xref: /titanic_51/usr/src/uts/common/inet/sctp/sctp_timer.c (revision 0c240c64cf90f44c2fdf3439010f6e8b33d85e7d)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 
22 /*
23  * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
24  * Use is subject to license terms.
25  */
26 
27 
28 #include <sys/types.h>
29 #include <sys/systm.h>
30 #include <sys/stream.h>
31 #include <sys/cmn_err.h>
32 #include <sys/strsubr.h>
33 #include <sys/strsun.h>
34 
35 #include <netinet/in.h>
36 #include <netinet/ip6.h>
37 
38 #include <inet/common.h>
39 #include <inet/ip.h>
40 #include <inet/mib2.h>
41 #include <inet/ipclassifier.h>
42 #include "sctp_impl.h"
43 #include "sctp_asconf.h"
44 
45 /* Timer block states. */
46 typedef enum {
47 	SCTP_TB_RUNNING = 1,
48 	SCTP_TB_IDLE,
49 /* Could not stop/free before mblk got queued */
50 	SCTP_TB_RESCHED,	/* sctp_tb_time_left contains tick count */
51 	SCTP_TB_CANCELLED,
52 	SCTP_TB_TO_BE_FREED
53 } timer_block_state;
54 
55 typedef struct sctp_tb_s {
56 	timer_block_state	sctp_tb_state;
57 	timeout_id_t		sctp_tb_tid;
58 	mblk_t			*sctp_tb_mp;
59 	clock_t			sctp_tb_time_left;
60 } sctp_tb_t;
61 
62 static void sctp_timer_fire(sctp_tb_t *);
63 
64 /*
65  *		sctp_timer mechanism.
66  *
67  * Each timer is represented by a timer mblk. When the
68  * timer fires, and the sctp_t is busy, the timer mblk will be put on
69  * the associated sctp_t timer queue so that it can be executed when
70  * the thread holding the lock on the sctp_t is done with its job.
71  *
72  * Note that there is no lock to protect the timer mblk state.  The reason
73  * is that the timer state can only be changed by a thread holding the
74  * lock on the sctp_t.
75  *
76  * The interface consists of 4 entry points:
77  *	sctp_timer_alloc	- create a timer mblk
78  *	sctp_timer_free		- free a timer mblk
79  *	sctp_timer		- start, restart, stop the timer
80  *	sctp_timer_valid	- called by sctp_process_recvq to verify that
81  *				  the timer did indeed fire.
82  */
83 
84 
85 /*
86  * Start, restart, stop the timer.
87  * If "tim" is -1 the timer is stopped.
88  * Otherwise, the timer is stopped if it is already running, and
89  * set to fire tim clock ticks from now.
90  */
91 void
92 sctp_timer(sctp_t *sctp, mblk_t *mp, clock_t tim)
93 {
94 	sctp_tb_t *sctp_tb;
95 	int state;
96 
97 	ASSERT(sctp != NULL && mp != NULL);
98 	ASSERT((mp->b_rptr - mp->b_datap->db_base) == sizeof (sctp_tb_t));
99 	ASSERT(mp->b_datap->db_type == M_PCSIG);
100 
101 	sctp_tb = (sctp_tb_t *)mp->b_datap->db_base;
102 	if (tim >= 0) {
103 		state = sctp_tb->sctp_tb_state;
104 		sctp_tb->sctp_tb_time_left = tim;
105 		if (state == SCTP_TB_RUNNING) {
106 			if (untimeout(sctp_tb->sctp_tb_tid) < 0) {
107 				sctp_tb->sctp_tb_state = SCTP_TB_RESCHED;
108 				/* sctp_timer_valid will start timer */
109 				return;
110 			}
111 		} else if (state != SCTP_TB_IDLE) {
112 			ASSERT(state != SCTP_TB_TO_BE_FREED);
113 			if (state == SCTP_TB_CANCELLED) {
114 				sctp_tb->sctp_tb_state = SCTP_TB_RESCHED;
115 				/* sctp_timer_valid will start timer */
116 				return;
117 			}
118 			if (state == SCTP_TB_RESCHED) {
119 				/* sctp_timer_valid will start timer */
120 				return;
121 			}
122 		} else {
123 			SCTP_REFHOLD(sctp);
124 		}
125 		sctp_tb->sctp_tb_state = SCTP_TB_RUNNING;
126 		sctp_tb->sctp_tb_tid =
127 		    timeout((pfv_t)sctp_timer_fire, sctp_tb, tim);
128 		return;
129 	}
130 	switch (tim) {
131 	case -1:
132 		sctp_timer_stop(mp);
133 		break;
134 	default:
135 		ASSERT(0);
136 		break;
137 	}
138 }
139 
140 /*
141  * sctp_timer_alloc is called by sctp_init to allocate and initialize a
142  * sctp timer.
