1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* SCTP kernel implementation
3 * Copyright (c) 1999-2000 Cisco, Inc.
4 * Copyright (c) 1999-2001 Motorola, Inc.
5 * Copyright (c) 2001-2003 International Business Machines Corp.
6 * Copyright (c) 2001 Intel Corp.
7 * Copyright (c) 2001 La Monte H.P. Yarroll
8 *
9 * This file is part of the SCTP kernel implementation
10 *
11 * This module provides the abstraction for an SCTP transport representing
12 * a remote transport address. For local transport addresses, we just use
13 * union sctp_addr.
14 *
15 * Please send any bug reports or fixes you make to the
16 * email address(es):
17 * lksctp developers <linux-sctp@vger.kernel.org>
18 *
19 * Written or modified by:
20 * La Monte H.P. Yarroll <piggy@acm.org>
21 * Karl Knutson <karl@athena.chicago.il.us>
22 * Jon Grimm <jgrimm@us.ibm.com>
23 * Xingang Guo <xingang.guo@intel.com>
24 * Hui Huang <hui.huang@nokia.com>
25 * Sridhar Samudrala <sri@us.ibm.com>
26 * Ardelle Fan <ardelle.fan@intel.com>
27 */
28
29 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
30
31 #include <linux/slab.h>
32 #include <linux/types.h>
33 #include <linux/random.h>
34 #include <net/sctp/sctp.h>
35 #include <net/sctp/sm.h>
36
37 /* 1st Level Abstractions. */
38
39 /* Initialize a new transport from provided memory. */
sctp_transport_init(struct net * net,struct sctp_transport * peer,const union sctp_addr * addr,gfp_t gfp)40 static void sctp_transport_init(struct net *net,
41 struct sctp_transport *peer,
42 const union sctp_addr *addr,
43 gfp_t gfp)
44 {
45 /* Copy in the address. */
46 peer->af_specific = sctp_get_af_specific(addr->sa.sa_family);
47 memcpy(&peer->ipaddr, addr, peer->af_specific->sockaddr_len);
48 memset(&peer->saddr, 0, sizeof(union sctp_addr));
49
50 peer->sack_generation = 0;
51
52 /* From 6.3.1 RTO Calculation:
53 *
54 * C1) Until an RTT measurement has been made for a packet sent to the
55 * given destination transport address, set RTO to the protocol
56 * parameter 'RTO.Initial'.
57 */
58 peer->rto = msecs_to_jiffies(net->sctp.rto_initial);
59
60 peer->last_time_heard = 0;
61 peer->last_time_ecne_reduced = jiffies;
62
63 peer->param_flags = SPP_HB_DISABLE |
64 SPP_PMTUD_ENABLE |
65 SPP_SACKDELAY_ENABLE;
66
67 /* Initialize the default path max_retrans. */
68 peer->pathmaxrxt = net->sctp.max_retrans_path;
69 peer->pf_retrans = net->sctp.pf_retrans;
70
71 INIT_LIST_HEAD(&peer->transmitted);
72 INIT_LIST_HEAD(&peer->send_ready);
73 INIT_LIST_HEAD(&peer->transports);
74
75 timer_setup(&peer->T3_rtx_timer, sctp_generate_t3_rtx_event, 0);
76 timer_setup(&peer->hb_timer, sctp_generate_heartbeat_event, 0);
77 timer_setup(&peer->reconf_timer, sctp_generate_reconf_event, 0);
78 timer_setup(&peer->probe_timer, sctp_generate_probe_event, 0);
79 timer_setup(&peer->proto_unreach_timer,
80 sctp_generate_proto_unreach_event, 0);
81
82 /* Initialize the 64-bit random nonce sent with heartbeat. */
83 get_random_bytes(&peer->hb_nonce, sizeof(peer->hb_nonce));
84
85 refcount_set(&peer->refcnt, 1);
86 }
87
88 /* Allocate and initialize a new transport. */
sctp_transport_new(struct net * net,const union sctp_addr * addr,gfp_t gfp)89 struct sctp_transport *sctp_transport_new(struct net *net,
90 const union sctp_addr *addr,
91 gfp_t gfp)
92 {
93 struct sctp_transport *transport;
94
95 transport = kzalloc(sizeof(*transport), gfp);
96 if (!transport)
97 return NULL;
98
99 sctp_transport_init(net, transport, addr, gfp);
100
101 SCTP_DBG_OBJCNT_INC(transport);
102
103 return transport;
104 }
105
106 /* This transport is no longer needed. Free up if possible, or
107 * delay until it last reference count.
