• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /* SCTP kernel implementation
2  * (C) Copyright IBM Corp. 2001, 2004
3  * Copyright (c) 1999-2000 Cisco, Inc.
4  * Copyright (c) 1999-2001 Motorola, Inc.
5  *
6  * This file is part of the SCTP kernel implementation
7  *
8  * These functions handle output processing.
9  *
10  * This SCTP implementation is free software;
11  * you can redistribute it and/or modify it under the terms of
12  * the GNU General Public License as published by
13  * the Free Software Foundation; either version 2, or (at your option)
14  * any later version.
15  *
16  * This SCTP implementation is distributed in the hope that it
17  * will be useful, but WITHOUT ANY WARRANTY; without even the implied
18  *                 ************************
19  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20  * See the GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with GNU CC; see the file COPYING.  If not, write to
24  * the Free Software Foundation, 59 Temple Place - Suite 330,
25  * Boston, MA 02111-1307, USA.
26  *
27  * Please send any bug reports or fixes you make to the
28  * email address(es):
29  *    lksctp developers <lksctp-developers@lists.sourceforge.net>
30  *
31  * Or submit a bug report through the following website:
32  *    http://www.sf.net/projects/lksctp
33  *
34  * Written or modified by:
35  *    La Monte H.P. Yarroll <piggy@acm.org>
36  *    Karl Knutson          <karl@athena.chicago.il.us>
37  *    Jon Grimm             <jgrimm@austin.ibm.com>
38  *    Sridhar Samudrala     <sri@us.ibm.com>
39  *
40  * Any bugs reported given to us we will try to fix... any fixes shared will
41  * be incorporated into the next SCTP release.
42  */
43 
44 #include <linux/types.h>
45 #include <linux/kernel.h>
46 #include <linux/wait.h>
47 #include <linux/time.h>
48 #include <linux/ip.h>
49 #include <linux/ipv6.h>
50 #include <linux/init.h>
51 #include <net/inet_ecn.h>
52 #include <net/icmp.h>
53 #include <net/net_namespace.h>
54 
55 #ifndef TEST_FRAME
56 #include <net/tcp.h>
57 #endif /* TEST_FRAME (not defined) */
58 
59 #include <linux/socket.h> /* for sa_family_t */
60 #include <net/sock.h>
61 
62 #include <net/sctp/sctp.h>
63 #include <net/sctp/sm.h>
64 #include <net/sctp/checksum.h>
65 
66 /* Forward declarations for private helpers. */
67 static sctp_xmit_t sctp_packet_append_data(struct sctp_packet *packet,
68 					   struct sctp_chunk *chunk);
69 
70 /* Config a packet.
71  * This appears to be a followup set of initializations.
72  */
sctp_packet_config(struct sctp_packet * packet,__u32 vtag,int ecn_capable)73 struct sctp_packet *sctp_packet_config(struct sctp_packet *packet,
74 				       __u32 vtag, int ecn_capable)
75 {
76 	struct sctp_chunk *chunk = NULL;
77 
78 	SCTP_DEBUG_PRINTK("%s: packet:%p vtag:0x%x\n", __func__,
79 			  packet, vtag);
80 
81 	packet->vtag = vtag;
82 	packet->has_cookie_echo = 0;
83 	packet->has_sack = 0;
84 	packet->has_auth = 0;
85 	packet->has_data = 0;
86 	packet->ipfragok = 0;
87 	packet->auth = NULL;
88 
89 	if (ecn_capable && sctp_packet_empty(packet)) {
90 		chunk = sctp_get_ecne_prepend(packet->transport->asoc);
91 
92 		/* If there a is a prepend chunk stick it on the list before
93 		 * any other chunks get appended.
