1 /* SCTP kernel implementation
2 * (C) Copyright IBM Corp. 2001, 2004
3 * Copyright (c) 1999-2000 Cisco, Inc.
4 * Copyright (c) 1999-2001 Motorola, Inc.
5 * Copyright (c) 2001-2003 Intel Corp.
6 *
7 * This file is part of the SCTP kernel implementation
8 *
9 * These functions implement the sctp_outq class. The outqueue handles
10 * bundling and queueing of outgoing SCTP chunks.
11 *
12 * This SCTP implementation is free software;
13 * you can redistribute it and/or modify it under the terms of
14 * the GNU General Public License as published by
15 * the Free Software Foundation; either version 2, or (at your option)
16 * any later version.
17 *
18 * This SCTP implementation is distributed in the hope that it
19 * will be useful, but WITHOUT ANY WARRANTY; without even the implied
20 * ************************
21 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
22 * See the GNU General Public License for more details.
23 *
24 * You should have received a copy of the GNU General Public License
25 * along with GNU CC; see the file COPYING. If not, see
26 * <http://www.gnu.org/licenses/>.
27 *
28 * Please send any bug reports or fixes you make to the
29 * email address(es):
30 * lksctp developers <linux-sctp@vger.kernel.org>
31 *
32 * Written or modified by:
33 * La Monte H.P. Yarroll <piggy@acm.org>
34 * Karl Knutson <karl@athena.chicago.il.us>
35 * Perry Melange <pmelange@null.cc.uic.edu>
36 * Xingang Guo <xingang.guo@intel.com>
37 * Hui Huang <hui.huang@nokia.com>
38 * Sridhar Samudrala <sri@us.ibm.com>
39 * Jon Grimm <jgrimm@us.ibm.com>
40 */
41
42 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
43
44 #include <linux/types.h>
45 #include <linux/list.h> /* For struct list_head */
46 #include <linux/socket.h>
47 #include <linux/ip.h>
48 #include <linux/slab.h>
49 #include <net/sock.h> /* For skb_set_owner_w */
50
51 #include <net/sctp/sctp.h>
52 #include <net/sctp/sm.h>
53 #include <net/sctp/stream_sched.h>
54 #include <trace/events/sctp.h>
55
56 /* Declare internal functions here. */
57 static int sctp_acked(struct sctp_sackhdr *sack, __u32 tsn);
58 static void sctp_check_transmitted(struct sctp_outq *q,
59 struct list_head *transmitted_queue,
60 struct sctp_transport *transport,
61 union sctp_addr *saddr,
62 struct sctp_sackhdr *sack,
63 __u32 *highest_new_tsn);
64
65 static void sctp_mark_missing(struct sctp_outq *q,
66 struct list_head *transmitted_queue,
67 struct sctp_transport *transport,
68 __u32 highest_new_tsn,
69 int count_of_newacks);
70
71 static void sctp_outq_flush(struct sctp_outq *q, int rtx_timeout, gfp_t gfp);
72
73 /* Add data to the front of the queue. */
sctp_outq_head_data(struct sctp_outq * q,struct sctp_chunk * ch)74 static inline void sctp_outq_head_data(struct sctp_outq *q,
75 struct sctp_chunk *ch)
76 {
77 struct sctp_stream_out_ext *oute;
78 __u16 stream;
79
80 list_add(&ch->list, &q->out_chunk_list);
81 q->out_qlen += ch->skb->len;
82
83 stream = sctp_chunk_stream_no(ch);
84 oute = SCTP_SO(&q->asoc->stream, stream)->ext;
85 list_add(&ch->stream_list, &oute->outq);
86 }
87
88 /* Take data from the front of the queue. */
sctp_outq_dequeue_data(struct sctp_outq * q)89 static inline struct sctp_chunk *sctp_outq_dequeue_data(struct sctp_outq *q)
90 {
91 return q->sched->dequeue(q);
92 }
93
94 /* Add data chunk to the end of the queue. */
sctp_outq_tail_data(struct sctp_outq * q,struct sctp_chunk * ch)95 static inline void sctp_outq_tail_data(struct sctp_outq *q,
96 struct sctp_chunk *ch)
97 {
98 struct sctp_stream_out_ext *oute;
99 __u16 stream;
100
101 list_add_tail(&ch->list, &q->out_chunk_list);
102 q->out_qlen += ch->skb->len;
103
104 stream = sctp_chunk_stream_no(ch);
105 oute = SCTP_SO(&q->asoc->stream, stream)->ext;
106 list_add_tail(&ch->stream_list, &oute->outq);
107 }
108
109 /*
110 * SFR-CACC algorithm:
111 * D) If count_of_newacks is greater than or equal to 2
112 * and t was not sent to the current primary then the
113 * sender MUST NOT increment missing report count for t.
114 */
sctp_cacc_skip_3_1_d(struct sctp_transport * primary,struct sctp_transport * transport,int count_of_newacks)115 static inline int sctp_cacc_skip_3_1_d(struct sctp_transport *primary,
116 struct sctp_transport *transport,
117 int count_of_newacks)
118 {
119 if (count_of_newacks >= 2 && transport != primary)
120 return 1;
121 return 0;
122 }
123
124 /*
125 * SFR-CACC algorithm:
126 * F) If count_of_newacks is less than 2, let d be the
127 * destination to which t was sent. If cacc_saw_newack
128 * is 0 for destination d, then the sender MUST NOT
129 * increment missing report count for t.
130 */
sctp_cacc_skip_3_1_f(struct sctp_transport * transport,int count_of_newacks)131 static inline int sctp_cacc_skip_3_1_f(struct sctp_transport *transport,
132 int count_of_newacks)
133 {
134 if (count_of_newacks < 2 &&
135 (transport && !transport->cacc.cacc_saw_newack))
136 return 1;
137 return 0;
138 }
139
140 /*
141 * SFR-CACC algorithm:
142 * 3.1) If CYCLING_CHANGEOVER is 0, the sender SHOULD
143 * execute steps C, D, F.
144 *
145 * C has been implemented in sctp_outq_sack
146 */
sctp_cacc_skip_3_1(struct sctp_transport * primary,struct sctp_transport * transport,int count_of_newacks)147 static inline int sctp_cacc_skip_3_1(struct sctp_transport *primary,
148 struct sctp_transport *transport,
149 int count_of_newacks)
150 {
151 if (!primary->cacc.cycling_changeover) {
152 if (sctp_cacc_skip_3_1_d(primary, transport, count_of_newacks))
153 return 1;
154 if (sctp_cacc_skip_3_1_f(transport, count_of_newacks))
155 return 1;
156 return 0;
157 }
158 return 0;
159 }
160
161 /*
162 * SFR-CACC algorithm:
163 * 3.2) Else if CYCLING_CHANGEOVER is 1, and t is less
164 * than next_tsn_at_change of the current primary, then
165 * the sender MUST NOT increment missing report count
166 * for t.
167 */
sctp_cacc_skip_3_2(struct sctp_transport * primary,__u32 tsn)168 static inline int sctp_cacc_skip_3_2(struct sctp_transport *primary, __u32 tsn)
169 {
170 if (primary->cacc.cycling_changeover &&
171 TSN_lt(tsn, primary->cacc.next_tsn_at_change))
172 return 1;
173 return 0;
174 }
175
176 /*
177 * SFR-CACC algorithm:
178 * 3) If the missing report count for TSN t is to be
179 * incremented according to [RFC2960] and
180 * [SCTP_STEWART-2002], and CHANGEOVER_ACTIVE is set,
181 * then the sender MUST further execute steps 3.1 and
182 * 3.2 to determine if the missing report count for
183 * TSN t SHOULD NOT be incremented.
184 *
185 * 3.3) If 3.1 and 3.2 do not dictate that the missing
186 * report count for t should not be incremented, then
187 * the sender SHOULD increment missing report count for
188 * t (according to [RFC2960] and [SCTP_STEWART_2002]).
189 */
sctp_cacc_skip(struct sctp_transport * primary,struct sctp_transport * transport,int count_of_newacks,__u32 tsn)190 static inline int sctp_cacc_skip(struct sctp_transport *primary,
191 struct sctp_transport *transport,
192 int count_of_newacks,
193 __u32 tsn)
194 {
195 if (primary->cacc.changeover_active &&
196 (sctp_cacc_skip_3_1(primary, transport, count_of_newacks) ||
197 sctp_cacc_skip_3_2(primary, tsn)))
198 return 1;
199 return 0;
200 }
201
202 /* Initialize an existing sctp_outq. This does the boring stuff.
203 * You still need to define handlers if you really want to DO
204 * something with this structure...
205 */
sctp_outq_init(struct sctp_association * asoc,struct sctp_outq * q)206 void sctp_outq_init(struct sctp_association *asoc, struct sctp_outq *q)
207 {
208 memset(q, 0, sizeof(struct sctp_outq));
209
210 q->asoc = asoc;
211 INIT_LIST_HEAD(&q->out_chunk_list);
212 INIT_LIST_HEAD(&q->control_chunk_list);
213 INIT_LIST_HEAD(&q->retransmit);
214 INIT_LIST_HEAD(&q->sacked);
215 INIT_LIST_HEAD(&q->abandoned);
216 sctp_sched_set_sched(asoc, SCTP_SS_DEFAULT);
217 }
218
219 /* Free the outqueue structure and any related pending chunks.