108 */
sctp_transport_free(struct sctp_transport * transport)109 void sctp_transport_free(struct sctp_transport *transport)
110 {
111 transport->dead = 1;
112
113 /* Try to delete the heartbeat timer. */
114 if (timer_delete(&transport->hb_timer))
115 sctp_transport_put(transport);
116
117 /* Delete the T3_rtx timer if it's active.
118 * There is no point in not doing this now and letting
119 * structure hang around in memory since we know
120 * the transport is going away.
121 */
122 if (timer_delete(&transport->T3_rtx_timer))
123 sctp_transport_put(transport);
124
125 if (timer_delete(&transport->reconf_timer))
126 sctp_transport_put(transport);
127
128 if (timer_delete(&transport->probe_timer))
129 sctp_transport_put(transport);
130
131 /* Delete the ICMP proto unreachable timer if it's active. */
132 if (timer_delete(&transport->proto_unreach_timer))
133 sctp_transport_put(transport);
134
135 sctp_transport_put(transport);
136 }
137
sctp_transport_destroy_rcu(struct rcu_head * head)138 static void sctp_transport_destroy_rcu(struct rcu_head *head)
139 {
140 struct sctp_transport *transport;
141
142 transport = container_of(head, struct sctp_transport, rcu);
143
144 dst_release(transport->dst);
145 kfree(transport);
146 SCTP_DBG_OBJCNT_DEC(transport);
147 }
148
149 /* Destroy the transport data structure.
150 * Assumes there are no more users of this structure.
151 */
sctp_transport_destroy(struct sctp_transport * transport)152 static void sctp_transport_destroy(struct sctp_transport *transport)
153 {
154 if (unlikely(refcount_read(&transport->refcnt))) {
155 WARN(1, "Attempt to destroy undead transport %p!\n", transport);
156 return;
157 }
158
159 sctp_packet_free(&transport->packet);
160
161 if (transport->asoc)
162 sctp_association_put(transport->asoc);
163
164 call_rcu(&transport->rcu, sctp_transport_destroy_rcu);
165 }
166
167 /* Start T3_rtx timer if it is not already running and update the heartbeat
168 * timer. This routine is called every time a DATA chunk is sent.
169 */
sctp_transport_reset_t3_rtx(struct sctp_transport * transport)170 void sctp_transport_reset_t3_rtx(struct sctp_transport *transport)
171 {
172 /* RFC 2960 6.3.2 Retransmission Timer Rules
173 *
174 * R1) Every time a DATA chunk is sent to any address(including a
175 * retransmission), if the T3-rtx timer of that address is not running
176 * start it running so that it will expire after the RTO of that
177 * address.
178 */
179
180 if (!timer_pending(&transport->T3_rtx_timer))
181 if (!mod_timer(&transport->T3_rtx_timer,
182 jiffies + transport->rto))
183 sctp_transport_hold(transport);
184 }
185
sctp_transport_reset_hb_timer(struct sctp_transport * transport)186 void sctp_transport_reset_hb_timer(struct sctp_transport *transport)
187 {
188 unsigned long expires;
189
190 /* When a data chunk is sent, reset the heartbeat interval. */
191 expires = jiffies + sctp_transport_timeout(transport);
192 if (!mod_timer(&transport->hb_timer,
193 expires + get_random_u32_below(transport->rto)))
194 sctp_transport_hold(transport);
195 }
196
sctp_transport_reset_reconf_timer(struct sctp_transport * transport)197 void sctp_transport_reset_reconf_timer(struct sctp_transport *transport)
198 {
199 if (!timer_pending(&transport->reconf_timer))
200 if (!mod_timer(&transport->reconf_timer,
201 jiffies + transport->rto))
202 sctp_transport_hold(transport);
203 }
204
sctp_transport_reset_probe_timer(struct sctp_transport * transport)205 void sctp_transport_reset_probe_timer(struct sctp_transport *transport)
206 {
207 if (!mod_timer(&transport->probe_timer,
208 jiffies + transport->probe_interval))
209 sctp_transport_hold(transport);
210 }
211
sctp_transport_reset_raise_timer(struct sctp_transport * transport)212 void sctp_transport_reset_raise_timer(struct sctp_transport *transport)
213 {
214 if (!mod_timer(&transport->probe_timer,
215 jiffies + transport->probe_interval * 30))
216 sctp_transport_hold(transport);
217 }
218
219 /* This transport has been assigned to an association.
220 * Initialize fields from the association or from the sock itself.
221 * Register the reference count in the association.