94 		 */
95 		if (chunk)
96 			sctp_packet_append_chunk(packet, chunk);
97 	}
98 
99 	return packet;
100 }
101 
102 /* Initialize the packet structure. */
sctp_packet_init(struct sctp_packet * packet,struct sctp_transport * transport,__u16 sport,__u16 dport)103 struct sctp_packet *sctp_packet_init(struct sctp_packet *packet,
104 				     struct sctp_transport *transport,
105 				     __u16 sport, __u16 dport)
106 {
107 	struct sctp_association *asoc = transport->asoc;
108 	size_t overhead;
109 
110 	SCTP_DEBUG_PRINTK("%s: packet:%p transport:%p\n", __func__,
111 			  packet, transport);
112 
113 	packet->transport = transport;
114 	packet->source_port = sport;
115 	packet->destination_port = dport;
116 	INIT_LIST_HEAD(&packet->chunk_list);
117 	if (asoc) {
118 		struct sctp_sock *sp = sctp_sk(asoc->base.sk);
119 		overhead = sp->pf->af->net_header_len;
120 	} else {
121 		overhead = sizeof(struct ipv6hdr);
122 	}
123 	overhead += sizeof(struct sctphdr);
124 	packet->overhead = overhead;
125 	packet->size = overhead;
126 	packet->vtag = 0;
127 	packet->has_cookie_echo = 0;
128 	packet->has_sack = 0;
129 	packet->has_auth = 0;
130 	packet->has_data = 0;
131 	packet->ipfragok = 0;
132 	packet->malloced = 0;
133 	packet->auth = NULL;
134 	return packet;
135 }
136 
137 /* Free a packet.  */
sctp_packet_free(struct sctp_packet * packet)138 void sctp_packet_free(struct sctp_packet *packet)
139 {
140 	struct sctp_chunk *chunk, *tmp;
141 
142 	SCTP_DEBUG_PRINTK("%s: packet:%p\n", __func__, packet);
143 
144 	list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
145 		list_del_init(&chunk->list);
146 		sctp_chunk_free(chunk);
147 	}
148 
149 	if (packet->malloced)
150 		kfree(packet);
151 }
152 
153 /* This routine tries to append the chunk to the offered packet. If adding
154  * the chunk causes the packet to exceed the path MTU and COOKIE_ECHO chunk
155  * is not present in the packet, it transmits the input packet.
156  * Data can be bundled with a packet containing a COOKIE_ECHO chunk as long
157  * as it can fit in the packet, but any more data that does not fit in this
158  * packet can be sent only after receiving the COOKIE_ACK.
159  */
sctp_packet_transmit_chunk(struct sctp_packet * packet,struct sctp_chunk * chunk,int one_packet)160 sctp_xmit_t sctp_packet_transmit_chunk(struct sctp_packet *packet,
161 				       struct sctp_chunk *chunk,
162 				       int one_packet)
163 {
164 	sctp_xmit_t retval;
165 	int error = 0;
166 
167 	SCTP_DEBUG_PRINTK("%s: packet:%p chunk:%p\n", __func__,
168 			  packet, chunk);
169 
170 	switch ((retval = (sctp_packet_append_chunk(packet, chunk)))) {
171 	case SCTP_XMIT_PMTU_FULL:
172 		if (!packet->has_cookie_echo) {
173 			error = sctp_packet_transmit(packet);
174 			if (error < 0)
175 				chunk->skb->sk->sk_err = -error;
176 
177 			/* If we have an empty packet, then we can NOT ever
178 			 * return PMTU_FULL.
179 			 */
180 			if (!one_packet)
181 				retval = sctp_packet_append_chunk(packet,
182 								  chunk);
183 		}
184 		break;
185 
186 	case SCTP_XMIT_RWND_FULL:
187 	case SCTP_XMIT_OK:
188 	case SCTP_XMIT_NAGLE_DELAY:
189 		break;
190 	}
191 
192 	return retval;
193 }
194 
195 /* Try to bundle an auth chunk into the packet. */
sctp_packet_bundle_auth(struct sctp_packet * pkt,struct sctp_chunk * chunk)196 static sctp_xmit_t sctp_packet_bundle_auth(struct sctp_packet *pkt,
197 					   struct sctp_chunk *chunk)
198 {
199 	struct sctp_association *asoc = pkt->transport->asoc;
200 	struct sctp_chunk *auth;
201 	sctp_xmit_t retval = SCTP_XMIT_OK;
202 
203 	/* if we don't have an association, we can't do authentication */
204 	if (!asoc)
205 		return retval;
206 
207 	/* See if this is an auth chunk we are bundling or if
208 	 * auth is already bundled.
