2 * Copyright (c) 1982, 1986, 1988, 1990, 1993, 1994, 1995
3 * The Regents of the University of California.
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
14 * 4. Neither the name of the University nor the names of its contributors
15 * may be used to endorse or promote products derived from this software
16 * without specific prior written permission.
18 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * @(#)tcp_sack.c 8.12 (Berkeley) 5/24/95
34 * @@(#)COPYRIGHT 1.1 (NRL) 17 January 1995
36 * NRL grants permission for redistribution and use in source and binary
37 * forms, with or without modification, of the software and documentation
38 * created at NRL provided that the following conditions are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 * must display the following acknowledgements:
47 * This product includes software developed by the University of
48 * California, Berkeley and its contributors.
49 * This product includes software developed at the Information
50 * Technology Division, US Naval Research Laboratory.
51 * 4. Neither the name of the NRL nor the names of its contributors
52 * may be used to endorse or promote products derived from this software
53 * without specific prior written permission.
55 * THE SOFTWARE PROVIDED BY NRL IS PROVIDED BY NRL AND CONTRIBUTORS ``AS
56 * IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
57 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
58 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL NRL OR
59 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
60 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
61 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
62 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
63 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
64 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
65 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
67 * The views and conclusions contained in the software and documentation
68 * are those of the authors and should not be interpreted as representing
69 * official policies, either expressed or implied, of the US Naval
70 * Research Laboratory (NRL).
73 #include <sys/cdefs.h>
74 __FBSDID("$FreeBSD$");
77 #include "opt_inet6.h"
78 #include "opt_tcpdebug.h"
80 #include <sys/param.h>
81 #include <sys/systm.h>
82 #include <sys/kernel.h>
83 #include <sys/sysctl.h>
84 #include <sys/malloc.h>
86 #include <sys/proc.h> /* for proc0 declaration */
87 #include <sys/protosw.h>
88 #include <sys/socket.h>
89 #include <sys/socketvar.h>
90 #include <sys/syslog.h>
91 #include <sys/systm.h>
93 #include <machine/cpu.h> /* before tcp_seq.h, for tcp_random18() */
98 #include <net/route.h>
100 #include <netinet/in.h>
101 #include <netinet/in_systm.h>
102 #include <netinet/ip.h>
103 #include <netinet/in_var.h>
104 #include <netinet/in_pcb.h>
105 #include <netinet/ip_var.h>
106 #include <netinet/ip6.h>
107 #include <netinet/icmp6.h>
108 #include <netinet6/nd6.h>
109 #include <netinet6/ip6_var.h>
110 #include <netinet6/in6_pcb.h>
111 #include <netinet/tcp.h>
112 #include <netinet/tcp_fsm.h>
113 #include <netinet/tcp_seq.h>
114 #include <netinet/tcp_timer.h>
115 #include <netinet/tcp_var.h>
116 #include <netinet6/tcp6_var.h>
117 #include <netinet/tcpip.h>
119 #include <netinet/tcp_debug.h>
120 #endif /* TCPDEBUG */
122 #include <machine/in_cksum.h>
124 extern struct uma_zone *sack_hole_zone;
126 SYSCTL_NODE(_net_inet_tcp, OID_AUTO, sack, CTLFLAG_RW, 0, "TCP SACK");
128 SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, enable, CTLFLAG_RW,
129 &tcp_do_sack, 0, "Enable/Disable TCP SACK support");
130 TUNABLE_INT("net.inet.tcp.sack.enable", &tcp_do_sack);
132 static int tcp_sack_maxholes = 128;
133 SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, maxholes, CTLFLAG_RW,
134 &tcp_sack_maxholes, 0,
135 "Maximum number of TCP SACK holes allowed per connection");
137 static int tcp_sack_globalmaxholes = 65536;
138 SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalmaxholes, CTLFLAG_RW,
139 &tcp_sack_globalmaxholes, 0,
140 "Global maximum number of TCP SACK holes");
142 static int tcp_sack_globalholes = 0;
143 SYSCTL_INT(_net_inet_tcp_sack, OID_AUTO, globalholes, CTLFLAG_RD,
144 &tcp_sack_globalholes, 0,
145 "Global number of TCP SACK holes currently allocated");
148 * This function is called upon receipt of new valid data (while not in
149 * header prediction mode), and it updates the ordered list of sacks.