143  *
144  * Allocate an M_PCSIG timer message. The space between db_base and
145  * b_rptr is used by the sctp_timer mechanism, and after b_rptr there is
146  * space for sctpt_t.
147  */
148 mblk_t *
149 sctp_timer_alloc(sctp_t *sctp, pfv_t func, int sleep)
150 {
151 	mblk_t *mp;
152 	sctp_tb_t *sctp_tb;
153 	sctpt_t	*sctpt;
154 	sctp_stack_t	*sctps = sctp->sctp_sctps;
155 
156 	if (sleep == KM_SLEEP) {
157 		mp = allocb_wait(sizeof (sctp_t) + sizeof (sctp_tb_t), BPRI_HI,
158 		    STR_NOSIG, NULL);
159 	} else {
160 		mp = allocb(sizeof (sctp_t) + sizeof (sctp_tb_t), BPRI_HI);
161 	}
162 	if (mp != NULL) {
163 		mp->b_datap->db_type = M_PCSIG;
164 		sctp_tb = (sctp_tb_t *)mp->b_datap->db_base;
165 		mp->b_rptr = (uchar_t *)&sctp_tb[1];
166 		mp->b_wptr = mp->b_rptr + sizeof (sctpt_t);
167 		sctp_tb->sctp_tb_state = SCTP_TB_IDLE;
168 		sctp_tb->sctp_tb_mp = mp;
169 
170 		sctpt = (sctpt_t *)mp->b_rptr;
171 		sctpt->sctpt_sctp = sctp;
172 		sctpt->sctpt_faddr = NULL;	/* set when starting timer */
173 		sctpt->sctpt_pfv = func;
174 		return (mp);
175 	}
176 	SCTP_KSTAT(sctps, sctp_add_timer);
177 	return (NULL);
178 }
179 
180 /*
181  * timeout() callback function.
182  * Put the message on the process control block's queue.
183  * If the timer is stopped or freed after
184  * it has fired then sctp_timer() and sctp_timer_valid() will clean
185  * things up.
186  */
187 static void
188 sctp_timer_fire(sctp_tb_t *sctp_tb)
189 {
190 	mblk_t *mp;
191 	sctp_t *sctp;
192 	sctpt_t *sctpt;
193 
194 	mp = sctp_tb->sctp_tb_mp;
195 	ASSERT(sctp_tb == (sctp_tb_t *)mp->b_datap->db_base);
196 	ASSERT(mp->b_datap->db_type == M_PCSIG);
197 
198 	sctpt = (sctpt_t *)mp->b_rptr;
199 	sctp = sctpt->sctpt_sctp;
200 	ASSERT(sctp != NULL);
201 
202 	mutex_enter(&sctp->sctp_lock);
203 	if (sctp->sctp_running) {
204 		/*
205 		 * Put the timer mblk to the special sctp_timer_mp list.
206 		 * This timer will be handled when the thread using this
207 		 * SCTP is done with its job.
