xref: /openbmc/linux/net/sctp/output.c (revision e3d786a3)
1 /* SCTP kernel implementation
2  * (C) Copyright IBM Corp. 2001, 2004
3  * Copyright (c) 1999-2000 Cisco, Inc.
4  * Copyright (c) 1999-2001 Motorola, Inc.
5  *
6  * This file is part of the SCTP kernel implementation
7  *
8  * These functions handle output processing.
9  *
10  * This SCTP implementation is free software;
11  * you can redistribute it and/or modify it under the terms of
12  * the GNU General Public License as published by
13  * the Free Software Foundation; either version 2, or (at your option)
14  * any later version.
15  *
16  * This SCTP implementation is distributed in the hope that it
17  * will be useful, but WITHOUT ANY WARRANTY; without even the implied
18  *                 ************************
19  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
20  * See the GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with GNU CC; see the file COPYING.  If not, see
24  * <http://www.gnu.org/licenses/>.
25  *
26  * Please send any bug reports or fixes you make to the
27  * email address(es):
28  *    lksctp developers <linux-sctp@vger.kernel.org>
29  *
30  * Written or modified by:
31  *    La Monte H.P. Yarroll <piggy@acm.org>
32  *    Karl Knutson          <karl@athena.chicago.il.us>
33  *    Jon Grimm             <jgrimm@austin.ibm.com>
34  *    Sridhar Samudrala     <sri@us.ibm.com>
35  */
36 
37 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
38 
39 #include <linux/types.h>
40 #include <linux/kernel.h>
41 #include <linux/wait.h>
42 #include <linux/time.h>
43 #include <linux/ip.h>
44 #include <linux/ipv6.h>
45 #include <linux/init.h>
46 #include <linux/slab.h>
47 #include <net/inet_ecn.h>
48 #include <net/ip.h>
49 #include <net/icmp.h>
50 #include <net/net_namespace.h>
51 
52 #include <linux/socket.h> /* for sa_family_t */
53 #include <net/sock.h>
54 
55 #include <net/sctp/sctp.h>
56 #include <net/sctp/sm.h>
57 #include <net/sctp/checksum.h>
58 
59 /* Forward declarations for private helpers. */
60 static enum sctp_xmit __sctp_packet_append_chunk(struct sctp_packet *packet,
61 						 struct sctp_chunk *chunk);
62 static enum sctp_xmit sctp_packet_can_append_data(struct sctp_packet *packet,
63 						  struct sctp_chunk *chunk);
64 static void sctp_packet_append_data(struct sctp_packet *packet,
65 				    struct sctp_chunk *chunk);
66 static enum sctp_xmit sctp_packet_will_fit(struct sctp_packet *packet,
67 					   struct sctp_chunk *chunk,
68 					   u16 chunk_len);
69 
70 static void sctp_packet_reset(struct sctp_packet *packet)
71 {
72 	/* sctp_packet_transmit() relies on this to reset size to the
73 	 * current overhead after sending packets.
74 	 */
75 	packet->size = packet->overhead;
76 
77 	packet->has_cookie_echo = 0;
78 	packet->has_sack = 0;
79 	packet->has_data = 0;
80 	packet->has_auth = 0;
81 	packet->ipfragok = 0;
82 	packet->auth = NULL;
83 }
84 
85 /* Config a packet.
86  * This appears to be a followup set of initializations.
87  */
88 void sctp_packet_config(struct sctp_packet *packet, __u32 vtag,
89 			int ecn_capable)
90 {
91 	struct sctp_transport *tp = packet->transport;
92 	struct sctp_association *asoc = tp->asoc;
93 	struct sctp_sock *sp = NULL;
94 	struct sock *sk;
95 
96 	pr_debug("%s: packet:%p vtag:0x%x\n", __func__, packet, vtag);
97 	packet->vtag = vtag;
98 
99 	/* do the following jobs only once for a flush schedule */
100 	if (!sctp_packet_empty(packet))
101 		return;
102 
103 	/* set packet max_size with pathmtu, then calculate overhead */
104 	packet->max_size = tp->pathmtu;
105 
106 	if (asoc) {
107 		sk = asoc->base.sk;
108 		sp = sctp_sk(sk);
109 	}
110 	packet->overhead = sctp_mtu_payload(sp, 0, 0);
111 	packet->size = packet->overhead;
112 
113 	if (!asoc)
114 		return;
115 
116 	/* update dst or transport pathmtu if in need */
117 	if (!sctp_transport_dst_check(tp)) {
118 		sctp_transport_route(tp, NULL, sp);
119 		if (asoc->param_flags & SPP_PMTUD_ENABLE)
120 			sctp_assoc_sync_pmtu(asoc);
121 	}
122 
123 	if (asoc->pmtu_pending) {
124 		if (asoc->param_flags & SPP_PMTUD_ENABLE)
125 			sctp_assoc_sync_pmtu(asoc);
126 		asoc->pmtu_pending = 0;
127 	}
128 
129 	/* If there a is a prepend chunk stick it on the list before
130 	 * any other chunks get appended.