209 	 */
210 	if (chunk->chunk_hdr->type == SCTP_CID_AUTH || pkt->auth)
211 		return retval;
212 
213 	/* if the peer did not request this chunk to be authenticated,
214 	 * don't do it
215 	 */
216 	if (!chunk->auth)
217 		return retval;
218 
219 	auth = sctp_make_auth(asoc);
220 	if (!auth)
221 		return retval;
222 
223 	retval = sctp_packet_append_chunk(pkt, auth);
224 
225 	return retval;
226 }
227 
228 /* Try to bundle a SACK with the packet. */
sctp_packet_bundle_sack(struct sctp_packet * pkt,struct sctp_chunk * chunk)229 static sctp_xmit_t sctp_packet_bundle_sack(struct sctp_packet *pkt,
230 					   struct sctp_chunk *chunk)
231 {
232 	sctp_xmit_t retval = SCTP_XMIT_OK;
233 
234 	/* If sending DATA and haven't aleady bundled a SACK, try to
235 	 * bundle one in to the packet.
236 	 */
237 	if (sctp_chunk_is_data(chunk) && !pkt->has_sack &&
238 	    !pkt->has_cookie_echo) {
239 		struct sctp_association *asoc;
240 		asoc = pkt->transport->asoc;
241 
242 		if (asoc->a_rwnd > asoc->rwnd) {
243 			struct sctp_chunk *sack;
244 			asoc->a_rwnd = asoc->rwnd;
245 			sack = sctp_make_sack(asoc);
246 			if (sack) {
247 				struct timer_list *timer;
248 				retval = sctp_packet_append_chunk(pkt, sack);
249 				asoc->peer.sack_needed = 0;
250 				timer = &asoc->timers[SCTP_EVENT_TIMEOUT_SACK];
251 				if (timer_pending(timer) && del_timer(timer))
252 					sctp_association_put(asoc);
253 			}
254 		}
255 	}
256 	return retval;
257 }
258 
259 /* Append a chunk to the offered packet reporting back any inability to do
260  * so.
261  */
sctp_packet_append_chunk(struct sctp_packet * packet,struct sctp_chunk * chunk)262 sctp_xmit_t sctp_packet_append_chunk(struct sctp_packet *packet,
263 				     struct sctp_chunk *chunk)
264 {
265 	sctp_xmit_t retval = SCTP_XMIT_OK;
266 	__u16 chunk_len = WORD_ROUND(ntohs(chunk->chunk_hdr->length));
267 	size_t psize;
268 	size_t pmtu;
269 	int too_big;
270 
271 	SCTP_DEBUG_PRINTK("%s: packet:%p chunk:%p\n", __func__, packet,
272 			  chunk);
273 
274 	/* Try to bundle AUTH chunk */
275 	retval = sctp_packet_bundle_auth(packet, chunk);
276 	if (retval != SCTP_XMIT_OK)
277 		goto finish;
278 
279 	/* Try to bundle SACK chunk */
280 	retval = sctp_packet_bundle_sack(packet, chunk);
281 	if (retval != SCTP_XMIT_OK)
282 		goto finish;
283 
284 	psize = packet->size;
285 	pmtu  = ((packet->transport->asoc) ?