208 		 */
209 		if (sctp->sctp_timer_mp == NULL) {
210 			SCTP_REFHOLD(sctp);
211 			sctp->sctp_timer_mp = mp;
212 		} else {
213 			linkb(sctp->sctp_timer_mp, mp);
214 		}
215 		mp->b_cont = NULL;
216 		mutex_exit(&sctp->sctp_lock);
217 	} else {
218 		sctp->sctp_running = B_TRUE;
219 		mutex_exit(&sctp->sctp_lock);
220 
221 		sctp_timer_call(sctp, mp);
222 		WAKE_SCTP(sctp);
223 	}
224 	SCTP_REFRELE(sctp);
225 }
226 
227 /*
228  * Logically free a timer mblk (that might have a pending timeout().)
229  * If the timer has fired and the mblk has been put on the queue then
230  * sctp_timer_valid will free the mblk.
231  */
232 void
233 sctp_timer_free(mblk_t *mp)
234 {
235 	sctp_tb_t *sctp_tb;
236 	int state;
237 	sctpt_t *sctpt;
238 
239 	ASSERT(mp != NULL);
240 	ASSERT((mp->b_rptr - mp->b_datap->db_base) == sizeof (sctp_tb_t));
241 	ASSERT(mp->b_datap->db_type == M_PCSIG);
242 
243 	sctp_tb = (sctp_tb_t *)mp->b_datap->db_base;
244 	state = sctp_tb->sctp_tb_state;
245 
246 	dprint(5, ("sctp_timer_free %p state %d\n", (void *)mp, state));
247 
248 	if (state == SCTP_TB_RUNNING) {
249 		if (untimeout(sctp_tb->sctp_tb_tid) < 0) {
250 			sctp_tb->sctp_tb_state = SCTP_TB_TO_BE_FREED;
251 			/* sctp_timer_valid will free the mblk */
252 			return;
253 		}
254 		sctpt = (sctpt_t *)mp->b_rptr;
255 		SCTP_REFRELE(sctpt->sctpt_sctp);
256 	} else if (state != SCTP_TB_IDLE) {
257 		ASSERT(state != SCTP_TB_TO_BE_FREED);
258 		sctp_tb->sctp_tb_state = SCTP_TB_TO_BE_FREED;
259 		/* sctp_timer_valid will free the mblk */
260 		return;
261 	}
262 	freeb(mp);
263 }
264 
265 /*
266  * Called from sctp_timer(,,-1)
267  */
268 void
269 sctp_timer_stop(mblk_t *mp)
270 {
271 	sctp_tb_t *sctp_tb;
272 	int state;
273 	sctpt_t *sctpt;
274 
275 	ASSERT(mp != NULL);
276 	ASSERT(mp->b_datap->db_type == M_PCSIG);
277 
278 	sctp_tb = (sctp_tb_t *)mp->b_datap->db_base;
279 	state = sctp_tb->sctp_tb_state;
280 
281 	dprint(5, ("sctp_timer_stop %p %d\n", (void *)mp, state));
282 
283 	if (state == SCTP_TB_RUNNING) {
284 		if (untimeout(sctp_tb->sctp_tb_tid) < 0) {
285 			sctp_tb->sctp_tb_state = SCTP_TB_CANCELLED;
286 		} else {
287 			sctp_tb->sctp_tb_state = SCTP_TB_IDLE;
288 			sctpt = (sctpt_t *)mp->b_rptr;
289 			SCTP_REFRELE(sctpt->sctpt_sctp);
290 		}
291 	} else if (state == SCTP_TB_RESCHED) {
292 		sctp_tb->sctp_tb_state = SCTP_TB_CANCELLED;
293 	}
294 }
295 
296 /*
297  * The user of the sctp_timer mechanism is required to call
298  * sctp_timer_valid() for each M_PCSIG message processed in the
299  * service procedures.
300  * sctp_timer_valid will return "true" if the timer actually did fire.
301  */
302 
303 static boolean_t
304 sctp_timer_valid(mblk_t *mp)
305 {
306 	sctp_tb_t *sctp_tb;
307 	int state;
308 	sctpt_t *sctpt;
309 
310 	ASSERT(mp != NULL);
311 	ASSERT(mp->b_datap->db_type == M_PCSIG);
312 
313 	sctp_tb = (sctp_tb_t *)DB_BASE(mp);
314 	sctpt = (sctpt_t *)mp->b_rptr;
315 	state = sctp_tb->sctp_tb_state;
316 	if (state != SCTP_TB_RUNNING) {
317 		ASSERT(state != SCTP_TB_IDLE);
318 		if (state == SCTP_TB_TO_BE_FREED) {
319 			/*
320 			 * sctp_timer_free was called after the message
321 			 * was putq'ed.
