1/*- 2 * SPDX-License-Identifier: BSD-3-Clause 3 * 4 * Copyright (c) 2001-2007, by Cisco Systems, Inc. All rights reserved. 5 * Copyright (c) 2008-2012, by Randall Stewart. All rights reserved. 6 * Copyright (c) 2008-2012, by Michael Tuexen. All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions are met: 10 * 11 * a) Redistributions of source code must retain the above copyright notice, 12 * this list of conditions and the following disclaimer. 13 * 14 * b) Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in 16 * the documentation and/or other materials provided with the distribution. 17 * 18 * c) Neither the name of Cisco Systems, Inc. nor the names of its 19 * contributors may be used to endorse or promote products derived 20 * from this software without specific prior written permission. 21 * 22 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 23 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, 24 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 26 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 27 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 28 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 29 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 30 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 31 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF 32 * THE POSSIBILITY OF SUCH DAMAGE. 33 */ 34 35#define _IP_VHL 36#include <netinet/sctp_os.h> 37#include <netinet/sctp_pcb.h> 38 39#include <netinet/sctp_var.h> 40#include <netinet/sctp_sysctl.h> 41#include <netinet/sctp_timer.h> 42#include <netinet/sctputil.h> 43#include <netinet/sctp_output.h> 44#include <netinet/sctp_header.h> 45#include <netinet/sctp_indata.h> 46#include <netinet/sctp_asconf.h> 47#include <netinet/sctp_input.h> 48#include <netinet/sctp.h> 49#include <netinet/sctp_uio.h> 50#if defined(INET) || defined(INET6) 51#include <netinet/udp.h> 52#endif 53 54void 55sctp_audit_retranmission_queue(struct sctp_association *asoc) 56{ 57 struct sctp_tmit_chunk *chk; 58 59 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit invoked on send queue cnt:%d onqueue:%d\n", 60 asoc->sent_queue_retran_cnt, 61 asoc->sent_queue_cnt); 62 asoc->sent_queue_retran_cnt = 0; 63 asoc->sent_queue_cnt = 0; 64 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 65 if (chk->sent == SCTP_DATAGRAM_RESEND) { 66 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 67 } 68 asoc->sent_queue_cnt++; 69 } 70 TAILQ_FOREACH(chk, &asoc->control_send_queue, sctp_next) { 71 if (chk->sent == SCTP_DATAGRAM_RESEND) { 72 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 73 } 74 } 75 TAILQ_FOREACH(chk, &asoc->asconf_send_queue, sctp_next) { 76 if (chk->sent == SCTP_DATAGRAM_RESEND) { 77 sctp_ucount_incr(asoc->sent_queue_retran_cnt); 78 } 79 } 80 SCTPDBG(SCTP_DEBUG_TIMER4, "Audit completes retran:%d onqueue:%d\n", 81 asoc->sent_queue_retran_cnt, 82 asoc->sent_queue_cnt); 83} 84 85static int 86sctp_threshold_management(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 87 struct sctp_nets *net, uint16_t threshold) 88{ 89 KASSERT(stcb != NULL, ("stcb is NULL")); 90 SCTP_TCB_LOCK_ASSERT(stcb); 91 92 if (net != NULL) { 93 net->error_count++; 94 SCTPDBG(SCTP_DEBUG_TIMER4, "Error count for %p now %d thresh:%d\n", 95 (void *)net, net->error_count, 96 net->failure_threshold); 97 if (net->error_count > net->failure_threshold) { 98 /* We had a threshold failure */ 99 if (net->dest_state & SCTP_ADDR_REACHABLE) { 100 net->dest_state &= ~SCTP_ADDR_REACHABLE; 101 net->dest_state &= ~SCTP_ADDR_REQ_PRIMARY; 102 net->dest_state &= ~SCTP_ADDR_PF; 103 sctp_ulp_notify(SCTP_NOTIFY_INTERFACE_DOWN, 104 stcb, 0, 105 (void *)net, SCTP_SO_NOT_LOCKED); 106 } 107 } else if ((net->pf_threshold < net->failure_threshold) && 108 (net->error_count > net->pf_threshold)) { 109 if ((net->dest_state & SCTP_ADDR_PF) == 0) { 110 net->dest_state |= SCTP_ADDR_PF; 111 net->last_active = sctp_get_tick_count(); 112 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 113 sctp_timer_stop(SCTP_TIMER_TYPE_HEARTBEAT, 114 inp, stcb, net, 115 SCTP_FROM_SCTP_TIMER + SCTP_LOC_1); 116 sctp_timer_start(SCTP_TIMER_TYPE_HEARTBEAT, inp, stcb, net); 117 } 118 } 119 if ((net->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) { 120 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 121 sctp_misc_ints(SCTP_THRESHOLD_INCR, 122 stcb->asoc.overall_error_count, 123 (stcb->asoc.overall_error_count + 1), 124 SCTP_FROM_SCTP_TIMER, 125 __LINE__); 126 } 127 stcb->asoc.overall_error_count++; 128 } 129 } else { 130 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_THRESHOLD_LOGGING) { 131 sctp_misc_ints(SCTP_THRESHOLD_INCR, 132 stcb->asoc.overall_error_count, 133 (stcb->asoc.overall_error_count + 1), 134 SCTP_FROM_SCTP_TIMER, 135 __LINE__); 136 } 137 stcb->asoc.overall_error_count++; 138 } 139 SCTPDBG(SCTP_DEBUG_TIMER4, "Overall error count for %p now %d thresh:%u state:%x\n", 140 (void *)&stcb->asoc, stcb->asoc.overall_error_count, 141 (uint32_t)threshold, 142 ((net == NULL) ? (uint32_t)0 : (uint32_t)net->dest_state)); 143 /* 144 * We specifically do not do >= to give the assoc one more change 145 * before we fail it. 146 */ 147 if (stcb->asoc.overall_error_count > threshold) { 148 /* Abort notification sends a ULP notify */ 149 struct mbuf *op_err; 150 151 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 152 "Association error counter exceeded"); 153 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_2; 154 sctp_abort_an_association(inp, stcb, op_err, true, SCTP_SO_NOT_LOCKED); 155 return (1); 156 } 157 return (0); 158} 159 160/* 161 * sctp_find_alternate_net() returns a non-NULL pointer as long as there 162 * exists nets, which are not being deleted. 163 */ 164struct sctp_nets * 165sctp_find_alternate_net(struct sctp_tcb *stcb, 166 struct sctp_nets *net, 167 int mode) 168{ 169 /* Find and return an alternate network if possible */ 170 struct sctp_nets *alt, *mnet, *min_errors_net = NULL, *max_cwnd_net = NULL; 171 bool looped; 172 173 /* JRS 5/14/07 - Initialize min_errors to an impossible value. */ 174 int min_errors = -1; 175 uint32_t max_cwnd = 0; 176 177 if (stcb->asoc.numnets == 1) { 178 /* No selection can be made. */ 179 return (TAILQ_FIRST(&stcb->asoc.nets)); 180 } 181 /* 182 * JRS 5/14/07 - If mode is set to 2, use the CMT PF find alternate 183 * net algorithm. This algorithm chooses the active destination (not 184 * in PF state) with the largest cwnd value. If all destinations are 185 * in PF state, unreachable, or unconfirmed, choose the destination 186 * that is in PF state with the lowest error count. In case of a 187 * tie, choose the destination that was most recently active. 