131 	 */
132 	if (ecn_capable) {
133 		struct sctp_chunk *chunk = sctp_get_ecne_prepend(asoc);
134 
135 		if (chunk)
136 			sctp_packet_append_chunk(packet, chunk);
137 	}
138 
139 	if (!tp->dst)
140 		return;
141 
142 	/* set packet max_size with gso_max_size if gso is enabled*/
143 	rcu_read_lock();
144 	if (__sk_dst_get(sk) != tp->dst) {
145 		dst_hold(tp->dst);
146 		sk_setup_caps(sk, tp->dst);
147 	}
148 	packet->max_size = sk_can_gso(sk) ? tp->dst->dev->gso_max_size
149 					  : asoc->pathmtu;
150 	rcu_read_unlock();
151 }
152 
153 /* Initialize the packet structure. */
154 void sctp_packet_init(struct sctp_packet *packet,
155 		      struct sctp_transport *transport,
156 		      __u16 sport, __u16 dport)
157 {
158 	pr_debug("%s: packet:%p transport:%p\n", __func__, packet, transport);
159 
160 	packet->transport = transport;
161 	packet->source_port = sport;
162 	packet->destination_port = dport;
163 	INIT_LIST_HEAD(&packet->chunk_list);
164 	/* The overhead will be calculated by sctp_packet_config() */
165 	packet->overhead = 0;
166 	sctp_packet_reset(packet);
167 	packet->vtag = 0;
168 }
169 
170 /* Free a packet.  */
171 void sctp_packet_free(struct sctp_packet *packet)
172 {
173 	struct sctp_chunk *chunk, *tmp;
174 
175 	pr_debug("%s: packet:%p\n", __func__, packet);
176 
177 	list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
178 		list_del_init(&chunk->list);
179 		sctp_chunk_free(chunk);
180 	}
181 }
182 
183 /* This routine tries to append the chunk to the offered packet. If adding
184  * the chunk causes the packet to exceed the path MTU and COOKIE_ECHO chunk
185  * is not present in the packet, it transmits the input packet.
186  * Data can be bundled with a packet containing a COOKIE_ECHO chunk as long
187  * as it can fit in the packet, but any more data that does not fit in this
188  * packet can be sent only after receiving the COOKIE_ACK.
189  */
190 enum sctp_xmit sctp_packet_transmit_chunk(struct sctp_packet *packet,
191 					  struct sctp_chunk *chunk,
192 					  int one_packet, gfp_t gfp)
193 {
194 	enum sctp_xmit retval;
195 
196 	pr_debug("%s: packet:%p size:%zu chunk:%p size:%d\n", __func__,
197 		 packet, packet->size, chunk, chunk->skb ? chunk->skb->len : -1);
198 
199 	switch ((retval = (sctp_packet_append_chunk(packet, chunk)))) {
200 	case SCTP_XMIT_PMTU_FULL:
201 		if (!packet->has_cookie_echo) {
202 			int error = 0;
203 
204 			error = sctp_packet_transmit(packet, gfp);
205 			if (error < 0)
206 				chunk->skb->sk->sk_err = -error;
207 
208 			/* If we have an empty packet, then we can NOT ever
209 			 * return PMTU_FULL.