286 		 (packet->transport->asoc->pathmtu) :
287 		 (packet->transport->pathmtu));
288 
289 	too_big = (psize + chunk_len > pmtu);
290 
291 	/* Decide if we need to fragment or resubmit later. */
292 	if (too_big) {
293 		/* It's OK to fragmet at IP level if any one of the following
294 		 * is true:
295 		 * 	1. The packet is empty (meaning this chunk is greater
296 		 * 	   the MTU)
297 		 * 	2. The chunk we are adding is a control chunk
298 		 * 	3. The packet doesn't have any data in it yet and data
299 		 * 	requires authentication.
300 		 */
301 		if (sctp_packet_empty(packet) || !sctp_chunk_is_data(chunk) ||
302 		    (!packet->has_data && chunk->auth)) {
303 			/* We no longer do re-fragmentation.
304 			 * Just fragment at the IP layer, if we
305 			 * actually hit this condition
306 			 */
307 			packet->ipfragok = 1;
308 			goto append;
309 
310 		} else {
311 			retval = SCTP_XMIT_PMTU_FULL;
312 			goto finish;
313 		}
314 	}
315 
316 append:
317 	/* We believe that this chunk is OK to add to the packet (as
318 	 * long as we have the cwnd for it).
319 	 */
320 
321 	/* DATA is a special case since we must examine both rwnd and cwnd
322 	 * before we send DATA.
323 	 */
324 	switch (chunk->chunk_hdr->type) {
325 	    case SCTP_CID_DATA:
326 		retval = sctp_packet_append_data(packet, chunk);
327 		if (SCTP_XMIT_OK != retval)
328 			goto finish;
329 		/* Disallow SACK bundling after DATA. */
330 		packet->has_sack = 1;
331 		/* Disallow AUTH bundling after DATA */
332 		packet->has_auth = 1;
333 		/* Let it be knows that packet has DATA in it */
334 		packet->has_data = 1;
335 		/* timestamp the chunk for rtx purposes */
336 		chunk->sent_at = jiffies;
337 		break;
338 	    case SCTP_CID_COOKIE_ECHO:
339 		packet->has_cookie_echo = 1;
340 		break;
341 
342 	    case SCTP_CID_SACK:
343 		packet->has_sack = 1;
344 		break;
345 
346 	    case SCTP_CID_AUTH:
347 		packet->has_auth = 1;
348 		packet->auth = chunk;
349 		break;
350 	}
351 
352 	/* It is OK to send this chunk.  */
353 	list_add_tail(&chunk->list, &packet->chunk_list);
354 	packet->size += chunk_len;
355 	chunk->transport = packet->transport;
356 finish:
357 	return retval;
358 }
359 
360 /* All packets are sent to the network through this function from
361  * sctp_outq_tail().
362  *
363  * The return value is a normal kernel error return value.
364  */
sctp_packet_transmit(struct sctp_packet * packet)365 int sctp_packet_transmit(struct sctp_packet *packet)
366 {
367 	struct sctp_transport *tp = packet->transport;
368 	struct sctp_association *asoc = tp->asoc;
369 	struct sctphdr *sh;
370 	__be32 crc32 = __constant_cpu_to_be32(0);
371 	struct sk_buff *nskb;
372 	struct sctp_chunk *chunk, *tmp;
373 	struct sock *sk;
374 	int err = 0;
375 	int padding;		/* How much padding do we need?  */
376 	__u8 has_data = 0;
377 	struct dst_entry *dst = tp->dst;
378 	unsigned char *auth = NULL;	/* pointer to auth in skb data */
379 	__u32 cksum_buf_len = sizeof(struct sctphdr);
380 
381 	SCTP_DEBUG_PRINTK("%s: packet:%p\n", __func__, packet);
382 
383 	/* Do NOT generate a chunkless packet. */
384 	if (list_empty(&packet->chunk_list))
385 		return err;
386 
387 	/* Set up convenience variables... */
388 	chunk = list_entry(packet->chunk_list.next, struct sctp_chunk, list);
389 	sk = chunk->skb->sk;
390 
391 	/* Allocate the new skb.  */
392 	nskb = alloc_skb(packet->size + LL_MAX_HEADER, GFP_ATOMIC);
393 	if (!nskb)
394 		goto nomem;
395 
396 	/* Make sure the outbound skb has enough header room reserved. */
397 	skb_reserve(nskb, packet->overhead + LL_MAX_HEADER);
398 
399 	/* Set the owning socket so that we know where to get the
400 	 * destination IP address.