188 */ 189 if (mode == 2) { 190 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 191 /* 192 * JRS 5/14/07 - If the destination is unreachable 193 * or unconfirmed, skip it. 194 */ 195 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 196 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 197 continue; 198 } 199 /* 200 * JRS 5/14/07 - If the destination is reachable 201 * but in PF state, compare the error count of the 202 * destination to the minimum error count seen thus 203 * far. Store the destination with the lower error 204 * count. If the error counts are equal, store the 205 * destination that was most recently active. 206 */ 207 if (mnet->dest_state & SCTP_ADDR_PF) { 208 /* 209 * JRS 5/14/07 - If the destination under 210 * consideration is the current destination, 211 * work as if the error count is one higher. 212 * The actual error count will not be 213 * incremented until later in the t3 214 * handler. 215 */ 216 if (mnet == net) { 217 if (min_errors == -1) { 218 min_errors = mnet->error_count + 1; 219 min_errors_net = mnet; 220 } else if (mnet->error_count + 1 < min_errors) { 221 min_errors = mnet->error_count + 1; 222 min_errors_net = mnet; 223 } else if (mnet->error_count + 1 == min_errors 224 && mnet->last_active > min_errors_net->last_active) { 225 min_errors_net = mnet; 226 min_errors = mnet->error_count + 1; 227 } 228 continue; 229 } else { 230 if (min_errors == -1) { 231 min_errors = mnet->error_count; 232 min_errors_net = mnet; 233 } else if (mnet->error_count < min_errors) { 234 min_errors = mnet->error_count; 235 min_errors_net = mnet; 236 } else if (mnet->error_count == min_errors 237 && mnet->last_active > min_errors_net->last_active) { 238 min_errors_net = mnet; 239 min_errors = mnet->error_count; 240 } 241 continue; 242 } 243 } 244 /* 245 * JRS 5/14/07 - If the destination is reachable and 246 * not in PF state, compare the cwnd of the 247 * destination to the highest cwnd seen thus far. 248 * Store the destination with the higher cwnd value. 249 * If the cwnd values are equal, randomly choose one 250 * of the two destinations. 251 */ 252 if (max_cwnd < mnet->cwnd) { 253 max_cwnd_net = mnet; 254 max_cwnd = mnet->cwnd; 255 } else if (max_cwnd == mnet->cwnd) { 256 uint32_t rndval; 257 uint8_t this_random; 258 259 if (stcb->asoc.hb_random_idx > 3) { 260 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 261 memcpy(stcb->asoc.hb_random_values, &rndval, sizeof(stcb->asoc.hb_random_values)); 262 this_random = stcb->asoc.hb_random_values[0]; 263 stcb->asoc.hb_random_idx++; 264 stcb->asoc.hb_ect_randombit = 0; 265 } else { 266 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 267 stcb->asoc.hb_random_idx++; 268 stcb->asoc.hb_ect_randombit = 0; 269 } 270 if (this_random % 2 == 1) { 271 max_cwnd_net = mnet; 272 max_cwnd = mnet->cwnd; /* Useless? */ 273 } 274 } 275 } 276 if (max_cwnd_net == NULL) { 277 if (min_errors_net == NULL) { 278 return (net); 279 } 280 return (min_errors_net); 281 } else { 282 return (max_cwnd_net); 283 } 284 } /* JRS 5/14/07 - If mode is set to 1, use the 285 * CMT policy for choosing an alternate net. */ 286 else if (mode == 1) { 287 TAILQ_FOREACH(mnet, &stcb->asoc.nets, sctp_next) { 288 if (((mnet->dest_state & SCTP_ADDR_REACHABLE) != SCTP_ADDR_REACHABLE) || 289 (mnet->dest_state & SCTP_ADDR_UNCONFIRMED)) { 290 /* 291 * will skip ones that are not-reachable or 292 * unconfirmed 293 */ 294 continue; 295 } 296 if (max_cwnd < mnet->cwnd) { 297 max_cwnd_net = mnet; 298 max_cwnd = mnet->cwnd; 299 } else if (max_cwnd == mnet->cwnd) { 300 uint32_t rndval; 301 uint8_t this_random; 302 303 if (stcb->asoc.hb_random_idx > 3) { 304 rndval = sctp_select_initial_TSN(&stcb->sctp_ep->sctp_ep); 305 memcpy(stcb->asoc.hb_random_values, &rndval, 306 sizeof(stcb->asoc.hb_random_values)); 307 this_random = stcb->asoc.hb_random_values[0]; 308 stcb->asoc.hb_random_idx = 0; 309 stcb->asoc.hb_ect_randombit = 0; 310 } else { 311 this_random = stcb->asoc.hb_random_values[stcb->asoc.hb_random_idx]; 312 stcb->asoc.hb_random_idx++; 313 stcb->asoc.hb_ect_randombit = 0; 314 } 315 if (this_random % 2) { 316 max_cwnd_net = mnet; 317 max_cwnd = mnet->cwnd; 318 } 319 } 320 } 321 if (max_cwnd_net) { 322 return (max_cwnd_net); 323 } 324 } 325 /* Look for an alternate net, which is active. */ 326 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 327 alt = TAILQ_NEXT(net, sctp_next); 328 } else { 329 alt = TAILQ_FIRST(&stcb->asoc.nets); 330 } 331 looped = false; 332 for (;;) { 333 if (alt == NULL) { 334 if (!looped) { 335 alt = TAILQ_FIRST(&stcb->asoc.nets); 336 looped = true; 337 } 338 /* Definitely out of candidates. */ 339 if (alt == NULL) { 340 break; 341 } 342 } 343 if (alt->ro.ro_nh == NULL) { 344 if (alt->ro._s_addr) { 345 sctp_free_ifa(alt->ro._s_addr); 346 alt->ro._s_addr = NULL; 347 } 348 alt->src_addr_selected = 0; 349 } 350 if (((alt->dest_state & SCTP_ADDR_REACHABLE) == SCTP_ADDR_REACHABLE) && 351 (alt->ro.ro_nh != NULL) && 352 ((alt->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) && 353 (alt != net)) { 354 /* Found an alternate net, which is reachable. */ 355 break; 356 } 357 alt = TAILQ_NEXT(alt, sctp_next); 358 } 359 360 if (alt == NULL) { 361 /* 362 * In case no active alternate net has been found, look for 363 * an alternate net, which is confirmed. 364 */ 365 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 366 alt = TAILQ_NEXT(net, sctp_next); 367 } else { 368 alt = TAILQ_FIRST(&stcb->asoc.nets); 369 } 370 looped = false; 371 for (;;) { 372 if (alt == NULL) { 373 if (!looped) { 374 alt = TAILQ_FIRST(&stcb->asoc.nets); 375 looped = true; 376 } 377 /* Definitely out of candidates. */ 378 if (alt == NULL) { 379 break; 380 } 381 } 382 if (((alt->dest_state & SCTP_ADDR_UNCONFIRMED) == 0) && 383 (alt != net)) { 384 /* 385 * Found an alternate net, which is 386 * confirmed. 