2 * Copyright (c) 2016-2018
6 * Redistribution and use in source and binary forms, with or without
7 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
11 * 2. Redistributions in binary form must reproduce the above copyright
12 * notice, this list of conditions and the following disclaimer in the
13 * documentation and/or other materials provided with the distribution.
15 * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
16 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18 * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
19 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * Author: Randall Stewart <rrs@netflix.com>
30 * This work is based on the ACM Queue paper
31 * BBR - Congestion Based Congestion Control
32 * and also numerous discussions with Neal, Yuchung and Van.
35 #include <sys/cdefs.h>
36 __FBSDID("$FreeBSD$");
39 #include "opt_inet6.h"
40 #include "opt_ipsec.h"
41 #include "opt_tcpdebug.h"
42 #include "opt_ratelimit.h"
43 /*#include "opt_kern_tls.h"*/
44 #include <sys/param.h>
45 #include <sys/module.h>
46 #include <sys/kernel.h>
48 #include <sys/hhook.h>
50 #include <sys/malloc.h>
53 #include <sys/socket.h>
54 #include <sys/socketvar.h>
56 #include <sys/sockbuf_tls.h>
58 #include <sys/sysctl.h>
59 #include <sys/systm.h>
61 #include <sys/refcount.h>
62 #include <sys/queue.h>
64 #include <sys/kthread.h>
66 #include <sys/mutex.h>
69 #include <sys/kern_prefetch.h>
71 #include <net/route.h>
73 #include <net/ethernet.h>
76 #define TCPSTATES /* for logging */
78 #include <netinet/in.h>
79 #include <netinet/in_kdtrace.h>
80 #include <netinet/in_pcb.h>
81 #include <netinet/ip.h>
82 #include <netinet/ip_icmp.h> /* required for icmp_var.h */
83 #include <netinet/icmp_var.h> /* for ICMP_BANDLIM */
84 #include <netinet/ip_var.h>
85 #include <netinet/ip6.h>
86 #include <netinet6/in6_pcb.h>
87 #include <netinet6/ip6_var.h>
89 #include <netinet/tcp.h>
90 #include <netinet/tcp_fsm.h>
91 #include <netinet/tcp_seq.h>
92 #include <netinet/tcp_timer.h>
93 #include <netinet/tcp_var.h>
94 #include <netinet/tcpip.h>
95 #include <netinet/tcp_hpts.h>
96 #include <netinet/cc/cc.h>
97 #include <netinet/tcp_log_buf.h>
99 #include <netinet/tcp_debug.h>
100 #endif /* TCPDEBUG */
102 #include <netinet/tcp_offload.h>
105 #include <netinet6/tcp6_var.h>
107 #include <netinet/tcp_fastopen.h>
109 #include <netipsec/ipsec_support.h>
111 #include <net/if_var.h>
113 #if defined(IPSEC) || defined(IPSEC_SUPPORT)
114 #include <netipsec/ipsec.h>
115 #include <netipsec/ipsec6.h>
118 #include <netinet/udp.h>
119 #include <netinet/udp_var.h>
120 #include <machine/in_cksum.h>
123 #include <security/mac/mac_framework.h>
125 #include "rack_bbr_common.h"
128 * Common TCP Functions - These are shared by borth
135 ctf_get_opt_tls_size(struct socket *so, uint32_t rwnd)
137 struct sbtls_info *tls;
141 tls = so->so_snd.sb_tls_info;
142 len = tls->sb_params.sb_maxlen; /* max tls payload */
143 len += tls->sb_params.sb_tls_hlen; /* tls header len */
144 len += tls->sb_params.sb_tls_tlen; /* tls trailer len */
145 if ((len * 4) > rwnd) {
147 * Stroke this will suck counter and what
148 * else should we do Drew? From the
149 * TCP perspective I am not sure
150 * what should be done...
152 if (tls->sb_params.sb_maxlen > 4096) {
153 tls->sb_params.sb_maxlen -= 4096;
154 if (tls->sb_params.sb_maxlen < 4096)
155 tls->sb_params.sb_maxlen = 4096;
164 ctf_process_inbound_raw(struct tcpcb *tp, struct socket *so, struct mbuf *m, int has_pkt)
167 * We are passed a raw change of mbuf packets
168 * that arrived in LRO. They are linked via
169 * the m_nextpkt link in the pkt-headers.