152 tcp_update_sack_list(struct tcpcb *tp, tcp_seq rcv_start, tcp_seq rcv_end)
155 * First reported block MUST be the most recent one. Subsequent
156 * blocks SHOULD be in the order in which they arrived at the
157 * receiver. These two conditions make the implementation fully
158 * compliant with RFC 2018.
160 struct sackblk head_blk, saved_blks[MAX_SACK_BLKS];
161 int num_head, num_saved, i;
163 INP_WLOCK_ASSERT(tp->t_inpcb);
165 /* Check arguments. */
166 KASSERT(SEQ_LT(rcv_start, rcv_end), ("rcv_start < rcv_end"));
168 /* SACK block for the received segment. */
169 head_blk.start = rcv_start;
170 head_blk.end = rcv_end;
173 * Merge updated SACK blocks into head_blk, and save unchanged SACK
174 * blocks into saved_blks[]. num_saved will have the number of the
178 for (i = 0; i < tp->rcv_numsacks; i++) {
179 tcp_seq start = tp->sackblks[i].start;
180 tcp_seq end = tp->sackblks[i].end;
181 if (SEQ_GEQ(start, end) || SEQ_LEQ(start, tp->rcv_nxt)) {
183 * Discard this SACK block.
185 } else if (SEQ_LEQ(head_blk.start, end) &&
186 SEQ_GEQ(head_blk.end, start)) {
188 * Merge this SACK block into head_blk. This SACK
189 * block itself will be discarded.
191 if (SEQ_GT(head_blk.start, start))
192 head_blk.start = start;
193 if (SEQ_LT(head_blk.end, end))
197 * Save this SACK block.
199 saved_blks[num_saved].start = start;
200 saved_blks[num_saved].end = end;
206 * Update SACK list in tp->sackblks[].
209 if (SEQ_GT(head_blk.start, tp->rcv_nxt)) {
211 * The received data segment is an out-of-order segment. Put
212 * head_blk at the top of SACK list.
214 tp->sackblks[0] = head_blk;
217 * If the number of saved SACK blocks exceeds its limit,
218 * discard the last SACK block.
220 if (num_saved >= MAX_SACK_BLKS)
225 * Copy the saved SACK blocks back.
227 bcopy(saved_blks, &tp->sackblks[num_head],
228 sizeof(struct sackblk) * num_saved);
231 /* Save the number of SACK blocks. */
232 tp->rcv_numsacks = num_head + num_saved;
236 * Delete all receiver-side SACK information.
239 tcp_clean_sackreport(struct tcpcb *tp)
243 INP_WLOCK_ASSERT(tp->t_inpcb);
244 tp->rcv_numsacks = 0;
245 for (i = 0; i < MAX_SACK_BLKS; i++)
246 tp->sackblks[i].start = tp->sackblks[i].end=0;
250 * Allocate struct sackhole.
252 static struct sackhole *
253 tcp_sackhole_alloc(struct tcpcb *tp, tcp_seq start, tcp_seq end)
255 struct sackhole *hole;
257 if (tp->snd_numholes >= tcp_sack_maxholes ||
258 tcp_sack_globalholes >= tcp_sack_globalmaxholes) {
259 tcpstat.tcps_sack_sboverflow++;
263 hole = (struct sackhole *)uma_zalloc(sack_hole_zone, M_NOWAIT);
272 tcp_sack_globalholes++;
278 * Free struct sackhole.
281 tcp_sackhole_free(struct tcpcb *tp, struct sackhole *hole)
284 uma_zfree(sack_hole_zone, hole);
287 tcp_sack_globalholes--;
289 KASSERT(tp->snd_numholes >= 0, ("tp->snd_numholes >= 0"));
290 KASSERT(tcp_sack_globalholes >= 0, ("tcp_sack_globalholes >= 0"));
294 * Insert new SACK hole into scoreboard.
296 static struct sackhole *
297 tcp_sackhole_insert(struct tcpcb *tp, tcp_seq start, tcp_seq end,
298 struct sackhole *after)
300 struct sackhole *hole;
302 /* Allocate a new SACK hole. */
303 hole = tcp_sackhole_alloc(tp, start, end);
307 /* Insert the new SACK hole into scoreboard. */
309 TAILQ_INSERT_AFTER(&tp->snd_holes, after, hole, scblink);
311 TAILQ_INSERT_TAIL(&tp->snd_holes, hole, scblink);
313 /* Update SACK hint. */
314 if (tp->sackhint.nexthole == NULL)
315 tp->sackhint.nexthole = hole;
321 * Remove SACK hole from scoreboard.