220 */
__sctp_outq_teardown(struct sctp_outq * q)221 static void __sctp_outq_teardown(struct sctp_outq *q)
222 {
223 struct sctp_transport *transport;
224 struct list_head *lchunk, *temp;
225 struct sctp_chunk *chunk, *tmp;
226
227 /* Throw away unacknowledged chunks. */
228 list_for_each_entry(transport, &q->asoc->peer.transport_addr_list,
229 transports) {
230 while ((lchunk = sctp_list_dequeue(&transport->transmitted)) != NULL) {
231 chunk = list_entry(lchunk, struct sctp_chunk,
232 transmitted_list);
233 /* Mark as part of a failed message. */
234 sctp_chunk_fail(chunk, q->error);
235 sctp_chunk_free(chunk);
236 }
237 }
238
239 /* Throw away chunks that have been gap ACKed. */
240 list_for_each_safe(lchunk, temp, &q->sacked) {
241 list_del_init(lchunk);
242 chunk = list_entry(lchunk, struct sctp_chunk,
243 transmitted_list);
244 sctp_chunk_fail(chunk, q->error);
245 sctp_chunk_free(chunk);
246 }
247
248 /* Throw away any chunks in the retransmit queue. */
249 list_for_each_safe(lchunk, temp, &q->retransmit) {
250 list_del_init(lchunk);
251 chunk = list_entry(lchunk, struct sctp_chunk,
252 transmitted_list);
253 sctp_chunk_fail(chunk, q->error);
254 sctp_chunk_free(chunk);
255 }
256
257 /* Throw away any chunks that are in the abandoned queue. */
258 list_for_each_safe(lchunk, temp, &q->abandoned) {
259 list_del_init(lchunk);
260 chunk = list_entry(lchunk, struct sctp_chunk,
261 transmitted_list);
262 sctp_chunk_fail(chunk, q->error);
263 sctp_chunk_free(chunk);
264 }
265
266 /* Throw away any leftover data chunks. */
267 while ((chunk = sctp_outq_dequeue_data(q)) != NULL) {
268 sctp_sched_dequeue_done(q, chunk);
269
270 /* Mark as send failure. */
271 sctp_chunk_fail(chunk, q->error);
272 sctp_chunk_free(chunk);
273 }
274
275 /* Throw away any leftover control chunks. */
276 list_for_each_entry_safe(chunk, tmp, &q->control_chunk_list, list) {
277 list_del_init(&chunk->list);
278 sctp_chunk_free(chunk);
279 }
280 }
281
sctp_outq_teardown(struct sctp_outq * q)282 void sctp_outq_teardown(struct sctp_outq *q)
283 {
284 __sctp_outq_teardown(q);
285 sctp_outq_init(q->asoc, q);
286 }
287
288 /* Free the outqueue structure and any related pending chunks. */
sctp_outq_free(struct sctp_outq * q)289 void sctp_outq_free(struct sctp_outq *q)
290 {
291 /* Throw away leftover chunks. */
292 __sctp_outq_teardown(q);
293 }
294
295 /* Put a new chunk in an sctp_outq. */
sctp_outq_tail(struct sctp_outq * q,struct sctp_chunk * chunk,gfp_t gfp)296 void sctp_outq_tail(struct sctp_outq *q, struct sctp_chunk *chunk, gfp_t gfp)
297 {
298 struct net *net = sock_net(q->asoc->base.sk);
299
300 pr_debug("%s: outq:%p, chunk:%p[%s]\n", __func__, q, chunk,
301 chunk && chunk->chunk_hdr ?
302 sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)) :
303 "illegal chunk");
304
305 /* If it is data, queue it up, otherwise, send it
306 * immediately.
307 */
308 if (sctp_chunk_is_data(chunk)) {
309 pr_debug("%s: outqueueing: outq:%p, chunk:%p[%s])\n",
310 __func__, q, chunk, chunk && chunk->chunk_hdr ?
311 sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)) :
312 "illegal chunk");
313
314 sctp_outq_tail_data(q, chunk);
315 if (chunk->asoc->peer.prsctp_capable &&
316 SCTP_PR_PRIO_ENABLED(chunk->sinfo.sinfo_flags))
317 chunk->asoc->sent_cnt_removable++;
318 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED)
319 SCTP_INC_STATS(net, SCTP_MIB_OUTUNORDERCHUNKS);
320 else
321 SCTP_INC_STATS(net, SCTP_MIB_OUTORDERCHUNKS);
322 } else {
323 list_add_tail(&chunk->list, &q->control_chunk_list);
324 SCTP_INC_STATS(net, SCTP_MIB_OUTCTRLCHUNKS);
325 }
326
327 if (!q->cork)
328 sctp_outq_flush(q, 0, gfp);
329 }
330
331 /* Insert a chunk into the sorted list based on the TSNs. The retransmit list
332 * and the abandoned list are in ascending order.
333 */
sctp_insert_list(struct list_head * head,struct list_head * new)334 static void sctp_insert_list(struct list_head *head, struct list_head *new)
335 {
336 struct list_head *pos;
337 struct sctp_chunk *nchunk, *lchunk;
338 __u32 ntsn, ltsn;
339 int done = 0;
340
341 nchunk = list_entry(new, struct sctp_chunk, transmitted_list);
342 ntsn = ntohl(nchunk->subh.data_hdr->tsn);
343
344 list_for_each(pos, head) {
345 lchunk = list_entry(pos, struct sctp_chunk, transmitted_list);
346 ltsn = ntohl(lchunk->subh.data_hdr->tsn);
347 if (TSN_lt(ntsn, ltsn)) {
348 list_add(new, pos->prev);
349 done = 1;
350 break;
351 }
352 }
353 if (!done)
354 list_add_tail(new, head);
355 }
356
sctp_prsctp_prune_sent(struct sctp_association * asoc,struct sctp_sndrcvinfo * sinfo,struct list_head * queue,int msg_len)357 static int sctp_prsctp_prune_sent(struct sctp_association *asoc,
358 struct sctp_sndrcvinfo *sinfo,
359 struct list_head *queue, int msg_len)
360 {
361 struct sctp_chunk *chk, *temp;
362
363 list_for_each_entry_safe(chk, temp, queue, transmitted_list) {
364 struct sctp_stream_out *streamout;
365
366 if (!chk->msg->abandoned &&
367 (!SCTP_PR_PRIO_ENABLED(chk->sinfo.sinfo_flags) ||
368 chk->sinfo.sinfo_timetolive <= sinfo->sinfo_timetolive))
369 continue;
370
371 chk->msg->abandoned = 1;
372 list_del_init(&chk->transmitted_list);
373 sctp_insert_list(&asoc->outqueue.abandoned,
374 &chk->transmitted_list);
375
376 streamout = SCTP_SO(&asoc->stream, chk->sinfo.sinfo_stream);
377 asoc->sent_cnt_removable--;
378 asoc->abandoned_sent[SCTP_PR_INDEX(PRIO)]++;
379 streamout->ext->abandoned_sent[SCTP_PR_INDEX(PRIO)]++;
380
381 if (queue != &asoc->outqueue.retransmit &&
382 !chk->tsn_gap_acked) {
383 if (chk->transport)
384 chk->transport->flight_size -=
385 sctp_data_size(chk);
386 asoc->outqueue.outstanding_bytes -= sctp_data_size(chk);
387 }
388
389 msg_len -= SCTP_DATA_SNDSIZE(chk) +
390 sizeof(struct sk_buff) +
391 sizeof(struct sctp_chunk);
392 if (msg_len <= 0)
393 break;
394 }
395
396 return msg_len;
397 }
398
sctp_prsctp_prune_unsent(struct sctp_association * asoc,struct sctp_sndrcvinfo * sinfo,int msg_len)399 static int sctp_prsctp_prune_unsent(struct sctp_association *asoc,
400 struct sctp_sndrcvinfo *sinfo, int msg_len)
401 {
402 struct sctp_outq *q = &asoc->outqueue;
403 struct sctp_chunk *chk, *temp;
404
405 q->sched->unsched_all(&asoc->stream);
406
407 list_for_each_entry_safe(chk, temp, &q->out_chunk_list, list) {
408 if (!chk->msg->abandoned &&
409 (!(chk->chunk_hdr->flags & SCTP_DATA_FIRST_FRAG) ||
410 !SCTP_PR_PRIO_ENABLED(chk->sinfo.sinfo_flags) ||
411 chk->sinfo.sinfo_timetolive <= sinfo->sinfo_timetolive))
412 continue;
413
414 chk->msg->abandoned = 1;
415 sctp_sched_dequeue_common(q, chk);
416 asoc->sent_cnt_removable--;
417 asoc->abandoned_unsent[SCTP_PR_INDEX(PRIO)]++;
418 if (chk->sinfo.sinfo_stream < asoc->stream.outcnt) {
419 struct sctp_stream_out *streamout =
420 SCTP_SO(&asoc->stream, chk->sinfo.sinfo_stream);
421
422 streamout->ext->abandoned_unsent[SCTP_PR_INDEX(PRIO)]++;
423 }
424
425 msg_len -= SCTP_DATA_SNDSIZE(chk) +
426 sizeof(struct sk_buff) +
427 sizeof(struct sctp_chunk);
428 sctp_chunk_free(chk);
429 if (msg_len <= 0)
430 break;
431 }
432
433 q->sched->sched_all(&asoc->stream);
434
435 return msg_len;
436 }
437
438 /* Abandon the chunks according their priorities */
sctp_prsctp_prune(struct sctp_association * asoc,struct sctp_sndrcvinfo * sinfo,int msg_len)439 void sctp_prsctp_prune(struct sctp_association *asoc,
440 struct sctp_sndrcvinfo *sinfo, int msg_len)
441 {
442 struct sctp_transport *transport;
443
444 if (!asoc->peer.prsctp_capable || !asoc->sent_cnt_removable)
445 return;
446
447 msg_len = sctp_prsctp_prune_sent(asoc, sinfo,
448 &asoc->outqueue.retransmit,
449 msg_len);
450 if (msg_len <= 0)
451 return;
452
453 list_for_each_entry(transport, &asoc->peer.transport_addr_list,
454 transports) {
455 msg_len = sctp_prsctp_prune_sent(asoc, sinfo,
456 &transport->transmitted,
457 msg_len);
458 if (msg_len <= 0)
459 return;
460 }
461
462 sctp_prsctp_prune_unsent(asoc, sinfo, msg_len);
463 }
464
465 /* Mark all the eligible packets on a transport for retransmission. */
sctp_retransmit_mark(struct sctp_outq * q,struct sctp_transport * transport,__u8 reason)466 void sctp_retransmit_mark(struct sctp_outq *q,
467 struct sctp_transport *transport,
468 __u8 reason)
469 {
470 struct list_head *lchunk, *ltemp;
471 struct sctp_chunk *chunk;
472
473 /* Walk through the specified transmitted queue. */
474 list_for_each_safe(lchunk, ltemp, &transport->transmitted) {
475 chunk = list_entry(lchunk, struct sctp_chunk,
476 transmitted_list);
477
478 /* If the chunk is abandoned, move it to abandoned list. */
479 if (sctp_chunk_abandoned(chunk)) {
480 list_del_init(lchunk);
481 sctp_insert_list(&q->abandoned, lchunk);
482
483 /* If this chunk has not been previousely acked,
484 * stop considering it 'outstanding'. Our peer
485 * will most likely never see it since it will
486 * not be retransmitted
487 */
488 if (!chunk->tsn_gap_acked) {
489 if (chunk->transport)
490 chunk->transport->flight_size -=
491 sctp_data_size(chunk);
492 q->outstanding_bytes -= sctp_data_size(chunk);
493 q->asoc->peer.rwnd += sctp_data_size(chunk);
494 }
495 continue;
496 }
497
498 /* If we are doing retransmission due to a timeout or pmtu
499 * discovery, only the chunks that are not yet acked should
500 * be added to the retransmit queue.