387 */ 388 break; 389 } 390 alt = TAILQ_NEXT(alt, sctp_next); 391 } 392 } 393 if (alt == NULL) { 394 /* 395 * In case no confirmed alternate net has been found, just 396 * return net, if it is not being deleted. In the other case 397 * just return the first net. 398 */ 399 if ((net != NULL) && ((net->dest_state & SCTP_ADDR_BEING_DELETED) == 0)) { 400 alt = net; 401 } 402 if (alt == NULL) { 403 alt = TAILQ_FIRST(&stcb->asoc.nets); 404 } 405 } 406 return (alt); 407} 408 409static void 410sctp_backoff_on_timeout(struct sctp_tcb *stcb, 411 struct sctp_nets *net, 412 int win_probe, 413 int num_marked, int num_abandoned) 414{ 415 if (net->RTO == 0) { 416 if (net->RTO_measured) { 417 net->RTO = stcb->asoc.minrto; 418 } else { 419 net->RTO = stcb->asoc.initial_rto; 420 } 421 } 422 net->RTO <<= 1; 423 if (net->RTO > stcb->asoc.maxrto) { 424 net->RTO = stcb->asoc.maxrto; 425 } 426 if ((win_probe == 0) && (num_marked || num_abandoned)) { 427 /* We don't apply penalty to window probe scenarios */ 428 /* JRS - Use the congestion control given in the CC module */ 429 stcb->asoc.cc_functions.sctp_cwnd_update_after_timeout(stcb, net); 430 } 431} 432 433#ifndef INVARIANTS 434static void 435sctp_recover_sent_list(struct sctp_tcb *stcb) 436{ 437 struct sctp_tmit_chunk *chk, *nchk; 438 struct sctp_association *asoc; 439 440 asoc = &stcb->asoc; 441 TAILQ_FOREACH_SAFE(chk, &asoc->sent_queue, sctp_next, nchk) { 442 if (SCTP_TSN_GE(asoc->last_acked_seq, chk->rec.data.tsn)) { 443 SCTP_PRINTF("Found chk:%p tsn:%x <= last_acked_seq:%x\n", 444 (void *)chk, chk->rec.data.tsn, asoc->last_acked_seq); 445 if (chk->sent != SCTP_DATAGRAM_NR_ACKED) { 446 if (asoc->strmout[chk->rec.data.sid].chunks_on_queues > 0) { 447 asoc->strmout[chk->rec.data.sid].chunks_on_queues--; 448 } 449 } 450 if ((asoc->strmout[chk->rec.data.sid].chunks_on_queues == 0) && 451 (asoc->strmout[chk->rec.data.sid].state == SCTP_STREAM_RESET_PENDING) && 452 TAILQ_EMPTY(&asoc->strmout[chk->rec.data.sid].outqueue)) { 453 asoc->trigger_reset = 1; 454 } 455 TAILQ_REMOVE(&asoc->sent_queue, chk, sctp_next); 456 if (PR_SCTP_ENABLED(chk->flags)) { 457 if (asoc->pr_sctp_cnt != 0) 458 asoc->pr_sctp_cnt--; 459 } 460 if (chk->data) { 461 /* sa_ignore NO_NULL_CHK */ 462 sctp_free_bufspace(stcb, asoc, chk, 1); 463 sctp_m_freem(chk->data); 464 chk->data = NULL; 465 if (asoc->prsctp_supported && PR_SCTP_BUF_ENABLED(chk->flags)) { 466 asoc->sent_queue_cnt_removeable--; 467 } 468 } 469 asoc->sent_queue_cnt--; 470 sctp_free_a_chunk(stcb, chk, SCTP_SO_NOT_LOCKED); 471 } 472 } 473 SCTP_PRINTF("after recover order is as follows\n"); 474 TAILQ_FOREACH(chk, &asoc->sent_queue, sctp_next) { 475 SCTP_PRINTF("chk:%p TSN:%x\n", (void *)chk, chk->rec.data.tsn); 476 } 477} 478#endif 479 480static int 481sctp_mark_all_for_resend(struct sctp_tcb *stcb, 482 struct sctp_nets *net, 483 struct sctp_nets *alt, 484 int window_probe, 485 int *num_marked, 486 int *num_abandoned) 487{ 488 489 /* 490 * Mark all chunks (well not all) that were sent to *net for 491 * retransmission. Move them to alt for there destination as well... 492 * We only mark chunks that have been outstanding long enough to 493 * have received feed-back. 494 */ 495 struct sctp_tmit_chunk *chk, *nchk; 496 struct sctp_nets *lnets; 497 struct timeval now, min_wait, tv; 498 int cur_rto; 499 int cnt_abandoned; 500 int audit_tf, num_mk, fir; 501 unsigned int cnt_mk; 502 uint32_t orig_flight, orig_tf; 503 uint32_t tsnlast, tsnfirst; 504#ifndef INVARIANTS 505 int recovery_cnt = 0; 506#endif 507 508 /* none in flight now */ 509 audit_tf = 0; 510 fir = 0; 511 /* 512 * figure out how long a data chunk must be pending before we can 513 * mark it .. 514 */ 515 (void)SCTP_GETTIME_TIMEVAL(&now); 516 /* get cur rto in micro-seconds */ 517 cur_rto = (net->lastsa >> SCTP_RTT_SHIFT) + net->lastsv; 518 cur_rto *= 1000; 519 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 520 sctp_log_fr(cur_rto, 521 stcb->asoc.peers_rwnd, 522 window_probe, 523 SCTP_FR_T3_MARK_TIME); 524 sctp_log_fr(net->flight_size, 0, 0, SCTP_FR_CWND_REPORT); 525 sctp_log_fr(net->flight_size, net->cwnd, stcb->asoc.total_flight, SCTP_FR_CWND_REPORT); 526 } 527 tv.tv_sec = cur_rto / 1000000; 528 tv.tv_usec = cur_rto % 1000000; 529 min_wait = now; 530 timevalsub(&min_wait, &tv); 531 if (min_wait.tv_sec < 0 || min_wait.tv_usec < 0) { 532 /* 533 * if we hit here, we don't have enough seconds on the clock 534 * to account for the RTO. We just let the lower seconds be 535 * the bounds and don't worry about it. This may mean we 536 * will mark a lot more than we should. 537 */ 538 min_wait.tv_sec = min_wait.tv_usec = 0; 539 } 540 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 541 sctp_log_fr(cur_rto, (uint32_t)now.tv_sec, now.tv_usec, SCTP_FR_T3_MARK_TIME); 542 sctp_log_fr(0, (uint32_t)min_wait.tv_sec, min_wait.tv_usec, SCTP_FR_T3_MARK_TIME); 543 } 544 /* 545 * Our rwnd will be incorrect here since we are not adding back the 546 * cnt * mbuf but we will fix that down below. 547 */ 548 orig_flight = net->flight_size; 549 orig_tf = stcb->asoc.total_flight; 550 551 net->fast_retran_ip = 0; 552 /* Now on to each chunk */ 553 cnt_abandoned = 0; 554 num_mk = cnt_mk = 0; 555 tsnfirst = tsnlast = 0; 556#ifndef INVARIANTS 557start_again: 558#endif 559 TAILQ_FOREACH_SAFE(chk, &stcb->asoc.sent_queue, sctp_next, nchk) { 560 if (SCTP_TSN_GE(stcb->asoc.last_acked_seq, chk->rec.data.tsn)) { 561 /* Strange case our list got out of order? */ 562 SCTP_PRINTF("Our list is out of order? last_acked:%x chk:%x\n", 563 (unsigned int)stcb->asoc.last_acked_seq, (unsigned int)chk->rec.data.tsn); 564#ifdef INVARIANTS 565 panic("last acked >= chk on sent-Q"); 566#else 567 recovery_cnt++; 568 SCTP_PRINTF("Recover attempts a restart cnt:%d\n", recovery_cnt); 569 sctp_recover_sent_list(stcb); 570 if (recovery_cnt < 10) { 571 goto start_again; 572 } else { 573 SCTP_PRINTF("Recovery fails %d times??\n", recovery_cnt); 574 } 575#endif 576 } 577 if ((chk->whoTo == net) && (chk->sent < SCTP_DATAGRAM_ACKED)) { 578 /* 579 * found one to mark: If it is less than 580 * DATAGRAM_ACKED it MUST not be a skipped or marked 581 * TSN but instead one that is either already set 582 * for retransmission OR one that needs 583 * retransmission. 