2008-01-11 09:57:09 -05:00
/* SCTP kernel implementation
2005-04-16 15:20:36 -07:00
* ( C ) Copyright IBM Corp . 2001 , 2004
* Copyright ( c ) 1999 - 2000 Cisco , Inc .
* Copyright ( c ) 1999 - 2001 Motorola , Inc .
* Copyright ( c ) 2001 Intel Corp .
* Copyright ( c ) 2001 La Monte H . P . Yarroll
*
2008-01-11 09:57:09 -05:00
* This file is part of the SCTP kernel implementation
2005-04-16 15:20:36 -07:00
*
* This module provides the abstraction for an SCTP association .
*
2008-01-11 09:57:09 -05:00
* This SCTP implementation is free software ;
2005-04-16 15:20:36 -07:00
* you can redistribute it and / or modify it under the terms of
* the GNU General Public License as published by
* the Free Software Foundation ; either version 2 , or ( at your option )
* any later version .
*
2008-01-11 09:57:09 -05:00
* This SCTP implementation is distributed in the hope that it
2005-04-16 15:20:36 -07:00
* will be useful , but WITHOUT ANY WARRANTY ; without even the implied
* * * * * * * * * * * * * * * * * * * * * * * * *
* warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE .
* See the GNU General Public License for more details .
*
* You should have received a copy of the GNU General Public License
2013-12-06 06:28:48 -08:00
* along with GNU CC ; see the file COPYING . If not , see
* < http : //www.gnu.org/licenses/>.
2005-04-16 15:20:36 -07:00
*
* Please send any bug reports or fixes you make to the
* email address ( es ) :
2013-07-23 14:51:47 +02:00
* lksctp developers < linux - sctp @ vger . kernel . org >
2005-04-16 15:20:36 -07:00
*
* Written or modified by :
* La Monte H . P . Yarroll < piggy @ acm . org >
* Karl Knutson < karl @ athena . chicago . il . us >
* Jon Grimm < jgrimm @ us . ibm . com >
* Xingang Guo < xingang . guo @ intel . com >
* Hui Huang < hui . huang @ nokia . com >
* Sridhar Samudrala < sri @ us . ibm . com >
* Daisy Chang < daisyc @ us . ibm . com >
* Ryan Layer < rmlayer @ us . ibm . com >
* Kevin Gao < kevin . gao @ intel . com >
*/
2010-08-24 13:21:08 +00:00
# define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
2005-04-16 15:20:36 -07:00
# include <linux/types.h>
# include <linux/fcntl.h>
# include <linux/poll.h>
# include <linux/init.h>
# include <linux/slab.h>
# include <linux/in.h>
# include <net/ipv6.h>
# include <net/sctp/sctp.h>
# include <net/sctp/sm.h>
/* Forward declarations for internal functions. */
2006-11-22 14:57:56 +00:00
static void sctp_assoc_bh_rcv ( struct work_struct * work ) ;
2007-12-20 14:11:47 -08:00
static void sctp_assoc_free_asconf_acks ( struct sctp_association * asoc ) ;
2011-05-24 21:48:02 +00:00
static void sctp_assoc_free_asconf_queue ( struct sctp_association * asoc ) ;
2005-04-16 15:20:36 -07:00
/* 1st Level Abstractions. */
/* Initialize a new association from provided memory. */
static struct sctp_association * sctp_association_init ( struct sctp_association * asoc ,
const struct sctp_endpoint * ep ,
const struct sock * sk ,
sctp_scope_t scope ,
2005-10-07 07:46:04 +01:00
gfp_t gfp )
2005-04-16 15:20:36 -07:00
{
2012-08-07 07:29:57 +00:00
struct net * net = sock_net ( sk ) ;
2005-04-16 15:20:36 -07:00
struct sctp_sock * sp ;
int i ;
2007-09-16 19:31:35 -07:00
sctp_paramhdr_t * p ;
int err ;
2005-04-16 15:20:36 -07:00
/* Retrieve the SCTP per socket area. */
sp = sctp_sk ( ( struct sock * ) sk ) ;
/* Discarding const is appropriate here. */
asoc - > ep = ( struct sctp_endpoint * ) ep ;
asoc - > base . sk = ( struct sock * ) sk ;
2013-06-14 18:24:07 +02:00
sctp_endpoint_hold ( asoc - > ep ) ;
2005-04-16 15:20:36 -07:00
sock_hold ( asoc - > base . sk ) ;
/* Initialize the common base substructure. */
asoc - > base . type = SCTP_EP_TYPE_ASSOCIATION ;
/* Initialize the object handling fields. */
atomic_set ( & asoc - > base . refcnt , 1 ) ;
/* Initialize the bind addr area. */
sctp_bind_addr_init ( & asoc - > base . bind_addr , ep - > base . bind_addr . port ) ;
asoc - > state = SCTP_STATE_CLOSED ;
2013-06-25 18:17:27 +02:00
asoc - > cookie_life = ms_to_ktime ( sp - > assocparams . sasoc_cookie_life ) ;
2009-09-04 18:21:00 -04:00
asoc - > user_frag = sp - > user_frag ;
2005-04-16 15:20:36 -07:00
/* Set the association max_retrans and RTO values from the
* socket values .
*/
asoc - > max_retrans = sp - > assocparams . sasoc_asocmaxrxt ;
2012-08-07 07:29:57 +00:00
asoc - > pf_retrans = net - > sctp . pf_retrans ;
2012-07-21 07:56:07 +00:00
2005-04-16 15:20:36 -07:00
asoc - > rto_initial = msecs_to_jiffies ( sp - > rtoinfo . srto_initial ) ;
asoc - > rto_max = msecs_to_jiffies ( sp - > rtoinfo . srto_max ) ;
asoc - > rto_min = msecs_to_jiffies ( sp - > rtoinfo . srto_min ) ;
2005-12-22 11:36:46 -08:00
/* Initialize the association's heartbeat interval based on the
* sock configured value .
*/
asoc - > hbinterval = msecs_to_jiffies ( sp - > hbinterval ) ;
/* Initialize path max retrans value. */
asoc - > pathmaxrxt = sp - > pathmaxrxt ;
/* Initialize default path MTU. */
asoc - > pathmtu = sp - > pathmtu ;
/* Set association default SACK delay */
asoc - > sackdelay = msecs_to_jiffies ( sp - > sackdelay ) ;
2008-05-09 15:13:26 -07:00
asoc - > sackfreq = sp - > sackfreq ;
2005-12-22 11:36:46 -08:00
/* Set the association default flags controlling
* Heartbeat , SACK delay , and Path MTU Discovery .
*/
asoc - > param_flags = sp - > param_flags ;
2013-12-06 09:36:30 +08:00
/* Initialize the maximum number of new data packets that can be sent
2005-04-16 15:20:36 -07:00
* in a burst .
*/
2007-03-23 11:34:36 -07:00
asoc - > max_burst = sp - > max_burst ;
2005-04-16 15:20:36 -07:00
2005-11-11 16:06:16 -08:00
/* initialize association timers */
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_T1_COOKIE ] = asoc - > rto_initial ;
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_T1_INIT ] = asoc - > rto_initial ;
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_T2_SHUTDOWN ] = asoc - > rto_initial ;
/* sctpimpguide Section 2.12.2
* If the ' T5 - shutdown - guard ' timer is used , it SHOULD be set to the
* recommended value of 5 times ' RTO . Max ' .
*/
2007-02-09 23:25:18 +09:00
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_T5_SHUTDOWN_GUARD ]
2005-11-11 16:06:16 -08:00
= 5 * asoc - > rto_max ;
2005-12-22 11:36:46 -08:00
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_SACK ] = asoc - > sackdelay ;
2013-12-10 06:48:15 -05:00
asoc - > timeouts [ SCTP_EVENT_TIMEOUT_AUTOCLOSE ] = sp - > autoclose * HZ ;
2007-02-09 23:25:18 +09:00
2010-06-11 12:17:00 +02:00
/* Initializes the timers */
2008-01-23 21:20:07 -08:00
for ( i = SCTP_EVENT_TIMEOUT_NONE ; i < SCTP_NUM_TIMEOUT_TYPES ; + + i )
setup_timer ( & asoc - > timers [ i ] , sctp_timer_events [ i ] ,
( unsigned long ) asoc ) ;
2005-04-16 15:20:36 -07:00
/* Pull default initialization values from the sock options.
* Note : This assumes that the values have already been
* validated in the sock .
*/
asoc - > c . sinit_max_instreams = sp - > initmsg . sinit_max_instreams ;
asoc - > c . sinit_num_ostreams = sp - > initmsg . sinit_num_ostreams ;
asoc - > max_init_attempts = sp - > initmsg . sinit_max_attempts ;
asoc - > max_init_timeo =
msecs_to_jiffies ( sp - > initmsg . sinit_max_init_timeo ) ;
/* Set the local window size for receive.
* This is also the rcvbuf space per association .
* RFC 6 - A SCTP receiver MUST be able to receive a minimum of
* 1500 bytes in one SCTP packet .
*/
2005-11-11 16:08:24 -08:00
if ( ( sk - > sk_rcvbuf / 2 ) < SCTP_DEFAULT_MINWINDOW )
2005-04-16 15:20:36 -07:00
asoc - > rwnd = SCTP_DEFAULT_MINWINDOW ;
else
2005-11-11 16:08:24 -08:00
asoc - > rwnd = sk - > sk_rcvbuf / 2 ;
2005-04-16 15:20:36 -07:00
asoc - > a_rwnd = asoc - > rwnd ;
/* Use my own max window until I learn something better. */
asoc - > peer . rwnd = SCTP_DEFAULT_MAXWINDOW ;
2005-11-11 16:08:24 -08:00
/* Initialize the receive memory counter */
atomic_set ( & asoc - > rmem_alloc , 0 ) ;
2005-04-16 15:20:36 -07:00
init_waitqueue_head ( & asoc - > wait ) ;
asoc - > c . my_vtag = sctp_generate_tag ( ep ) ;
asoc - > c . my_port = ep - > base . bind_addr . port ;
asoc - > c . initial_tsn = sctp_generate_tsn ( ep ) ;
asoc - > next_tsn = asoc - > c . initial_tsn ;
asoc - > ctsn_ack_point = asoc - > next_tsn - 1 ;
asoc - > adv_peer_ack_point = asoc - > ctsn_ack_point ;
asoc - > highest_sacked = asoc - > ctsn_ack_point ;
asoc - > last_cwr_tsn = asoc - > ctsn_ack_point ;
/* ADDIP Section 4.1 Asconf Chunk Procedures
*
* When an endpoint has an ASCONF signaled change to be sent to the
* remote endpoint it should do the following :
* . . .
* A2 ) a serial number should be assigned to the chunk . The serial
* number SHOULD be a monotonically increasing number . The serial
* numbers SHOULD be initialized at the start of the
* association to the same value as the initial TSN .
*/
asoc - > addip_serial = asoc - > c . initial_tsn ;
2005-07-08 21:47:49 -07:00
INIT_LIST_HEAD ( & asoc - > addip_chunk_list ) ;
2007-12-20 14:11:47 -08:00
INIT_LIST_HEAD ( & asoc - > asconf_ack_list ) ;
2005-04-16 15:20:36 -07:00
/* Make an empty list of remote transport addresses. */
INIT_LIST_HEAD ( & asoc - > peer . transport_addr_list ) ;
/* RFC 2960 5.1 Normal Establishment of an Association
*
* After the reception of the first data chunk in an
* association the endpoint must immediately respond with a
* sack to acknowledge the data chunk . Subsequent
* acknowledgements should be done as described in Section
* 6.2 .