322 			 */
323 			freeb(mp);
324 			return (B_FALSE);
325 		}
326 		if (state == SCTP_TB_CANCELLED) {
327 			/* The timer was stopped after the mblk was putq'ed */
328 			sctp_tb->sctp_tb_state = SCTP_TB_IDLE;
329 			return (B_FALSE);
330 		}
331 		if (state == SCTP_TB_RESCHED) {
332 			/*
333 			 * The timer was stopped and then restarted after
334 			 * the mblk was putq'ed.
335 			 * sctp_tb_time_left contains the number of ticks that
336 			 * the timer was restarted with.
337 			 * The sctp will not be disapper between the time
338 			 * the sctpt_t is marked SCTP_TB_RESCHED and when
339 			 * we get here as sctp_add_recvq() does a refhold.
340 			 */
341 			sctp_tb->sctp_tb_state = SCTP_TB_RUNNING;
342 			sctp_tb->sctp_tb_tid = timeout((pfv_t)sctp_timer_fire,
343 			    sctp_tb, sctp_tb->sctp_tb_time_left);
344 			SCTP_REFHOLD(sctpt->sctpt_sctp);
345 			return (B_FALSE);
346 		}
347 	}
348 	sctp_tb->sctp_tb_state = SCTP_TB_IDLE;
349 	return (B_TRUE);
350 }
351 
352 /*
353  * The SCTP timer call. Calls sctp_timer_valid() to verify whether
354  * timer was cancelled or not.
355  */
356 void
357 sctp_timer_call(sctp_t *sctp, mblk_t *mp)
358 {
359 	sctpt_t *sctpt = (sctpt_t *)mp->b_rptr;
360 
361 	if (sctp_timer_valid(mp)) {
362 		(*sctpt->sctpt_pfv)(sctp, sctpt->sctpt_faddr);
363 	}
364 }
365 
366 /*
367  * Delayed ack
368  */
369 void
370 sctp_ack_timer(sctp_t *sctp)
371 {
372 	sctp_stack_t	*sctps = sctp->sctp_sctps;
373 
374 	sctp->sctp_ack_timer_running = 0;
375 	sctp->sctp_sack_toggle = sctps->sctps_deferred_acks_max;
376 	BUMP_MIB(&sctps->sctps_mib, sctpOutAckDelayed);
377 	(void) sctp_sack(sctp, NULL);
378 }
379 
380 /*
381  * Peer address heartbeat timer handler
382  */
383 void
384 sctp_heartbeat_timer(sctp_t *sctp)
385 {
386 	sctp_faddr_t	*fp;
387 	int64_t		now;
388 	int64_t		earliest_expiry;
389 	int		cnt;
390 	sctp_stack_t	*sctps = sctp->sctp_sctps;
391 
392 	if (sctp->sctp_strikes >= sctp->sctp_pa_max_rxt) {
393 		/*
394 		 * If there is a peer address with no strikes,
395 		 * don't give up yet. If enough other peer
396 		 * address are down, we could otherwise fail
397 		 * the association prematurely.  This is a
398 		 * byproduct of our aggressive probe approach
399 		 * when a heartbeat fails to connect. We may
400 		 * wish to revisit this...
401 		 */
402 		if (!sctp_is_a_faddr_clean(sctp)) {
403 			/* time to give up */
404 			BUMP_MIB(&sctps->sctps_mib, sctpAborted);
405 			BUMP_MIB(&sctps->sctps_mib, sctpTimHeartBeatDrop);
406 			sctp_assoc_event(sctp, SCTP_COMM_LOST, 0, NULL);
407 			sctp_clean_death(sctp, sctp->sctp_client_errno ?
