/* * CDDL HEADER START * * The contents of this file are subject to the terms of the * Common Development and Distribution License (the "License"). * You may not use this file except in compliance with the License. * * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE * or http://www.opensolaris.org/os/licensing. * See the License for the specific language governing permissions * and limitations under the License. * * When distributing Covered Code, include this CDDL HEADER in each * file and include the License file at usr/src/OPENSOLARIS.LICENSE. * If applicable, add the following below this CDDL HEADER, with the * fields enclosed by brackets "[]" replaced with your own identifying * information: Portions Copyright [yyyy] [name of copyright owner] * * CDDL HEADER END */ /* * Copyright 2006 Sun Microsystems, Inc. All rights reserved. * Use is subject to license terms. */ #pragma ident "%Z%%M% %I% %E% SMI" #include #include #include #include #include #define _SUN_TPI_VERSION 2 #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "sctp_impl.h" #include "sctp_addr.h" #include "sctp_asconf.h" extern major_t SCTP6_MAJ; extern major_t SCTP_MAJ; int sctpdebug; sin6_t sctp_sin6_null; /* Zero address for quick clears */ extern mblk_t *sctp_pad_mp; /* pad unaligned data chunks */ static void sctp_closei_local(sctp_t *sctp); static int sctp_init_values(sctp_t *, sctp_t *, int); static void sctp_icmp_error_ipv6(sctp_t *sctp, mblk_t *mp); static void sctp_process_recvq(void *); static void sctp_rq_tq_init(void); static void sctp_rq_tq_fini(void); static void sctp_conn_cache_init(); static void sctp_conn_cache_fini(); static int sctp_conn_cache_constructor(); static void sctp_conn_cache_destructor(); /* * SCTP receive queue taskq * * At SCTP initialization time, a default taskq is created for * servicing packets received when the interrupt thread cannot * get a hold on the sctp_t. The number of taskq can be increased in * sctp_find_next_tq() when an existing taskq cannot be dispatched. * The taskqs are never removed. But the max number of taskq which * can be created is controlled by sctp_recvq_tq_list_max_sz. Note * that SCTP recvq taskq is not tied to any specific CPU or ill. * * Those taskqs are stored in an array recvq_tq_list. And they are * used in a round robin fashion. The current taskq being used is * determined by recvq_tq_list_cur. */ /* This lock protects the SCTP recvq_tq_list array and recvq_tq_list_cur_sz. */ static kmutex_t sctp_rq_tq_lock; int sctp_recvq_tq_list_max_sz = 16; static taskq_t **recvq_tq_list; /* Current number of recvq taskq. At least 1 for the default taskq. */ static uint32_t recvq_tq_list_cur_sz = 1; static uint32_t recvq_tq_list_cur = 0; /* The minimum number of threads for each taskq. */ int sctp_recvq_tq_thr_min = 4; /* The maximum number of threads for each taskq. */ int sctp_recvq_tq_thr_max = 16; /* The minimum number of tasks for each taskq. */ int sctp_recvq_tq_task_min = 5; /* The maxiimum number of tasks for each taskq. */ int sctp_recvq_tq_task_max = 50; /* * Default queue used for sending packets. No need to have lock for it * as it should never be changed. */ queue_t *sctp_g_q; int sctp_g_q_fd; /* The default sctp_t for responding out of the blue packets. */ sctp_t *gsctp; /* Protected by sctp_g_lock */ list_t sctp_g_list; /* SCTP instance data chain */ kmutex_t sctp_g_lock; /* sctp_t/conn_t kmem cache */ struct kmem_cache *sctp_conn_cache; #define SCTP_CONDEMNED(sctp) \ mutex_enter(&(sctp)->sctp_reflock); \ ((sctp)->sctp_condemned = B_TRUE); \ mutex_exit(&(sctp)->sctp_reflock); /* Link/unlink a sctp_t to/from the global list. */ #define SCTP_LINK(sctp) \ mutex_enter(&sctp_g_lock); \ list_insert_tail(&sctp_g_list, (sctp)); \ mutex_exit(&sctp_g_lock); #define SCTP_UNLINK(sctp) \ mutex_enter(&sctp_g_lock); \ ASSERT((sctp)->sctp_condemned); \ list_remove(&sctp_g_list, (sctp)); \ mutex_exit(&sctp_g_lock); /* * Hooks for Sun Cluster. On non-clustered nodes these will remain NULL. * PSARC/2005/602. */ void (*cl_sctp_listen)(sa_family_t, uchar_t *, uint_t, in_port_t) = NULL; void (*cl_sctp_unlisten)(sa_family_t, uchar_t *, uint_t, in_port_t) = NULL; void (*cl_sctp_connect)(sa_family_t, uchar_t *, uint_t, in_port_t, uchar_t *, uint_t, in_port_t, boolean_t, cl_sctp_handle_t) = NULL; void (*cl_sctp_disconnect)(sa_family_t, cl_sctp_handle_t) = NULL; void (*cl_sctp_assoc_change)(sa_family_t, uchar_t *, size_t, uint_t, uchar_t *, size_t, uint_t, int, cl_sctp_handle_t) = NULL; void (*cl_sctp_check_addrs)(sa_family_t, in_port_t, uchar_t **, size_t, uint_t *, boolean_t) = NULL; /* * Return the version number of the SCTP kernel interface. */ int sctp_itf_ver(int cl_ver) { if (cl_ver != SCTP_ITF_VER) return (-1); return (SCTP_ITF_VER); } /* * Called when we need a new sctp instantiation but don't really have a * new q to hang it off of. Copy the priv flag from the passed in structure. */ sctp_t * sctp_create_eager(sctp_t *psctp) { sctp_t *sctp; mblk_t *ack_mp, *hb_mp; conn_t *connp, *pconnp; cred_t *credp; if ((connp = ipcl_conn_create(IPCL_SCTPCONN, KM_NOSLEEP)) == NULL) return (NULL); connp->conn_ulp_labeled = is_system_labeled(); sctp = CONN2SCTP(connp); if ((ack_mp = sctp_timer_alloc(sctp, sctp_ack_timer)) == NULL || (hb_mp = sctp_timer_alloc(sctp, sctp_heartbeat_timer)) == NULL) { if (ack_mp != NULL) freeb(ack_mp); kmem_cache_free(sctp_conn_cache, connp); return (NULL); } sctp->sctp_ack_mp = ack_mp; sctp->sctp_heartbeat_mp = hb_mp; /* Inherit information from the "parent" */ sctp->sctp_ipversion = psctp->sctp_ipversion; sctp->sctp_family = psctp->sctp_family; pconnp = psctp->sctp_connp; connp->conn_af_isv6 = pconnp->conn_af_isv6; connp->conn_pkt_isv6 = pconnp->conn_pkt_isv6; connp->conn_ipv6_v6only = pconnp->conn_ipv6_v6only; if (sctp_init_values(sctp, psctp, KM_NOSLEEP) != 0) { freeb(ack_mp); freeb(hb_mp); kmem_cache_free(sctp_conn_cache, connp); return (NULL); } /* * If the parent is multilevel, then we'll fix up the remote cred * when we do sctp_accept_comm. */ if ((credp = pconnp->conn_cred) != NULL) { connp->conn_cred = credp; crhold(credp); /* * If the caller has the process-wide flag set, then default to * MAC exempt mode. This allows read-down to unlabeled hosts. */ if (getpflags(NET_MAC_AWARE, credp) != 0) connp->conn_mac_exempt = B_TRUE; } connp->conn_allzones = pconnp->conn_allzones; connp->conn_zoneid = pconnp->conn_zoneid; sctp->sctp_mss = psctp->sctp_mss; sctp->sctp_detached = B_TRUE; /* * Link to the global as soon as possible so that this sctp_t * can be found. */ SCTP_LINK(sctp); return (sctp); } /* * We are dying for some reason. Try to do it gracefully. */ void sctp_clean_death(sctp_t *sctp, int err) { ASSERT(sctp != NULL); ASSERT((sctp->sctp_family == AF_INET && sctp->sctp_ipversion == IPV4_VERSION) || (sctp->sctp_family == AF_INET6 && (sctp->sctp_ipversion == IPV4_VERSION || sctp->sctp_ipversion == IPV6_VERSION))); dprint(3, ("sctp_clean_death %p, state %d\n", (void *)sctp, sctp->sctp_state)); sctp->sctp_client_errno = err; /* * Check to see if we need to notify upper layer. */ if ((sctp->sctp_state >= SCTPS_COOKIE_WAIT) && !SCTP_IS_DETACHED(sctp)) { if (sctp->sctp_xmit_head || sctp->sctp_xmit_unsent) { sctp_regift_xmitlist(sctp); } if (sctp->sctp_ulp_disconnected(sctp->sctp_ulpd, err)) { /* * Socket is gone, detach. */ sctp->sctp_detached = B_TRUE; sctp->sctp_ulpd = NULL; bzero(&sctp->sctp_upcalls, sizeof (sctp_upcalls_t)); } } /* Remove this sctp from all hashes. */ sctp_closei_local(sctp); /* * If the sctp_t is detached, we need to finish freeing up * the resources. At this point, ip_fanout_sctp() should have * a hold on this sctp_t. Some thread doing snmp stuff can * have a hold. And a taskq can also have a hold waiting to * work. sctp_unlink() the sctp_t from the global list so * that no new thread can find it. Then do a SCTP_REFRELE(). * The sctp_t will be freed after all those threads are done. */ if (SCTP_IS_DETACHED(sctp)) { SCTP_CONDEMNED(sctp); SCTP_REFRELE(sctp); } } /* * Called by upper layer when it wants to close this association. * Depending on the state of this assoication, we need to do * different things. * * If the state is below COOKIE_ECHOED or it is COOKIE_ECHOED but with * no sent data, just remove this sctp from all the hashes. This * makes sure that all packets from the other end will go to the default * sctp handling. The upper layer will then do a sctp_close() to clean * up. * * Otherwise, check and see if SO_LINGER is set. If it is set, check * the value. If the value is 0, consider this an abortive close. Send * an ABORT message and kill the associatiion. * */ int sctp_disconnect(sctp_t *sctp) { int error = 0; dprint(3, ("sctp_disconnect %p, state %d\n", (void *)sctp, sctp->sctp_state)); RUN_SCTP(sctp); switch (sctp->sctp_state) { case SCTPS_IDLE: case SCTPS_BOUND: case SCTPS_LISTEN: break; case SCTPS_COOKIE_WAIT: case SCTPS_COOKIE_ECHOED: /* * Close during the connect 3-way handshake * but here there may or may not be pending data * already on queue. Process almost same as in * the ESTABLISHED state. */ if (sctp->sctp_xmit_head == NULL && sctp->sctp_xmit_unsent == NULL) { break; } /* FALLTHRU */ default: /* * If SO_LINGER has set a zero linger time, abort the * connection with a reset. */ if (sctp->sctp_linger && sctp->sctp_lingertime == 0) { sctp_user_abort(sctp, NULL, B_FALSE); break; } /* * In there is unread data, send an ABORT */ if (sctp->sctp_rxqueued > 0 || sctp->sctp_irwnd > sctp->sctp_rwnd) { sctp_user_abort(sctp, NULL, B_FALSE); break; } /* * Transmit the shutdown before detaching the sctp_t. * After sctp_detach returns this queue/perimeter * no longer owns the sctp_t thus others can modify it. */ sctp_send_shutdown(sctp, 0); /* Pass gathered wisdom to IP for keeping */ sctp_update_ire(sctp); /* * If lingering on close then wait until the shutdown * is complete, or the SO_LINGER time passes, or an * ABORT is sent/received. Note that sctp_disconnect() * can be called more than once. Make sure that only * one thread waits. */ if (sctp->sctp_linger && sctp->sctp_lingertime > 0 && sctp->sctp_state >= SCTPS_ESTABLISHED && !sctp->sctp_lingering) { clock_t stoptime; /* in ticks */ clock_t ret; /* * Process the sendq to send the SHUTDOWN out * before waiting. */ sctp_process_sendq(sctp); sctp->sctp_lingering = 1; sctp->sctp_client_errno = 0; stoptime = lbolt + sctp->sctp_lingertime; mutex_enter(&sctp->sctp_lock); sctp->sctp_running = B_FALSE; while (sctp->sctp_state >= SCTPS_ESTABLISHED && sctp->sctp_client_errno == 0) { cv_broadcast(&sctp->sctp_cv); ret = cv_timedwait_sig(&sctp->sctp_cv, &sctp->sctp_lock, stoptime); if (ret < 0) { /* Stoptime has reached. */ sctp->sctp_client_errno = EWOULDBLOCK; break; } else if (ret == 0) { /* Got a signal. */ break; } } error = sctp->sctp_client_errno; sctp->sctp_client_errno = 0; mutex_exit(&sctp->sctp_lock); } WAKE_SCTP(sctp); sctp_process_sendq(sctp); return (error); } /* Remove this sctp from all hashes so nobody can find it. */ sctp_closei_local(sctp); WAKE_SCTP(sctp); return (error); } void sctp_close(sctp_t *sctp) { dprint(3, ("sctp_close %p, state %d\n", (void *)sctp, sctp->sctp_state)); RUN_SCTP(sctp); sctp->sctp_detached = 1; sctp->sctp_ulpd = NULL; bzero(&sctp->sctp_upcalls, sizeof (sctp_upcalls_t)); bzero(&sctp->sctp_events, sizeof (sctp->sctp_events)); /* If the graceful shutdown has not been completed, just return. */ if (sctp->sctp_state != SCTPS_IDLE) { WAKE_SCTP(sctp); return; } /* * Since sctp_t is in SCTPS_IDLE state, so the only thread which * can have a hold on the sctp_t is doing snmp stuff. Just do * a SCTP_REFRELE() here after the SCTP_UNLINK(). It will * be freed when the other thread is done. */ SCTP_CONDEMNED(sctp); WAKE_SCTP(sctp); SCTP_REFRELE(sctp); } /* * Unlink from global list and do the eager close. * Remove the refhold implicit in being on the global list. */ void sctp_close_eager(sctp_t *sctp) { SCTP_CONDEMNED(sctp); sctp_closei_local(sctp); SCTP_REFRELE(sctp); } /* * The sctp_t is going away. Remove it from all lists and set it * to SCTPS_IDLE. The caller has to remove it from the * global list. The freeing up of memory is deferred