1 /*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 5 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 6 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions are met: 10 * 11 * a) Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * 14 * b) Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the distribution. 17 * 18 * c) Neither the name of Cisco Systems, Inc. nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 24 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 26 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 32 * THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35 #include <sys/cdefs.h> 36 __FBSDID("$FreeBSD$"); 37 38 #define _IP_VHL 39 #include <netinet/sctp_os.h> 40 #include <netinet/sctp_pcb.h> 41 #ifdef INET6 42 #endif 43 #include <netinet/sctp_var.h> 44 #include <netinet/sctp_sysctl.h> 45 #include <netinet/sctp_timer.h> 46 #include <netinet/sctputil.h> 47 #include <netinet/sctp_output.h> 48 #include <netinet/sctp_header.h> 49 #include <netinet/sctp_indata.h> 50 #include <netinet/sctp_asconf.h> 51 #include <netinet/sctp_input.h> 52 #include <netinet/sctp.h> 53 #include <netinet/sctp_uio.h> 54 #if defined(INET) || defined(INET6) 55 #include <netinet/udp.h> 56 #endif 57 58 void 59 sctp_audit_retranmission_queue(struct sctp_association *asoc) 60 { 61 struct sctp_tmit_chunk *chk; 62 63 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit invoked on send queue cnt:%d onqueue:%d\n", 64 asoc->sent_queue_retran_cnt, 65 asoc->sent_queue_cnt); 66 asoc->sent_queue_retran_cnt = 0; 67 asoc->sent_queue_cnt = 0; 68 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 69 if (chk->sent == SCTP_DATAGRAM_RESEND) { 70 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 71 } 72 asoc->sent_queue_cnt++; 73 } 74 TAILQ_FOREACH(chk, &asoc->control_send_queue, sctp_next) { 75 if (chk->sent == SCTP_DATAGRAM_RESEND) { 76 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 77 } 78 } 79 TAILQ_FOREACH(chk, &asoc->asconf_send_queue, sctp_next) { 80 if (chk->sent == SCTP_DATAGRAM_RESEND) { 81 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 82 } 83 } 84 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit completes retran:%d onqueue:%d\n", 85 asoc->sent_queue_retran_cnt, 86 asoc->sent_queue_cnt); 87 } 88 89 static int 90 sctp_threshold_management(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 91 struct sctp_nets *net, uint16_t threshold) 92 { 93 if (net) { 94 net->error_count++; 95 SCTPDBG(SCTP_DEBUG_TIMER4, "Error count for %p now %d thresh:%d\n", 96 (void *)net, net->error_count, 97 net->failure_threshold); 98 if (net->error_count > net->failure_threshold) { 99 /* We had a threshold failure */ 100 if (net->dest_state & SCTP_ADDR_REACHABLE) { 101 net->dest_state &= ~SCTP_ADDR_REACHABLE; 102 net->dest_state &= ~SCTP_ADDR_REQ_PRIMARY; 103 net->dest_state &= ~SCTP_ADDR_PF; 104 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_DOWN, 105 stcb, 0, 106 (void *)net, SCTP_SO_NOT_LOCKED); 107 } 108 } else if ((net->pf_threshold < net->failure_threshold) && 109 (net->error_count > net->pf_threshold)) { 110 if (!(net->dest_state & SCTP_ADDR_PF)) { 111 net->dest_state |= SCTP_ADDR_PF; 112 net->last_active = sctp_get_tick_count(); 113 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 114 sctp_timer_stop(SCTP_TIMER_TYPE_HEARTBEAT, 115 inp, stcb, net, 116 SCTP_FROM_SCTP_TIMER + SCTP_LOC_1); 117 sctp_timer_start(SCTP_TIMER_TYPE_HEARTBEAT, inp, stcb, net); 118 } 119 } 120 } 121 if (stcb == NULL) 122 return (0); 123 124 if (net) { 125 if ((net->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) { 126 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 127 sctp_misc_ints(SCTP_THRESHOLD_INCR, 128 stcb->asoc.overall_error_count, 129 (stcb->asoc.overall_error_count + 1), 130 SCTP_FROM_SCTP_TIMER, 131 __LINE__); 132 } 133 stcb->asoc.overall_error_count++; 134 } 135 } else { 136 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 137 sctp_misc_ints(SCTP_THRESHOLD_INCR, 138 stcb->asoc.overall_error_count, 139 (stcb->asoc.overall_error_count + 1), 140 SCTP_FROM_SCTP_TIMER, 141 __LINE__); 142 } 143 stcb->asoc.overall_error_count++; 144 } 145 SCTPDBG(SCTP_DEBUG_TIMER4, "Overall error count for %p now %d thresh:%u state:%x\n", 146 (void *)&stcb->asoc, stcb->asoc.overall_error_count, 147 (uint32_t)threshold, 148 ((net == NULL) ? (uint32_t)0 : (uint32_t)net->dest_state)); 149 /* 150 * We specifically do not do >= to give the assoc one more change 151 * before we fail it. 152 */ 153 if (stcb->asoc.overall_error_count > threshold) { 154 /* Abort notification sends a ULP notify */ 155 struct mbuf *op_err; 156 157 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 158 "Association error counter exceeded"); 159 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_2; 160 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 161 return (1); 162 } 163 return (0); 164 } 165 166 /* 167 * sctp_find_alternate_net() returns a non-NULL pointer as long 168 * the argument net is non-NULL. 169 */ 170 struct sctp_nets * 171 sctp_find_alternate_net(struct sctp_tcb *stcb, 172 struct sctp_nets *net, 173 int mode) 174 { 175 /* Find and return an alternate network if possible */ 176 struct sctp_nets *alt, *mnet, *min_errors_net = NULL, *max_cwnd_net = NULL; 177 int once; 178 179 /* JRS 5/14/07 - Initialize min_errors to an impossible value. */ 180 int min_errors = -1; 181 uint32_t max_cwnd = 0; 182 183 if (stcb->asoc.numnets == 1) { 184 /* No others but net */ 185 return (TAILQ_FIRST(&stcb->asoc.nets)); 186 } 187 /* 188 * JRS 5/14/07 - If mode is set to 2, use the CMT PF find alternate 189 * net algorithm. This algorithm chooses the active destination (not 190 * in PF state) with the largest cwnd value. If all destinations are 191 * in PF state, unreachable, or unconfirmed, choose the desination 192 * that is in PF state with the lowest error count. In case of a 193 * tie, choose the destination that was most recently active. 