408 			    sctp->sctp_client_errno : ETIMEDOUT);
409 			return;
410 		}
411 	}
412 
413 	/* Only send heartbeats in the established state */
414 	if (sctp->sctp_state != SCTPS_ESTABLISHED) {
415 		dprint(5, ("sctp_heartbeat_timer: not in ESTABLISHED\n"));
416 		return;
417 	}
418 
419 	now = lbolt64;
420 	earliest_expiry = 0;
421 	cnt = sctps->sctps_maxburst;
422 
423 	/*
424 	 * Walk through all faddrs.  Since the timer should run infrequently
425 	 * and the number of peer addresses should not be big, this should
426 	 * be OK.
427 	 */
428 	for (fp = sctp->sctp_faddrs; fp != NULL; fp = fp->next) {
429 		/*
430 		 * If the peer is unreachable because there is no available
431 		 * source address, call sctp_get_dest() to see if it is
432 		 * reachable now.  If it is OK, the state will become
433 		 * unconfirmed.  And the following code to handle unconfirmed
434 		 * address will be executed.  If it is still not OK,
435 		 * re-schedule.  If heartbeat is enabled, only try this
436 		 * up to the normal heartbeat max times.  But if heartbeat
437 		 * is disable, this retry may go on forever.
438 		 */
439 		if (fp->state == SCTP_FADDRS_UNREACH) {
440 			sctp_get_dest(sctp, fp);
441 			if (fp->state == SCTP_FADDRS_UNREACH) {
442 				if (fp->hb_enabled &&
443 				    ++fp->strikes > fp->max_retr &&
444 				    sctp_faddr_dead(sctp, fp,
445 				    SCTP_FADDRS_DOWN) == -1) {
446 					/* Assoc is dead */
447 					return;
448 				}
449 				fp->hb_expiry = now + SET_HB_INTVL(fp);
450 				goto set_expiry;
451 			} else {
452 				/* Send a heartbeat immediately. */
453 				fp->hb_expiry = now;
454 			}
455 		}
456 		/*
457 		 * Don't send heartbeat to this address if it is not
458 		 * hb_enabled and the address has been confirmed.
459 		 */
460 		if (!fp->hb_enabled && fp->state != SCTP_FADDRS_UNCONFIRMED) {
461 			continue;
462 		}
463 
464 		/*
465 		 * The heartbeat timer is expired.  If the address is dead,
466 		 * we still send heartbeat to it in case it becomes alive
467 		 * again.  But we will only send once in a while, calculated
468 		 * by SET_HB_INTVL().
469 		 *
470 		 * If the address is alive and there is a hearbeat pending,
471 		 * resend the heartbeat and start exponential backoff on the
472 		 * heartbeat timeout value.  If there is no heartbeat pending,
473 		 * just send out one.
474 		 */
475 		if (now >= fp->hb_expiry) {
476 			if (fp->hb_pending) {
477 				/*
478 				 * If an address is not confirmed, no need
479 				 * to bump the overall counter as it doesn't
480 				 * matter as we will not use it to send data
481 				 * and it should not affect the association.
482 				 */
483 				switch (fp->state) {
484 				case SCTP_FADDRS_ALIVE:
485 					sctp->sctp_strikes++;
486 					/* FALLTHRU */
487 				case SCTP_FADDRS_UNCONFIRMED:
488 					/*
489 					 * Retransmission implies that RTO
490 					 * is probably not correct.
491 					 */
492 					fp->rtt_updates = 0;
493 					fp->strikes++;
494 					if (fp->strikes > fp->max_retr) {
495 						if (sctp_faddr_dead(sctp, fp,
496 						    SCTP_FADDRS_DOWN) == -1) {
497 							/* Assoc is dead */
498 							return;
499 						}
500 						/*
501 						 * Addr is down; keep initial
502 						 * RTO
503 						 */
504 						fp->rto =
505 						    sctp->sctp_rto_initial;
506 						goto dead_addr;
507 					} else {
508 						SCTP_CALC_RXT(sctp, fp);
509 						fp->hb_expiry = now + fp->rto;
510 					}
511 					break;
512 				case SCTP_FADDRS_DOWN:
513 dead_addr:
514 					fp->hb_expiry = now + SET_HB_INTVL(fp);
515 					break;
516 				default:
517 					continue;
518 				}
519 			} else {
520 				/*
521 				 * If there is unack'ed data, no need to
522 				 * send a heart beat.