222 */
sctp_transport_set_owner(struct sctp_transport * transport,struct sctp_association * asoc)223 void sctp_transport_set_owner(struct sctp_transport *transport,
224 struct sctp_association *asoc)
225 {
226 transport->asoc = asoc;
227 sctp_association_hold(asoc);
228 }
229
230 /* Initialize the pmtu of a transport. */
sctp_transport_pmtu(struct sctp_transport * transport,struct sock * sk)231 void sctp_transport_pmtu(struct sctp_transport *transport, struct sock *sk)
232 {
233 /* If we don't have a fresh route, look one up */
234 if (!transport->dst || READ_ONCE(transport->dst->obsolete)) {
235 sctp_transport_dst_release(transport);
236 transport->af_specific->get_dst(transport, &transport->saddr,
237 &transport->fl, sk);
238 }
239
240 if (transport->param_flags & SPP_PMTUD_DISABLE) {
241 struct sctp_association *asoc = transport->asoc;
242
243 if (!transport->pathmtu && asoc && asoc->pathmtu)
244 transport->pathmtu = asoc->pathmtu;
245 if (transport->pathmtu)
246 return;
247 }
248
249 if (transport->dst)
250 transport->pathmtu = sctp_dst_mtu(transport->dst);
251 else
252 transport->pathmtu = SCTP_DEFAULT_MAXSEGMENT;
253
254 sctp_transport_pl_update(transport);
255 }
256
sctp_transport_pl_send(struct sctp_transport * t)257 void sctp_transport_pl_send(struct sctp_transport *t)
258 {
259 if (t->pl.probe_count < SCTP_MAX_PROBES)
260 goto out;
261
262 t->pl.probe_count = 0;
263 if (t->pl.state == SCTP_PL_BASE) {
264 if (t->pl.probe_size == SCTP_BASE_PLPMTU) { /* BASE_PLPMTU Confirmation Failed */
265 t->pl.state = SCTP_PL_ERROR; /* Base -> Error */
266
267 t->pl.pmtu = SCTP_BASE_PLPMTU;
268 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
269 sctp_assoc_sync_pmtu(t->asoc);
270 }
271 } else if (t->pl.state == SCTP_PL_SEARCH) {
272 if (t->pl.pmtu == t->pl.probe_size) { /* Black Hole Detected */
273 t->pl.state = SCTP_PL_BASE; /* Search -> Base */
274 t->pl.probe_size = SCTP_BASE_PLPMTU;
275 t->pl.probe_high = 0;
276
277 t->pl.pmtu = SCTP_BASE_PLPMTU;
278 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
279 sctp_assoc_sync_pmtu(t->asoc);
280 } else { /* Normal probe failure. */
281 t->pl.probe_high = t->pl.probe_size;
282 t->pl.probe_size = t->pl.pmtu;
283 }
284 } else if (t->pl.state == SCTP_PL_COMPLETE) {
285 if (t->pl.pmtu == t->pl.probe_size) { /* Black Hole Detected */
286 t->pl.state = SCTP_PL_BASE; /* Search Complete -> Base */
287 t->pl.probe_size = SCTP_BASE_PLPMTU;
288
289 t->pl.pmtu = SCTP_BASE_PLPMTU;
290 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
291 sctp_assoc_sync_pmtu(t->asoc);
292 }
293 }
294
295 out:
296 pr_debug("%s: PLPMTUD: transport: %p, state: %d, pmtu: %d, size: %d, high: %d\n",
297 __func__, t, t->pl.state, t->pl.pmtu, t->pl.probe_size, t->pl.probe_high);
298 t->pl.probe_count++;
299 }
300
sctp_transport_pl_recv(struct sctp_transport * t)301 bool sctp_transport_pl_recv(struct sctp_transport *t)
302 {
303 pr_debug("%s: PLPMTUD: transport: %p, state: %d, pmtu: %d, size: %d, high: %d\n",
304 __func__, t, t->pl.state, t->pl.pmtu, t->pl.probe_size, t->pl.probe_high);
305
306 t->pl.pmtu = t->pl.probe_size;
307 t->pl.probe_count = 0;
308 if (t->pl.state == SCTP_PL_BASE) {
309 t->pl.state = SCTP_PL_SEARCH; /* Base -> Search */
310 t->pl.probe_size += SCTP_PL_BIG_STEP;
311 } else if (t->pl.state == SCTP_PL_ERROR) {
312 t->pl.state = SCTP_PL_SEARCH; /* Error -> Search */
313
314 t->pl.pmtu = t->pl.probe_size;
315 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
316 sctp_assoc_sync_pmtu(t->asoc);
317 t->pl.probe_size += SCTP_PL_BIG_STEP;
318 } else if (t->pl.state == SCTP_PL_SEARCH) {
319 if (!t->pl.probe_high) {
320 if (t->pl.probe_size < SCTP_MAX_PLPMTU) {
321 t->pl.probe_size = min(t->pl.probe_size + SCTP_PL_BIG_STEP,
322 SCTP_MAX_PLPMTU);
323 return false;