210 			 */
211 			if (!one_packet)
212 				retval = sctp_packet_append_chunk(packet,
213 								  chunk);
214 		}
215 		break;
216 
217 	case SCTP_XMIT_RWND_FULL:
218 	case SCTP_XMIT_OK:
219 	case SCTP_XMIT_DELAY:
220 		break;
221 	}
222 
223 	return retval;
224 }
225 
226 /* Try to bundle an auth chunk into the packet. */
227 static enum sctp_xmit sctp_packet_bundle_auth(struct sctp_packet *pkt,
228 					      struct sctp_chunk *chunk)
229 {
230 	struct sctp_association *asoc = pkt->transport->asoc;
231 	enum sctp_xmit retval = SCTP_XMIT_OK;
232 	struct sctp_chunk *auth;
233 
234 	/* if we don't have an association, we can't do authentication */
235 	if (!asoc)
236 		return retval;
237 
238 	/* See if this is an auth chunk we are bundling or if
239 	 * auth is already bundled.
240 	 */
241 	if (chunk->chunk_hdr->type == SCTP_CID_AUTH || pkt->has_auth)
242 		return retval;
243 
244 	/* if the peer did not request this chunk to be authenticated,
245 	 * don't do it
246 	 */
247 	if (!chunk->auth)
248 		return retval;
249 
250 	auth = sctp_make_auth(asoc, chunk->shkey->key_id);
251 	if (!auth)
252 		return retval;
253 
254 	auth->shkey = chunk->shkey;
255 	sctp_auth_shkey_hold(auth->shkey);
256 
257 	retval = __sctp_packet_append_chunk(pkt, auth);
258 
259 	if (retval != SCTP_XMIT_OK)
260 		sctp_chunk_free(auth);
261 
262 	return retval;
263 }
264 
265 /* Try to bundle a SACK with the packet. */
266 static enum sctp_xmit sctp_packet_bundle_sack(struct sctp_packet *pkt,
267 					      struct sctp_chunk *chunk)
268 {
269 	enum sctp_xmit retval = SCTP_XMIT_OK;
270 
271 	/* If sending DATA and haven't aleady bundled a SACK, try to
272 	 * bundle one in to the packet.
273 	 */
274 	if (sctp_chunk_is_data(chunk) && !pkt->has_sack &&
275 	    !pkt->has_cookie_echo) {
276 		struct sctp_association *asoc;
277 		struct timer_list *timer;
278 		asoc = pkt->transport->asoc;
279 		timer = &asoc->timers[SCTP_EVENT_TIMEOUT_SACK];
280 
281 		/* If the SACK timer is running, we have a pending SACK */
282 		if (timer_pending(timer)) {
283 			struct sctp_chunk *sack;
284 
285 			if (pkt->transport->sack_generation !=
286 			    pkt->transport->asoc->peer.sack_generation)
287 				return retval;
288 
289 			asoc->a_rwnd = asoc->rwnd;
290 			sack = sctp_make_sack(asoc);
291 			if (sack) {
292 				retval = __sctp_packet_append_chunk(pkt, sack);
293 				if (retval != SCTP_XMIT_OK) {
294 					sctp_chunk_free(sack);
295 					goto out;
296 				}
297 				asoc->peer.sack_needed = 0;
298 				if (del_timer(timer))
299 					sctp_association_put(asoc);
300 			}
301 		}
302 	}
303 out:
304 	return retval;
305 }
306 
307 
308 /* Append a chunk to the offered packet reporting back any inability to do
309  * so.
310  */
311 static enum sctp_xmit __sctp_packet_append_chunk(struct sctp_packet *packet,
312 						 struct sctp_chunk *chunk)
313 {
314 	__u16 chunk_len = SCTP_PAD4(ntohs(chunk->chunk_hdr->length));
315 	enum sctp_xmit retval = SCTP_XMIT_OK;
316 
317 	/* Check to see if this chunk will fit into the packet */
318 	retval = sctp_packet_will_fit(packet, chunk, chunk_len);
319 	if (retval != SCTP_XMIT_OK)
320 		goto finish;
321 
322 	/* We believe that this chunk is OK to add to the packet */
323 	switch (chunk->chunk_hdr->type) {
324 	case SCTP_CID_DATA:
325 	case SCTP_CID_I_DATA:
326 		/* Account for the data being in the packet */
327 		sctp_packet_append_data(packet, chunk);
328 		/* Disallow SACK bundling after DATA. */
329 		packet->has_sack = 1;
330 		/* Disallow AUTH bundling after DATA */
331 		packet->has_auth = 1;
332 		/* Let it be knows that packet has DATA in it */
333 		packet->has_data = 1;
334 		/* timestamp the chunk for rtx purposes */
335 		chunk->sent_at = jiffies;
336 		/* Mainly used for prsctp RTX policy */
337 		chunk->sent_count++;
338 		break;
339 	case SCTP_CID_COOKIE_ECHO:
340 		packet->has_cookie_echo = 1;
341 		break;
342 
343 	case SCTP_CID_SACK:
344 		packet->has_sack = 1;
345 		if (chunk->asoc)
346 			chunk->asoc->stats.osacks++;
347 		break;
348 
349 	case SCTP_CID_AUTH:
350 		packet->has_auth = 1;
351 		packet->auth = chunk;
352 		break;
353 	}
354 
355 	/* It is OK to send this chunk.  */
356 	list_add_tail(&chunk->list, &packet->chunk_list);
357 	packet->size += chunk_len;
358 	chunk->transport = packet->transport;
359 finish:
360 	return retval;
361 }
362 
363 /* Append a chunk to the offered packet reporting back any inability to do
364  * so.
