1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 5 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 6 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions are met: 10 * 11 * a) Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * 14 * b) Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the distribution. 17 * 18 * c) Neither the name of Cisco Systems, Inc. nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 24 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 26 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 32 * THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35#include <sys/cdefs.h> 36__FBSDID("$FreeBSD$"); 37 38#define _IP_VHL 39#include <netinet/sctp_os.h> 40#include <netinet/sctp_pcb.h> 41#ifdef INET6 42#endif 43#include <netinet/sctp_var.h> 44#include <netinet/sctp_sysctl.h> 45#include <netinet/sctp_timer.h> 46#include <netinet/sctputil.h> 47#include <netinet/sctp_output.h> 48#include <netinet/sctp_header.h> 49#include <netinet/sctp_indata.h> 50#include <netinet/sctp_asconf.h> 51#include <netinet/sctp_input.h> 52#include <netinet/sctp.h> 53#include <netinet/sctp_uio.h> 54#if defined(INET) || defined(INET6) 55#include <netinet/udp.h> 56#endif 57 58void 59sctp_audit_retranmission_queue(struct sctp_association *asoc) 60{ 61 struct sctp_tmit_chunk *chk; 62 63 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit invoked on send queue cnt:%d onqueue:%d\n", 64 asoc->sent_queue_retran_cnt, 65 asoc->sent_queue_cnt); 66 asoc->sent_queue_retran_cnt = 0; 67 asoc->sent_queue_cnt = 0; 68 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 69 if (chk->sent == SCTP_DATAGRAM_RESEND) { 70 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 71 } 72 asoc->sent_queue_cnt++; 73 } 74 TAILQ_FOREACH(chk, &asoc->control_send_queue, sctp_next) { 75 if (chk->sent == SCTP_DATAGRAM_RESEND) { 76 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 77 } 78 } 79 TAILQ_FOREACH(chk, &asoc->asconf_send_queue, sctp_next) { 80 if (chk->sent == SCTP_DATAGRAM_RESEND) { 81 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 82 } 83 } 84 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit completes retran:%d onqueue:%d\n", 85 asoc->sent_queue_retran_cnt, 86 asoc->sent_queue_cnt); 87} 88 89static int 90sctp_threshold_management(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 91 struct sctp_nets *net, uint16_t threshold) 92{ 93 if (net) { 94 net->error_count++; 95 SCTPDBG(SCTP_DEBUG_TIMER4, "Error count for %p now %d thresh:%d\n", 96 (void *)net, net->error_count, 97 net->failure_threshold); 98 if (net->error_count > net->failure_threshold) { 99 /* We had a threshold failure */ 100 if (net->dest_state & SCTP_ADDR_REACHABLE) { 101 net->dest_state &= ~SCTP_ADDR_REACHABLE; 102 net->dest_state &= ~SCTP_ADDR_REQ_PRIMARY; 103 net->dest_state &= ~SCTP_ADDR_PF; 104 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_DOWN, 105 stcb, 0, 106 (void *)net, SCTP_SO_NOT_LOCKED); 107 } 108 } else if ((net->pf_threshold < net->failure_threshold) && 109 (net->error_count > net->pf_threshold)) { 110 if (!(net->dest_state & SCTP_ADDR_PF)) { 111 net->dest_state |= SCTP_ADDR_PF; 112 net->last_active = sctp_get_tick_count(); 113 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 114 sctp_timer_stop(SCTP_TIMER_TYPE_HEARTBEAT, 115 inp, stcb, net, 116 SCTP_FROM_SCTP_TIMER + SCTP_LOC_1); 117 sctp_timer_start(SCTP_TIMER_TYPE_HEARTBEAT, inp, stcb, net); 118 } 119 } 120 } 121 if (stcb == NULL) 122 return (0); 123 124 if (net) { 125 if ((net->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) { 126 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 127 sctp_misc_ints(SCTP_THRESHOLD_INCR, 128 stcb->asoc.overall_error_count, 129 (stcb->asoc.overall_error_count + 1), 130 SCTP_FROM_SCTP_TIMER, 131 __LINE__); 132 } 133 stcb->asoc.overall_error_count++; 134 } 135 } else { 136 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 137 sctp_misc_ints(SCTP_THRESHOLD_INCR, 138 stcb->asoc.overall_error_count, 139 (stcb->asoc.overall_error_count + 1), 140 SCTP_FROM_SCTP_TIMER, 141 __LINE__); 142 } 143 stcb->asoc.overall_error_count++; 144 } 145 SCTPDBG(SCTP_DEBUG_TIMER4, "Overall error count for %p now %d thresh:%u state:%x\n", 146 (void *)&stcb->asoc, stcb->asoc.overall_error_count, 147 (uint32_t)threshold, 148 ((net == NULL) ? (uint32_t)0 : (uint32_t)net->dest_state)); 149 /* 150 * We specifically do not do >= to give the assoc one more change 151 * before we fail it. 152 */ 153 if (stcb->asoc.overall_error_count > threshold) { 154 /* Abort notification sends a ULP notify */ 155 struct mbuf *op_err; 156 157 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 158 "Association error counter exceeded"); 159 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_2; 160 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 161 return (1); 162 } 163 return (0); 164} 165 166/* 167 * sctp_find_alternate_net() returns a non-NULL pointer as long as there 168 * exists nets, which are not being deleted. 169 */ 170struct sctp_nets * 171sctp_find_alternate_net(struct sctp_tcb *stcb, 172 struct sctp_nets *net, 173 int mode) 174{ 175 /* Find and return an alternate network if possible */ 176 struct sctp_nets *alt, *mnet, *min_errors_net = NULL, *max_cwnd_net = NULL; 177 bool looped; 178 179 /* JRS 5/14/07 - Initialize min_errors to an impossible value. */ 180 int min_errors = -1; 181 uint32_t max_cwnd = 0; 182 183 if (stcb->asoc.numnets == 1) { 184 /* No selection can be made. */ 185 return (TAILQ_FIRST(&stcb->asoc.nets)); 186 } 187 /* 188 * JRS 5/14/07 - If mode is set to 2, use the CMT PF find alternate 189 * net algorithm. This algorithm chooses the active destination (not 190 * in PF state) with the largest cwnd value. If all destinations are 191 * in PF state, unreachable, or unconfirmed, choose the desination 192 * that is in PF state with the lowest error count. In case of a 193 * tie, choose the destination that was most recently active. 194 */ 195 if (mode == 2) { 196 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 197 /* 198 * JRS 5/14/07 - If the destination is unreachable 199 * or unconfirmed, skip it. 200 */ 201 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 202 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 203 continue; 204 } 205 /* 206 * JRS 5/14/07 - If the destination is reachable 207 * but in PF state, compare the error count of the 208 * destination to the minimum error count seen thus 209 * far. Store the destination with the lower error 210 * count. If the error counts are equal, store the 211 * destination that was most recently active. 