until * sctp_free(). This is needed since a thread in sctp_input() might have * done a SCTP_REFHOLD on this structure before it was removed from the * hashes. */ static void sctp_closei_local(sctp_t *sctp) { mblk_t *mp; ire_t *ire = NULL; conn_t *connp = sctp->sctp_connp; /* Stop and free the timers */ sctp_free_faddr_timers(sctp); if ((mp = sctp->sctp_heartbeat_mp) != NULL) { sctp_timer_free(mp); sctp->sctp_heartbeat_mp = NULL; } if ((mp = sctp->sctp_ack_mp) != NULL) { sctp_timer_free(mp); sctp->sctp_ack_mp = NULL; } /* Set the CONN_CLOSING flag so that IP will not cache IRE again. */ mutex_enter(&connp->conn_lock); connp->conn_state_flags |= CONN_CLOSING; ire = connp->conn_ire_cache; connp->conn_ire_cache = NULL; mutex_exit(&connp->conn_lock); if (ire != NULL) IRE_REFRELE_NOTR(ire); /* Remove from all hashes. */ sctp_bind_hash_remove(sctp); sctp_conn_hash_remove(sctp); sctp_listen_hash_remove(sctp); sctp->sctp_state = SCTPS_IDLE; /* * Clean up the recvq as much as possible. All those packets * will be silently dropped as this sctp_t is now in idle state. */ mutex_enter(&sctp->sctp_recvq_lock); while ((mp = sctp->sctp_recvq) != NULL) { mblk_t *ipsec_mp; sctp->sctp_recvq = mp->b_next; mp->b_next = NULL; if ((ipsec_mp = mp->b_prev) != NULL) { freeb(ipsec_mp); mp->b_prev = NULL; } freemsg(mp); } mutex_exit(&sctp->sctp_recvq_lock); } /* * Free memory associated with the sctp/ip header template. */ static void sctp_headers_free(sctp_t *sctp) { if (sctp->sctp_iphc != NULL) { kmem_free(sctp->sctp_iphc, sctp->sctp_iphc_len); sctp->sctp_iphc = NULL; sctp->sctp_ipha = NULL; sctp->sctp_hdr_len = 0; sctp->sctp_ip_hdr_len = 0; sctp->sctp_iphc_len = 0; sctp->sctp_sctph = NULL; sctp->sctp_hdr_len = 0; } if (sctp->sctp_iphc6 != NULL) { kmem_free(sctp->sctp_iphc6, sctp->sctp_iphc6_len); sctp->sctp_iphc6 = NULL; sctp->sctp_ip6h = NULL; sctp->sctp_hdr6_len = 0; sctp->sctp_ip_hdr6_len = 0; sctp->sctp_iphc6_len = 0; sctp->sctp_sctph6 = NULL; sctp->sctp_hdr6_len = 0; } } static void sctp_free_xmit_data(sctp_t *sctp) { mblk_t *ump = NULL; mblk_t *nump; mblk_t *mp; mblk_t *nmp; sctp->sctp_xmit_unacked = NULL; ump = sctp->sctp_xmit_head; sctp->sctp_xmit_tail = sctp->sctp_xmit_head = NULL; free_unsent: for (; ump != NULL; ump = nump) { for (mp = ump->b_cont; mp != NULL; mp = nmp) { nmp = mp->b_next; mp->b_next = NULL; mp->b_prev = NULL; freemsg(mp); } ASSERT(DB_REF(ump) == 1); nump = ump->b_next; ump->b_next = NULL; ump->b_prev = NULL; ump->b_cont = NULL; freeb(ump); } if ((ump = sctp->sctp_xmit_unsent) == NULL) { ASSERT(sctp->sctp_xmit_unsent_tail == NULL); return; } sctp->sctp_xmit_unsent = sctp->sctp_xmit_unsent_tail = NULL; goto free_unsent; } /* * Cleanup all the messages in the stream queue and the reassembly lists. * If 'free' is true, then delete the streams as well. */ void sctp_instream_cleanup(sctp_t *sctp, boolean_t free) { int i; mblk_t *mp; mblk_t *mp1; if (sctp->sctp_instr != NULL) { /* walk thru and flush out anything remaining in the Q */ for (i = 0; i < sctp->sctp_num_istr; i++) { mp = sctp->sctp_instr[i].istr_msgs; while (mp != NULL) { mp1 = mp->b_next; mp->b_next = mp->b_prev = NULL; freemsg(mp); mp = mp1; } sctp->sctp_instr[i].istr_msgs = NULL; sctp_free_reass((sctp->sctp_instr) + i); sctp->sctp_instr[i].nextseq = 0; } if (free) { kmem_free(sctp->sctp_instr, sizeof (*sctp->sctp_instr) * sctp->sctp_num_istr); sctp->sctp_instr = NULL; sctp->sctp_num_istr = 0; } } /* un-ordered fragments */ if (sctp->sctp_uo_frags != NULL) { for (mp = sctp->sctp_uo_frags; mp != NULL; mp = mp1) { mp1 = mp->b_next; mp->b_next = mp->b_prev = NULL; freemsg(mp); } } } /* * Last reference to the sctp_t is gone. Free all memory associated with it. * Called from SCTP_REFRELE. Called inline in sctp_close() */ void sctp_free(conn_t *connp) { sctp_t *sctp = CONN2SCTP(connp); int cnt; /* Unlink it from the global list */ SCTP_UNLINK(sctp); ASSERT(connp->conn_ref == 0); ASSERT(connp->conn_ulp == IPPROTO_SCTP); ASSERT(!MUTEX_HELD(&sctp->sctp_reflock)); ASSERT(sctp->sctp_refcnt == 0); ASSERT(sctp->sctp_ptpbhn == NULL && sctp->sctp_bind_hash == NULL); ASSERT(sctp->sctp_conn_hash_next == NULL && sctp->sctp_conn_hash_prev == NULL); /* Free up all the resources. */ /* blow away sctp stream management */ if (sctp->sctp_ostrcntrs != NULL) { kmem_free(sctp->sctp_ostrcntrs, sizeof (uint16_t) * sctp->sctp_num_ostr); sctp->sctp_ostrcntrs = NULL; } sctp_instream_cleanup(sctp, B_TRUE); /* Remove all data transfer resources. */ sctp->sctp_istr_nmsgs = 0; sctp->sctp_rxqueued = 0; sctp_free_xmit_data(sctp); sctp->sctp_unacked = 0; sctp->sctp_unsent = 0; if (sctp->sctp_cxmit_list != NULL) sctp_asconf_free_cxmit(sctp, NULL); sctp->sctp_lastdata = NULL; /* Clear out default xmit settings */ sctp->sctp_def_stream = 0; sctp->sctp_def_flags = 0; sctp->sctp_def_ppid = 0; sctp->sctp_def_context = 0; sctp->sctp_def_timetolive = 0; if (sctp->sctp_sack_info != NULL) { sctp_free_set(sctp->sctp_sack_info); sctp->sctp_sack_info = NULL; } sctp->sctp_sack_gaps = 0; if (sctp->sctp_cookie_mp != NULL) { freemsg(sctp->sctp_cookie_mp); sctp->sctp_cookie_mp = NULL; } /* Remove all the address resources. */ sctp_zap_addrs(sctp); for (cnt = 0; cnt < SCTP_IPIF_HASH; cnt++) { ASSERT(sctp->sctp_saddrs[cnt].ipif_count == 0); list_destroy(&sctp->sctp_saddrs[cnt].sctp_ipif_list); } ip6_pkt_free(&sctp->sctp_sticky_ipp); if (sctp->sctp_hopopts != NULL) { mi_free(sctp->sctp_hopopts); sctp->sctp_hopopts = NULL; sctp->sctp_hopoptslen = 0; } ASSERT(sctp->sctp_hopoptslen == 0); if (sctp->sctp_dstopts != NULL) { mi_free(sctp->sctp_dstopts); sctp->sctp_dstopts = NULL; sctp->sctp_dstoptslen = 0; } ASSERT(sctp->sctp_dstoptslen == 0); if (sctp->sctp_rtdstopts != NULL) { mi_free(sctp->sctp_rtdstopts); sctp->sctp_rtdstopts = NULL; sctp->sctp_rtdstoptslen = 0; } ASSERT(sctp->sctp_rtdstoptslen == 0); if (sctp->sctp_rthdr != NULL) { mi_free(sctp->sctp_rthdr); sctp->sctp_rthdr = NULL; sctp->sctp_rthdrlen = 0; } ASSERT(sctp->sctp_rthdrlen == 0); sctp_headers_free(sctp); sctp->sctp_shutdown_faddr = NULL; /* Clear all the bitfields. */ bzero(&sctp->sctp_bits, sizeof (sctp->sctp_bits)); /* It is time to update the global statistics. */ UPDATE_MIB(&sctp_mib, sctpOutSCTPPkts, sctp->sctp_opkts); UPDATE_MIB(&sctp_mib, sctpOutCtrlChunks, sctp->sctp_obchunks); UPDATE_MIB(&sctp_mib, sctpOutOrderChunks, sctp->sctp_odchunks); UPDATE_MIB(&sctp_mib, sctpOutUnorderChunks, sctp->sctp_oudchunks); UPDATE_MIB(&sctp_mib, sctpRetransChunks, sctp->sctp_rxtchunks); UPDATE_MIB(&sctp_mib, sctpInSCTPPkts, sctp->sctp_ipkts); UPDATE_MIB(&sctp_mib, sctpInCtrlChunks, sctp->sctp_ibchunks); UPDATE_MIB(&sctp_mib, sctpInOrderChunks, sctp->sctp_idchunks); UPDATE_MIB(&sctp_mib, sctpInUnorderChunks, sctp->sctp_iudchunks); UPDATE_MIB(&sctp_mib, sctpFragUsrMsgs, sctp->sctp_fragdmsgs); UPDATE_MIB(&sctp_mib, sctpReasmUsrMsgs, sctp->sctp_reassmsgs); sctp->sctp_opkts = 0; sctp->sctp_obchunks = 0; sctp->sctp_odchunks = 0; sctp->sctp_oudchunks = 0; sctp->sctp_rxtchunks = 0; sctp->sctp_ipkts = 0; sctp->sctp_ibchunks = 0; sctp->sctp_idchunks = 0; sctp->sctp_iudchunks = 0; sctp->sctp_fragdmsgs = 0; sctp->sctp_reassmsgs = 0; sctp->sctp_autoclose = 0; sctp->sctp_tx_adaption_code = 0; sctp->sctp_v6label_len = 0; sctp->sctp_v4label_len = 0; /* Clean up conn_t stuff */ connp->conn_policy_cached = B_FALSE; if (connp->conn_latch != NULL) { IPLATCH_REFRELE(connp->conn_latch); connp->conn_latch = NULL; } if (connp->conn_policy != NULL) { IPPH_REFRELE(connp->conn_policy); connp->conn_policy = NULL; } if (connp->conn_ipsec_opt_mp != NULL) { freemsg(connp->conn_ipsec_opt_mp); connp->conn_ipsec_opt_mp = NULL; } if (connp->conn_cred != NULL) { crfree(connp->conn_cred); connp->conn_cred = NULL; } kmem_cache_free(sctp_conn_cache, connp); } /* Diagnostic routine used to return a string associated with the sctp state. */ char * sctp_display(sctp_t *sctp, char *sup_buf) { char *buf; char buf1[30]; static char priv_buf[INET6_ADDRSTRLEN * 2 + 80]; char *cp; if (sctp == NULL) return ("NULL_SCTP"); buf = (sup_buf != NULL) ? sup_buf : priv_buf; switch (sctp->sctp_state) { case SCTPS_IDLE: cp = "SCTP_IDLE"; break; case SCTPS_BOUND: cp = "SCTP_BOUND"; break; case SCTPS_LISTEN: cp = "SCTP_LISTEN"; break; case SCTPS_COOKIE_WAIT: cp = "SCTP_COOKIE_WAIT"; break; case SCTPS_COOKIE_ECHOED: cp = "SCTP_COOKIE_ECHOED"; break; case SCTPS_ESTABLISHED: cp = "SCTP_ESTABLISHED"; break; case SCTPS_SHUTDOWN_PENDING: cp = "SCTP_SHUTDOWN_PENDING"; break; case SCTPS_SHUTDOWN_SENT: cp = "SCTPS_SHUTDOWN_SENT"; break; case SCTPS_SHUTDOWN_RECEIVED: cp = "SCTPS_SHUTDOWN_RECEIVED"; break; case SCTPS_SHUTDOWN_ACK_SENT: cp = "SCTPS_SHUTDOWN_ACK_SENT"; break; default: (void) mi_sprintf(buf1, "SCTPUnkState(%d)", sctp->sctp_state); cp = buf1; break; } (void) mi_sprintf(buf, "[%u, %u] %s", ntohs(sctp->sctp_lport), ntohs(sctp->sctp_fport), cp); return (buf); } /* * Initialize protocol control block. If a parent exists, inherit * all values set through setsockopt(). */ static int sctp_init_values(sctp_t *sctp, sctp_t *psctp, int sleep) { int err; int cnt; conn_t *connp, *pconnp; ASSERT((sctp->sctp_family == AF_INET && sctp->sctp_ipversion == IPV4_VERSION) || (sctp->sctp_family == AF_INET6 && (sctp->sctp_ipversion == IPV4_VERSION || sctp->sctp_ipversion == IPV6_VERSION))); sctp->sctp_nsaddrs = 0; for (cnt = 0; cnt < SCTP_IPIF_HASH; cnt++) { sctp->sctp_saddrs[cnt].ipif_count = 0; list_create(&sctp->sctp_saddrs[cnt].sctp_ipif_list, sizeof (sctp_saddr_ipif_t), offsetof(sctp_saddr_ipif_t, saddr_ipif)); } sctp->sctp_ports = 0; sctp->sctp_running = B_FALSE; sctp->sctp_state = SCTPS_IDLE; sctp->sctp_refcnt = 1; sctp->sctp_strikes = 0; sctp->sctp_last_mtu_probe = lbolt64; sctp->sctp_mtu_probe_intvl = sctp_mtu_probe_interval; sctp->sctp_sack_gaps = 0; sctp->sctp_sack_toggle = 2; if (psctp != NULL) { /* * Inherit from parent */ sctp->sctp_iphc = kmem_zalloc(psctp->sctp_iphc_len, KM_NOSLEEP); if (sctp->sctp_iphc == NULL) return (ENOMEM); sctp->sctp_iphc_len = psctp->sctp_iphc_len; sctp->sctp_hdr_len = psctp->sctp_hdr_len; sctp->sctp_iphc6 = kmem_zalloc(psctp->sctp_iphc6_len, KM_NOSLEEP); if (sctp->sctp_iphc6 == NULL) { sctp->sctp_iphc6_len = 0; return (ENOMEM); } sctp->sctp_iphc6_len = psctp->sctp_iphc6_len; sctp->sctp_hdr6_len = psctp->sctp_hdr6_len; sctp->sctp_ip_hdr_len = psctp->sctp_ip_hdr_len; sctp->sctp_ip_hdr6_len = psctp->sctp_ip_hdr6_len; /* * Copy the IP+SCTP header templates from listener */ bcopy(psctp->sctp_iphc, sctp->sctp_iphc, psctp->sctp_hdr_len); sctp->sctp_ipha = (ipha_t *)sctp->sctp_iphc; sctp->sctp_sctph = (sctp_hdr_t *)(sctp->sctp_iphc + sctp->sctp_ip_hdr_len); bcopy(psctp->sctp_iphc6, sctp->sctp_iphc6, psctp->sctp_hdr6_len); if (((ip6i_t *)(sctp->sctp_iphc6))->ip6i_nxt == IPPROTO_RAW) { sctp->sctp_ip6h = (ip6_t *)(sctp->sctp_iphc6 + sizeof (ip6i_t)); } else { sctp->sctp_ip6h = (ip6_t *)sctp->sctp_iphc6; } sctp->sctp_sctph6 = (sctp_hdr_t *)(sctp->sctp_iphc6 + sctp->sctp_ip_hdr6_len); sctp->sctp_cookie_lifetime = psctp->sctp_cookie_lifetime; sctp->sctp_xmit_lowater = psctp->sctp_xmit_lowater; sctp->sctp_xmit_hiwater = psctp->sctp_xmit_hiwater; sctp->sctp_cwnd_max = psctp->sctp_cwnd_max; sctp->sctp_rwnd = psctp->sctp_rwnd; sctp->sctp_irwnd = psctp->sctp_rwnd; sctp->sctp_rto_max = psctp->sctp_rto_max; sctp->sctp_init_rto_max = psctp->sctp_init_rto_max; sctp->sctp_rto_min = psctp->sctp_rto_min; sctp->sctp_rto_initial = psctp->sctp_rto_initial; sctp->sctp_pa_max_rxt = psctp->sctp_pa_max_rxt; sctp->sctp_pp_max_rxt = psctp->sctp_pp_max_rxt; sctp->sctp_max_init_rxt = psctp->sctp_max_init_rxt; sctp->sctp_def_stream = psctp->sctp_def_stream; sctp->sctp_def_flags = psctp->sctp_def_flags; sctp->sctp_def_ppid = psctp->sctp_def_ppid; sctp->sctp_def_context = psctp->sctp_def_context; sctp->sctp_def_timetolive = psctp->sctp_def_timetolive; sctp->sctp_num_istr = psctp->sctp_num_istr; sctp->sctp_num_ostr = psctp->sctp_num_ostr; sctp->sctp_hb_interval = psctp->sctp_hb_interval; sctp->sctp_autoclose = psctp->sctp_autoclose; sctp->sctp_tx_adaption_code = psctp->sctp_tx_adaption_code; /* xxx should be a better way to copy these flags xxx */ sctp->sctp_debug = psctp->sctp_debug; sctp->sctp_bound_to_all = psctp->sctp_bound_to_all; sctp->sctp_cansleep = psctp->sctp_cansleep; sctp->sctp_send_adaption = psctp->sctp_send_adaption; sctp->sctp_ndelay = psctp->sctp_ndelay; sctp->sctp_events = psctp->sctp_events; sctp->sctp_ipv6_recvancillary = psctp->sctp_ipv6_recvancillary; /* Copy IP-layer options */ connp = sctp->sctp_connp; pconnp = psctp->sctp_connp; connp->conn_broadcast = pconnp->conn_broadcast; connp->conn_loopback = pconnp->conn_loopback; connp->conn_dontroute = pconnp->conn_dontroute; connp->conn_reuseaddr = pconnp->conn_reuseaddr; } else { /* * Initialize the header template */ if ((err = sctp_header_init_ipv4(sctp, sleep)) != 0) { return (err); } if ((err = sctp_header_init_ipv6(sctp, sleep)) != 0) { return (err); } /* * Set to system defaults */ sctp->sctp_cookie_lifetime = MSEC_TO_TICK(sctp_cookie_life); sctp->sctp_xmit_lowater = sctp_xmit_lowat; sctp->sctp_xmit_hiwater = sctp_xmit_hiwat; sctp->sctp_cwnd_max = sctp_cwnd_max_; sctp->sctp_rwnd = sctp_recv_hiwat; sctp->sctp_irwnd = sctp->sctp_rwnd; sctp->sctp_rto_max = MSEC_TO_TICK(sctp_rto_maxg); sctp->sctp_init_rto_max = sctp->sctp_rto_max; sctp->sctp_rto_min = MSEC_TO_TICK(sctp_rto_ming); sctp->sctp_rto_initial = MSEC_TO_TICK(sctp_rto_initialg); sctp->sctp_pa_max_rxt = sctp_pa_max_retr; sctp->sctp_pp_max_rxt = sctp_pp_max_retr; sctp->sctp_max_init_rxt = sctp_max_init_retr; sctp->sctp_num_istr = sctp_max_in_streams; sctp->sctp_num_ostr = sctp_initial_out_streams; sctp->sctp_hb_interval = MSEC_TO_TICK(sctp_heartbeat_interval); } sctp->sctp_understands_asconf = B_TRUE; sctp->sctp_understands_addip = B_TRUE; sctp->sctp_prsctp_aware = B_FALSE; sctp->sctp_connp->conn_ref = 1; sctp->sctp_connp->conn_fully_bound = B_FALSE; sctp->sctp_prsctpdrop = 0; sctp->sctp_msgcount = 0; return (0); } /* * Extracts the init tag from an INIT chunk and checks if it matches * the sctp's verification tag. Returns 0 if it doesn't match, 1 if * it does. */ static boolean_t sctp_icmp_verf(sctp_t *sctp, sctp_hdr_t *sh, mblk_t *mp) { sctp_chunk_hdr_t *sch; uint32_t verf, *vp; sch = (sctp_chunk_hdr_t *)(sh + 1); vp = (uint32_t *)(sch + 1); /* Need at least the data chunk hdr and the first 4 bytes of INIT */ if ((unsigned char *)(vp + 1) > mp->b_wptr) { return (B_FALSE); } bcopy(vp, &verf, sizeof (verf)); if (verf == sctp->sctp_lvtag) { return (B_TRUE); } return (B_FALSE); } /* * sctp_icmp_error is called by sctp_input() to process ICMP error messages * passed up by IP. The queue is the default queue. We need to find a sctp_t * that corresponds to the returned datagram. Passes the message back in on * the correct queue once it has located the connection. * Assumes that IP has pulled up everything up to and including * the ICMP header. */ void sctp_icmp_error(sctp_t *sctp, mblk_t *mp) { icmph_t *icmph; ipha_t *ipha; int iph_hdr_length; sctp_hdr_t *sctph; mblk_t *first_mp; uint32_t new_mtu; in6_addr_t dst; sctp_faddr_t *fp; dprint(1, ("sctp_icmp_error: sctp=%p, mp=%p\n", (void *)sctp, (void *)mp)); first_mp = mp; ipha = (ipha_t *)mp->b_rptr; if (IPH_HDR_VERSION(ipha) != IPV4_VERSION) { ASSERT(IPH_HDR_VERSION(ipha) == IPV6_VERSION); sctp_icmp_error_ipv6(sctp, first_mp); return; } iph_hdr_length = IPH_HDR_LENGTH(ipha); icmph = (icmph_t *)&mp->b_rptr[iph_hdr_length]; ipha = (ipha_t *)&icmph[1]; iph_hdr_length = IPH_HDR_LENGTH(ipha); sctph = (sctp_hdr_t *)((char *)ipha + iph_hdr_length); if ((uchar_t *)(sctph + 1) >= mp->b_wptr) { /* not enough data for SCTP header */ freemsg(first_mp); return; } switch (icmph->icmph_type) { case ICMP_DEST_UNREACHABLE: switch (icmph->icmph_code) { case ICMP_FRAGMENTATION_NEEDED: /* * Reduce the MSS based on the new MTU. This will * eliminate any fragmentation locally. * N.B. There may well be some funny side-effects on * the local send policy and the remote receive policy. * Pending further research, we provide * sctp_ignore_path_mtu just in case this proves * disastrous somewhere. * * After updating the MSS, retransmit part of the * dropped segment using the new mss by calling * sctp_wput_slow(). Need to adjust all those * params to make sure sctp_wput_slow() work properly. */ if (sctp_ignore_path_mtu) break; /* find the offending faddr */ IN6_IPADDR_TO_V4MAPPED(ipha->ipha_dst, &dst); fp = sctp_lookup_faddr(sctp, &dst); if (fp == NULL) { break; } new_mtu = ntohs(icmph->icmph_du_mtu); if (new_mtu - sctp->sctp_hdr_len >= fp->sfa_pmss) break; /* * Make sure that sfa_pmss is a multiple of * SCTP_ALIGN. */ fp->sfa_pmss = (new_mtu - sctp->sctp_hdr_len) & ~(SCTP_ALIGN - 1); fp->pmtu_discovered = 1; break; case ICMP_PORT_UNREACHABLE: case ICMP_PROTOCOL_UNREACHABLE: switch (sctp->sctp_state) { case SCTPS_COOKIE_WAIT: case SCTPS_COOKIE_ECHOED: /* make sure the verification tag matches */ if (!sctp_icmp_verf(sctp, sctph, mp)) { break; } BUMP_MIB(&sctp_mib, sctpAborted); sctp_assoc_event(sctp, SCTP_CANT_STR_ASSOC, 0, NULL); sctp_clean_death(sctp, ECONNREFUSED); break; } break; case ICMP_HOST_UNREACHABLE: case ICMP_NET_UNREACHABLE: /* Record the error in case we finally time out. */ sctp->sctp_client_errno = (icmph->icmph_code == ICMP_HOST_UNREACHABLE) ? EHOSTUNREACH : ENETUNREACH; break; default: break; } break; case ICMP_SOURCE_QUENCH: { /* Reduce the sending rate as if we got a retransmit timeout */ break; } } freemsg(first_mp); } /* * sctp_icmp_error_ipv6() is called by sctp_icmp_error() to process ICMPv6 * error messages passed up by IP. * Assumes that IP has pulled up all the extension headers as well * as the ICMPv6 header. */ static void sctp_icmp_error_ipv6(sctp_t *sctp, mblk_t *mp) { icmp6_t *icmp6; ip6_t *ip6h; uint16_t iph_hdr_length; sctp_hdr_t *sctpha; uint8_t *nexthdrp; uint32_t new_mtu; sctp_faddr_t *fp; ip6h = (ip6_t *)mp->b_rptr; iph_hdr_length = (ip6h->ip6_nxt != IPPROTO_SCTP) ? ip_hdr_length_v6(mp, ip6h) : IPV6_HDR_LEN; icmp6 = (icmp6_t *)&mp->b_rptr[iph_hdr_length]; ip6h = (ip6_t *)&icmp6[1]; if (!ip_hdr_length_nexthdr_v6(mp, ip6h, &iph_hdr_length, &nexthdrp)) { freemsg(mp); return; } ASSERT(*nexthdrp == IPPROTO_SCTP); /* XXX need ifindex to find connection */ sctpha = (sctp_hdr_t *)((char *)ip6h + iph_hdr_length); if ((uchar_t *)sctpha >= mp->b_wptr) { /* not enough data for SCTP header */ freemsg(mp); return; } switch (icmp6->icmp6_type) { case ICMP6_PACKET_TOO_BIG: /* * Reduce the MSS based on the new MTU. This will * eliminate any fragmentation locally. * N.B. There may well be some funny side-effects on * the local send policy and the remote receive policy. * Pending further research, we provide * sctp_ignore_path_mtu just in case this proves * disastrous somewhere. * * After updating the MSS, retransmit part of the * dropped segment using the new mss by calling * sctp_wput_slow(). Need to adjust all those * params to make sure sctp_wput_slow() work properly. */ if (sctp_ignore_path_mtu) break; /* find the offending faddr */ fp = sctp_lookup_faddr(sctp, &ip6h->ip6_dst); if (fp == NULL) { break; } new_mtu = ntohs(icmp6->icmp6_mtu); if (new_mtu - sctp->sctp_hdr6_len >= fp->sfa_pmss) break; /* Make sure that sfa_pmss is a multiple of SCTP_ALIGN. */ fp->sfa_pmss = (new_mtu - sctp->sctp_hdr6_len) & ~(SCTP_ALIGN - 1); fp->pmtu_discovered = 1; break; case ICMP6_DST_UNREACH: switch (icmp6->icmp6_code) { case ICMP6_DST_UNREACH_NOPORT: /* make sure the verification tag matches */ if (!sctp_icmp_verf(sctp, sctpha, mp)) { break; } if (sctp->sctp_state == SCTPS_COOKIE_WAIT || sctp->sctp_state == SCTPS_COOKIE_ECHOED) { BUMP_MIB(&sctp_mib, sctpAborted); sctp_assoc_event(sctp, SCTP_CANT_STR_ASSOC, 0, NULL); sctp_clean_death(sctp, ECONNREFUSED); } break; case ICMP6_DST_UNREACH_ADMIN: case ICMP6_DST_UNREACH_NOROUTE: case ICMP6_DST_UNREACH_NOTNEIGHBOR: case ICMP6_DST_UNREACH_ADDR: /* Record the error in case we finally time out. */ sctp->sctp_client_errno = EHOSTUNREACH; break; default: break; } break; case ICMP6_PARAM_PROB: /* If this corresponds to an ICMP_PROTOCOL_UNREACHABLE */ if (icmp6->icmp6_code == ICMP6_PARAMPROB_NEXTHEADER && (uchar_t *)ip6h + icmp6->icmp6_pptr == (uchar_t *)nexthdrp) { /* make sure the verification tag matches */ if (!sctp_icmp_verf(sctp, sctpha, mp)) { break; } if (sctp->sctp_state == SCTPS_COOKIE_WAIT) { BUMP_MIB(&sctp_mib, sctpAborted); sctp_assoc_event(sctp, SCTP_CANT_STR_ASSOC, 0, NULL); sctp_clean_death(sctp, ECONNREFUSED); } break; } break; case ICMP6_TIME_EXCEEDED: default: break; } freemsg(mp); } /* * Called by sockfs to create a new sctp instance. * * If parent pointer is passed in, inherit settings from it. */ sctp_t * sctp_create(void *sctp_ulpd, sctp_t *parent, int family, int flags, const sctp_upcalls_t *sctp_upcalls, sctp_sockbuf_limits_t *sbl, cred_t *credp) { sctp_t *sctp, *psctp; conn_t *sctp_connp; mblk_t *ack_mp, *hb_mp; int sleep = flags & SCTP_CAN_BLOCK ? KM_SLEEP : KM_NOSLEEP; /* User must supply a credential. */ if (credp == NULL) return (NULL); if ((sctp_connp = ipcl_conn_create(IPCL_SCTPCONN, sleep)) == NULL) { SCTP_KSTAT(sctp_conn_create); return (NULL); } sctp_connp->conn_ulp_labeled = is_system_labeled(); psctp = (sctp_t *)parent; sctp = CONN2SCTP(sctp_connp); if ((ack_mp = sctp_timer_alloc(sctp, sctp_ack_timer)) == NULL || (hb_mp = sctp_timer_alloc(sctp, sctp_heartbeat_timer)) == NULL) { if (ack_mp != NULL) freeb(ack_mp); kmem_cache_free(sctp_conn_cache, sctp_connp); return (NULL); } sctp->sctp_ack_mp = ack_mp; sctp->sctp_heartbeat_mp = hb_mp; switch (family) { case AF_INET6: sctp_connp->conn_af_isv6 = B_TRUE; sctp->sctp_ipversion = IPV6_VERSION; sctp->sctp_family = AF_INET6; break; case AF_INET: sctp_connp->conn_af_isv6 = B_FALSE; sctp_connp->conn_pkt_isv6 = B_FALSE; sctp->sctp_ipversion = IPV4_VERSION; sctp->sctp_family = AF_INET; break; default: ASSERT(0); break; } if (sctp_init_values(sctp, psctp, sleep) != 0) { freeb(ack_mp); freeb(hb_mp); kmem_cache_free(sctp_conn_cache, sctp_connp); return (NULL); } sctp->sctp_cansleep = ((flags & SCTP_CAN_BLOCK) == SCTP_CAN_BLOCK); sctp->sctp_mss = sctp_initial_mtu - ((family == AF_INET6) ? sctp->sctp_hdr6_len : sctp->sctp_hdr_len); if (psctp != NULL) { RUN_SCTP(psctp); /* * Inherit local address list, local port. Parent is either * in SCTPS_BOUND, or SCTPS_LISTEN state. */ ASSERT((psctp->sctp_state == SCTPS_BOUND) || (psctp->sctp_state == SCTPS_LISTEN)); if (sctp_dup_saddrs(psctp, sctp, sleep)) { WAKE_SCTP(psctp); freeb(ack_mp); freeb(hb_mp); sctp_headers_free(sctp); kmem_cache_free(sctp_conn_cache, sctp_connp); return (NULL); } /* * If the parent is specified, it'll be immediatelly * followed by sctp_connect(). So don't add this guy to * bind hash. */ sctp->sctp_lport = psctp->sctp_lport; sctp->sctp_state = SCTPS_BOUND; sctp->sctp_allzones = psctp->sctp_allzones; sctp->sctp_zoneid = psctp->sctp_zoneid; WAKE_SCTP(psctp); } else { sctp->sctp_zoneid = getzoneid(); } sctp_connp->conn_cred = credp; crhold(credp); /* * If the caller has the process-wide flag set, then default to MAC * exempt mode. This allows read-down to unlabeled hosts. */ if (getpflags(NET_MAC_AWARE, credp) != 0) sctp_connp->conn_mac_exempt = B_TRUE; /* Initialize SCTP instance values, our verf tag must never be 0 */ (void) random_get_pseudo_bytes((uint8_t *)&sctp->sctp_lvtag, sizeof (sctp->sctp_lvtag)); if (sctp->sctp_lvtag == 0) sctp->sctp_lvtag = (uint32_t)gethrtime(); ASSERT(sctp->sctp_lvtag != 0); sctp->sctp_ltsn = sctp->sctp_lvtag + 1; sctp->sctp_lcsn = sctp->sctp_ltsn; sctp->sctp_recovery_tsn = sctp->sctp_lastack_rxd = sctp->sctp_ltsn - 1; sctp->sctp_adv_pap = sctp->sctp_lastack_rxd; /* Information required by upper layer */ if (sctp_ulpd != NULL) { sctp->sctp_ulpd = sctp_ulpd; ASSERT(sctp_upcalls != NULL); bcopy(sctp_upcalls, &sctp->sctp_upcalls, sizeof (sctp_upcalls_t)); ASSERT(sbl != NULL); /* Fill in the socket buffer limits for sctpsockfs */ sbl->sbl_txlowat = sctp->sctp_xmit_lowater; sbl->sbl_txbuf = sctp->sctp_xmit_hiwater; sbl->sbl_rxbuf = sctp->sctp_rwnd; sbl->sbl_rxlowat = SCTP_RECV_LOWATER; } /* If no sctp_ulpd, must be creating the default sctp */ ASSERT(sctp_ulpd != NULL || gsctp == NULL); /* Insert this in the global list. */ SCTP_LINK(sctp); return (sctp); } void sctp_ddi_init(void) { /* Initialize locks */ mutex_init(&sctp_g_lock, NULL, MUTEX_DEFAULT, NULL); mutex_init(&sctp_epriv_port_lock, NULL, MUTEX_DEFAULT, NULL); /* Initialize SCTP hash arrays. */ sctp_hash_init(); sctp_pad_mp = allocb(SCTP_ALIGN, BPRI_MED); bzero(sctp_pad_mp->b_rptr, SCTP_ALIGN); ASSERT(sctp_pad_mp); if (!sctp_nd_init()) { sctp_nd_free(); } /* Create sctp_t/conn_t cache */ sctp_conn_cache_init(); /* Create the faddr cache */ sctp_faddr_init(); /* Create the sets cache */ sctp_sets_init(); /* Create the PR-SCTP sets cache */ sctp_ftsn_sets_init(); /* Initialize the recvq taskq. */ sctp_rq_tq_init(); /* saddr init */ sctp_saddr_init(); /* Global SCTP PCB list. */ list_create(&sctp_g_list, sizeof (sctp_t), offsetof(sctp_t, sctp_list)); /* Initialize tables used for CRC calculation */ sctp_crc32_init(); /* Initialize sctp kernel stats. */ sctp_kstat_init(); } void sctp_ddi_destroy(void) { sctp_nd_free(); /* Destroy sctp_t/conn_t caches */ sctp_conn_cache_fini(); /* Destroy the faddr cache */ sctp_faddr_fini(); /* Destroy the sets cache */ sctp_sets_fini(); /* Destroy the PR-SCTP sets cache */ sctp_ftsn_sets_fini(); /* Destroy the recvq taskqs. */ sctp_rq_tq_fini(); /* Destroy saddr */ sctp_saddr_fini(); /* Global SCTP PCB list. */ list_destroy(&sctp_g_list); /* Destroy SCTP hash arrays. */ sctp_hash_destroy(); /* Destroy SCTP kenrel stats. */ sctp_kstat_fini(); mutex_destroy(&sctp_g_lock); mutex_destroy(&sctp_epriv_port_lock); } void sctp_display_all() { sctp_t *sctp_walker; mutex_enter(&sctp_g_lock); for (sctp_walker = gsctp; sctp_walker != NULL; sctp_walker = (sctp_t *)list_next(&sctp_g_list, sctp_walker)) { (void) sctp_display(sctp_walker, NULL); } mutex_exit(&sctp_g_lock); } static void sctp_rq_tq_init(void) { /* * Initialize the recvq_tq_list and create the first recvq taskq. * What to do if it fails? */ recvq_tq_list = kmem_zalloc(sctp_recvq_tq_list_max_sz * sizeof (taskq_t *), KM_SLEEP); recvq_tq_list[0] = taskq_create("sctp_def_recvq_taskq", MIN(sctp_recvq_tq_thr_max, MAX(sctp_recvq_tq_thr_min, ncpus)), minclsyspri, sctp_recvq_tq_task_min, sctp_recvq_tq_task_max, TASKQ_PREPOPULATE); mutex_init(&sctp_rq_tq_lock, NULL, MUTEX_DEFAULT, NULL); } static void sctp_rq_tq_fini(void) { int i; for (i = 0; i < recvq_tq_list_cur_sz; i++) { ASSERT(recvq_tq_list[i] != NULL); taskq_destroy(recvq_tq_list[i]); } kmem_free(recvq_tq_list, sctp_recvq_tq_list_max_sz * sizeof (taskq_t *)); } /* Add another taskq for a new ill. */ void sctp_inc_taskq(void) { taskq_t *tq; char tq_name[TASKQ_NAMELEN]; mutex_enter(&sctp_rq_tq_lock); if (recvq_tq_list_cur_sz + 1 > sctp_recvq_tq_list_max_sz) { mutex_exit(&sctp_rq_tq_lock); cmn_err(CE_NOTE, "Cannot create more SCTP recvq taskq"); return; } (void) snprintf(tq_name, sizeof (tq_name), "sctp_recvq_taskq_%u", recvq_tq_list_cur_sz); tq = taskq_create(tq_name, MIN(sctp_recvq_tq_thr_max, MAX(sctp_recvq_tq_thr_min, ncpus)), minclsyspri, sctp_recvq_tq_task_min, sctp_recvq_tq_task_max, TASKQ_PREPOPULATE); if (tq == NULL) { mutex_exit(&sctp_rq_tq_lock); cmn_err(CE_NOTE, "SCTP recvq taskq creation failed"); return; } ASSERT(recvq_tq_list[recvq_tq_list_cur_sz] == NULL); recvq_tq_list[recvq_tq_list_cur_sz] = tq; atomic_add_32(&recvq_tq_list_cur_sz, 1); mutex_exit(&sctp_rq_tq_lock); } #ifdef DEBUG uint32_t sendq_loop_cnt = 0; uint32_t sendq_collision = 0; uint32_t sendq_empty = 0; #endif void sctp_add_sendq(sctp_t *sctp, mblk_t *mp) { mutex_enter(&sctp->sctp_sendq_lock); if (sctp->sctp_sendq == NULL) { sctp->sctp_sendq = mp; sctp->sctp_sendq_tail = mp; } else { sctp->sctp_sendq_tail->b_next = mp; sctp->sctp_sendq_tail = mp; } mutex_exit(&sctp->sctp_sendq_lock); } void sctp_process_sendq(sctp_t *sctp) { mblk_t *mp; #ifdef DEBUG uint32_t loop_cnt = 0; #endif mutex_enter(&sctp->sctp_sendq_lock); if (sctp->sctp_sendq == NULL || sctp->sctp_sendq_sending) { #ifdef DEBUG if (sctp->sctp_sendq == NULL) sendq_empty++; else sendq_collision++; #endif mutex_exit(&sctp->sctp_sendq_lock); return; } sctp->sctp_sendq_sending = B_TRUE; /* * Note that while we are in this loop, other thread can put * new packets in the receive queue. We may be looping for * quite a while. This is OK even for an interrupt thread. * The reason is that SCTP should only able to send a limited * number of packets out in a burst. So the number of times * we go through this loop should not be many. */ while ((mp = sctp->sctp_sendq) != NULL) { sctp->sctp_sendq = mp->b_next; ASSERT(sctp->sctp_connp->conn_ref > 0); mutex_exit(&sctp->sctp_sendq_lock); mp->b_next = NULL; CONN_INC_REF(sctp->sctp_connp); mp->b_flag |= MSGHASREF; /* If we don't have sctp_current, default to IPv4 */ IP_PUT(mp, sctp->sctp_connp, sctp->sctp_current == NULL ? B_TRUE : sctp->sctp_current->isv4); BUMP_LOCAL(sctp->sctp_opkts); #ifdef DEBUG loop_cnt++; #endif mutex_enter(&sctp->sctp_sendq_lock); } sctp->sctp_sendq_tail = NULL; sctp->sctp_sendq_sending = B_FALSE; #ifdef DEBUG if (loop_cnt > sendq_loop_cnt) sendq_loop_cnt = loop_cnt; #endif mutex_exit(&sctp->sctp_sendq_lock); } #ifdef DEBUG uint32_t recvq_loop_cnt = 0; uint32_t recvq_call = 0; #endif /* * Find the next recvq_tq to use. This routine will go thru all the * taskqs until it can dispatch a job for the sctp. If this fails, * it will create a new taskq and try it. */ static boolean_t sctp_find_next_tq(sctp_t *sctp) { int next_tq, try; taskq_t *tq; /* * Note that since we don't hold a lock on sctp_rq_tq_lock for * performance reason, recvq_ta_list_cur_sz can be changed during * this loop. The problem this will create is that the loop may * not have tried all the recvq_tq. This should be OK. */ next_tq = atomic_add_32_nv(&recvq_tq_list_cur, 1) % recvq_tq_list_cur_sz; for (try = 0; try < recvq_tq_list_cur_sz; try++, next_tq = (next_tq + 1) % recvq_tq_list_cur_sz) { tq = recvq_tq_list[next_tq]; if (taskq_dispatch(tq, sctp_process_recvq, sctp, TQ_NOSLEEP) != NULL) { sctp->sctp_recvq_tq = tq; return (B_TRUE); } } /* * Create one more taskq and try it. Note that sctp_inc_taskq() * may not have created another taskq if the number of recvq * taskqs is at the maximum. We are probably in a pretty bad * shape if this actually