365  */
366 enum sctp_xmit sctp_packet_append_chunk(struct sctp_packet *packet,
367 					struct sctp_chunk *chunk)
368 {
369 	enum sctp_xmit retval = SCTP_XMIT_OK;
370 
371 	pr_debug("%s: packet:%p chunk:%p\n", __func__, packet, chunk);
372 
373 	/* Data chunks are special.  Before seeing what else we can
374 	 * bundle into this packet, check to see if we are allowed to
375 	 * send this DATA.
376 	 */
377 	if (sctp_chunk_is_data(chunk)) {
378 		retval = sctp_packet_can_append_data(packet, chunk);
379 		if (retval != SCTP_XMIT_OK)
380 			goto finish;
381 	}
382 
383 	/* Try to bundle AUTH chunk */
384 	retval = sctp_packet_bundle_auth(packet, chunk);
385 	if (retval != SCTP_XMIT_OK)
386 		goto finish;
387 
388 	/* Try to bundle SACK chunk */
389 	retval = sctp_packet_bundle_sack(packet, chunk);
390 	if (retval != SCTP_XMIT_OK)
391 		goto finish;
392 
393 	retval = __sctp_packet_append_chunk(packet, chunk);
394 
395 finish:
396 	return retval;
397 }
398 
399 static void sctp_packet_release_owner(struct sk_buff *skb)
400 {
401 	sk_free(skb->sk);
402 }
403 
404 static void sctp_packet_set_owner_w(struct sk_buff *skb, struct sock *sk)
405 {
406 	skb_orphan(skb);
407 	skb->sk = sk;
408 	skb->destructor = sctp_packet_release_owner;
409 
410 	/*
411 	 * The data chunks have already been accounted for in sctp_sendmsg(),
412 	 * therefore only reserve a single byte to keep socket around until
413 	 * the packet has been transmitted.
414 	 */
415 	refcount_inc(&sk->sk_wmem_alloc);
416 }
417 
418 static void sctp_packet_gso_append(struct sk_buff *head, struct sk_buff *skb)
419 {
420 	if (SCTP_OUTPUT_CB(head)->last == head)
421 		skb_shinfo(head)->frag_list = skb;
422 	else
423 		SCTP_OUTPUT_CB(head)->last->next = skb;
424 	SCTP_OUTPUT_CB(head)->last = skb;
425 
426 	head->truesize += skb->truesize;
427 	head->data_len += skb->len;
428 	head->len += skb->len;
429 
430 	__skb_header_release(skb);
431 }
432 
433 static int sctp_packet_pack(struct sctp_packet *packet,
434 			    struct sk_buff *head, int gso, gfp_t gfp)
435 {
436 	struct sctp_transport *tp = packet->transport;
437 	struct sctp_auth_chunk *auth = NULL;
438 	struct sctp_chunk *chunk, *tmp;
439 	int pkt_count = 0, pkt_size;
440 	struct sock *sk = head->sk;
441 	struct sk_buff *nskb;
442 	int auth_len = 0;
443 
444 	if (gso) {
445 		skb_shinfo(head)->gso_type = sk->sk_gso_type;
446 		SCTP_OUTPUT_CB(head)->last = head;
447 	} else {
448 		nskb = head;
449 		pkt_size = packet->size;
450 		goto merge;
451 	}
452 
453 	do {
454 		/* calculate the pkt_size and alloc nskb */
455 		pkt_size = packet->overhead;
456 		list_for_each_entry_safe(chunk, tmp, &packet->chunk_list,
457 					 list) {
458 			int padded = SCTP_PAD4(chunk->skb->len);
459 
460 			if (chunk == packet->auth)
461 				auth_len = padded;
462 			else if (auth_len + padded + packet->overhead >
463 				 tp->pathmtu)
464 				return 0;
465 			else if (pkt_size + padded > tp->pathmtu)
466 				break;
467 			pkt_size += padded;
468 		}
469 		nskb = alloc_skb(pkt_size + MAX_HEADER, gfp);