324 tcp_sackhole_remove(struct tcpcb *tp, struct sackhole *hole)
327 /* Update SACK hint. */
328 if (tp->sackhint.nexthole == hole)
329 tp->sackhint.nexthole = TAILQ_NEXT(hole, scblink);
331 /* Remove this SACK hole. */
332 TAILQ_REMOVE(&tp->snd_holes, hole, scblink);
334 /* Free this SACK hole. */
335 tcp_sackhole_free(tp, hole);
339 * Process cumulative ACK and the TCP SACK option to update the scoreboard.
340 * tp->snd_holes is an ordered list of holes (oldest to newest, in terms of
341 * the sequence space).
344 tcp_sack_doack(struct tcpcb *tp, struct tcpopt *to, tcp_seq th_ack)
346 struct sackhole *cur, *temp;
347 struct sackblk sack, sack_blocks[TCP_MAX_SACK + 1], *sblkp;
348 int i, j, num_sack_blks;
350 INP_WLOCK_ASSERT(tp->t_inpcb);
354 * If SND.UNA will be advanced by SEG.ACK, and if SACK holes exist,
355 * treat [SND.UNA, SEG.ACK) as if it is a SACK block.
357 if (SEQ_LT(tp->snd_una, th_ack) && !TAILQ_EMPTY(&tp->snd_holes)) {
358 sack_blocks[num_sack_blks].start = tp->snd_una;
359 sack_blocks[num_sack_blks++].end = th_ack;
362 * Append received valid SACK blocks to sack_blocks[], but only if we
363 * received new blocks from the other side.
365 if (to->to_flags & TOF_SACK) {
366 for (i = 0; i < to->to_nsacks; i++) {
367 bcopy((to->to_sacks + i * TCPOLEN_SACK),
368 &sack, sizeof(sack));
369 sack.start = ntohl(sack.start);
370 sack.end = ntohl(sack.end);
371 if (SEQ_GT(sack.end, sack.start) &&
372 SEQ_GT(sack.start, tp->snd_una) &&
373 SEQ_GT(sack.start, th_ack) &&
374 SEQ_LT(sack.start, tp->snd_max) &&
375 SEQ_GT(sack.end, tp->snd_una) &&
376 SEQ_LEQ(sack.end, tp->snd_max))
377 sack_blocks[num_sack_blks++] = sack;
381 * Return if SND.UNA is not advanced and no valid SACK block is
384 if (num_sack_blks == 0)
388 * Sort the SACK blocks so we can update the scoreboard with just one
389 * pass. The overhead of sorting upto 4+1 elements is less than
390 * making upto 4+1 passes over the scoreboard.
392 for (i = 0; i < num_sack_blks; i++) {
393 for (j = i + 1; j < num_sack_blks; j++) {
394 if (SEQ_GT(sack_blocks[i].end, sack_blocks[j].end)) {
395 sack = sack_blocks[i];
396 sack_blocks[i] = sack_blocks[j];
397 sack_blocks[j] = sack;
401 if (TAILQ_EMPTY(&tp->snd_holes))
403 * Empty scoreboard. Need to initialize snd_fack (it may be
404 * uninitialized or have a bogus value). Scoreboard holes
405 * (from the sack blocks received) are created later below
406 * (in the logic that adds holes to the tail of the
409 tp->snd_fack = SEQ_MAX(tp->snd_una, th_ack);
411 * In the while-loop below, incoming SACK blocks (sack_blocks[]) and
412 * SACK holes (snd_holes) are traversed from their tails with just
413 * one pass in order to reduce the number of compares especially when
414 * the bandwidth-delay product is large.
416 * Note: Typically, in the first RTT of SACK recovery, the highest
417 * three or four SACK blocks with the same ack number are received.
418 * In the second RTT, if retransmitted data segments are not lost,
419 * the highest three or four SACK blocks with ack number advancing
422 sblkp = &sack_blocks[num_sack_blks - 1]; /* Last SACK block */
423 if (SEQ_LT(tp->snd_fack, sblkp->start)) {
425 * The highest SACK block is beyond fack. Append new SACK
426 * hole at the tail. If the second or later highest SACK
427 * blocks are also beyond the current fack, they will be
428 * inserted by way of hole splitting in the while-loop below.