401 	 */
402 	skb_set_owner_w(nskb, sk);
403 
404 	/* The 'obsolete' field of dst is set to 2 when a dst is freed. */
405 	if (!dst || (dst->obsolete > 1)) {
406 		dst_release(dst);
407 		sctp_transport_route(tp, NULL, sctp_sk(sk));
408 		if (asoc && (asoc->param_flags & SPP_PMTUD_ENABLE)) {
409 			sctp_assoc_sync_pmtu(asoc);
410 		}
411 	}
412 	nskb->dst = dst_clone(tp->dst);
413 	if (!nskb->dst)
414 		goto no_route;
415 	dst = nskb->dst;
416 
417 	/* Build the SCTP header.  */
418 	sh = (struct sctphdr *)skb_push(nskb, sizeof(struct sctphdr));
419 	sh->source = htons(packet->source_port);
420 	sh->dest   = htons(packet->destination_port);
421 
422 	/* From 6.8 Adler-32 Checksum Calculation:
423 	 * After the packet is constructed (containing the SCTP common
424 	 * header and one or more control or DATA chunks), the
425 	 * transmitter shall:
426 	 *
427 	 * 1) Fill in the proper Verification Tag in the SCTP common
428 	 *    header and initialize the checksum field to 0's.
429 	 */
430 	sh->vtag     = htonl(packet->vtag);
431 	sh->checksum = 0;
432 
433 	/**
434 	 * 6.10 Bundling
435 	 *
436 	 *    An endpoint bundles chunks by simply including multiple
437 	 *    chunks in one outbound SCTP packet.  ...
438 	 */
439 
440 	/**
441 	 * 3.2  Chunk Field Descriptions
442 	 *
443 	 * The total length of a chunk (including Type, Length and
444 	 * Value fields) MUST be a multiple of 4 bytes.  If the length
445 	 * of the chunk is not a multiple of 4 bytes, the sender MUST
446 	 * pad the chunk with all zero bytes and this padding is not
447 	 * included in the chunk length field.  The sender should
448 	 * never pad with more than 3 bytes.
449 	 *
450 	 * [This whole comment explains WORD_ROUND() below.]
451 	 */
452 	SCTP_DEBUG_PRINTK("***sctp_transmit_packet***\n");
453 	list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
454 		list_del_init(&chunk->list);
455 		if (sctp_chunk_is_data(chunk)) {
456 
457 			if (!chunk->has_tsn) {
458 				sctp_chunk_assign_ssn(chunk);
459 				sctp_chunk_assign_tsn(chunk);
460 
461 			/* 6.3.1 C4) When data is in flight and when allowed
462 			 * by rule C5, a new RTT measurement MUST be made each
463 			 * round trip.  Furthermore, new RTT measurements
464 			 * SHOULD be made no more than once per round-trip
465 			 * for a given destination transport address.
466 			 */
467 
468 				if (!tp->rto_pending) {
469 					chunk->rtt_in_progress = 1;
470 					tp->rto_pending = 1;
471 				}
472 			} else
473 				chunk->resent = 1;
474 
475 			has_data = 1;
476 		}
477 
478 		padding = WORD_ROUND(chunk->skb->len) - chunk->skb->len;
479 		if (padding)
480 			memset(skb_put(chunk->skb, padding), 0, padding);
481 
482 		/* if this is the auth chunk that we are adding,
483 		 * store pointer where it will be added and put
484 		 * the auth into the packet.