470 		if (!nskb)
471 			return 0;
472 		skb_reserve(nskb, packet->overhead + MAX_HEADER);
473 
474 merge:
475 		/* merge chunks into nskb and append nskb into head list */
476 		pkt_size -= packet->overhead;
477 		list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
478 			int padding;
479 
480 			list_del_init(&chunk->list);
481 			if (sctp_chunk_is_data(chunk)) {
482 				if (!sctp_chunk_retransmitted(chunk) &&
483 				    !tp->rto_pending) {
484 					chunk->rtt_in_progress = 1;
485 					tp->rto_pending = 1;
486 				}
487 			}
488 
489 			padding = SCTP_PAD4(chunk->skb->len) - chunk->skb->len;
490 			if (padding)
491 				skb_put_zero(chunk->skb, padding);
492 
493 			if (chunk == packet->auth)
494 				auth = (struct sctp_auth_chunk *)
495 							skb_tail_pointer(nskb);
496 
497 			skb_put_data(nskb, chunk->skb->data, chunk->skb->len);
498 
499 			pr_debug("*** Chunk:%p[%s] %s 0x%x, length:%d, chunk->skb->len:%d, rtt_in_progress:%d\n",
500 				 chunk,
501 				 sctp_cname(SCTP_ST_CHUNK(chunk->chunk_hdr->type)),
502 				 chunk->has_tsn ? "TSN" : "No TSN",
503 				 chunk->has_tsn ? ntohl(chunk->subh.data_hdr->tsn) : 0,
504 				 ntohs(chunk->chunk_hdr->length), chunk->skb->len,
505 				 chunk->rtt_in_progress);
506 
507 			pkt_size -= SCTP_PAD4(chunk->skb->len);
508 
509 			if (!sctp_chunk_is_data(chunk) && chunk != packet->auth)
510 				sctp_chunk_free(chunk);
511 
512 			if (!pkt_size)
513 				break;
514 		}
515 
516 		if (auth) {
517 			sctp_auth_calculate_hmac(tp->asoc, nskb, auth,
518 						 packet->auth->shkey, gfp);
519 			/* free auth if no more chunks, or add it back */
520 			if (list_empty(&packet->chunk_list))
521 				sctp_chunk_free(packet->auth);
522 			else
523 				list_add(&packet->auth->list,
524 					 &packet->chunk_list);
525 		}
526 
527 		if (gso)
528 			sctp_packet_gso_append(head, nskb);
529 
530 		pkt_count++;
531 	} while (!list_empty(&packet->chunk_list));
532 
533 	if (gso) {
534 		memset(head->cb, 0, max(sizeof(struct inet_skb_parm),
535 					sizeof(struct inet6_skb_parm)));
536 		skb_shinfo(head)->gso_segs = pkt_count;
537 		skb_shinfo(head)->gso_size = GSO_BY_FRAGS;
538 		rcu_read_lock();
539 		if (skb_dst(head) != tp->dst) {
540 			dst_hold(tp->dst);
541 			sk_setup_caps(sk, tp->dst);
542 		}
543 		rcu_read_unlock();
544 		goto chksum;
545 	}
546 
547 	if (sctp_checksum_disable)
548 		return 1;
549 
550 	if (!(skb_dst(head)->dev->features & NETIF_F_SCTP_CRC) ||
551 	    dst_xfrm(skb_dst(head)) || packet->ipfragok) {
552 		struct sctphdr *sh =
553 			(struct sctphdr *)skb_transport_header(head);
554 
555 		sh->checksum = sctp_compute_cksum(head, 0);
556 	} else {
557 chksum:
558 		head->ip_summed = CHECKSUM_PARTIAL;
559 		head->csum_not_inet = 1;
560 		head->csum_start = skb_transport_header(head) - head->head;
561 		head->csum_offset = offsetof(struct sctphdr, checksum);
562 	}
563 
564 	return pkt_count;
565 }
566 
567 /* All packets are sent to the network through this function from
568  * sctp_outq_tail().
