1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 5 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 6 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions are met: 10 * 11 * a) Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * 14 * b) Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the distribution. 17 * 18 * c) Neither the name of Cisco Systems, Inc. nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 24 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 26 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 32 * THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35#include <sys/cdefs.h> 36__FBSDID("$FreeBSD$"); 37 38#define _IP_VHL 39#include <netinet/sctp_os.h> 40#include <netinet/sctp_pcb.h> 41#ifdef INET6 42#endif 43#include <netinet/sctp_var.h> 44#include <netinet/sctp_sysctl.h> 45#include <netinet/sctp_timer.h> 46#include <netinet/sctputil.h> 47#include <netinet/sctp_output.h> 48#include <netinet/sctp_header.h> 49#include <netinet/sctp_indata.h> 50#include <netinet/sctp_asconf.h> 51#include <netinet/sctp_input.h> 52#include <netinet/sctp.h> 53#include <netinet/sctp_uio.h> 54#if defined(INET) || defined(INET6) 55#include <netinet/udp.h> 56#endif 57 58void 59sctp_audit_retranmission_queue(struct sctp_association *asoc) 60{ 61 struct sctp_tmit_chunk *chk; 62 63 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit invoked on send queue cnt:%d onqueue:%d\n", 64 asoc->sent_queue_retran_cnt, 65 asoc->sent_queue_cnt); 66 asoc->sent_queue_retran_cnt = 0; 67 asoc->sent_queue_cnt = 0; 68 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 69 if (chk->sent == SCTP_DATAGRAM_RESEND) { 70 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 71 } 72 asoc->sent_queue_cnt++; 73 } 74 TAILQ_FOREACH(chk, &asoc->control_send_queue, sctp_next) { 75 if (chk->sent == SCTP_DATAGRAM_RESEND) { 76 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 77 } 78 } 79 TAILQ_FOREACH(chk, &asoc->asconf_send_queue, sctp_next) { 80 if (chk->sent == SCTP_DATAGRAM_RESEND) { 81 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 82 } 83 } 84 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit completes retran:%d onqueue:%d\n", 85 asoc->sent_queue_retran_cnt, 86 asoc->sent_queue_cnt); 87} 88 89static int 90sctp_threshold_management(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 91 struct sctp_nets *net, uint16_t threshold) 92{ 93 if (net) { 94 net->error_count++; 95 SCTPDBG(SCTP_DEBUG_TIMER4, "Error count for %p now %d thresh:%d\n", 96 (void *)net, net->error_count, 97 net->failure_threshold); 98 if (net->error_count > net->failure_threshold) { 99 /* We had a threshold failure */ 100 if (net->dest_state & SCTP_ADDR_REACHABLE) { 101 net->dest_state &= ~SCTP_ADDR_REACHABLE; 102 net->dest_state &= ~SCTP_ADDR_REQ_PRIMARY; 103 net->dest_state &= ~SCTP_ADDR_PF; 104 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_DOWN, 105 stcb, 0, 106 (void *)net, SCTP_SO_NOT_LOCKED); 107 } 108 } else if ((net->pf_threshold < net->failure_threshold) && 109 (net->error_count > net->pf_threshold)) { 110 if (!(net->dest_state & SCTP_ADDR_PF)) { 111 net->dest_state |= SCTP_ADDR_PF; 112 net->last_active = sctp_get_tick_count(); 113 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 114 sctp_timer_stop(SCTP_TIMER_TYPE_HEARTBEAT, 115 inp, stcb, net, 116 SCTP_FROM_SCTP_TIMER + SCTP_LOC_1); 117 sctp_timer_start(SCTP_TIMER_TYPE_HEARTBEAT, inp, stcb, net); 118 } 119 } 120 } 121 if (stcb == NULL) 122 return (0); 123 124 if (net) { 125 if ((net->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) { 126 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 127 sctp_misc_ints(SCTP_THRESHOLD_INCR, 128 stcb->asoc.overall_error_count, 129 (stcb->asoc.overall_error_count + 1), 130 SCTP_FROM_SCTP_TIMER, 131 __LINE__); 132 } 133 stcb->asoc.overall_error_count++; 134 } 135 } else { 136 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 137 sctp_misc_ints(SCTP_THRESHOLD_INCR, 138 stcb->asoc.overall_error_count, 139 (stcb->asoc.overall_error_count + 1), 140 SCTP_FROM_SCTP_TIMER, 141 __LINE__); 142 } 143 stcb->asoc.overall_error_count++; 144 } 145 SCTPDBG(SCTP_DEBUG_TIMER4, "Overall error count for %p now %d thresh:%u state:%x\n", 146 (void *)&stcb->asoc, stcb->asoc.overall_error_count, 147 (uint32_t)threshold, 148 ((net == NULL) ? (uint32_t)0 : (uint32_t)net->dest_state)); 149 /* 150 * We specifically do not do >= to give the assoc one more change 151 * before we fail it. 152 */ 153 if (stcb->asoc.overall_error_count > threshold) { 154 /* Abort notification sends a ULP notify */ 155 struct mbuf *op_err; 156 157 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 158 "Association error counter exceeded"); 159 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_2; 160 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 161 return (1); 162 } 163 return (0); 164} 165 166/* 167 * sctp_find_alternate_net() returns a non-NULL pointer as long 168 * the argument net is non-NULL. 169 */ 170struct sctp_nets * 171sctp_find_alternate_net(struct sctp_tcb *stcb, 172 struct sctp_nets *net, 173 int mode) 174{ 175 /* Find and return an alternate network if possible */ 176 struct sctp_nets *alt, *mnet, *min_errors_net = NULL, *max_cwnd_net = NULL; 177 int once; 178 179 /* JRS 5/14/07 - Initialize min_errors to an impossible value. */ 180 int min_errors = -1; 181 uint32_t max_cwnd = 0; 182 183 if (stcb->asoc.numnets == 1) { 184 /* No others but net */ 185 return (TAILQ_FIRST(&stcb->asoc.nets)); 186 } 187 /* 188 * JRS 5/14/07 - If mode is set to 2, use the CMT PF find alternate 189 * net algorithm. This algorithm chooses the active destination (not 190 * in PF state) with the largest cwnd value. If all destinations are 191 * in PF state, unreachable, or unconfirmed, choose the desination 192 * that is in PF state with the lowest error count. In case of a 193 * tie, choose the destination that was most recently active. 194 */ 195 if (mode == 2) { 196 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 197 /* 198 * JRS 5/14/07 - If the destination is unreachable 199 * or unconfirmed, skip it. 200 */ 201 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 202 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 203 continue; 204 } 205 /* 206 * JRS 5/14/07 - If the destination is reachable 207 * but in PF state, compare the error count of the 208 * destination to the minimum error count seen thus 209 * far. Store the destination with the lower error 210 * count. If the error counts are equal, store the 211 * destination that was most recently active. 