212 */ 213 if (mnet->dest_state & SCTP_ADDR_PF) { 214 /* 215 * JRS 5/14/07 - If the destination under 216 * consideration is the current destination, 217 * work as if the error count is one higher. 218 * The actual error count will not be 219 * incremented until later in the t3 220 * handler. 221 */ 222 if (mnet == net) { 223 if (min_errors == -1) { 224 min_errors = mnet->error_count + 1; 225 min_errors_net = mnet; 226 } else if (mnet->error_count + 1 < min_errors) { 227 min_errors = mnet->error_count + 1; 228 min_errors_net = mnet; 229 } else if (mnet->error_count + 1 == min_errors 230 && mnet->last_active > min_errors_net->last_active) { 231 min_errors_net = mnet; 232 min_errors = mnet->error_count + 1; 233 } 234 continue; 235 } else { 236 if (min_errors == -1) { 237 min_errors = mnet->error_count; 238 min_errors_net = mnet; 239 } else if (mnet->error_count < min_errors) { 240 min_errors = mnet->error_count; 241 min_errors_net = mnet; 242 } else if (mnet->error_count == min_errors 243 && mnet->last_active > min_errors_net->last_active) { 244 min_errors_net = mnet; 245 min_errors = mnet->error_count; 246 } 247 continue; 248 } 249 } 250 /* 251 * JRS 5/14/07 - If the destination is reachable and 252 * not in PF state, compare the cwnd of the 253 * destination to the highest cwnd seen thus far. 254 * Store the destination with the higher cwnd value. 255 * If the cwnd values are equal, randomly choose one 256 * of the two destinations. 257 */ 258 if (max_cwnd < mnet->cwnd) { 259 max_cwnd_net = mnet; 260 max_cwnd = mnet->cwnd; 261 } else if (max_cwnd == mnet->cwnd) { 262 uint32_t rndval; 263 uint8_t this_random; 264 265 if (stcb->asoc.hb_random_idx > 3) { 266 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 267 memcpy(stcb->asoc.hb_random_values, &rndval, sizeof(stcb->asoc.hb_random_values)); 268 this_random = stcb->asoc.hb_random_values[0]; 269 stcb->asoc.hb_random_idx++; 270 stcb->asoc.hb_ect_randombit = 0; 271 } else { 272 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 273 stcb->asoc.hb_random_idx++; 274 stcb->asoc.hb_ect_randombit = 0; 275 } 276 if (this_random % 2 == 1) { 277 max_cwnd_net = mnet; 278 max_cwnd = mnet->cwnd; /* Useless? */ 279 } 280 } 281 } 282 if (max_cwnd_net == NULL) { 283 if (min_errors_net == NULL) { 284 return (net); 285 } 286 return (min_errors_net); 287 } else { 288 return (max_cwnd_net); 289 } 290 } /* JRS 5/14/07 - If mode is set to 1, use the 291 * CMT policy for choosing an alternate net. */ 292 else if (mode == 1) { 293 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 294 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 295 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 296 /* 297 * will skip ones that are not-reachable or 298 * unconfirmed 299 */ 300 continue; 301 } 302 if (max_cwnd < mnet->cwnd) { 303 max_cwnd_net = mnet; 304 max_cwnd = mnet->cwnd; 305 } else if (max_cwnd == mnet->cwnd) { 306 uint32_t rndval; 307 uint8_t this_random; 308 309 if (stcb->asoc.hb_random_idx > 3) { 310 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 311 memcpy(stcb->asoc.hb_random_values, &rndval, 312 sizeof(stcb->asoc.hb_random_values)); 313 this_random = stcb->asoc.hb_random_values[0]; 314 stcb->asoc.hb_random_idx = 0; 315 stcb->asoc.hb_ect_randombit = 0; 316 } else { 317 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 318 stcb->asoc.hb_random_idx++; 319 stcb->asoc.hb_ect_randombit = 0; 320 } 321 if (this_random % 2) { 322 max_cwnd_net = mnet; 323 max_cwnd = mnet->cwnd; 324 } 325 } 326 } 327 if (max_cwnd_net) { 328 return (max_cwnd_net); 329 } 330 } 331 /* Look for an alternate net, which is active. */ 332 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 333 alt = TAILQ_NEXT(net, sctp_next);; 334 } else { 335 alt = TAILQ_FIRST(&stcb->asoc.nets); 336 } 337 looped = false; 338 for (;;) { 339 if (alt == NULL) { 340 if (!looped) { 341 alt = TAILQ_FIRST(&stcb->asoc.nets); 342 looped = true; 343 } 344 /* Definitely out of candidates. */ 345 if (alt == NULL) { 346 break; 347 } 348 } 349 if (alt->ro.ro_nh == NULL) { 350 if (alt->ro._s_addr) { 351 sctp_free_ifa(alt->ro._s_addr); 352 alt->ro._s_addr = NULL; 353 } 354 alt->src_addr_selected = 0; 355 } 356 if (((alt->dest_state & SCTP_ADDR_REACHABLE) == SCTP_ADDR_REACHABLE) && 357 (alt->ro.ro_nh != NULL) && 358 (!(alt->dest_state & SCTP_ADDR_UNCONFIRMED)) && 359 (alt != net)) { 360 /* Found an alternate net, which is reachable. */ 361 break; 362 } 363 alt = TAILQ_NEXT(alt, sctp_next); 364 } 365 366 if (alt == NULL) { 367 /* 368 * In case no active alternate net has been found, look for 369 * an alternate net, which is confirmed. 370 */ 371 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 372 alt = TAILQ_NEXT(net, sctp_next);; 373 } else { 374 alt = TAILQ_FIRST(&stcb->asoc.nets); 375 } 376 looped = false; 377 for (;;) { 378 if (alt == NULL) { 379 if (!looped) { 380 alt = TAILQ_FIRST(&stcb->asoc.nets); 381 looped = true; 382 } 383 /* Definitely out of candidates. */ 384 if (alt == NULL) { 385 break; 386 } 387 } 388 if ((!(alt->dest_state & SCTP_ADDR_UNCONFIRMED)) && 389 (alt != net)) { 390 /* 391 * Found an alternate net, which is 392 * confirmed. 