485 		 */
486 		if (chunk == packet->auth)
487 			auth = skb_tail_pointer(nskb);
488 
489 		cksum_buf_len += chunk->skb->len;
490 		memcpy(skb_put(nskb, chunk->skb->len),
491 			       chunk->skb->data, chunk->skb->len);
492 
493 		SCTP_DEBUG_PRINTK("%s %p[%s] %s 0x%x, %s %d, %s %d, %s %d\n",
494 				  "*** Chunk", chunk,
495 				  sctp_cname(SCTP_ST_CHUNK(
496 					  chunk->chunk_hdr->type)),
497 				  chunk->has_tsn ? "TSN" : "No TSN",
498 				  chunk->has_tsn ?
499 				  ntohl(chunk->subh.data_hdr->tsn) : 0,
500 				  "length", ntohs(chunk->chunk_hdr->length),
501 				  "chunk->skb->len", chunk->skb->len,
502 				  "rtt_in_progress", chunk->rtt_in_progress);
503 
504 		/*
505 		 * If this is a control chunk, this is our last
506 		 * reference. Free data chunks after they've been
507 		 * acknowledged or have failed.
508 		 */
509 		if (!sctp_chunk_is_data(chunk))
510 			sctp_chunk_free(chunk);
511 	}
512 
513 	/* SCTP-AUTH, Section 6.2
514 	 *    The sender MUST calculate the MAC as described in RFC2104 [2]
515 	 *    using the hash function H as described by the MAC Identifier and
516 	 *    the shared association key K based on the endpoint pair shared key
517 	 *    described by the shared key identifier.  The 'data' used for the
518 	 *    computation of the AUTH-chunk is given by the AUTH chunk with its
519 	 *    HMAC field set to zero (as shown in Figure 6) followed by all
520 	 *    chunks that are placed after the AUTH chunk in the SCTP packet.
521 	 */
522 	if (auth)
523 		sctp_auth_calculate_hmac(asoc, nskb,
524 					(struct sctp_auth_chunk *)auth,
525 					GFP_ATOMIC);
526 
527 	/* 2) Calculate the Adler-32 checksum of the whole packet,
528 	 *    including the SCTP common header and all the
529 	 *    chunks.
530 	 *
531 	 * Note: Adler-32 is no longer applicable, as has been replaced
532 	 * by CRC32-C as described in <draft-ietf-tsvwg-sctpcsum-02.txt>.
533 	 */
534 	if (!(dst->dev->features & NETIF_F_NO_CSUM)) {
535 		crc32 = sctp_start_cksum((__u8 *)sh, cksum_buf_len);
536 		crc32 = sctp_end_cksum(crc32);
537 	} else
538 		nskb->ip_summed = CHECKSUM_UNNECESSARY;
539 
540 	/* 3) Put the resultant value into the checksum field in the
541 	 *    common header, and leave the rest of the bits unchanged.
542 	 */
543 	sh->checksum = crc32;
544 
545 	/* IP layer ECN support
546 	 * From RFC 2481
547 	 *  "The ECN-Capable Transport (ECT) bit would be set by the
548 	 *   data sender to indicate that the end-points of the
549 	 *   transport protocol are ECN-capable."
550 	 *
551 	 * Now setting the ECT bit all the time, as it should not cause
552 	 * any problems protocol-wise even if our peer ignores it.
553 	 *
554 	 * Note: The works for IPv6 layer checks this bit too later
555 	 * in transmission.  See IP6_ECN_flow_xmit().
556 	 */
557 	(*tp->af_specific->ecn_capable)(nskb->sk);
558 
559 	/* Set up the IP options.  */
560 	/* BUG: not implemented
561 	 * For v4 this all lives somewhere in sk->sk_opt...