*
* [ We implement this by telling a new association that it
* already received one packet . ]
*/
asoc - > peer . sack_needed = 1 ;
2012-06-30 03:04:26 +00:00
asoc - > peer . sack_generation = 1 ;
2005-04-16 15:20:36 -07:00
2007-10-24 17:24:26 -04:00
/* Assume that the peer will tell us if he recognizes ASCONF
* as part of INIT exchange .
2013-12-06 09:36:30 +08:00
* The sctp_addip_noauth option is there for backward compatibility
2007-10-24 17:24:26 -04:00
* and will revert old behavior .
2005-04-16 15:20:36 -07:00
*/
2012-08-07 07:29:57 +00:00
if ( net - > sctp . addip_noauth )
2007-10-24 17:24:26 -04:00
asoc - > peer . asconf_capable = 1 ;
2005-04-16 15:20:36 -07:00
/* Create an input queue. */
sctp_inq_init ( & asoc - > base . inqueue ) ;
2006-11-22 14:57:56 +00:00
sctp_inq_set_th_handler ( & asoc - > base . inqueue , sctp_assoc_bh_rcv ) ;
2005-04-16 15:20:36 -07:00
/* Create an output queue. */
sctp_outq_init ( asoc , & asoc - > outqueue ) ;
if ( ! sctp_ulpq_init ( & asoc - > ulpq , asoc ) )
goto fail_init ;
/* Assume that peer would support both address types unless we are
* told otherwise .
*/
asoc - > peer . ipv4_address = 1 ;
2009-04-07 16:35:11 +08:00
if ( asoc - > base . sk - > sk_family = = PF_INET6 )
asoc - > peer . ipv6_address = 1 ;
2005-04-16 15:20:36 -07:00
INIT_LIST_HEAD ( & asoc - > asocs ) ;
asoc - > default_stream = sp - > default_stream ;
asoc - > default_ppid = sp - > default_ppid ;
asoc - > default_flags = sp - > default_flags ;
asoc - > default_context = sp - > default_context ;
asoc - > default_timetolive = sp - > default_timetolive ;
2006-12-13 16:34:22 -08:00
asoc - > default_rcv_context = sp - > default_rcv_context ;
2005-04-16 15:20:36 -07:00
2007-09-16 19:31:35 -07:00
/* AUTH related initializations */
INIT_LIST_HEAD ( & asoc - > endpoint_shared_keys ) ;
err = sctp_auth_asoc_copy_shkeys ( ep , asoc , gfp ) ;
if ( err )
goto fail_init ;
asoc - > active_key_id = ep - > active_key_id ;
/* Save the hmacs and chunks list into this association */
if ( ep - > auth_hmacs_list )
memcpy ( asoc - > c . auth_hmacs , ep - > auth_hmacs_list ,
ntohs ( ep - > auth_hmacs_list - > param_hdr . length ) ) ;
if ( ep - > auth_chunk_list )
memcpy ( asoc - > c . auth_chunks , ep - > auth_chunk_list ,
ntohs ( ep - > auth_chunk_list - > param_hdr . length ) ) ;
/* Get the AUTH random number for this association */
p = ( sctp_paramhdr_t * ) asoc - > c . auth_random ;
p - > type = SCTP_PARAM_RANDOM ;
p - > length = htons ( sizeof ( sctp_paramhdr_t ) + SCTP_AUTH_RANDOM_LENGTH ) ;
get_random_bytes ( p + 1 , SCTP_AUTH_RANDOM_LENGTH ) ;
2005-04-16 15:20:36 -07:00
return asoc ;
fail_init :
sock_put ( asoc - > base . sk ) ;
2013-06-14 18:24:07 +02:00
sctp_endpoint_put ( asoc - > ep ) ;
2005-04-16 15:20:36 -07:00
return NULL ;
}
/* Allocate and initialize a new association */
struct sctp_association * sctp_association_new ( const struct sctp_endpoint * ep ,
const struct sock * sk ,
2005-07-11 20:57:47 -07:00
sctp_scope_t scope ,
2005-10-07 07:46:04 +01:00
gfp_t gfp )
2005-04-16 15:20:36 -07:00
{
struct sctp_association * asoc ;
2013-06-17 11:40:04 +02:00
asoc = kzalloc ( sizeof ( * asoc ) , gfp ) ;
2005-04-16 15:20:36 -07:00
if ( ! asoc )
goto fail ;
if ( ! sctp_association_init ( asoc , ep , sk , scope , gfp ) )
goto fail_init ;
SCTP_DBG_OBJCNT_INC ( assoc ) ;
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " Created asoc %p \n " , asoc ) ;
2005-04-16 15:20:36 -07:00
return asoc ;
fail_init :
kfree ( asoc ) ;
fail :
return NULL ;
}
/* Free this association if possible. There may still be users, so
* the actual deallocation may be delayed .
*/
void sctp_association_free ( struct sctp_association * asoc )
{
struct sock * sk = asoc - > base . sk ;
struct sctp_transport * transport ;
struct list_head * pos , * temp ;
int i ;
2006-10-30 18:55:11 -08:00
/* Only real associations count against the endpoint, so
* don ' t bother for if this is a temporary association .
*/
if ( ! asoc - > temp ) {
list_del ( & asoc - > asocs ) ;
/* Decrement the backlog value for a TCP-style listening
* socket .
*/
if ( sctp_style ( sk , TCP ) & & sctp_sstate ( sk , LISTENING ) )
sk - > sk_ack_backlog - - ;
}
2005-04-16 15:20:36 -07:00
/* Mark as dead, so other users can know this structure is
* going away .
*/
2013-04-15 03:27:18 +00:00
asoc - > base . dead = true ;
2005-04-16 15:20:36 -07:00
/* Dispose of any data lying around in the outqueue. */
sctp_outq_free ( & asoc - > outqueue ) ;
/* Dispose of any pending messages for the upper layer. */
sctp_ulpq_free ( & asoc - > ulpq ) ;
/* Dispose of any pending chunks on the inqueue. */
sctp_inq_free ( & asoc - > base . inqueue ) ;
2008-10-08 14:18:39 -07:00
sctp_tsnmap_free ( & asoc - > peer . tsn_map ) ;
2005-04-16 15:20:36 -07:00
/* Free ssnmap storage. */
sctp_ssnmap_free ( asoc - > ssnmap ) ;
/* Clean up the bound address list. */
sctp_bind_addr_free ( & asoc - > base . bind_addr ) ;
/* Do we need to go through all of our timers and
* delete them ? To be safe we will try to delete all , but we
* should be able to go through and make a guess based
* on our state .
*/
for ( i = SCTP_EVENT_TIMEOUT_NONE ; i < SCTP_NUM_TIMEOUT_TYPES ; + + i ) {
2013-02-03 20:32:57 +00:00
if ( del_timer ( & asoc - > timers [ i ] ) )
2005-04-16 15:20:36 -07:00
sctp_association_put ( asoc ) ;
}
/* Free peer's cached cookie. */
2005-11-08 09:41:34 -08:00
kfree ( asoc - > peer . cookie ) ;
2007-09-16 19:32:11 -07:00
kfree ( asoc - > peer . peer_random ) ;
kfree ( asoc - > peer . peer_chunks ) ;
kfree ( asoc - > peer . peer_hmacs ) ;
2005-04-16 15:20:36 -07:00
/* Release the transport structures. */
list_for_each_safe ( pos , temp , & asoc - > peer . transport_addr_list ) {
transport = list_entry ( pos , struct sctp_transport , transports ) ;
2012-12-06 09:25:05 +00:00
list_del_rcu ( pos ) ;
2005-04-16 15:20:36 -07:00
sctp_transport_free ( transport ) ;
}
2005-06-20 13:14:57 -07:00
asoc - > peer . transport_count = 0 ;
2011-05-29 23:23:36 +00:00
sctp_asconf_queue_teardown ( asoc ) ;
2005-04-16 15:20:36 -07:00
2011-04-26 20:19:36 +09:00
/* Free pending address space being deleted */
if ( asoc - > asconf_addr_del_pending ! = NULL )
kfree ( asoc - > asconf_addr_del_pending ) ;
2007-09-16 19:31:35 -07:00
/* AUTH - Free the endpoint shared keys */
sctp_auth_destroy_keys ( & asoc - > endpoint_shared_keys ) ;
/* AUTH - Free the association shared key */
sctp_auth_key_put ( asoc - > asoc_shared_key ) ;
2005-04-16 15:20:36 -07:00
sctp_association_put ( asoc ) ;
}
/* Cleanup and free up an association. */
static void sctp_association_destroy ( struct sctp_association * asoc )
{
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
if ( unlikely ( ! asoc - > base . dead ) ) {
WARN ( 1 , " Attempt to destroy undead association %p! \n " , asoc ) ;
return ;
}
2005-04-16 15:20:36 -07:00
sctp_endpoint_put ( asoc - > ep ) ;
sock_put ( asoc - > base . sk ) ;
if ( asoc - > assoc_id ! = 0 ) {
spin_lock_bh ( & sctp_assocs_id_lock ) ;
idr_remove ( & sctp_assocs_id , asoc - > assoc_id ) ;
spin_unlock_bh ( & sctp_assocs_id_lock ) ;
}
2008-07-25 21:43:18 -07:00
WARN_ON ( atomic_read ( & asoc - > rmem_alloc ) ) ;
2005-11-11 16:08:24 -08:00
2013-04-15 03:27:17 +00:00
kfree ( asoc ) ;
SCTP_DBG_OBJCNT_DEC ( assoc ) ;
2005-04-16 15:20:36 -07:00
}
/* Change the primary destination address for the peer. */
void sctp_assoc_set_primary ( struct sctp_association * asoc ,
struct sctp_transport * transport )
{
2008-06-16 17:00:29 -07:00
int changeover = 0 ;
/* it's a changeover only if we already have a primary path
* that we are changing
*/
if ( asoc - > peer . primary_path ! = NULL & &
asoc - > peer . primary_path ! = transport )
changeover = 1 ;
2005-04-16 15:20:36 -07:00
asoc - > peer . primary_path = transport ;
/* Set a default msg_name for events. */
memcpy ( & asoc - > peer . primary_addr , & transport - > ipaddr ,
sizeof ( union sctp_addr ) ) ;
/* If the primary path is changing, assume that the
* user wants to use this new path .
*/
2006-07-21 14:48:50 -07:00
if ( ( transport - > state = = SCTP_ACTIVE ) | |
( transport - > state = = SCTP_UNKNOWN ) )
2005-04-16 15:20:36 -07:00
asoc - > peer . active_path = transport ;
/*
* SFR - CACC algorithm :
* Upon the receipt of a request to change the primary
* destination address , on the data structure for the new
* primary destination , the sender MUST do the following :
*
* 1 ) If CHANGEOVER_ACTIVE is set , then there was a switch
* to this destination address earlier . The sender MUST set
* CYCLING_CHANGEOVER to indicate that this switch is a
* double switch to the same destination address .
2009-11-23 15:53:57 -05:00
*
* Really , only bother is we have data queued or outstanding on
* the association .