324 }
325 t->pl.probe_high = SCTP_MAX_PLPMTU;
326 }
327 t->pl.probe_size += SCTP_PL_MIN_STEP;
328 if (t->pl.probe_size >= t->pl.probe_high) {
329 t->pl.probe_high = 0;
330 t->pl.state = SCTP_PL_COMPLETE; /* Search -> Search Complete */
331
332 t->pl.probe_size = t->pl.pmtu;
333 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
334 sctp_assoc_sync_pmtu(t->asoc);
335 sctp_transport_reset_raise_timer(t);
336 }
337 } else if (t->pl.state == SCTP_PL_COMPLETE) {
338 /* Raise probe_size again after 30 * interval in Search Complete */
339 t->pl.state = SCTP_PL_SEARCH; /* Search Complete -> Search */
340 t->pl.probe_size = min(t->pl.probe_size + SCTP_PL_MIN_STEP, SCTP_MAX_PLPMTU);
341 }
342
343 return t->pl.state == SCTP_PL_COMPLETE;
344 }
345
sctp_transport_pl_toobig(struct sctp_transport * t,u32 pmtu)346 static bool sctp_transport_pl_toobig(struct sctp_transport *t, u32 pmtu)
347 {
348 pr_debug("%s: PLPMTUD: transport: %p, state: %d, pmtu: %d, size: %d, ptb: %d\n",
349 __func__, t, t->pl.state, t->pl.pmtu, t->pl.probe_size, pmtu);
350
351 if (pmtu < SCTP_MIN_PLPMTU || pmtu >= t->pl.probe_size)
352 return false;
353
354 if (t->pl.state == SCTP_PL_BASE) {
355 if (pmtu >= SCTP_MIN_PLPMTU && pmtu < SCTP_BASE_PLPMTU) {
356 t->pl.state = SCTP_PL_ERROR; /* Base -> Error */
357
358 t->pl.pmtu = SCTP_BASE_PLPMTU;
359 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
360 return true;
361 }
362 } else if (t->pl.state == SCTP_PL_SEARCH) {
363 if (pmtu >= SCTP_BASE_PLPMTU && pmtu < t->pl.pmtu) {
364 t->pl.state = SCTP_PL_BASE; /* Search -> Base */
365 t->pl.probe_size = SCTP_BASE_PLPMTU;
366 t->pl.probe_count = 0;
367
368 t->pl.probe_high = 0;
369 t->pl.pmtu = SCTP_BASE_PLPMTU;
370 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
371 return true;
372 } else if (pmtu > t->pl.pmtu && pmtu < t->pl.probe_size) {
373 t->pl.probe_size = pmtu;
374 t->pl.probe_count = 0;
375 }
376 } else if (t->pl.state == SCTP_PL_COMPLETE) {
377 if (pmtu >= SCTP_BASE_PLPMTU && pmtu < t->pl.pmtu) {
378 t->pl.state = SCTP_PL_BASE; /* Complete -> Base */
379 t->pl.probe_size = SCTP_BASE_PLPMTU;
380 t->pl.probe_count = 0;
381
382 t->pl.probe_high = 0;
383 t->pl.pmtu = SCTP_BASE_PLPMTU;
384 t->pathmtu = t->pl.pmtu + sctp_transport_pl_hlen(t);
385 sctp_transport_reset_probe_timer(t);
386 return true;
387 }
388 }
389
390 return false;
391 }
392
sctp_transport_update_pmtu(struct sctp_transport * t,u32 pmtu)393 bool sctp_transport_update_pmtu(struct sctp_transport *t, u32 pmtu)
394 {
395 struct sock *sk = t->asoc->base.sk;
396 struct dst_entry *dst;
397 bool change = true;
398
399 if (unlikely(pmtu < SCTP_DEFAULT_MINSEGMENT)) {
400 pr_warn_ratelimited("%s: Reported pmtu %d too low, using default minimum of %d\n",
401 __func__, pmtu, SCTP_DEFAULT_MINSEGMENT);
402 /* Use default minimum segment instead */
403 pmtu = SCTP_DEFAULT_MINSEGMENT;
404 }
405 pmtu = SCTP_TRUNC4(pmtu);
406
407 if (sctp_transport_pl_enabled(t))
408 return sctp_transport_pl_toobig(t, pmtu - sctp_transport_pl_hlen(t));
409
410 dst = sctp_transport_dst_check(t);
411 if (dst) {
412 struct sctp_pf *pf = sctp_get_pf_specific(dst->ops->family);
413 union sctp_addr addr;
414
415 pf->af->from_sk(&addr, sk);
416 pf->to_sk_daddr(&t->ipaddr, sk);
417 dst->ops->update_pmtu(dst, sk, NULL, pmtu, true);
418 pf->to_sk_daddr(&addr, sk);
419
420 dst = sctp_transport_dst_check(t);
421 }
422
423 if (!dst) {
424 t->af_specific->get_dst(t, &t->saddr, &t->fl, sk);
425 dst = t->dst;
426 }
427
428 if (dst) {
429 /* Re-fetch, as under layers may have a higher minimum size */
430 pmtu = sctp_dst_mtu(dst);
431 change = t->pathmtu != pmtu;
432 }
433 t->pathmtu = pmtu;
434
435 return change;
436 }
437
438 /* Caches the dst entry and source address for a transport's destination
439 * address.