194 */ 195 if (mode == 2) { 196 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 197 /* 198 * JRS 5/14/07 - If the destination is unreachable 199 * or unconfirmed, skip it. 200 */ 201 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 202 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 203 continue; 204 } 205 /* 206 * JRS 5/14/07 - If the destination is reachable 207 * but in PF state, compare the error count of the 208 * destination to the minimum error count seen thus 209 * far. Store the destination with the lower error 210 * count. If the error counts are equal, store the 211 * destination that was most recently active. 212 */ 213 if (mnet->dest_state & SCTP_ADDR_PF) { 214 /* 215 * JRS 5/14/07 - If the destination under 216 * consideration is the current destination, 217 * work as if the error count is one higher. 218 * The actual error count will not be 219 * incremented until later in the t3 220 * handler. 221 */ 222 if (mnet == net) { 223 if (min_errors == -1) { 224 min_errors = mnet->error_count + 1; 225 min_errors_net = mnet; 226 } else if (mnet->error_count + 1 < min_errors) { 227 min_errors = mnet->error_count + 1; 228 min_errors_net = mnet; 229 } else if (mnet->error_count + 1 == min_errors 230 && mnet->last_active > min_errors_net->last_active) { 231 min_errors_net = mnet; 232 min_errors = mnet->error_count + 1; 233 } 234 continue; 235 } else { 236 if (min_errors == -1) { 237 min_errors = mnet->error_count; 238 min_errors_net = mnet; 239 } else if (mnet->error_count < min_errors) { 240 min_errors = mnet->error_count; 241 min_errors_net = mnet; 242 } else if (mnet->error_count == min_errors 243 && mnet->last_active > min_errors_net->last_active) { 244 min_errors_net = mnet; 245 min_errors = mnet->error_count; 246 } 247 continue; 248 } 249 } 250 /* 251 * JRS 5/14/07 - If the destination is reachable and 252 * not in PF state, compare the cwnd of the 253 * destination to the highest cwnd seen thus far. 254 * Store the destination with the higher cwnd value. 255 * If the cwnd values are equal, randomly choose one 256 * of the two destinations. 257 */ 258 if (max_cwnd < mnet->cwnd) { 259 max_cwnd_net = mnet; 260 max_cwnd = mnet->cwnd; 261 } else if (max_cwnd == mnet->cwnd) { 262 uint32_t rndval; 263 uint8_t this_random; 264 265 if (stcb->asoc.hb_random_idx > 3) { 266 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 267 memcpy(stcb->asoc.hb_random_values, &rndval, sizeof(stcb->asoc.hb_random_values)); 268 this_random = stcb->asoc.hb_random_values[0]; 269 stcb->asoc.hb_random_idx++; 270 stcb->asoc.hb_ect_randombit = 0; 271 } else { 272 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 273 stcb->asoc.hb_random_idx++; 274 stcb->asoc.hb_ect_randombit = 0; 275 } 276 if (this_random % 2 == 1) { 277 max_cwnd_net = mnet; 278 max_cwnd = mnet->cwnd; /* Useless? */ 279 } 280 } 281 } 282 if (max_cwnd_net == NULL) { 283 if (min_errors_net == NULL) { 284 return (net); 285 } 286 return (min_errors_net); 287 } else { 288 return (max_cwnd_net); 289 } 290 } /* JRS 5/14/07 - If mode is set to 1, use the 291 * CMT policy for choosing an alternate net. */ 292 else if (mode == 1) { 293 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 294 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 295 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 296 /* 297 * will skip ones that are not-reachable or 298 * unconfirmed 299 */ 300 continue; 301 } 302 if (max_cwnd < mnet->cwnd) { 303 max_cwnd_net = mnet; 304 max_cwnd = mnet->cwnd; 305 } else if (max_cwnd == mnet->cwnd) { 306 uint32_t rndval; 307 uint8_t this_random; 308 309 if (stcb->asoc.hb_random_idx > 3) { 310 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 311 memcpy(stcb->asoc.hb_random_values, &rndval, 312 sizeof(stcb->asoc.hb_random_values)); 313 this_random = stcb->asoc.hb_random_values[0]; 314 stcb->asoc.hb_random_idx = 0; 315 stcb->asoc.hb_ect_randombit = 0; 316 } else { 317 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 318 stcb->asoc.hb_random_idx++; 319 stcb->asoc.hb_ect_randombit = 0; 320 } 321 if (this_random % 2) { 322 max_cwnd_net = mnet; 323 max_cwnd = mnet->cwnd; 324 } 325 } 326 } 327 if (max_cwnd_net) { 328 return (max_cwnd_net); 329 } 330 } 331 mnet = net; 332 once = 0; 333 334 if (mnet == NULL) { 335 mnet = TAILQ_FIRST(&stcb->asoc.nets); 336 if (mnet == NULL) { 337 return (NULL); 338 } 339 } 340 for (;;) { 341 alt = TAILQ_NEXT(mnet, sctp_next); 342 if (alt == NULL) { 343 once++; 344 if (once > 1) { 345 break; 346 } 347 alt = TAILQ_FIRST(&stcb->asoc.nets); 348 if (alt == NULL) { 349 return (NULL); 350 } 351 } 352 if (alt->ro.ro_nh == NULL) { 353 if (alt->ro._s_addr) { 354 sctp_free_ifa(alt->ro._s_addr); 355 alt->ro._s_addr = NULL; 356 } 357 alt->src_addr_selected = 0; 358 } 359 if (((alt->dest_state & SCTP_ADDR_REACHABLE) == SCTP_ADDR_REACHABLE) && 360 (alt->ro.ro_nh != NULL) && 361 (!(alt->dest_state & SCTP_ADDR_UNCONFIRMED))) { 362 /* Found a reachable address */ 363 break; 364 } 365 mnet = alt; 366 } 367 368 if (alt == NULL) { 369 /* Case where NO insv network exists (dormant state) */ 370 /* we rotate destinations */ 371 once = 0; 372 mnet = net; 373 for (;;) { 374 if (mnet == NULL) { 375 return (TAILQ_FIRST(&stcb->asoc.nets)); 376 } 377 alt = TAILQ_NEXT(mnet, sctp_next); 378 if (alt == NULL) { 379 once++; 380 if (once > 1) { 381 break; 382 } 383 alt = TAILQ_FIRST(&stcb->asoc.nets); 384 if (alt == NULL) { 385 break; 386 } 387 } 388 if ((!(alt->dest_state & SCTP_ADDR_UNCONFIRMED)) && 389 (alt != net)) { 390 /* Found an alternate address */ 391 break; 392 } 393 mnet = alt; 394 } 395 } 396 if (alt == NULL) { 397 return (net); 398 } 399 return (alt); 400 } 401 402 static void 403 sctp_backoff_on_timeout(struct sctp_tcb *stcb, 404 struct sctp_nets *net, 405 int win_probe, 406 int num_marked, int num_abandoned) 407 { 408 if (net->RTO == 0) { 409 if (net->RTO_measured) { 410 net->RTO = stcb->asoc.minrto; 411 } else { 412 net->RTO = stcb->asoc.initial_rto; 413 } 414 } 415 net->RTO <<= 1; 416 if (net->RTO > stcb->asoc.maxrto) { 417 net->RTO = stcb->asoc.maxrto; 418 } 419 if ((win_probe == 0) && (num_marked || num_abandoned)) { 420 /* We don't apply penalty to window probe scenarios */ 421 /* JRS - Use the congestion control given in the CC module */ 422 stcb->asoc.cc_functions.sctp_cwnd_update_after_timeout(stcb, net); 423 } 424 } 425 426 #ifndef INVARIANTS 427 static void 428 sctp_recover_sent_list(struct sctp_tcb *stcb) 429 { 430 struct sctp_tmit_chunk *chk, *nchk; 431 struct sctp_association *asoc; 432 433 asoc = &stcb->asoc; 434 