501 */
502 if ((reason == SCTP_RTXR_FAST_RTX &&
503 (chunk->fast_retransmit == SCTP_NEED_FRTX)) ||
504 (reason != SCTP_RTXR_FAST_RTX && !chunk->tsn_gap_acked)) {
505 /* RFC 2960 6.2.1 Processing a Received SACK
506 *
507 * C) Any time a DATA chunk is marked for
508 * retransmission (via either T3-rtx timer expiration
509 * (Section 6.3.3) or via fast retransmit
510 * (Section 7.2.4)), add the data size of those
511 * chunks to the rwnd.
512 */
513 q->asoc->peer.rwnd += sctp_data_size(chunk);
514 q->outstanding_bytes -= sctp_data_size(chunk);
515 if (chunk->transport)
516 transport->flight_size -= sctp_data_size(chunk);
517
518 /* sctpimpguide-05 Section 2.8.2
519 * M5) If a T3-rtx timer expires, the
520 * 'TSN.Missing.Report' of all affected TSNs is set
521 * to 0.
522 */
523 chunk->tsn_missing_report = 0;
524
525 /* If a chunk that is being used for RTT measurement
526 * has to be retransmitted, we cannot use this chunk
527 * anymore for RTT measurements. Reset rto_pending so
528 * that a new RTT measurement is started when a new
529 * data chunk is sent.
530 */
531 if (chunk->rtt_in_progress) {
532 chunk->rtt_in_progress = 0;
533 transport->rto_pending = 0;
534 }
535
536 /* Move the chunk to the retransmit queue. The chunks
537 * on the retransmit queue are always kept in order.
538 */
539 list_del_init(lchunk);
540 sctp_insert_list(&q->retransmit, lchunk);
541 }
542 }
543
544 pr_debug("%s: transport:%p, reason:%d, cwnd:%d, ssthresh:%d, "
545 "flight_size:%d, pba:%d\n", __func__, transport, reason,
546 transport->cwnd, transport->ssthresh, transport->flight_size,
547 transport->partial_bytes_acked);
548 }
549
550 /* Mark all the eligible packets on a transport for retransmission and force
551 * one packet out.
552 */
sctp_retransmit(struct sctp_outq * q,struct sctp_transport * transport,enum sctp_retransmit_reason reason)553 void sctp_retransmit(struct sctp_outq *q, struct sctp_transport *transport,
554 enum sctp_retransmit_reason reason)
555 {
556 struct net *net = sock_net(q->asoc->base.sk);
557
558 switch (reason) {
559 case SCTP_RTXR_T3_RTX:
560 SCTP_INC_STATS(net, SCTP_MIB_T3_RETRANSMITS);
561 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_T3_RTX);
562 /* Update the retran path if the T3-rtx timer has expired for
563 * the current retran path.
564 */
565 if (transport == transport->asoc->peer.retran_path)
566 sctp_assoc_update_retran_path(transport->asoc);
567 transport->asoc->rtx_data_chunks +=
568 transport->asoc->unack_data;
569 break;
570 case SCTP_RTXR_FAST_RTX:
571 SCTP_INC_STATS(net, SCTP_MIB_FAST_RETRANSMITS);
572 sctp_transport_lower_cwnd(transport, SCTP_LOWER_CWND_FAST_RTX);
573 q->fast_rtx = 1;
574 break;
575 case SCTP_RTXR_PMTUD:
576 SCTP_INC_STATS(net, SCTP_MIB_PMTUD_RETRANSMITS);
577 break;
578 case SCTP_RTXR_T1_RTX:
579 SCTP_INC_STATS(net, SCTP_MIB_T1_RETRANSMITS);
580 transport->asoc->init_retries++;
581 break;
582 default:
583 BUG();
584 }
585
586 sctp_retransmit_mark(q, transport, reason);
587
588 /* PR-SCTP A5) Any time the T3-rtx timer expires, on any destination,
589 * the sender SHOULD try to advance the "Advanced.Peer.Ack.Point" by
590 * following the procedures outlined in C1 - C5.
591 */
592 if (reason == SCTP_RTXR_T3_RTX)
593 q->asoc->stream.si->generate_ftsn(q, q->asoc->ctsn_ack_point);
594
595 /* Flush the queues only on timeout, since fast_rtx is only
596 * triggered during sack processing and the queue
597 * will be flushed at the end.
598 */
599 if (reason != SCTP_RTXR_FAST_RTX)
600 sctp_outq_flush(q, /* rtx_timeout */ 1, GFP_ATOMIC);
601 }
602
603 /*
604 * Transmit DATA chunks on the retransmit queue. Upon return from
605 * __sctp_outq_flush_rtx() the packet 'pkt' may contain chunks which
606 * need to be transmitted by the caller.
607 * We assume that pkt->transport has already been set.
608 *
609 * The return value is a normal kernel error return value.
610 */
__sctp_outq_flush_rtx(struct sctp_outq * q,struct sctp_packet * pkt,int rtx_timeout,int * start_timer,gfp_t gfp)611 static int __sctp_outq_flush_rtx(struct sctp_outq *q, struct sctp_packet *pkt,
612 int rtx_timeout, int *start_timer, gfp_t gfp)
613 {
614 struct sctp_transport *transport = pkt->transport;
615 struct sctp_chunk *chunk, *chunk1;
616 struct list_head *lqueue;
617 enum sctp_xmit status;
618 int error = 0;
619 int timer = 0;
620 int done = 0;
621 int fast_rtx;
622
623 lqueue = &q->retransmit;
624 fast_rtx = q->fast_rtx;
625
626 /* This loop handles time-out retransmissions, fast retransmissions,
627 * and retransmissions due to opening of whindow.
628 *
629 * RFC 2960 6.3.3 Handle T3-rtx Expiration
630 *
631 * E3) Determine how many of the earliest (i.e., lowest TSN)
632 * outstanding DATA chunks for the address for which the
633 * T3-rtx has expired will fit into a single packet, subject
634 * to the MTU constraint for the path corresponding to the
635 * destination transport address to which the retransmission
636 * is being sent (this may be different from the address for
637 * which the timer expires [see Section 6.4]). Call this value
638 * K. Bundle and retransmit those K DATA chunks in a single
639 * packet to the destination endpoint.
640 *
641 * [Just to be painfully clear, if we are retransmitting
642 * because a timeout just happened, we should send only ONE
643 * packet of retransmitted data.]
644 *
645 * For fast retransmissions we also send only ONE packet. However,
646 * if we are just flushing the queue due to open window, we'll
647 * try to send as much as possible.
648 */
649 list_for_each_entry_safe(chunk, chunk1, lqueue, transmitted_list) {
650 /* If the chunk is abandoned, move it to abandoned list. */
651 if (sctp_chunk_abandoned(chunk)) {
652 list_del_init(&chunk->transmitted_list);
653 sctp_insert_list(&q->abandoned,
654 &chunk->transmitted_list);
655 continue;
656 }
657
658 /* Make sure that Gap Acked TSNs are not retransmitted. A
659 * simple approach is just to move such TSNs out of the
660 * way and into a 'transmitted' queue and skip to the
661 * next chunk.
662 */
663 if (chunk->tsn_gap_acked) {
664 list_move_tail(&chunk->transmitted_list,
665 &transport->transmitted);
666 continue;
667 }
668
669 /* If we are doing fast retransmit, ignore non-fast_rtransmit
670 * chunks
671 */
672 if (fast_rtx && !chunk->fast_retransmit)
673 continue;
674
675 redo:
676 /* Attempt to append this chunk to the packet. */
677 status = sctp_packet_append_chunk(pkt, chunk);
678
679 switch (status) {
680 case SCTP_XMIT_PMTU_FULL:
681 if (!pkt->has_data && !pkt->has_cookie_echo) {
682 /* If this packet did not contain DATA then
683 * retransmission did not happen, so do it
684 * again. We'll ignore the error here since
685 * control chunks are already freed so there
686 * is nothing we can do.
687 */
688 sctp_packet_transmit(pkt, gfp);
689 goto redo;
690 }
691
692 /* Send this packet. */
693 error = sctp_packet_transmit(pkt, gfp);
694
695 /* If we are retransmitting, we should only
696 * send a single packet.
697 * Otherwise, try appending this chunk again.