440 */
sctp_transport_route(struct sctp_transport * transport,union sctp_addr * saddr,struct sctp_sock * opt)441 void sctp_transport_route(struct sctp_transport *transport,
442 union sctp_addr *saddr, struct sctp_sock *opt)
443 {
444 struct sctp_association *asoc = transport->asoc;
445 struct sctp_af *af = transport->af_specific;
446
447 sctp_transport_dst_release(transport);
448 af->get_dst(transport, saddr, &transport->fl, sctp_opt2sk(opt));
449
450 if (saddr)
451 memcpy(&transport->saddr, saddr, sizeof(union sctp_addr));
452 else
453 af->get_saddr(opt, transport, &transport->fl);
454
455 sctp_transport_pmtu(transport, sctp_opt2sk(opt));
456
457 /* Initialize sk->sk_rcv_saddr, if the transport is the
458 * association's active path for getsockname().
459 */
460 if (transport->dst && asoc &&
461 (!asoc->peer.primary_path || transport == asoc->peer.active_path))
462 opt->pf->to_sk_saddr(&transport->saddr, asoc->base.sk);
463 }
464
465 /* Hold a reference to a transport. */
sctp_transport_hold(struct sctp_transport * transport)466 int sctp_transport_hold(struct sctp_transport *transport)
467 {
468 return refcount_inc_not_zero(&transport->refcnt);
469 }
470
471 /* Release a reference to a transport and clean up
472 * if there are no more references.
473 */
sctp_transport_put(struct sctp_transport * transport)474 void sctp_transport_put(struct sctp_transport *transport)
475 {
476 if (refcount_dec_and_test(&transport->refcnt))
477 sctp_transport_destroy(transport);
478 }
479
480 /* Update transport's RTO based on the newly calculated RTT. */
sctp_transport_update_rto(struct sctp_transport * tp,__u32 rtt)481 void sctp_transport_update_rto(struct sctp_transport *tp, __u32 rtt)
482 {
483 if (unlikely(!tp->rto_pending))
484 /* We should not be doing any RTO updates unless rto_pending is set. */
485 pr_debug("%s: rto_pending not set on transport %p!\n", __func__, tp);
486
487 if (tp->rttvar || tp->srtt) {
488 struct net *net = tp->asoc->base.net;
489 /* 6.3.1 C3) When a new RTT measurement R' is made, set
490 * RTTVAR <- (1 - RTO.Beta) * RTTVAR + RTO.Beta * |SRTT - R'|
491 * SRTT <- (1 - RTO.Alpha) * SRTT + RTO.Alpha * R'
492 */
493
494 /* Note: The above algorithm has been rewritten to
495 * express rto_beta and rto_alpha as inverse powers
496 * of two.
497 * For example, assuming the default value of RTO.Alpha of
498 * 1/8, rto_alpha would be expressed as 3.
499 */
500 tp->rttvar = tp->rttvar - (tp->rttvar >> net->sctp.rto_beta)
501 + (((__u32)abs((__s64)tp->srtt - (__s64)rtt)) >> net->sctp.rto_beta);
502 tp->srtt = tp->srtt - (tp->srtt >> net->sctp.rto_alpha)
503 + (rtt >> net->sctp.rto_alpha);
504 } else {
505 /* 6.3.1 C2) When the first RTT measurement R is made, set
506 * SRTT <- R, RTTVAR <- R/2.
507 */
508 tp->srtt = rtt;
509 tp->rttvar = rtt >> 1;
510 }
511
512 /* 6.3.1 G1) Whenever RTTVAR is computed, if RTTVAR = 0, then
513 * adjust RTTVAR <- G, where G is the CLOCK GRANULARITY.
514 */
515 if (tp->rttvar == 0)
516 tp->rttvar = SCTP_CLOCK_GRANULARITY;
517
518 /* 6.3.1 C3) After the computation, update RTO <- SRTT + 4 * RTTVAR. */
519 tp->rto = tp->srtt + (tp->rttvar << 2);
520
521 /* 6.3.1 C6) Whenever RTO is computed, if it is less than RTO.Min
522 * seconds then it is rounded up to RTO.Min seconds.