523 				 */
524 				if (fp->suna > 0) {
525 					fp->hb_expiry = now + SET_HB_INTVL(fp);
526 					goto set_expiry;
527 				} else {
528 					fp->hb_expiry = now + fp->rto;
529 				}
530 			}
531 			/*
532 			 * Note that the total number of heartbeat we can send
533 			 * out simultaneously is limited by sctp_maxburst.  If
534 			 * the limit is exceeded, we need to wait for the next
535 			 * timeout to send them.  This should only happen if
536 			 * there is unconfirmed address.  Note that hb_pending
537 			 * is set in sctp_send_heartbeat().  So if a heartbeat
538 			 * is not sent, it will not affect the state of the
539 			 * peer address.
540 			 */
541 			if (fp->state != SCTP_FADDRS_UNCONFIRMED || cnt-- > 0)
542 				sctp_send_heartbeat(sctp, fp);
543 		}
544 set_expiry:
545 		if (fp->hb_expiry < earliest_expiry || earliest_expiry == 0)
546 			earliest_expiry = fp->hb_expiry;
547 	}
548 	if (sctp->sctp_autoclose != 0) {
549 		int64_t expire;
550 
551 		expire = sctp->sctp_active + sctp->sctp_autoclose;
552 
553 		if (expire <= now) {
554 			dprint(3, ("sctp_heartbeat_timer: autoclosing\n"));
555 			sctp_send_shutdown(sctp, 0);
556 			return;
557 		}
558 		if (expire < earliest_expiry || earliest_expiry == 0)
559 			earliest_expiry = expire;
560 	}
561 
562 	earliest_expiry -= now;
563 	if (earliest_expiry < 0)
564 		earliest_expiry = 1;
565 	sctp_timer(sctp, sctp->sctp_heartbeat_mp, earliest_expiry);
566 }
567 
568 void
569 sctp_rexmit_timer(sctp_t *sctp, sctp_faddr_t *fp)
570 {
571 	mblk_t 		*mp;
572 	sctp_stack_t	*sctps = sctp->sctp_sctps;
573 
574 	ASSERT(fp != NULL);
575 
576 	dprint(3, ("sctp_timer: faddr=%x:%x:%x:%x\n",
577 	    SCTP_PRINTADDR(fp->faddr)));
578 
579 	fp->timer_running = 0;
580 
581 	/* Check is we've reached the max for retries */
582 	if (sctp->sctp_state < SCTPS_ESTABLISHED) {
583 		if (fp->strikes >= sctp->sctp_max_init_rxt) {
584 			/* time to give up */
585 			BUMP_MIB(&sctps->sctps_mib, sctpAborted);
586 			BUMP_MIB(&sctps->sctps_mib, sctpTimRetransDrop);
587 			sctp_assoc_event(sctp, SCTP_CANT_STR_ASSOC, 0, NULL);
588 			sctp_clean_death(sctp, sctp->sctp_client_errno ?
589 			    sctp->sctp_client_errno : ETIMEDOUT);
590 			return;
591 		}
592 	} else if (sctp->sctp_state >= SCTPS_ESTABLISHED) {
593 		if (sctp->sctp_strikes >= sctp->sctp_pa_max_rxt) {
594 			/* time to give up */
595 			BUMP_MIB(&sctps->sctps_mib, sctpAborted);
596 			BUMP_MIB(&sctps->sctps_mib, sctpTimRetransDrop);
597 			sctp_assoc_event(sctp, SCTP_COMM_LOST, 0, NULL);
598 			sctp_clean_death(sctp, sctp->sctp_client_errno ?