584 */ 585 586 /* validate its been outstanding long enough */ 587 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 588 sctp_log_fr(chk->rec.data.tsn, 589 (uint32_t)chk->sent_rcv_time.tv_sec, 590 chk->sent_rcv_time.tv_usec, 591 SCTP_FR_T3_MARK_TIME); 592 } 593 if ((chk->sent_rcv_time.tv_sec > min_wait.tv_sec) && (window_probe == 0)) { 594 /* 595 * we have reached a chunk that was sent 596 * some seconds past our min.. forget it we 597 * will find no more to send. 598 */ 599 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 600 sctp_log_fr(0, 601 (uint32_t)chk->sent_rcv_time.tv_sec, 602 chk->sent_rcv_time.tv_usec, 603 SCTP_FR_T3_STOPPED); 604 } 605 continue; 606 } else if ((chk->sent_rcv_time.tv_sec == min_wait.tv_sec) && 607 (window_probe == 0)) { 608 /* 609 * we must look at the micro seconds to 610 * know. 611 */ 612 if (chk->sent_rcv_time.tv_usec >= min_wait.tv_usec) { 613 /* 614 * ok it was sent after our boundary 615 * time. 616 */ 617 continue; 618 } 619 } 620 if (stcb->asoc.prsctp_supported && PR_SCTP_TTL_ENABLED(chk->flags)) { 621 /* Is it expired? */ 622 if (timevalcmp(&now, &chk->rec.data.timetodrop, >)) { 623 /* Yes so drop it */ 624 if (chk->data) { 625 (void)sctp_release_pr_sctp_chunk(stcb, 626 chk, 627 1, 628 SCTP_SO_NOT_LOCKED); 629 cnt_abandoned++; 630 } 631 continue; 632 } 633 } 634 if (stcb->asoc.prsctp_supported && PR_SCTP_RTX_ENABLED(chk->flags)) { 635 /* Has it been retransmitted tv_sec times? */ 636 if (chk->snd_count > chk->rec.data.timetodrop.tv_sec) { 637 if (chk->data) { 638 (void)sctp_release_pr_sctp_chunk(stcb, 639 chk, 640 1, 641 SCTP_SO_NOT_LOCKED); 642 cnt_abandoned++; 643 } 644 continue; 645 } 646 } 647 if (chk->sent < SCTP_DATAGRAM_RESEND) { 648 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 649 num_mk++; 650 if (fir == 0) { 651 fir = 1; 652 tsnfirst = chk->rec.data.tsn; 653 } 654 tsnlast = chk->rec.data.tsn; 655 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 656 sctp_log_fr(chk->rec.data.tsn, chk->snd_count, 657 0, SCTP_FR_T3_MARKED); 658 } 659 660 if (chk->rec.data.chunk_was_revoked) { 661 /* deflate the cwnd */ 662 chk->whoTo->cwnd -= chk->book_size; 663 chk->rec.data.chunk_was_revoked = 0; 664 } 665 net->marked_retrans++; 666 stcb->asoc.marked_retrans++; 667 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 668 sctp_misc_ints(SCTP_FLIGHT_LOG_DOWN_RSND_TO, 669 chk->whoTo->flight_size, 670 chk->book_size, 671 (uint32_t)(uintptr_t)chk->whoTo, 672 chk->rec.data.tsn); 673 } 674 sctp_flight_size_decrease(chk); 675 sctp_total_flight_decrease(stcb, chk); 676 stcb->asoc.peers_rwnd += chk->send_size; 677 stcb->asoc.peers_rwnd += SCTP_BASE_SYSCTL(sctp_peer_chunk_oh); 678 } 679 chk->sent = SCTP_DATAGRAM_RESEND; 680 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 681 SCTP_STAT_INCR(sctps_markedretrans); 682 683 /* reset the TSN for striking and other FR stuff */ 684 chk->rec.data.doing_fast_retransmit = 0; 685 /* Clear any time so NO RTT is being done */ 686 687 if (chk->do_rtt) { 688 if (chk->whoTo->rto_needed == 0) { 689 chk->whoTo->rto_needed = 1; 690 } 691 } 692 chk->do_rtt = 0; 693 if (alt != net) { 694 sctp_free_remote_addr(chk->whoTo); 695 chk->no_fr_allowed = 1; 696 chk->whoTo = alt; 697 atomic_add_int(&alt->ref_count, 1); 698 } else { 699 chk->no_fr_allowed = 0; 700 if (TAILQ_EMPTY(&stcb->asoc.send_queue)) { 701 chk->rec.data.fast_retran_tsn = stcb->asoc.sending_seq; 702 } else { 703 chk->rec.data.fast_retran_tsn = (TAILQ_FIRST(&stcb->asoc.send_queue))->rec.data.tsn; 704 } 705 } 706 /* 707 * CMT: Do not allow FRs on retransmitted TSNs. 708 */ 709 if (stcb->asoc.sctp_cmt_on_off > 0) { 710 chk->no_fr_allowed = 1; 711 } 712#ifdef THIS_SHOULD_NOT_BE_DONE 713 } else if (chk->sent == SCTP_DATAGRAM_ACKED) { 714 /* remember highest acked one */ 715 could_be_sent = chk; 716#endif 717 } 718 if (chk->sent == SCTP_DATAGRAM_RESEND) { 719 cnt_mk++; 720 } 721 } 722 if ((orig_flight - net->flight_size) != (orig_tf - stcb->asoc.total_flight)) { 723 /* we did not subtract the same things? */ 724 audit_tf = 1; 725 } 726 727 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 728 sctp_log_fr(tsnfirst, tsnlast, num_mk, SCTP_FR_T3_TIMEOUT); 729 } 730#ifdef SCTP_DEBUG 731 if (num_mk) { 732 SCTPDBG(SCTP_DEBUG_TIMER1, "LAST TSN marked was %x\n", 733 tsnlast); 734 SCTPDBG(SCTP_DEBUG_TIMER1, "Num marked for retransmission was %d peer-rwd:%u\n", 735 num_mk, 736 stcb->asoc.peers_rwnd); 737 } 738#endif 739 *num_marked = num_mk; 740 *num_abandoned = cnt_abandoned; 741 /* 742 * Now check for a ECN Echo that may be stranded And include the 743 * cnt_mk'd to have all resends in the control queue. 744 */ 745 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 746 if (chk->sent == SCTP_DATAGRAM_RESEND) { 747 cnt_mk++; 748 } 749 if ((chk->whoTo == net) && 750 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 751 sctp_free_remote_addr(chk->whoTo); 752 chk->whoTo = alt; 753 if (chk->sent != SCTP_DATAGRAM_RESEND) { 754 chk->sent = SCTP_DATAGRAM_RESEND; 755 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 756 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 757 cnt_mk++; 758 } 759 atomic_add_int(&alt->ref_count, 1); 760 } 761 } 762#ifdef THIS_SHOULD_NOT_BE_DONE 763 if ((stcb->asoc.sent_queue_retran_cnt == 0) && (could_be_sent)) { 764 /* fix it so we retransmit the highest acked anyway */ 765 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 766 cnt_mk++; 767 could_be_sent->sent = SCTP_DATAGRAM_RESEND; 768 } 769#endif 770 if (stcb->asoc.sent_queue_retran_cnt != cnt_mk) { 771#ifdef INVARIANTS 772 SCTP_PRINTF("Local Audit says there are %d for retran asoc cnt:%d we marked:%d this time\n", 773 cnt_mk, stcb->asoc.sent_queue_retran_cnt, num_mk); 774#endif 775#ifndef SCTP_AUDITING_ENABLED 776 stcb->asoc.sent_queue_retran_cnt = cnt_mk; 777#endif 778 } 779 if (audit_tf) { 780 SCTPDBG(SCTP_DEBUG_TIMER4, 781 "Audit total flight due to negative value net:%p\n", 782 (void *)net); 783 stcb->asoc.total_flight = 0; 784 stcb->asoc.total_flight_count = 0; 785 /* Clear all networks flight size */ 786 TAILQ_FOREACH(lnets, &stcb->asoc.nets, sctp_next) { 787 lnets->flight_size = 0; 788 SCTPDBG(SCTP_DEBUG_TIMER4, 789 "Net:%p c-f cwnd:%d ssthresh:%d\n", 790 (void *)lnets, lnets->cwnd, lnets->ssthresh); 791 } 792 TAILQ_FOREACH(chk, &stcb->asoc.sent_queue, sctp_next) { 793 if (chk->sent < SCTP_DATAGRAM_RESEND) { 794 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FLIGHT_LOGGING_ENABLE) { 795 sctp_misc_ints(SCTP_FLIGHT_LOG_UP, 796 chk->whoTo->flight_size, 797 chk->book_size, 798 (uint32_t)(uintptr_t)chk->whoTo, 799 chk->rec.data.tsn); 800 } 801 802 sctp_flight_size_increase(chk); 803 sctp_total_flight_increase(stcb, chk); 804 } 805 } 806 } 807 /* We return 1 if we only have a window probe outstanding */ 808 return (0); 809} 810 811int 812sctp_t3rxt_timer(struct sctp_inpcb *inp, 813 struct sctp_tcb *stcb, 814 struct sctp_nets *net) 815{ 816 struct sctp_nets *alt; 817 int win_probe, num_mk, num_abandoned; 818 819 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_FR_LOGGING_ENABLE) { 