SYN to SYN-ACK (Linux Kernel)
This is technical note. I have skipped a lot of details here that I know and dont feel neccessary to mention.
Well it so happens that tcp_v4_rcv() is the enterance point into the TCP layer for all TCP packets. All packets go to tcp_v4_do_rcv() from here. If the packet is a valid one and since this is a SYN packet, tcp_rcv_state_process() is called next. This function tries to do the right thing depending on the state of the socket. Since we are considering a SYN packet and are reading the code at a server, we can assume that the socket is in the listen mode. The function makes use of a switch statement to go through all the possible states of the socket. In the TCP_LISTEN case, apart from other things, the kernel checks if the syn flag is set in the packet. If so, the kernel executes the following code: tp->af_specific->conn_request()
where tp: of type struct tcp_opt
af_specific: of type struct tcp_func
conn_request: is a function pointer
In the init function, af_specific was initialized to ipv4_specific and thats how all the function pointers get their values i.e. function addresse. Thats how I can conclude that conn_request points to tcp_v4_conn_request.
At the time I was looking through this flow, I was interested in finding the function that is called for sending the SYN-ACK. And that function is tcp_v4_send_synack() which is called from tcp_v4_conn_request().
This entire exercise was done so that I can set the __unused variable in the SYN-ACK packets belonging to split TCP. I changed the function definition and introduced a new char variable that I call flag. This flag variable reflects the value of the __unused variable in the incoming packet. So depending on the value of flag variable I either set __unused to L or R or '\0' for the SYN-ACK packet. I also changed the function calls.Icing on the cake: it worked =)
Well it so happens that tcp_v4_rcv() is the enterance point into the TCP layer for all TCP packets. All packets go to tcp_v4_do_rcv() from here. If the packet is a valid one and since this is a SYN packet, tcp_rcv_state_process() is called next. This function tries to do the right thing depending on the state of the socket. Since we are considering a SYN packet and are reading the code at a server, we can assume that the socket is in the listen mode. The function makes use of a switch statement to go through all the possible states of the socket. In the TCP_LISTEN case, apart from other things, the kernel checks if the syn flag is set in the packet. If so, the kernel executes the following code: tp->af_specific->conn_request()
where tp: of type struct tcp_opt
af_specific: of type struct tcp_func
conn_request: is a function pointer
In the init function, af_specific was initialized to ipv4_specific and thats how all the function pointers get their values i.e. function addresse. Thats how I can conclude that conn_request points to tcp_v4_conn_request.
At the time I was looking through this flow, I was interested in finding the function that is called for sending the SYN-ACK. And that function is tcp_v4_send_synack() which is called from tcp_v4_conn_request().
This entire exercise was done so that I can set the __unused variable in the SYN-ACK packets belonging to split TCP. I changed the function definition and introduced a new char variable that I call flag. This flag variable reflects the value of the __unused variable in the incoming packet. So depending on the value of flag variable I either set __unused to L or R or '\0' for the SYN-ACK packet. I also changed the function calls.Icing on the cake: it worked =)
posted by Rahul at 11:53 PM
0 Comments:
Post a Comment
<< Home