TAILQ_FOREACH_SAFE(chk, &asoc->sent_queue, sctp_next, nchk) { 435 if (SCTP_TSN_GE(asoc->last_acked_seq, chk->rec.data.tsn)) { 436 SCTP_PRINTF("Found chk:%p tsn:%x <= last_acked_seq:%x\n", 437 (void *)chk, chk->rec.data.tsn, asoc->last_acked_seq); 438 if (chk->sent != SCTP_DATAGRAM_NR_ACKED) { 439 if (asoc->strmout[chk->rec.data.sid].chunks_on_queues > 0) { 440 asoc->strmout[chk->rec.data.sid].chunks_on_queues--; 441 } 442 } 443 if ((asoc->strmout[chk->rec.data.sid].chunks_on_queues == 0) && 444 (asoc->strmout[chk->rec.data.sid].state == SCTP_STREAM_RESET_PENDING) && 445 TAILQ_EMPTY(&asoc->strmout[chk->rec.data.sid].outqueue)) { 446 asoc->trigger_reset = 1; 447 } 448 TAILQ_REMOVE(&asoc->sent_queue, chk, sctp_next); 449 if (PR_SCTP_ENABLED(chk->flags)) { 450 if (asoc->pr_sctp_cnt != 0) 451 asoc->pr_sctp_cnt--; 452 } 453 if (chk->data) { 454 /* sa_ignore NO_NULL_CHK */ 455 sctp_free_bufspace(stcb, asoc, chk, 1); 456 sctp_m_freem(chk->data); 457 chk->data = NULL; 458 if (asoc->prsctp_supported && PR_SCTP_BUF_ENABLED(chk->flags)) { 459 asoc->sent_queue_cnt_removeable--; 460 } 461 } 462 asoc->sent_queue_cnt--; 463 sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED); 464 } 465 } 466 SCTP_PRINTF("after recover order is as follows\n"); 467 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 468 SCTP_PRINTF("chk:%p TSN:%x\n", (void *)chk, chk->rec.data.tsn); 469 } 470 } 471 #endif 472 473 static int 474 sctp_mark_all_for_resend(struct sctp_tcb *stcb, 475 struct sctp_nets *net, 476 struct sctp_nets *alt, 477 int window_probe, 478 int *num_marked, 479 int *num_abandoned) 480 { 481 482 /* 483 * Mark all chunks (well not all) that were sent to *net for 484 * retransmission. Move them to alt for there destination as well... 485 * We only mark chunks that have been outstanding long enough to 486 * have received feed-back. 487 */ 488 struct sctp_tmit_chunk *chk, *nchk; 489 struct sctp_nets *lnets; 490 struct timeval now, min_wait, tv; 491 int cur_rto; 492 int cnt_abandoned; 493 int audit_tf, num_mk, fir; 494 unsigned int cnt_mk; 495 uint32_t orig_flight, orig_tf; 496 uint32_t tsnlast, tsnfirst; 497 int recovery_cnt = 0; 498 499 500 /* none in flight now */ 501 audit_tf = 0; 502 fir = 0; 503 /* 504 * figure out how long a data chunk must be pending before we can 505 * mark it .. 506 */ 507 (void)SCTP_GETTIME_TIMEVAL(&now); 508 /* get cur rto in micro-seconds */ 509 cur_rto = (net->lastsa >> SCTP_RTT_SHIFT) + net->lastsv; 510 cur_rto *= 1000; 511 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 512 sctp_log_fr(cur_rto, 513 stcb->asoc.peers_rwnd, 514 window_probe, 515 SCTP_FR_T3_MARK_TIME); 516 sctp_log_fr(net->flight_size, 0, 0, SCTP_FR_CWND_REPORT); 517 sctp_log_fr(net->flight_size, net->cwnd, stcb->asoc.total_flight, SCTP_FR_CWND_REPORT); 518 } 519 tv.tv_sec = cur_rto / 1000000; 520 tv.tv_usec = cur_rto % 1000000; 521 min_wait = now; 522 timevalsub(&min_wait, &tv); 523 if (min_wait.tv_sec < 0 || min_wait.tv_usec < 0) { 524 /* 525 * if we hit here, we don't have enough seconds on the clock 526 * to account for the RTO. We just let the lower seconds be 527 * the bounds and don't worry about it. This may mean we 528 * will mark a lot more than we should. 529 */ 530 min_wait.tv_sec = min_wait.tv_usec = 0; 531 } 532 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 533 sctp_log_fr(cur_rto, now.tv_sec, now.tv_usec, SCTP_FR_T3_MARK_TIME); 534 sctp_log_fr(0, min_wait.tv_sec, min_wait.tv_usec, SCTP_FR_T3_MARK_TIME); 535 } 536 /* 537 * Our rwnd will be incorrect here since we are not adding back the 538 * cnt * mbuf but we will fix that down below. 539 */ 540 orig_flight = net->flight_size; 541 orig_tf = stcb->asoc.total_flight; 542 543 net->fast_retran_ip = 0; 544 /* Now on to each chunk */ 545 cnt_abandoned = 0; 546 num_mk = cnt_mk = 0; 547 tsnfirst = tsnlast = 0; 548 #ifndef INVARIANTS 549 start_again: 550 #endif 551 TAILQ_FOREACH_SAFE(chk, &stcb->asoc.sent_queue, sctp_next, nchk) { 552 if (SCTP_TSN_GE(stcb->asoc.last_acked_seq, chk->rec.data.tsn)) { 553 /* Strange case our list got out of order? */ 554 SCTP_PRINTF("Our list is out of order? last_acked:%x chk:%x\n", 555 (unsigned int)stcb->asoc.last_acked_seq, (unsigned int)chk->rec.data.tsn); 556 recovery_cnt++; 557 #ifdef INVARIANTS 558 panic("last acked >= chk on sent-Q"); 559 #else 560 SCTP_PRINTF("Recover attempts a restart cnt:%d\n", recovery_cnt); 561 sctp_recover_sent_list(stcb); 562 if (recovery_cnt < 10) { 563 goto start_again; 564 } else { 565 SCTP_PRINTF("Recovery fails %d times??\n", recovery_cnt); 566 } 567 #endif 568 } 569 if ((chk->whoTo == net) && (chk->sent < SCTP_DATAGRAM_ACKED)) { 570 /* 571 * found one to mark: If it is less than 572 * DATAGRAM_ACKED it MUST not be a skipped or marked 573 * TSN but instead one that is either already set 574 * for retransmission OR one that needs 575 * retransmission. 576 */ 577 578 /* validate its been outstanding long enough */ 579 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 580 sctp_log_fr(chk->rec.data.tsn, 581 chk->sent_rcv_time.tv_sec, 582 chk->sent_rcv_time.tv_usec, 583 SCTP_FR_T3_MARK_TIME); 584 } 585 if ((chk->sent_rcv_time.tv_sec > min_wait.tv_sec) && (window_probe == 0)) { 586 /* 587 * we have reached a chunk that was sent 588 * some seconds past our min.. forget it we 589 * will find no more to send. 590 */ 591 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 592 sctp_log_fr(0, 593 chk->sent_rcv_time.tv_sec, 594 chk->sent_rcv_time.tv_usec, 595 SCTP_FR_T3_STOPPED); 596 } 597 continue; 598 } else if ((chk->sent_rcv_time.tv_sec == min_wait.tv_sec) && 599 (window_probe == 0)) { 600 /* 601 * we must look at the micro seconds to 602 * know. 603 */ 604 if (chk->sent_rcv_time.tv_usec >= min_wait.tv_usec) { 605 /* 606 * ok it was sent after our boundary 607 * time. 608 */ 609 continue; 610 } 611 } 612 if (stcb->asoc.prsctp_supported && PR_SCTP_TTL_ENABLED(chk->flags)) { 613 /* Is it expired? */ 614 if (timevalcmp(&now, &chk->rec.data.timetodrop, >)) { 615 /* Yes so drop it */ 616 if (chk->data) { 617 (void)sctp_release_pr_sctp_chunk(stcb, 618 chk, 619 1, 620 SCTP_SO_NOT_LOCKED); 621 cnt_abandoned++; 622 } 623 continue; 624 } 625 } 626 if (stcb->asoc.prsctp_supported && PR_SCTP_RTX_ENABLED(chk->flags)) { 627 /* Has it