2005-04-16 15:20:36 -07:00
*/
2009-11-23 15:53:57 -05:00
if ( ! asoc - > outqueue . outstanding_bytes & & ! asoc - > outqueue . out_qlen )
return ;
2005-04-16 15:20:36 -07:00
if ( transport - > cacc . changeover_active )
2008-06-16 17:00:29 -07:00
transport - > cacc . cycling_changeover = changeover ;
2005-04-16 15:20:36 -07:00
/* 2) The sender MUST set CHANGEOVER_ACTIVE to indicate that
* a changeover has occurred .
*/
2008-06-16 17:00:29 -07:00
transport - > cacc . changeover_active = changeover ;
2005-04-16 15:20:36 -07:00
/* 3) The sender MUST store the next TSN to be sent in
* next_tsn_at_change .
*/
transport - > cacc . next_tsn_at_change = asoc - > next_tsn ;
}
2005-06-20 13:14:57 -07:00
/* Remove a transport from an association. */
void sctp_assoc_rm_peer ( struct sctp_association * asoc ,
struct sctp_transport * peer )
{
struct list_head * pos ;
struct sctp_transport * transport ;
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " %s: association:%p addr:%pISpc \n " ,
__func__ , asoc , & peer - > ipaddr . sa ) ;
2005-06-20 13:14:57 -07:00
/* If we are to remove the current retran_path, update it
* to the next peer before removing this peer from the list .
*/
if ( asoc - > peer . retran_path = = peer )
sctp_assoc_update_retran_path ( asoc ) ;
/* Remove this peer from the list. */
2012-12-06 09:25:05 +00:00
list_del_rcu ( & peer - > transports ) ;
2005-06-20 13:14:57 -07:00
/* Get the first transport of asoc. */
pos = asoc - > peer . transport_addr_list . next ;
transport = list_entry ( pos , struct sctp_transport , transports ) ;
/* Update any entries that match the peer to be deleted. */
if ( asoc - > peer . primary_path = = peer )
sctp_assoc_set_primary ( asoc , transport ) ;
if ( asoc - > peer . active_path = = peer )
asoc - > peer . active_path = transport ;
2011-04-12 15:22:22 +00:00
if ( asoc - > peer . retran_path = = peer )
asoc - > peer . retran_path = transport ;
2005-06-20 13:14:57 -07:00
if ( asoc - > peer . last_data_from = = peer )
asoc - > peer . last_data_from = transport ;
/* If we remove the transport an INIT was last sent to, set it to
* NULL . Combined with the update of the retran path above , this
* will cause the next INIT to be sent to the next available
* transport , maintaining the cycle .
*/
if ( asoc - > init_last_sent_to = = peer )
asoc - > init_last_sent_to = NULL ;
2009-04-26 23:13:35 +08:00
/* If we remove the transport an SHUTDOWN was last sent to, set it
* to NULL . Combined with the update of the retran path above , this
* will cause the next SHUTDOWN to be sent to the next available
* transport , maintaining the cycle .
*/
if ( asoc - > shutdown_last_sent_to = = peer )
asoc - > shutdown_last_sent_to = NULL ;
2009-04-26 23:14:42 +08:00
/* If we remove the transport an ASCONF was last sent to, set it to
* NULL .
*/
if ( asoc - > addip_last_asconf & &
asoc - > addip_last_asconf - > transport = = peer )
asoc - > addip_last_asconf - > transport = NULL ;
2009-09-04 18:21:00 -04:00
/* If we have something on the transmitted list, we have to
* save it off . The best place is the active path .
*/
if ( ! list_empty ( & peer - > transmitted ) ) {
struct sctp_transport * active = asoc - > peer . active_path ;
struct sctp_chunk * ch ;
/* Reset the transport of each chunk on this list */
list_for_each_entry ( ch , & peer - > transmitted ,
transmitted_list ) {
ch - > transport = NULL ;
ch - > rtt_in_progress = 0 ;
}
list_splice_tail_init ( & peer - > transmitted ,
& active - > transmitted ) ;
/* Start a T3 timer here in case it wasn't running so
* that these migrated packets have a chance to get
2013-10-26 16:06:30 +08:00
* retransmitted .
2009-09-04 18:21:00 -04:00
*/
if ( ! timer_pending ( & active - > T3_rtx_timer ) )
if ( ! mod_timer ( & active - > T3_rtx_timer ,
jiffies + active - > rto ) )
sctp_transport_hold ( active ) ;
}
2005-06-20 13:14:57 -07:00
asoc - > peer . transport_count - - ;
sctp_transport_free ( peer ) ;
}
2005-04-16 15:20:36 -07:00
/* Add a transport address to an association. */
struct sctp_transport * sctp_assoc_add_peer ( struct sctp_association * asoc ,
const union sctp_addr * addr ,
2005-10-07 07:46:04 +01:00
const gfp_t gfp ,
2005-06-20 13:14:57 -07:00
const int peer_state )
2005-04-16 15:20:36 -07:00
{
2012-08-07 07:26:14 +00:00
struct net * net = sock_net ( asoc - > base . sk ) ;
2005-04-16 15:20:36 -07:00
struct sctp_transport * peer ;
struct sctp_sock * sp ;
unsigned short port ;
sp = sctp_sk ( asoc - > base . sk ) ;
/* AF_INET and AF_INET6 share common port field. */
2006-11-20 17:10:20 -08:00
port = ntohs ( addr - > v4 . sin_port ) ;
2005-04-16 15:20:36 -07:00
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " %s: association:%p addr:%pISpc state:%d \n " , __func__ ,
asoc , & addr - > sa , peer_state ) ;
2005-06-20 13:14:57 -07:00
2005-04-16 15:20:36 -07:00
/* Set the port if it has not been set yet. */
if ( 0 = = asoc - > peer . port )
asoc - > peer . port = port ;
/* Check to see if this is a duplicate. */
peer = sctp_assoc_lookup_paddr ( asoc , addr ) ;
2005-06-20 13:14:57 -07:00
if ( peer ) {
2008-09-18 16:28:27 -07:00
/* An UNKNOWN state is only set on transports added by
* user in sctp_connectx ( ) call . Such transports should be
* considered CONFIRMED per RFC 4960 , Section 5.4 .
*/
2006-07-21 14:48:50 -07:00
if ( peer - > state = = SCTP_UNKNOWN ) {
2008-09-18 16:28:27 -07:00
peer - > state = SCTP_ACTIVE ;
2006-07-21 14:48:50 -07:00
}
2005-04-16 15:20:36 -07:00
return peer ;
2005-06-20 13:14:57 -07:00
}
2005-04-16 15:20:36 -07:00
2012-08-07 07:26:14 +00:00
peer = sctp_transport_new ( net , addr , gfp ) ;
2005-04-16 15:20:36 -07:00
if ( ! peer )
return NULL ;
sctp_transport_set_owner ( peer , asoc ) ;
2005-12-22 11:36:46 -08:00
/* Initialize the peer's heartbeat interval based on the
* association configured value .
*/
peer - > hbinterval = asoc - > hbinterval ;
/* Set the path max_retrans. */
peer - > pathmaxrxt = asoc - > pathmaxrxt ;
2013-10-26 16:06:30 +08:00
/* And the partial failure retrans threshold */
2012-07-21 07:56:07 +00:00
peer - > pf_retrans = asoc - > pf_retrans ;
2005-12-22 11:36:46 -08:00
/* Initialize the peer's SACK delay timeout based on the
* association configured value .
*/
peer - > sackdelay = asoc - > sackdelay ;
2008-05-09 15:13:26 -07:00
peer - > sackfreq = asoc - > sackfreq ;
2005-12-22 11:36:46 -08:00
/* Enable/disable heartbeat, SACK delay, and path MTU discovery
* based on association setting .
*/
peer - > param_flags = asoc - > param_flags ;
2009-09-04 18:21:01 -04:00
sctp_transport_route ( peer , NULL , sp ) ;
2005-04-16 15:20:36 -07:00
/* Initialize the pmtu of the transport. */
2009-09-04 18:21:01 -04:00
if ( peer - > param_flags & SPP_PMTUD_DISABLE ) {
if ( asoc - > pathmtu )
peer - > pathmtu = asoc - > pathmtu ;
else
peer - > pathmtu = SCTP_DEFAULT_MAXSEGMENT ;
}
2005-04-16 15:20:36 -07:00
/* If this is the first transport addr on this association,
* initialize the association PMTU to the peer ' s PMTU .
* If not and the current association PMTU is higher than the new
* peer ' s PMTU , reset the association PMTU to the new peer ' s PMTU .
*/
2005-12-22 11:36:46 -08:00
if ( asoc - > pathmtu )
asoc - > pathmtu = min_t ( int , peer - > pathmtu , asoc - > pathmtu ) ;
2005-04-16 15:20:36 -07:00
else
2005-12-22 11:36:46 -08:00
asoc - > pathmtu = peer - > pathmtu ;
2005-04-16 15:20:36 -07:00
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " %s: association:%p PMTU set to %d \n " , __func__ , asoc ,
asoc - > pathmtu ) ;
2008-07-18 23:04:39 -07:00
peer - > pmtu_pending = 0 ;
2005-04-16 15:20:36 -07:00
2009-09-04 18:21:00 -04:00
asoc - > frag_point = sctp_frag_point ( asoc , asoc - > pathmtu ) ;
2005-04-16 15:20:36 -07:00
/* The asoc->peer.port might not be meaningful yet, but
* initialize the packet structure anyway .
*/
sctp_packet_init ( & peer - > packet , peer , asoc - > base . bind_addr . port ,
asoc - > peer . port ) ;
/* 7.2.1 Slow-Start
*
* o The initial cwnd before DATA transmission or after a sufficiently
* long idle period MUST be set to
* min ( 4 * MTU , max ( 2 * MTU , 4380 bytes ) )
*
* o The initial value of ssthresh MAY be arbitrarily high
* ( for example , implementations MAY use the size of the
* receiver advertised window ) .
*/
2005-12-22 11:36:46 -08:00
peer - > cwnd = min ( 4 * asoc - > pathmtu , max_t ( __u32 , 2 * asoc - > pathmtu , 4380 ) ) ;
2005-04-16 15:20:36 -07:00
/* At this point, we may not have the receiver's advertised window,
* so initialize ssthresh to the default value and it will be set
* later when we process the INIT .