523 */
524 if (tp->rto < tp->asoc->rto_min)
525 tp->rto = tp->asoc->rto_min;
526
527 /* 6.3.1 C7) A maximum value may be placed on RTO provided it is
528 * at least RTO.max seconds.
529 */
530 if (tp->rto > tp->asoc->rto_max)
531 tp->rto = tp->asoc->rto_max;
532
533 sctp_max_rto(tp->asoc, tp);
534 tp->rtt = rtt;
535
536 /* Reset rto_pending so that a new RTT measurement is started when a
537 * new data chunk is sent.
538 */
539 tp->rto_pending = 0;
540
541 pr_debug("%s: transport:%p, rtt:%d, srtt:%d rttvar:%d, rto:%ld\n",
542 __func__, tp, rtt, tp->srtt, tp->rttvar, tp->rto);
543 }
544
545 /* This routine updates the transport's cwnd and partial_bytes_acked
546 * parameters based on the bytes acked in the received SACK.
547 */
sctp_transport_raise_cwnd(struct sctp_transport * transport,__u32 sack_ctsn,__u32 bytes_acked)548 void sctp_transport_raise_cwnd(struct sctp_transport *transport,
549 __u32 sack_ctsn, __u32 bytes_acked)
550 {
551 struct sctp_association *asoc = transport->asoc;
552 __u32 cwnd, ssthresh, flight_size, pba, pmtu;
553
554 cwnd = transport->cwnd;
555 flight_size = transport->flight_size;
556
557 /* See if we need to exit Fast Recovery first */
558 if (asoc->fast_recovery &&
559 TSN_lte(asoc->fast_recovery_exit, sack_ctsn))
560 asoc->fast_recovery = 0;
561
562 ssthresh = transport->ssthresh;
563 pba = transport->partial_bytes_acked;
564 pmtu = transport->asoc->pathmtu;
565
566 if (cwnd <= ssthresh) {
567 /* RFC 4960 7.2.1
568 * o When cwnd is less than or equal to ssthresh, an SCTP
569 * endpoint MUST use the slow-start algorithm to increase
570 * cwnd only if the current congestion window is being fully
571 * utilized, an incoming SACK advances the Cumulative TSN
572 * Ack Point, and the data sender is not in Fast Recovery.
573 * Only when these three conditions are met can the cwnd be
574 * increased; otherwise, the cwnd MUST not be increased.
575 * If these conditions are met, then cwnd MUST be increased
576 * by, at most, the lesser of 1) the total size of the
577 * previously outstanding DATA chunk(s) acknowledged, and
578 * 2) the destination's path MTU. This upper bound protects
579 * against the ACK-Splitting attack outlined in [SAVAGE99].
580 */
581 if (asoc->fast_recovery)
582 return;
583
584 /* The appropriate cwnd increase algorithm is performed
585 * if, and only if the congestion window is being fully
586 * utilized. Note that RFC4960 Errata 3.22 removed the
587 * other condition on ctsn moving.
588 */
589 if (flight_size < cwnd)
590 return;
591
592 if (bytes_acked > pmtu)
593 cwnd += pmtu;
594 else
595 cwnd += bytes_acked;
596
597 pr_debug("%s: slow start: transport:%p, bytes_acked:%d, "
598 "cwnd:%d, ssthresh:%d, flight_size:%d, pba:%d\n",
599 __func__, transport, bytes_acked, cwnd, ssthresh,
600 flight_size, pba);
601 } else {
602 /* RFC 2960 7.2.2 Whenever cwnd is greater than ssthresh,
603 * upon each SACK arrival, increase partial_bytes_acked
604 * by the total number of bytes of all new chunks
605 * acknowledged in that SACK including chunks
606 * acknowledged by the new Cumulative TSN Ack and by Gap
607 * Ack Blocks. (updated by RFC4960 Errata 3.22)
608 *
609 * When partial_bytes_acked is greater than cwnd and
610 * before the arrival of the SACK the sender had less
611 * bytes of data outstanding than cwnd (i.e., before
612 * arrival of the SACK, flightsize was less than cwnd),
613 * reset partial_bytes_acked to cwnd. (RFC 4960 Errata
614 * 3.26)
615 *
616 * When partial_bytes_acked is equal to or greater than
617 * cwnd and before the arrival of the SACK the sender
618 * had cwnd or more bytes of data outstanding (i.e.,
619 * before arrival of the SACK, flightsize was greater
620 * than or equal to cwnd), partial_bytes_acked is reset
621 * to (partial_bytes_acked - cwnd). Next, cwnd is
622 * increased by MTU. (RFC 4960 Errata 3.12)
623 */
624 pba += bytes_acked;
625 if (pba > cwnd && flight_size < cwnd)
626 pba = cwnd;
627 if (pba >= cwnd && flight_size >= cwnd) {
628 pba = pba - cwnd;
629 cwnd += pmtu;
630 }
631
632 pr_debug("%s: congestion avoidance: transport:%p, "
633 "bytes_acked:%d, cwnd:%d, ssthresh:%d, "
634 "flight_size:%d, pba:%d\n", __func__,
635 transport, bytes_acked, cwnd, ssthresh,
636 flight_size, pba);
637 }
638
639 transport->cwnd = cwnd;
640 transport->partial_bytes_acked = pba;
641 }
642
643 /* This routine is used to lower the transport's cwnd when congestion is
644 * detected.