been retransmitted tv_sec times? */ 628 if (chk->snd_count > chk->rec.data.timetodrop.tv_sec) { 629 if (chk->data) { 630 (void)sctp_release_pr_sctp_chunk(stcb, 631 chk, 632 1, 633 SCTP_SO_NOT_LOCKED); 634 cnt_abandoned++; 635 } 636 continue; 637 } 638 } 639 if (chk->sent < SCTP_DATAGRAM_RESEND) { 640 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 641 num_mk++; 642 if (fir == 0) { 643 fir = 1; 644 tsnfirst = chk->rec.data.tsn; 645 } 646 tsnlast = chk->rec.data.tsn; 647 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 648 sctp_log_fr(chk->rec.data.tsn, chk->snd_count, 649 0, SCTP_FR_T3_MARKED); 650 } 651 652 if (chk->rec.data.chunk_was_revoked) { 653 /* deflate the cwnd */ 654 chk->whoTo->cwnd -= chk->book_size; 655 chk->rec.data.chunk_was_revoked = 0; 656 } 657 net->marked_retrans++; 658 stcb->asoc.marked_retrans++; 659 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 660 sctp_misc_ints(SCTP_FLIGHT_LOG_DOWN_RSND_TO, 661 chk->whoTo->flight_size, 662 chk->book_size, 663 (uint32_t)(uintptr_t)chk->whoTo, 664 chk->rec.data.tsn); 665 } 666 sctp_flight_size_decrease(chk); 667 sctp_total_flight_decrease(stcb, chk); 668 stcb->asoc.peers_rwnd += chk->send_size; 669 stcb->asoc.peers_rwnd += SCTP_BASE_SYSCTL(sctp_peer_chunk_oh); 670 } 671 chk->sent = SCTP_DATAGRAM_RESEND; 672 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 673 SCTP_STAT_INCR(sctps_markedretrans); 674 675 /* reset the TSN for striking and other FR stuff */ 676 chk->rec.data.doing_fast_retransmit = 0; 677 /* Clear any time so NO RTT is being done */ 678 679 if (chk->do_rtt) { 680 if (chk->whoTo->rto_needed == 0) { 681 chk->whoTo->rto_needed = 1; 682 } 683 } 684 chk->do_rtt = 0; 685 if (alt != net) { 686 sctp_free_remote_addr(chk->whoTo); 687 chk->no_fr_allowed = 1; 688 chk->whoTo = alt; 689 atomic_add_int(&alt->ref_count, 1); 690 } else { 691 chk->no_fr_allowed = 0; 692 if (TAILQ_EMPTY(&stcb->asoc.send_queue)) { 693 chk->rec.data.fast_retran_tsn = stcb->asoc.sending_seq; 694 } else { 695 chk->rec.data.fast_retran_tsn = (TAILQ_FIRST(&stcb->asoc.send_queue))->rec.data.tsn; 696 } 697 } 698 /* 699 * CMT: Do not allow FRs on retransmitted TSNs. 700 */ 701 if (stcb->asoc.sctp_cmt_on_off > 0) { 702 chk->no_fr_allowed = 1; 703 } 704 #ifdef THIS_SHOULD_NOT_BE_DONE 705 } else if (chk->sent == SCTP_DATAGRAM_ACKED) { 706 /* remember highest acked one */ 707 could_be_sent = chk; 708 #endif 709 } 710 if (chk->sent == SCTP_DATAGRAM_RESEND) { 711 cnt_mk++; 712 } 713 } 714 if ((orig_flight - net->flight_size) != (orig_tf - stcb->asoc.total_flight)) { 715 /* we did not subtract the same things? */ 716 audit_tf = 1; 717 } 718 719 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 720 sctp_log_fr(tsnfirst, tsnlast, num_mk, SCTP_FR_T3_TIMEOUT); 721 } 722 #ifdef SCTP_DEBUG 723 if (num_mk) { 724 SCTPDBG(SCTP_DEBUG_TIMER1, "LAST TSN marked was %x\n", 725 tsnlast); 726 SCTPDBG(SCTP_DEBUG_TIMER1, "Num marked for retransmission was %d peer-rwd:%u\n", 727 num_mk, 728 stcb->asoc.peers_rwnd); 729 } 730 #endif 731 *num_marked = num_mk; 732 *num_abandoned = cnt_abandoned; 733 /* 734 * Now check for a ECN Echo that may be stranded And include the 735 * cnt_mk'd to have all resends in the control queue. 736 */ 737 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 738 if (chk->sent == SCTP_DATAGRAM_RESEND) { 739 cnt_mk++; 740 } 741 if ((chk->whoTo == net) && 742 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 743 sctp_free_remote_addr(chk->whoTo); 744 chk->whoTo = alt; 745 if (chk->sent != SCTP_DATAGRAM_RESEND) { 746 chk->sent = SCTP_DATAGRAM_RESEND; 747 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 748 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 749 cnt_mk++; 750 } 751 atomic_add_int(&alt->ref_count, 1); 752 } 753 } 754 #ifdef THIS_SHOULD_NOT_BE_DONE 755 if ((stcb->asoc.sent_queue_retran_cnt == 0) && (could_be_sent)) { 756 /* fix it so we retransmit the highest acked anyway */ 757 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 758 cnt_mk++; 759 could_be_sent->sent = SCTP_DATAGRAM_RESEND; 760 } 761 #endif 762 if (stcb->asoc.sent_queue_retran_cnt != cnt_mk) { 763 #ifdef INVARIANTS 764 SCTP_PRINTF("Local Audit says there are %d for retran asoc cnt:%d we marked:%d this time\n", 765 cnt_mk, stcb->asoc.sent_queue_retran_cnt, num_mk); 766 #endif 767 #ifndef SCTP_AUDITING_ENABLED 768 stcb->asoc.sent_queue_retran_cnt = cnt_mk; 769 #endif 770 } 771 if (audit_tf) { 772 SCTPDBG(SCTP_DEBUG_TIMER4, 773 "Audit total flight due to negative value net:%p\n", 774 (void *)net); 775 stcb->asoc.total_flight = 0; 776 stcb->asoc.total_flight_count = 0; 777 /* Clear all networks flight size */ 778 TAILQ_FOREACH(lnets, &stcb->asoc.nets, sctp_next) { 779 lnets->flight_size = 0; 780 SCTPDBG(SCTP_DEBUG_TIMER4, 781 "Net:%p c-f cwnd:%d ssthresh:%d\n", 782 (void *)lnets, lnets->cwnd, lnets->ssthresh); 783 } 784 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) { 785 if (chk->sent < SCTP_DATAGRAM_RESEND) { 786 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 787 sctp_misc_ints(SCTP_FLIGHT_LOG_UP, 788 chk->whoTo->flight_size, 789 chk->book_size, 790 (uint32_t)(uintptr_t)chk->whoTo, 791 chk->rec.data.tsn); 792 } 793 794 sctp_flight_size_increase(chk); 795 sctp_total_flight_increase(stcb, chk); 796 } 797 } 798 } 799 /* We return 1 if we only have a window probe outstanding */ 800 return (0); 801 } 802 803 804 int 805 sctp_t3rxt_timer(struct sctp_inpcb *inp, 806 struct sctp_tcb *stcb, 807 struct sctp_nets *net) 808 { 809 struct sctp_nets *alt; 810 int win_probe, num_mk, num_abandoned; 811 812 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 813 sctp_log_fr(0, 0, 0, SCTP_FR_T3_TIMEOUT); 814 } 815 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_LOGGING_ENABLE) { 816 struct sctp_nets *lnet; 817 818 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) { 819 if (net == lnet) { 820 sctp_log_cwnd(stcb, lnet, 1, SCTP_CWND_LOG_FROM_T3); 821 } else { 822 sctp_log_cwnd(stcb, lnet, 0, SCTP_CWND_LOG_FROM_T3); 823 } 824 } 825 } 826 /* Find an alternate and mark those for retransmission */ 827 if ((stcb->asoc.peers_rwnd == 0) && 828 (stcb->asoc.total_flight < net->mtu)) { 829 SCTP_STAT_INCR(sctps_timowindowprobe); 830 win_probe = 1; 831 } else { 832 win_probe = 0; 833 } 834 835 