*/
peer - > ssthresh = SCTP_DEFAULT_MAXWINDOW ;
peer - > partial_bytes_acked = 0 ;
peer - > flight_size = 0 ;
2009-11-23 15:54:00 -05:00
peer - > burst_limited = 0 ;
2005-04-16 15:20:36 -07:00
/* Set the transport's RTO.initial value */
peer - > rto = asoc - > rto_initial ;
2012-12-01 04:49:42 +00:00
sctp_max_rto ( asoc , peer ) ;
2005-04-16 15:20:36 -07:00
2005-06-20 13:14:57 -07:00
/* Set the peer's active state. */
peer - > state = peer_state ;
2005-04-16 15:20:36 -07:00
/* Attach the remote transport to our asoc. */
2012-12-06 09:25:05 +00:00
list_add_tail_rcu ( & peer - > transports , & asoc - > peer . transport_addr_list ) ;
2005-06-20 13:14:57 -07:00
asoc - > peer . transport_count + + ;
2005-04-16 15:20:36 -07:00
/* If we do not yet have a primary path, set one. */
if ( ! asoc - > peer . primary_path ) {
sctp_assoc_set_primary ( asoc , peer ) ;
asoc - > peer . retran_path = peer ;
}
2010-04-30 22:39:26 -04:00
if ( asoc - > peer . active_path = = asoc - > peer . retran_path & &
peer - > state ! = SCTP_UNCONFIRMED ) {
2005-04-16 15:20:36 -07:00
asoc - > peer . retran_path = peer ;
2005-06-20 13:14:57 -07:00
}
2005-04-16 15:20:36 -07:00
return peer ;
}
/* Delete a transport address from an association. */
void sctp_assoc_del_peer ( struct sctp_association * asoc ,
const union sctp_addr * addr )
{
struct list_head * pos ;
struct list_head * temp ;
struct sctp_transport * transport ;
list_for_each_safe ( pos , temp , & asoc - > peer . transport_addr_list ) {
transport = list_entry ( pos , struct sctp_transport , transports ) ;
if ( sctp_cmp_addr_exact ( addr , & transport - > ipaddr ) ) {
2005-06-20 13:14:57 -07:00
/* Do book keeping for removing the peer and free it. */
sctp_assoc_rm_peer ( asoc , transport ) ;
2005-04-16 15:20:36 -07:00
break ;
}
}
}
/* Lookup a transport by address. */
struct sctp_transport * sctp_assoc_lookup_paddr (
const struct sctp_association * asoc ,
const union sctp_addr * address )
{
struct sctp_transport * t ;
/* Cycle through all transports searching for a peer address. */
2008-04-12 18:54:24 -07:00
list_for_each_entry ( t , & asoc - > peer . transport_addr_list ,
transports ) {
2005-04-16 15:20:36 -07:00
if ( sctp_cmp_addr_exact ( address , & t - > ipaddr ) )
return t ;
}
return NULL ;
}
2007-12-20 14:08:56 -08:00
/* Remove all transports except a give one */
void sctp_assoc_del_nonprimary_peers ( struct sctp_association * asoc ,
struct sctp_transport * primary )
{
struct sctp_transport * temp ;
struct sctp_transport * t ;
list_for_each_entry_safe ( t , temp , & asoc - > peer . transport_addr_list ,
transports ) {
/* if the current transport is not the primary one, delete it */
if ( t ! = primary )
sctp_assoc_rm_peer ( asoc , t ) ;
}
}
2005-04-16 15:20:36 -07:00
/* Engage in transport control operations.
* Mark the transport up or down and send a notification to the user .
* Select and update the new active and retran paths .
*/
void sctp_assoc_control_transport ( struct sctp_association * asoc ,
struct sctp_transport * transport ,
sctp_transport_cmd_t command ,
sctp_sn_error_t error )
{
struct sctp_transport * t = NULL ;
struct sctp_transport * first ;
struct sctp_transport * second ;
struct sctp_ulpevent * event ;
2006-11-20 17:03:01 -08:00
struct sockaddr_storage addr ;
2005-04-16 15:20:36 -07:00
int spc_state = 0 ;
2012-07-21 07:56:07 +00:00
bool ulp_notify = true ;
2005-04-16 15:20:36 -07:00
/* Record the transition on the transport. */
switch ( command ) {
case SCTP_TRANSPORT_UP :
2007-03-23 11:32:26 -07:00
/* If we are moving from UNCONFIRMED state due
* to heartbeat success , report the SCTP_ADDR_CONFIRMED
* state to the user , otherwise report SCTP_ADDR_AVAILABLE .
*/
if ( SCTP_UNCONFIRMED = = transport - > state & &
SCTP_HEARTBEAT_SUCCESS = = error )
spc_state = SCTP_ADDR_CONFIRMED ;
else
spc_state = SCTP_ADDR_AVAILABLE ;
2012-07-21 07:56:07 +00:00
/* Don't inform ULP about transition from PF to
2013-08-09 15:09:08 +02:00
* active state and set cwnd to 1 MTU , see SCTP
2012-07-21 07:56:07 +00:00
* Quick failover draft section 5.1 , point 5
*/
if ( transport - > state = = SCTP_PF ) {
ulp_notify = false ;
2013-08-09 15:09:08 +02:00
transport - > cwnd = asoc - > pathmtu ;
2012-07-21 07:56:07 +00:00
}
2005-06-20 13:14:57 -07:00
transport - > state = SCTP_ACTIVE ;
2005-04-16 15:20:36 -07:00
break ;
case SCTP_TRANSPORT_DOWN :
2009-06-23 11:28:05 -04:00
/* If the transport was never confirmed, do not transition it
* to inactive state . Also , release the cached route since
* there may be a better route next time .
2007-08-24 19:30:25 +09:00
*/
if ( transport - > state ! = SCTP_UNCONFIRMED )
transport - > state = SCTP_INACTIVE ;
2009-06-23 11:28:05 -04:00
else {
dst_release ( transport - > dst ) ;
transport - > dst = NULL ;
}
2007-08-24 19:30:25 +09:00
2005-04-16 15:20:36 -07:00
spc_state = SCTP_ADDR_UNREACHABLE ;
break ;
2012-07-21 07:56:07 +00:00
case SCTP_TRANSPORT_PF :
transport - > state = SCTP_PF ;
ulp_notify = false ;
break ;
2005-04-16 15:20:36 -07:00
default :
return ;
2007-04-20 17:09:22 -07:00
}
2005-04-16 15:20:36 -07:00
/* Generate and send a SCTP_PEER_ADDR_CHANGE notification to the
* user .
*/
2012-07-21 07:56:07 +00:00
if ( ulp_notify ) {
memset ( & addr , 0 , sizeof ( struct sockaddr_storage ) ) ;
memcpy ( & addr , & transport - > ipaddr ,
transport - > af_specific - > sockaddr_len ) ;
event = sctp_ulpevent_make_peer_addr_change ( asoc , & addr ,
0 , spc_state , error , GFP_ATOMIC ) ;
if ( event )
sctp_ulpq_tail_event ( & asoc - > ulpq , event ) ;
}
2005-04-16 15:20:36 -07:00
/* Select new active and retran paths. */
/* Look for the two most recently used active transports.
*
* This code produces the wrong ordering whenever jiffies
* rolls over , but we still get usable transports , so we don ' t
* worry about it .
*/
first = NULL ; second = NULL ;
2008-04-12 18:54:24 -07:00
list_for_each_entry ( t , & asoc - > peer . transport_addr_list ,
transports ) {
2005-04-16 15:20:36 -07:00
2006-07-21 14:48:50 -07:00
if ( ( t - > state = = SCTP_INACTIVE ) | |
2012-07-21 07:56:07 +00:00
( t - > state = = SCTP_UNCONFIRMED ) | |
( t - > state = = SCTP_PF ) )
2005-04-16 15:20:36 -07:00
continue ;
if ( ! first | | t - > last_time_heard > first - > last_time_heard ) {
second = first ;
first = t ;
2013-11-14 00:58:26 +01:00
} else if ( ! second | |
t - > last_time_heard > second - > last_time_heard )
2005-04-16 15:20:36 -07:00
second = t ;
}
/* RFC 2960 6.4 Multi-Homed SCTP Endpoints
*
* By default , an endpoint should always transmit to the
* primary path , unless the SCTP user explicitly specifies the
* destination transport address ( and possibly source
* transport address ) to use .
*
* [ If the primary is active but not most recent , bump the most
* recently used transport . ]
*/
2006-07-21 14:48:50 -07:00
if ( ( ( asoc - > peer . primary_path - > state = = SCTP_ACTIVE ) | |
( asoc - > peer . primary_path - > state = = SCTP_UNKNOWN ) ) & &
2005-04-16 15:20:36 -07:00
first ! = asoc - > peer . primary_path ) {
second = first ;
first = asoc - > peer . primary_path ;
}
2013-11-14 00:58:26 +01:00
if ( ! second )
second = first ;
2005-04-16 15:20:36 -07:00
/* If we failed to find a usable transport, just camp on the
* primary , even if it is inactive .
*/
if ( ! first ) {
first = asoc - > peer . primary_path ;
second = asoc - > peer . primary_path ;
}
/* Set the active and retran transports. */
asoc - > peer . active_path = first ;
asoc - > peer . retran_path = second ;
}
/* Hold a reference to an association. */
void sctp_association_hold ( struct sctp_association * asoc )
{
atomic_inc ( & asoc - > base . refcnt ) ;
}
/* Release a reference to an association and cleanup
* if there are no more references .
*/
void sctp_association_put ( struct sctp_association * asoc )
{
if ( atomic_dec_and_test ( & asoc - > base . refcnt ) )
sctp_association_destroy ( asoc ) ;
}
/* Allocate the next TSN, Transmission Sequence Number, for the given
* association .
*/
__u32 sctp_association_get_next_tsn ( struct sctp_association * asoc )
{
/* From Section 1.6 Serial Number Arithmetic:
* Transmission Sequence Numbers wrap around when they reach
* 2 * * 32 - 1. That is , the next TSN a DATA chunk MUST use
* after transmitting TSN = 2 * 32 - 1 is TSN = 0.
*/
__u32 retval = asoc - > next_tsn ;
asoc - > next_tsn + + ;
asoc - > unack_data + + ;
return retval ;
}
/* Compare two addresses to see if they match. Wildcard addresses
* only match themselves .
*/
int sctp_cmp_addr_exact ( const union sctp_addr * ss1 ,
const union sctp_addr * ss2 )
{
struct sctp_af * af ;
af = sctp_get_af_specific ( ss1 - > sa . sa_family ) ;
if ( unlikely ( ! af ) )
return 0 ;
return af - > cmp_addr ( ss1 , ss2 ) ;
}
/* Return an ecne chunk to get prepended to a packet.
* Note : We are sly and return a shared , prealloced chunk . FIXME :
* No we don ' t , but we could / should .
*/
struct sctp_chunk * sctp_get_ecne_prepend ( struct sctp_association * asoc )
{
2013-12-06 09:36:28 +08:00
if ( ! asoc - > need_ecne )
return NULL ;
2005-04-16 15:20:36 -07:00
/* Send ECNE if needed.
* Not being able to allocate a chunk here is not deadly .
*/
2013-12-06 09:36:28 +08:00
return sctp_make_ecne ( asoc , asoc - > last_ecne_tsn ) ;
2005-04-16 15:20:36 -07:00
}
/*
* Find which transport this TSN was sent on .
*/
struct sctp_transport * sctp_assoc_lookup_tsn ( struct sctp_association * asoc ,
__u32 tsn )
{
struct sctp_transport * active ;
struct sctp_transport * match ;
struct sctp_transport * transport ;
struct sctp_chunk * chunk ;
2006-11-20 17:01:42 -08:00
__be32 key = htonl ( tsn ) ;
2005-04-16 15:20:36 -07:00
match = NULL ;
/*
* FIXME : In general , find a more efficient data structure for
* searching .
*/
/*
* The general strategy is to search each transport ' s transmitted
* list . Return which transport this TSN lives on .
*
* Let ' s be hopeful and check the active_path first .
* Another optimization would be to know if there is only one
* outbound path and not have to look for the TSN at all .