698 */
699 if (rtx_timeout || fast_rtx)
700 done = 1;
701 else
702 goto redo;
703
704 /* Bundle next chunk in the next round. */
705 break;
706
707 case SCTP_XMIT_RWND_FULL:
708 /* Send this packet. */
709 error = sctp_packet_transmit(pkt, gfp);
710
711 /* Stop sending DATA as there is no more room
712 * at the receiver.
713 */
714 done = 1;
715 break;
716
717 case SCTP_XMIT_DELAY:
718 /* Send this packet. */
719 error = sctp_packet_transmit(pkt, gfp);
720
721 /* Stop sending DATA because of nagle delay. */
722 done = 1;
723 break;
724
725 default:
726 /* The append was successful, so add this chunk to
727 * the transmitted list.
728 */
729 list_move_tail(&chunk->transmitted_list,
730 &transport->transmitted);
731
732 /* Mark the chunk as ineligible for fast retransmit
733 * after it is retransmitted.
734 */
735 if (chunk->fast_retransmit == SCTP_NEED_FRTX)
736 chunk->fast_retransmit = SCTP_DONT_FRTX;
737
738 q->asoc->stats.rtxchunks++;
739 break;
740 }
741
742 /* Set the timer if there were no errors */
743 if (!error && !timer)
744 timer = 1;
745
746 if (done)
747 break;
748 }
749
750 /* If we are here due to a retransmit timeout or a fast
751 * retransmit and if there are any chunks left in the retransmit
752 * queue that could not fit in the PMTU sized packet, they need
753 * to be marked as ineligible for a subsequent fast retransmit.
754 */
755 if (rtx_timeout || fast_rtx) {
756 list_for_each_entry(chunk1, lqueue, transmitted_list) {
757 if (chunk1->fast_retransmit == SCTP_NEED_FRTX)
758 chunk1->fast_retransmit = SCTP_DONT_FRTX;
759 }
760 }
761
762 *start_timer = timer;
763
764 /* Clear fast retransmit hint */
765 if (fast_rtx)
766 q->fast_rtx = 0;
767
768 return error;
769 }
770
771 /* Cork the outqueue so queued chunks are really queued. */
sctp_outq_uncork(struct sctp_outq * q,gfp_t gfp)772 void sctp_outq_uncork(struct sctp_outq *q, gfp_t gfp)
773 {
774 if (q->cork)
775 q->cork = 0;
776
777 sctp_outq_flush(q, 0, gfp);
778 }
779
sctp_packet_singleton(struct sctp_transport * transport,struct sctp_chunk * chunk,gfp_t gfp)780 static int sctp_packet_singleton(struct sctp_transport *transport,
781 struct sctp_chunk *chunk, gfp_t gfp)
782 {
783 const struct sctp_association *asoc = transport->asoc;
784 const __u16 sport = asoc->base.bind_addr.port;
785 const __u16 dport = asoc->peer.port;
786 const __u32 vtag = asoc->peer.i.init_tag;
787 struct sctp_packet singleton;
788
789 sctp_packet_init(&singleton, transport, sport, dport);
790 sctp_packet_config(&singleton, vtag, 0);
791 sctp_packet_append_chunk(&singleton, chunk);
792 return sctp_packet_transmit(&singleton, gfp);
793 }
794
795 /* Struct to hold the context during sctp outq flush */
796 struct sctp_flush_ctx {
797 struct sctp_outq *q;
798 /* Current transport being used. It's NOT the same as curr active one */
799 struct sctp_transport *transport;
800 /* These transports have chunks to send. */
801 struct list_head transport_list;
802 struct sctp_association *asoc;
803 /* Packet on the current transport above */
804 struct sctp_packet *packet;
805 gfp_t gfp;
806 };
807
808 /* transport: current transport */
sctp_outq_select_transport(struct sctp_flush_ctx * ctx,struct sctp_chunk * chunk)809 static void sctp_outq_select_transport(struct sctp_flush_ctx *ctx,
810 struct sctp_chunk *chunk)
811 {
812 struct sctp_transport *new_transport = chunk->transport;
813
814 if (!new_transport) {
815 if (!sctp_chunk_is_data(chunk)) {
816 /* If we have a prior transport pointer, see if
817 * the destination address of the chunk
818 * matches the destination address of the
819 * current transport. If not a match, then
820 * try to look up the transport with a given
821 * destination address. We do this because
822 * after processing ASCONFs, we may have new
823 * transports created.
824 */
825 if (ctx->transport && sctp_cmp_addr_exact(&chunk->dest,
826 &ctx->transport->ipaddr))
827 new_transport = ctx->transport;
828 else
829 new_transport = sctp_assoc_lookup_paddr(ctx->asoc,
830 &chunk->dest);
831 }
832
833 /* if we still don't have a new transport, then
834 * use the current active path.
835 */
836 if (!new_transport)
837 new_transport = ctx->asoc->peer.active_path;
838 } else {
839 __u8 type;
840
841 switch (new_transport->state) {
842 case SCTP_INACTIVE:
843 case SCTP_UNCONFIRMED:
844 case SCTP_PF:
845 /* If the chunk is Heartbeat or Heartbeat Ack,
846 * send it to chunk->transport, even if it's
847 * inactive.
848 *
849 * 3.3.6 Heartbeat Acknowledgement:
850 * ...
851 * A HEARTBEAT ACK is always sent to the source IP
852 * address of the IP datagram containing the
853 * HEARTBEAT chunk to which this ack is responding.
854 * ...
855 *
856 * ASCONF_ACKs also must be sent to the source.
857 */
858 type = chunk->chunk_hdr->type;
859 if (type != SCTP_CID_HEARTBEAT &&
860 type != SCTP_CID_HEARTBEAT_ACK &&
861 type != SCTP_CID_ASCONF_ACK)
862 new_transport = ctx->asoc->peer.active_path;
863 break;
864 default:
865 break;
866 }
867 }
868
869 /* Are we switching transports? Take care of transport locks. */
870 if (new_transport != ctx->transport) {
871 ctx->transport = new_transport;
872 ctx->packet = &ctx->transport->packet;
873
874 if (list_empty(&ctx->transport->send_ready))
875 list_add_tail(&ctx->transport->send_ready,
876 &ctx->transport_list);
877
878 sctp_packet_config(ctx->packet,
879 ctx->asoc->peer.i.init_tag,
880 ctx->asoc->peer.ecn_capable);
881 /* We've switched transports, so apply the
882 * Burst limit to the new transport.
883 */
884 sctp_transport_burst_limited(ctx->transport);
885 }
886 }
887
sctp_outq_flush_ctrl(struct sctp_flush_ctx * ctx)888 static void sctp_outq_flush_ctrl(struct sctp_flush_ctx *ctx)
889 {
890 struct sctp_chunk *chunk, *tmp;
891 enum sctp_xmit status;
892 int one_packet, error;
893
894 list_for_each_entry_safe(chunk, tmp, &ctx->q->control_chunk_list, list) {
895 one_packet = 0;
896
897 /* RFC 5061, 5.3
898 * F1) This means that until such time as the ASCONF
899 * containing the add is acknowledged, the sender MUST
900 * NOT use the new IP address as a source for ANY SCTP
901 * packet except on carrying an ASCONF Chunk.
902 */
903 if (ctx->asoc->src_out_of_asoc_ok &&
904 chunk->chunk_hdr->type != SCTP_CID_ASCONF)
905 continue;
906
907 list_del_init(&chunk->list);
908
909 /* Pick the right transport to use. Should always be true for
910 * the first chunk as we don't have a transport by then.
911 */
912 sctp_outq_select_transport(ctx, chunk);
913
914 switch (chunk->chunk_hdr->type) {
915 /* 6.10 Bundling
916 * ...
917 * An endpoint MUST NOT bundle INIT, INIT ACK or SHUTDOWN
918 * COMPLETE with any other chunks. [Send them immediately.]
919 */
920 case SCTP_CID_INIT:
921 case SCTP_CID_INIT_ACK:
922 case SCTP_CID_SHUTDOWN_COMPLETE:
923 error = sctp_packet_singleton(ctx->transport, chunk,
924 ctx->gfp);
925 if (error < 0) {
926 ctx->asoc->base.sk->sk_err = -error;
927 return;
928 }
929 break;
930
931 case SCTP_CID_ABORT:
932 if (sctp_test_T_bit(chunk))
933 ctx->packet->vtag = ctx->asoc->c.my_vtag;
934 /* fallthru */
935
936 /* The following chunks are "response" chunks, i.e.
937 * they are generated in response to something we
938 * received. If we are sending these, then we can
939 * send only 1 packet containing these chunks.
940 */
941 case SCTP_CID_HEARTBEAT_ACK:
942 case SCTP_CID_SHUTDOWN_ACK:
943 case SCTP_CID_COOKIE_ACK:
944 case SCTP_CID_COOKIE_ECHO:
945 case SCTP_CID_ERROR:
946 case SCTP_CID_ECN_CWR:
947 case SCTP_CID_ASCONF_ACK:
948 one_packet = 1;
949 /* Fall through */
950
951 case SCTP_CID_SACK:
952 case SCTP_CID_HEARTBEAT:
953 case SCTP_CID_SHUTDOWN:
954 case SCTP_CID_ECN_ECNE:
955 case SCTP_CID_ASCONF:
956 case SCTP_CID_FWD_TSN:
957 case SCTP_CID_I_FWD_TSN:
958 case SCTP_CID_RECONF:
959 status = sctp_packet_transmit_chunk(ctx->packet, chunk,
960 one_packet, ctx->gfp);
961 if (status != SCTP_XMIT_OK) {
962 /* put the chunk back */
963 list_add(&chunk->list, &ctx->q->control_chunk_list);
964 break;
965 }
966
967 ctx->asoc->stats.octrlchunks++;
968 /* PR-SCTP C5) If a FORWARD TSN is sent, the
969 * sender MUST assure that at least one T3-rtx
970 * timer is running.