212 */ 213 if (mnet->dest_state & SCTP_ADDR_PF) { 214 /* 215 * JRS 5/14/07 - If the destination under 216 * consideration is the current destination, 217 * work as if the error count is one higher. 218 * The actual error count will not be 219 * incremented until later in the t3 220 * handler. 221 */ 222 if (mnet == net) { 223 if (min_errors == -1) { 224 min_errors = mnet->error_count + 1; 225 min_errors_net = mnet; 226 } else if (mnet->error_count + 1 < min_errors) { 227 min_errors = mnet->error_count + 1; 228 min_errors_net = mnet; 229 } else if (mnet->error_count + 1 == min_errors 230 && mnet->last_active > min_errors_net->last_active) { 231 min_errors_net = mnet; 232 min_errors = mnet->error_count + 1; 233 } 234 continue; 235 } else { 236 if (min_errors == -1) { 237 min_errors = mnet->error_count; 238 min_errors_net = mnet; 239 } else if (mnet->error_count < min_errors) { 240 min_errors = mnet->error_count; 241 min_errors_net = mnet; 242 } else if (mnet->error_count == min_errors 243 && mnet->last_active > min_errors_net->last_active) { 244 min_errors_net = mnet; 245 min_errors = mnet->error_count; 246 } 247 continue; 248 } 249 } 250 /* 251 * JRS 5/14/07 - If the destination is reachable and 252 * not in PF state, compare the cwnd of the 253 * destination to the highest cwnd seen thus far. 254 * Store the destination with the higher cwnd value. 255 * If the cwnd values are equal, randomly choose one 256 * of the two destinations. 257 */ 258 if (max_cwnd < mnet->cwnd) { 259 max_cwnd_net = mnet; 260 max_cwnd = mnet->cwnd; 261 } else if (max_cwnd == mnet->cwnd) { 262 uint32_t rndval; 263 uint8_t this_random; 264 265 if (stcb->asoc.hb_random_idx > 3) { 266 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 267 memcpy(stcb->asoc.hb_random_values, &rndval, sizeof(stcb->asoc.hb_random_values)); 268 this_random = stcb->asoc.hb_random_values[0]; 269 stcb->asoc.hb_random_idx++; 270 stcb->asoc.hb_ect_randombit = 0; 271 } else { 272 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 273 stcb->asoc.hb_random_idx++; 274 stcb->asoc.hb_ect_randombit = 0; 275 } 276 if (this_random % 2 == 1) { 277 max_cwnd_net = mnet; 278 max_cwnd = mnet->cwnd; /* Useless? */ 279 } 280 } 281 } 282 if (max_cwnd_net == NULL) { 283 if (min_errors_net == NULL) { 284 return (net); 285 } 286 return (min_errors_net); 287 } else { 288 return (max_cwnd_net); 289 } 290 } /* JRS 5/14/07 - If mode is set to 1, use the 291 * CMT policy for choosing an alternate net. */ 292 else if (mode == 1) { 293 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 294 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 295 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 296 /* 297 * will skip ones that are not-reachable or 298 * unconfirmed 299 */ 300 continue; 301 } 302 if (max_cwnd < mnet->cwnd) { 303 max_cwnd_net = mnet; 304 max_cwnd = mnet->cwnd; 305 } else if (max_cwnd == mnet->cwnd) { 306 uint32_t rndval; 307 uint8_t this_random; 308 309 if (stcb->asoc.hb_random_idx > 3) { 310 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 311 memcpy(stcb->asoc.hb_random_values, &rndval, 312 sizeof(stcb->asoc.hb_random_values)); 313 this_random = stcb->asoc.hb_random_values[0]; 314 stcb->asoc.hb_random_idx = 0; 315 stcb->asoc.hb_ect_randombit = 0; 316 } else { 317 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 318 stcb->asoc.hb_random_idx++; 319 stcb->asoc.hb_ect_randombit = 0; 320 } 321 if (this_random % 2) { 322 max_cwnd_net = mnet; 323 max_cwnd = mnet->cwnd; 324 } 325 } 326 } 327 if (max_cwnd_net) { 328 return (max_cwnd_net); 329 } 330 } 331 mnet = net; 332 once = 0; 333 334 if (mnet == NULL) { 335 mnet = TAILQ_FIRST(&stcb->asoc.nets); 336 if (mnet == NULL) { 337 return (NULL); 338 } 339 } 340 for (;;) { 341 alt = TAILQ_NEXT(mnet, sctp_next); 342 if (alt == NULL) { 343 once++; 344 if (once > 1) { 345 break; 346 } 347 alt = TAILQ_FIRST(&stcb->asoc.nets); 348 if (alt == NULL) { 349 return (NULL); 350 } 351 } 352 if (alt->ro.ro_rt == NULL) { 353 if (alt->ro._s_addr) { 354 sctp_free_ifa(alt->ro._s_addr); 355 alt->ro._s_addr = NULL; 356 } 357 alt->src_addr_selected = 0; 358 } 359 if (((alt->dest_state & SCTP_ADDR_REACHABLE) == SCTP_ADDR_REACHABLE) && 360 (alt->ro.ro_rt != NULL) && 361 (!(alt->dest_state & SCTP_ADDR_UNCONFIRMED))) { 362 /* Found a reachable address */ 363 break; 364 } 365 mnet = alt; 366 } 367 368 if (alt == NULL) { 369 /* Case where NO insv network exists (dormant state) */ 370 /* we rotate destinations */ 371 once = 0; 372 mnet = net; 373 for (;;) { 374 if (mnet == NULL) { 375 return (TAILQ_FIRST(&stcb->asoc.nets)); 376 } 377 alt = TAILQ_NEXT(mnet, sctp_next); 378 if (alt == NULL) { 379 once++; 380 if (once > 1) { 381 break; 382 } 383 alt = TAILQ_FIRST(&stcb->asoc.nets); 384 if (alt == NULL) { 385 break; 386 } 387 } 388 if ((!(alt->dest_state & SCTP_ADDR_UNCONFIRMED)) && 389 (alt != net)) { 390 /* Found an alternate address */ 391 break; 392 } 393 mnet = alt; 394 } 395 } 396 if (alt == NULL) { 397 return (net); 398 } 399 return (alt); 400} 401 402static void 403sctp_backoff_on_timeout(struct sctp_tcb *stcb, 404 struct sctp_nets *net, 405 int win_probe, 406 int num_marked, int num_abandoned) 407{ 408 if (net->RTO == 0) { 409 if (net->RTO_measured) { 410 net->RTO = stcb->asoc.minrto; 411 } else { 412 net->RTO = stcb->asoc.initial_rto; 413 } 414 } 415 net->RTO <<= 1; 416 if (net->RTO > stcb->asoc.maxrto) { 417 net->RTO = stcb->asoc.maxrto; 418 } 419 if ((win_probe == 0) && (num_marked || num_abandoned)) { 420 /* We don't apply penalty to window probe scenarios */ 421 /* JRS - Use the congestion control given in the CC module */ 422 stcb->asoc.cc_functions.sctp_cwnd_update_after_timeout(stcb, net); 423 } 424} 425 426#ifndef INVARIANTS 427static void 428sctp_recover_sent_list(struct sctp_tcb *stcb) 429{ 430 struct sctp_tmit_chunk *chk, *nchk; 431 struct sctp_association *asoc; 432 433 asoc = &stcb->asoc; 434 TAILQ_FOREACH_SAFE(chk, &asoc->sent_queue, sctp_next, nchk) { 