happens... */ sctp_inc_taskq(); tq = recvq_tq_list[recvq_tq_list_cur_sz - 1]; if (taskq_dispatch(tq, sctp_process_recvq, sctp, TQ_NOSLEEP) != NULL) { sctp->sctp_recvq_tq = tq; return (B_TRUE); } SCTP_KSTAT(sctp_find_next_tq); return (B_FALSE); } /* * To add a message to the recvq. Note that the sctp_timer_fire() * routine also uses this function to add the timer message to the * receive queue for later processing. And it should be the only * caller of sctp_add_recvq() which sets the try_harder argument * to B_TRUE. * * If the try_harder argument is B_TRUE, this routine sctp_find_next_tq() * will try very hard to dispatch the task. Refer to the comment * for that routine on how it does that. */ boolean_t sctp_add_recvq(sctp_t *sctp, mblk_t *mp, boolean_t caller_hold_lock) { if (!caller_hold_lock) mutex_enter(&sctp->sctp_recvq_lock); /* If the taskq dispatch has not been scheduled, do it now. */ if (sctp->sctp_recvq_tq == NULL) { ASSERT(sctp->sctp_recvq == NULL); if (!sctp_find_next_tq(sctp)) { if (!caller_hold_lock) mutex_exit(&sctp->sctp_recvq_lock); return (B_FALSE); } /* Make sure the sctp_t will not go away. */ SCTP_REFHOLD(sctp); } if (sctp->sctp_recvq == NULL) { sctp->sctp_recvq = mp; sctp->sctp_recvq_tail = mp; } else { sctp->sctp_recvq_tail->b_next = mp; sctp->sctp_recvq_tail = mp; } if (!caller_hold_lock) mutex_exit(&sctp->sctp_recvq_lock); return (B_TRUE); } static void sctp_process_recvq(void *arg) { sctp_t *sctp = (sctp_t *)arg; mblk_t *mp; mblk_t *ipsec_mp; #ifdef DEBUG uint32_t loop_cnt = 0; #endif #ifdef _BIG_ENDIAN #define IPVER(ip6h) ((((uint32_t *)ip6h)[0] >> 28) & 0x7) #else #define IPVER(ip6h) ((((uint32_t *)ip6h)[0] >> 4) & 0x7) #endif RUN_SCTP(sctp); mutex_enter(&sctp->sctp_recvq_lock); #ifdef DEBUG recvq_call++; #endif /* * Note that while we are in this loop, other thread can put * new packets in the receive queue. We may be looping for * quite a while. */ while ((mp = sctp->sctp_recvq) != NULL) { sctp->sctp_recvq = mp->b_next; mutex_exit(&sctp->sctp_recvq_lock); mp->b_next = NULL; #ifdef DEBUG loop_cnt++; #endif ipsec_mp = mp->b_prev; mp->b_prev = NULL; sctp_input_data(sctp, mp, ipsec_mp); mutex_enter(&sctp->sctp_recvq_lock); } sctp->sctp_recvq_tail = NULL; sctp->sctp_recvq_tq = NULL; mutex_exit(&sctp->sctp_recvq_lock); WAKE_SCTP(sctp); /* We may have sent something when processing the receive queue. */ sctp_process_sendq(sctp); #ifdef DEBUG if (loop_cnt > recvq_loop_cnt) recvq_loop_cnt = loop_cnt; #endif /* Now it can go away. */ SCTP_REFRELE(sctp); } /* ARGSUSED */ static int sctp_conn_cache_constructor(void *buf, void *cdrarg, int kmflags) { conn_t *sctp_connp = (conn_t *)buf; sctp_t *sctp = (sctp_t *)&sctp_connp[1]; bzero(buf, (char *)&sctp[1] - (char *)buf); ASSERT(sctp_g_q != NULL); sctp->sctp_connp = sctp_connp; mutex_init(&sctp->sctp_reflock, NULL, MUTEX_DEFAULT, NULL); mutex_init(&sctp->sctp_lock, NULL, MUTEX_DEFAULT, NULL); mutex_init(&sctp->sctp_recvq_lock, NULL, MUTEX_DEFAULT, NULL); cv_init(&sctp->sctp_cv, NULL, CV_DEFAULT, NULL); mutex_init(&sctp->sctp_sendq_lock, NULL, MUTEX_DEFAULT, NULL); sctp_connp->conn_rq = sctp_connp->conn_wq = NULL; sctp_connp->conn_multicast_loop = IP_DEFAULT_MULTICAST_LOOP; sctp_connp->conn_ulp = IPPROTO_SCTP; mutex_init(&sctp_connp->conn_lock, NULL, MUTEX_DEFAULT, NULL); cv_init(&sctp_connp->conn_cv, NULL, CV_DEFAULT, NULL); return (0); } /* ARGSUSED */ static void sctp_conn_cache_destructor(void *buf, void *cdrarg) { conn_t *sctp_connp = (conn_t *)buf; sctp_t *sctp = (sctp_t *)&sctp_connp[1]; ASSERT(!MUTEX_HELD(&sctp->sctp_lock)); ASSERT(!MUTEX_HELD(&sctp->sctp_reflock)); ASSERT(!MUTEX_HELD(&sctp->sctp_recvq_lock)); ASSERT(!MUTEX_HELD(&sctp->sctp_sendq_lock)); ASSERT(!MUTEX_HELD(&sctp->sctp_connp->conn_lock)); ASSERT(sctp->sctp_conn_hash_next == NULL); ASSERT(sctp->sctp_conn_hash_prev == NULL); ASSERT(sctp->sctp_listen_hash_next == NULL); ASSERT(sctp->sctp_listen_hash_prev == NULL); ASSERT(sctp->sctp_listen_tfp == NULL); ASSERT(sctp->sctp_conn_tfp == NULL); ASSERT(sctp->sctp_faddrs == NULL); ASSERT(sctp->sctp_nsaddrs == 0); ASSERT(sctp->sctp_ulpd == NULL); ASSERT(sctp->sctp_lastfaddr == NULL); ASSERT(sctp->sctp_primary == NULL); ASSERT(sctp->sctp_current == NULL); ASSERT(sctp->sctp_lastdata == NULL); ASSERT(sctp->sctp_xmit_head == NULL); ASSERT(sctp->sctp_xmit_tail == NULL); ASSERT(sctp->sctp_xmit_unsent == NULL); ASSERT(sctp->sctp_xmit_unsent_tail == NULL); ASSERT(sctp->sctp_ostrcntrs == NULL); ASSERT(sctp->sctp_sack_info == NULL); ASSERT(sctp->sctp_ack_mp == NULL); ASSERT(sctp->sctp_instr == NULL); ASSERT(sctp->sctp_iphc == NULL); ASSERT(sctp->sctp_iphc6 == NULL); ASSERT(sctp->sctp_ipha == NULL); ASSERT(sctp->sctp_ip6h == NULL); ASSERT(sctp->sctp_sctph == NULL); ASSERT(sctp->sctp_sctph6 == NULL); ASSERT(sctp->sctp_cookie_mp == NULL); ASSERT(sctp->sctp_refcnt == 0); ASSERT(sctp->sctp_timer_mp == NULL); ASSERT(sctp->sctp_connp->conn_ref == 0); ASSERT(sctp->sctp_heartbeat_mp == NULL); ASSERT(sctp->sctp_ptpbhn == NULL && sctp->sctp_bind_hash == NULL); ASSERT(sctp->sctp_shutdown_faddr == NULL); ASSERT(sctp->sctp_cxmit_list == NULL); ASSERT(sctp->sctp_recvq == NULL); ASSERT(sctp->sctp_recvq_tail == NULL); ASSERT(sctp->sctp_recvq_tq == NULL); ASSERT(sctp->sctp_sendq == NULL); ASSERT(sctp->sctp_sendq_tail == NULL); ASSERT(sctp->sctp_sendq_sending == B_FALSE); ASSERT(sctp->sctp_ipp_hopopts == NULL); ASSERT(sctp->sctp_ipp_rtdstopts == NULL); ASSERT(sctp->sctp_ipp_rthdr == NULL); ASSERT(sctp->sctp_ipp_dstopts == NULL); ASSERT(sctp->sctp_ipp_pathmtu == NULL); mutex_destroy(&sctp->sctp_reflock); mutex_destroy(&sctp->sctp_lock); mutex_destroy(&sctp->sctp_recvq_lock); cv_destroy(&sctp->sctp_cv); mutex_destroy(&sctp->sctp_sendq_lock); mutex_destroy(&sctp_connp->conn_lock); cv_destroy(&sctp_connp->conn_cv); } static void sctp_conn_cache_init() { sctp_conn_cache = kmem_cache_create("sctp_conn_cache", sizeof (sctp_t) + sizeof (conn_t), 0, sctp_conn_cache_constructor, sctp_conn_cache_destructor, NULL, NULL, NULL, 0); } static void sctp_conn_cache_fini() { kmem_cache_destroy(sctp_conn_cache); }