569  *
570  * The return value is always 0 for now.
571  */
572 int sctp_packet_transmit(struct sctp_packet *packet, gfp_t gfp)
573 {
574 	struct sctp_transport *tp = packet->transport;
575 	struct sctp_association *asoc = tp->asoc;
576 	struct sctp_chunk *chunk, *tmp;
577 	int pkt_count, gso = 0;
578 	struct dst_entry *dst;
579 	struct sk_buff *head;
580 	struct sctphdr *sh;
581 	struct sock *sk;
582 
583 	pr_debug("%s: packet:%p\n", __func__, packet);
584 	if (list_empty(&packet->chunk_list))
585 		return 0;
586 	chunk = list_entry(packet->chunk_list.next, struct sctp_chunk, list);
587 	sk = chunk->skb->sk;
588 
589 	/* check gso */
590 	if (packet->size > tp->pathmtu && !packet->ipfragok) {
591 		if (!sk_can_gso(sk)) {
592 			pr_err_once("Trying to GSO but underlying device doesn't support it.");
593 			goto out;
594 		}
595 		gso = 1;
596 	}
597 
598 	/* alloc head skb */
599 	head = alloc_skb((gso ? packet->overhead : packet->size) +
600 			 MAX_HEADER, gfp);
601 	if (!head)
602 		goto out;
603 	skb_reserve(head, packet->overhead + MAX_HEADER);
604 	sctp_packet_set_owner_w(head, sk);
605 
606 	/* set sctp header */
607 	sh = skb_push(head, sizeof(struct sctphdr));
608 	skb_reset_transport_header(head);
609 	sh->source = htons(packet->source_port);
610 	sh->dest = htons(packet->destination_port);
611 	sh->vtag = htonl(packet->vtag);
612 	sh->checksum = 0;
613 
614 	/* drop packet if no dst */
615 	dst = dst_clone(tp->dst);
616 	if (!dst) {
617 		IP_INC_STATS(sock_net(sk), IPSTATS_MIB_OUTNOROUTES);
618 		kfree_skb(head);
619 		goto out;
620 	}
621 	skb_dst_set(head, dst);
622 
623 	/* pack up chunks */
624 	pkt_count = sctp_packet_pack(packet, head, gso, gfp);
625 	if (!pkt_count) {
626 		kfree_skb(head);
627 		goto out;
628 	}
629 	pr_debug("***sctp_transmit_packet*** skb->len:%d\n", head->len);
630 
631 	/* start autoclose timer */
632 	if (packet->has_data && sctp_state(asoc, ESTABLISHED) &&
633 	    asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE]) {
634 		struct timer_list *timer =
635 			&asoc->timers[SCTP_EVENT_TIMEOUT_AUTOCLOSE];
636 		unsigned long timeout =
637 			asoc->timeouts[SCTP_EVENT_TIMEOUT_AUTOCLOSE];
638 
639 		if (!mod_timer(timer, jiffies + timeout))
640 			sctp_association_hold(asoc);
641 	}
642 
643 	/* sctp xmit */
644 	tp->af_specific->ecn_capable(sk);
645 	if (asoc) {
646 		asoc->stats.opackets += pkt_count;
647 		if (asoc->peer.last_sent_to != tp)
648 			asoc->peer.last_sent_to = tp;
649 	}
650 	head->ignore_df = packet->ipfragok;
651 	if (tp->dst_pending_confirm)
652 		skb_set_dst_pending_confirm(head, 1);
653 	/* neighbour should be confirmed on successful transmission or
654 	 * positive error
655 	 */
656 	if (tp->af_specific->sctp_xmit(head, tp) >= 0 &&
657 	    tp->dst_pending_confirm)
658 		tp->dst_pending_confirm = 0;
659 
660 out:
661 	list_for_each_entry_safe(chunk, tmp, &packet->chunk_list, list) {
662 		list_del_init(&chunk->list);
663 		if (!sctp_chunk_is_data(chunk))
664 			sctp_chunk_free(chunk);