171 * We process each one by:
172 * a) saving off the next
173 * b) stripping off the ether-header
174 * c) formulating the arguments for
175 * the tfb_tcp_hpts_do_segment
176 * d) calling each mbuf to tfb_tcp_hpts_do_segment
177 * after adjusting the time to match the arrival time.
178 * Note that the LRO code assures no IP options are present.
180 * The symantics for calling tfb_tcp_hpts_do_segment are the
182 * 1) It returns 0 if all went well and you (the caller) need
183 * to release the lock.
184 * 2) If nxt_pkt is set, then the function will surpress calls
185 * to tfb_tcp_output() since you are promising to call again
186 * with another packet.
187 * 3) If it returns 1, then you must free all the packets being
188 * shipped in, the tcb has been destroyed (or about to be destroyed).
191 struct ether_header *eh;
192 struct epoch_tracker et;
195 struct ip6_hdr *ip6 = NULL; /* Keep compiler happy. */
198 struct ip *ip = NULL; /* Keep compiler happy. */
202 int32_t retval, nxt_pkt, tlen, off;
204 uint16_t drop_hdrlen;
205 uint8_t iptos, no_vn=0, bpf_req=0;
208 * This is a bit deceptive, we get the
209 * "info epoch" which is really the network
210 * epoch. This covers us on both any INP
211 * type change but also if the ifp goes
212 * away it covers us as well.
214 INP_INFO_RLOCK_ET(&V_tcbinfo, et);
215 if (m && m->m_pkthdr.rcvif)
216 ifp = m->m_pkthdr.rcvif;
220 bpf_req = bpf_peers_present(ifp->if_bpf);
223 * We probably should not work around
224 * but kassert, since lro alwasy sets rcvif.
229 CURVNET_SET(ifp->if_vnet);
232 m_save = m->m_nextpkt;
234 /* Now lets get the ether header */
235 eh = mtod(m, struct ether_header *);
236 etype = ntohs(eh->ether_type);
237 /* Let the BPF see the packet */
239 ETHER_BPF_MTAP(ifp, m);
240 m_adj(m, sizeof(*eh));
241 /* Trim off the ethernet header */
246 if (m->m_len < (sizeof(*ip6) + sizeof(*th))) {
247 m = m_pullup(m, sizeof(*ip6) + sizeof(*th));
249 TCPSTAT_INC(tcps_rcvshort);
254 ip6 = (struct ip6_hdr *)(eh + 1);
255 th = (struct tcphdr *)(ip6 + 1);
256 tlen = ntohs(ip6->ip6_plen);
257 drop_hdrlen = sizeof(*ip6);
258 if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID_IPV6) {
259 if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR)
260 th->th_sum = m->m_pkthdr.csum_data;
262 th->th_sum = in6_cksum_pseudo(ip6, tlen,
263 IPPROTO_TCP, m->m_pkthdr.csum_data);
264 th->th_sum ^= 0xffff;
266 th->th_sum = in6_cksum(m, IPPROTO_TCP, drop_hdrlen, tlen);
268 TCPSTAT_INC(tcps_rcvbadsum);
273 * Be proactive about unspecified IPv6 address in source.
274 * As we use all-zero to indicate unbounded/unconnected pcb,
275 * unspecified IPv6 address can be used to confuse us.
277 * Note that packets with unspecified IPv6 destination is
278 * already dropped in ip6_input.
280 if (IN6_IS_ADDR_UNSPECIFIED(&ip6->ip6_src)) {
285 iptos = (ntohl(ip6->ip6_flow) >> 20) & 0xff;
292 if (m->m_len < sizeof (struct tcpiphdr)) {
293 if ((m = m_pullup(m, sizeof (struct tcpiphdr)))
295 TCPSTAT_INC(tcps_rcvshort);
300 ip = (struct ip *)(eh + 1);
301 th = (struct tcphdr *)(ip + 1);
302 drop_hdrlen = sizeof(*ip);
304 tlen = ntohs(ip->ip_len) - sizeof(struct ip);
305 if (m->m_pkthdr.csum_flags & CSUM_DATA_VALID) {
306 if (m->m_pkthdr.csum_flags & CSUM_PSEUDO_HDR)
307 th->th_sum = m->m_pkthdr.csum_data;
309 th->th_sum = in_pseudo(ip->ip_src.s_addr,
311 htonl(m->m_pkthdr.csum_data + tlen +
313 th->th_sum ^= 0xffff;
316 struct ipovly *ipov = (struct ipovly *)ip;
318 * Checksum extended TCP header and data.