if (win_probe == 0) { 836 /* We don't do normal threshold management on window probes */ 837 if (sctp_threshold_management(inp, stcb, net, 838 stcb->asoc.max_send_times)) { 839 /* Association was destroyed */ 840 return (1); 841 } else { 842 if (net != stcb->asoc.primary_destination) { 843 /* send a immediate HB if our RTO is stale */ 844 struct timeval now; 845 unsigned int ms_goneby; 846 847 (void)SCTP_GETTIME_TIMEVAL(&now); 848 if (net->last_sent_time.tv_sec) { 849 ms_goneby = (now.tv_sec - net->last_sent_time.tv_sec) * 1000; 850 } else { 851 ms_goneby = 0; 852 } 853 if ((net->dest_state & SCTP_ADDR_PF) == 0) { 854 if ((ms_goneby > net->RTO) || (net->RTO == 0)) { 855 /* 856 * no recent feed back in an 857 * RTO or more, request a 858 * RTT update 859 */ 860 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 861 } 862 } 863 } 864 } 865 } else { 866 /* 867 * For a window probe we don't penalize the net's but only 868 * the association. This may fail it if SACKs are not coming 869 * back. If sack's are coming with rwnd locked at 0, we will 870 * continue to hold things waiting for rwnd to raise 871 */ 872 if (sctp_threshold_management(inp, stcb, NULL, 873 stcb->asoc.max_send_times)) { 874 /* Association was destroyed */ 875 return (1); 876 } 877 } 878 if (stcb->asoc.sctp_cmt_on_off > 0) { 879 if (net->pf_threshold < net->failure_threshold) { 880 alt = sctp_find_alternate_net(stcb, net, 2); 881 } else { 882 /* 883 * CMT: Using RTX_SSTHRESH policy for CMT. If CMT is 884 * being used, then pick dest with largest ssthresh 885 * for any retransmission. 886 */ 887 alt = sctp_find_alternate_net(stcb, net, 1); 888 /* 889 * CUCv2: If a different dest is picked for the 890 * retransmission, then new (rtx-)pseudo_cumack 891 * needs to be tracked for orig dest. Let CUCv2 892 * track new (rtx-) pseudo-cumack always. 893 */ 894 net->find_pseudo_cumack = 1; 895 net->find_rtx_pseudo_cumack = 1; 896 } 897 } else { 898 alt = sctp_find_alternate_net(stcb, net, 0); 899 } 900 901 num_mk = 0; 902 num_abandoned = 0; 903 (void)sctp_mark_all_for_resend(stcb, net, alt, win_probe, 904 &num_mk, &num_abandoned); 905 /* FR Loss recovery just ended with the T3. */ 906 stcb->asoc.fast_retran_loss_recovery = 0; 907 908 /* CMT FR loss recovery ended with the T3 */ 909 net->fast_retran_loss_recovery = 0; 910 if ((stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) && 911 (net->flight_size == 0)) { 912 (*stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) (stcb, net); 913 } 914 915 /* 916 * setup the sat loss recovery that prevents satellite cwnd advance. 917 */ 918 stcb->asoc.sat_t3_loss_recovery = 1; 919 stcb->asoc.sat_t3_recovery_tsn = stcb->asoc.sending_seq; 920 921 /* Backoff the timer and cwnd */ 922 sctp_backoff_on_timeout(stcb, net, win_probe, num_mk, num_abandoned); 923 if ((!(net->dest_state & SCTP_ADDR_REACHABLE)) || 924 (net->dest_state & SCTP_ADDR_PF)) { 925 /* Move all pending over too */ 926 sctp_move_chunks_from_net(stcb, net); 927 928 /* 929 * Get the address that failed, to force a new src address 930 * selecton and a route allocation. 931 */ 932 if (net->ro._s_addr) { 933 sctp_free_ifa(net->ro._s_addr); 934 net->ro._s_addr = NULL; 935 } 936 net->src_addr_selected = 0; 937 938 /* Force a route allocation too */ 939 RO_NHFREE(&net->ro); 940 941 /* Was it our primary? */ 942 if ((stcb->asoc.primary_destination == net) && (alt != net)) { 943 /* 944 * Yes, note it as such and find an alternate note: 945 * this means HB code must use this to resent the 946 * primary if it goes active AND if someone does a 947 * change-primary then this flag must be cleared 948 * from any net structures. 949 */ 950 if (stcb->asoc.alternate) { 951 sctp_free_remote_addr(stcb->asoc.alternate); 952 } 953 stcb->asoc.alternate = alt; 954 atomic_add_int(&stcb->asoc.alternate->ref_count, 1); 955 } 956 } 957 /* 958 * Special case for cookie-echo'ed case, we don't do output but must 959 * await the COOKIE-ACK before retransmission 960 */ 961 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 962 /* 963 * Here we just reset the timer and start again since we 964 * have not established the asoc 965 */ 966 sctp_timer_start(SCTP_TIMER_TYPE_SEND, inp, stcb, net); 967 return (0); 968 } 969 if (stcb->asoc.prsctp_supported) { 970 struct sctp_tmit_chunk *lchk; 971 972 lchk = sctp_try_advance_peer_ack_point(stcb, &stcb->asoc); 973 /* C3. See if we need to send a Fwd-TSN */ 974 if (SCTP_TSN_GT(stcb->asoc.advanced_peer_ack_point, stcb->asoc.last_acked_seq)) { 975 send_forward_tsn(stcb, &stcb->asoc); 976 for (; lchk != NULL; lchk = TAILQ_NEXT(lchk, sctp_next)) { 977 if (lchk->whoTo != NULL) { 978 break; 979 } 980 } 981 if (lchk != NULL) { 982 /* Assure a timer is up */ 983 sctp_timer_start(SCTP_TIMER_TYPE_SEND, stcb->sctp_ep, stcb, lchk->whoTo); 984 } 985 } 986 } 987 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_MONITOR_ENABLE) { 988 sctp_log_cwnd(stcb, net, net->cwnd, SCTP_CWND_LOG_FROM_RTX); 989 } 990 return (0); 991 } 992 993 int 994 sctp_t1init_timer(struct sctp_inpcb *inp, 995 struct sctp_tcb *stcb, 996 struct sctp_nets *net) 997 { 998 /* bump the thresholds */ 999 if (stcb->asoc.delayed_connection) { 1000 /* 1001 * special hook for delayed connection. The library did NOT 1002 * complete the rest of its sends. 1003 */ 1004 stcb->asoc.delayed_connection = 0; 1005 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1006 return (0); 1007 } 1008 if (SCTP_GET_STATE(stcb) != SCTP_STATE_COOKIE_WAIT) { 1009 return (0); 1010 } 1011 if (sctp_threshold_management(inp, stcb, net, 1012 stcb->asoc.max_init_times)) { 1013 /* Association was destroyed */ 1014 return (1); 1015 } 1016 stcb->asoc.dropped_special_cnt = 0; 1017 sctp_backoff_on_timeout(stcb, stcb->asoc.primary_destination, 1, 0, 0); 1018 if (stcb->asoc.initial_init_rto_max < net->RTO) { 1019 net->RTO = stcb->asoc.initial_init_rto_max; 1020 } 1021 if (stcb->asoc.numnets > 1) { 1022 /* If we have more than one addr use it */ 1023 struct sctp_nets *alt; 1024 1025 alt = sctp_find_alternate_net(stcb, stcb->asoc.primary_destination, 0); 1026 if (alt != stcb->asoc.primary_destination) { 1027 sctp_move_chunks_from_net(stcb, stcb->asoc.primary_destination); 1028 stcb->asoc.primary_destination = alt; 1029 } 1030 } 1031 /* Send out a new init */ 1032 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1033 return (0); 1034 } 1035 1036 /* 1037 * For cookie and asconf we actually need to find and mark for resend, then 1038 * increment the resend counter (after all the threshold management stuff of 1039 * course). 