435 if (SCTP_TSN_GE(asoc->last_acked_seq, chk->rec.data.tsn)) { 436 SCTP_PRINTF("Found chk:%p tsn:%x <= last_acked_seq:%x\n", 437 (void *)chk, chk->rec.data.tsn, asoc->last_acked_seq); 438 if (chk->sent != SCTP_DATAGRAM_NR_ACKED) { 439 if (asoc->strmout[chk->rec.data.sid].chunks_on_queues > 0) { 440 asoc->strmout[chk->rec.data.sid].chunks_on_queues--; 441 } 442 } 443 if ((asoc->strmout[chk->rec.data.sid].chunks_on_queues == 0) && 444 (asoc->strmout[chk->rec.data.sid].state == SCTP_STREAM_RESET_PENDING) && 445 TAILQ_EMPTY(&asoc->strmout[chk->rec.data.sid].outqueue)) { 446 asoc->trigger_reset = 1; 447 } 448 TAILQ_REMOVE(&asoc->sent_queue, chk, sctp_next); 449 if (PR_SCTP_ENABLED(chk->flags)) { 450 if (asoc->pr_sctp_cnt != 0) 451 asoc->pr_sctp_cnt--; 452 } 453 if (chk->data) { 454 /* sa_ignore NO_NULL_CHK */ 455 sctp_free_bufspace(stcb, asoc, chk, 1); 456 sctp_m_freem(chk->data); 457 chk->data = NULL; 458 if (asoc->prsctp_supported && PR_SCTP_BUF_ENABLED(chk->flags)) { 459 asoc->sent_queue_cnt_removeable--; 460 } 461 } 462 asoc->sent_queue_cnt--; 463 sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED); 464 } 465 } 466 SCTP_PRINTF("after recover order is as follows\n"); 467 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 468 SCTP_PRINTF("chk:%p TSN:%x\n", (void *)chk, chk->rec.data.tsn); 469 } 470} 471#endif 472 473static int 474sctp_mark_all_for_resend(struct sctp_tcb *stcb, 475 struct sctp_nets *net, 476 struct sctp_nets *alt, 477 int window_probe, 478 int *num_marked, 479 int *num_abandoned) 480{ 481 482 /* 483 * Mark all chunks (well not all) that were sent to *net for 484 * retransmission. Move them to alt for there destination as well... 485 * We only mark chunks that have been outstanding long enough to 486 * have received feed-back. 487 */ 488 struct sctp_tmit_chunk *chk, *nchk; 489 struct sctp_nets *lnets; 490 struct timeval now, min_wait, tv; 491 int cur_rto; 492 int cnt_abandoned; 493 int audit_tf, num_mk, fir; 494 unsigned int cnt_mk; 495 uint32_t orig_flight, orig_tf; 496 uint32_t tsnlast, tsnfirst; 497 int recovery_cnt = 0; 498 499 500 /* none in flight now */ 501 audit_tf = 0; 502 fir = 0; 503 /* 504 * figure out how long a data chunk must be pending before we can 505 * mark it .. 506 */ 507 (void)SCTP_GETTIME_TIMEVAL(&now); 508 /* get cur rto in micro-seconds */ 509 cur_rto = (net->lastsa >> SCTP_RTT_SHIFT) + net->lastsv; 510 cur_rto *= 1000; 511 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 512 sctp_log_fr(cur_rto, 513 stcb->asoc.peers_rwnd, 514 window_probe, 515 SCTP_FR_T3_MARK_TIME); 516 sctp_log_fr(net->flight_size, 0, 0, SCTP_FR_CWND_REPORT); 517 sctp_log_fr(net->flight_size, net->cwnd, stcb->asoc.total_flight, SCTP_FR_CWND_REPORT); 518 } 519 tv.tv_sec = cur_rto / 1000000; 520 tv.tv_usec = cur_rto % 1000000; 521 min_wait = now; 522 timevalsub(&min_wait, &tv); 523 if (min_wait.tv_sec < 0 || min_wait.tv_usec < 0) { 524 /* 525 * if we hit here, we don't have enough seconds on the clock 526 * to account for the RTO. We just let the lower seconds be 527 * the bounds and don't worry about it. This may mean we 528 * will mark a lot more than we should. 529 */ 530 min_wait.tv_sec = min_wait.tv_usec = 0; 531 } 532 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 533 sctp_log_fr(cur_rto, now.tv_sec, now.tv_usec, SCTP_FR_T3_MARK_TIME); 534 sctp_log_fr(0, min_wait.tv_sec, min_wait.tv_usec, SCTP_FR_T3_MARK_TIME); 535 } 536 /* 537 * Our rwnd will be incorrect here since we are not adding back the 538 * cnt * mbuf but we will fix that down below. 539 */ 540 orig_flight = net->flight_size; 541 orig_tf = stcb->asoc.total_flight; 542 543 net->fast_retran_ip = 0; 544 /* Now on to each chunk */ 545 cnt_abandoned = 0; 546 num_mk = cnt_mk = 0; 547 tsnfirst = tsnlast = 0; 548#ifndef INVARIANTS 549start_again: 550#endif 551 TAILQ_FOREACH_SAFE(chk, &stcb->asoc.sent_queue, sctp_next, nchk) { 552 if (SCTP_TSN_GE(stcb->asoc.last_acked_seq, chk->rec.data.tsn)) { 553 /* Strange case our list got out of order? */ 554 SCTP_PRINTF("Our list is out of order? last_acked:%x chk:%x\n", 555 (unsigned int)stcb->asoc.last_acked_seq, (unsigned int)chk->rec.data.tsn); 556 recovery_cnt++; 557#ifdef INVARIANTS 558 panic("last acked >= chk on sent-Q"); 559#else 560 SCTP_PRINTF("Recover attempts a restart cnt:%d\n", recovery_cnt); 561 sctp_recover_sent_list(stcb); 562 if (recovery_cnt < 10) { 563 goto start_again; 564 } else { 565 SCTP_PRINTF("Recovery fails %d times??\n", recovery_cnt); 566 } 567#endif 568 } 569 if ((chk->whoTo == net) && (chk->sent < SCTP_DATAGRAM_ACKED)) { 570 /* 571 * found one to mark: If it is less than 572 * DATAGRAM_ACKED it MUST not be a skipped or marked 573 * TSN but instead one that is either already set 574 * for retransmission OR one that needs 575 * retransmission. 576 */ 577 578 /* validate its been outstanding long enough */ 579 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 580 sctp_log_fr(chk->rec.data.tsn, 581 chk->sent_rcv_time.tv_sec, 582 chk->sent_rcv_time.tv_usec, 583 SCTP_FR_T3_MARK_TIME); 584 } 585 if ((chk->sent_rcv_time.tv_sec > min_wait.tv_sec) && (window_probe == 0)) { 586 /* 587 * we have reached a chunk that was sent 588 * some seconds past our min.. forget it we 589 * will find no more to send. 590 */ 591 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 592 sctp_log_fr(0, 593 chk->sent_rcv_time.tv_sec, 594 chk->sent_rcv_time.tv_usec, 595 SCTP_FR_T3_STOPPED); 596 } 597 continue; 598 } else if ((chk->sent_rcv_time.tv_sec == min_wait.tv_sec) && 599 (window_probe == 0)) { 600 /* 601 * we must look at the micro seconds to 602 * know. 603 */ 604 if (chk->sent_rcv_time.tv_usec >= min_wait.tv_usec) { 605 /* 606 * ok it was sent after our boundary 607 * time. 608 */ 609 continue; 610 } 611 } 612 if (stcb->asoc.prsctp_supported && PR_SCTP_TTL_ENABLED(chk->flags)) { 613 /* Is it expired? */ 614 if (timevalcmp(&now, &chk->rec.data.timetodrop, >)) { 615 /* Yes so drop it */ 616 if (chk->data) { 617 (void)sctp_release_pr_sctp_chunk(stcb, 618 chk, 619 1, 620 SCTP_SO_NOT_LOCKED); 621 cnt_abandoned++; 622 } 623 continue; 624 } 625 } 626 if (stcb->asoc.prsctp_supported && PR_SCTP_RTX_ENABLED(chk->flags)) { 627 /* Has it been retransmitted tv_sec