599 			    sctp->sctp_client_errno : ETIMEDOUT);
600 			return;
601 		}
602 	}
603 
604 	if (fp->strikes >= fp->max_retr) {
605 		if (sctp_faddr_dead(sctp, fp, SCTP_FADDRS_DOWN) == -1) {
606 			return;
607 		}
608 	}
609 
610 	switch (sctp->sctp_state) {
611 	case SCTPS_SHUTDOWN_RECEIVED:
612 		(void) sctp_shutdown_received(sctp, NULL, B_FALSE, B_TRUE,
613 		    NULL);
614 
615 		/* FALLTHRU */
616 	case SCTPS_ESTABLISHED:
617 	case SCTPS_SHUTDOWN_PENDING:
618 		if (sctp->sctp_xmit_head == NULL &&
619 		    sctp->sctp_xmit_unsent == NULL) {
620 			/* Nothing to retransmit */
621 			if (sctp->sctp_state == SCTPS_SHUTDOWN_PENDING) {
622 				sctp_send_shutdown(sctp, 1);
623 			}
624 			return;
625 		}
626 
627 		BUMP_MIB(&sctps->sctps_mib, sctpTimRetrans);
628 
629 		sctp_rexmit(sctp, fp);
630 		/*
631 		 * sctp_rexmit() will increase the strikes and restart the
632 		 * timer, so return here.
633 		 */
634 		return;
635 	case SCTPS_COOKIE_WAIT:
636 		BUMP_LOCAL(sctp->sctp_T1expire);
637 rxmit_init:
638 		/* retransmit init */
639 		/*
640 		 * We don't take the conn hash lock here since the source
641 		 * address list won't be modified (it would have been done
642 		 * the first time around).
643 		 */
644 		mp = sctp_init_mp(sctp, fp);
645 		if (mp != NULL) {
646 			BUMP_MIB(&sctps->sctps_mib, sctpTimRetrans);
647 			(void) conn_ip_output(mp, fp->ixa);
648 			BUMP_LOCAL(sctp->sctp_opkts);
649 		}
650 		break;
651 	case SCTPS_COOKIE_ECHOED:
652 		BUMP_LOCAL(sctp->sctp_T1expire);
653 		if (sctp->sctp_cookie_mp == NULL) {
654 			sctp->sctp_state = SCTPS_COOKIE_WAIT;
655 			goto rxmit_init;
656 		}
657 		mp = dupmsg(sctp->sctp_cookie_mp);
658 		if (mp == NULL)
659 			break;
660 		(void) conn_ip_output(mp, fp->ixa);
661 		BUMP_LOCAL(sctp->sctp_opkts);
662 		BUMP_MIB(&sctps->sctps_mib, sctpTimRetrans);
663 		break;
664 	case SCTPS_SHUTDOWN_SENT:
665 		BUMP_LOCAL(sctp->sctp_T2expire);
666 		sctp_send_shutdown(sctp, 1);
667 		BUMP_MIB(&sctps->sctps_mib, sctpTimRetrans);
668 		break;
669 	case SCTPS_SHUTDOWN_ACK_SENT:
670 		/* We shouldn't have any more outstanding data */
671 		ASSERT(sctp->sctp_xmit_head == NULL);
672 		ASSERT(sctp->sctp_xmit_unsent == NULL);
673 
674 		BUMP_LOCAL(sctp->sctp_T2expire);
675 		(void) sctp_shutdown_received(sctp, NULL, B_FALSE, B_TRUE,
676 		    NULL);
677 		BUMP_MIB(&sctps->sctps_mib, sctpTimRetrans);
678 		break;
679 	default:
680 		ASSERT(0);
681 		break;
682 	}
683 
684 	fp->strikes++;
685 	sctp->sctp_strikes++;
686 	SCTP_CALC_RXT(sctp, fp);
687 
688 	SCTP_FADDR_TIMER_RESTART(sctp, fp, fp->rto);
689 }
690 
691 /*
692  * RTO calculation. timesent and now are both in ms.