430 temp = tcp_sackhole_insert(tp, tp->snd_fack,sblkp->start,NULL);
432 tp->snd_fack = sblkp->end;
433 /* Go to the previous sack block. */
437 * We failed to add a new hole based on the current
438 * sack block. Skip over all the sack blocks that
439 * fall completely to the right of snd_fack and
440 * proceed to trim the scoreboard based on the
441 * remaining sack blocks. This also trims the
442 * scoreboard for th_ack (which is sack_blocks[0]).
444 while (sblkp >= sack_blocks &&
445 SEQ_LT(tp->snd_fack, sblkp->start))
447 if (sblkp >= sack_blocks &&
448 SEQ_LT(tp->snd_fack, sblkp->end))
449 tp->snd_fack = sblkp->end;
451 } else if (SEQ_LT(tp->snd_fack, sblkp->end))
452 /* fack is advanced. */
453 tp->snd_fack = sblkp->end;
454 /* We must have at least one SACK hole in scoreboard. */
455 KASSERT(!TAILQ_EMPTY(&tp->snd_holes),
456 ("SACK scoreboard must not be empty"));
457 cur = TAILQ_LAST(&tp->snd_holes, sackhole_head); /* Last SACK hole. */
459 * Since the incoming sack blocks are sorted, we can process them
460 * making one sweep of the scoreboard.
462 while (sblkp >= sack_blocks && cur != NULL) {
463 if (SEQ_GEQ(sblkp->start, cur->end)) {
465 * SACKs data beyond the current hole. Go to the
466 * previous sack block.
471 if (SEQ_LEQ(sblkp->end, cur->start)) {
473 * SACKs data before the current hole. Go to the
476 cur = TAILQ_PREV(cur, sackhole_head, scblink);
479 tp->sackhint.sack_bytes_rexmit -= (cur->rxmit - cur->start);
480 KASSERT(tp->sackhint.sack_bytes_rexmit >= 0,
481 ("sackhint bytes rtx >= 0"));
482 if (SEQ_LEQ(sblkp->start, cur->start)) {
483 /* Data acks at least the beginning of hole. */
484 if (SEQ_GEQ(sblkp->end, cur->end)) {
485 /* Acks entire hole, so delete hole. */
487 cur = TAILQ_PREV(cur, sackhole_head, scblink);
488 tcp_sackhole_remove(tp, temp);
490 * The sack block may ack all or part of the
491 * next hole too, so continue onto the next
496 /* Move start of hole forward. */
497 cur->start = sblkp->end;
498 cur->rxmit = SEQ_MAX(cur->rxmit, cur->start);
501 /* Data acks at least the end of hole. */
502 if (SEQ_GEQ(sblkp->end, cur->end)) {
503 /* Move end of hole backward. */
504 cur->end = sblkp->start;
505 cur->rxmit = SEQ_MIN(cur->rxmit, cur->end);
508 * ACKs some data in middle of a hole; need
509 * to split current hole
511 temp = tcp_sackhole_insert(tp, sblkp->end,
514 if (SEQ_GT(cur->rxmit, temp->rxmit)) {
515 temp->rxmit = cur->rxmit;
516 tp->sackhint.sack_bytes_rexmit
520 cur->end = sblkp->start;
521 cur->rxmit = SEQ_MIN(cur->rxmit,
526 tp->sackhint.sack_bytes_rexmit += (cur->rxmit - cur->start);
528 * Testing sblkp->start against cur->start tells us whether
529 * we're done with the sack block or the sack hole.
530 * Accordingly, we advance one or the other.
532 if (SEQ_LEQ(sblkp->start, cur->start))
533 cur = TAILQ_PREV(cur, sackhole_head, scblink);
540 * Free all SACK holes to clear the scoreboard.
543 tcp_free_sackholes(struct tcpcb *tp)
547 INP_WLOCK_ASSERT(tp->t_inpcb);
548 while ((q = TAILQ_FIRST(&tp->snd_holes)) != NULL)
549 tcp_sackhole_remove(tp, q);
550 tp->sackhint.sack_bytes_rexmit = 0;
552 KASSERT(tp->snd_numholes == 0, ("tp->snd_numholes == 0"));
553 KASSERT(tp->sackhint.nexthole == NULL,
554 ("tp->sackhint.nexthole == NULL"));
558 * Partial ack handling within a sack recovery episode. Keeping this very
559 * simple for now. When a partial ack is received, force snd_cwnd to a value
560 * that will allow the sender to transmit no more than 2 segments. If
561 * necessary, a better scheme can be adopted at a later point, but for now,
562 * the goal is to prevent the sender from bursting a large amount of data in
563 * the midst of sack recovery.