1040 */ 1041 int 1042 sctp_cookie_timer(struct sctp_inpcb *inp, 1043 struct sctp_tcb *stcb, 1044 struct sctp_nets *net SCTP_UNUSED) 1045 { 1046 struct sctp_nets *alt; 1047 struct sctp_tmit_chunk *cookie; 1048 1049 /* first before all else we must find the cookie */ 1050 TAILQ_FOREACH(cookie, &stcb->asoc.control_send_queue, sctp_next) { 1051 if (cookie->rec.chunk_id.id == SCTP_COOKIE_ECHO) { 1052 break; 1053 } 1054 } 1055 if (cookie == NULL) { 1056 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 1057 /* FOOBAR! */ 1058 struct mbuf *op_err; 1059 1060 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 1061 "Cookie timer expired, but no cookie"); 1062 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_3; 1063 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 1064 } else { 1065 #ifdef INVARIANTS 1066 panic("Cookie timer expires in wrong state?"); 1067 #else 1068 SCTP_PRINTF("Strange in state %d not cookie-echoed yet c-e timer expires?\n", SCTP_GET_STATE(stcb)); 1069 return (0); 1070 #endif 1071 } 1072 return (0); 1073 } 1074 /* Ok we found the cookie, threshold management next */ 1075 if (sctp_threshold_management(inp, stcb, cookie->whoTo, 1076 stcb->asoc.max_init_times)) { 1077 /* Assoc is over */ 1078 return (1); 1079 } 1080 /* 1081 * Cleared threshold management, now lets backoff the address and 1082 * select an alternate 1083 */ 1084 stcb->asoc.dropped_special_cnt = 0; 1085 sctp_backoff_on_timeout(stcb, cookie->whoTo, 1, 0, 0); 1086 alt = sctp_find_alternate_net(stcb, cookie->whoTo, 0); 1087 if (alt != cookie->whoTo) { 1088 sctp_free_remote_addr(cookie->whoTo); 1089 cookie->whoTo = alt; 1090 atomic_add_int(&alt->ref_count, 1); 1091 } 1092 /* Now mark the retran info */ 1093 if (cookie->sent != SCTP_DATAGRAM_RESEND) { 1094 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1095 } 1096 cookie->sent = SCTP_DATAGRAM_RESEND; 1097 cookie->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1098 /* 1099 * Now call the output routine to kick out the cookie again, Note we 1100 * don't mark any chunks for retran so that FR will need to kick in 1101 * to move these (or a send timer). 1102 */ 1103 return (0); 1104 } 1105 1106 int 1107 sctp_strreset_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1108 { 1109 struct sctp_nets *alt, *net; 1110 struct sctp_tmit_chunk *strrst = NULL, *chk = NULL; 1111 1112 if (stcb->asoc.stream_reset_outstanding == 0) { 1113 return (0); 1114 } 1115 /* find the existing STRRESET, we use the seq number we sent out on */ 1116 (void)sctp_find_stream_reset(stcb, stcb->asoc.str_reset_seq_out, &strrst); 1117 if (strrst == NULL) { 1118 return (0); 1119 } 1120 net = strrst->whoTo; 1121 /* do threshold management */ 1122 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1123 /* Assoc is over */ 1124 return (1); 1125 } 1126 /* 1127 * Cleared threshold management, now lets backoff the address and 1128 * select an alternate 1129 */ 1130 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1131 alt = sctp_find_alternate_net(stcb, net, 0); 1132 strrst->whoTo = alt; 1133 atomic_add_int(&alt->ref_count, 1); 1134 1135 /* See if a ECN Echo is also stranded */ 1136 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1137 if ((chk->whoTo == net) && 1138 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1139 sctp_free_remote_addr(chk->whoTo); 1140 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1141 chk->sent = SCTP_DATAGRAM_RESEND; 1142 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1143 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1144 } 1145 chk->whoTo = alt; 1146 atomic_add_int(&alt->ref_count, 1); 1147 } 1148 } 1149 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1150 /* 1151 * If the address went un-reachable, we need to move to 1152 * alternates for ALL chk's in queue 1153 */ 1154 sctp_move_chunks_from_net(stcb, net); 1155 } 1156 sctp_free_remote_addr(net); 1157 1158 /* mark the retran info */ 1159 if (strrst->sent != SCTP_DATAGRAM_RESEND) 1160 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1161 strrst->sent = SCTP_DATAGRAM_RESEND; 1162 strrst->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1163 1164 /* restart the timer */ 1165 sctp_timer_start(SCTP_TIMER_TYPE_STRRESET, inp, stcb, alt); 1166 return (0); 1167 } 1168 1169 int 1170 sctp_asconf_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1171 struct sctp_nets *net) 1172 { 1173 struct sctp_nets *alt; 1174 struct sctp_tmit_chunk *asconf, *chk; 1175 1176 /* is this a first send, or a retransmission? */ 1177 if (TAILQ_EMPTY(&stcb->asoc.asconf_send_queue)) { 1178 /* compose a new ASCONF chunk and send it */ 1179 sctp_send_asconf(stcb, net, SCTP_ADDR_NOT_LOCKED); 1180 } else { 1181 /* 1182 * Retransmission of the existing ASCONF is needed 1183 */ 1184 1185 /* find the existing ASCONF */ 1186 asconf = TAILQ_FIRST(&stcb->asoc.asconf_send_queue); 1187 if (asconf == NULL) { 1188 return (0); 1189 } 1190 net = asconf->whoTo; 1191 /* do threshold management */ 1192 if (sctp_threshold_management(inp, stcb, net, 1193 stcb->asoc.max_send_times)) { 1194 /* Assoc is over */ 1195 return (1); 1196 } 1197 if (asconf->snd_count > stcb->asoc.max_send_times) { 1198 /* 1199 * Something is rotten: our peer is not responding 1200 * to ASCONFs but apparently is to other chunks. 1201 * i.e. it is not properly handling the chunk type 1202 * upper bits. Mark this peer as ASCONF incapable 1203 * and cleanup. 