*
*/
active = asoc - > peer . active_path ;
2008-04-12 18:54:24 -07:00
list_for_each_entry ( chunk , & active - > transmitted ,
transmitted_list ) {
2005-04-16 15:20:36 -07:00
if ( key = = chunk - > subh . data_hdr - > tsn ) {
match = active ;
goto out ;
}
}
/* If not found, go search all the other transports. */
2008-04-12 18:54:24 -07:00
list_for_each_entry ( transport , & asoc - > peer . transport_addr_list ,
transports ) {
2005-04-16 15:20:36 -07:00
if ( transport = = active )
2013-03-07 21:39:37 +00:00
continue ;
2008-04-12 18:54:24 -07:00
list_for_each_entry ( chunk , & transport - > transmitted ,
transmitted_list ) {
2005-04-16 15:20:36 -07:00
if ( key = = chunk - > subh . data_hdr - > tsn ) {
match = transport ;
goto out ;
}
}
}
out :
return match ;
}
/* Is this the association we are looking for? */
struct sctp_transport * sctp_assoc_is_match ( struct sctp_association * asoc ,
2012-08-06 08:41:13 +00:00
struct net * net ,
2005-04-16 15:20:36 -07:00
const union sctp_addr * laddr ,
const union sctp_addr * paddr )
{
struct sctp_transport * transport ;
2006-11-20 17:08:41 -08:00
if ( ( htons ( asoc - > base . bind_addr . port ) = = laddr - > v4 . sin_port ) & &
2012-08-06 08:41:13 +00:00
( htons ( asoc - > peer . port ) = = paddr - > v4 . sin_port ) & &
net_eq ( sock_net ( asoc - > base . sk ) , net ) ) {
2005-04-16 15:20:36 -07:00
transport = sctp_assoc_lookup_paddr ( asoc , paddr ) ;
if ( ! transport )
goto out ;
if ( sctp_bind_addr_match ( & asoc - > base . bind_addr , laddr ,
sctp_sk ( asoc - > base . sk ) ) )
goto out ;
}
transport = NULL ;
out :
return transport ;
}
/* Do delayed input processing. This is scheduled by sctp_rcv(). */
2006-11-22 14:57:56 +00:00
static void sctp_assoc_bh_rcv ( struct work_struct * work )
2005-04-16 15:20:36 -07:00
{
2006-11-22 14:57:56 +00:00
struct sctp_association * asoc =
container_of ( work , struct sctp_association ,
base . inqueue . immediate ) ;
2012-08-07 07:25:24 +00:00
struct net * net = sock_net ( asoc - > base . sk ) ;
2005-04-16 15:20:36 -07:00
struct sctp_endpoint * ep ;
struct sctp_chunk * chunk ;
struct sctp_inq * inqueue ;
int state ;
sctp_subtype_t subtype ;
int error = 0 ;
/* The association should be held so we should be safe. */
ep = asoc - > ep ;
inqueue = & asoc - > base . inqueue ;
sctp_association_hold ( asoc ) ;
while ( NULL ! = ( chunk = sctp_inq_pop ( inqueue ) ) ) {
state = asoc - > state ;
subtype = SCTP_ST_CHUNK ( chunk - > chunk_hdr - > type ) ;
2007-10-03 17:51:34 -07:00
/* SCTP-AUTH, Section 6.3:
* The receiver has a list of chunk types which it expects
* to be received only after an AUTH - chunk . This list has
* been sent to the peer during the association setup . It
* MUST silently discard these chunks if they are not placed
* after an AUTH chunk in the packet .
*/
if ( sctp_auth_recv_cid ( subtype . chunk , asoc ) & & ! chunk - > auth )
continue ;
2005-04-16 15:20:36 -07:00
/* Remember where the last DATA chunk came from so we
* know where to send the SACK .
*/
if ( sctp_chunk_is_data ( chunk ) )
asoc - > peer . last_data_from = chunk - > transport ;
2012-12-01 04:49:42 +00:00
else {
2012-08-07 07:25:24 +00:00
SCTP_INC_STATS ( net , SCTP_MIB_INCTRLCHUNKS ) ;
2012-12-01 04:49:42 +00:00
asoc - > stats . ictrlchunks + + ;
if ( chunk - > chunk_hdr - > type = = SCTP_CID_SACK )
asoc - > stats . isacks + + ;
}
2005-04-16 15:20:36 -07:00
if ( chunk - > transport )
chunk - > transport - > last_time_heard = jiffies ;
/* Run through the state machine. */
2012-08-07 07:25:24 +00:00
error = sctp_do_sm ( net , SCTP_EVENT_T_CHUNK , subtype ,
2005-04-16 15:20:36 -07:00
state , ep , asoc , chunk , GFP_ATOMIC ) ;
/* Check to see if the association is freed in response to
* the incoming chunk . If so , get out of the while loop .
*/
if ( asoc - > base . dead )
break ;
/* If there is an error on chunk, discard this packet. */
if ( error & & chunk )
chunk - > pdiscard = 1 ;
}
sctp_association_put ( asoc ) ;
}
/* This routine moves an association from its old sk to a new sk. */
void sctp_assoc_migrate ( struct sctp_association * assoc , struct sock * newsk )
{
struct sctp_sock * newsp = sctp_sk ( newsk ) ;
struct sock * oldsk = assoc - > base . sk ;
/* Delete the association from the old endpoint's list of
* associations .
*/
list_del_init ( & assoc - > asocs ) ;
/* Decrement the backlog value for a TCP-style socket. */
if ( sctp_style ( oldsk , TCP ) )
oldsk - > sk_ack_backlog - - ;
/* Release references to the old endpoint and the sock. */
sctp_endpoint_put ( assoc - > ep ) ;
sock_put ( assoc - > base . sk ) ;
/* Get a reference to the new endpoint. */
assoc - > ep = newsp - > ep ;
sctp_endpoint_hold ( assoc - > ep ) ;
/* Get a reference to the new sock. */
assoc - > base . sk = newsk ;
sock_hold ( assoc - > base . sk ) ;
/* Add the association to the new endpoint's list of associations. */
sctp_endpoint_add_asoc ( newsp - > ep , assoc ) ;
}
/* Update an association (possibly from unexpected COOKIE-ECHO processing). */
void sctp_assoc_update ( struct sctp_association * asoc ,
struct sctp_association * new )
{
struct sctp_transport * trans ;
struct list_head * pos , * temp ;
/* Copy in new parameters of peer. */
asoc - > c = new - > c ;
asoc - > peer . rwnd = new - > peer . rwnd ;
asoc - > peer . sack_needed = new - > peer . sack_needed ;
asoc - > peer . i = new - > peer . i ;
2008-10-08 14:18:39 -07:00
sctp_tsnmap_init ( & asoc - > peer . tsn_map , SCTP_TSN_MAP_INITIAL ,
asoc - > peer . i . initial_tsn , GFP_ATOMIC ) ;
2005-04-16 15:20:36 -07:00
/* Remove any peer addresses not present in the new association. */
list_for_each_safe ( pos , temp , & asoc - > peer . transport_addr_list ) {
trans = list_entry ( pos , struct sctp_transport , transports ) ;
2010-04-28 08:47:19 +00:00
if ( ! sctp_assoc_lookup_paddr ( new , & trans - > ipaddr ) ) {
sctp_assoc_rm_peer ( asoc , trans ) ;
continue ;
}
2007-03-19 17:02:30 -07:00
if ( asoc - > state > = SCTP_STATE_ESTABLISHED )
sctp_transport_reset ( trans ) ;
2005-04-16 15:20:36 -07:00
}
/* If the case is A (association restart), use
* initial_tsn as next_tsn . If the case is B , use
* current next_tsn in case data sent to peer
* has been discarded and needs retransmission .
*/
if ( asoc - > state > = SCTP_STATE_ESTABLISHED ) {
asoc - > next_tsn = new - > next_tsn ;
asoc - > ctsn_ack_point = new - > ctsn_ack_point ;
asoc - > adv_peer_ack_point = new - > adv_peer_ack_point ;
/* Reinitialize SSN for both local streams
* and peer ' s streams .
*/
sctp_ssnmap_clear ( asoc - > ssnmap ) ;
2007-03-19 17:01:17 -07:00
/* Flush the ULP reassembly and ordered queue.
* Any data there will now be stale and will
* cause problems .
*/
sctp_ulpq_flush ( & asoc - > ulpq ) ;
2007-03-19 17:02:30 -07:00
/* reset the overall association error count so
* that the restarted association doesn ' t get torn
* down on the next retransmission timer .
*/
asoc - > overall_error_count = 0 ;
2005-04-16 15:20:36 -07:00
} else {
/* Add any peer addresses from the new association. */
2008-04-12 18:54:24 -07:00
list_for_each_entry ( trans , & new - > peer . transport_addr_list ,
transports ) {
2005-04-16 15:20:36 -07:00
if ( ! sctp_assoc_lookup_paddr ( asoc , & trans - > ipaddr ) )
sctp_assoc_add_peer ( asoc , & trans - > ipaddr ,
2006-07-21 14:48:50 -07:00
GFP_ATOMIC , trans - > state ) ;
2005-04-16 15:20:36 -07:00
}
asoc - > ctsn_ack_point = asoc - > next_tsn - 1 ;
asoc - > adv_peer_ack_point = asoc - > ctsn_ack_point ;
if ( ! asoc - > ssnmap ) {
/* Move the ssnmap. */
asoc - > ssnmap = new - > ssnmap ;
new - > ssnmap = NULL ;
}
2007-05-04 13:55:27 -07:00
if ( ! asoc - > assoc_id ) {
/* get a new association id since we don't have one
* yet .
*/
sctp_assoc_set_id ( asoc , GFP_ATOMIC ) ;
}
2005-04-16 15:20:36 -07:00
}
2007-09-16 19:31:35 -07:00
2013-12-06 09:36:30 +08:00
/* SCTP-AUTH: Save the peer parameters from the new associations
2007-09-16 19:32:11 -07:00
* and also move the association shared keys over
*/
kfree ( asoc - > peer . peer_random ) ;
asoc - > peer . peer_random = new - > peer . peer_random ;
new - > peer . peer_random = NULL ;
kfree ( asoc - > peer . peer_chunks ) ;
asoc - > peer . peer_chunks = new - > peer . peer_chunks ;
new - > peer . peer_chunks = NULL ;
kfree ( asoc - > peer . peer_hmacs ) ;
asoc - > peer . peer_hmacs = new - > peer . peer_hmacs ;
new - > peer . peer_hmacs = NULL ;
sctp_auth_key_put ( asoc - > asoc_shared_key ) ;
sctp_auth_asoc_init_active_key ( asoc , GFP_ATOMIC ) ;
2005-04-16 15:20:36 -07:00
}
/* Update the retran path for sending a retransmitted packet.
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
* See also RFC4960 , 6.4 . Multi - Homed SCTP Endpoints :
*
* When there is outbound data to send and the primary path
* becomes inactive ( e . g . , due to failures ) , or where the
* SCTP user explicitly requests to send data to an
* inactive destination transport address , before reporting
* an error to its ULP , the SCTP endpoint should try to send
* the data to an alternate active destination transport
* address if one exists .
*
* When retransmitting data that timed out , if the endpoint
* is multihomed , it should consider each source - destination
* address pair in its retransmission selection policy .
* When retransmitting timed - out data , the endpoint should
* attempt to pick the most divergent source - destination
* pair from the original source - destination pair to which
* the packet was transmitted .
*
* Note : Rules for picking the most divergent source - destination
* pair are an implementation decision and are not specified
* within this document .
*
* Our basic strategy is to round - robin transports in priorities
* according to sctp_state_prio_map [ ] e . g . , if no such
* transport with state SCTP_ACTIVE exists , round - robin through
* SCTP_UNKNOWN , etc . You get the picture .