393 */ 394 break; 395 } 396 alt = TAILQ_NEXT(alt, sctp_next); 397 } 398 } 399 if (alt == NULL) { 400 /* 401 * In case no confirmed alternate net has been found, just 402 * return net, if it is not being deleted. In the other case 403 * just return the first net. 404 */ 405 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 406 alt = net; 407 } 408 if (alt == NULL) { 409 alt = TAILQ_FIRST(&stcb->asoc.nets); 410 } 411 } 412 return (alt); 413} 414 415static void 416sctp_backoff_on_timeout(struct sctp_tcb *stcb, 417 struct sctp_nets *net, 418 int win_probe, 419 int num_marked, int num_abandoned) 420{ 421 if (net->RTO == 0) { 422 if (net->RTO_measured) { 423 net->RTO = stcb->asoc.minrto; 424 } else { 425 net->RTO = stcb->asoc.initial_rto; 426 } 427 } 428 net->RTO <<= 1; 429 if (net->RTO > stcb->asoc.maxrto) { 430 net->RTO = stcb->asoc.maxrto; 431 } 432 if ((win_probe == 0) && (num_marked || num_abandoned)) { 433 /* We don't apply penalty to window probe scenarios */ 434 /* JRS - Use the congestion control given in the CC module */ 435 stcb->asoc.cc_functions.sctp_cwnd_update_after_timeout(stcb, net); 436 } 437} 438 439#ifndef INVARIANTS 440static void 441sctp_recover_sent_list(struct sctp_tcb *stcb) 442{ 443 struct sctp_tmit_chunk *chk, *nchk; 444 struct sctp_association *asoc; 445 446 asoc = &stcb->asoc; 447 TAILQ_FOREACH_SAFE(chk, &asoc->sent_queue, sctp_next, nchk) { 448 if (SCTP_TSN_GE(asoc->last_acked_seq, chk->rec.data.tsn)) { 449 SCTP_PRINTF("Found chk:%p tsn:%x <= last_acked_seq:%x\n", 450 (void *)chk, chk->rec.data.tsn, asoc->last_acked_seq); 451 if (chk->sent != SCTP_DATAGRAM_NR_ACKED) { 452 if (asoc->strmout[chk->rec.data.sid].chunks_on_queues > 0) { 453 asoc->strmout[chk->rec.data.sid].chunks_on_queues--; 454 } 455 } 456 if ((asoc->strmout[chk->rec.data.sid].chunks_on_queues == 0) && 457 (asoc->strmout[chk->rec.data.sid].state == SCTP_STREAM_RESET_PENDING) && 458 TAILQ_EMPTY(&asoc->strmout[chk->rec.data.sid].outqueue)) { 459 asoc->trigger_reset = 1; 460 } 461 TAILQ_REMOVE(&asoc->sent_queue, chk, sctp_next); 462 if (PR_SCTP_ENABLED(chk->flags)) { 463 if (asoc->pr_sctp_cnt != 0) 464 asoc->pr_sctp_cnt--; 465 } 466 if (chk->data) { 467 /* sa_ignore NO_NULL_CHK */ 468 sctp_free_bufspace(stcb, asoc, chk, 1); 469 sctp_m_freem(chk->data); 470 chk->data = NULL; 471 if (asoc->prsctp_supported && PR_SCTP_BUF_ENABLED(chk->flags)) { 472 asoc->sent_queue_cnt_removeable--; 473 } 474 } 475 asoc->sent_queue_cnt--; 476 sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED); 477 } 478 } 479 SCTP_PRINTF("after recover order is as follows\n"); 480 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 481 SCTP_PRINTF("chk:%p TSN:%x\n", (void *)chk, chk->rec.data.tsn); 482 } 483} 484#endif 485 486static int 487sctp_mark_all_for_resend(struct sctp_tcb *stcb, 488 struct sctp_nets *net, 489 struct sctp_nets *alt, 490 int window_probe, 491 int *num_marked, 492 int *num_abandoned) 493{ 494 495 /* 496 * Mark all chunks (well not all) that were sent to *net for 497 * retransmission. Move them to alt for there destination as well... 498 * We only mark chunks that have been outstanding long enough to 499 * have received feed-back. 500 */ 501 struct sctp_tmit_chunk *chk, *nchk; 502 struct sctp_nets *lnets; 503 struct timeval now, min_wait, tv; 504 int cur_rto; 505 int cnt_abandoned; 506 int audit_tf, num_mk, fir; 507 unsigned int cnt_mk; 508 uint32_t orig_flight, orig_tf; 509 uint32_t tsnlast, tsnfirst; 510 int recovery_cnt = 0; 511 512 /* none in flight now */ 513 audit_tf = 0; 514 fir = 0; 515 /* 516 * figure out how long a data chunk must be pending before we can 517 * mark it .. 518 */ 519 (void)SCTP_GETTIME_TIMEVAL(&now); 520 /* get cur rto in micro-seconds */ 521 cur_rto = (net->lastsa >> SCTP_RTT_SHIFT) + net->lastsv; 522 cur_rto *= 1000; 523 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 524 sctp_log_fr(cur_rto, 525 stcb->asoc.peers_rwnd, 526 window_probe, 527 SCTP_FR_T3_MARK_TIME); 528 sctp_log_fr(net->flight_size, 0, 0, SCTP_FR_CWND_REPORT); 529 sctp_log_fr(net->flight_size, net->cwnd, stcb->asoc.total_flight, SCTP_FR_CWND_REPORT); 530 } 531 tv.tv_sec = cur_rto / 1000000; 532 tv.tv_usec = cur_rto % 1000000; 533 min_wait = now; 534 timevalsub(&min_wait, &tv); 535 if (min_wait.tv_sec < 0 || min_wait.tv_usec < 0) { 536 /* 537 * if we hit here, we don't have enough seconds on the clock 538 * to account for the RTO. We just let the lower seconds be 539 * the bounds and don't worry about it. This may mean we 540 * will mark a lot more than we should. 541 */ 542 min_wait.tv_sec = min_wait.tv_usec = 0; 543 } 544 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 545 sctp_log_fr(cur_rto, now.tv_sec, now.tv_usec, SCTP_FR_T3_MARK_TIME); 546 sctp_log_fr(0, min_wait.tv_sec, min_wait.tv_usec, SCTP_FR_T3_MARK_TIME); 547 } 548 /* 549 * Our rwnd will be incorrect here since we are not adding back the 550 * cnt * mbuf but we will fix that down below. 551 */ 552 orig_flight = net->flight_size; 553 orig_tf = stcb->asoc.total_flight; 554 555 net->fast_retran_ip = 0; 556 /* Now on to each chunk */ 557 cnt_abandoned = 0; 558 num_mk = cnt_mk = 0; 559 tsnfirst = tsnlast = 0; 560#ifndef INVARIANTS 561start_again: 562#endif 563 TAILQ_FOREACH_SAFE(chk, &stcb->asoc.sent_queue, sctp_next, nchk) { 564 if (SCTP_TSN_GE(stcb->asoc.last_acked_seq, chk->rec.data.tsn)) { 565 /* Strange case our list got out of order? */ 566 SCTP_PRINTF("Our list is out of order? last_acked:%x chk:%x\n", 567 (unsigned int)stcb->asoc.last_acked_seq, (unsigned int)chk->rec.data.tsn); 568 recovery_cnt++; 569#ifdef INVARIANTS 570 panic("last acked >= chk on sent-Q"); 571#else 572 SCTP_PRINTF("Recover attempts a restart cnt:%d\n", recovery_cnt); 573 sctp_recover_sent_list(stcb); 574 if (recovery_cnt < 10) { 575 goto start_again; 576 } else { 577 SCTP_PRINTF("Recovery fails %d times??\n", recovery_cnt); 578 } 579#endif 580 } 581 if ((chk->whoTo == net) && (chk->sent < SCTP_DATAGRAM_ACKED)) { 582 /* 583 * found one to mark: If it is less than 584 * DATAGRAM_ACKED it MUST not be a skipped or marked 585 * TSN but instead one that is either already set 586 * for retransmission OR one that needs 587 * retransmission. 588 */ 589 590 /* validate its been outstanding long enough */ 591 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 592 sctp_log_fr(chk->rec.data.tsn, 593 chk->sent_rcv_time.tv_sec, 594 chk->sent_rcv_time.tv_usec, 595 SCTP_FR_T3_MARK_TIME); 596 } 597 if ((chk->sent_rcv_time.tv_sec > min_wait.tv_sec) && (window_probe == 0)) { 598 /* 599 * we have reached a chunk that was sent 600 * some seconds past our min.. forget it we 601 * will find no more to send. 602 */ 603 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 604 sctp_log_fr(0, 605 chk->sent_rcv_time.tv_sec, 606 chk->sent_rcv_time.tv_usec, 607 SCTP_FR_T3_STOPPED); 608 } 609 continue; 610 } else if ((chk->sent_rcv_time.tv_sec == min_wait.tv_sec) && 611 (window_probe == 0)) { 612 /* 613 * we must look at the micro seconds to 614 * know. 615 */ 616 if (chk->sent_rcv_time.tv_usec >= min_wait.tv_usec) { 617 /* 618 * ok it was sent after our boundary 619 * time. 620 */ 621 continue; 622 } 623 } 624 if (stcb->asoc.prsctp_supported && PR_SCTP_TTL_ENABLED(chk->flags)) { 