320 len = drop_hdrlen + tlen;
321 bzero(ipov->ih_x1, sizeof(ipov->ih_x1));
322 ipov->ih_len = htons(tlen);
323 th->th_sum = in_cksum(m, len);
324 /* Reset length for SDT probes. */
325 ip->ip_len = htons(len);
328 /* Re-initialization for later version check */
329 ip->ip_v = IPVERSION;
330 ip->ip_hl = sizeof(*ip) >> 2;
333 TCPSTAT_INC(tcps_rcvbadsum);
342 * Convert TCP protocol specific fields to host format.
344 tcp_fields_to_host(th);
346 off = th->th_off << 2;
347 if (off < sizeof (struct tcphdr) || off > tlen) {
348 TCPSTAT_INC(tcps_rcvbadoff);
355 * Now lets setup the timeval to be when we should
356 * have been called (if we can).
358 m->m_pkthdr.lro_nsegs = 1;
359 if (m->m_flags & M_TSTMP_LRO) {
360 tv.tv_sec = m->m_pkthdr.rcv_tstmp / 1000000000;
361 tv.tv_usec = (m->m_pkthdr.rcv_tstmp % 1000000000) / 1000;
363 /* Should not be should we kassert instead? */
366 /* Now what about next packet? */
367 if (m_save || has_pkt)
371 retval = (*tp->t_fb->tfb_do_segment_nounlock)(m, th, so, tp, drop_hdrlen, tlen,
372 iptos, nxt_pkt, &tv);
374 /* We lost the lock and tcb probably */
377 m_save = m->m_nextpkt;
384 INP_INFO_RUNLOCK_ET(&V_tcbinfo, et);
392 INP_INFO_RUNLOCK_ET(&V_tcbinfo, et);
397 ctf_do_queued_segments(struct socket *so, struct tcpcb *tp, int have_pkt)
401 /* First lets see if we have old packets */
405 tp->t_tail_pkt = NULL;
406 if (ctf_process_inbound_raw(tp, so, m, have_pkt)) {
407 /* We lost the tcpcb (maybe a RST came in)? */
415 ctf_outstanding(struct tcpcb *tp)
417 return (tp->snd_max - tp->snd_una);
421 ctf_flight_size(struct tcpcb *tp, uint32_t rc_sacked)
423 if (rc_sacked <= ctf_outstanding(tp))
424 return (ctf_outstanding(tp) - rc_sacked);
428 panic("tp:%p rc_sacked:%d > out:%d",
429 tp, rc_sacked, ctf_outstanding(tp));
436 ctf_do_dropwithreset(struct mbuf *m, struct tcpcb *tp, struct tcphdr *th,
437 int32_t rstreason, int32_t tlen)
440 tcp_dropwithreset(m, th, tp, tlen, rstreason);
441 INP_WUNLOCK(tp->t_inpcb);
443 tcp_dropwithreset(m, th, NULL, tlen, rstreason);
447 * ctf_drop_checks returns 1 for you should not proceed. It places
448 * in ret_val what should be returned 1/0 by the caller. The 1 indicates
449 * that the TCB is unlocked and probably dropped. The 0 indicates the
450 * TCB is still valid and locked.
453 ctf_drop_checks(struct tcpopt *to, struct mbuf *m, struct tcphdr *th, struct tcpcb *tp, int32_t * tlenp, int32_t * thf, int32_t * drop_hdrlen, int32_t * ret_val)
461 todrop = tp->rcv_nxt - th->th_seq;
463 if (thflags & TH_SYN) {
473 * Following if statement from Stevens, vol. 2, p. 960.