562 	 */
563 
564 	/* Dump that on IP!  */
565 	if (asoc && asoc->peer.last_sent_to != tp) {
566 		/* Considering the multiple CPU scenario, this is a
567 		 * "correcter" place for last_sent_to.  --xguo
568 		 */
569 		asoc->peer.last_sent_to = tp;
570 	}
571 
572 	if (has_data) {
573 		struct timer_list *timer;
574 		unsigned long timeout;
575 
576 		tp->last_time_used = jiffies;
577 
578 		/* Restart the AUTOCLOSE timer when sending data. */
579 		if (sctp_state(asoc, ESTABLISHED) && asoc->autoclose) {
580 			timer = &asoc->timers[SCTP_EVENT_TIMEOUT_AUTOCLOSE];
581 			timeout = asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE];
582 
583 			if (!mod_timer(timer, jiffies + timeout))
584 				sctp_association_hold(asoc);
585 		}
586 	}
587 
588 	SCTP_DEBUG_PRINTK("***sctp_transmit_packet*** skb len %d\n",
589 			  nskb->len);
590 
591 	nskb->local_df = packet->ipfragok;
592 	(*tp->af_specific->sctp_xmit)(nskb, tp);
593 
594 out:
595 	packet->size = packet->overhead;
596 	return err;
597 no_route:
598 	kfree_skb(nskb);
599 	IP_INC_STATS_BH(&init_net, IPSTATS_MIB_OUTNOROUTES);
600 
601 	/* FIXME: Returning the 'err' will effect all the associations
602 	 * associated with a socket, although only one of the paths of the
603 	 * association is unreachable.
604 	 * The real failure of a transport or association can be passed on
605 	 * to the user via notifications. So setting this error may not be
606 	 * required.
607 	 */
608 	 /* err = -EHOSTUNREACH; */
609 err:
610 	/* Control chunks are unreliable so just drop them.  DATA chunks
611 	 * will get resent or dropped later.
612 	 */
613 
614 	list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
615 		list_del_init(&chunk->list);
616 		if (!sctp_chunk_is_data(chunk))
617 			sctp_chunk_free(chunk);
618 	}
619 	goto out;
620 nomem:
621 	err = -ENOMEM;
622 	goto err;
623 }
624 
625 /********************************************************************
626  * 2nd Level Abstractions
627  ********************************************************************/
628 
629 /* This private function handles the specifics of appending DATA chunks.  */
sctp_packet_append_data(struct sctp_packet * packet,struct sctp_chunk * chunk)630 static sctp_xmit_t sctp_packet_append_data(struct sctp_packet *packet,
631 					   struct sctp_chunk *chunk)
632 {
633 	sctp_xmit_t retval = SCTP_XMIT_OK;
634 	size_t datasize, rwnd, inflight;
635 	struct sctp_transport *transport = packet->transport;
636 	__u32 max_burst_bytes;
637 	struct sctp_association *asoc = transport->asoc;
638 	struct sctp_sock *sp = sctp_sk(asoc->base.sk);
639 	struct sctp_outq *q = &asoc->outqueue;
640 
641 	/* RFC 2960 6.1  Transmission of DATA Chunks
642 	 *
643 	 * A) At any given time, the data sender MUST NOT transmit new data to
644 	 * any destination transport address if its peer's rwnd indicates
645 	 * that the peer has no buffer space (i.e. rwnd is 0, see Section
646 	 * 6.2.1).  However, regardless of the value of rwnd (including if it
647 	 * is 0), the data sender can always have one DATA chunk in flight to
648 	 * the receiver if allowed by cwnd (see rule B below).  This rule
649 	 * allows the sender to probe for a change in rwnd that the sender
650 	 * missed due to the SACK having been lost in transit from the data
651 	 * receiver to the data sender.
652 	 */
653 
654 	rwnd = asoc->peer.rwnd;
655 	inflight = asoc->outqueue.outstanding_bytes;
656 
657 	datasize = sctp_data_size(chunk);
658 
659 	if (datasize > rwnd) {
660 		if (inflight > 0) {
661 			/* We have (at least) one data chunk in flight,
662 			 * so we can't fall back to rule 6.1 B).