971 */
972 if (chunk->chunk_hdr->type == SCTP_CID_FWD_TSN ||
973 chunk->chunk_hdr->type == SCTP_CID_I_FWD_TSN) {
974 sctp_transport_reset_t3_rtx(ctx->transport);
975 ctx->transport->last_time_sent = jiffies;
976 }
977
978 if (chunk == ctx->asoc->strreset_chunk)
979 sctp_transport_reset_reconf_timer(ctx->transport);
980
981 break;
982
983 default:
984 /* We built a chunk with an illegal type! */
985 BUG();
986 }
987 }
988 }
989
990 /* Returns false if new data shouldn't be sent */
sctp_outq_flush_rtx(struct sctp_flush_ctx * ctx,int rtx_timeout)991 static bool sctp_outq_flush_rtx(struct sctp_flush_ctx *ctx,
992 int rtx_timeout)
993 {
994 int error, start_timer = 0;
995
996 if (ctx->asoc->peer.retran_path->state == SCTP_UNCONFIRMED)
997 return false;
998
999 if (ctx->transport != ctx->asoc->peer.retran_path) {
1000 /* Switch transports & prepare the packet. */
1001 ctx->transport = ctx->asoc->peer.retran_path;
1002 ctx->packet = &ctx->transport->packet;
1003
1004 if (list_empty(&ctx->transport->send_ready))
1005 list_add_tail(&ctx->transport->send_ready,
1006 &ctx->transport_list);
1007
1008 sctp_packet_config(ctx->packet, ctx->asoc->peer.i.init_tag,
1009 ctx->asoc->peer.ecn_capable);
1010 }
1011
1012 error = __sctp_outq_flush_rtx(ctx->q, ctx->packet, rtx_timeout,
1013 &start_timer, ctx->gfp);
1014 if (error < 0)
1015 ctx->asoc->base.sk->sk_err = -error;
1016
1017 if (start_timer) {
1018 sctp_transport_reset_t3_rtx(ctx->transport);
1019 ctx->transport->last_time_sent = jiffies;
1020 }
1021
1022 /* This can happen on COOKIE-ECHO resend. Only
1023 * one chunk can get bundled with a COOKIE-ECHO.
1024 */
1025 if (ctx->packet->has_cookie_echo)
1026 return false;
1027
1028 /* Don't send new data if there is still data
1029 * waiting to retransmit.
1030 */
1031 if (!list_empty(&ctx->q->retransmit))
1032 return false;
1033
1034 return true;
1035 }
1036
sctp_outq_flush_data(struct sctp_flush_ctx * ctx,int rtx_timeout)1037 static void sctp_outq_flush_data(struct sctp_flush_ctx *ctx,
1038 int rtx_timeout)
1039 {
1040 struct sctp_chunk *chunk;
1041 enum sctp_xmit status;
1042
1043 /* Is it OK to send data chunks? */
1044 switch (ctx->asoc->state) {
1045 case SCTP_STATE_COOKIE_ECHOED:
1046 /* Only allow bundling when this packet has a COOKIE-ECHO
1047 * chunk.
1048 */
1049 if (!ctx->packet || !ctx->packet->has_cookie_echo)
1050 return;
1051
1052 /* fall through */
1053 case SCTP_STATE_ESTABLISHED:
1054 case SCTP_STATE_SHUTDOWN_PENDING:
1055 case SCTP_STATE_SHUTDOWN_RECEIVED:
1056 break;
1057
1058 default:
1059 /* Do nothing. */
1060 return;
1061 }
1062
1063 /* RFC 2960 6.1 Transmission of DATA Chunks
1064 *
1065 * C) When the time comes for the sender to transmit,
1066 * before sending new DATA chunks, the sender MUST
1067 * first transmit any outstanding DATA chunks which
1068 * are marked for retransmission (limited by the
1069 * current cwnd).
1070 */
1071 if (!list_empty(&ctx->q->retransmit) &&
1072 !sctp_outq_flush_rtx(ctx, rtx_timeout))
1073 return;
1074
1075 /* Apply Max.Burst limitation to the current transport in
1076 * case it will be used for new data. We are going to
1077 * rest it before we return, but we want to apply the limit
1078 * to the currently queued data.
1079 */
1080 if (ctx->transport)
1081 sctp_transport_burst_limited(ctx->transport);
1082
1083 /* Finally, transmit new packets. */
1084 while ((chunk = sctp_outq_dequeue_data(ctx->q)) != NULL) {
1085 __u32 sid = ntohs(chunk->subh.data_hdr->stream);
1086 __u8 stream_state = SCTP_SO(&ctx->asoc->stream, sid)->state;
1087
1088 /* Has this chunk expired? */
1089 if (sctp_chunk_abandoned(chunk)) {
1090 sctp_sched_dequeue_done(ctx->q, chunk);
1091 sctp_chunk_fail(chunk, 0);
1092 sctp_chunk_free(chunk);
1093 continue;
1094 }
1095
1096 if (stream_state == SCTP_STREAM_CLOSED) {
1097 sctp_outq_head_data(ctx->q, chunk);
1098 break;
1099 }
1100
1101 sctp_outq_select_transport(ctx, chunk);
1102
1103 pr_debug("%s: outq:%p, chunk:%p[%s], tx-tsn:0x%x skb->head:%p skb->users:%d\n",
1104 __func__, ctx->q, chunk, chunk && chunk->chunk_hdr ?
1105 sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)) :
1106 "illegal chunk", ntohl(chunk->subh.data_hdr->tsn),
1107 chunk->skb ? chunk->skb->head : NULL, chunk->skb ?
1108 refcount_read(&chunk->skb->users) : -1);
1109
1110 /* Add the chunk to the packet. */
1111 status = sctp_packet_transmit_chunk(ctx->packet, chunk, 0,
1112 ctx->gfp);
1113 if (status != SCTP_XMIT_OK) {
1114 /* We could not append this chunk, so put
1115 * the chunk back on the output queue.
1116 */
1117 pr_debug("%s: could not transmit tsn:0x%x, status:%d\n",
1118 __func__, ntohl(chunk->subh.data_hdr->tsn),
1119 status);
1120
1121 sctp_outq_head_data(ctx->q, chunk);
1122 break;
1123 }
1124
1125 /* The sender is in the SHUTDOWN-PENDING state,
1126 * The sender MAY set the I-bit in the DATA
1127 * chunk header.
1128 */
1129 if (ctx->asoc->state == SCTP_STATE_SHUTDOWN_PENDING)
1130 chunk->chunk_hdr->flags |= SCTP_DATA_SACK_IMM;
1131 if (chunk->chunk_hdr->flags & SCTP_DATA_UNORDERED)
1132 ctx->asoc->stats.ouodchunks++;
1133 else
1134 ctx->asoc->stats.oodchunks++;
1135
1136 /* Only now it's safe to consider this
1137 * chunk as sent, sched-wise.
1138 */
1139 sctp_sched_dequeue_done(ctx->q, chunk);
1140
1141 list_add_tail(&chunk->transmitted_list,
1142 &ctx->transport->transmitted);
1143
1144 sctp_transport_reset_t3_rtx(ctx->transport);
1145 ctx->transport->last_time_sent = jiffies;
1146
1147 /* Only let one DATA chunk get bundled with a
1148 * COOKIE-ECHO chunk.
1149 */
1150 if (ctx->packet->has_cookie_echo)
1151 break;
1152 }
1153 }
1154
sctp_outq_flush_transports(struct sctp_flush_ctx * ctx)1155 static void sctp_outq_flush_transports(struct sctp_flush_ctx *ctx)
1156 {
1157 struct list_head *ltransport;
1158 struct sctp_packet *packet;
1159 struct sctp_transport *t;
1160 int error = 0;
1161
1162 while ((ltransport = sctp_list_dequeue(&ctx->transport_list)) != NULL) {
1163 t = list_entry(ltransport, struct sctp_transport, send_ready);
1164 packet = &t->packet;
1165 if (!sctp_packet_empty(packet)) {
1166 error = sctp_packet_transmit(packet, ctx->gfp);
1167 if (error < 0)
1168 ctx->q->asoc->base.sk->sk_err = -error;
1169 }
1170
1171 /* Clear the burst limited state, if any */
1172 sctp_transport_burst_reset(t);
1173 }
1174 }
1175
1176 /* Try to flush an outqueue.
1177 *
1178 * Description: Send everything in q which we legally can, subject to
1179 * congestion limitations.
1180 * * Note: This function can be called from multiple contexts so appropriate
1181 * locking concerns must be made. Today we use the sock lock to protect
1182 * this function.
1183 */
1184
sctp_outq_flush(struct sctp_outq * q,int rtx_timeout,gfp_t gfp)1185 static void sctp_outq_flush(struct sctp_outq *q, int rtx_timeout, gfp_t gfp)
1186 {
1187 struct sctp_flush_ctx ctx = {
1188 .q = q,
1189 .transport = NULL,
1190 .transport_list = LIST_HEAD_INIT(ctx.transport_list),
1191 .asoc = q->asoc,
1192 .packet = NULL,
1193 .gfp = gfp,
1194 };
1195
1196 /* 6.10 Bundling
1197 * ...
1198 * When bundling control chunks with DATA chunks, an
1199 * endpoint MUST place control chunks first in the outbound
1200 * SCTP packet. The transmitter MUST transmit DATA chunks
1201 * within a SCTP packet in increasing order of TSN.
1202 * ...