times? */ 628 if (chk->snd_count > chk->rec.data.timetodrop.tv_sec) { 629 if (chk->data) { 630 (void)sctp_release_pr_sctp_chunk(stcb, 631 chk, 632 1, 633 SCTP_SO_NOT_LOCKED); 634 cnt_abandoned++; 635 } 636 continue; 637 } 638 } 639 if (chk->sent < SCTP_DATAGRAM_RESEND) { 640 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 641 num_mk++; 642 if (fir == 0) { 643 fir = 1; 644 tsnfirst = chk->rec.data.tsn; 645 } 646 tsnlast = chk->rec.data.tsn; 647 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 648 sctp_log_fr(chk->rec.data.tsn, chk->snd_count, 649 0, SCTP_FR_T3_MARKED); 650 } 651 652 if (chk->rec.data.chunk_was_revoked) { 653 /* deflate the cwnd */ 654 chk->whoTo->cwnd -= chk->book_size; 655 chk->rec.data.chunk_was_revoked = 0; 656 } 657 net->marked_retrans++; 658 stcb->asoc.marked_retrans++; 659 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 660 sctp_misc_ints(SCTP_FLIGHT_LOG_DOWN_RSND_TO, 661 chk->whoTo->flight_size, 662 chk->book_size, 663 (uint32_t)(uintptr_t)chk->whoTo, 664 chk->rec.data.tsn); 665 } 666 sctp_flight_size_decrease(chk); 667 sctp_total_flight_decrease(stcb, chk); 668 stcb->asoc.peers_rwnd += chk->send_size; 669 stcb->asoc.peers_rwnd += SCTP_BASE_SYSCTL(sctp_peer_chunk_oh); 670 } 671 chk->sent = SCTP_DATAGRAM_RESEND; 672 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 673 SCTP_STAT_INCR(sctps_markedretrans); 674 675 /* reset the TSN for striking and other FR stuff */ 676 chk->rec.data.doing_fast_retransmit = 0; 677 /* Clear any time so NO RTT is being done */ 678 679 if (chk->do_rtt) { 680 if (chk->whoTo->rto_needed == 0) { 681 chk->whoTo->rto_needed = 1; 682 } 683 } 684 chk->do_rtt = 0; 685 if (alt != net) { 686 sctp_free_remote_addr(chk->whoTo); 687 chk->no_fr_allowed = 1; 688 chk->whoTo = alt; 689 atomic_add_int(&alt->ref_count, 1); 690 } else { 691 chk->no_fr_allowed = 0; 692 if (TAILQ_EMPTY(&stcb->asoc.send_queue)) { 693 chk->rec.data.fast_retran_tsn = stcb->asoc.sending_seq; 694 } else { 695 chk->rec.data.fast_retran_tsn = (TAILQ_FIRST(&stcb->asoc.send_queue))->rec.data.tsn; 696 } 697 } 698 /* 699 * CMT: Do not allow FRs on retransmitted TSNs. 700 */ 701 if (stcb->asoc.sctp_cmt_on_off > 0) { 702 chk->no_fr_allowed = 1; 703 } 704#ifdef THIS_SHOULD_NOT_BE_DONE 705 } else if (chk->sent == SCTP_DATAGRAM_ACKED) { 706 /* remember highest acked one */ 707 could_be_sent = chk; 708#endif 709 } 710 if (chk->sent == SCTP_DATAGRAM_RESEND) { 711 cnt_mk++; 712 } 713 } 714 if ((orig_flight - net->flight_size) != (orig_tf - stcb->asoc.total_flight)) { 715 /* we did not subtract the same things? */ 716 audit_tf = 1; 717 } 718 719 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 720 sctp_log_fr(tsnfirst, tsnlast, num_mk, SCTP_FR_T3_TIMEOUT); 721 } 722#ifdef SCTP_DEBUG 723 if (num_mk) { 724 SCTPDBG(SCTP_DEBUG_TIMER1, "LAST TSN marked was %x\n", 725 tsnlast); 726 SCTPDBG(SCTP_DEBUG_TIMER1, "Num marked for retransmission was %d peer-rwd:%u\n", 727 num_mk, 728 stcb->asoc.peers_rwnd); 729 } 730#endif 731 *num_marked = num_mk; 732 *num_abandoned = cnt_abandoned; 733 /* 734 * Now check for a ECN Echo that may be stranded And include the 735 * cnt_mk'd to have all resends in the control queue. 736 */ 737 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 738 if (chk->sent == SCTP_DATAGRAM_RESEND) { 739 cnt_mk++; 740 } 741 if ((chk->whoTo == net) && 742 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 743 sctp_free_remote_addr(chk->whoTo); 744 chk->whoTo = alt; 745 if (chk->sent != SCTP_DATAGRAM_RESEND) { 746 chk->sent = SCTP_DATAGRAM_RESEND; 747 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 748 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 749 cnt_mk++; 750 } 751 atomic_add_int(&alt->ref_count, 1); 752 } 753 } 754#ifdef THIS_SHOULD_NOT_BE_DONE 755 if ((stcb->asoc.sent_queue_retran_cnt == 0) && (could_be_sent)) { 756 /* fix it so we retransmit the highest acked anyway */ 757 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 758 cnt_mk++; 759 could_be_sent->sent = SCTP_DATAGRAM_RESEND; 760 } 761#endif 762 if (stcb->asoc.sent_queue_retran_cnt != cnt_mk) { 763#ifdef INVARIANTS 764 SCTP_PRINTF("Local Audit says there are %d for retran asoc cnt:%d we marked:%d this time\n", 765 cnt_mk, stcb->asoc.sent_queue_retran_cnt, num_mk); 766#endif 767#ifndef SCTP_AUDITING_ENABLED 768 stcb->asoc.sent_queue_retran_cnt = cnt_mk; 769#endif 770 } 771 if (audit_tf) { 772 SCTPDBG(SCTP_DEBUG_TIMER4, 773 "Audit total flight due to negative value net:%p\n", 774 (void *)net); 775 stcb->asoc.total_flight = 0; 776 stcb->asoc.total_flight_count = 0; 777 /* Clear all networks flight size */ 778 TAILQ_FOREACH(lnets, &stcb->asoc.nets, sctp_next) { 779 lnets->flight_size = 0; 780 SCTPDBG(SCTP_DEBUG_TIMER4, 781 "Net:%p c-f cwnd:%d ssthresh:%d\n", 782 (void *)lnets, lnets->cwnd, lnets->ssthresh); 783 } 784 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) { 785 if (chk->sent < SCTP_DATAGRAM_RESEND) { 786 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 787 sctp_misc_ints(SCTP_FLIGHT_LOG_UP, 788 chk->whoTo->flight_size, 789 chk->book_size, 790 (uint32_t)(uintptr_t)chk->whoTo, 791 chk->rec.data.tsn); 792 } 793 794 sctp_flight_size_increase(chk); 795 sctp_total_flight_increase(stcb, chk); 796 } 797 } 798 } 799 /* We return 1 if we only have a window probe outstanding */ 800 return (0); 801} 802 803 804int 805sctp_t3rxt_timer(struct sctp_inpcb *inp, 806 struct sctp_tcb *stcb, 807 struct sctp_nets *net) 808{ 809 struct sctp_nets *alt; 810 int win_probe, num_mk, num_abandoned; 811 812 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 813 sctp_log_fr(0, 0, 0, SCTP_FR_T3_TIMEOUT); 814 } 815 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_LOGGING_ENABLE) { 816 struct sctp_nets *lnet; 817 818 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) { 819 if (net == lnet) { 820 sctp_log_cwnd(stcb, lnet, 1, SCTP_CWND_LOG_FROM_T3); 821 } else { 822 sctp_log_cwnd(stcb, lnet, 0, SCTP_CWND_LOG_FROM_T3); 823 } 824 } 825 } 826 /* Find an alternate and mark those for retransmission */ 827 if ((stcb->asoc.peers_rwnd == 0) && 828 (stcb->asoc.total_flight < net->mtu)) { 829 SCTP_STAT_INCR(sctps_timowindowprobe); 830 win_probe = 1; 831 } else { 832 win_probe = 0; 833 } 834 835 if (win_probe == 0) { 836 /* We