625 /* Is it expired? */ 626 if (timevalcmp(&now, &chk->rec.data.timetodrop, >)) { 627 /* Yes so drop it */ 628 if (chk->data) { 629 (void)sctp_release_pr_sctp_chunk(stcb, 630 chk, 631 1, 632 SCTP_SO_NOT_LOCKED); 633 cnt_abandoned++; 634 } 635 continue; 636 } 637 } 638 if (stcb->asoc.prsctp_supported && PR_SCTP_RTX_ENABLED(chk->flags)) { 639 /* Has it been retransmitted tv_sec times? */ 640 if (chk->snd_count > chk->rec.data.timetodrop.tv_sec) { 641 if (chk->data) { 642 (void)sctp_release_pr_sctp_chunk(stcb, 643 chk, 644 1, 645 SCTP_SO_NOT_LOCKED); 646 cnt_abandoned++; 647 } 648 continue; 649 } 650 } 651 if (chk->sent < SCTP_DATAGRAM_RESEND) { 652 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 653 num_mk++; 654 if (fir == 0) { 655 fir = 1; 656 tsnfirst = chk->rec.data.tsn; 657 } 658 tsnlast = chk->rec.data.tsn; 659 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 660 sctp_log_fr(chk->rec.data.tsn, chk->snd_count, 661 0, SCTP_FR_T3_MARKED); 662 } 663 664 if (chk->rec.data.chunk_was_revoked) { 665 /* deflate the cwnd */ 666 chk->whoTo->cwnd -= chk->book_size; 667 chk->rec.data.chunk_was_revoked = 0; 668 } 669 net->marked_retrans++; 670 stcb->asoc.marked_retrans++; 671 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 672 sctp_misc_ints(SCTP_FLIGHT_LOG_DOWN_RSND_TO, 673 chk->whoTo->flight_size, 674 chk->book_size, 675 (uint32_t)(uintptr_t)chk->whoTo, 676 chk->rec.data.tsn); 677 } 678 sctp_flight_size_decrease(chk); 679 sctp_total_flight_decrease(stcb, chk); 680 stcb->asoc.peers_rwnd += chk->send_size; 681 stcb->asoc.peers_rwnd += SCTP_BASE_SYSCTL(sctp_peer_chunk_oh); 682 } 683 chk->sent = SCTP_DATAGRAM_RESEND; 684 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 685 SCTP_STAT_INCR(sctps_markedretrans); 686 687 /* reset the TSN for striking and other FR stuff */ 688 chk->rec.data.doing_fast_retransmit = 0; 689 /* Clear any time so NO RTT is being done */ 690 691 if (chk->do_rtt) { 692 if (chk->whoTo->rto_needed == 0) { 693 chk->whoTo->rto_needed = 1; 694 } 695 } 696 chk->do_rtt = 0; 697 if (alt != net) { 698 sctp_free_remote_addr(chk->whoTo); 699 chk->no_fr_allowed = 1; 700 chk->whoTo = alt; 701 atomic_add_int(&alt->ref_count, 1); 702 } else { 703 chk->no_fr_allowed = 0; 704 if (TAILQ_EMPTY(&stcb->asoc.send_queue)) { 705 chk->rec.data.fast_retran_tsn = stcb->asoc.sending_seq; 706 } else { 707 chk->rec.data.fast_retran_tsn = (TAILQ_FIRST(&stcb->asoc.send_queue))->rec.data.tsn; 708 } 709 } 710 /* 711 * CMT: Do not allow FRs on retransmitted TSNs. 712 */ 713 if (stcb->asoc.sctp_cmt_on_off > 0) { 714 chk->no_fr_allowed = 1; 715 } 716#ifdef THIS_SHOULD_NOT_BE_DONE 717 } else if (chk->sent == SCTP_DATAGRAM_ACKED) { 718 /* remember highest acked one */ 719 could_be_sent = chk; 720#endif 721 } 722 if (chk->sent == SCTP_DATAGRAM_RESEND) { 723 cnt_mk++; 724 } 725 } 726 if ((orig_flight - net->flight_size) != (orig_tf - stcb->asoc.total_flight)) { 727 /* we did not subtract the same things? */ 728 audit_tf = 1; 729 } 730 731 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 732 sctp_log_fr(tsnfirst, tsnlast, num_mk, SCTP_FR_T3_TIMEOUT); 733 } 734#ifdef SCTP_DEBUG 735 if (num_mk) { 736 SCTPDBG(SCTP_DEBUG_TIMER1, "LAST TSN marked was %x\n", 737 tsnlast); 738 SCTPDBG(SCTP_DEBUG_TIMER1, "Num marked for retransmission was %d peer-rwd:%u\n", 739 num_mk, 740 stcb->asoc.peers_rwnd); 741 } 742#endif 743 *num_marked = num_mk; 744 *num_abandoned = cnt_abandoned; 745 /* 746 * Now check for a ECN Echo that may be stranded And include the 747 * cnt_mk'd to have all resends in the control queue. 748 */ 749 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 750 if (chk->sent == SCTP_DATAGRAM_RESEND) { 751 cnt_mk++; 752 } 753 if ((chk->whoTo == net) && 754 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 755 sctp_free_remote_addr(chk->whoTo); 756 chk->whoTo = alt; 757 if (chk->sent != SCTP_DATAGRAM_RESEND) { 758 chk->sent = SCTP_DATAGRAM_RESEND; 759 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 760 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 761 cnt_mk++; 762 } 763 atomic_add_int(&alt->ref_count, 1); 764 } 765 } 766#ifdef THIS_SHOULD_NOT_BE_DONE 767 if ((stcb->asoc.sent_queue_retran_cnt == 0) && (could_be_sent)) { 768 /* fix it so we retransmit the highest acked anyway */ 769 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 770 cnt_mk++; 771 could_be_sent->sent = SCTP_DATAGRAM_RESEND; 772 } 773#endif 774 if (stcb->asoc.sent_queue_retran_cnt != cnt_mk) { 775#ifdef INVARIANTS 776 SCTP_PRINTF("Local Audit says there are %d for retran asoc cnt:%d we marked:%d this time\n", 777 cnt_mk, stcb->asoc.sent_queue_retran_cnt, num_mk); 778#endif 779#ifndef SCTP_AUDITING_ENABLED 780 stcb->asoc.sent_queue_retran_cnt = cnt_mk; 781#endif 782 } 783 if (audit_tf) { 784 SCTPDBG(SCTP_DEBUG_TIMER4, 785 "Audit total flight due to negative value net:%p\n", 786 (void *)net); 787 stcb->asoc.total_flight = 0; 788 stcb->asoc.total_flight_count = 0; 789 /* Clear all networks flight size */ 790 TAILQ_FOREACH(lnets, &stcb->asoc.nets, sctp_next) { 791 lnets->flight_size = 0; 792 SCTPDBG(SCTP_DEBUG_TIMER4, 793 "Net:%p c-f cwnd:%d ssthresh:%d\n", 794 (void *)lnets, lnets->cwnd, lnets->ssthresh); 795 } 796 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) { 797 if (chk->sent < SCTP_DATAGRAM_RESEND) { 798 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 799 sctp_misc_ints(SCTP_FLIGHT_LOG_UP, 800 chk->whoTo->flight_size, 801 chk->book_size, 802 (uint32_t)(uintptr_t)chk->whoTo, 803 chk->rec.data.tsn); 804 } 805 806 sctp_flight_size_increase(chk); 807 sctp_total_flight_increase(stcb, chk); 808 } 809 } 810 } 811 /* We return 1 if we only have a window probe outstanding */ 812 return (0); 813} 814 815int 816sctp_t3rxt_timer(struct sctp_inpcb *inp, 817 struct sctp_tcb *stcb, 818 struct sctp_nets *net) 819{ 820 struct sctp_nets *alt; 821 int win_probe, num_mk, num_abandoned; 822 823 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 824 sctp_log_fr(0, 0, 0, SCTP_FR_T3_TIMEOUT); 825 } 826 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_LOGGING_ENABLE) { 827 struct sctp_nets *lnet; 828 829 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) { 830 if (net == lnet) { 831 sctp_log_cwnd(stcb, lnet, 1, SCTP_CWND_LOG_FROM_T3); 832 } else { 833 sctp_log_cwnd(stcb, lnet, 