645 */
sctp_transport_lower_cwnd(struct sctp_transport * transport,enum sctp_lower_cwnd reason)646 void sctp_transport_lower_cwnd(struct sctp_transport *transport,
647 enum sctp_lower_cwnd reason)
648 {
649 struct sctp_association *asoc = transport->asoc;
650
651 switch (reason) {
652 case SCTP_LOWER_CWND_T3_RTX:
653 /* RFC 2960 Section 7.2.3, sctpimpguide
654 * When the T3-rtx timer expires on an address, SCTP should
655 * perform slow start by:
656 * ssthresh = max(cwnd/2, 4*MTU)
657 * cwnd = 1*MTU
658 * partial_bytes_acked = 0
659 */
660 transport->ssthresh = max(transport->cwnd/2,
661 4*asoc->pathmtu);
662 transport->cwnd = asoc->pathmtu;
663
664 /* T3-rtx also clears fast recovery */
665 asoc->fast_recovery = 0;
666 break;
667
668 case SCTP_LOWER_CWND_FAST_RTX:
669 /* RFC 2960 7.2.4 Adjust the ssthresh and cwnd of the
670 * destination address(es) to which the missing DATA chunks
671 * were last sent, according to the formula described in
672 * Section 7.2.3.
673 *
674 * RFC 2960 7.2.3, sctpimpguide Upon detection of packet
675 * losses from SACK (see Section 7.2.4), An endpoint
676 * should do the following:
677 * ssthresh = max(cwnd/2, 4*MTU)
678 * cwnd = ssthresh
679 * partial_bytes_acked = 0
680 */
681 if (asoc->fast_recovery)
682 return;
683
684 /* Mark Fast recovery */
685 asoc->fast_recovery = 1;
686 asoc->fast_recovery_exit = asoc->next_tsn - 1;
687
688 transport->ssthresh = max(transport->cwnd/2,
689 4*asoc->pathmtu);
690 transport->cwnd = transport->ssthresh;
691 break;
692
693 case SCTP_LOWER_CWND_ECNE:
694 /* RFC 2481 Section 6.1.2.
695 * If the sender receives an ECN-Echo ACK packet
696 * then the sender knows that congestion was encountered in the
697 * network on the path from the sender to the receiver. The
698 * indication of congestion should be treated just as a
699 * congestion loss in non-ECN Capable TCP. That is, the TCP
700 * source halves the congestion window "cwnd" and reduces the
701 * slow start threshold "ssthresh".
702 * A critical condition is that TCP does not react to
703 * congestion indications more than once every window of
704 * data (or more loosely more than once every round-trip time).
705 */
706 if (time_after(jiffies, transport->last_time_ecne_reduced +
707 transport->rtt)) {
708 transport->ssthresh = max(transport->cwnd/2,
709 4*asoc->pathmtu);
710 transport->cwnd = transport->ssthresh;
711 transport->last_time_ecne_reduced = jiffies;
712 }
713 break;
714
715 case SCTP_LOWER_CWND_INACTIVE:
716 /* RFC 2960 Section 7.2.1, sctpimpguide
717 * When the endpoint does not transmit data on a given
718 * transport address, the cwnd of the transport address
719 * should be adjusted to max(cwnd/2, 4*MTU) per RTO.
720 * NOTE: Although the draft recommends that this check needs
721 * to be done every RTO interval, we do it every hearbeat
722 * interval.
723 */
724 transport->cwnd = max(transport->cwnd/2,
725 4*asoc->pathmtu);
726 /* RFC 4960 Errata 3.27.2: also adjust sshthresh */
727 transport->ssthresh = transport->cwnd;
728 break;
729 }
730
731 transport->partial_bytes_acked = 0;
732
733 pr_debug("%s: transport:%p, reason:%d, cwnd:%d, ssthresh:%d\n",
734 __func__, transport, reason, transport->cwnd,
735 transport->ssthresh);
736 }
737
738 /* Apply Max.Burst limit to the congestion window:
739 * sctpimpguide-05 2.14.2
740 * D) When the time comes for the sender to
741 * transmit new DATA chunks, the protocol parameter Max.Burst MUST
742 * first be applied to limit how many new DATA chunks may be sent.