don't do normal threshold management on window probes */ 837 if (sctp_threshold_management(inp, stcb, net, 838 stcb->asoc.max_send_times)) { 839 /* Association was destroyed */ 840 return (1); 841 } else { 842 if (net != stcb->asoc.primary_destination) { 843 /* send a immediate HB if our RTO is stale */ 844 struct timeval now; 845 unsigned int ms_goneby; 846 847 (void)SCTP_GETTIME_TIMEVAL(&now); 848 if (net->last_sent_time.tv_sec) { 849 ms_goneby = (now.tv_sec - net->last_sent_time.tv_sec) * 1000; 850 } else { 851 ms_goneby = 0; 852 } 853 if ((net->dest_state & SCTP_ADDR_PF) == 0) { 854 if ((ms_goneby > net->RTO) || (net->RTO == 0)) { 855 /* 856 * no recent feed back in an 857 * RTO or more, request a 858 * RTT update 859 */ 860 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 861 } 862 } 863 } 864 } 865 } else { 866 /* 867 * For a window probe we don't penalize the net's but only 868 * the association. This may fail it if SACKs are not coming 869 * back. If sack's are coming with rwnd locked at 0, we will 870 * continue to hold things waiting for rwnd to raise 871 */ 872 if (sctp_threshold_management(inp, stcb, NULL, 873 stcb->asoc.max_send_times)) { 874 /* Association was destroyed */ 875 return (1); 876 } 877 } 878 if (stcb->asoc.sctp_cmt_on_off > 0) { 879 if (net->pf_threshold < net->failure_threshold) { 880 alt = sctp_find_alternate_net(stcb, net, 2); 881 } else { 882 /* 883 * CMT: Using RTX_SSTHRESH policy for CMT. If CMT is 884 * being used, then pick dest with largest ssthresh 885 * for any retransmission. 886 */ 887 alt = sctp_find_alternate_net(stcb, net, 1); 888 /* 889 * CUCv2: If a different dest is picked for the 890 * retransmission, then new (rtx-)pseudo_cumack 891 * needs to be tracked for orig dest. Let CUCv2 892 * track new (rtx-) pseudo-cumack always. 893 */ 894 net->find_pseudo_cumack = 1; 895 net->find_rtx_pseudo_cumack = 1; 896 } 897 } else { 898 alt = sctp_find_alternate_net(stcb, net, 0); 899 } 900 901 num_mk = 0; 902 num_abandoned = 0; 903 (void)sctp_mark_all_for_resend(stcb, net, alt, win_probe, 904 &num_mk, &num_abandoned); 905 /* FR Loss recovery just ended with the T3. */ 906 stcb->asoc.fast_retran_loss_recovery = 0; 907 908 /* CMT FR loss recovery ended with the T3 */ 909 net->fast_retran_loss_recovery = 0; 910 if ((stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) && 911 (net->flight_size == 0)) { 912 (*stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) (stcb, net); 913 } 914 915 /* 916 * setup the sat loss recovery that prevents satellite cwnd advance. 917 */ 918 stcb->asoc.sat_t3_loss_recovery = 1; 919 stcb->asoc.sat_t3_recovery_tsn = stcb->asoc.sending_seq; 920 921 /* Backoff the timer and cwnd */ 922 sctp_backoff_on_timeout(stcb, net, win_probe, num_mk, num_abandoned); 923 if ((!(net->dest_state & SCTP_ADDR_REACHABLE)) || 924 (net->dest_state & SCTP_ADDR_PF)) { 925 /* Move all pending over too */ 926 sctp_move_chunks_from_net(stcb, net); 927 928 /* 929 * Get the address that failed, to force a new src address 930 * selecton and a route allocation. 931 */ 932 if (net->ro._s_addr) { 933 sctp_free_ifa(net->ro._s_addr); 934 net->ro._s_addr = NULL; 935 } 936 net->src_addr_selected = 0; 937 938 /* Force a route allocation too */ 939 if (net->ro.ro_rt) { 940 RTFREE(net->ro.ro_rt); 941 net->ro.ro_rt = NULL; 942 } 943 944 /* Was it our primary? */ 945 if ((stcb->asoc.primary_destination == net) && (alt != net)) { 946 /* 947 * Yes, note it as such and find an alternate note: 948 * this means HB code must use this to resent the 949 * primary if it goes active AND if someone does a 950 * change-primary then this flag must be cleared 951 * from any net structures. 952 */ 953 if (stcb->asoc.alternate) { 954 sctp_free_remote_addr(stcb->asoc.alternate); 955 } 956 stcb->asoc.alternate = alt; 957 atomic_add_int(&stcb->asoc.alternate->ref_count, 1); 958 } 959 } 960 /* 961 * Special case for cookie-echo'ed case, we don't do output but must 962 * await the COOKIE-ACK before retransmission 963 */ 964 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 965 /* 966 * Here we just reset the timer and start again since we 967 * have not established the asoc 968 */ 969 sctp_timer_start(SCTP_TIMER_TYPE_SEND, inp, stcb, net); 970 return (0); 971 } 972 if (stcb->asoc.prsctp_supported) { 973 struct sctp_tmit_chunk *lchk; 974 975 lchk = sctp_try_advance_peer_ack_point(stcb, &stcb->asoc); 976 /* C3. See if we need to send a Fwd-TSN */ 977 if (SCTP_TSN_GT(stcb->asoc.advanced_peer_ack_point, stcb->asoc.last_acked_seq)) { 978 send_forward_tsn(stcb, &stcb->asoc); 979 for (; lchk != NULL; lchk = TAILQ_NEXT(lchk, sctp_next)) { 980 if (lchk->whoTo != NULL) { 981 break; 982 } 983 } 984 if (lchk != NULL) { 985 /* Assure a timer is up */ 986 sctp_timer_start(SCTP_TIMER_TYPE_SEND, stcb->sctp_ep, stcb, lchk->whoTo); 987 } 988 } 989 } 990 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_MONITOR_ENABLE) { 991 sctp_log_cwnd(stcb, net, net->cwnd, SCTP_CWND_LOG_FROM_RTX); 992 } 993 return (0); 994} 995 996int 997sctp_t1init_timer(struct sctp_inpcb *inp, 998 struct sctp_tcb *stcb, 999 struct sctp_nets *net) 1000{ 1001 /* bump the thresholds */ 1002 if (stcb->asoc.delayed_connection) { 1003 /* 1004 * special hook for delayed connection. The library did NOT 1005 * complete the rest of its sends. 1006 */ 1007 stcb->asoc.delayed_connection = 0; 1008 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1009 return (0); 1010 } 1011 if (SCTP_GET_STATE(stcb) != SCTP_STATE_COOKIE_WAIT) { 1012 return (0); 1013 } 1014 if (sctp_threshold_management(inp, stcb, net, 1015 stcb->asoc.max_init_times)) { 1016 /* Association was destroyed */ 1017 return (1); 1018 } 1019 stcb->asoc.dropped_special_cnt = 0; 1020 sctp_backoff_on_timeout(stcb, stcb->asoc.primary_destination, 1, 0, 0); 1021 if (stcb->asoc.initial_init_rto_max < net->RTO) { 1022 net->RTO = stcb->asoc.initial_init_rto_max; 1023 } 1024 if (stcb->asoc.numnets > 1) { 1025 /* If we have more than one addr use it */ 1026 struct sctp_nets *alt; 1027 1028 alt = sctp_find_alternate_net(stcb, stcb->asoc.primary_destination, 0); 1029 if (alt != stcb->asoc.primary_destination) { 1030 sctp_move_chunks_from_net(stcb, stcb->asoc.primary_destination); 1031 stcb->asoc.primary_destination = alt; 1032 } 1033 } 1034 /* Send out a new init */ 1035 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1036 return (0); 1037} 1038 1039/* 1040 * For cookie and asconf we actually need to find and mark for resend, then 1041 * increment the resend counter (after all the threshold management stuff of 1042 * course). 