476 || (todrop == tlen && (thflags & TH_FIN) == 0)) {
478 * Any valid FIN must be to the left of the window.
479 * At this point the FIN must be a duplicate or out
480 * of sequence; drop it.
484 * Send an ACK to resynchronize and drop any data.
485 * But keep on processing for RST or ACK.
487 tp->t_flags |= TF_ACKNOW;
489 TCPSTAT_INC(tcps_rcvduppack);
490 TCPSTAT_ADD(tcps_rcvdupbyte, todrop);
492 TCPSTAT_INC(tcps_rcvpartduppack);
493 TCPSTAT_ADD(tcps_rcvpartdupbyte, todrop);
496 * DSACK - add SACK block for dropped range
498 if ((todrop > 0) && (tp->t_flags & TF_SACK_PERMIT)) {
499 tcp_update_sack_list(tp, th->th_seq, th->th_seq + tlen);
501 * ACK now, as the next in-sequence segment
502 * will clear the DSACK block again
504 tp->t_flags |= TF_ACKNOW;
506 *drop_hdrlen += todrop; /* drop from the top afterwards */
507 th->th_seq += todrop;
509 if (th->th_urp > todrop)
510 th->th_urp -= todrop;
517 * If segment ends after window, drop trailing data (and PUSH and
518 * FIN); if nothing left, just ACK.
520 todrop = (th->th_seq + tlen) - (tp->rcv_nxt + tp->rcv_wnd);
522 TCPSTAT_INC(tcps_rcvpackafterwin);
523 if (todrop >= tlen) {
524 TCPSTAT_ADD(tcps_rcvbyteafterwin, tlen);
526 * If window is closed can only take segments at
527 * window edge, and have to drop data and PUSH from
528 * incoming segments. Continue processing, but
529 * remember to ack. Otherwise, drop segment and
532 if (tp->rcv_wnd == 0 && th->th_seq == tp->rcv_nxt) {
533 tp->t_flags |= TF_ACKNOW;
534 TCPSTAT_INC(tcps_rcvwinprobe);
536 ctf_do_dropafterack(m, tp, th, thflags, tlen, ret_val);
540 TCPSTAT_ADD(tcps_rcvbyteafterwin, todrop);
543 thflags &= ~(TH_PUSH | TH_FIN);
551 * The value in ret_val informs the caller
552 * if we dropped the tcb (and lock) or not.
553 * 1 = we dropped it, 0 = the TCB is still locked
557 ctf_do_dropafterack(struct mbuf *m, struct tcpcb *tp, struct tcphdr *th, int32_t thflags, int32_t tlen, int32_t * ret_val)
560 * Generate an ACK dropping incoming segment if it occupies sequence
561 * space, where the ACK reflects our state.
563 * We can now skip the test for the RST flag since all paths to this
564 * code happen after packets containing RST have been dropped.
566 * In the SYN-RECEIVED state, don't send an ACK unless the segment
567 * we received passes the SYN-RECEIVED ACK test. If it fails send a
568 * RST. This breaks the loop in the "LAND" DoS attack, and also
569 * prevents an ACK storm between two listening ports that have been
570 * sent forged SYN segments, each with the source address of the
573 if (tp->t_state == TCPS_SYN_RECEIVED && (thflags & TH_ACK) &&
574 (SEQ_GT(tp->snd_una, th->th_ack) ||
575 SEQ_GT(th->th_ack, tp->snd_max))) {
577 ctf_do_dropwithreset(m, tp, th, BANDLIM_RST_OPENPORT, tlen);
581 tp->t_flags |= TF_ACKNOW;
587 ctf_do_drop(struct mbuf *m, struct tcpcb *tp)
591 * Drop space held by incoming segment and return.
594 INP_WUNLOCK(tp->t_inpcb);
600 ctf_process_rst(struct mbuf *m, struct tcphdr *th, struct socket *so, struct tcpcb *tp)
603 * RFC5961 Section 3.2
605 * - RST drops connection only if SEG.SEQ == RCV.NXT. - If RST is in
606 * window, we send challenge ACK.
608 * Note: to take into account delayed ACKs, we should test against
609 * last_ack_sent instead of rcv_nxt. Note 2: we handle special case
610 * of closed window, not covered by the RFC.