1203 */
1204
1205 sctp_outq_flush_ctrl(&ctx);
1206
1207 if (q->asoc->src_out_of_asoc_ok)
1208 goto sctp_flush_out;
1209
1210 sctp_outq_flush_data(&ctx, rtx_timeout);
1211
1212 sctp_flush_out:
1213
1214 sctp_outq_flush_transports(&ctx);
1215 }
1216
1217 /* Update unack_data based on the incoming SACK chunk */
sctp_sack_update_unack_data(struct sctp_association * assoc,struct sctp_sackhdr * sack)1218 static void sctp_sack_update_unack_data(struct sctp_association *assoc,
1219 struct sctp_sackhdr *sack)
1220 {
1221 union sctp_sack_variable *frags;
1222 __u16 unack_data;
1223 int i;
1224
1225 unack_data = assoc->next_tsn - assoc->ctsn_ack_point - 1;
1226
1227 frags = sack->variable;
1228 for (i = 0; i < ntohs(sack->num_gap_ack_blocks); i++) {
1229 unack_data -= ((ntohs(frags[i].gab.end) -
1230 ntohs(frags[i].gab.start) + 1));
1231 }
1232
1233 assoc->unack_data = unack_data;
1234 }
1235
1236 /* This is where we REALLY process a SACK.
1237 *
1238 * Process the SACK against the outqueue. Mostly, this just frees
1239 * things off the transmitted queue.
1240 */
sctp_outq_sack(struct sctp_outq * q,struct sctp_chunk * chunk)1241 int sctp_outq_sack(struct sctp_outq *q, struct sctp_chunk *chunk)
1242 {
1243 struct sctp_association *asoc = q->asoc;
1244 struct sctp_sackhdr *sack = chunk->subh.sack_hdr;
1245 struct sctp_transport *transport;
1246 struct sctp_chunk *tchunk = NULL;
1247 struct list_head *lchunk, *transport_list, *temp;
1248 union sctp_sack_variable *frags = sack->variable;
1249 __u32 sack_ctsn, ctsn, tsn;
1250 __u32 highest_tsn, highest_new_tsn;
1251 __u32 sack_a_rwnd;
1252 unsigned int outstanding;
1253 struct sctp_transport *primary = asoc->peer.primary_path;
1254 int count_of_newacks = 0;
1255 int gap_ack_blocks;
1256 u8 accum_moved = 0;
1257
1258 /* Grab the association's destination address list. */
1259 transport_list = &asoc->peer.transport_addr_list;
1260
1261 /* SCTP path tracepoint for congestion control debugging. */
1262 list_for_each_entry(transport, transport_list, transports) {
1263 trace_sctp_probe_path(transport, asoc);
1264 }
1265
1266 sack_ctsn = ntohl(sack->cum_tsn_ack);
1267 gap_ack_blocks = ntohs(sack->num_gap_ack_blocks);
1268 asoc->stats.gapcnt += gap_ack_blocks;
1269 /*
1270 * SFR-CACC algorithm:
1271 * On receipt of a SACK the sender SHOULD execute the
1272 * following statements.
1273 *
1274 * 1) If the cumulative ack in the SACK passes next tsn_at_change
1275 * on the current primary, the CHANGEOVER_ACTIVE flag SHOULD be
1276 * cleared. The CYCLING_CHANGEOVER flag SHOULD also be cleared for
1277 * all destinations.
1278 * 2) If the SACK contains gap acks and the flag CHANGEOVER_ACTIVE
1279 * is set the receiver of the SACK MUST take the following actions:
1280 *
1281 * A) Initialize the cacc_saw_newack to 0 for all destination
1282 * addresses.
1283 *
1284 * Only bother if changeover_active is set. Otherwise, this is
1285 * totally suboptimal to do on every SACK.
1286 */
1287 if (primary->cacc.changeover_active) {
1288 u8 clear_cycling = 0;
1289
1290 if (TSN_lte(primary->cacc.next_tsn_at_change, sack_ctsn)) {
1291 primary->cacc.changeover_active = 0;
1292 clear_cycling = 1;
1293 }
1294
1295 if (clear_cycling || gap_ack_blocks) {
1296 list_for_each_entry(transport, transport_list,
1297 transports) {
1298 if (clear_cycling)
1299 transport->cacc.cycling_changeover = 0;
1300 if (gap_ack_blocks)
1301 transport->cacc.cacc_saw_newack = 0;
1302 }
1303 }
1304 }
1305
1306 /* Get the highest TSN in the sack. */
1307 highest_tsn = sack_ctsn;
1308 if (gap_ack_blocks)
1309 highest_tsn += ntohs(frags[gap_ack_blocks - 1].gab.end);
1310
1311 if (TSN_lt(asoc->highest_sacked, highest_tsn))
1312 asoc->highest_sacked = highest_tsn;
1313
1314 highest_new_tsn = sack_ctsn;
1315
1316 /* Run through the retransmit queue. Credit bytes received
1317 * and free those chunks that we can.
1318 */
1319 sctp_check_transmitted(q, &q->retransmit, NULL, NULL, sack, &highest_new_tsn);
1320
1321 /* Run through the transmitted queue.
1322 * Credit bytes received and free those chunks which we can.
1323 *
1324 * This is a MASSIVE candidate for optimization.
1325 */
1326 list_for_each_entry(transport, transport_list, transports) {
1327 sctp_check_transmitted(q, &transport->transmitted,
1328 transport, &chunk->source, sack,
1329 &highest_new_tsn);
1330 /*
1331 * SFR-CACC algorithm:
1332 * C) Let count_of_newacks be the number of
1333 * destinations for which cacc_saw_newack is set.
1334 */
1335 if (transport->cacc.cacc_saw_newack)
1336 count_of_newacks++;
1337 }
1338
1339 /* Move the Cumulative TSN Ack Point if appropriate. */
1340 if (TSN_lt(asoc->ctsn_ack_point, sack_ctsn)) {
1341 asoc->ctsn_ack_point = sack_ctsn;
1342 accum_moved = 1;
1343 }
1344
1345 if (gap_ack_blocks) {
1346
1347 if (asoc->fast_recovery && accum_moved)
1348 highest_new_tsn = highest_tsn;
1349
1350 list_for_each_entry(transport, transport_list, transports)
1351 sctp_mark_missing(q, &transport->transmitted, transport,
1352 highest_new_tsn, count_of_newacks);
1353 }
1354
1355 /* Update unack_data field in the assoc. */
1356 sctp_sack_update_unack_data(asoc, sack);
1357
1358 ctsn = asoc->ctsn_ack_point;
1359
1360 /* Throw away stuff rotting on the sack queue. */
1361 list_for_each_safe(lchunk, temp, &q->sacked) {
1362 tchunk = list_entry(lchunk, struct sctp_chunk,
1363 transmitted_list);
1364 tsn = ntohl(tchunk->subh.data_hdr->tsn);
1365 if (TSN_lte(tsn, ctsn)) {
1366 list_del_init(&tchunk->transmitted_list);
1367 if (asoc->peer.prsctp_capable &&
1368 SCTP_PR_PRIO_ENABLED(chunk->sinfo.sinfo_flags))
1369 asoc->sent_cnt_removable--;
1370 sctp_chunk_free(tchunk);
1371 }
1372 }
1373
1374 /* ii) Set rwnd equal to the newly received a_rwnd minus the
1375 * number of bytes still outstanding after processing the
1376 * Cumulative TSN Ack and the Gap Ack Blocks.
1377 */
1378
1379 sack_a_rwnd = ntohl(sack->a_rwnd);
1380 asoc->peer.zero_window_announced = !sack_a_rwnd;
1381 outstanding = q->outstanding_bytes;
1382
1383 if (outstanding < sack_a_rwnd)
1384 sack_a_rwnd -= outstanding;
1385 else
1386 sack_a_rwnd = 0;
1387
1388 asoc->peer.rwnd = sack_a_rwnd;
1389
1390 asoc->stream.si->generate_ftsn(q, sack_ctsn);
1391
1392 pr_debug("%s: sack cumulative tsn ack:0x%x\n", __func__, sack_ctsn);
1393 pr_debug("%s: cumulative tsn ack of assoc:%p is 0x%x, "
1394 "advertised peer ack point:0x%x\n", __func__, asoc, ctsn,
1395 asoc->adv_peer_ack_point);
1396
1397 return sctp_outq_is_empty(q);
1398 }
1399
1400 /* Is the outqueue empty?
1401 * The queue is empty when we have not pending data, no in-flight data
1402 * and nothing pending retransmissions.
1403 */
sctp_outq_is_empty(const struct sctp_outq * q)1404 int sctp_outq_is_empty(const struct sctp_outq *q)
1405 {
1406 return q->out_qlen == 0 && q->outstanding_bytes == 0 &&
1407 list_empty(&q->retransmit);
1408 }
1409
1410 /********************************************************************
1411 * 2nd Level Abstractions
1412 ********************************************************************/
1413
1414 /* Go through a transport's transmitted list or the association's retransmit
1415 * list and move chunks that are acked by the Cumulative TSN Ack to q->sacked.
1416 * The retransmit list will not have an associated transport.
1417 *
1418 * I added coherent debug information output. --xguo
1419 *
1420 * Instead of printing 'sacked' or 'kept' for each TSN on the
1421 * transmitted_queue, we print a range: SACKED: TSN1-TSN2, TSN3, TSN4-TSN5.
1422 * KEPT TSN6-TSN7, etc.
1423 */
sctp_check_transmitted(struct sctp_outq * q,struct list_head * transmitted_queue,struct sctp_transport * transport,union sctp_addr * saddr,struct sctp_sackhdr * sack,__u32 * highest_new_tsn_in_sack)1424 static void sctp_check_transmitted(struct sctp_outq *q,
1425 struct list_head *transmitted_queue,
1426 struct sctp_transport *transport,
1427 union sctp_addr *saddr,
1428 struct sctp_sackhdr *sack,
1429 __u32 *highest_new_tsn_in_sack)
1430 {
1431 struct list_head *lchunk;
1432 struct sctp_chunk *tchunk;
1433 struct list_head tlist;
1434 __u32 tsn;
1435 __u32 sack_ctsn;
1436 __u32 rtt;
1437 __u8 restart_timer = 0;
1438 int bytes_acked = 0;
1439 int migrate_bytes = 0;
1440 bool forward_progress = false;
1441
1442 sack_ctsn = ntohl(sack->cum_tsn_ack);
1443
1444 INIT_LIST_HEAD(&tlist);
1445
1446 /* The while loop will skip empty transmitted queues. */
1447 while (NULL != (lchunk = sctp_list_dequeue(transmitted_queue))) {
1448 tchunk = list_entry(lchunk, struct sctp_chunk,
1449 transmitted_list);
1450
1451 if (sctp_chunk_abandoned(tchunk)) {
1452 /* Move the chunk to abandoned list. */
1453 sctp_insert_list(&q->abandoned, lchunk);
1454
1455 /* If this chunk has not been acked, stop
1456 * considering it as 'outstanding'.