1043 */ 1044int 1045sctp_cookie_timer(struct sctp_inpcb *inp, 1046 struct sctp_tcb *stcb, 1047 struct sctp_nets *net SCTP_UNUSED) 1048{ 1049 struct sctp_nets *alt; 1050 struct sctp_tmit_chunk *cookie; 1051 1052 /* first before all else we must find the cookie */ 1053 TAILQ_FOREACH(cookie, &stcb->asoc.control_send_queue, sctp_next) { 1054 if (cookie->rec.chunk_id.id == SCTP_COOKIE_ECHO) { 1055 break; 1056 } 1057 } 1058 if (cookie == NULL) { 1059 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 1060 /* FOOBAR! */ 1061 struct mbuf *op_err; 1062 1063 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 1064 "Cookie timer expired, but no cookie"); 1065 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_3; 1066 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 1067 } else { 1068#ifdef INVARIANTS 1069 panic("Cookie timer expires in wrong state?"); 1070#else 1071 SCTP_PRINTF("Strange in state %d not cookie-echoed yet c-e timer expires?\n", SCTP_GET_STATE(stcb)); 1072 return (0); 1073#endif 1074 } 1075 return (0); 1076 } 1077 /* Ok we found the cookie, threshold management next */ 1078 if (sctp_threshold_management(inp, stcb, cookie->whoTo, 1079 stcb->asoc.max_init_times)) { 1080 /* Assoc is over */ 1081 return (1); 1082 } 1083 /* 1084 * Cleared threshold management, now lets backoff the address and 1085 * select an alternate 1086 */ 1087 stcb->asoc.dropped_special_cnt = 0; 1088 sctp_backoff_on_timeout(stcb, cookie->whoTo, 1, 0, 0); 1089 alt = sctp_find_alternate_net(stcb, cookie->whoTo, 0); 1090 if (alt != cookie->whoTo) { 1091 sctp_free_remote_addr(cookie->whoTo); 1092 cookie->whoTo = alt; 1093 atomic_add_int(&alt->ref_count, 1); 1094 } 1095 /* Now mark the retran info */ 1096 if (cookie->sent != SCTP_DATAGRAM_RESEND) { 1097 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1098 } 1099 cookie->sent = SCTP_DATAGRAM_RESEND; 1100 cookie->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1101 /* 1102 * Now call the output routine to kick out the cookie again, Note we 1103 * don't mark any chunks for retran so that FR will need to kick in 1104 * to move these (or a send timer). 1105 */ 1106 return (0); 1107} 1108 1109int 1110sctp_strreset_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1111{ 1112 struct sctp_nets *alt, *net; 1113 struct sctp_tmit_chunk *strrst = NULL, *chk = NULL; 1114 1115 if (stcb->asoc.stream_reset_outstanding == 0) { 1116 return (0); 1117 } 1118 /* find the existing STRRESET, we use the seq number we sent out on */ 1119 (void)sctp_find_stream_reset(stcb, stcb->asoc.str_reset_seq_out, &strrst); 1120 if (strrst == NULL) { 1121 return (0); 1122 } 1123 net = strrst->whoTo; 1124 /* do threshold management */ 1125 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1126 /* Assoc is over */ 1127 return (1); 1128 } 1129 /* 1130 * Cleared threshold management, now lets backoff the address and 1131 * select an alternate 1132 */ 1133 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1134 alt = sctp_find_alternate_net(stcb, net, 0); 1135 strrst->whoTo = alt; 1136 atomic_add_int(&alt->ref_count, 1); 1137 1138 /* See if a ECN Echo is also stranded */ 1139 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1140 if ((chk->whoTo == net) && 1141 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1142 sctp_free_remote_addr(chk->whoTo); 1143 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1144 chk->sent = SCTP_DATAGRAM_RESEND; 1145 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1146 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1147 } 1148 chk->whoTo = alt; 1149 atomic_add_int(&alt->ref_count, 1); 1150 } 1151 } 1152 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1153 /* 1154 * If the address went un-reachable, we need to move to 1155 * alternates for ALL chk's in queue 1156 */ 1157 sctp_move_chunks_from_net(stcb, net); 1158 } 1159 sctp_free_remote_addr(net); 1160 1161 /* mark the retran info */ 1162 if (strrst->sent != SCTP_DATAGRAM_RESEND) 1163 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1164 strrst->sent = SCTP_DATAGRAM_RESEND; 1165 strrst->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1166 1167 /* restart the timer */ 1168 sctp_timer_start(SCTP_TIMER_TYPE_STRRESET, inp, stcb, alt); 1169 return (0); 1170} 1171 1172int 1173sctp_asconf_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1174 struct sctp_nets *net) 1175{ 1176 struct sctp_nets *alt; 1177 struct sctp_tmit_chunk *asconf, *chk; 1178 1179 /* is this a first send, or a retransmission? */ 1180 if (TAILQ_EMPTY(&stcb->asoc.asconf_send_queue)) { 1181 /* compose a new ASCONF chunk and send it */ 1182 sctp_send_asconf(stcb, net, SCTP_ADDR_NOT_LOCKED); 1183 } else { 1184 /* 1185 * Retransmission of the existing ASCONF is needed 1186 */ 1187 1188 /* find the existing ASCONF */ 1189 asconf = TAILQ_FIRST(&stcb->asoc.asconf_send_queue); 1190 if (asconf == NULL) { 1191 return (0); 1192 } 1193 net = asconf->whoTo; 1194 /* do threshold management */ 1195 if (sctp_threshold_management(inp, stcb, net, 1196 stcb->asoc.max_send_times)) { 1197 /* Assoc is over */ 1198 return (1); 1199 } 1200 if (asconf->snd_count > stcb->asoc.max_send_times) { 1201 /* 1202 * Something is rotten: our peer is not responding 1203 * to ASCONFs but apparently is to other chunks. 1204 * i.e. it is not properly handling the chunk type 1205 * upper bits. Mark this peer as ASCONF incapable 1206 * and cleanup. 