net-tcp: Fast Open base

This patch impelements the common code for both the client and server.

1. TCP Fast Open option processing. Since Fast Open does not have an
   option number assigned by IANA yet, it shares the experiment option
   code 254 by implementing draft-ietf-tcpm-experimental-options
   with a 16 bits magic number 0xF989. This enables global experiments
   without clashing the scarce(2) experimental options available for TCP.

   When the draft status becomes standard (maybe), the client should
   switch to the new option number assigned while the server supports
   both numbers for transistion.

2. The new sysctl tcp_fastopen

3. A place holder init function

Signed-off-by: Yuchung Cheng <ycheng@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

8 files changed, 66 insertions, 13 deletions

diff --git a/net/ipv4/Makefile b/net/ipv4/Makefile
index a677d804e53e..ae2ccf2890e4 100644
--- a/net/ipv4/Makefile
+++ b/net/ipv4/Makefile
@@ -7,7 +7,7 @@ obj-y     := route.o inetpeer.o protocol.o \
              ip_output.o ip_sockglue.o inet_hashtables.o \
              inet_timewait_sock.o inet_connection_sock.o \
              tcp.o tcp_input.o tcp_output.o tcp_timer.o tcp_ipv4.o \
-             tcp_minisocks.o tcp_cong.o tcp_metrics.o \
+             tcp_minisocks.o tcp_cong.o tcp_metrics.o tcp_fastopen.o \
              datagram.o raw.o udp.o udplite.o \
              arp.o icmp.o devinet.o af_inet.o  igmp.o \
              fib_frontend.o fib_semantics.o fib_trie.o \
diff --git a/net/ipv4/syncookies.c b/net/ipv4/syncookies.c
index eab2a7fb15d1..650e1528e1e6 100644
--- a/net/ipv4/syncookies.c
+++ b/net/ipv4/syncookies.c
@@ -293,7 +293,7 @@ struct sock *cookie_v4_check(struct sock *sk, struct sk_buff *skb,
 
         /* check for timestamp cookie support */
         memset(&tcp_opt, 0, sizeof(tcp_opt));
-        tcp_parse_options(skb, &tcp_opt, &hash_location, 0);
+        tcp_parse_options(skb, &tcp_opt, &hash_location, 0, NULL);
 
         if (!cookie_check_timestamp(&tcp_opt, &ecn_ok))
                 goto out;
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c
index 3f6a1e762e9c..5840c3255721 100644
--- a/net/ipv4/sysctl_net_ipv4.c
+++ b/net/ipv4/sysctl_net_ipv4.c
@@ -367,6 +367,13 @@ static struct ctl_table ipv4_table[] = {
         },
 #endif
         {
+                .procname       = "tcp_fastopen",
+                .data           = &sysctl_tcp_fastopen,
+                .maxlen         = sizeof(int),
+                .mode           = 0644,
+                .proc_handler   = proc_dointvec,
+        },
+        {
                 .procname       = "tcp_tw_recycle",
                 .data           = &tcp_death_row.sysctl_tw_recycle,
                 .maxlen         = sizeof(int),
diff --git a/net/ipv4/tcp_fastopen.c b/net/ipv4/tcp_fastopen.c
new file mode 100644
index 000000000000..a7f729c409d7
--- /dev/null
+++ b/net/ipv4/tcp_fastopen.c
@@ -0,0 +1,11 @@
+#include <linux/init.h>
+#include <linux/kernel.h>
+
+int sysctl_tcp_fastopen;
+
+static int __init tcp_fastopen_init(void)
+{
+        return 0;
+}
+
+late_initcall(tcp_fastopen_init);
diff --git a/net/ipv4/tcp_input.c b/net/ipv4/tcp_input.c
index fdd49f1b7a52..a06bb8959e7e 100644
--- a/net/ipv4/tcp_input.c
+++ b/net/ipv4/tcp_input.c
@@ -3732,7 +3732,8 @@ old_ack:
  * the fast version below fails.
  */
 void tcp_parse_options(const struct sk_buff *skb, struct tcp_options_received *opt_rx,
-                       const u8 **hvpp, int estab)
+                       const u8 **hvpp, int estab,
+                       struct tcp_fastopen_cookie *foc)
 {
         const unsigned char *ptr;
         const struct tcphdr *th = tcp_hdr(skb);
@@ -3839,8 +3840,25 @@ void tcp_parse_options(const struct sk_buff *skb, struct tcp_options_received *o
                                         break;
                                 }
                                 break;
-                        }
 
+                        case TCPOPT_EXP:
+                                /* Fast Open option shares code 254 using a
+                                 * 16 bits magic number. It's valid only in
+                                 * SYN or SYN-ACK with an even size.
+                                 */
+                                if (opsize < TCPOLEN_EXP_FASTOPEN_BASE ||
+                                    get_unaligned_be16(ptr) != TCPOPT_FASTOPEN_MAGIC ||
+                                    foc == NULL || !th->syn || (opsize & 1))
+                                        break;
+                                foc->len = opsize - TCPOLEN_EXP_FASTOPEN_BASE;
+                                if (foc->len >= TCP_FASTOPEN_COOKIE_MIN &&
+                                    foc->len <= TCP_FASTOPEN_COOKIE_MAX)
+                                        memcpy(foc->val, ptr + 2, foc->len);
+                                else if (foc->len != 0)
+                                        foc->len = -1;
+                                break;
+
+                        }
                         ptr += opsize-2;
                         length -= opsize;
                 }
@@ -3882,7 +3900,7 @@ static bool tcp_fast_parse_options(const struct sk_buff *skb,
                 if (tcp_parse_aligned_timestamp(tp, th))
                         return true;
         }
-        tcp_parse_options(skb, &tp->rx_opt, hvpp, 1);
+        tcp_parse_options(skb, &tp->rx_opt, hvpp, 1, NULL);
         return true;
 }
 