0, SCTP_CWND_LOG_FROM_T3); 834 } 835 } 836 } 837 /* Find an alternate and mark those for retransmission */ 838 if ((stcb->asoc.peers_rwnd == 0) && 839 (stcb->asoc.total_flight < net->mtu)) { 840 SCTP_STAT_INCR(sctps_timowindowprobe); 841 win_probe = 1; 842 } else { 843 win_probe = 0; 844 } 845 846 if (win_probe == 0) { 847 /* We don't do normal threshold management on window probes */ 848 if (sctp_threshold_management(inp, stcb, net, 849 stcb->asoc.max_send_times)) { 850 /* Association was destroyed */ 851 return (1); 852 } else { 853 if (net != stcb->asoc.primary_destination) { 854 /* send a immediate HB if our RTO is stale */ 855 struct timeval now; 856 unsigned int ms_goneby; 857 858 (void)SCTP_GETTIME_TIMEVAL(&now); 859 if (net->last_sent_time.tv_sec) { 860 ms_goneby = (now.tv_sec - net->last_sent_time.tv_sec) * 1000; 861 } else { 862 ms_goneby = 0; 863 } 864 if ((net->dest_state & SCTP_ADDR_PF) == 0) { 865 if ((ms_goneby > net->RTO) || (net->RTO == 0)) { 866 /* 867 * no recent feed back in an 868 * RTO or more, request a 869 * RTT update 870 */ 871 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 872 } 873 } 874 } 875 } 876 } else { 877 /* 878 * For a window probe we don't penalize the net's but only 879 * the association. This may fail it if SACKs are not coming 880 * back. If sack's are coming with rwnd locked at 0, we will 881 * continue to hold things waiting for rwnd to raise 882 */ 883 if (sctp_threshold_management(inp, stcb, NULL, 884 stcb->asoc.max_send_times)) { 885 /* Association was destroyed */ 886 return (1); 887 } 888 } 889 if (stcb->asoc.sctp_cmt_on_off > 0) { 890 if (net->pf_threshold < net->failure_threshold) { 891 alt = sctp_find_alternate_net(stcb, net, 2); 892 } else { 893 /* 894 * CMT: Using RTX_SSTHRESH policy for CMT. If CMT is 895 * being used, then pick dest with largest ssthresh 896 * for any retransmission. 897 */ 898 alt = sctp_find_alternate_net(stcb, net, 1); 899 /* 900 * CUCv2: If a different dest is picked for the 901 * retransmission, then new (rtx-)pseudo_cumack 902 * needs to be tracked for orig dest. Let CUCv2 903 * track new (rtx-) pseudo-cumack always. 904 */ 905 net->find_pseudo_cumack = 1; 906 net->find_rtx_pseudo_cumack = 1; 907 } 908 } else { 909 alt = sctp_find_alternate_net(stcb, net, 0); 910 } 911 912 num_mk = 0; 913 num_abandoned = 0; 914 (void)sctp_mark_all_for_resend(stcb, net, alt, win_probe, 915 &num_mk, &num_abandoned); 916 /* FR Loss recovery just ended with the T3. */ 917 stcb->asoc.fast_retran_loss_recovery = 0; 918 919 /* CMT FR loss recovery ended with the T3 */ 920 net->fast_retran_loss_recovery = 0; 921 if ((stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) && 922 (net->flight_size == 0)) { 923 (*stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) (stcb, net); 924 } 925 926 /* 927 * setup the sat loss recovery that prevents satellite cwnd advance. 928 */ 929 stcb->asoc.sat_t3_loss_recovery = 1; 930 stcb->asoc.sat_t3_recovery_tsn = stcb->asoc.sending_seq; 931 932 /* Backoff the timer and cwnd */ 933 sctp_backoff_on_timeout(stcb, net, win_probe, num_mk, num_abandoned); 934 if ((!(net->dest_state & SCTP_ADDR_REACHABLE)) || 935 (net->dest_state & SCTP_ADDR_PF)) { 936 /* Move all pending over too */ 937 sctp_move_chunks_from_net(stcb, net); 938 939 /* 940 * Get the address that failed, to force a new src address 941 * selecton and a route allocation. 942 */ 943 if (net->ro._s_addr) { 944 sctp_free_ifa(net->ro._s_addr); 945 net->ro._s_addr = NULL; 946 } 947 net->src_addr_selected = 0; 948 949 /* Force a route allocation too */ 950 RO_NHFREE(&net->ro); 951 952 /* Was it our primary? */ 953 if ((stcb->asoc.primary_destination == net) && (alt != net)) { 954 /* 955 * Yes, note it as such and find an alternate note: 956 * this means HB code must use this to resent the 957 * primary if it goes active AND if someone does a 958 * change-primary then this flag must be cleared 959 * from any net structures. 960 */ 961 if (stcb->asoc.alternate) { 962 sctp_free_remote_addr(stcb->asoc.alternate); 963 } 964 stcb->asoc.alternate = alt; 965 atomic_add_int(&stcb->asoc.alternate->ref_count, 1); 966 } 967 } 968 /* 969 * Special case for cookie-echo'ed case, we don't do output but must 970 * await the COOKIE-ACK before retransmission 971 */ 972 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 973 /* 974 * Here we just reset the timer and start again since we 975 * have not established the asoc 976 */ 977 sctp_timer_start(SCTP_TIMER_TYPE_SEND, inp, stcb, net); 978 return (0); 979 } 980 if (stcb->asoc.prsctp_supported) { 981 struct sctp_tmit_chunk *lchk; 982 983 lchk = sctp_try_advance_peer_ack_point(stcb, &stcb->asoc); 984 /* C3. See if we need to send a Fwd-TSN */ 985 if (SCTP_TSN_GT(stcb->asoc.advanced_peer_ack_point, stcb->asoc.last_acked_seq)) { 986 send_forward_tsn(stcb, &stcb->asoc); 987 for (; lchk != NULL; lchk = TAILQ_NEXT(lchk, sctp_next)) { 988 if (lchk->whoTo != NULL) { 989 break; 990 } 991 } 992 if (lchk != NULL) { 993 /* Assure a timer is up */ 994 sctp_timer_start(SCTP_TIMER_TYPE_SEND, stcb->sctp_ep, stcb, lchk->whoTo); 995 } 996 } 997 } 998 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_MONITOR_ENABLE) { 999 sctp_log_cwnd(stcb, net, net->cwnd, SCTP_CWND_LOG_FROM_RTX); 1000 } 1001 return (0); 1002} 1003 1004int 1005sctp_t1init_timer(struct sctp_inpcb *inp, 1006 struct sctp_tcb *stcb, 1007 struct sctp_nets *net) 1008{ 1009 /* bump the thresholds */ 1010 if (stcb->asoc.delayed_connection) { 1011 /* 1012 * special hook for delayed connection. The library did NOT 1013 * complete the rest of its sends. 1014 */ 1015 stcb->asoc.delayed_connection = 0; 1016 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1017 return (0); 1018 } 1019 if (SCTP_GET_STATE(stcb) != SCTP_STATE_COOKIE_WAIT) { 1020 return (0); 1021 } 1022 if (sctp_threshold_management(inp, stcb, net, 1023 stcb->asoc.max_init_times)) { 1024 /* Association was destroyed */ 1025 return (1); 1026 } 1027 stcb->asoc.dropped_special_cnt = 0; 1028 sctp_backoff_on_timeout(stcb, stcb->asoc.primary_destination, 1, 0, 0); 1029 if (stcb->asoc.initial_init_rto_max < net->RTO) { 1030 net->RTO = stcb->asoc.initial_init_rto_max; 1031 } 1032 if (stcb->asoc.numnets > 1) { 1033 /* If we have more than one addr use it */ 1034 struct sctp_nets *alt; 1035 1036 alt = sctp_find_alternate_net(stcb, stcb->asoc.primary_destination, 0); 1037 if (alt != stcb->asoc.primary_destination) { 1038 sctp_move_chunks_from_net(stcb, stcb->asoc.primary_destination); 1039 stcb->asoc.primary_destination = alt; 1040 } 1041 } 1042 /* Send out a new init */ 1043 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1044 return (0); 1045} 1046 1047/* 1048 * For cookie and asconf we actually need to find and mark for resend, then 1049 * increment the resend counter (after all the threshold management stuff of 1050 * course). 