820 sctp_log_fr(0, 0, 0, SCTP_FR_T3_TIMEOUT); 821 } 822 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_LOGGING_ENABLE) { 823 struct sctp_nets *lnet; 824 825 TAILQ_FOREACH(lnet, &stcb->asoc.nets, sctp_next) { 826 if (net == lnet) { 827 sctp_log_cwnd(stcb, lnet, 1, SCTP_CWND_LOG_FROM_T3); 828 } else { 829 sctp_log_cwnd(stcb, lnet, 0, SCTP_CWND_LOG_FROM_T3); 830 } 831 } 832 } 833 /* Find an alternate and mark those for retransmission */ 834 if ((stcb->asoc.peers_rwnd == 0) && 835 (stcb->asoc.total_flight < net->mtu)) { 836 SCTP_STAT_INCR(sctps_timowindowprobe); 837 win_probe = 1; 838 } else { 839 win_probe = 0; 840 } 841 842 if (win_probe == 0) { 843 /* We don't do normal threshold management on window probes */ 844 if (sctp_threshold_management(inp, stcb, net, 845 stcb->asoc.max_send_times)) { 846 /* Association was destroyed */ 847 return (1); 848 } else { 849 if (net != stcb->asoc.primary_destination) { 850 /* send a immediate HB if our RTO is stale */ 851 struct timeval now; 852 uint32_t ms_goneby; 853 854 (void)SCTP_GETTIME_TIMEVAL(&now); 855 if (net->last_sent_time.tv_sec) { 856 ms_goneby = (uint32_t)(now.tv_sec - net->last_sent_time.tv_sec) * 1000; 857 } else { 858 ms_goneby = 0; 859 } 860 if ((net->dest_state & SCTP_ADDR_PF) == 0) { 861 if ((ms_goneby > net->RTO) || (net->RTO == 0)) { 862 /* 863 * no recent feed back in an 864 * RTO or more, request a 865 * RTT update 866 */ 867 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 868 } 869 } 870 } 871 } 872 } else { 873 /* 874 * For a window probe we don't penalize the net's but only 875 * the association. This may fail it if SACKs are not coming 876 * back. If sack's are coming with rwnd locked at 0, we will 877 * continue to hold things waiting for rwnd to raise 878 */ 879 if (sctp_threshold_management(inp, stcb, NULL, 880 stcb->asoc.max_send_times)) { 881 /* Association was destroyed */ 882 return (1); 883 } 884 } 885 if (stcb->asoc.sctp_cmt_on_off > 0) { 886 if (net->pf_threshold < net->failure_threshold) { 887 alt = sctp_find_alternate_net(stcb, net, 2); 888 } else { 889 /* 890 * CMT: Using RTX_SSTHRESH policy for CMT. If CMT is 891 * being used, then pick dest with largest ssthresh 892 * for any retransmission. 893 */ 894 alt = sctp_find_alternate_net(stcb, net, 1); 895 /* 896 * CUCv2: If a different dest is picked for the 897 * retransmission, then new (rtx-)pseudo_cumack 898 * needs to be tracked for orig dest. Let CUCv2 899 * track new (rtx-) pseudo-cumack always. 900 */ 901 net->find_pseudo_cumack = 1; 902 net->find_rtx_pseudo_cumack = 1; 903 } 904 } else { 905 alt = sctp_find_alternate_net(stcb, net, 0); 906 } 907 908 num_mk = 0; 909 num_abandoned = 0; 910 (void)sctp_mark_all_for_resend(stcb, net, alt, win_probe, 911 &num_mk, &num_abandoned); 912 /* FR Loss recovery just ended with the T3. */ 913 stcb->asoc.fast_retran_loss_recovery = 0; 914 915 /* CMT FR loss recovery ended with the T3 */ 916 net->fast_retran_loss_recovery = 0; 917 if ((stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) && 918 (net->flight_size == 0)) { 919 (*stcb->asoc.cc_functions.sctp_cwnd_new_transmission_begins) (stcb, net); 920 } 921 922 /* 923 * setup the sat loss recovery that prevents satellite cwnd advance. 924 */ 925 stcb->asoc.sat_t3_loss_recovery = 1; 926 stcb->asoc.sat_t3_recovery_tsn = stcb->asoc.sending_seq; 927 928 /* Backoff the timer and cwnd */ 929 sctp_backoff_on_timeout(stcb, net, win_probe, num_mk, num_abandoned); 930 if (((net->dest_state & SCTP_ADDR_REACHABLE) == 0) || 931 (net->dest_state & SCTP_ADDR_PF)) { 932 /* Move all pending over too */ 933 sctp_move_chunks_from_net(stcb, net); 934 935 /* 936 * Get the address that failed, to force a new src address 937 * selection and a route allocation. 938 */ 939 if (net->ro._s_addr != NULL) { 940 sctp_free_ifa(net->ro._s_addr); 941 net->ro._s_addr = NULL; 942 } 943 net->src_addr_selected = 0; 944 945 /* Force a route allocation too */ 946 RO_NHFREE(&net->ro); 947 948 /* Was it our primary? */ 949 if ((stcb->asoc.primary_destination == net) && (alt != net)) { 950 /* 951 * Yes, note it as such and find an alternate note: 952 * this means HB code must use this to resent the 953 * primary if it goes active AND if someone does a 954 * change-primary then this flag must be cleared 955 * from any net structures. 956 */ 957 if (stcb->asoc.alternate != NULL) { 958 sctp_free_remote_addr(stcb->asoc.alternate); 959 } 960 stcb->asoc.alternate = alt; 961 atomic_add_int(&stcb->asoc.alternate->ref_count, 1); 962 } 963 } 964 /* 965 * Special case for cookie-echo'ed case, we don't do output but must 966 * await the COOKIE-ACK before retransmission 967 */ 968 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 969 /* 970 * Here we just reset the timer and start again since we 971 * have not established the asoc 972 */ 973 sctp_timer_start(SCTP_TIMER_TYPE_SEND, inp, stcb, net); 974 return (0); 975 } 976 if (stcb->asoc.prsctp_supported) { 977 struct sctp_tmit_chunk *lchk; 978 979 lchk = sctp_try_advance_peer_ack_point(stcb, &stcb->asoc); 980 /* C3. See if we need to send a Fwd-TSN */ 981 if (SCTP_TSN_GT(stcb->asoc.advanced_peer_ack_point, stcb->asoc.last_acked_seq)) { 982 send_forward_tsn(stcb, &stcb->asoc); 983 for (; lchk != NULL; lchk = TAILQ_NEXT(lchk, sctp_next)) { 984 if (lchk->whoTo != NULL) { 985 break; 986 } 987 } 988 if (lchk != NULL) { 989 /* Assure a timer is up */ 990 sctp_timer_start(SCTP_TIMER_TYPE_SEND, stcb->sctp_ep, stcb, lchk->whoTo); 991 } 992 } 993 } 994 if (SCTP_BASE_SYSCTL(sctp_logging_level) & SCTP_CWND_MONITOR_ENABLE) { 995 sctp_log_cwnd(stcb, net, net->cwnd, SCTP_CWND_LOG_FROM_RTX); 996 } 997 return (0); 998} 999 1000int 1001sctp_t1init_timer(struct sctp_inpcb *inp, 1002 struct sctp_tcb *stcb, 1003 struct sctp_nets *net) 1004{ 1005 /* bump the thresholds */ 1006 if (stcb->asoc.delayed_connection) { 1007 /* 1008 * special hook for delayed connection. The library did NOT 1009 * complete the rest of its sends. 