1207 */ 1208 SCTPDBG(SCTP_DEBUG_TIMER1, "asconf_timer: Peer has not responded to our repeated ASCONFs\n"); 1209 sctp_asconf_cleanup(stcb); 1210 return (0); 1211 } 1212 /* 1213 * cleared threshold management, so now backoff the net and 1214 * select an alternate 1215 */ 1216 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1217 alt = sctp_find_alternate_net(stcb, net, 0); 1218 if (asconf->whoTo != alt) { 1219 asconf->whoTo = alt; 1220 atomic_add_int(&alt->ref_count, 1); 1221 } 1222 1223 /* See if an ECN Echo is also stranded */ 1224 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1225 if ((chk->whoTo == net) && 1226 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1227 sctp_free_remote_addr(chk->whoTo); 1228 chk->whoTo = alt; 1229 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1230 chk->sent = SCTP_DATAGRAM_RESEND; 1231 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1232 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1233 } 1234 atomic_add_int(&alt->ref_count, 1); 1235 } 1236 } 1237 TAILQ_FOREACH(chk, &stcb->asoc.asconf_send_queue, sctp_next) { 1238 if (chk->whoTo != alt) { 1239 sctp_free_remote_addr(chk->whoTo); 1240 chk->whoTo = alt; 1241 atomic_add_int(&alt->ref_count, 1); 1242 } 1243 if (asconf->sent != SCTP_DATAGRAM_RESEND && chk->sent != SCTP_DATAGRAM_UNSENT) 1244 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1245 chk->sent = SCTP_DATAGRAM_RESEND; 1246 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1247 } 1248 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1249 /* 1250 * If the address went un-reachable, we need to move 1251 * to the alternate for ALL chunks in queue 1252 */ 1253 sctp_move_chunks_from_net(stcb, net); 1254 } 1255 sctp_free_remote_addr(net); 1256 1257 /* mark the retran info */ 1258 if (asconf->sent != SCTP_DATAGRAM_RESEND) 1259 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1260 asconf->sent = SCTP_DATAGRAM_RESEND; 1261 asconf->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1262 1263 /* send another ASCONF if any and we can do */ 1264 sctp_send_asconf(stcb, alt, SCTP_ADDR_NOT_LOCKED); 1265 } 1266 return (0); 1267} 1268 1269/* Mobility adaptation */ 1270void 1271sctp_delete_prim_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1272{ 1273 if (stcb->asoc.deleted_primary == NULL) { 1274 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: deleted_primary is not stored...\n"); 1275 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1276 return; 1277 } 1278 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: finished to keep deleted primary "); 1279 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, &stcb->asoc.deleted_primary->ro._l_addr.sa); 1280 sctp_free_remote_addr(stcb->asoc.deleted_primary); 1281 stcb->asoc.deleted_primary = NULL; 1282 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1283 return; 1284} 1285 1286/* 1287 * For the shutdown and shutdown-ack, we do not keep one around on the 1288 * control queue. This means we must generate a new one and call the general 1289 * chunk output routine, AFTER having done threshold management. 1290 * It is assumed that net is non-NULL. 1291 */ 1292int 1293sctp_shutdown_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1294 struct sctp_nets *net) 1295{ 1296 struct sctp_nets *alt; 1297 1298 /* first threshold management */ 1299 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1300 /* Assoc is over */ 1301 return (1); 1302 } 1303 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1304 /* second select an alternative */ 1305 alt = sctp_find_alternate_net(stcb, net, 0); 1306 1307 /* third generate a shutdown into the queue for out net */ 1308 sctp_send_shutdown(stcb, alt); 1309 1310 /* fourth restart timer */ 1311 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, inp, stcb, alt); 1312 return (0); 1313} 1314 1315int 1316sctp_shutdownack_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1317 struct sctp_nets *net) 1318{ 1319 struct sctp_nets *alt; 1320 1321 /* first threshold management */ 1322 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1323 /* Assoc is over */ 1324 return (1); 1325 } 1326 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1327 /* second select an alternative */ 1328 alt = sctp_find_alternate_net(stcb, net, 0); 1329 1330 /* third generate a shutdown into the queue for out net */ 1331 sctp_send_shutdown_ack(stcb, alt); 1332 1333 /* fourth restart timer */ 1334 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNACK, inp, stcb, alt); 1335 return (0); 1336} 1337 1338static void 1339sctp_audit_stream_queues_for_size(struct sctp_inpcb *inp, 1340 struct sctp_tcb *stcb) 1341{ 1342 struct sctp_stream_queue_pending *sp; 1343 unsigned int i, chks_in_queue = 0; 1344 int being_filled = 0; 1345 1346 /* 1347 * This function is ONLY called when the send/sent queues are empty. 1348 */ 1349 if ((stcb == NULL) || (inp == NULL)) 1350 return; 1351 1352 if (stcb->asoc.sent_queue_retran_cnt) { 1353 SCTP_PRINTF("Hmm, sent_queue_retran_cnt is non-zero %d\n", 1354 stcb->asoc.sent_queue_retran_cnt); 1355 stcb->asoc.sent_queue_retran_cnt = 0; 1356 } 1357 if (stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1358 /* No stream scheduler information, initialize scheduler */ 1359 stcb->asoc.ss_functions.sctp_ss_init(stcb, &stcb->asoc, 0); 1360 if (!stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1361 /* yep, we lost a stream or two */ 1362 SCTP_PRINTF("Found additional streams NOT managed by scheduler, corrected\n"); 1363 } else { 1364 /* no streams lost */ 1365 stcb->asoc.total_output_queue_size = 0; 1366 } 1367 } 1368 /* Check to see if some data queued, if so report it */ 1369 for (i = 0; i < stcb->asoc.streamoutcnt; i++) { 1370 if (!TAILQ_EMPTY(&stcb->asoc.strmout[i].outqueue)) { 1371 TAILQ_FOREACH(sp, &stcb->asoc.strmout[i].outqueue, next) { 1372 if (sp->msg_is_complete) 1373 being_filled++; 1374 chks_in_queue++; 1375 } 1376 } 1377 } 1378 if (chks_in_queue != stcb->asoc.stream_queue_cnt) { 1379 SCTP_PRINTF("Hmm, stream queue cnt at %d I counted %d in stream out wheel\n", 1380 stcb->asoc.stream_queue_cnt, chks_in_queue); 1381 } 1382 if (chks_in_queue) { 1383 /* call the output queue function */ 1384 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); 1385 if ((TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1386 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1387 /* 1388 * Probably should go in and make it go back through 1389 * and add fragments allowed 1390 */ 1391 if (being_filled == 0) { 1392 SCTP_PRINTF("Still nothing moved %d chunks are stuck\n", 1393 chks_in_queue); 1394 } 1395 } 1396 } else { 1397 SCTP_PRINTF("Found no chunks on any queue tot:%lu\n", 1398 (u_long)stcb->asoc.total_output_queue_size); 1399 stcb->asoc.total_output_queue_size = 0; 