693  */
694 void
695 sctp_update_rtt(sctp_t *sctp, sctp_faddr_t *fp, clock_t delta)
696 {
697 	int rtt;
698 
699 	/* Calculate the RTT in ms */
700 	rtt = (int)delta;
701 	rtt = rtt > 0 ? rtt : 1;
702 
703 	dprint(5, ("sctp_update_rtt: fp = %p, rtt = %d\n", (void *)fp, rtt));
704 
705 	/* Is this the first RTT measurement? */
706 	if (fp->srtt == -1) {
707 		fp->srtt = rtt;
708 		fp->rttvar = rtt / 2;
709 		fp->rto = 3 * rtt; /* == rtt + 4 * rttvar ( == rtt / 2) */
710 	} else {
711 		int abs;
712 		/*
713 		 * Versions of the RTO equations that use fixed-point math.
714 		 * alpha and beta are NOT tunable in this implementation,
715 		 * and so are hard-coded in. alpha = 1/8, beta = 1/4.
716 		 */
717 		abs = fp->srtt - rtt;
718 		abs = abs >= 0 ? abs : -abs;
719 		fp->rttvar = (3 * fp->rttvar + abs) >> 2;
720 		fp->rttvar = fp->rttvar != 0 ? fp->rttvar : 1;
721 
722 		fp->srtt = (7 * fp->srtt + rtt) >> 3;
723 		fp->rto = fp->srtt + 4 * fp->rttvar;
724 	}
725 
726 	dprint(5, ("sctp_update_rtt: srtt = %d, rttvar = %d, rto = %d\n",
727 	    fp->srtt, fp->rttvar, fp->rto));
728 
729 	/* Bound the RTO by configured min and max values */
730 	if (fp->rto < sctp->sctp_rto_min) {
731 		fp->rto = sctp->sctp_rto_min;
732 	}
733 	if (fp->rto > sctp->sctp_rto_max) {
734 		fp->rto = sctp->sctp_rto_max;
735 	}
736 
737 	SCTP_MAX_RTO(sctp, fp);
738 	fp->rtt_updates++;
739 }
740 
741 void
742 sctp_free_faddr_timers(sctp_t *sctp)
743 {
744 	sctp_faddr_t *fp;
745 
746 	for (fp = sctp->sctp_faddrs; fp != NULL; fp = fp->next) {
747 		if (fp->timer_mp != NULL) {
748 			sctp_timer_free(fp->timer_mp);
749 			fp->timer_mp = NULL;
750 			fp->timer_running = 0;
751 		}
752 		if (fp->rc_timer_mp != NULL) {
753 			sctp_timer_free(fp->rc_timer_mp);
754 			fp->rc_timer_mp = NULL;
755 			fp->rc_timer_running = 0;
756 		}
757 	}
758 }
759 
760 void
761 sctp_stop_faddr_timers(sctp_t *sctp)
762 {
763 	sctp_faddr_t *fp;
764 
765 	for (fp = sctp->sctp_faddrs; fp != NULL; fp = fp->next) {
766 		SCTP_FADDR_TIMER_STOP(fp);
767 		SCTP_FADDR_RC_TIMER_STOP(fp);
768 	}
769 }
770 
771 void
772 sctp_process_timer(sctp_t *sctp)
773 {
774 	mblk_t *mp;
775 
776 	ASSERT(sctp->sctp_running);
777 	ASSERT(MUTEX_HELD(&sctp->sctp_lock));
778 	while ((mp = sctp->sctp_timer_mp) != NULL) {
779 		ASSERT(DB_TYPE(mp) == M_PCSIG);
780 		/*
781 		 * Since the timer mblk can be freed in sctp_timer_call(),
782 		 * we need to grab the b_cont before that.
783 		 */
784 		sctp->sctp_timer_mp = mp->b_cont;
785 		mp->b_cont = NULL;
786 		/*
787 		 * We have a reference on the sctp, the lock must be
788 		 * dropped to avoid deadlocks with functions potentially
789 		 * called in this context which in turn call untimeout().
790 		 */
791 		mutex_exit(&sctp->sctp_lock);
792 		sctp_timer_call(sctp, mp);
793 		mutex_enter(&sctp->sctp_lock);
794 	}
795 	SCTP_REFRELE(sctp);
796 }
797