1457 */
1458 if (transmitted_queue != &q->retransmit &&
1459 !tchunk->tsn_gap_acked) {
1460 if (tchunk->transport)
1461 tchunk->transport->flight_size -=
1462 sctp_data_size(tchunk);
1463 q->outstanding_bytes -= sctp_data_size(tchunk);
1464 }
1465 continue;
1466 }
1467
1468 tsn = ntohl(tchunk->subh.data_hdr->tsn);
1469 if (sctp_acked(sack, tsn)) {
1470 /* If this queue is the retransmit queue, the
1471 * retransmit timer has already reclaimed
1472 * the outstanding bytes for this chunk, so only
1473 * count bytes associated with a transport.
1474 */
1475 if (transport && !tchunk->tsn_gap_acked) {
1476 /* If this chunk is being used for RTT
1477 * measurement, calculate the RTT and update
1478 * the RTO using this value.
1479 *
1480 * 6.3.1 C5) Karn's algorithm: RTT measurements
1481 * MUST NOT be made using packets that were
1482 * retransmitted (and thus for which it is
1483 * ambiguous whether the reply was for the
1484 * first instance of the packet or a later
1485 * instance).
1486 */
1487 if (!sctp_chunk_retransmitted(tchunk) &&
1488 tchunk->rtt_in_progress) {
1489 tchunk->rtt_in_progress = 0;
1490 rtt = jiffies - tchunk->sent_at;
1491 sctp_transport_update_rto(transport,
1492 rtt);
1493 }
1494
1495 if (TSN_lte(tsn, sack_ctsn)) {
1496 /*
1497 * SFR-CACC algorithm:
1498 * 2) If the SACK contains gap acks
1499 * and the flag CHANGEOVER_ACTIVE is
1500 * set the receiver of the SACK MUST
1501 * take the following action:
1502 *
1503 * B) For each TSN t being acked that
1504 * has not been acked in any SACK so
1505 * far, set cacc_saw_newack to 1 for
1506 * the destination that the TSN was
1507 * sent to.
1508 */
1509 if (sack->num_gap_ack_blocks &&
1510 q->asoc->peer.primary_path->cacc.
1511 changeover_active)
1512 transport->cacc.cacc_saw_newack
1513 = 1;
1514 }
1515 }
1516
1517 /* If the chunk hasn't been marked as ACKED,
1518 * mark it and account bytes_acked if the
1519 * chunk had a valid transport (it will not
1520 * have a transport if ASCONF had deleted it
1521 * while DATA was outstanding).
1522 */
1523 if (!tchunk->tsn_gap_acked) {
1524 tchunk->tsn_gap_acked = 1;
1525 if (TSN_lt(*highest_new_tsn_in_sack, tsn))
1526 *highest_new_tsn_in_sack = tsn;
1527 bytes_acked += sctp_data_size(tchunk);
1528 if (!tchunk->transport)
1529 migrate_bytes += sctp_data_size(tchunk);
1530 forward_progress = true;
1531 }
1532
1533 if (TSN_lte(tsn, sack_ctsn)) {
1534 /* RFC 2960 6.3.2 Retransmission Timer Rules
1535 *
1536 * R3) Whenever a SACK is received
1537 * that acknowledges the DATA chunk
1538 * with the earliest outstanding TSN
1539 * for that address, restart T3-rtx
1540 * timer for that address with its
1541 * current RTO.
1542 */
1543 restart_timer = 1;
1544 forward_progress = true;
1545
1546 list_add_tail(&tchunk->transmitted_list,
1547 &q->sacked);
1548 } else {
1549 /* RFC2960 7.2.4, sctpimpguide-05 2.8.2
1550 * M2) Each time a SACK arrives reporting
1551 * 'Stray DATA chunk(s)' record the highest TSN
1552 * reported as newly acknowledged, call this
1553 * value 'HighestTSNinSack'. A newly
1554 * acknowledged DATA chunk is one not
1555 * previously acknowledged in a SACK.
1556 *
1557 * When the SCTP sender of data receives a SACK
1558 * chunk that acknowledges, for the first time,
1559 * the receipt of a DATA chunk, all the still
1560 * unacknowledged DATA chunks whose TSN is
1561 * older than that newly acknowledged DATA
1562 * chunk, are qualified as 'Stray DATA chunks'.
1563 */
1564 list_add_tail(lchunk, &tlist);
1565 }
1566 } else {
1567 if (tchunk->tsn_gap_acked) {
1568 pr_debug("%s: receiver reneged on data TSN:0x%x\n",
1569 __func__, tsn);
1570
1571 tchunk->tsn_gap_acked = 0;
1572
1573 if (tchunk->transport)
1574 bytes_acked -= sctp_data_size(tchunk);
1575
1576 /* RFC 2960 6.3.2 Retransmission Timer Rules
1577 *
1578 * R4) Whenever a SACK is received missing a
1579 * TSN that was previously acknowledged via a
1580 * Gap Ack Block, start T3-rtx for the
1581 * destination address to which the DATA
1582 * chunk was originally
1583 * transmitted if it is not already running.
1584 */
1585 restart_timer = 1;
1586 }
1587
1588 list_add_tail(lchunk, &tlist);
1589 }
1590 }
1591
1592 if (transport) {
1593 if (bytes_acked) {
1594 struct sctp_association *asoc = transport->asoc;
1595
1596 /* We may have counted DATA that was migrated
1597 * to this transport due to DEL-IP operation.
1598 * Subtract those bytes, since the were never
1599 * send on this transport and shouldn't be
1600 * credited to this transport.
1601 */
1602 bytes_acked -= migrate_bytes;
1603
1604 /* 8.2. When an outstanding TSN is acknowledged,
1605 * the endpoint shall clear the error counter of
1606 * the destination transport address to which the
1607 * DATA chunk was last sent.
1608 * The association's overall error counter is
1609 * also cleared.
1610 */
1611 transport->error_count = 0;
1612 transport->asoc->overall_error_count = 0;
1613 forward_progress = true;
1614
1615 /*
1616 * While in SHUTDOWN PENDING, we may have started
1617 * the T5 shutdown guard timer after reaching the
1618 * retransmission limit. Stop that timer as soon
1619 * as the receiver acknowledged any data.
1620 */
1621 if (asoc->state == SCTP_STATE_SHUTDOWN_PENDING &&
1622 del_timer(&asoc->timers
1623 [SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD]))
1624 sctp_association_put(asoc);
1625
1626 /* Mark the destination transport address as
1627 * active if it is not so marked.
1628 */
1629 if ((transport->state == SCTP_INACTIVE ||
1630 transport->state == SCTP_UNCONFIRMED) &&
1631 sctp_cmp_addr_exact(&transport->ipaddr, saddr)) {
1632 sctp_assoc_control_transport(
1633 transport->asoc,
1634 transport,
1635 SCTP_TRANSPORT_UP,
1636 SCTP_RECEIVED_SACK);
1637 }
1638
1639 sctp_transport_raise_cwnd(transport, sack_ctsn,
1640 bytes_acked);
1641
1642 transport->flight_size -= bytes_acked;
1643 if (transport->flight_size == 0)
1644 transport->partial_bytes_acked = 0;
1645 q->outstanding_bytes -= bytes_acked + migrate_bytes;
1646 } else {
1647 /* RFC 2960 6.1, sctpimpguide-06 2.15.2
1648 * When a sender is doing zero window probing, it
1649 * should not timeout the association if it continues
1650 * to receive new packets from the receiver. The
1651 * reason is that the receiver MAY keep its window
1652 * closed for an indefinite time.
1653 * A sender is doing zero window probing when the
1654 * receiver's advertised window is zero, and there is
1655 * only one data chunk in flight to the receiver.
1656 *
1657 * Allow the association to timeout while in SHUTDOWN
1658 * PENDING or SHUTDOWN RECEIVED in case the receiver
1659 * stays in zero window mode forever.
1660 */
1661 if (!q->asoc->peer.rwnd &&
1662 !list_empty(&tlist) &&
1663 (sack_ctsn+2 == q->asoc->next_tsn) &&
1664 q->asoc->state < SCTP_STATE_SHUTDOWN_PENDING) {
1665 pr_debug("%s: sack received for zero window "
1666 "probe:%u\n", __func__, sack_ctsn);
1667
1668 q->asoc->overall_error_count = 0;
1669 transport->error_count = 0;
1670 }
1671 }
1672
1673 /* RFC 2960 6.3.2 Retransmission Timer Rules
1674 *
1675 * R2) Whenever all outstanding data sent to an address have
1676 * been acknowledged, turn off the T3-rtx timer of that
1677 * address.
