diff options
-rw-r--r-- | pkg/tcpip/transport/tcp/accept.go | 6 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/connect.go | 46 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/endpoint.go | 2 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/forwarder.go | 2 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/protocol.go | 6 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/rcv.go | 5 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/segment.go | 14 | ||||
-rw-r--r-- | pkg/tcpip/transport/tcp/snd.go | 8 |
8 files changed, 40 insertions, 49 deletions
diff --git a/pkg/tcpip/transport/tcp/accept.go b/pkg/tcpip/transport/tcp/accept.go index 78d2c76e0..7a19737c7 100644 --- a/pkg/tcpip/transport/tcp/accept.go +++ b/pkg/tcpip/transport/tcp/accept.go @@ -297,7 +297,7 @@ func (e *endpoint) handleSynSegment(ctx *listenContext, s *segment, opts *header // and needs to handle it. func (e *endpoint) handleListenSegment(ctx *listenContext, s *segment) { switch s.flags { - case flagSyn: + case header.TCPFlagSyn: opts := parseSynSegmentOptions(s) if incSynRcvdCount() { s.incRef() @@ -315,10 +315,10 @@ func (e *endpoint) handleListenSegment(ctx *listenContext, s *segment) { TSVal: tcpTimeStamp(timeStampOffset()), TSEcr: opts.TSVal, } - sendSynTCP(&s.route, s.id, flagSyn|flagAck, cookie, s.sequenceNumber+1, ctx.rcvWnd, synOpts) + sendSynTCP(&s.route, s.id, header.TCPFlagSyn|header.TCPFlagAck, cookie, s.sequenceNumber+1, ctx.rcvWnd, synOpts) } - case flagAck: + case header.TCPFlagAck: if data, ok := ctx.isCookieValid(s.id, s.ackNumber-1, s.sequenceNumber-1); ok && int(data) < len(mssTable) { // Create newly accepted endpoint and deliver it. rcvdSynOptions := &header.TCPSynOptions{ diff --git a/pkg/tcpip/transport/tcp/connect.go b/pkg/tcpip/transport/tcp/connect.go index 7b80f7519..4d352b23c 100644 --- a/pkg/tcpip/transport/tcp/connect.go +++ b/pkg/tcpip/transport/tcp/connect.go @@ -123,7 +123,7 @@ func (h *handshake) resetState() { } h.state = handshakeSynSent - h.flags = flagSyn + h.flags = header.TCPFlagSyn h.ackNum = 0 h.mss = 0 h.iss = seqnum.Value(uint32(b[0]) | uint32(b[1])<<8 | uint32(b[2])<<16 | uint32(b[3])<<24) @@ -144,7 +144,7 @@ func (h *handshake) effectiveRcvWndScale() uint8 { func (h *handshake) resetToSynRcvd(iss seqnum.Value, irs seqnum.Value, opts *header.TCPSynOptions) { h.active = false h.state = handshakeSynRcvd - h.flags = flagSyn | flagAck + h.flags = header.TCPFlagSyn | header.TCPFlagAck h.iss = iss h.ackNum = irs + 1 h.mss = opts.MSS @@ -155,13 +155,13 @@ func (h *handshake) resetToSynRcvd(iss seqnum.Value, irs seqnum.Value, opts *hea // a TCP 3-way handshake is valid. If it's not, a RST segment is sent back in // response. func (h *handshake) checkAck(s *segment) bool { - if s.flagIsSet(flagAck) && s.ackNumber != h.iss+1 { + if s.flagIsSet(header.TCPFlagAck) && s.ackNumber != h.iss+1 { // RFC 793, page 36, states that a reset must be generated when // the connection is in any non-synchronized state and an // incoming segment acknowledges something not yet sent. The // connection remains in the same state. ack := s.sequenceNumber.Add(s.logicalLen()) - h.ep.sendRaw(buffer.VectorisedView{}, flagRst|flagAck, s.ackNumber, ack, 0) + h.ep.sendRaw(buffer.VectorisedView{}, header.TCPFlagRst|header.TCPFlagAck, s.ackNumber, ack, 0) return false } @@ -173,8 +173,8 @@ func (h *handshake) checkAck(s *segment) bool { func (h *handshake) synSentState(s *segment) *tcpip.Error { // RFC 793, page 37, states that in the SYN-SENT state, a reset is // acceptable if the ack field acknowledges the SYN. - if s.flagIsSet(flagRst) { - if s.flagIsSet(flagAck) && s.ackNumber == h.iss+1 { + if s.flagIsSet(header.TCPFlagRst) { + if s.flagIsSet(header.TCPFlagAck) && s.ackNumber == h.iss+1 { return tcpip.ErrConnectionRefused } return nil @@ -186,7 +186,7 @@ func (h *handshake) synSentState(s *segment) *tcpip.Error { // We are in the SYN-SENT state. We only care about segments that have // the SYN flag. - if !s.flagIsSet(flagSyn) { + if !s.flagIsSet(header.TCPFlagSyn) { return nil } @@ -201,15 +201,15 @@ func (h *handshake) synSentState(s *segment) *tcpip.Error { // Remember the sequence we'll ack from now on. h.ackNum = s.sequenceNumber + 1 - h.flags |= flagAck + h.flags |= header.TCPFlagAck h.mss = rcvSynOpts.MSS h.sndWndScale = rcvSynOpts.WS // If this is a SYN ACK response, we only need to acknowledge the SYN // and the handshake is completed. - if s.flagIsSet(flagAck) { + if s.flagIsSet(header.TCPFlagAck) { h.state = handshakeCompleted - h.ep.sendRaw(buffer.VectorisedView{}, flagAck, h.iss+1, h.ackNum, h.rcvWnd>>h.effectiveRcvWndScale()) + h.ep.sendRaw(buffer.VectorisedView{}, header.TCPFlagAck, h.iss+1, h.ackNum, h.rcvWnd>>h.effectiveRcvWndScale()) return nil } @@ -236,7 +236,7 @@ func (h *handshake) synSentState(s *segment) *tcpip.Error { // synRcvdState handles a segment received when the TCP 3-way handshake is in // the SYN-RCVD state. func (h *handshake) synRcvdState(s *segment) *tcpip.Error { - if s.flagIsSet(flagRst) { + if s.flagIsSet(header.TCPFlagRst) { // RFC 793, page 37, states that in the SYN-RCVD state, a reset // is acceptable if the sequence number is in the window. if s.sequenceNumber.InWindow(h.ackNum, h.rcvWnd) { @@ -249,16 +249,16 @@ func (h *handshake) synRcvdState(s *segment) *tcpip.Error { return nil } - if s.flagIsSet(flagSyn) && s.sequenceNumber != h.ackNum-1 { + if s.flagIsSet(header.TCPFlagSyn) && s.sequenceNumber != h.ackNum-1 { // We received two SYN segments with different sequence // numbers, so we reset this and restart the whole // process, except that we don't reset the timer. ack := s.sequenceNumber.Add(s.logicalLen()) seq := seqnum.Value(0) - if s.flagIsSet(flagAck) { + if s.flagIsSet(header.TCPFlagAck) { seq = s.ackNumber } - h.ep.sendRaw(buffer.VectorisedView{}, flagRst|flagAck, seq, ack, 0) + h.ep.sendRaw(buffer.VectorisedView{}, header.TCPFlagRst|header.TCPFlagAck, seq, ack, 0) if !h.active { return tcpip.ErrInvalidEndpointState @@ -278,7 +278,7 @@ func (h *handshake) synRcvdState(s *segment) *tcpip.Error { // We have previously received (and acknowledged) the peer's SYN. If the // peer acknowledges our SYN, the handshake is completed. - if s.flagIsSet(flagAck) { + if s.flagIsSet(header.TCPFlagAck) { // If the timestamp option is negotiated and the segment does // not carry a timestamp option then the segment must be dropped @@ -301,7 +301,7 @@ func (h *handshake) synRcvdState(s *segment) *tcpip.Error { func (h *handshake) handleSegment(s *segment) *tcpip.Error { h.sndWnd = s.window - if !s.flagIsSet(flagSyn) && h.sndWndScale > 0 { + if !s.flagIsSet(header.TCPFlagSyn) && h.sndWndScale > 0 { h.sndWnd <<= uint8(h.sndWndScale) } @@ -472,7 +472,7 @@ func (h *handshake) execute() *tcpip.Error { } func parseSynSegmentOptions(s *segment) header.TCPSynOptions { - synOpts := header.ParseSynOptions(s.options, s.flagIsSet(flagAck)) + synOpts := header.ParseSynOptions(s.options, s.flagIsSet(header.TCPFlagAck)) if synOpts.TS { s.parsedOptions.TSVal = synOpts.TSVal s.parsedOptions.TSEcr = synOpts.TSEcr @@ -596,7 +596,7 @@ func sendTCP(r *stack.Route, id stack.TransportEndpointID, data buffer.Vectorise } r.Stats().TCP.SegmentsSent.Increment() - if (flags & flagRst) != 0 { + if (flags & header.TCPFlagRst) != 0 { r.Stats().TCP.ResetsSent.Increment() } @@ -645,7 +645,7 @@ func (e *endpoint) makeOptions(sackBlocks []header.SACKBlock) []byte { // sendRaw sends a TCP segment to the endpoint's peer. func (e *endpoint) sendRaw(data buffer.VectorisedView, flags byte, seq, ack seqnum.Value, rcvWnd seqnum.Size) *tcpip.Error { var sackBlocks []header.SACKBlock - if e.state == stateConnected && e.rcv.pendingBufSize > 0 && (flags&flagAck != 0) { + if e.state == stateConnected && e.rcv.pendingBufSize > 0 && (flags&header.TCPFlagAck != 0) { sackBlocks = e.sack.Blocks[:e.sack.NumBlocks] } options := e.makeOptions(sackBlocks) @@ -695,7 +695,7 @@ func (e *endpoint) handleClose() *tcpip.Error { // state with the given error code. This method must only be called from the // protocol goroutine. func (e *endpoint) resetConnectionLocked(err *tcpip.Error) { - e.sendRaw(buffer.VectorisedView{}, flagAck|flagRst, e.snd.sndUna, e.rcv.rcvNxt, 0) + e.sendRaw(buffer.VectorisedView{}, header.TCPFlagAck|header.TCPFlagRst, e.snd.sndUna, e.rcv.rcvNxt, 0) e.state = stateError e.hardError = err @@ -727,7 +727,7 @@ func (e *endpoint) handleSegments() *tcpip.Error { e.probe(e.completeState()) } - if s.flagIsSet(flagRst) { + if s.flagIsSet(header.TCPFlagRst) { if e.rcv.acceptable(s.sequenceNumber, 0) { // RFC 793, page 37 states that "in all states // except SYN-SENT, all reset (RST) segments are @@ -736,7 +736,7 @@ func (e *endpoint) handleSegments() *tcpip.Error { s.decRef() return tcpip.ErrConnectionReset } - } else if s.flagIsSet(flagAck) { + } else if s.flagIsSet(header.TCPFlagAck) { // Patch the window size in the segment according to the // send window scale. s.window <<= e.snd.sndWndScale @@ -785,7 +785,7 @@ func (e *endpoint) keepaliveTimerExpired() *tcpip.Error { // seg.seq = snd.nxt-1. e.keepalive.unacked++ e.keepalive.Unlock() - e.snd.sendSegment(buffer.VectorisedView{}, flagAck, e.snd.sndNxt-1) + e.snd.sendSegment(buffer.VectorisedView{}, header.TCPFlagAck, e.snd.sndNxt-1) e.resetKeepaliveTimer(false) return nil } diff --git a/pkg/tcpip/transport/tcp/endpoint.go b/pkg/tcpip/transport/tcp/endpoint.go index fc4f82402..7d18e3612 100644 --- a/pkg/tcpip/transport/tcp/endpoint.go +++ b/pkg/tcpip/transport/tcp/endpoint.go @@ -1443,7 +1443,7 @@ func (e *endpoint) HandlePacket(r *stack.Route, id stack.TransportEndpointID, ne } e.stack.Stats().TCP.ValidSegmentsReceived.Increment() - if (s.flags & flagRst) != 0 { + if (s.flags & header.TCPFlagRst) != 0 { e.stack.Stats().TCP.ResetsReceived.Increment() } diff --git a/pkg/tcpip/transport/tcp/forwarder.go b/pkg/tcpip/transport/tcp/forwarder.go index ca53a076f..7a6589cfd 100644 --- a/pkg/tcpip/transport/tcp/forwarder.go +++ b/pkg/tcpip/transport/tcp/forwarder.go @@ -68,7 +68,7 @@ func (f *Forwarder) HandlePacket(r *stack.Route, id stack.TransportEndpointID, n defer s.decRef() // We only care about well-formed SYN packets. - if !s.parse() || s.flags != flagSyn { + if !s.parse() || s.flags != header.TCPFlagSyn { return false } diff --git a/pkg/tcpip/transport/tcp/protocol.go b/pkg/tcpip/transport/tcp/protocol.go index 639ad3fae..8a42f8593 100644 --- a/pkg/tcpip/transport/tcp/protocol.go +++ b/pkg/tcpip/transport/tcp/protocol.go @@ -135,7 +135,7 @@ func (*protocol) HandleUnknownDestinationPacket(r *stack.Route, id stack.Transpo } // There's nothing to do if this is already a reset packet. - if s.flagIsSet(flagRst) { + if s.flagIsSet(header.TCPFlagRst) { return true } @@ -147,13 +147,13 @@ func (*protocol) HandleUnknownDestinationPacket(r *stack.Route, id stack.Transpo func replyWithReset(s *segment) { // Get the seqnum from the packet if the ack flag is set. seq := seqnum.Value(0) - if s.flagIsSet(flagAck) { + if