2005-04-16 15:20:36 -07:00
*/
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
static const u8 sctp_trans_state_to_prio_map [ ] = {
[ SCTP_ACTIVE ] = 3 , /* best case */
[ SCTP_UNKNOWN ] = 2 ,
[ SCTP_PF ] = 1 ,
[ SCTP_INACTIVE ] = 0 , /* worst case */
} ;
static u8 sctp_trans_score ( const struct sctp_transport * trans )
2005-04-16 15:20:36 -07:00
{
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
return sctp_trans_state_to_prio_map [ trans - > state ] ;
}
2005-04-16 15:20:36 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
static struct sctp_transport * sctp_trans_elect_best ( struct sctp_transport * curr ,
struct sctp_transport * best )
{
if ( best = = NULL )
return curr ;
2008-06-04 12:37:33 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
return sctp_trans_score ( curr ) > sctp_trans_score ( best ) ? curr : best ;
}
2005-04-16 15:20:36 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
void sctp_assoc_update_retran_path ( struct sctp_association * asoc )
{
struct sctp_transport * trans = asoc - > peer . retran_path ;
struct sctp_transport * trans_next = NULL ;
2005-04-16 15:20:36 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
/* We're done as we only have the one and only path. */
if ( asoc - > peer . transport_count = = 1 )
return ;
/* If active_path and retran_path are the same and active,
* then this is the only active path . Use it .
*/
if ( asoc - > peer . active_path = = asoc - > peer . retran_path & &
asoc - > peer . active_path - > state = = SCTP_ACTIVE )
return ;
2005-04-16 15:20:36 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
/* Iterate from retran_path's successor back to retran_path. */
for ( trans = list_next_entry ( trans , transports ) ; 1 ;
trans = list_next_entry ( trans , transports ) ) {
/* Manually skip the head element. */
if ( & trans - > transports = = & asoc - > peer . transport_addr_list )
continue ;
if ( trans - > state = = SCTP_UNCONFIRMED )
continue ;
trans_next = sctp_trans_elect_best ( trans , trans_next ) ;
/* Active is good enough for immediate return. */
if ( trans_next - > state = = SCTP_ACTIVE )
2008-06-04 12:37:33 -07:00
break ;
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
/* We've reached the end, time to update path. */
if ( trans = = asoc - > peer . retran_path )
2005-04-16 15:20:36 -07:00
break ;
}
net: sctp: remove NULL check in sctp_assoc_update_retran_path
This is basically just to let Coverity et al shut up. Remove an
unneeded NULL check in sctp_assoc_update_retran_path().
It is safe to remove it, because in sctp_assoc_update_retran_path()
we iterate over the list of transports, our own transport which is
asoc->peer.retran_path included. In the iteration, we skip the
list head element and transports in state SCTP_UNCONFIRMED.
Such transports came from peer addresses received in INIT/INIT-ACK
address parameters. They are not yet confirmed by a heartbeat and
not available for data transfers.
We know however that in the list of transports, even if it contains
such elements, it at least contains our asoc->peer.retran_path as
well, so even if next to that element, we only encounter
SCTP_UNCONFIRMED transports, we are always going to fall back to
asoc->peer.retran_path through sctp_trans_elect_best(), as that is
for sure not SCTP_UNCONFIRMED as per fbdf501c9374 ("sctp: Do no
select unconfirmed transports for retransmissions").
Whenever we call sctp_trans_elect_best() it will give us a non-NULL
element back, and therefore when we break out of the loop, we are
guaranteed to have a non-NULL transport pointer, and can remove
the NULL check.
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-03-13 14:45:26 +01:00
asoc - > peer . retran_path = trans_next ;
2005-06-20 13:14:57 -07:00
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
pr_debug ( " %s: association:%p updated new path to addr:%pISpc \n " ,
__func__ , asoc , & asoc - > peer . retran_path - > ipaddr . sa ) ;
2005-06-20 13:14:57 -07:00
}
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
struct sctp_transport *
sctp_assoc_choose_alter_transport ( struct sctp_association * asoc ,
struct sctp_transport * last_sent_to )
2005-06-20 13:14:57 -07:00
{
2009-05-12 21:52:51 +08:00
/* If this is the first time packet is sent, use the active path,
* else use the retran path . If the last packet was sent over the
2005-06-20 13:14:57 -07:00
* retran path , update the retran path and use it .
*/
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
if ( last_sent_to = = NULL ) {
2005-04-16 15:20:36 -07:00
return asoc - > peer . active_path ;
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
} else {
2009-05-12 21:52:51 +08:00
if ( last_sent_to = = asoc - > peer . retran_path )
2005-04-16 15:20:36 -07:00
sctp_assoc_update_retran_path ( asoc ) ;
net: sctp: rework multihoming retransmission path selection to rfc4960
Problem statement: 1) both paths (primary path1 and alternate
path2) are up after the association has been established i.e.,
HB packets are normally exchanged, 2) path2 gets inactive after
path_max_retrans * max_rto timed out (i.e. path2 is down completely),
3) now, if a transmission times out on the only surviving/active
path1 (any ~1sec network service impact could cause this like
a channel bonding failover), then the retransmitted packets are
sent over the inactive path2; this happens with partial failover
and without it.
Besides not being optimal in the above scenario, a small failure
or timeout in the only existing path has the potential to cause
long delays in the retransmission (depending on RTO_MAX) until
the still active path is reselected. Further, when the T3-timeout
occurs, we have active_patch == retrans_path, and even though the
timeout occurred on the initial transmission of data, not a
retransmit, we end up updating retransmit path.
RFC4960, section 6.4. "Multi-Homed SCTP Endpoints" states under
6.4.1. "Failover from an Inactive Destination Address" the
following:
Some of the transport addresses of a multi-homed SCTP endpoint
may become inactive due to either the occurrence of certain
error conditions (see Section 8.2) or adjustments from the
SCTP user.
When there is outbound data to send and the primary path
becomes inactive (e.g., due to failures), or where the SCTP
user explicitly requests to send data to an inactive
destination transport address, before reporting an error to
its ULP, the SCTP endpoint should try to send the data to an
alternate __active__ destination transport address if one
exists.
When retransmitting data that timed out, if the endpoint is
multihomed, it should consider each source-destination address
pair in its retransmission selection policy. When retransmitting
timed-out data, the endpoint should attempt to pick the most
divergent source-destination pair from the original
source-destination pair to which the packet was transmitted.
Note: Rules for picking the most divergent source-destination
pair are an implementation decision and are not specified
within this document.
So, we should first reconsider to take the current active
retransmission transport if we cannot find an alternative
active one. If all of that fails, we can still round robin
through unkown, partial failover, and inactive ones in the
hope to find something still suitable.
Commit 4141ddc02a92 ("sctp: retran_path update bug fix") broke
that behaviour by selecting the next inactive transport when
no other active transport was found besides the current assoc's
peer.retran_path. Before commit 4141ddc02a92, we would have
traversed through the list until we reach our peer.retran_path
again, and in case that is still in state SCTP_ACTIVE, we would
take it and return. Only if that is not the case either, we
take the next inactive transport.
Besides all that, another issue is that transports in state
SCTP_UNKNOWN could be preferred over transports in state
SCTP_ACTIVE in case a SCTP_ACTIVE transport appears after
SCTP_UNKNOWN in the transport list yielding a weaker transport
state to be used in retransmission.
This patch mostly reverts 4141ddc02a92, but also rewrites
this function to introduce more clarity and strictness into
the code. A strict priority of transport states is enforced
in this patch, hence selection is active > unkown > partial
failover > inactive.
Fixes: 4141ddc02a92 ("sctp: retran_path update bug fix")
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Cc: Gui Jianfeng <guijianfeng@cn.fujitsu.com>
Acked-by: Vlad Yasevich <yasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-20 20:51:06 +01:00
2005-04-16 15:20:36 -07:00
return asoc - > peer . retran_path ;
}
}
/* Update the association's pmtu and frag_point by going through all the
* transports . This routine is called when a transport ' s PMTU has changed .
*/
2012-07-16 03:57:14 -07:00
void sctp_assoc_sync_pmtu ( struct sock * sk , struct sctp_association * asoc )
2005-04-16 15:20:36 -07:00
{
struct sctp_transport * t ;
__u32 pmtu = 0 ;
if ( ! asoc )
return ;
/* Get the lowest pmtu of all the transports. */
2008-04-12 18:54:24 -07:00
list_for_each_entry ( t , & asoc - > peer . transport_addr_list ,
transports ) {
2007-06-07 14:21:05 -04:00
if ( t - > pmtu_pending & & t - > dst ) {
2012-07-16 03:57:14 -07:00
sctp_transport_update_pmtu ( sk , t , dst_mtu ( t - > dst ) ) ;
2007-06-07 14:21:05 -04:00
t - > pmtu_pending = 0 ;
}
2005-12-22 11:36:46 -08:00
if ( ! pmtu | | ( t - > pathmtu < pmtu ) )
pmtu = t - > pathmtu ;
2005-04-16 15:20:36 -07:00
}
if ( pmtu ) {
2005-12-22 11:36:46 -08:00
asoc - > pathmtu = pmtu ;
2009-09-04 18:21:00 -04:00
asoc - > frag_point = sctp_frag_point ( asoc , pmtu ) ;
2005-04-16 15:20:36 -07:00
}
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " %s: asoc:%p, pmtu:%d, frag_point:%d \n " , __func__ , asoc ,
asoc - > pathmtu , asoc - > frag_point ) ;
2005-04-16 15:20:36 -07:00
}
/* Should we send a SACK to update our peer? */
2013-12-06 09:36:29 +08:00
static inline bool sctp_peer_needs_update ( struct sctp_association * asoc )
2005-04-16 15:20:36 -07:00
{
2012-08-07 07:29:57 +00:00
struct net * net = sock_net ( asoc - > base . sk ) ;
2005-04-16 15:20:36 -07:00
switch ( asoc - > state ) {
case SCTP_STATE_ESTABLISHED :
case SCTP_STATE_SHUTDOWN_PENDING :
case SCTP_STATE_SHUTDOWN_RECEIVED :
case SCTP_STATE_SHUTDOWN_SENT :
if ( ( asoc - > rwnd > asoc - > a_rwnd ) & &
2009-11-23 15:53:57 -05:00
( ( asoc - > rwnd - asoc - > a_rwnd ) > = max_t ( __u32 ,
2012-08-07 07:29:57 +00:00
( asoc - > base . sk - > sk_rcvbuf > > net - > sctp . rwnd_upd_shift ) ,
2009-11-23 15:53:57 -05:00
asoc - > pathmtu ) ) )
2013-12-06 09:36:29 +08:00
return true ;
2005-04-16 15:20:36 -07:00
break ;
default :
break ;
}
2013-12-06 09:36:29 +08:00
return false ;
2005-04-16 15:20:36 -07:00
}
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
/* Update asoc's rwnd for the approximated state in the buffer,
* and check whether SACK needs to be sent .
