/* assumes that ip header and ah header are contiguous on mbuf */
void*
ah4_ctlinput(int cmd, const struct sockaddr *sa, void *v)
{
struct ip *ip = v;
struct ah *ah;
struct icmp *icp;
struct secasvar *sav;
if (sa->sa_family != AF_INET ||
sa->sa_len != sizeof(struct sockaddr_in))
return NULL;
if ((unsigned)cmd >= PRC_NCMDS)
return NULL;
if (cmd == PRC_MSGSIZE && ip_mtudisc && ip && ip->ip_v == 4) {
/*
* Check to see if we have a valid SA corresponding to
* the address in the ICMP message payload.
*/
ah = (struct ah *)((char *)ip + (ip->ip_hl << 2));
sav = KEY_ALLOCSA((const union sockaddr_union *)sa,
IPPROTO_AH, ah->ah_spi, 0, 0);
if (sav) {
if (sav->state == SADB_SASTATE_MATURE ||
sav->state == SADB_SASTATE_DYING) {
/*
* Now that we've validated that we are actually
* communicating with the host indicated in the
* ICMP message, locate the ICMP header,
* recalculate the new MTU, and create the
* corresponding routing entry.
*/
icp = (struct icmp *)((char *)ip -
offsetof(struct icmp, icmp_ip));
icmp_mtudisc(icp, ip->ip_dst);
}
KEY_FREESAV(&sav);
}
void
tcp_timer_rexmt(void *arg)
{
struct tcpcb *tp = arg;
uint32_t rto;
#ifdef TCP_DEBUG
struct socket *so = NULL;
short ostate;
#endif
mutex_enter(softnet_lock);
if ((tp->t_flags & TF_DEAD) != 0) {
mutex_exit(softnet_lock);
return;
}
if (!callout_expired(&tp->t_timer[TCPT_REXMT])) {
mutex_exit(softnet_lock);
return;
}
KERNEL_LOCK(1, NULL);
if ((tp->t_flags & TF_PMTUD_PEND) && tp->t_inpcb &&
SEQ_GEQ(tp->t_pmtud_th_seq, tp->snd_una) &&
SEQ_LT(tp->t_pmtud_th_seq, (int)(tp->snd_una + tp->t_ourmss))) {
extern struct sockaddr_in icmpsrc;
struct icmp icmp;
tp->t_flags &= ~TF_PMTUD_PEND;
/* XXX create fake icmp message with relevant entries */
icmp.icmp_nextmtu = tp->t_pmtud_nextmtu;
icmp.icmp_ip.ip_len = tp->t_pmtud_ip_len;
icmp.icmp_ip.ip_hl = tp->t_pmtud_ip_hl;
icmpsrc.sin_addr = tp->t_inpcb->inp_faddr;
icmp_mtudisc(&icmp, icmpsrc.sin_addr);
/*
* Notify all connections to the same peer about
* new mss and trigger retransmit.
*/
in_pcbnotifyall(&tcbtable, icmpsrc.sin_addr, EMSGSIZE,
tcp_mtudisc);
KERNEL_UNLOCK_ONE(NULL);
mutex_exit(softnet_lock);
return;
}
#ifdef TCP_DEBUG
#ifdef INET
if (tp->t_inpcb)
so = tp->t_inpcb->inp_socket;
#endif
#ifdef INET6
if (tp->t_in6pcb)
so = tp->t_in6pcb->in6p_socket;
#endif
ostate = tp->t_state;
#endif /* TCP_DEBUG */
/*
* Clear the SACK scoreboard, reset FACK estimate.
*/
tcp_free_sackholes(tp);
tp->snd_fack = tp->snd_una;
/*
* Retransmission timer went off. Message has not
* been acked within retransmit interval. Back off
* to a longer retransmit interval and retransmit one segment.
*/
if (++tp->t_rxtshift > TCP_MAXRXTSHIFT) {
tp->t_rxtshift = TCP_MAXRXTSHIFT;
TCP_STATINC(TCP_STAT_TIMEOUTDROP);
tp = tcp_drop(tp, tp->t_softerror ?
tp->t_softerror : ETIMEDOUT);
goto out;
}
TCP_STATINC(TCP_STAT_REXMTTIMEO);
rto = TCP_REXMTVAL(tp);
if (rto < tp->t_rttmin)
rto = tp->t_rttmin;
TCPT_RANGESET(tp->t_rxtcur, rto * tcp_backoff[tp->t_rxtshift],
tp->t_rttmin, TCPTV_REXMTMAX);
TCP_TIMER_ARM(tp, TCPT_REXMT, tp->t_rxtcur);
/*
* If we are losing and we are trying path MTU discovery,
* try turning it off. This will avoid black holes in
* the network which suppress or fail to send "packet
* too big" ICMP messages. We should ideally do
* lots more sophisticated searching to find the right
* value here...
*/
if (tp->t_mtudisc && tp->t_rxtshift > TCP_MAXRXTSHIFT / 6) {
TCP_STATINC(TCP_STAT_PMTUBLACKHOLE);
#ifdef INET
/* try turning PMTUD off */
if (tp->t_inpcb)
tp->t_mtudisc = 0;
#endif
#ifdef INET6
/* try using IPv6 minimum MTU */
if (tp->t_in6pcb)
tp->t_mtudisc = 0;
#endif
/* XXX: more sophisticated Black hole recovery code? */
}
/*
* If losing, let the lower level know and try for
* a better route. Also, if we backed off this far,
* our srtt estimate is probably bogus. Clobber it
* so we'll take the next rtt measurement as our srtt;
* move the current srtt into rttvar to keep the current
* retransmit times until then.
*/
if (tp->t_rxtshift > TCP_MAXRXTSHIFT / 4) {
#ifdef INET
if (tp->t_inpcb)
in_losing(tp->t_inpcb);
#endif
#ifdef INET6
if (tp->t_in6pcb)
in6_losing(tp->t_in6pcb);
#endif
/*
* This operation is not described in RFC2988. The
* point is to keep srtt+4*rttvar constant, so we
* should shift right 2 bits to divide by 4, and then
* shift right one bit because the storage
* representation of rttvar is 1/16s vs 1/32s for
* srtt.
*/
tp->t_rttvar += (tp->t_srtt >> TCP_RTT_SHIFT);
tp->t_srtt = 0;
}
tp->snd_nxt = tp->snd_una;
tp->snd_high = tp->snd_max;
/*
* If timing a segment in this window, stop the timer.
*/
tp->t_rtttime = 0;
/*
* Remember if we are retransmitting a SYN, because if
* we do, set the initial congestion window must be set
* to 1 segment.
*/
if (tp->t_state == TCPS_SYN_SENT)
tp->t_flags |= TF_SYN_REXMT;
/*
* Adjust congestion control parameters.
*/
tp->t_congctl->slow_retransmit(tp);
(void) tcp_output(tp);
out:
#ifdef TCP_DEBUG
if (tp && so->so_options & SO_DEBUG)
tcp_trace(TA_USER, ostate, tp, NULL,
PRU_SLOWTIMO | (TCPT_REXMT << 8));
#endif
KERNEL_UNLOCK_ONE(NULL);
mutex_exit(softnet_lock);
}