743 * The limit is applied by adjusting cwnd as follows:
744 * if ((flightsize+ Max.Burst * MTU) < cwnd)
745 * cwnd = flightsize + Max.Burst * MTU
746 */
747
sctp_transport_burst_limited(struct sctp_transport * t)748 void sctp_transport_burst_limited(struct sctp_transport *t)
749 {
750 struct sctp_association *asoc = t->asoc;
751 u32 old_cwnd = t->cwnd;
752 u32 max_burst_bytes;
753
754 if (t->burst_limited || asoc->max_burst == 0)
755 return;
756
757 max_burst_bytes = t->flight_size + (asoc->max_burst * asoc->pathmtu);
758 if (max_burst_bytes < old_cwnd) {
759 t->cwnd = max_burst_bytes;
760 t->burst_limited = old_cwnd;
761 }
762 }
763
764 /* Restore the old cwnd congestion window, after the burst had it's
765 * desired effect.
766 */
sctp_transport_burst_reset(struct sctp_transport * t)767 void sctp_transport_burst_reset(struct sctp_transport *t)
768 {
769 if (t->burst_limited) {
770 t->cwnd = t->burst_limited;
771 t->burst_limited = 0;
772 }
773 }
774
775 /* What is the next timeout value for this transport? */
sctp_transport_timeout(struct sctp_transport * trans)776 unsigned long sctp_transport_timeout(struct sctp_transport *trans)
777 {
778 /* RTO + timer slack +/- 50% of RTO */
779 unsigned long timeout = trans->rto >> 1;
780
781 if (trans->state != SCTP_UNCONFIRMED &&
782 trans->state != SCTP_PF)
783 timeout += trans->hbinterval;
784
785 return max_t(unsigned long, timeout, HZ / 5);
786 }
787
788 /* Reset transport variables to their initial values */
sctp_transport_reset(struct sctp_transport * t)789 void sctp_transport_reset(struct sctp_transport *t)
790 {
791 struct sctp_association *asoc = t->asoc;
792
793 /* RFC 2960 (bis), Section 5.2.4
794 * All the congestion control parameters (e.g., cwnd, ssthresh)
795 * related to this peer MUST be reset to their initial values
796 * (see Section 6.2.1)
797 */
798 t->cwnd = min(4*asoc->pathmtu, max_t(__u32, 2*asoc->pathmtu, 4380));
799 t->burst_limited = 0;
800 t->ssthresh = asoc->peer.i.a_rwnd;
801 t->rto = asoc->rto_initial;
802 sctp_max_rto(asoc, t);
803 t->rtt = 0;
804 t->srtt = 0;
805 t->rttvar = 0;
806
807 /* Reset these additional variables so that we have a clean slate. */
808 t->partial_bytes_acked = 0;
809 t->flight_size = 0;
810 t->error_count = 0;
811 t->rto_pending = 0;
812 t->hb_sent = 0;
813
814 /* Initialize the state information for SFR-CACC */
815 t->cacc.changeover_active = 0;
816 t->cacc.cycling_changeover = 0;
817 t->cacc.next_tsn_at_change = 0;
818 t->cacc.cacc_saw_newack = 0;
819 }
820
821 /* Schedule retransmission on the given transport */
sctp_transport_immediate_rtx(struct sctp_transport * t)822 void sctp_transport_immediate_rtx(struct sctp_transport *t)
823 {
824 /* Stop pending T3_rtx_timer */
825 if (timer_delete(&t->T3_rtx_timer))
826 sctp_transport_put(t);
827
828 sctp_retransmit(&t->asoc->outqueue, t, SCTP_RTXR_T3_RTX);
829 if (!timer_pending(&t->T3_rtx_timer)) {
830 if (!mod_timer(&t->T3_rtx_timer, jiffies + t->rto))
831 sctp_transport_hold(t);
832 }
833 }
834
835 /* Drop dst */
sctp_transport_dst_release(struct sctp_transport * t)836 void sctp_transport_dst_release(struct sctp_transport *t)
837 {
838 dst_release(t->dst);
839 t->dst = NULL;
840 t->dst_pending_confirm = 0;
841 }
842
843 /* Schedule neighbour confirm */
sctp_transport_dst_confirm(struct sctp_transport * t)844 void sctp_transport_dst_confirm(struct sctp_transport *t)
845 {
846 t->dst_pending_confirm = 1;
847 }
848