1010 */ 1011 stcb->asoc.delayed_connection = 0; 1012 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1013 return (0); 1014 } 1015 if (SCTP_GET_STATE(stcb) != SCTP_STATE_COOKIE_WAIT) { 1016 return (0); 1017 } 1018 if (sctp_threshold_management(inp, stcb, net, 1019 stcb->asoc.max_init_times)) { 1020 /* Association was destroyed */ 1021 return (1); 1022 } 1023 stcb->asoc.dropped_special_cnt = 0; 1024 sctp_backoff_on_timeout(stcb, stcb->asoc.primary_destination, 1, 0, 0); 1025 if (stcb->asoc.initial_init_rto_max < net->RTO) { 1026 net->RTO = stcb->asoc.initial_init_rto_max; 1027 } 1028 if (stcb->asoc.numnets > 1) { 1029 /* If we have more than one addr use it */ 1030 struct sctp_nets *alt; 1031 1032 alt = sctp_find_alternate_net(stcb, stcb->asoc.primary_destination, 0); 1033 if (alt != stcb->asoc.primary_destination) { 1034 sctp_move_chunks_from_net(stcb, stcb->asoc.primary_destination); 1035 stcb->asoc.primary_destination = alt; 1036 } 1037 } 1038 /* Send out a new init */ 1039 sctp_send_initiate(inp, stcb, SCTP_SO_NOT_LOCKED); 1040 return (0); 1041} 1042 1043/* 1044 * For cookie and asconf we actually need to find and mark for resend, then 1045 * increment the resend counter (after all the threshold management stuff of 1046 * course). 1047 */ 1048int 1049sctp_cookie_timer(struct sctp_inpcb *inp, 1050 struct sctp_tcb *stcb, 1051 struct sctp_nets *net SCTP_UNUSED) 1052{ 1053 struct sctp_nets *alt; 1054 struct sctp_tmit_chunk *cookie; 1055 1056 /* first before all else we must find the cookie */ 1057 TAILQ_FOREACH(cookie, &stcb->asoc.control_send_queue, sctp_next) { 1058 if (cookie->rec.chunk_id.id == SCTP_COOKIE_ECHO) { 1059 break; 1060 } 1061 } 1062 if (cookie == NULL) { 1063 if (SCTP_GET_STATE(stcb) == SCTP_STATE_COOKIE_ECHOED) { 1064 /* FOOBAR! */ 1065 struct mbuf *op_err; 1066 1067 op_err = sctp_generate_cause(SCTP_BASE_SYSCTL(sctp_diag_info_code), 1068 "Cookie timer expired, but no cookie"); 1069 inp->last_abort_code = SCTP_FROM_SCTP_TIMER + SCTP_LOC_3; 1070 sctp_abort_an_association(inp, stcb, op_err, false, SCTP_SO_NOT_LOCKED); 1071 } else { 1072#ifdef INVARIANTS 1073 panic("Cookie timer expires in wrong state?"); 1074#else 1075 SCTP_PRINTF("Strange in state %d not cookie-echoed yet c-e timer expires?\n", SCTP_GET_STATE(stcb)); 1076 return (0); 1077#endif 1078 } 1079 return (0); 1080 } 1081 /* Ok we found the cookie, threshold management next */ 1082 if (sctp_threshold_management(inp, stcb, cookie->whoTo, 1083 stcb->asoc.max_init_times)) { 1084 /* Assoc is over */ 1085 return (1); 1086 } 1087 /* 1088 * Cleared threshold management, now lets backoff the address and 1089 * select an alternate 1090 */ 1091 stcb->asoc.dropped_special_cnt = 0; 1092 sctp_backoff_on_timeout(stcb, cookie->whoTo, 1, 0, 0); 1093 alt = sctp_find_alternate_net(stcb, cookie->whoTo, 0); 1094 if (alt != cookie->whoTo) { 1095 sctp_free_remote_addr(cookie->whoTo); 1096 cookie->whoTo = alt; 1097 atomic_add_int(&alt->ref_count, 1); 1098 } 1099 /* Now mark the retran info */ 1100 if (cookie->sent != SCTP_DATAGRAM_RESEND) { 1101 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1102 } 1103 cookie->sent = SCTP_DATAGRAM_RESEND; 1104 cookie->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1105 /* 1106 * Now call the output routine to kick out the cookie again, Note we 1107 * don't mark any chunks for retran so that FR will need to kick in 1108 * to move these (or a send timer). 1109 */ 1110 return (0); 1111} 1112 1113int 1114sctp_strreset_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1115{ 1116 struct sctp_nets *alt, *net; 1117 struct sctp_tmit_chunk *strrst = NULL, *chk = NULL; 1118 1119 if (stcb->asoc.stream_reset_outstanding == 0) { 1120 return (0); 1121 } 1122 /* find the existing STRRESET, we use the seq number we sent out on */ 1123 (void)sctp_find_stream_reset(stcb, stcb->asoc.str_reset_seq_out, &strrst); 1124 if (strrst == NULL) { 1125 return (0); 1126 } 1127 net = strrst->whoTo; 1128 /* do threshold management */ 1129 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1130 /* Assoc is over */ 1131 return (1); 1132 } 1133 /* 1134 * Cleared threshold management, now lets backoff the address and 1135 * select an alternate 1136 */ 1137 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1138 alt = sctp_find_alternate_net(stcb, net, 0); 1139 strrst->whoTo = alt; 1140 atomic_add_int(&alt->ref_count, 1); 1141 1142 /* See if a ECN Echo is also stranded */ 1143 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1144 if ((chk->whoTo == net) && 1145 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1146 sctp_free_remote_addr(chk->whoTo); 1147 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1148 chk->sent = SCTP_DATAGRAM_RESEND; 1149 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1150 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1151 } 1152 chk->whoTo = alt; 1153 atomic_add_int(&alt->ref_count, 1); 1154 } 1155 } 1156 if ((net->dest_state & SCTP_ADDR_REACHABLE) == 0) { 1157 /* 1158 * If the address went un-reachable, we need to move to 1159 * alternates for ALL chk's in queue 1160 */ 1161 sctp_move_chunks_from_net(stcb, net); 1162 } 1163 sctp_free_remote_addr(net); 1164 1165 /* mark the retran info */ 1166 if (strrst->sent != SCTP_DATAGRAM_RESEND) 1167 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1168 strrst->sent = SCTP_DATAGRAM_RESEND; 1169 strrst->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1170 1171 /* restart the timer */ 1172 sctp_timer_start(SCTP_TIMER_TYPE_STRRESET, inp, stcb, alt); 1173 return (0); 1174} 1175 1176int 1177sctp_asconf_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1178 struct sctp_nets *net) 1179{ 1180 struct sctp_nets *alt; 1181 struct sctp_tmit_chunk *asconf, *chk; 1182 1183 /* is this a first send, or a retransmission? */ 1184 if (TAILQ_EMPTY(&stcb->asoc.asconf_send_queue)) { 1185 /* compose a new ASCONF chunk and send it */ 1186 sctp_send_asconf(stcb, net, SCTP_ADDR_NOT_LOCKED); 1187 } else { 1188 /* 1189 * Retransmission of the existing ASCONF is needed 1190 */ 1191 1192 /* find the existing ASCONF */ 1193 asconf = TAILQ_FIRST(&stcb->asoc.asconf_send_queue); 1194 if (asconf == NULL) { 1195 return (0); 1196 } 1197 net = asconf->whoTo; 1198 /* do threshold management */ 1199 if (sctp_threshold_management(inp, stcb, net, 1200 stcb->asoc.max_send_times)) { 1201 /* Assoc is over */ 1202 return (1); 1203 } 1204 if (asconf->snd_count > stcb->asoc.max_send_times) { 1205 /* 1206 * Something is rotten: our peer is not responding 1207 * to ASCONFs but apparently is to other chunks. 1208 * i.e. it is not properly handling the chunk type 1209 * upper bits. Mark this peer as ASCONF incapable 1210 * and cleanup. 