1051 */ 1052int 1053sctp_cookie_timer(struct sctp_inpcb *inp, 1054 struct sctp_tcb *stcb, 1055 struct sctp_nets *net SCTP_UNUSED) 1056{ 1057 struct sctp_nets *alt; 1058 struct sctp_tmit_chunk *cookie; 1059 1060 /* first before all else we must find the cookie */ 1061 TAILQ_FOREACH(cookie, &stcb->asoc.control_send_queue, sctp_next) { 1062 if (cookie->rec.chunk_id.id == SCTP_COOKIE_ECHO) { 1063 break; 1064 } 1065 } 1066 if (cookie == NULL) { 1067 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 1068 /* FOOBAR! */ 1069 struct mbuf *op_err; 1070 1071 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 1072 "Cookie timer expired, but no cookie"); 1073 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_3; 1074 sctp_abort_an_association(inp, stcb, op_err, SCTP_SO_NOT_LOCKED); 1075 } else { 1076#ifdef INVARIANTS 1077 panic("Cookie timer expires in wrong state?"); 1078#else 1079 SCTP_PRINTF("Strange in state %d not cookie-echoed yet c-e timer expires?\n", SCTP_GET_STATE(stcb)); 1080 return (0); 1081#endif 1082 } 1083 return (0); 1084 } 1085 /* Ok we found the cookie, threshold management next */ 1086 if (sctp_threshold_management(inp, stcb, cookie->whoTo, 1087 stcb->asoc.max_init_times)) { 1088 /* Assoc is over */ 1089 return (1); 1090 } 1091 /* 1092 * Cleared threshold management, now lets backoff the address and 1093 * select an alternate 1094 */ 1095 stcb->asoc.dropped_special_cnt = 0; 1096 sctp_backoff_on_timeout(stcb, cookie->whoTo, 1, 0, 0); 1097 alt = sctp_find_alternate_net(stcb, cookie->whoTo, 0); 1098 if (alt != cookie->whoTo) { 1099 sctp_free_remote_addr(cookie->whoTo); 1100 cookie->whoTo = alt; 1101 atomic_add_int(&alt->ref_count, 1); 1102 } 1103 /* Now mark the retran info */ 1104 if (cookie->sent != SCTP_DATAGRAM_RESEND) { 1105 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1106 } 1107 cookie->sent = SCTP_DATAGRAM_RESEND; 1108 cookie->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1109 /* 1110 * Now call the output routine to kick out the cookie again, Note we 1111 * don't mark any chunks for retran so that FR will need to kick in 1112 * to move these (or a send timer). 1113 */ 1114 return (0); 1115} 1116 1117int 1118sctp_strreset_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1119{ 1120 struct sctp_nets *alt, *net; 1121 struct sctp_tmit_chunk *strrst = NULL, *chk = NULL; 1122 1123 if (stcb->asoc.stream_reset_outstanding == 0) { 1124 return (0); 1125 } 1126 /* find the existing STRRESET, we use the seq number we sent out on */ 1127 (void)sctp_find_stream_reset(stcb, stcb->asoc.str_reset_seq_out, &strrst); 1128 if (strrst == NULL) { 1129 return (0); 1130 } 1131 net = strrst->whoTo; 1132 /* do threshold management */ 1133 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1134 /* Assoc is over */ 1135 return (1); 1136 } 1137 /* 1138 * Cleared threshold management, now lets backoff the address and 1139 * select an alternate 1140 */ 1141 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1142 alt = sctp_find_alternate_net(stcb, net, 0); 1143 strrst->whoTo = alt; 1144 atomic_add_int(&alt->ref_count, 1); 1145 1146 /* See if a ECN Echo is also stranded */ 1147 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1148 if ((chk->whoTo == net) && 1149 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1150 sctp_free_remote_addr(chk->whoTo); 1151 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1152 chk->sent = SCTP_DATAGRAM_RESEND; 1153 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1154 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1155 } 1156 chk->whoTo = alt; 1157 atomic_add_int(&alt->ref_count, 1); 1158 } 1159 } 1160 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1161 /* 1162 * If the address went un-reachable, we need to move to 1163 * alternates for ALL chk's in queue 1164 */ 1165 sctp_move_chunks_from_net(stcb, net); 1166 } 1167 sctp_free_remote_addr(net); 1168 1169 /* mark the retran info */ 1170 if (strrst->sent != SCTP_DATAGRAM_RESEND) 1171 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1172 strrst->sent = SCTP_DATAGRAM_RESEND; 1173 strrst->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1174 1175 /* restart the timer */ 1176 sctp_timer_start(SCTP_TIMER_TYPE_STRRESET, inp, stcb, alt); 1177 return (0); 1178} 1179 1180int 1181sctp_asconf_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1182 struct sctp_nets *net) 1183{ 1184 struct sctp_nets *alt; 1185 struct sctp_tmit_chunk *asconf, *chk; 1186 1187 /* is this a first send, or a retransmission? */ 1188 if (TAILQ_EMPTY(&stcb->asoc.asconf_send_queue)) { 1189 /* compose a new ASCONF chunk and send it */ 1190 sctp_send_asconf(stcb, net, SCTP_ADDR_NOT_LOCKED); 1191 } else { 1192 /* 1193 * Retransmission of the existing ASCONF is needed 1194 */ 1195 1196 /* find the existing ASCONF */ 1197 asconf = TAILQ_FIRST(&stcb->asoc.asconf_send_queue); 1198 if (asconf == NULL) { 1199 return (0); 1200 } 1201 net = asconf->whoTo; 1202 /* do threshold management */ 1203 if (sctp_threshold_management(inp, stcb, net, 1204 stcb->asoc.max_send_times)) { 1205 /* Assoc is over */ 1206 return (1); 1207 } 1208 if (asconf->snd_count > stcb->asoc.max_send_times) { 1209 /* 1210 * Something is rotten: our peer is not responding 1211 * to ASCONFs but apparently is to other chunks. 1212 * i.e. it is not properly handling the chunk type 1213 * upper bits. Mark this peer as ASCONF incapable 1214 * and cleanup. 