1678 */
1679 if (!transport->flight_size) {
1680 if (del_timer(&transport->T3_rtx_timer))
1681 sctp_transport_put(transport);
1682 } else if (restart_timer) {
1683 if (!mod_timer(&transport->T3_rtx_timer,
1684 jiffies + transport->rto))
1685 sctp_transport_hold(transport);
1686 }
1687
1688 if (forward_progress) {
1689 if (transport->dst)
1690 sctp_transport_dst_confirm(transport);
1691 }
1692 }
1693
1694 list_splice(&tlist, transmitted_queue);
1695 }
1696
1697 /* Mark chunks as missing and consequently may get retransmitted. */
sctp_mark_missing(struct sctp_outq * q,struct list_head * transmitted_queue,struct sctp_transport * transport,__u32 highest_new_tsn_in_sack,int count_of_newacks)1698 static void sctp_mark_missing(struct sctp_outq *q,
1699 struct list_head *transmitted_queue,
1700 struct sctp_transport *transport,
1701 __u32 highest_new_tsn_in_sack,
1702 int count_of_newacks)
1703 {
1704 struct sctp_chunk *chunk;
1705 __u32 tsn;
1706 char do_fast_retransmit = 0;
1707 struct sctp_association *asoc = q->asoc;
1708 struct sctp_transport *primary = asoc->peer.primary_path;
1709
1710 list_for_each_entry(chunk, transmitted_queue, transmitted_list) {
1711
1712 tsn = ntohl(chunk->subh.data_hdr->tsn);
1713
1714 /* RFC 2960 7.2.4, sctpimpguide-05 2.8.2 M3) Examine all
1715 * 'Unacknowledged TSN's', if the TSN number of an
1716 * 'Unacknowledged TSN' is smaller than the 'HighestTSNinSack'
1717 * value, increment the 'TSN.Missing.Report' count on that
1718 * chunk if it has NOT been fast retransmitted or marked for
1719 * fast retransmit already.
1720 */
1721 if (chunk->fast_retransmit == SCTP_CAN_FRTX &&
1722 !chunk->tsn_gap_acked &&
1723 TSN_lt(tsn, highest_new_tsn_in_sack)) {
1724
1725 /* SFR-CACC may require us to skip marking
1726 * this chunk as missing.
1727 */
1728 if (!transport || !sctp_cacc_skip(primary,
1729 chunk->transport,
1730 count_of_newacks, tsn)) {
1731 chunk->tsn_missing_report++;
1732
1733 pr_debug("%s: tsn:0x%x missing counter:%d\n",
1734 __func__, tsn, chunk->tsn_missing_report);
1735 }
1736 }
1737 /*
1738 * M4) If any DATA chunk is found to have a
1739 * 'TSN.Missing.Report'
1740 * value larger than or equal to 3, mark that chunk for
1741 * retransmission and start the fast retransmit procedure.
1742 */
1743
1744 if (chunk->tsn_missing_report >= 3) {
1745 chunk->fast_retransmit = SCTP_NEED_FRTX;
1746 do_fast_retransmit = 1;
1747 }
1748 }
1749
1750 if (transport) {
1751 if (do_fast_retransmit)
1752 sctp_retransmit(q, transport, SCTP_RTXR_FAST_RTX);
1753
1754 pr_debug("%s: transport:%p, cwnd:%d, ssthresh:%d, "
1755 "flight_size:%d, pba:%d\n", __func__, transport,
1756 transport->cwnd, transport->ssthresh,
1757 transport->flight_size, transport->partial_bytes_acked);
1758 }
1759 }
1760
1761 /* Is the given TSN acked by this packet? */
sctp_acked(struct sctp_sackhdr * sack,__u32 tsn)1762 static int sctp_acked(struct sctp_sackhdr *sack, __u32 tsn)
1763 {
1764 __u32 ctsn = ntohl(sack->cum_tsn_ack);
1765 union sctp_sack_variable *frags;
1766 __u16 tsn_offset, blocks;
1767 int i;
1768
1769 if (TSN_lte(tsn, ctsn))
1770 goto pass;
1771
1772 /* 3.3.4 Selective Acknowledgment (SACK) (3):
1773 *
1774 * Gap Ack Blocks:
1775 * These fields contain the Gap Ack Blocks. They are repeated
1776 * for each Gap Ack Block up to the number of Gap Ack Blocks
1777 * defined in the Number of Gap Ack Blocks field. All DATA
1778 * chunks with TSNs greater than or equal to (Cumulative TSN
1779 * Ack + Gap Ack Block Start) and less than or equal to
1780 * (Cumulative TSN Ack + Gap Ack Block End) of each Gap Ack
1781 * Block are assumed to have been received correctly.
1782 */
1783
1784 frags = sack->variable;
1785 blocks = ntohs(sack->num_gap_ack_blocks);
1786 tsn_offset = tsn - ctsn;
1787 for (i = 0; i < blocks; ++i) {
1788 if (tsn_offset >= ntohs(frags[i].gab.start) &&
1789 tsn_offset <= ntohs(frags[i].gab.end))
1790 goto pass;
1791 }
1792
1793 return 0;
1794 pass:
1795 return 1;
1796 }
1797
sctp_get_skip_pos(struct sctp_fwdtsn_skip * skiplist,int nskips,__be16 stream)1798 static inline int sctp_get_skip_pos(struct sctp_fwdtsn_skip *skiplist,
1799 int nskips, __be16 stream)
1800 {
1801 int i;
1802
1803 for (i = 0; i < nskips; i++) {
1804 if (skiplist[i].stream == stream)
1805 return i;
1806 }
1807 return i;
1808 }
1809
1810 /* Create and add a fwdtsn chunk to the outq's control queue if needed. */
sctp_generate_fwdtsn(struct sctp_outq * q,__u32 ctsn)1811 void sctp_generate_fwdtsn(struct sctp_outq *q, __u32 ctsn)
1812 {
1813 struct sctp_association *asoc = q->asoc;
1814 struct sctp_chunk *ftsn_chunk = NULL;
1815 struct sctp_fwdtsn_skip ftsn_skip_arr[10];
1816 int nskips = 0;
1817 int skip_pos = 0;
1818 __u32 tsn;
1819 struct sctp_chunk *chunk;
1820 struct list_head *lchunk, *temp;
1821
1822 if (!asoc->peer.prsctp_capable)
1823 return;
1824
1825 /* PR-SCTP C1) Let SackCumAck be the Cumulative TSN ACK carried in the
1826 * received SACK.
1827 *
1828 * If (Advanced.Peer.Ack.Point < SackCumAck), then update
1829 * Advanced.Peer.Ack.Point to be equal to SackCumAck.
1830 */
1831 if (TSN_lt(asoc->adv_peer_ack_point, ctsn))
1832 asoc->adv_peer_ack_point = ctsn;
1833
1834 /* PR-SCTP C2) Try to further advance the "Advanced.Peer.Ack.Point"
1835 * locally, that is, to move "Advanced.Peer.Ack.Point" up as long as
1836 * the chunk next in the out-queue space is marked as "abandoned" as
1837 * shown in the following example:
1838 *
1839 * Assuming that a SACK arrived with the Cumulative TSN ACK 102
1840 * and the Advanced.Peer.Ack.Point is updated to this value:
1841 *
1842 * out-queue at the end of ==> out-queue after Adv.Ack.Point
1843 * normal SACK processing local advancement
1844 * ... ...
1845 * Adv.Ack.Pt-> 102 acked 102 acked
1846 * 103 abandoned 103 abandoned
1847 * 104 abandoned Adv.Ack.P-> 104 abandoned
1848 * 105 105
1849 * 106 acked 106 acked
1850 * ... ...
1851 *
1852 * In this example, the data sender successfully advanced the
1853 * "Advanced.Peer.Ack.Point" from 102 to 104 locally.
1854 */
1855 list_for_each_safe(lchunk, temp, &q->abandoned) {
1856 chunk = list_entry(lchunk, struct sctp_chunk,
1857 transmitted_list);
1858 tsn = ntohl(chunk->subh.data_hdr->tsn);
1859
1860 /* Remove any chunks in the abandoned queue that are acked by
1861 * the ctsn.
1862 */
1863 if (TSN_lte(tsn, ctsn)) {
1864 list_del_init(lchunk);
1865 sctp_chunk_free(chunk);
1866 } else {
1867 if (TSN_lte(tsn, asoc->adv_peer_ack_point+1)) {
1868 asoc->adv_peer_ack_point = tsn;
1869 if (chunk->chunk_hdr->flags &
1870 SCTP_DATA_UNORDERED)
1871 continue;
1872 skip_pos = sctp_get_skip_pos(&ftsn_skip_arr[0],
1873 nskips,
1874 chunk->subh.data_hdr->stream);
1875 ftsn_skip_arr[skip_pos].stream =
1876 chunk->subh.data_hdr->stream;
1877 ftsn_skip_arr[skip_pos].ssn =
1878 chunk->subh.data_hdr->ssn;
1879 if (skip_pos == nskips)
1880 nskips++;
1881 if (nskips == 10)
1882 break;
1883 } else
1884 break;
1885 }
1886 }
1887
1888 /* PR-SCTP C3) If, after step C1 and C2, the "Advanced.Peer.Ack.Point"
1889 * is greater than the Cumulative TSN ACK carried in the received
1890 * SACK, the data sender MUST send the data receiver a FORWARD TSN
1891 * chunk containing the latest value of the
1892 * "Advanced.Peer.Ack.Point".
1893 *
1894 * C4) For each "abandoned" TSN the sender of the FORWARD TSN SHOULD
1895 * list each stream and sequence number in the forwarded TSN. This
1896 * information will enable the receiver to easily find any
1897 * stranded TSN's waiting on stream reorder queues. Each stream
1898 * SHOULD only be reported once; this means that if multiple
1899 * abandoned messages occur in the same stream then only the
1900 * highest abandoned stream sequence number is reported. If the
1901 * total size of the FORWARD TSN does NOT fit in a single MTU then
1902 * the sender of the FORWARD TSN SHOULD lower the
1903 * Advanced.Peer.Ack.Point to the last TSN that will fit in a
1904 * single MTU.
1905 */
1906 if (asoc->adv_peer_ack_point > ctsn)
1907 ftsn_chunk = sctp_make_fwdtsn(asoc, asoc->adv_peer_ack_point,
1908 nskips, &ftsn_skip_arr[0]);
1909
1910 if (ftsn_chunk) {
1911 list_add_tail(&ftsn_chunk->list, &q->control_chunk_list);
1912 SCTP_INC_STATS(sock_net(asoc->base.sk), SCTP_MIB_OUTCTRLCHUNKS);
1913 }
1914 }
1915