1211 */ 1212 SCTPDBG(SCTP_DEBUG_TIMER1, "asconf_timer: Peer has not responded to our repeated ASCONFs\n"); 1213 sctp_asconf_cleanup(stcb); 1214 return (0); 1215 } 1216 /* 1217 * cleared threshold management, so now backoff the net and 1218 * select an alternate 1219 */ 1220 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1221 alt = sctp_find_alternate_net(stcb, net, 0); 1222 if (asconf->whoTo != alt) { 1223 asconf->whoTo = alt; 1224 atomic_add_int(&alt->ref_count, 1); 1225 } 1226 1227 /* See if an ECN Echo is also stranded */ 1228 TAILQ_FOREACH(chk, &stcb->asoc.control_send_queue, sctp_next) { 1229 if ((chk->whoTo == net) && 1230 (chk->rec.chunk_id.id == SCTP_ECN_ECHO)) { 1231 sctp_free_remote_addr(chk->whoTo); 1232 chk->whoTo = alt; 1233 if (chk->sent != SCTP_DATAGRAM_RESEND) { 1234 chk->sent = SCTP_DATAGRAM_RESEND; 1235 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1236 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1237 } 1238 atomic_add_int(&alt->ref_count, 1); 1239 } 1240 } 1241 TAILQ_FOREACH(chk, &stcb->asoc.asconf_send_queue, sctp_next) { 1242 if (chk->whoTo != alt) { 1243 sctp_free_remote_addr(chk->whoTo); 1244 chk->whoTo = alt; 1245 atomic_add_int(&alt->ref_count, 1); 1246 } 1247 if (asconf->sent != SCTP_DATAGRAM_RESEND && chk->sent != SCTP_DATAGRAM_UNSENT) 1248 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1249 chk->sent = SCTP_DATAGRAM_RESEND; 1250 chk->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1251 } 1252 if ((net->dest_state & SCTP_ADDR_REACHABLE) == 0) { 1253 /* 1254 * If the address went un-reachable, we need to move 1255 * to the alternate for ALL chunks in queue 1256 */ 1257 sctp_move_chunks_from_net(stcb, net); 1258 } 1259 sctp_free_remote_addr(net); 1260 1261 /* mark the retran info */ 1262 if (asconf->sent != SCTP_DATAGRAM_RESEND) 1263 sctp_ucount_incr(stcb->asoc.sent_queue_retran_cnt); 1264 asconf->sent = SCTP_DATAGRAM_RESEND; 1265 asconf->flags |= CHUNK_FLAGS_FRAGMENT_OK; 1266 1267 /* send another ASCONF if any and we can do */ 1268 sctp_send_asconf(stcb, alt, SCTP_ADDR_NOT_LOCKED); 1269 } 1270 return (0); 1271} 1272 1273/* Mobility adaptation */ 1274void 1275sctp_delete_prim_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1276{ 1277 if (stcb->asoc.deleted_primary == NULL) { 1278 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: deleted_primary is not stored...\n"); 1279 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1280 return; 1281 } 1282 SCTPDBG(SCTP_DEBUG_ASCONF1, "delete_prim_timer: finished to keep deleted primary "); 1283 SCTPDBG_ADDR(SCTP_DEBUG_ASCONF1, &stcb->asoc.deleted_primary->ro._l_addr.sa); 1284 sctp_free_remote_addr(stcb->asoc.deleted_primary); 1285 stcb->asoc.deleted_primary = NULL; 1286 sctp_mobility_feature_off(inp, SCTP_MOBILITY_PRIM_DELETED); 1287 return; 1288} 1289 1290/* 1291 * For the shutdown and shutdown-ack, we do not keep one around on the 1292 * control queue. This means we must generate a new one and call the general 1293 * chunk output routine, AFTER having done threshold management. 1294 * It is assumed that net is non-NULL. 1295 */ 1296int 1297sctp_shutdown_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1298 struct sctp_nets *net) 1299{ 1300 struct sctp_nets *alt; 1301 1302 /* first threshold management */ 1303 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1304 /* Assoc is over */ 1305 return (1); 1306 } 1307 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1308 /* second select an alternative */ 1309 alt = sctp_find_alternate_net(stcb, net, 0); 1310 1311 /* third generate a shutdown into the queue for out net */ 1312 sctp_send_shutdown(stcb, alt); 1313 1314 /* fourth restart timer */ 1315 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, inp, stcb, alt); 1316 return (0); 1317} 1318 1319int 1320sctp_shutdownack_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1321 struct sctp_nets *net) 1322{ 1323 struct sctp_nets *alt; 1324 1325 /* first threshold management */ 1326 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1327 /* Assoc is over */ 1328 return (1); 1329 } 1330 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1331 /* second select an alternative */ 1332 alt = sctp_find_alternate_net(stcb, net, 0); 1333 1334 /* third generate a shutdown into the queue for out net */ 1335 sctp_send_shutdown_ack(stcb, alt); 1336 1337 /* fourth restart timer */ 1338 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNACK, inp, stcb, alt); 1339 return (0); 1340} 1341 1342static void 1343sctp_audit_stream_queues_for_size(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1344{ 1345 struct sctp_stream_queue_pending *sp; 1346 unsigned int i, chks_in_queue = 0; 1347 int being_filled = 0; 1348 1349 KASSERT(inp != NULL, ("inp is NULL")); 1350 KASSERT(stcb != NULL, ("stcb is NULL")); 1351 SCTP_TCB_LOCK_ASSERT(stcb); 1352 KASSERT(TAILQ_EMPTY(&stcb->asoc.send_queue), ("send_queue not empty")); 1353 KASSERT(TAILQ_EMPTY(&stcb->asoc.sent_queue), ("sent_queue not empty")); 1354 1355 if (stcb->asoc.sent_queue_retran_cnt) { 1356 SCTP_PRINTF("Hmm, sent_queue_retran_cnt is non-zero %d\n", 1357 stcb->asoc.sent_queue_retran_cnt); 1358 stcb->asoc.sent_queue_retran_cnt = 0; 1359 } 1360 if (stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1361 /* No stream scheduler information, initialize scheduler */ 1362 stcb->asoc.ss_functions.sctp_ss_init(stcb, &stcb->asoc); 1363 if (!stcb->asoc.ss_functions.sctp_ss_is_empty(stcb, &stcb->asoc)) { 1364 /* yep, we lost a stream or two */ 1365 SCTP_PRINTF("Found additional streams NOT managed by scheduler, corrected\n"); 1366 } else { 1367 /* no streams lost */ 1368 stcb->asoc.total_output_queue_size = 0; 1369 } 1370 } 1371 /* Check to see if some data queued, if so report it */ 1372 for (i = 0; i < stcb->asoc.streamoutcnt; i++) { 1373 if (!TAILQ_EMPTY(&stcb->asoc.strmout[i].outqueue)) { 1374 TAILQ_FOREACH(sp, &stcb->asoc.strmout[i].outqueue, next) { 1375 if (sp->msg_is_complete) 1376 being_filled++; 1377 chks_in_queue++; 1378 } 1379 } 1380 } 1381 if (chks_in_queue != stcb->asoc.stream_queue_cnt) { 1382 SCTP_PRINTF("Hmm, stream queue cnt at %d I counted %d in stream out wheel\n", 1383 stcb->asoc.stream_queue_cnt, chks_in_queue); 1384 } 1385 if (chks_in_queue) { 1386 /* call the output queue function */ 1387 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_T3, SCTP_SO_NOT_LOCKED); 1388 if ((TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1389 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1390 /* 1391 * Probably should go in and make it go back through 1392 * and add fragments allowed 1393 */ 1394 if (being_filled == 0) { 1395 SCTP_PRINTF("Still nothing moved %d chunks are stuck\n", 1396 chks_in_queue); 