@@ -5637,7 +5655,7 @@ static int tcp_rcv_synsent_state_process(struct sock *sk, struct sk_buff *skb,
         struct tcp_cookie_values *cvp = tp->cookie_values;
         int saved_clamp = tp->rx_opt.mss_clamp;
 
-        tcp_parse_options(skb, &tp->rx_opt, &hash_location, 0);
+        tcp_parse_options(skb, &tp->rx_opt, &hash_location, 0, NULL);
 
         if (th->ack) {
                 /* rfc793:
diff --git a/net/ipv4/tcp_ipv4.c b/net/ipv4/tcp_ipv4.c
index d7d2fa50f07f..01aa77a97020 100644
--- a/net/ipv4/tcp_ipv4.c
+++ b/net/ipv4/tcp_ipv4.c
@@ -1307,7 +1307,7 @@ int tcp_v4_conn_request(struct sock *sk, struct sk_buff *skb)
         tcp_clear_options(&tmp_opt);
         tmp_opt.mss_clamp = TCP_MSS_DEFAULT;
         tmp_opt.user_mss  = tp->rx_opt.user_mss;
-        tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
+        tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
 
         if (tmp_opt.cookie_plus > 0 &&
             tmp_opt.saw_tstamp &&
diff --git a/net/ipv4/tcp_minisocks.c b/net/ipv4/tcp_minisocks.c
index c66f2ede160e..5912ac3fd240 100644
--- a/net/ipv4/tcp_minisocks.c
+++ b/net/ipv4/tcp_minisocks.c
@@ -97,7 +97,7 @@ tcp_timewait_state_process(struct inet_timewait_sock *tw, struct sk_buff *skb,
 
         tmp_opt.saw_tstamp = 0;
         if (th->doff > (sizeof(*th) >> 2) && tcptw->tw_ts_recent_stamp) {
-                tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
+                tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
 
                 if (tmp_opt.saw_tstamp) {
                         tmp_opt.ts_recent       = tcptw->tw_ts_recent;
@@ -534,7 +534,7 @@ struct sock *tcp_check_req(struct sock *sk, struct sk_buff *skb,
 
         tmp_opt.saw_tstamp = 0;
         if (th->doff > (sizeof(struct tcphdr)>>2)) {
-                tcp_parse_options(skb, &tmp_opt, &hash_location, 0);
+                tcp_parse_options(skb, &tmp_opt, &hash_location, 0, NULL);
 
                 if (tmp_opt.saw_tstamp) {
                         tmp_opt.ts_recent = req->ts_recent;
diff --git a/net/ipv4/tcp_output.c b/net/ipv4/tcp_output.c
index 15a7c7bc3e58..4849be76ccd6 100644
--- a/net/ipv4/tcp_output.c
+++ b/net/ipv4/tcp_output.c
@@ -385,15 +385,17 @@ static inline bool tcp_urg_mode(const struct tcp_sock *tp)
 #define OPTION_MD5              (1 << 2)
 #define OPTION_WSCALE           (1 << 3)
 #define OPTION_COOKIE_EXTENSION (1 << 4)
+#define OPTION_FAST_OPEN_COOKIE (1 << 8)
 
 struct tcp_out_options {
-        u8 options;             /* bit field of OPTION_* */
+        u16 options;            /* bit field of OPTION_* */
+        u16 mss;                /* 0 to disable */
         u8 ws;                  /* window scale, 0 to disable */
         u8 num_sack_blocks;     /* number of SACK blocks to include */
         u8 hash_size;           /* bytes in hash_location */
-        u16 mss;                /* 0 to disable */
-        __u32 tsval, tsecr;     /* need to include OPTION_TS */
         __u8 *hash_location;    /* temporary pointer, overloaded */
+        __u32 tsval, tsecr;     /* need to include OPTION_TS */
+        struct tcp_fastopen_cookie *fastopen_cookie;    /* Fast open cookie */
 };
 
 /* The sysctl int routines are generic, so check consistency here.
@@ -442,7 +444,7 @@ static u8 tcp_cookie_size_check(u8 desired)
 static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
                               struct tcp_out_options *opts)
 {
-        u8 options = opts->options;     /* mungable copy */
+        u16 options = opts->options;    /* mungable copy */
 
         /* Having both authentication and cookies for security is redundant,
          * and there's certainly not enough room.  Instead, the cookie-less
@@ -564,6 +566,21 @@ static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
 
                 tp->rx_opt.dsack = 0;
         }
+
+        if (unlikely(OPTION_FAST_OPEN_COOKIE & options)) {
+                struct tcp_fastopen_cookie *foc = opts->fastopen_cookie;
+
+                *ptr++ = htonl((TCPOPT_EXP << 24) |
+                               ((TCPOLEN_EXP_FASTOPEN_BASE + foc->len) << 16) |
+                               TCPOPT_FASTOPEN_MAGIC);
+
+                memcpy(ptr, foc->val, foc->len);
+                if ((foc->len & 3) == 2) {
+                        u8 *align = ((u8 *)ptr) + foc->len;
+                        align[0] = align[1] = TCPOPT_NOP;
+                }
+                ptr += (foc->len + 3) >> 2;
+        }
 }
 
 /* Compute TCP options for SYN packets. This is not the final