1204 */ 1205 SCTPDBG(SCTP_DEBUG_TIMER1, "asconf_timer: Peer has not responded to our repeated ASCONFs\n"); 1206 sctp_asconf_cleanup(stcb); 1207 return (0); 1208 } 1209 /* 1210 * cleared threshold management, so now backoff the net and 1211 * select an alternate 1212 */ 1213 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1214 alt = sctp_find_alternate_net(stcb, net, 0); 1215 if (asconf->whoTo != alt) { 1216 asconf->whoTo = alt; 1217 atomic_add_int(&alt->ref_count, 1); 1218 } 1219 1220 /* See if an ECN Echo is also stranded */ 1221 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1222 if ((chk->whoTo == net) && 1223 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1224 sctp_free_remote_addr(chk->whoTo); 1225 chk->whoTo = alt; 1226 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1227 chk->sent = SCTP_DATAGRAM_RESEND; 1228 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1229 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1230 } 1231 atomic_add_int(&alt->ref_count, 1); 1232 } 1233 } 1234 TAILQ_FOREACH(chk, &stcb->asoc.asconf_send_queue, sctp_next) { 1235 if (chk->whoTo != alt) { 1236 sctp_free_remote_addr(chk->whoTo); 1237 chk->whoTo = alt; 1238 atomic_add_int(&alt->ref_count, 1); 1239 } 1240 if (asconf->sent != SCTP_DATAGRAM_RESEND && chk->sent != SCTP_DATAGRAM_UNSENT) 1241 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1242 chk->sent = SCTP_DATAGRAM_RESEND; 1243 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1244 } 1245 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1246 /* 1247 * If the address went un-reachable, we need to move 1248 * to the alternate for ALL chunks in queue 1249 */ 1250 sctp_move_chunks_from_net(stcb, net); 1251 } 1252 sctp_free_remote_addr(net); 1253 1254 /* mark the retran info */ 1255 if (asconf->sent != SCTP_DATAGRAM_RESEND) 1256 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1257 asconf->sent = SCTP_DATAGRAM_RESEND; 1258 asconf->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1259 1260 /* send another ASCONF if any and we can do */ 1261 sctp_send_asconf(stcb, alt, SCTP_ADDR_NOT_LOCKED); 1262 } 1263 return (0); 1264 } 1265 1266 /* Mobility adaptation */ 1267 void 1268 sctp_delete_prim_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1269 { 1270 if (stcb->asoc.deleted_primary == NULL) { 1271 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: deleted_primary is not stored...\n"); 1272 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1273 return; 1274 } 1275 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: finished to keep deleted primary "); 1276 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, &stcb->asoc.deleted_primary->ro._l_addr.sa); 1277 sctp_free_remote_addr(stcb->asoc.deleted_primary); 1278 stcb->asoc.deleted_primary = NULL; 1279 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1280 return; 1281 } 1282 1283 /* 1284 * For the shutdown and shutdown-ack, we do not keep one around on the 1285 * control queue. This means we must generate a new one and call the general 1286 * chunk output routine, AFTER having done threshold management. 1287 * It is assumed that net is non-NULL. 1288 */ 1289 int 1290 sctp_shutdown_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1291 struct sctp_nets *net) 1292 { 1293 struct sctp_nets *alt; 1294 1295 /* first threshold management */ 1296 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1297 /* Assoc is over */ 1298 return (1); 1299 } 1300 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1301 /* second select an alternative */ 1302 alt = sctp_find_alternate_net(stcb, net, 0); 1303 1304 /* third generate a shutdown into the queue for out net */ 1305 sctp_send_shutdown(stcb, alt); 1306 1307 /* fourth restart timer */ 1308 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, inp, stcb, alt); 1309 return (0); 1310 } 1311 1312 int 1313 sctp_shutdownack_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1314 struct sctp_nets *net) 1315 { 1316 struct sctp_nets *alt; 1317 1318 /* first threshold management */ 1319 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1320 /* Assoc is over */ 1321 return (1); 1322 } 1323 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1324 /* second select an alternative */ 1325 alt = sctp_find_alternate_net(stcb, net, 0); 1326 1327 /* third generate a shutdown into the queue for out net */ 1328 sctp_send_shutdown_ack(stcb, alt); 1329 1330 /* fourth restart timer */ 1331 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNACK, inp, stcb, alt); 1332 return (0); 1333 } 1334 1335 static void 1336 sctp_audit_stream_queues_for_size(struct sctp_inpcb *inp, 1337 struct sctp_tcb *stcb) 1338 { 1339 struct sctp_stream_queue_pending *sp; 1340 unsigned int i, chks_in_queue = 0; 1341 int being_filled = 0; 1342 1343 /* 1344 * This function is ONLY called when the send/sent queues are empty. 1345 */ 1346 if ((stcb == NULL) || (inp == NULL)) 1347 return; 1348 1349 if (stcb->asoc.sent_queue_retran_cnt) { 1350 SCTP_PRINTF("Hmm, sent_queue_retran_cnt is non-zero %d\n", 1351 stcb->asoc.sent_queue_retran_cnt); 1352 stcb->asoc.sent_queue_retran_cnt = 0; 1353 } 1354 if (stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1355 /* No stream scheduler information, initialize scheduler */ 1356 stcb->asoc.ss_functions.sctp_ss_init(stcb, &stcb->asoc, 0); 1357 if (!stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1358 /* yep, we lost a stream or two */ 1359 SCTP_PRINTF("Found additional streams NOT managed by scheduler, corrected\n"); 1360 } else { 1361 /* no streams lost */ 1362 stcb->asoc.total_output_queue_size = 0; 1363 } 1364 } 1365 /* Check to see if some data queued, if so report it */ 1366 for (i = 0; i < stcb->asoc.streamoutcnt; i++) { 1367 if (!TAILQ_EMPTY(&stcb->asoc.strmout[i].outqueue)) { 1368 TAILQ_FOREACH(sp, &stcb->asoc.strmout[i].outqueue, next) { 1369 if (sp->msg_is_complete) 1370 being_filled++; 1371 chks_in_queue++; 1372 } 1373 } 1374 } 1375 if (chks_in_queue != stcb->asoc.stream_queue_cnt) { 1376 SCTP_PRINTF("Hmm, stream queue cnt at %d I counted %d in stream out wheel\n", 1377 stcb->asoc.stream_queue_cnt, chks_in_queue); 1378 } 1379 if (chks_in_queue) { 1380 /* call the output queue function */ 1381 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); 1382 if ((TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1383 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1384 /* 1385 * Probably should go in and make it go back through 1386 * and add fragments allowed 1387 */ 1388 if (being_filled == 0) { 1389 SCTP_PRINTF("Still nothing moved %d chunks are stuck\n", 1390 chks_in_queue); 1391 } 1392 } 1393 } else { 1394 SCTP_PRINTF("Found no chunks on any queue tot:%lu\n", 1395 (u_long)stcb->asoc.total_output_queue_size); 1396 stcb->asoc.total_output_queue_size = 0; 1397 } 1398 } 