1397 } 1398 } 1399 } else { 1400 SCTP_PRINTF("Found no chunks on any queue tot:%lu\n", 1401 (u_long)stcb->asoc.total_output_queue_size); 1402 stcb->asoc.total_output_queue_size = 0; 1403 } 1404} 1405 1406int 1407sctp_heartbeat_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb, 1408 struct sctp_nets *net) 1409{ 1410 bool net_was_pf; 1411 1412 net_was_pf = (net->dest_state & SCTP_ADDR_PF) != 0; 1413 if (net->hb_responded == 0) { 1414 if (net->ro._s_addr != NULL) { 1415 /* 1416 * Invalidate the src address if we did not get a 1417 * response last time. 1418 */ 1419 sctp_free_ifa(net->ro._s_addr); 1420 net->ro._s_addr = NULL; 1421 net->src_addr_selected = 0; 1422 } 1423 sctp_backoff_on_timeout(stcb, net, 1, 0, 0); 1424 if (sctp_threshold_management(inp, stcb, net, stcb->asoc.max_send_times)) { 1425 /* Assoc is over */ 1426 return (1); 1427 } 1428 } 1429 /* Zero PBA, if it needs it */ 1430 if (net->partial_bytes_acked > 0) { 1431 net->partial_bytes_acked = 0; 1432 } 1433 if ((stcb->asoc.total_output_queue_size > 0) && 1434 (TAILQ_EMPTY(&stcb->asoc.send_queue)) && 1435 (TAILQ_EMPTY(&stcb->asoc.sent_queue))) { 1436 sctp_audit_stream_queues_for_size(inp, stcb); 1437 } 1438 if ((((net->dest_state & SCTP_ADDR_NOHB) == 0) || 1439 (net->dest_state & SCTP_ADDR_UNCONFIRMED)) && 1440 (net_was_pf || ((net->dest_state & SCTP_ADDR_PF) == 0))) { 1441 /* 1442 * When moving to PF during threshold management, a HB has 1443 * been queued in that routine. 1444 */ 1445 uint32_t ms_gone_by; 1446 1447 if ((net->last_sent_time.tv_sec > 0) || 1448 (net->last_sent_time.tv_usec > 0)) { 1449 struct timeval diff; 1450 1451 SCTP_GETTIME_TIMEVAL(&diff); 1452 timevalsub(&diff, &net->last_sent_time); 1453 ms_gone_by = (uint32_t)(diff.tv_sec * 1000) + 1454 (uint32_t)(diff.tv_usec / 1000); 1455 } else { 1456 ms_gone_by = 0xffffffff; 1457 } 1458 if ((ms_gone_by >= net->heart_beat_delay) || 1459 (net->dest_state & SCTP_ADDR_UNCONFIRMED) || 1460 (net->dest_state & SCTP_ADDR_PF)) { 1461 sctp_send_hb(stcb, net, SCTP_SO_NOT_LOCKED); 1462 } 1463 } 1464 return (0); 1465} 1466 1467void 1468sctp_pathmtu_timer(struct sctp_inpcb *inp, 1469 struct sctp_tcb *stcb, 1470 struct sctp_nets *net) 1471{ 1472 uint32_t next_mtu, mtu; 1473 1474 next_mtu = sctp_get_next_mtu(net->mtu); 1475 1476 if ((next_mtu > net->mtu) && (net->port == 0)) { 1477 if ((net->src_addr_selected == 0) || 1478 (net->ro._s_addr == NULL) || 1479 (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1480 if ((net->ro._s_addr != NULL) && (net->ro._s_addr->localifa_flags & SCTP_BEING_DELETED)) { 1481 sctp_free_ifa(net->ro._s_addr); 1482 net->ro._s_addr = NULL; 1483 net->src_addr_selected = 0; 1484 } else if (net->ro._s_addr == NULL) { 1485#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1486 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1487 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1488 1489 /* KAME hack: embed scopeid */ 1490 (void)sa6_embedscope(sin6, MODULE_GLOBAL(ip6_use_defzone)); 1491 } 1492#endif 1493 1494 net->ro._s_addr = sctp_source_address_selection(inp, 1495 stcb, 1496 (sctp_route_t *)&net->ro, 1497 net, 0, stcb->asoc.vrf_id); 1498#if defined(INET6) && defined(SCTP_EMBEDDED_V6_SCOPE) 1499 if (net->ro._l_addr.sa.sa_family == AF_INET6) { 1500 struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&net->ro._l_addr; 1501 1502 (void)sa6_recoverscope(sin6); 1503 } 1504#endif /* INET6 */ 1505 } 1506 if (net->ro._s_addr) 1507 net->src_addr_selected = 1; 1508 } 1509 if (net->ro._s_addr) { 1510 mtu = SCTP_GATHER_MTU_FROM_ROUTE(net->ro._s_addr, &net->ro._s_addr.sa, net->ro.ro_nh); 1511#if defined(INET) || defined(INET6) 1512 if (net->port) { 1513 mtu -= sizeof(struct udphdr); 1514 } 1515#endif 1516 if (mtu > next_mtu) { 1517 net->mtu = next_mtu; 1518 } else { 1519 net->mtu = mtu; 1520 } 1521 } 1522 } 1523 /* restart the timer */ 1524 sctp_timer_start(SCTP_TIMER_TYPE_PATHMTURAISE, inp, stcb, net); 1525} 1526 1527void 1528sctp_autoclose_timer(struct sctp_inpcb *inp, struct sctp_tcb *stcb) 1529{ 1530 struct timeval tn, *tim_touse; 1531 struct sctp_association *asoc; 1532 uint32_t ticks_gone_by; 1533 1534 (void)SCTP_GETTIME_TIMEVAL(&tn); 1535 if (stcb->asoc.sctp_autoclose_ticks > 0 && 1536 sctp_is_feature_on(inp, SCTP_PCB_FLAGS_AUTOCLOSE)) { 1537 /* Auto close is on */ 1538 asoc = &stcb->asoc; 1539 /* pick the time to use */ 1540 if (asoc->time_last_rcvd.tv_sec > 1541 asoc->time_last_sent.tv_sec) { 1542 tim_touse = &asoc->time_last_rcvd; 1543 } else { 1544 tim_touse = &asoc->time_last_sent; 1545 } 1546 /* Now has long enough transpired to autoclose? */ 1547 ticks_gone_by = sctp_secs_to_ticks((uint32_t)(tn.tv_sec - tim_touse->tv_sec)); 1548 if (ticks_gone_by >= asoc->sctp_autoclose_ticks) { 1549 /* 1550 * autoclose time has hit, call the output routine, 1551 * which should do nothing just to be SURE we don't 1552 * have hanging data. We can then safely check the 1553 * queues and know that we are clear to send 1554 * shutdown 1555 */ 1556 sctp_chunk_output(inp, stcb, SCTP_OUTPUT_FROM_AUTOCLOSE_TMR, SCTP_SO_NOT_LOCKED); 1557 /* Are we clean? */ 1558 if (TAILQ_EMPTY(&asoc->send_queue) && 1559 TAILQ_EMPTY(&asoc->sent_queue)) { 1560 /* 1561 * there is nothing queued to send, so I'm 1562 * done... 1563 */ 1564 if (SCTP_GET_STATE(stcb) != SCTP_STATE_SHUTDOWN_SENT) { 1565 /* only send SHUTDOWN 1st time thru */ 1566 struct sctp_nets *net; 1567 1568 if ((SCTP_GET_STATE(stcb) == SCTP_STATE_OPEN) || 1569 (SCTP_GET_STATE(stcb) == SCTP_STATE_SHUTDOWN_RECEIVED)) { 1570 SCTP_STAT_DECR_GAUGE32(sctps_currestab); 1571 } 1572 SCTP_SET_STATE(stcb, SCTP_STATE_SHUTDOWN_SENT); 1573 sctp_stop_timers_for_shutdown(stcb); 1574 if (stcb->asoc.alternate) { 1575 net = stcb->asoc.alternate; 1576 } else { 1577 net = stcb->asoc.primary_destination; 1578 } 1579 sctp_send_shutdown(stcb, net); 1580 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWN, 1581 stcb->sctp_ep, stcb, net); 1582 sctp_timer_start(SCTP_TIMER_TYPE_SHUTDOWNGUARD, 1583 stcb->sctp_ep, stcb, NULL); 1584 } 1585 } 1586 } else { 1587 /* 1588 * No auto close at this time, reset t-o to check 1589 * later 1590 */ 1591 uint32_t tmp; 1592 1593 /* fool the timer startup to use the time left */ 1594 tmp = asoc->sctp_autoclose_ticks; 1595 asoc->sctp_autoclose_ticks -= ticks_gone_by; 1596 sctp_timer_start(SCTP_TIMER_TYPE_AUTOCLOSE, inp, stcb, NULL); 1597 /* restore the real tick value */ 1598 asoc->sctp_autoclose_ticks = tmp; 1599 } 1600 } 1601} 1602