665 	}
666 	sctp_packet_reset(packet);
667 	return 0;
668 }
669 
670 /********************************************************************
671  * 2nd Level Abstractions
672  ********************************************************************/
673 
674 /* This private function check to see if a chunk can be added */
675 static enum sctp_xmit sctp_packet_can_append_data(struct sctp_packet *packet,
676 						  struct sctp_chunk *chunk)
677 {
678 	size_t datasize, rwnd, inflight, flight_size;
679 	struct sctp_transport *transport = packet->transport;
680 	struct sctp_association *asoc = transport->asoc;
681 	struct sctp_outq *q = &asoc->outqueue;
682 
683 	/* RFC 2960 6.1  Transmission of DATA Chunks
684 	 *
685 	 * A) At any given time, the data sender MUST NOT transmit new data to
686 	 * any destination transport address if its peer's rwnd indicates
687 	 * that the peer has no buffer space (i.e. rwnd is 0, see Section
688 	 * 6.2.1).  However, regardless of the value of rwnd (including if it
689 	 * is 0), the data sender can always have one DATA chunk in flight to
690 	 * the receiver if allowed by cwnd (see rule B below).  This rule
691 	 * allows the sender to probe for a change in rwnd that the sender
692 	 * missed due to the SACK having been lost in transit from the data
693 	 * receiver to the data sender.
694 	 */
695 
696 	rwnd = asoc->peer.rwnd;
697 	inflight = q->outstanding_bytes;
698 	flight_size = transport->flight_size;
699 
700 	datasize = sctp_data_size(chunk);
701 
702 	if (datasize > rwnd && inflight > 0)
703 		/* We have (at least) one data chunk in flight,
704 		 * so we can't fall back to rule 6.1 B).
705 		 */
706 		return SCTP_XMIT_RWND_FULL;
707 
708 	/* RFC 2960 6.1  Transmission of DATA Chunks
709 	 *
710 	 * B) At any given time, the sender MUST NOT transmit new data
711 	 * to a given transport address if it has cwnd or more bytes
712 	 * of data outstanding to that transport address.
713 	 */
714 	/* RFC 7.2.4 & the Implementers Guide 2.8.
715 	 *
716 	 * 3) ...
717 	 *    When a Fast Retransmit is being performed the sender SHOULD
718 	 *    ignore the value of cwnd and SHOULD NOT delay retransmission.
719 	 */
720 	if (chunk->fast_retransmit != SCTP_NEED_FRTX &&
721 	    flight_size >= transport->cwnd)
722 		return SCTP_XMIT_RWND_FULL;
723 
724 	/* Nagle's algorithm to solve small-packet problem:
725 	 * Inhibit the sending of new chunks when new outgoing data arrives
726 	 * if any previously transmitted data on the connection remains
727 	 * unacknowledged.
728 	 */
729 
730 	if ((sctp_sk(asoc->base.sk)->nodelay || inflight == 0) &&
731 	    !asoc->force_delay)
732 		/* Nothing unacked */
733 		return SCTP_XMIT_OK;
734 
735 	if (!sctp_packet_empty(packet))
736 		/* Append to packet */
737 		return SCTP_XMIT_OK;
738 
739 	if (!sctp_state(asoc, ESTABLISHED))
740 		return SCTP_XMIT_OK;
741 
742 	/* Check whether this chunk and all the rest of pending data will fit
743 	 * or delay in hopes of bundling a full sized packet.