*/
void sctp_assoc_rwnd_update ( struct sctp_association * asoc , bool update_peer )
2005-04-16 15:20:36 -07:00
{
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
int rx_count ;
2005-04-16 15:20:36 -07:00
struct sctp_chunk * sack ;
struct timer_list * timer ;
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
if ( asoc - > ep - > rcvbuf_policy )
rx_count = atomic_read ( & asoc - > rmem_alloc ) ;
else
rx_count = atomic_read ( & asoc - > base . sk - > sk_rmem_alloc ) ;
2005-04-16 15:20:36 -07:00
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
if ( ( asoc - > base . sk - > sk_rcvbuf - rx_count ) > 0 )
asoc - > rwnd = ( asoc - > base . sk - > sk_rcvbuf - rx_count ) > > 1 ;
else
asoc - > rwnd = 0 ;
2009-09-04 18:20:59 -04:00
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
pr_debug ( " %s: asoc:%p rwnd=%u, rx_count=%d, sk_rcvbuf=%d \n " ,
__func__ , asoc , asoc - > rwnd , rx_count ,
asoc - > base . sk - > sk_rcvbuf ) ;
2005-04-16 15:20:36 -07:00
/* Send a window update SACK if the rwnd has increased by at least the
* minimum of the association ' s PMTU and half of the receive buffer .
* The algorithm used is similar to the one described in
* Section 4.2 .3 .3 of RFC 1122.
*/
net: sctp: Fix a_rwnd/rwnd management to reflect real state of the receiver's buffer
Implementation of (a)rwnd calculation might lead to severe performance issues
and associations completely stalling. These problems are described and solution
is proposed which improves lksctp's robustness in congestion state.
1) Sudden drop of a_rwnd and incomplete window recovery afterwards
Data accounted in sctp_assoc_rwnd_decrease takes only payload size (sctp data),
but size of sk_buff, which is blamed against receiver buffer, is not accounted
in rwnd. Theoretically, this should not be the problem as actual size of buffer
is double the amount requested on the socket (SO_RECVBUF). Problem here is
that this will have bad scaling for data which is less then sizeof sk_buff.
E.g. in 4G (LTE) networks, link interfacing radio side will have a large portion
of traffic of this size (less then 100B).
An example of sudden drop and incomplete window recovery is given below. Node B
exhibits problematic behavior. Node A initiates association and B is configured
to advertise rwnd of 10000. A sends messages of size 43B (size of typical sctp
message in 4G (LTE) network). On B data is left in buffer by not reading socket
in userspace.
Lets examine when we will hit pressure state and declare rwnd to be 0 for
scenario with above stated parameters (rwnd == 10000, chunk size == 43, each
chunk is sent in separate sctp packet)
Logic is implemented in sctp_assoc_rwnd_decrease:
socket_buffer (see below) is maximum size which can be held in socket buffer
(sk_rcvbuf). current_alloced is amount of data currently allocated (rx_count)
A simple expression is given for which it will be examined after how many
packets for above stated parameters we enter pressure state:
We start by condition which has to be met in order to enter pressure state:
socket_buffer < currently_alloced;
currently_alloced is represented as size of sctp packets received so far and not
yet delivered to userspace. x is the number of chunks/packets (since there is no
bundling, and each chunk is delivered in separate packet, we can observe each
chunk also as sctp packet, and what is important here, having its own sk_buff):
socket_buffer < x*each_sctp_packet;
each_sctp_packet is sctp chunk size + sizeof(struct sk_buff). socket_buffer is
twice the amount of initially requested size of socket buffer, which is in case
of sctp, twice the a_rwnd requested:
2*rwnd < x*(payload+sizeof(struc sk_buff));
sizeof(struct sk_buff) is 190 (3.13.0-rc4+). Above is stated that rwnd is 10000
and each payload size is 43
20000 < x(43+190);
x > 20000/233;
x ~> 84;
After ~84 messages, pressure state is entered and 0 rwnd is advertised while
received 84*43B ~= 3612B sctp data. This is why external observer notices sudden
drop from 6474 to 0, as it will be now shown in example:
IP A.34340 > B.12345: sctp (1) [INIT] [init tag: 1875509148] [rwnd: 81920] [OS: 10] [MIS: 65535] [init TSN: 1096057017]
IP B.12345 > A.34340: sctp (1) [INIT ACK] [init tag: 3198966556] [rwnd: 10000] [OS: 10] [MIS: 10] [init TSN: 902132839]
IP A.34340 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.34340: sctp (1) [COOKIE ACK]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057017] [SID: 0] [SSEQ 0] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057017] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057018] [SID: 0] [SSEQ 1] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057018] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057019] [SID: 0] [SSEQ 2] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057019] [a_rwnd 9914] [#gap acks 0] [#dup tsns 0]
<...>
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057098] [SID: 0] [SSEQ 81] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057098] [a_rwnd 6517] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057099] [SID: 0] [SSEQ 82] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057099] [a_rwnd 6474] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057100] [SID: 0] [SSEQ 83] [PPID 0x18]
--> Sudden drop
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
At this point, rwnd_press stores current rwnd value so it can be later restored
in sctp_assoc_rwnd_increase. This however doesn't happen as condition to start
slowly increasing rwnd until rwnd_press is returned to rwnd is never met. This
condition is not met since rwnd, after it hit 0, must first reach rwnd_press by
adding amount which is read from userspace. Let us observe values in above
example. Initial a_rwnd is 10000, pressure was hit when rwnd was ~6500 and the
amount of actual sctp data currently waiting to be delivered to userspace
is ~3500. When userspace starts to read, sctp_assoc_rwnd_increase will be blamed
only for sctp data, which is ~3500. Condition is never met, and when userspace
reads all data, rwnd stays on 3569.
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 1505] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057100] [a_rwnd 3010] [#gap acks 0] [#dup tsns 0]
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057101] [SID: 0] [SSEQ 84] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057101] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
--> At this point userspace read everything, rwnd recovered only to 3569
IP A.34340 > B.12345: sctp (1) [DATA] (B)(E) [TSN: 1096057102] [SID: 0] [SSEQ 85] [PPID 0x18]
IP B.12345 > A.34340: sctp (1) [SACK] [cum ack 1096057102] [a_rwnd 3569] [#gap acks 0] [#dup tsns 0]
Reproduction is straight forward, it is enough for sender to send packets of
size less then sizeof(struct sk_buff) and receiver keeping them in its buffers.
2) Minute size window for associations sharing the same socket buffer
In case multiple associations share the same socket, and same socket buffer
(sctp.rcvbuf_policy == 0), different scenarios exist in which congestion on one
of the associations can permanently drop rwnd of other association(s).
Situation will be typically observed as one association suddenly having rwnd
dropped to size of last packet received and never recovering beyond that point.
Different scenarios will lead to it, but all have in common that one of the
associations (let it be association from 1)) nearly depleted socket buffer, and
the other association blames socket buffer just for the amount enough to start
the pressure. This association will enter pressure state, set rwnd_press and
announce 0 rwnd.
When data is read by userspace, similar situation as in 1) will occur, rwnd will
increase just for the size read by userspace but rwnd_press will be high enough
so that association doesn't have enough credit to reach rwnd_press and restore
to previous state. This case is special case of 1), being worse as there is, in
the worst case, only one packet in buffer for which size rwnd will be increased.
Consequence is association which has very low maximum rwnd ('minute size', in
our case down to 43B - size of packet which caused pressure) and as such
unusable.
Scenario happened in the field and labs frequently after congestion state (link
breaks, different probabilities of packet drop, packet reordering) and with
scenario 1) preceding. Here is given a deterministic scenario for reproduction:
>From node A establish two associations on the same socket, with rcvbuf_policy
being set to share one common buffer (sctp.rcvbuf_policy == 0). On association 1
repeat scenario from 1), that is, bring it down to 0 and restore up. Observe
scenario 1). Use small payload size (here we use 43). Once rwnd is 'recovered',
bring it down close to 0, as in just one more packet would close it. This has as
a consequence that association number 2 is able to receive (at least) one more
packet which will bring it in pressure state. E.g. if association 2 had rwnd of
10000, packet received was 43, and we enter at this point into pressure,
rwnd_press will have 9957. Once payload is delivered to userspace, rwnd will
increase for 43, but conditions to restore rwnd to original state, just as in
1), will never be satisfied.
--> Association 1, between A.y and B.12345
IP A.55915 > B.12345: sctp (1) [INIT] [init tag: 836880897] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 4032536569]
IP B.12345 > A.55915: sctp (1) [INIT ACK] [init tag: 2873310749] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3799315613]
IP A.55915 > B.12345: sctp (1) [COOKIE ECHO]
IP B.12345 > A.55915: sctp (1) [COOKIE ACK]
--> Association 2, between A.z and B.12346
IP A.55915 > B.12346: sctp (1) [INIT] [init tag: 534798321] [rwnd: 10000] [OS: 10] [MIS: 65535] [init TSN: 2099285173]
IP B.12346 > A.55915: sctp (1) [INIT ACK] [init tag: 516668823] [rwnd: 81920] [OS: 10] [MIS: 10] [init TSN: 3676403240]
IP A.55915 > B.12346: sctp (1) [COOKIE ECHO]
IP B.12346 > A.55915: sctp (1) [COOKIE ACK]
--> Deplete socket buffer by sending messages of size 43B over association 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315613] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315613] [a_rwnd 9957] [#gap acks 0] [#dup tsns 0]
<...>
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315696] [a_rwnd 6388] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315697] [SID: 0] [SSEQ 84] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315697] [a_rwnd 6345] [#gap acks 0] [#dup tsns 0]
--> Sudden drop on 1
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315698] [SID: 0] [SSEQ 85] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315698] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Here userspace read, rwnd 'recovered' to 3698, now deplete again using
association 1 so there is place in buffer for only one more packet
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315799] [SID: 0] [SSEQ 186] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315799] [a_rwnd 86] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315800] [SID: 0] [SSEQ 187] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
--> Socket buffer is almost depleted, but there is space for one more packet,
send them over association 2, size 43B
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403240] [SID: 0] [SSEQ 0] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403240] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Immediate drop
IP A.60995 > B.12346: sctp (1) [SACK] [cum ack 387491510] [a_rwnd 0] [#gap acks 0] [#dup tsns 0]
--> Read everything from the socket, both association recover up to maximum rwnd
they are capable of reaching, note that association 1 recovered up to 3698,
and association 2 recovered only to 43
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 1548] [#gap acks 0] [#dup tsns 0]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315800] [a_rwnd 3053] [#gap acks 0] [#dup tsns 0]
IP B.12345 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3799315801] [SID: 0] [SSEQ 188] [PPID 0x18]
IP A.55915 > B.12345: sctp (1) [SACK] [cum ack 3799315801] [a_rwnd 3698] [#gap acks 0] [#dup tsns 0]
IP B.12346 > A.55915: sctp (1) [DATA] (B)(E) [TSN: 3676403241] [SID: 0] [SSEQ 1] [PPID 0x18]
IP A.55915 > B.12346: sctp (1) [SACK] [cum ack 3676403241] [a_rwnd 43] [#gap acks 0] [#dup tsns 0]
A careful reader might wonder why it is necessary to reproduce 1) prior
reproduction of 2). It is simply easier to observe when to send packet over
association 2 which will push association into the pressure state.
Proposed solution:
Both problems share the same root cause, and that is improper scaling of socket
buffer with rwnd. Solution in which sizeof(sk_buff) is taken into concern while
calculating rwnd is not possible due to fact that there is no linear
relationship between amount of data blamed in increase/decrease with IP packet
in which payload arrived. Even in case such solution would be followed,
complexity of the code would increase. Due to nature of current rwnd handling,
slow increase (in sctp_assoc_rwnd_increase) of rwnd after pressure state is
entered is rationale, but it gives false representation to the sender of current
buffer space. Furthermore, it implements additional congestion control mechanism
which is defined on implementation, and not on standard basis.