s.flagIsSet(header.TCPFlagAck) { seq = s.ackNumber } ack := s.sequenceNumber.Add(s.logicalLen()) - sendTCP(&s.route, s.id, buffer.VectorisedView{}, s.route.DefaultTTL(), flagRst|flagAck, seq, ack, 0, nil) + sendTCP(&s.route, s.id, buffer.VectorisedView{}, s.route.DefaultTTL(), header.TCPFlagRst|header.TCPFlagAck, seq, ack, 0, nil) } // SetOption implements TransportProtocol.SetOption. diff --git a/pkg/tcpip/transport/tcp/rcv.go b/pkg/tcpip/transport/tcp/rcv.go index 05ff9e0d7..fa6bdddba 100644 --- a/pkg/tcpip/transport/tcp/rcv.go +++ b/pkg/tcpip/transport/tcp/rcv.go @@ -17,6 +17,7 @@ package tcp import ( "container/heap" + "gvisor.googlesource.com/gvisor/pkg/tcpip/header" "gvisor.googlesource.com/gvisor/pkg/tcpip/seqnum" ) @@ -133,7 +134,7 @@ func (r *receiver) consumeSegment(s *segment, segSeq seqnum.Value, segLen seqnum // sequence numbers that have been consumed. TrimSACKBlockList(&r.ep.sack, r.rcvNxt) - if s.flagIsSet(flagFin) { + if s.flagIsSet(header.TCPFlagFin) { r.rcvNxt++ // Send ACK immediately. @@ -181,7 +182,7 @@ func (r *receiver) handleRcvdSegment(s *segment) { // Defer segment processing if it can't be consumed now. if !r.consumeSegment(s, segSeq, segLen) { - if segLen > 0 || s.flagIsSet(flagFin) { + if segLen > 0 || s.flagIsSet(header.TCPFlagFin) { // We only store the segment if it's within our buffer // size limit. if r.pendingBufUsed < r.pendingBufSize { diff --git a/pkg/tcpip/transport/tcp/segment.go b/pkg/tcpip/transport/tcp/segment.go index a4c4a115c..df8402bf9 100644 --- a/pkg/tcpip/transport/tcp/segment.go +++ b/pkg/tcpip/transport/tcp/segment.go @@ -24,16 +24,6 @@ import ( "gvisor.googlesource.com/gvisor/pkg/tcpip/stack" ) -// Flags that may be set in a TCP segment. -const ( - flagFin = 1 << iota - flagSyn - flagRst - flagPsh - flagAck - flagUrg -) - // segment represents a TCP segment. It holds the payload and parsed TCP segment // information, and can be added to intrusive lists. // segment is mostly immutable, the only field allowed to change is viewToDeliver. @@ -123,10 +113,10 @@ func (s *segment) incRef() { // as the data length plus one for each of the SYN and FIN bits set. func (s *segment) logicalLen() seqnum.Size { l := seqnum.Size(s.data.Size()) - if s.flagIsSet(flagSyn) { + if s.flagIsSet(header.TCPFlagSyn) { l++ } - if s.flagIsSet(flagFin) { + if s.flagIsSet(header.TCPFlagFin) { l++ } return l diff --git a/pkg/tcpip/transport/tcp/snd.go b/pkg/tcpip/transport/tcp/snd.go index 2cf12f4a6..e38932df7 100644 --- a/pkg/tcpip/transport/tcp/snd.go +++ b/pkg/tcpip/transport/tcp/snd.go @@ -273,7 +273,7 @@ func (s *sender) updateMaxPayloadSize(mtu, count int) { // sendAck sends an ACK segment. func (s *sender) sendAck() { - s.sendSegment(buffer.VectorisedView{}, flagAck, s.sndNxt) + s.sendSegment(buffer.VectorisedView{}, header.TCPFlagAck, s.sndNxt) } // updateRTO updates the retransmit timeout when a new roud-trip time is @@ -483,7 +483,7 @@ func (s *sender) sendData() { // Assign flags. We don't do it above so that we can merge // additional data if Nagle holds the segment. seg.sequenceNumber = s.sndNxt - seg.flags = flagAck | flagPsh + seg.flags = header.TCPFlagAck | header.TCPFlagPsh } var segEnd seqnum.Value @@ -491,11 +491,11 @@ func (s *sender) sendData() { if s.writeList.Back() != seg { panic("FIN segments must be the final segment in the write list.") } - seg.flags = flagAck | flagFin + seg.flags = header.TCPFlagAck | header.TCPFlagFin segEnd = seg.sequenceNumber.Add(1) } else { // We're sending a non-FIN segment. - if seg.flags&flagFin != 0 { + if seg.flags&header.TCPFlagFin != 0 { panic("Netstack queues FIN segments without data.") } |