614 if ((SEQ_GEQ(th->th_seq, (tp->last_ack_sent - 1)) &&
615 SEQ_LT(th->th_seq, tp->last_ack_sent + tp->rcv_wnd)) ||
616 (tp->rcv_wnd == 0 && tp->last_ack_sent == th->th_seq)) {
618 INP_INFO_RLOCK_ASSERT(&V_tcbinfo);
619 KASSERT(tp->t_state != TCPS_SYN_SENT,
620 ("%s: TH_RST for TCPS_SYN_SENT th %p tp %p",
623 if (V_tcp_insecure_rst ||
624 (tp->last_ack_sent == th->th_seq) ||
625 (tp->rcv_nxt == th->th_seq) ||
626 ((tp->last_ack_sent - 1) == th->th_seq)) {
627 TCPSTAT_INC(tcps_drops);
628 /* Drop the connection. */
629 switch (tp->t_state) {
630 case TCPS_SYN_RECEIVED:
631 so->so_error = ECONNREFUSED;
633 case TCPS_ESTABLISHED:
634 case TCPS_FIN_WAIT_1:
635 case TCPS_FIN_WAIT_2:
636 case TCPS_CLOSE_WAIT:
639 so->so_error = ECONNRESET;
641 tcp_state_change(tp, TCPS_CLOSED);
649 TCPSTAT_INC(tcps_badrst);
650 /* Send challenge ACK. */
651 tcp_respond(tp, mtod(m, void *), th, m,
652 tp->rcv_nxt, tp->snd_nxt, TH_ACK);
653 tp->last_ack_sent = tp->rcv_nxt;
662 * The value in ret_val informs the caller
663 * if we dropped the tcb (and lock) or not.
664 * 1 = we dropped it, 0 = the TCB is still locked
668 ctf_challenge_ack(struct mbuf *m, struct tcphdr *th, struct tcpcb *tp, int32_t * ret_val)
670 INP_INFO_RLOCK_ASSERT(&V_tcbinfo);
672 TCPSTAT_INC(tcps_badsyn);
673 if (V_tcp_insecure_syn &&
674 SEQ_GEQ(th->th_seq, tp->last_ack_sent) &&
675 SEQ_LT(th->th_seq, tp->last_ack_sent + tp->rcv_wnd)) {
676 tp = tcp_drop(tp, ECONNRESET);
680 /* Send challenge ACK. */
681 tcp_respond(tp, mtod(m, void *), th, m, tp->rcv_nxt,
682 tp->snd_nxt, TH_ACK);
683 tp->last_ack_sent = tp->rcv_nxt;
686 ctf_do_drop(m, NULL);
691 * bbr_ts_check returns 1 for you should not proceed, the state
692 * machine should return. It places in ret_val what should
693 * be returned 1/0 by the caller (hpts_do_segment). The 1 indicates
694 * that the TCB is unlocked and probably dropped. The 0 indicates the
695 * TCB is still valid and locked.
698 ctf_ts_check(struct mbuf *m, struct tcphdr *th, struct tcpcb *tp,
699 int32_t tlen, int32_t thflags, int32_t * ret_val)
702 if (tcp_ts_getticks() - tp->ts_recent_age > TCP_PAWS_IDLE) {
704 * Invalidate ts_recent. If this segment updates ts_recent,
705 * the age will be reset later and ts_recent will get a
706 * valid value. If it does not, setting ts_recent to zero
707 * will at least satisfy the requirement that zero be placed
708 * in the timestamp echo reply when ts_recent isn't valid.
709 * The age isn't reset until we get a valid ts_recent
710 * because we don't want out-of-order segments to be dropped
711 * when ts_recent is old.
715 TCPSTAT_INC(tcps_rcvduppack);
716 TCPSTAT_ADD(tcps_rcvdupbyte, tlen);
717 TCPSTAT_INC(tcps_pawsdrop);
720 ctf_do_dropafterack(m, tp, th, thflags, tlen, ret_val);
722 ctf_do_drop(m, NULL);
730 ctf_calc_rwin(struct socket *so, struct tcpcb *tp)
735 * Calculate amount of space in receive window, and then do TCP
736 * input processing. Receive window is amount of space in rcv queue,
737 * but not less than advertised window.