Proposed solution simplifies whole algorithm having on mind definition from rfc:
o Receiver Window (rwnd): This gives the sender an indication of the space
available in the receiver's inbound buffer.
Core of the proposed solution is given with these lines:
sctp_assoc_rwnd_update:
if ((asoc->base.sk->sk_rcvbuf - rx_count) > 0)
asoc->rwnd = (asoc->base.sk->sk_rcvbuf - rx_count) >> 1;
else
asoc->rwnd = 0;
We advertise to sender (half of) actual space we have. Half is in the braces
depending whether you would like to observe size of socket buffer as SO_RECVBUF
or twice the amount, i.e. size is the one visible from userspace, that is,
from kernelspace.
In this way sender is given with good approximation of our buffer space,
regardless of the buffer policy - we always advertise what we have. Proposed
solution fixes described problems and removes necessity for rwnd restoration
algorithm. Finally, as proposed solution is simplification, some lines of code,
along with some bytes in struct sctp_association are saved.
Version 2 of the patch addressed comments from Vlad. Name of the function is set
to be more descriptive, and two parts of code are changed, in one removing the
superfluous call to sctp_assoc_rwnd_update since call would not result in update
of rwnd, and the other being reordering of the code in a way that call to
sctp_assoc_rwnd_update updates rwnd. Version 3 corrected change introduced in v2
in a way that existing function is not reordered/copied in line, but it is
correctly called. Thanks Vlad for suggesting.
Signed-off-by: Matija Glavinic Pecotic <matija.glavinic-pecotic.ext@nsn.com>
Reviewed-by: Alexander Sverdlin <alexander.sverdlin@nsn.com>
Acked-by: Vlad Yasevich <vyasevich@gmail.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-02-14 14:51:18 +01:00
if ( update_peer & & sctp_peer_needs_update ( asoc ) ) {
2005-04-16 15:20:36 -07:00
asoc - > a_rwnd = asoc - > rwnd ;
net: sctp: rework debugging framework to use pr_debug and friends
We should get rid of all own SCTP debug printk macros and use the ones
that the kernel offers anyway instead. This makes the code more readable
and conform to the kernel code, and offers all the features of dynamic
debbuging that pr_debug() et al has, such as only turning on/off portions
of debug messages at runtime through debugfs. The runtime cost of having
CONFIG_DYNAMIC_DEBUG enabled, but none of the debug statements printing,
is negligible [1]. If kernel debugging is completly turned off, then these
statements will also compile into "empty" functions.
While we're at it, we also need to change the Kconfig option as it /now/
only refers to the ifdef'ed code portions in outqueue.c that enable further
debugging/tracing of SCTP transaction fields. Also, since SCTP_ASSERT code
was enabled with this Kconfig option and has now been removed, we
transform those code parts into WARNs resp. where appropriate BUG_ONs so
that those bugs can be more easily detected as probably not many people
have SCTP debugging permanently turned on.
To turn on all SCTP debugging, the following steps are needed:
# mount -t debugfs none /sys/kernel/debug
# echo -n 'module sctp +p' > /sys/kernel/debug/dynamic_debug/control
This can be done more fine-grained on a per file, per line basis and others
as described in [2].
[1] https://www.kernel.org/doc/ols/2009/ols2009-pages-39-46.pdf
[2] Documentation/dynamic-debug-howto.txt
Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-06-28 19:49:40 +02:00
pr_debug ( " %s: sending window update SACK- asoc:%p rwnd:%u "
" a_rwnd:%u \n " , __func__ , asoc , asoc - > rwnd ,
asoc - > a_rwnd ) ;
2005-04-16 15:20:36 -07:00
sack = sctp_make_sack ( asoc ) ;
if ( ! sack )
return ;
asoc - > peer . sack_needed = 0 ;
sctp_outq_tail ( & asoc - > outqueue , sack ) ;
/* Stop the SACK timer. */
timer = & asoc - > timers [ SCTP_EVENT_TIMEOUT_SACK ] ;
2013-02-03 20:32:57 +00:00
if ( del_timer ( timer ) )
2005-04-16 15:20:36 -07:00
sctp_association_put ( asoc ) ;
}
}
/* Build the bind address list for the association based on info from the
* local endpoint and the remote peer .
*/
2005-07-11 20:57:47 -07:00
int sctp_assoc_set_bind_addr_from_ep ( struct sctp_association * asoc ,
2009-11-10 08:57:34 +00:00
sctp_scope_t scope , gfp_t gfp )
2005-04-16 15:20:36 -07:00
{
int flags ;
/* Use scoping rules to determine the subset of addresses from
* the endpoint .
*/
flags = ( PF_INET6 = = asoc - > base . sk - > sk_family ) ? SCTP_ADDR6_ALLOWED : 0 ;
if ( asoc - > peer . ipv4_address )
flags | = SCTP_ADDR4_PEERSUPP ;
if ( asoc - > peer . ipv6_address )
flags | = SCTP_ADDR6_PEERSUPP ;
2012-08-06 08:42:04 +00:00
return sctp_bind_addr_copy ( sock_net ( asoc - > base . sk ) ,
& asoc - > base . bind_addr ,
2005-04-16 15:20:36 -07:00
& asoc - > ep - > base . bind_addr ,
scope , gfp , flags ) ;
}
/* Build the association's bind address list from the cookie. */
int sctp_assoc_set_bind_addr_from_cookie ( struct sctp_association * asoc ,
2005-07-11 20:57:47 -07:00
struct sctp_cookie * cookie ,
2005-10-07 07:46:04 +01:00
gfp_t gfp )
2005-04-16 15:20:36 -07:00
{
int var_size2 = ntohs ( cookie - > peer_init - > chunk_hdr . length ) ;
int var_size3 = cookie - > raw_addr_list_len ;
__u8 * raw = ( __u8 * ) cookie - > peer_init + var_size2 ;
return sctp_raw_to_bind_addrs ( & asoc - > base . bind_addr , raw , var_size3 ,
asoc - > ep - > base . bind_addr . port , gfp ) ;
}
2007-02-09 23:25:18 +09:00
/* Lookup laddr in the bind address list of an association. */
int sctp_assoc_lookup_laddr ( struct sctp_association * asoc ,
2005-04-16 15:20:36 -07:00
const union sctp_addr * laddr )
{
2007-09-16 16:03:28 -07:00
int found = 0 ;
2005-04-16 15:20:36 -07:00
if ( ( asoc - > base . bind_addr . port = = ntohs ( laddr - > v4 . sin_port ) ) & &
sctp_bind_addr_match ( & asoc - > base . bind_addr , laddr ,
2007-09-16 16:03:28 -07:00
sctp_sk ( asoc - > base . sk ) ) )
2005-04-16 15:20:36 -07:00
found = 1 ;
return found ;
}
2007-05-04 13:55:27 -07:00
/* Set an association id for a given association */
int sctp_assoc_set_id ( struct sctp_association * asoc , gfp_t gfp )
{
2013-02-27 17:05:00 -08:00
bool preload = gfp & __GFP_WAIT ;
int ret ;
2009-06-01 12:41:15 -04:00
/* If the id is already assigned, keep it. */
if ( asoc - > assoc_id )
2013-02-27 17:05:00 -08:00
return 0 ;
2007-05-04 13:55:27 -07:00
2013-02-27 17:05:00 -08:00
if ( preload )
idr_preload ( gfp ) ;
2007-05-04 13:55:27 -07:00
spin_lock_bh ( & sctp_assocs_id_lock ) ;
2013-04-29 16:21:22 -07:00
/* 0 is not a valid assoc_id, must be >= 1 */
ret = idr_alloc_cyclic ( & sctp_assocs_id , asoc , 1 , 0 , GFP_NOWAIT ) ;
2007-05-04 13:55:27 -07:00
spin_unlock_bh ( & sctp_assocs_id_lock ) ;
2013-02-27 17:05:00 -08:00
if ( preload )
idr_preload_end ( ) ;
if ( ret < 0 )
return ret ;
2007-05-04 13:55:27 -07:00
2013-02-27 17:05:00 -08:00
asoc - > assoc_id = ( sctp_assoc_t ) ret ;
return 0 ;
2007-05-04 13:55:27 -07:00
}
2007-12-20 14:11:47 -08:00
2011-05-24 21:48:02 +00:00
/* Free the ASCONF queue */
static void sctp_assoc_free_asconf_queue ( struct sctp_association * asoc )
{
struct sctp_chunk * asconf ;
struct sctp_chunk * tmp ;
list_for_each_entry_safe ( asconf , tmp , & asoc - > addip_chunk_list , list ) {
list_del_init ( & asconf - > list ) ;
sctp_chunk_free ( asconf ) ;
}
}
2007-12-20 14:11:47 -08:00
/* Free asconf_ack cache */
static void sctp_assoc_free_asconf_acks ( struct sctp_association * asoc )
{
struct sctp_chunk * ack ;
struct sctp_chunk * tmp ;
list_for_each_entry_safe ( ack , tmp , & asoc - > asconf_ack_list ,
transmitted_list ) {
list_del_init ( & ack - > transmitted_list ) ;
sctp_chunk_free ( ack ) ;
}
}
/* Clean up the ASCONF_ACK queue */
void sctp_assoc_clean_asconf_ack_cache ( const struct sctp_association * asoc )
{
struct sctp_chunk * ack ;
struct sctp_chunk * tmp ;
2011-03-30 22:57:33 -03:00
/* We can remove all the entries from the queue up to
2007-12-20 14:11:47 -08:00
* the " Peer-Sequence-Number " .
*/
list_for_each_entry_safe ( ack , tmp , & asoc - > asconf_ack_list ,
transmitted_list ) {
if ( ack - > subh . addip_hdr - > serial = =
htonl ( asoc - > peer . addip_serial ) )
break ;
list_del_init ( & ack - > transmitted_list ) ;
sctp_chunk_free ( ack ) ;
}
}
/* Find the ASCONF_ACK whose serial number matches ASCONF */
struct sctp_chunk * sctp_assoc_lookup_asconf_ack (
const struct sctp_association * asoc ,
__be32 serial )
{
2008-02-05 23:35:04 +09:00
struct sctp_chunk * ack ;
2007-12-20 14:11:47 -08:00
/* Walk through the list of cached ASCONF-ACKs and find the
* ack chunk whose serial number matches that of the request .
*/
list_for_each_entry ( ack , & asoc - > asconf_ack_list , transmitted_list ) {
if ( ack - > subh . addip_hdr - > serial = = serial ) {
sctp_chunk_hold ( ack ) ;
2008-02-05 23:35:04 +09:00
return ack ;
2007-12-20 14:11:47 -08:00
}
}
2008-02-05 23:35:04 +09:00
return NULL ;
2007-12-20 14:11:47 -08:00
}
2011-05-29 23:23:36 +00:00
void sctp_asconf_queue_teardown ( struct sctp_association * asoc )
{
/* Free any cached ASCONF_ACK chunk. */
sctp_assoc_free_asconf_acks ( asoc ) ;
/* Free the ASCONF queue. */
sctp_assoc_free_asconf_queue ( asoc ) ;
/* Free any cached ASCONF chunk. */
if ( asoc - > addip_last_asconf )
sctp_chunk_free ( asoc - > addip_last_asconf ) ;
}