/skbuff.h>	205	#include <linux/skbuff.h>
@@ -227,6 +253,11 @@ struct tcp_options_received {
227	u16 mss_clamp; /* Maximal mss, negotiated at connection setup */	253	u16 mss_clamp; /* Maximal mss, negotiated at connection setup */
228	};	254	};
229		255
		256	static inline void tcp_clear_options(struct tcp_options_received *rx_opt)
		257	{
		258	rx_opt->tstamp_ok = rx_opt->sack_ok = rx_opt->wscale_ok = rx_opt->snd_wscale = 0;
		259	}
		260
230	/* This is the max number of SACKS that we'll generate and process. It's safe	261	/* This is the max number of SACKS that we'll generate and process. It's safe
231	* to increse this, although since:	262	* to increse this, although since:
232	* size = TCPOLEN_SACK_BASE_ALIGNED (4) + n * TCPOLEN_SACK_PERBLOCK (8)	263	* size = TCPOLEN_SACK_BASE_ALIGNED (4) + n * TCPOLEN_SACK_PERBLOCK (8)
@@ -435,6 +466,6 @@ static inline struct tcp_timewait_sock tcp_twsk(const struct sock sk)
435	return (struct tcp_timewait_sock *)sk;	466	return (struct tcp_timewait_sock *)sk;
436	}	467	}
437		468
438	#endif	469	#endif /* __KERNEL__ */
439		470
440	#endif /* _LINUX_TCP_H */	471	#endif /* _LINUX_TCP_H */