566 tcp_sack_partialack(struct tcpcb *tp, struct tcphdr *th)
570 INP_WLOCK_ASSERT(tp->t_inpcb);
571 tcp_timer_activate(tp, TT_REXMT, 0);
573 /* Send one or 2 segments based on how much new data was acked. */
574 if (((th->th_ack - tp->snd_una) / tp->t_maxseg) > 2)
576 tp->snd_cwnd = (tp->sackhint.sack_bytes_rexmit +
577 (tp->snd_nxt - tp->sack_newdata) + num_segs * tp->t_maxseg);
578 if (tp->snd_cwnd > tp->snd_ssthresh)
579 tp->snd_cwnd = tp->snd_ssthresh;
580 tp->t_flags |= TF_ACKNOW;
581 (void) tcp_output(tp);
586 * Debug version of tcp_sack_output() that walks the scoreboard. Used for
587 * now to sanity check the hint.
589 static struct sackhole *
590 tcp_sack_output_debug(struct tcpcb *tp, int *sack_bytes_rexmt)
594 INP_WLOCK_ASSERT(tp->t_inpcb);
595 *sack_bytes_rexmt = 0;
596 TAILQ_FOREACH(p, &tp->snd_holes, scblink) {
597 if (SEQ_LT(p->rxmit, p->end)) {
598 if (SEQ_LT(p->rxmit, tp->snd_una)) {/* old SACK hole */
601 *sack_bytes_rexmt += (p->rxmit - p->start);
604 *sack_bytes_rexmt += (p->rxmit - p->start);
611 * Returns the next hole to retransmit and the number of retransmitted bytes
612 * from the scoreboard. We store both the next hole and the number of
613 * retransmitted bytes as hints (and recompute these on the fly upon SACK/ACK
614 * reception). This avoids scoreboard traversals completely.
616 * The loop here will traverse *at most* one link. Here's the argument. For
617 * the loop to traverse more than 1 link before finding the next hole to
618 * retransmit, we would need to have at least 1 node following the current
619 * hint with (rxmit == end). But, for all holes following the current hint,
620 * (start == rxmit), since we have not yet retransmitted from them.
621 * Therefore, in order to traverse more 1 link in the loop below, we need to
622 * have at least one node following the current hint with (start == rxmit ==
623 * end). But that can't happen, (start == end) means that all the data in
624 * that hole has been sacked, in which case, the hole would have been removed
625 * from the scoreboard.
628 tcp_sack_output(struct tcpcb *tp, int *sack_bytes_rexmt)
630 struct sackhole *hole = NULL;
632 INP_WLOCK_ASSERT(tp->t_inpcb);
633 *sack_bytes_rexmt = tp->sackhint.sack_bytes_rexmit;
634 hole = tp->sackhint.nexthole;
635 if (hole == NULL || SEQ_LT(hole->rxmit, hole->end))
637 while ((hole = TAILQ_NEXT(hole, scblink)) != NULL) {
638 if (SEQ_LT(hole->rxmit, hole->end)) {
639 tp->sackhint.nexthole = hole;
648 * After a timeout, the SACK list may be rebuilt. This SACK information
649 * should be used to avoid retransmitting SACKed data. This function
650 * traverses the SACK list to see if snd_nxt should be moved forward.
653 tcp_sack_adjust(struct tcpcb *tp)
655 struct sackhole *p, *cur = TAILQ_FIRST(&tp->snd_holes);
657 INP_WLOCK_ASSERT(tp->t_inpcb);
659 return; /* No holes */
660 if (SEQ_GEQ(tp->snd_nxt, tp->snd_fack))
661 return; /* We're already beyond any SACKed blocks */
663 * Two cases for which we want to advance snd_nxt:
664 * i) snd_nxt lies between end of one hole and beginning of another
665 * ii) snd_nxt lies between end of last hole and snd_fack
667 while ((p = TAILQ_NEXT(cur, scblink)) != NULL) {
668 if (SEQ_LT(tp->snd_nxt, cur->end))
670 if (SEQ_GEQ(tp->snd_nxt, p->start))
673 tp->snd_nxt = p->start;
677 if (SEQ_LT(tp->snd_nxt, cur->end))
679 tp->snd_nxt = tp->snd_fack;