1215 */ 1216 SCTPDBG(SCTP_DEBUG_TIMER1, "asconf_timer: Peer has not responded to our repeated ASCONFs\n"); 1217 sctp_asconf_cleanup(stcb); 1218 return (0); 1219 } 1220 /* 1221 * cleared threshold management, so now backoff the net and 1222 * select an alternate 1223 */ 1224 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1225 alt = sctp_find_alternate_net(stcb, net, 0); 1226 if (asconf->whoTo != alt) { 1227 asconf->whoTo = alt; 1228 atomic_add_int(&alt->ref_count, 1); 1229 } 1230 1231 /* See if an ECN Echo is also stranded */ 1232 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1233 if ((chk->whoTo == net) && 1234 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1235 sctp_free_remote_addr(chk->whoTo); 1236 chk->whoTo = alt; 1237 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1238 chk->sent = SCTP_DATAGRAM_RESEND; 1239 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1240 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1241 } 1242 atomic_add_int(&alt->ref_count, 1); 1243 } 1244 } 1245 TAILQ_FOREACH(chk, &stcb->asoc.asconf_send_queue, sctp_next) { 1246 if (chk->whoTo != alt) { 1247 sctp_free_remote_addr(chk->whoTo); 1248 chk->whoTo = alt; 1249 atomic_add_int(&alt->ref_count, 1); 1250 } 1251 if (asconf->sent != SCTP_DATAGRAM_RESEND && chk->sent != SCTP_DATAGRAM_UNSENT) 1252 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1253 chk->sent = SCTP_DATAGRAM_RESEND; 1254 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1255 } 1256 if (!(net->dest_state & SCTP_ADDR_REACHABLE)) { 1257 /* 1258 * If the address went un-reachable, we need to move 1259 * to the alternate for ALL chunks in queue 1260 */ 1261 sctp_move_chunks_from_net(stcb, net); 1262 } 1263 sctp_free_remote_addr(net); 1264 1265 /* mark the retran info */ 1266 if (asconf->sent != SCTP_DATAGRAM_RESEND) 1267 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1268 asconf->sent = SCTP_DATAGRAM_RESEND; 1269 asconf->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1270 1271 /* send another ASCONF if any and we can do */ 1272 sctp_send_asconf(stcb, alt, SCTP_ADDR_NOT_LOCKED); 1273 } 1274 return (0); 1275} 1276 1277/* Mobility adaptation */ 1278void 1279sctp_delete_prim_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1280{ 1281 if (stcb->asoc.deleted_primary == NULL) { 1282 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: deleted_primary is not stored...\n"); 1283 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1284 return; 1285 } 1286 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: finished to keep deleted primary "); 1287 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, &stcb->asoc.deleted_primary->ro._l_addr.sa); 1288 sctp_free_remote_addr(stcb->asoc.deleted_primary); 1289 stcb->asoc.deleted_primary = NULL; 1290 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1291 return; 1292} 1293 1294/* 1295 * For the shutdown and shutdown-ack, we do not keep one around on the 1296 * control queue. This means we must generate a new one and call the general 1297 * chunk output routine, AFTER having done threshold management. 1298 * It is assumed that net is non-NULL. 1299 */ 1300int 1301sctp_shutdown_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1302 struct sctp_nets *net) 1303{ 1304 struct sctp_nets *alt; 1305 1306 /* first threshold management */ 1307 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1308 /* Assoc is over */ 1309 return (1); 1310 } 1311 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1312 /* second select an alternative */ 1313 alt = sctp_find_alternate_net(stcb, net, 0); 1314 1315 /* third generate a shutdown into the queue for out net */ 1316 sctp_send_shutdown(stcb, alt); 1317 1318 /* fourth restart timer */ 1319 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, inp, stcb, alt); 1320 return (0); 1321} 1322 1323int 1324sctp_shutdownack_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1325 struct sctp_nets *net) 1326{ 1327 struct sctp_nets *alt; 1328 1329 /* first threshold management */ 1330 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1331 /* Assoc is over */ 1332 return (1); 1333 } 1334 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1335 /* second select an alternative */ 1336 alt = sctp_find_alternate_net(stcb, net, 0); 1337 1338 /* third generate a shutdown into the queue for out net */ 1339 sctp_send_shutdown_ack(stcb, alt); 1340 1341 /* fourth restart timer */ 1342 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNACK, inp, stcb, alt); 1343 return (0); 1344} 1345 1346static void 1347sctp_audit_stream_queues_for_size(struct sctp_inpcb *inp, 1348 struct sctp_tcb *stcb) 1349{ 1350 struct sctp_stream_queue_pending *sp; 1351 unsigned int i, chks_in_queue = 0; 1352 int being_filled = 0; 1353 1354 /* 1355 * This function is ONLY called when the send/sent queues are empty. 1356 */ 1357 if ((stcb == NULL) || (inp == NULL)) 1358 return; 1359 1360 if (stcb->asoc.sent_queue_retran_cnt) { 1361 SCTP_PRINTF("Hmm, sent_queue_retran_cnt is non-zero %d\n", 1362 stcb->asoc.sent_queue_retran_cnt); 1363 stcb->asoc.sent_queue_retran_cnt = 0; 1364 } 1365 if (stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1366 /* No stream scheduler information, initialize scheduler */ 1367 stcb->asoc.ss_functions.sctp_ss_init(stcb, &stcb->asoc, 0); 1368 if (!stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1369 /* yep, we lost a stream or two */ 1370 SCTP_PRINTF("Found additional streams NOT managed by scheduler, corrected\n"); 1371 } else { 1372 /* no streams lost */ 1373 stcb->asoc.total_output_queue_size = 0; 1374 } 1375 } 1376 /* Check to see if some data queued, if so report it */ 1377 for (i = 0; i < stcb->asoc.streamoutcnt; i++) { 1378 if (!TAILQ_EMPTY(&stcb->asoc.strmout[i].outqueue)) { 1379 TAILQ_FOREACH(sp, &stcb->asoc.strmout[i].outqueue, next) { 1380 if (sp->msg_is_complete) 1381 being_filled++; 1382 chks_in_queue++; 1383 } 1384 } 1385 } 1386 if (chks_in_queue != stcb->asoc.stream_queue_cnt) { 1387 SCTP_PRINTF("Hmm, stream queue cnt at %d I counted %d in stream out wheel\n", 1388 stcb->asoc.stream_queue_cnt, chks_in_queue); 1389 } 1390 if (chks_in_queue) { 1391 /* call the output queue function */ 1392 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); 1393 if ((TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1394 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1395 /* 1396 * Probably should go in and make it go back through 1397 * and add fragments allowed 1398 */ 1399 if (being_filled == 0) { 1400 SCTP_PRINTF("Still nothing moved %d chunks are stuck\n", 1401 chks_in_queue); 1402 } 1403 } 1404 } else { 1405 SCTP_PRINTF("Found no chunks on any queue tot:%lu\n", 1406 (u_long)stcb->asoc.total_output_queue_size); 1407 stcb->asoc.total_output_queue_size = 0; 1408 } 1409} 1410 1411int 1412sctp_heartbeat_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1413 struct sctp_nets *net) 1414{ 1415 uint8_t net_was_pf; 1416 1417 if (net->dest_state & SCTP_ADDR_PF) { 1418 net_was_pf = 1; 1419 } else { 1420 net_was_pf = 0; 1421 } 1422 if (net->hb_responded == 0) { 1423 if (net->ro._s_addr) { 1424 /* 1425 * Invalidate the src address if we did not get a 1426 * response last time. 1427 */ 1428 sctp_free_ifa(net->ro._s_addr); 1429 net->ro._s_addr = NULL; 1430 net->src_addr_selected = 0; 1431 } 1432 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1433 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1434 /* Assoc is over */ 1435 return (1); 1436 } 1437 } 1438 /* Zero PBA, if it needs it */ 1439 if (net->partial_bytes_acked) { 1440 net->partial_bytes_acked = 0; 1441 } 1442 if ((stcb->asoc.total_output_queue_size > 0) && 1443 (TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1444 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1445 sctp_audit_stream_queues_for_size(inp, stcb); 1446 } 1447 if (!(net->dest_state & SCTP_ADDR_NOHB) && 1448 !((net_was_pf == 0) && (net->dest_state & SCTP_ADDR_PF))) { 1449 /* 1450 * when move to PF during threshold mangement, a HB has been 1451 * queued in that routine 1452 */ 1453 uint32_t ms_gone_by; 1454 1455 if ((net->last_sent_time.tv_sec > 0) || 1456 (net->last_sent_time.tv_usec > 0)) { 1457 struct timeval diff; 1458 1459 SCTP_GETTIME_TIMEVAL(&diff); 1460 timevalsub(&diff, &net->last_sent_time); 1461 ms_gone_by = (uint32_t)(diff.tv_sec * 1000) + 1462 (uint32_t)(diff.tv_usec / 1000); 1463 } else { 1464 ms_gone_by = 0xffffffff; 1465 } 1466 if ((ms_gone_by >= net->heart_beat_delay) || 1467 (net->dest_state & SCTP_ADDR_PF)) { 1468 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 1469 } 1470 } 1471 return (0); 1472} 1473 1474void 1475sctp_pathmtu_timer(struct sctp_inpcb *inp, 1476 struct sctp_tcb *stcb, 1477 struct sctp_nets *net) 1478{ 1479 uint32_t next_mtu, mtu; 1480 1481 next_mtu = sctp_get_next_mtu(net->mtu); 1482 1483 if ((next_mtu > net->mtu) && (net->port == 0)) { 1484 if ((net->src_addr_selected == 0) || 1485 (net->ro._s_addr == NULL) || 1486 (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1487 if ((net->ro._s_addr != NULL) && (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1488 sctp_free_ifa(net->ro._s_addr); 1489 net->ro._s_addr = NULL; 1490 net->src_addr_selected = 0; 1491 } else if (net->ro._s_addr == NULL) { 1492#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1493 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1494 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1495 1496 /* KAME hack: embed scopeid */ 1497 (void)sa6_embedscope(sin6, MODULE_GLOBAL(ip6_use_defzone)); 1498 } 1499#endif 1500 1501 net->ro._s_addr = sctp_source_address_selection(inp, 1502 stcb, 1503 (sctp_route_t *)&net->ro, 1504 net, 0, stcb->asoc.vrf_id); 1505#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1506 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1507 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1508 1509 (void)sa6_recoverscope(sin6); 1510 } 1511#endif /* INET6 */ 1512 } 1513 if (net->ro._s_addr) 1514 net->src_addr_selected = 1; 1515 } 1516 if (net->ro._s_addr) { 1517 mtu = SCTP_GATHER_MTU_FROM_ROUTE(net->ro._s_addr, &net->ro._s_addr.sa, net->ro.ro_nh); 1518#if defined(INET) || defined(INET6) 1519 if (net->port) { 1520 mtu -= sizeof(struct udphdr); 1521 } 1522#endif 1523 if (mtu > next_mtu) { 1524 net->mtu = next_mtu; 1525 } else { 1526 net->mtu = mtu; 1527 } 1528 } 1529 } 1530 /* restart the timer */ 1531 sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, net); 1532} 1533 1534void 1535sctp_autoclose_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1536{ 1537 struct timeval tn, *tim_touse; 1538 struct sctp_association *asoc; 1539 uint32_t ticks_gone_by; 1540 1541 (void)SCTP_GETTIME_TIMEVAL(&tn); 1542 if (stcb->asoc.sctp_autoclose_ticks > 0 && 1543 sctp_is_feature_on(inp, SCTP_PCB_FLAGS_AUTOCLOSE)) { 1544 /* Auto close is on */ 1545 asoc = &stcb->asoc; 1546 /* pick the time to use */ 1547 if (asoc->time_last_rcvd.tv_sec > 1548 asoc->time_last_sent.tv_sec) { 1549 tim_touse = &asoc->time_last_rcvd; 1550 } else { 1551 tim_touse = &asoc->time_last_sent; 1552 } 1553 /* Now has long enough transpired to autoclose? */ 1554 ticks_gone_by = sctp_secs_to_ticks((uint32_t)(tn.tv_sec - tim_touse->tv_sec)); 1555 if (ticks_gone_by >= asoc->sctp_autoclose_ticks) { 1556 /* 1557 * autoclose time has hit, call the output routine, 1558 * which should do nothing just to be SURE we don't 1559 * have hanging data. We can then safely check the 1560 * queues and know that we are clear to send 1561 * shutdown 1562 */ 1563 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_AUTOCLOSE_TMR, SCTP_SO_NOT_LOCKED); 1564 /* Are we clean? */ 1565 if (TAILQ_EMPTY(&asoc->send_queue) && 1566 TAILQ_EMPTY(&asoc->sent_queue)) { 1567 /* 1568 * there is nothing queued to send, so I'm 1569 * done... 1570 */ 1571 if (SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_SENT) { 1572 /* only send SHUTDOWN 1st time thru */ 1573 struct sctp_nets *net; 1574 1575 if ((SCTP_GET_STATE(stcb) == SCTP_STATE_OPEN) || 1576 (SCTP_GET_STATE(stcb) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 1577 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 1578 } 1579 SCTP_SET_STATE(stcb, SCTP_STATE_SHUTDOWN_SENT); 1580 sctp_stop_timers_for_shutdown(stcb); 1581 if (stcb->asoc.alternate) { 1582 net = stcb->asoc.alternate; 1583 } else { 1584 net = stcb->asoc.primary_destination; 1585 } 1586 sctp_send_shutdown(stcb, net); 1587 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, 1588 stcb->sctp_ep, stcb, net); 1589 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNGUARD, 1590 stcb->sctp_ep, stcb, NULL); 1591 } 1592 } 1593 } else { 1594 /* 1595 * No auto close at this time, reset t-o to check 1596 * later 1597 */ 1598 uint32_t tmp; 1599 1600 /* fool the timer startup to use the time left */ 1601 tmp = asoc->sctp_autoclose_ticks; 1602 asoc->sctp_autoclose_ticks -= ticks_gone_by; 1603 sctp_timer_start(SCTP_TIMER_TYPE_AUTOCLOSE, inp, stcb, NULL); 1604 /* restore the real tick value */ 1605 asoc->sctp_autoclose_ticks = tmp; 1606 } 1607 } 1608} 1609