1400 } 1401} 1402 1403int 1404sctp_heartbeat_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1405 struct sctp_nets *net) 1406{ 1407 uint8_t net_was_pf; 1408 1409 if (net->dest_state & SCTP_ADDR_PF) { 1410 net_was_pf = 1; 1411 } else { 1412 net_was_pf = 0; 1413 } 1414 if (net->hb_responded == 0) { 1415 if (net->ro._s_addr) { 1416 /* 1417 * Invalidate the src address if we did not get a 1418 * response last time. 1419 */ 1420 sctp_free_ifa(net->ro._s_addr); 1421 net->ro._s_addr = NULL; 1422 net->src_addr_selected = 0; 1423 } 1424 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1425 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1426 /* Assoc is over */ 1427 return (1); 1428 } 1429 } 1430 /* Zero PBA, if it needs it */ 1431 if (net->partial_bytes_acked) { 1432 net->partial_bytes_acked = 0; 1433 } 1434 if ((stcb->asoc.total_output_queue_size > 0) && 1435 (TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1436 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1437 sctp_audit_stream_queues_for_size(inp, stcb); 1438 } 1439 if (!(net->dest_state & SCTP_ADDR_NOHB) && 1440 !((net_was_pf == 0) && (net->dest_state & SCTP_ADDR_PF))) { 1441 /* 1442 * when move to PF during threshold mangement, a HB has been 1443 * queued in that routine 1444 */ 1445 uint32_t ms_gone_by; 1446 1447 if ((net->last_sent_time.tv_sec > 0) || 1448 (net->last_sent_time.tv_usec > 0)) { 1449 struct timeval diff; 1450 1451 SCTP_GETTIME_TIMEVAL(&diff); 1452 timevalsub(&diff, &net->last_sent_time); 1453 ms_gone_by = (uint32_t)(diff.tv_sec * 1000) + 1454 (uint32_t)(diff.tv_usec / 1000); 1455 } else { 1456 ms_gone_by = 0xffffffff; 1457 } 1458 if ((ms_gone_by >= net->heart_beat_delay) || 1459 (net->dest_state & SCTP_ADDR_PF)) { 1460 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 1461 } 1462 } 1463 return (0); 1464} 1465 1466void 1467sctp_pathmtu_timer(struct sctp_inpcb *inp, 1468 struct sctp_tcb *stcb, 1469 struct sctp_nets *net) 1470{ 1471 uint32_t next_mtu, mtu; 1472 1473 next_mtu = sctp_get_next_mtu(net->mtu); 1474 1475 if ((next_mtu > net->mtu) && (net->port == 0)) { 1476 if ((net->src_addr_selected == 0) || 1477 (net->ro._s_addr == NULL) || 1478 (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1479 if ((net->ro._s_addr != NULL) && (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1480 sctp_free_ifa(net->ro._s_addr); 1481 net->ro._s_addr = NULL; 1482 net->src_addr_selected = 0; 1483 } else if (net->ro._s_addr == NULL) { 1484#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1485 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1486 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1487 1488 /* KAME hack: embed scopeid */ 1489 (void)sa6_embedscope(sin6, MODULE_GLOBAL(ip6_use_defzone)); 1490 } 1491#endif 1492 1493 net->ro._s_addr = sctp_source_address_selection(inp, 1494 stcb, 1495 (sctp_route_t *)&net->ro, 1496 net, 0, stcb->asoc.vrf_id); 1497#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1498 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1499 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1500 1501 (void)sa6_recoverscope(sin6); 1502 } 1503#endif /* INET6 */ 1504 } 1505 if (net->ro._s_addr) 1506 net->src_addr_selected = 1; 1507 } 1508 if (net->ro._s_addr) { 1509 mtu = SCTP_GATHER_MTU_FROM_ROUTE(net->ro._s_addr, &net->ro._s_addr.sa, net->ro.ro_rt); 1510#if defined(INET) || defined(INET6) 1511 if (net->port) { 1512 mtu -= sizeof(struct udphdr); 1513 } 1514#endif 1515 if (mtu > next_mtu) { 1516 net->mtu = next_mtu; 1517 } else { 1518 net->mtu = mtu; 1519 } 1520 } 1521 } 1522 /* restart the timer */ 1523 sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, net); 1524} 1525 1526void 1527sctp_autoclose_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1528{ 1529 struct timeval tn, *tim_touse; 1530 struct sctp_association *asoc; 1531 uint32_t ticks_gone_by; 1532 1533 (void)SCTP_GETTIME_TIMEVAL(&tn); 1534 if (stcb->asoc.sctp_autoclose_ticks > 0 && 1535 sctp_is_feature_on(inp, SCTP_PCB_FLAGS_AUTOCLOSE)) { 1536 /* Auto close is on */ 1537 asoc = &stcb->asoc; 1538 /* pick the time to use */ 1539 if (asoc->time_last_rcvd.tv_sec > 1540 asoc->time_last_sent.tv_sec) { 1541 tim_touse = &asoc->time_last_rcvd; 1542 } else { 1543 tim_touse = &asoc->time_last_sent; 1544 } 1545 /* Now has long enough transpired to autoclose? */ 1546 ticks_gone_by = sctp_secs_to_ticks((uint32_t)(tn.tv_sec - tim_touse->tv_sec)); 1547 if (ticks_gone_by >= asoc->sctp_autoclose_ticks) { 1548 /* 1549 * autoclose time has hit, call the output routine, 1550 * which should do nothing just to be SURE we don't 1551 * have hanging data. We can then safely check the 1552 * queues and know that we are clear to send 1553 * shutdown 1554 */ 1555 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_AUTOCLOSE_TMR, SCTP_SO_NOT_LOCKED); 1556 /* Are we clean? */ 1557 if (TAILQ_EMPTY(&asoc->send_queue) && 1558 TAILQ_EMPTY(&asoc->sent_queue)) { 1559 /* 1560 * there is nothing queued to send, so I'm 1561 * done... 1562 */ 1563 if (SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_SENT) { 1564 /* only send SHUTDOWN 1st time thru */ 1565 struct sctp_nets *net; 1566 1567 if ((SCTP_GET_STATE(stcb) == SCTP_STATE_OPEN) || 1568 (SCTP_GET_STATE(stcb) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 1569 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 1570 } 1571 SCTP_SET_STATE(stcb, SCTP_STATE_SHUTDOWN_SENT); 1572 sctp_stop_timers_for_shutdown(stcb); 1573 if (stcb->asoc.alternate) { 1574 net = stcb->asoc.alternate; 1575 } else { 1576 net = stcb->asoc.primary_destination; 1577 } 1578 sctp_send_shutdown(stcb, net); 1579 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, 1580 stcb->sctp_ep, stcb, net); 1581 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNGUARD, 1582 stcb->sctp_ep, stcb, NULL); 1583 } 1584 } 1585 } else { 1586 /* 1587 * No auto close at this time, reset t-o to check 1588 * later 1589 */ 1590 uint32_t tmp; 1591 1592 /* fool the timer startup to use the time left */ 1593 tmp = asoc->sctp_autoclose_ticks; 1594 asoc->sctp_autoclose_ticks -= ticks_gone_by; 1595 sctp_timer_start(SCTP_TIMER_TYPE_AUTOCLOSE, inp, stcb, NULL); 1596 /* restore the real tick value */ 1597 asoc->sctp_autoclose_ticks = tmp; 1598 } 1599 } 1600} 1601