744 	 */
745 	if (chunk->skb->len + q->out_qlen > transport->pathmtu -
746 	    packet->overhead - sctp_datachk_len(&chunk->asoc->stream) - 4)
747 		/* Enough data queued to fill a packet */
748 		return SCTP_XMIT_OK;
749 
750 	/* Don't delay large message writes that may have been fragmented */
751 	if (!chunk->msg->can_delay)
752 		return SCTP_XMIT_OK;
753 
754 	/* Defer until all data acked or packet full */
755 	return SCTP_XMIT_DELAY;
756 }
757 
758 /* This private function does management things when adding DATA chunk */
759 static void sctp_packet_append_data(struct sctp_packet *packet,
760 				struct sctp_chunk *chunk)
761 {
762 	struct sctp_transport *transport = packet->transport;
763 	size_t datasize = sctp_data_size(chunk);
764 	struct sctp_association *asoc = transport->asoc;
765 	u32 rwnd = asoc->peer.rwnd;
766 
767 	/* Keep track of how many bytes are in flight over this transport. */
768 	transport->flight_size += datasize;
769 
770 	/* Keep track of how many bytes are in flight to the receiver. */
771 	asoc->outqueue.outstanding_bytes += datasize;
772 
773 	/* Update our view of the receiver's rwnd. */
774 	if (datasize < rwnd)
775 		rwnd -= datasize;
776 	else
777 		rwnd = 0;
778 
779 	asoc->peer.rwnd = rwnd;
780 	sctp_chunk_assign_tsn(chunk);
781 	asoc->stream.si->assign_number(chunk);
782 }
783 
784 static enum sctp_xmit sctp_packet_will_fit(struct sctp_packet *packet,
785 					   struct sctp_chunk *chunk,
786 					   u16 chunk_len)
787 {
788 	enum sctp_xmit retval = SCTP_XMIT_OK;
789 	size_t psize, pmtu, maxsize;
790 
791 	/* Don't bundle in this packet if this chunk's auth key doesn't
792 	 * match other chunks already enqueued on this packet. Also,
793 	 * don't bundle the chunk with auth key if other chunks in this
794 	 * packet don't have auth key.
795 	 */
796 	if ((packet->auth && chunk->shkey != packet->auth->shkey) ||
797 	    (!packet->auth && chunk->shkey &&
798 	     chunk->chunk_hdr->type != SCTP_CID_AUTH))
799 		return SCTP_XMIT_PMTU_FULL;
800 
801 	psize = packet->size;
802 	if (packet->transport->asoc)
803 		pmtu = packet->transport->asoc->pathmtu;
804 	else
805 		pmtu = packet->transport->pathmtu;
806 
807 	/* Decide if we need to fragment or resubmit later. */
808 	if (psize + chunk_len > pmtu) {
809 		/* It's OK to fragment at IP level if any one of the following
810 		 * is true:
811 		 *	1. The packet is empty (meaning this chunk is greater
812 		 *	   the MTU)
813 		 *	2. The packet doesn't have any data in it yet and data
814 		 *	   requires authentication.
815 		 */
816 		if (sctp_packet_empty(packet) ||
817 		    (!packet->has_data && chunk->auth)) {
818 			/* We no longer do re-fragmentation.
819 			 * Just fragment at the IP layer, if we
820 			 * actually hit this condition
821 			 */
822 			packet->ipfragok = 1;
823 			goto out;
824 		}
825 
826 		/* Similarly, if this chunk was built before a PMTU
827 		 * reduction, we have to fragment it at IP level now. So
828 		 * if the packet already contains something, we need to
829 		 * flush.
830 		 */
831 		maxsize = pmtu - packet->overhead;
832 		if (packet->auth)
833 			maxsize -= SCTP_PAD4(packet->auth->skb->len);
834 		if (chunk_len > maxsize)
835 			retval = SCTP_XMIT_PMTU_FULL;
836 
837 		/* It is also okay to fragment if the chunk we are
838 		 * adding is a control chunk, but only if current packet
839 		 * is not a GSO one otherwise it causes fragmentation of
840 		 * a large frame. So in this case we allow the
841 		 * fragmentation by forcing it to be in a new packet.
842 		 */
843 		if (!sctp_chunk_is_data(chunk) && packet->has_data)
844 			retval = SCTP_XMIT_PMTU_FULL;
845 
846 		if (psize + chunk_len > packet->max_size)
847 			/* Hit GSO/PMTU limit, gotta flush */
848 			retval = SCTP_XMIT_PMTU_FULL;
849 
850 		if (!packet->transport->burst_limited &&
851 		    psize + chunk_len > (packet->transport->cwnd >> 1))
852 			/* Do not allow a single GSO packet to use more
853 			 * than half of cwnd.
854 			 */
855 			retval = SCTP_XMIT_PMTU_FULL;
856 
857 		if (packet->transport->burst_limited &&
858 		    psize + chunk_len > (packet->transport->burst_limited >> 1))
859 			/* Do not allow a single GSO packet to use more
860 			 * than half of original cwnd.
861 			 */
862 			retval = SCTP_XMIT_PMTU_FULL;
863 		/* Otherwise it will fit in the GSO packet */
864 	}
865 
866 out:
867 	return retval;
868 }
869