663 			 */
664 			retval = SCTP_XMIT_RWND_FULL;
665 			goto finish;
666 		}
667 	}
668 
669 	/* sctpimpguide-05 2.14.2
670 	 * D) When the time comes for the sender to
671 	 * transmit new DATA chunks, the protocol parameter Max.Burst MUST
672 	 * first be applied to limit how many new DATA chunks may be sent.
673 	 * The limit is applied by adjusting cwnd as follows:
674 	 * 	if ((flightsize + Max.Burst * MTU) < cwnd)
675 	 *		cwnd = flightsize + Max.Burst * MTU
676 	 */
677 	max_burst_bytes = asoc->max_burst * asoc->pathmtu;
678 	if ((transport->flight_size + max_burst_bytes) < transport->cwnd) {
679 		transport->cwnd = transport->flight_size + max_burst_bytes;
680 		SCTP_DEBUG_PRINTK("%s: cwnd limited by max_burst: "
681 				  "transport: %p, cwnd: %d, "
682 				  "ssthresh: %d, flight_size: %d, "
683 				  "pba: %d\n",
684 				  __func__, transport,
685 				  transport->cwnd,
686 				  transport->ssthresh,
687 				  transport->flight_size,
688 				  transport->partial_bytes_acked);
689 	}
690 
691 	/* RFC 2960 6.1  Transmission of DATA Chunks
692 	 *
693 	 * B) At any given time, the sender MUST NOT transmit new data
694 	 * to a given transport address if it has cwnd or more bytes
695 	 * of data outstanding to that transport address.
696 	 */
697 	/* RFC 7.2.4 & the Implementers Guide 2.8.
698 	 *
699 	 * 3) ...
700 	 *    When a Fast Retransmit is being performed the sender SHOULD
701 	 *    ignore the value of cwnd and SHOULD NOT delay retransmission.
702 	 */
703 	if (chunk->fast_retransmit != SCTP_NEED_FRTX)
704 		if (transport->flight_size >= transport->cwnd) {
705 			retval = SCTP_XMIT_RWND_FULL;
706 			goto finish;
707 		}
708 
709 	/* Nagle's algorithm to solve small-packet problem:
710 	 * Inhibit the sending of new chunks when new outgoing data arrives
711 	 * if any previously transmitted data on the connection remains
712 	 * unacknowledged.
713 	 */
714 	if (!sp->nodelay && sctp_packet_empty(packet) &&
715 	    q->outstanding_bytes && sctp_state(asoc, ESTABLISHED)) {
716 		unsigned len = datasize + q->out_qlen;
717 
718 		/* Check whether this chunk and all the rest of pending
719 		 * data will fit or delay in hopes of bundling a full
720 		 * sized packet.
721 		 */
722 		if (len < asoc->frag_point) {
723 			retval = SCTP_XMIT_NAGLE_DELAY;
724 			goto finish;
725 		}
726 	}
727 
728 	/* Keep track of how many bytes are in flight over this transport. */
729 	transport->flight_size += datasize;
730 
731 	/* Keep track of how many bytes are in flight to the receiver. */
732 	asoc->outqueue.outstanding_bytes += datasize;
733 
734 	/* Update our view of the receiver's rwnd. Include sk_buff overhead
735 	 * while updating peer.rwnd so that it reduces the chances of a
736 	 * receiver running out of receive buffer space even when receive
737 	 * window is still open. This can happen when a sender is sending
738 	 * sending small messages.
739 	 */
740 	datasize += sizeof(struct sk_buff);
741 	if (datasize < rwnd)
742 		rwnd -= datasize;
743 	else
744 		rwnd = 0;
745 
746 	asoc->peer.rwnd = rwnd;
747 	/* Has been accepted for transmission. */
748 	if (!asoc->peer.prsctp_capable)
749 		chunk->msg->can_abandon = 0;
750 
751 finish:
752 	return retval;
753 }
754