739 win = sbspace(&so->so_rcv);
742 tp->rcv_wnd = imax(win, (int)(tp->rcv_adv - tp->rcv_nxt));
746 ctf_do_dropwithreset_conn(struct mbuf *m, struct tcpcb *tp, struct tcphdr *th,
747 int32_t rstreason, int32_t tlen)
751 tcp_set_inp_to_drop(tp->t_inpcb, ETIMEDOUT);
753 tcp_dropwithreset(m, th, tp, tlen, rstreason);
754 INP_WUNLOCK(tp->t_inpcb);
758 ctf_fixed_maxseg(struct tcpcb *tp)
762 if (tp->t_flags & TF_NOOPT)
763 return (tp->t_maxseg);
766 * Here we have a simplified code from tcp_addoptions(),
767 * without a proper loop, and having most of paddings hardcoded.
768 * We only consider fixed options that we would send every
769 * time I.e. SACK is not considered.
772 #define PAD(len) ((((len) / 4) + !!((len) % 4)) * 4)
773 if (TCPS_HAVEESTABLISHED(tp->t_state)) {
774 if (tp->t_flags & TF_RCVD_TSTMP)
775 optlen = TCPOLEN_TSTAMP_APPA;
778 #if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
779 if (tp->t_flags & TF_SIGNATURE)
780 optlen += PAD(TCPOLEN_SIGNATURE);
783 if (tp->t_flags & TF_REQ_TSTMP)
784 optlen = TCPOLEN_TSTAMP_APPA;
786 optlen = PAD(TCPOLEN_MAXSEG);
787 if (tp->t_flags & TF_REQ_SCALE)
788 optlen += PAD(TCPOLEN_WINDOW);
789 #if defined(IPSEC_SUPPORT) || defined(TCP_SIGNATURE)
790 if (tp->t_flags & TF_SIGNATURE)
791 optlen += PAD(TCPOLEN_SIGNATURE);
793 if (tp->t_flags & TF_SACK_PERMIT)
794 optlen += PAD(TCPOLEN_SACK_PERMITTED);
797 optlen = min(optlen, TCP_MAXOLEN);
798 return (tp->t_maxseg - optlen);
802 ctf_log_sack_filter(struct tcpcb *tp, int num_sack_blks, struct sackblk *sack_blocks)
804 if (tp->t_logstate != TCP_LOG_STATE_OFF) {
805 union tcp_log_stackspecific log;
808 memset(&log, 0, sizeof(log));
809 log.u_bbr.timeStamp = tcp_get_usecs(&tv);
810 log.u_bbr.flex8 = num_sack_blks;
811 if (num_sack_blks > 0) {
812 log.u_bbr.flex1 = sack_blocks[0].start;
813 log.u_bbr.flex2 = sack_blocks[0].end;
815 if (num_sack_blks > 1) {
816 log.u_bbr.flex3 = sack_blocks[1].start;
817 log.u_bbr.flex4 = sack_blocks[1].end;
819 if (num_sack_blks > 2) {
820 log.u_bbr.flex5 = sack_blocks[2].start;
821 log.u_bbr.flex6 = sack_blocks[2].end;
823 if (num_sack_blks > 3) {
824 log.u_bbr.applimited = sack_blocks[3].start;
825 log.u_bbr.pkts_out = sack_blocks[3].end;
827 TCP_LOG_EVENTP(tp, NULL,
828 &tp->t_inpcb->inp_socket->so_rcv,
829 &tp->t_inpcb->inp_socket->so_snd,
830 TCP_SACK_FILTER_RES, 0,
831 0, &log, false, &tv);
836 ctf_decay_count(uint32_t count, uint32_t decay)
839 * Given a count, decay it by a set percentage. The
840 * percentage is in thousands i.e. 100% = 1000,
843 uint64_t perc_count, decay_per;
844 uint32_t decayed_count;
846 /* We don't raise it */
851 perc_count *= decay_per;
854 * So now perc_count holds the
857 decayed_count = count - (uint32_t)perc_count;
858 return (decayed_count);