1399 1400 int 1401 sctp_heartbeat_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1402 struct sctp_nets *net) 1403 { 1404 uint8_t net_was_pf; 1405 1406 if (net->dest_state & SCTP_ADDR_PF) { 1407 net_was_pf = 1; 1408 } else { 1409 net_was_pf = 0; 1410 } 1411 if (net->hb_responded == 0) { 1412 if (net->ro._s_addr) { 1413 /* 1414 * Invalidate the src address if we did not get a 1415 * response last time. 1416 */ 1417 sctp_free_ifa(net->ro._s_addr); 1418 net->ro._s_addr = NULL; 1419 net->src_addr_selected = 0; 1420 } 1421 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1422 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1423 /* Assoc is over */ 1424 return (1); 1425 } 1426 } 1427 /* Zero PBA, if it needs it */ 1428 if (net->partial_bytes_acked) { 1429 net->partial_bytes_acked = 0; 1430 } 1431 if ((stcb->asoc.total_output_queue_size > 0) && 1432 (TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1433 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1434 sctp_audit_stream_queues_for_size(inp, stcb); 1435 } 1436 if (!(net->dest_state & SCTP_ADDR_NOHB) && 1437 !((net_was_pf == 0) && (net->dest_state & SCTP_ADDR_PF))) { 1438 /* 1439 * when move to PF during threshold mangement, a HB has been 1440 * queued in that routine 1441 */ 1442 uint32_t ms_gone_by; 1443 1444 if ((net->last_sent_time.tv_sec > 0) || 1445 (net->last_sent_time.tv_usec > 0)) { 1446 struct timeval diff; 1447 1448 SCTP_GETTIME_TIMEVAL(&diff); 1449 timevalsub(&diff, &net->last_sent_time); 1450 ms_gone_by = (uint32_t)(diff.tv_sec * 1000) + 1451 (uint32_t)(diff.tv_usec / 1000); 1452 } else { 1453 ms_gone_by = 0xffffffff; 1454 } 1455 if ((ms_gone_by >= net->heart_beat_delay) || 1456 (net->dest_state & SCTP_ADDR_PF)) { 1457 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 1458 } 1459 } 1460 return (0); 1461 } 1462 1463 void 1464 sctp_pathmtu_timer(struct sctp_inpcb *inp, 1465 struct sctp_tcb *stcb, 1466 struct sctp_nets *net) 1467 { 1468 uint32_t next_mtu, mtu; 1469 1470 next_mtu = sctp_get_next_mtu(net->mtu); 1471 1472 if ((next_mtu > net->mtu) && (net->port == 0)) { 1473 if ((net->src_addr_selected == 0) || 1474 (net->ro._s_addr == NULL) || 1475 (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1476 if ((net->ro._s_addr != NULL) && (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1477 sctp_free_ifa(net->ro._s_addr); 1478 net->ro._s_addr = NULL; 1479 net->src_addr_selected = 0; 1480 } else if (net->ro._s_addr == NULL) { 1481 #if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1482 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1483 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1484 1485 /* KAME hack: embed scopeid */ 1486 (void)sa6_embedscope(sin6, MODULE_GLOBAL(ip6_use_defzone)); 1487 } 1488 #endif 1489 1490 net->ro._s_addr = sctp_source_address_selection(inp, 1491 stcb, 1492 (sctp_route_t *)&net->ro, 1493 net, 0, stcb->asoc.vrf_id); 1494 #if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1495 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1496 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1497 1498 (void)sa6_recoverscope(sin6); 1499 } 1500 #endif /* INET6 */ 1501 } 1502 if (net->ro._s_addr) 1503 net->src_addr_selected = 1; 1504 } 1505 if (net->ro._s_addr) { 1506 mtu = SCTP_GATHER_MTU_FROM_ROUTE(net->ro._s_addr, &net->ro._s_addr.sa, net->ro.ro_nh); 1507 #if defined(INET) || defined(INET6) 1508 if (net->port) { 1509 mtu -= sizeof(struct udphdr); 1510 } 1511 #endif 1512 if (mtu > next_mtu) { 1513 net->mtu = next_mtu; 1514 } else { 1515 net->mtu = mtu; 1516 } 1517 } 1518 } 1519 /* restart the timer */ 1520 sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, net); 1521 } 1522 1523 void 1524 sctp_autoclose_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1525 { 1526 struct timeval tn, *tim_touse; 1527 struct sctp_association *asoc; 1528 uint32_t ticks_gone_by; 1529 1530 (void)SCTP_GETTIME_TIMEVAL(&tn); 1531 if (stcb->asoc.sctp_autoclose_ticks > 0 && 1532 sctp_is_feature_on(inp, SCTP_PCB_FLAGS_AUTOCLOSE)) { 1533 /* Auto close is on */ 1534 asoc = &stcb->asoc; 1535 /* pick the time to use */ 1536 if (asoc->time_last_rcvd.tv_sec > 1537 asoc->time_last_sent.tv_sec) { 1538 tim_touse = &asoc->time_last_rcvd; 1539 } else { 1540 tim_touse = &asoc->time_last_sent; 1541 } 1542 /* Now has long enough transpired to autoclose? */ 1543 ticks_gone_by = sctp_secs_to_ticks((uint32_t)(tn.tv_sec - tim_touse->tv_sec)); 1544 if (ticks_gone_by >= asoc->sctp_autoclose_ticks) { 1545 /* 1546 * autoclose time has hit, call the output routine, 1547 * which should do nothing just to be SURE we don't 1548 * have hanging data. We can then safely check the 1549 * queues and know that we are clear to send 1550 * shutdown 1551 */ 1552 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_AUTOCLOSE_TMR, SCTP_SO_NOT_LOCKED); 1553 /* Are we clean? */ 1554 if (TAILQ_EMPTY(&asoc->send_queue) && 1555 TAILQ_EMPTY(&asoc->sent_queue)) { 1556 /* 1557 * there is nothing queued to send, so I'm 1558 * done... 1559 */ 1560 if (SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_SENT) { 1561 /* only send SHUTDOWN 1st time thru */ 1562 struct sctp_nets *net; 1563 1564 if ((SCTP_GET_STATE(stcb) == SCTP_STATE_OPEN) || 1565 (SCTP_GET_STATE(stcb) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 1566 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 1567 } 1568 SCTP_SET_STATE(stcb, SCTP_STATE_SHUTDOWN_SENT); 1569 sctp_stop_timers_for_shutdown(stcb); 1570 if (stcb->asoc.alternate) { 1571 net = stcb->asoc.alternate; 1572 } else { 1573 net = stcb->asoc.primary_destination; 1574 } 1575 sctp_send_shutdown(stcb, net); 1576 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, 1577 stcb->sctp_ep, stcb, net); 1578 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNGUARD, 1579 stcb->sctp_ep, stcb, NULL); 1580 } 1581 } 1582 } else { 1583 /* 1584 * No auto close at this time, reset t-o to check 1585 * later 1586 */ 1587 uint32_t tmp; 1588 1589 /* fool the timer startup to use the time left */ 1590 tmp = asoc->sctp_autoclose_ticks; 1591 asoc->sctp_autoclose_ticks -= ticks_gone_by; 1592 sctp_timer_start(SCTP_TIMER_TYPE_AUTOCLOSE, inp, stcb, NULL); 1593 /* restore the real tick value */ 1594 asoc->sctp_autoclose_ticks = tmp; 1595 } 1596 } 1597 } 1598