2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * Implementation of the Transmission Control Protocol(TCP).
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Mark Evans, <evansmp@uhura.aston.ac.uk>
11 * Corey Minyard <wf-rch!minyard@relay.EU.net>
12 * Florian La Roche, <flla@stud.uni-sb.de>
13 * Charles Hedrick, <hedrick@klinzhai.rutgers.edu>
14 * Linus Torvalds, <torvalds@cs.helsinki.fi>
15 * Alan Cox, <gw4pts@gw4pts.ampr.org>
16 * Matthew Dillon, <dillon@apollo.west.oic.com>
17 * Arnt Gulbrandsen, <agulbra@nvg.unit.no>
18 * Jorge Cwik, <jorge@laser.satlink.net>
22 * Changes: Pedro Roque : Retransmit queue handled by TCP.
23 * : Fragmentation on mtu decrease
24 * : Segment collapse on retransmit
27 * Linus Torvalds : send_delayed_ack
28 * David S. Miller : Charge memory using the right skb
29 * during syn/ack processing.
30 * David S. Miller : Output engine completely rewritten.
31 * Andrea Arcangeli: SYNACK carry ts_recent in tsecr.
32 * Cacophonix Gaul : draft-minshall-nagle-01
33 * J Hadi Salim : ECN support
37 #define pr_fmt(fmt) "TCP: " fmt
41 #include <linux/compiler.h>
42 #include <linux/gfp.h>
43 #include <linux/module.h>
45 /* People can turn this off for buggy TCP's found in printers etc. */
46 int sysctl_tcp_retrans_collapse __read_mostly = 1;
48 /* People can turn this on to work with those rare, broken TCPs that
49 * interpret the window field as a signed quantity.
51 int sysctl_tcp_workaround_signed_windows __read_mostly = 0;
53 /* Default TSQ limit of two TSO segments */
54 int sysctl_tcp_limit_output_bytes __read_mostly = 131072;
56 /* This limits the percentage of the congestion window which we
57 * will allow a single TSO frame to consume. Building TSO frames
58 * which are too large can cause TCP streams to be bursty.
60 int sysctl_tcp_tso_win_divisor __read_mostly = 3;
62 int sysctl_tcp_mtu_probing __read_mostly = 0;
63 int sysctl_tcp_base_mss __read_mostly = TCP_BASE_MSS;
65 /* By default, RFC2861 behavior. */
66 int sysctl_tcp_slow_start_after_idle __read_mostly = 1;
68 unsigned int sysctl_tcp_notsent_lowat __read_mostly = UINT_MAX;
69 EXPORT_SYMBOL(sysctl_tcp_notsent_lowat);
71 static bool tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle,
72 int push_one, gfp_t gfp);
74 /* Account for new data that has been sent to the network. */
75 static void tcp_event_new_data_sent(struct sock *sk, const struct sk_buff *skb)
77 struct inet_connection_sock *icsk = inet_csk(sk);
78 struct tcp_sock *tp = tcp_sk(sk);
79 unsigned int prior_packets = tp->packets_out;
81 tcp_advance_send_head(sk, skb);
82 tp->snd_nxt = TCP_SKB_CB(skb)->end_seq;
84 tp->packets_out += tcp_skb_pcount(skb);
85 if (!prior_packets || icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS ||
86 icsk->icsk_pending == ICSK_TIME_LOSS_PROBE) {
90 NET_ADD_STATS(sock_net(sk), LINUX_MIB_TCPORIGDATASENT,
94 /* SND.NXT, if window was not shrunk.
95 * If window has been shrunk, what should we make? It is not clear at all.
96 * Using SND.UNA we will fail to open window, SND.NXT is out of window. :-(
97 * Anything in between SND.UNA...SND.UNA+SND.WND also can be already
98 * invalid. OK, let's make this for now:
100 static inline __u32 tcp_acceptable_seq(const struct sock *sk)
102 const struct tcp_sock *tp = tcp_sk(sk);
104 if (!before(tcp_wnd_end(tp), tp->snd_nxt))
107 return tcp_wnd_end(tp);
110 /* Calculate mss to advertise in SYN segment.
111 * RFC1122, RFC1063, draft-ietf-tcpimpl-pmtud-01 state that:
113 * 1. It is independent of path mtu.
114 * 2. Ideally, it is maximal possible segment size i.e. 65535-40.
115 * 3. For IPv4 it is reasonable to calculate it from maximal MTU of
116 * attached devices, because some buggy hosts are confused by
118 * 4. We do not make 3, we advertise MSS, calculated from first
119 * hop device mtu, but allow to raise it to ip_rt_min_advmss.
120 * This may be overridden via information stored in routing table.
121 * 5. Value 65535 for MSS is valid in IPv6 and means "as large as possible,
122 * probably even Jumbo".
124 static __u16 tcp_advertise_mss(struct sock *sk)
126 struct tcp_sock *tp = tcp_sk(sk);
127 const struct dst_entry *dst = __sk_dst_get(sk);
128 int mss = tp->advmss;
131 unsigned int metric = dst_metric_advmss(dst);
142 /* RFC2861. Reset CWND after idle period longer RTO to "restart window".
143 * This is the first part of cwnd validation mechanism. */
144 static void tcp_cwnd_restart(struct sock *sk, const struct dst_entry *dst)
146 struct tcp_sock *tp = tcp_sk(sk);
147 s32 delta = tcp_time_stamp - tp->lsndtime;
148 u32 restart_cwnd = tcp_init_cwnd(tp, dst);
149 u32 cwnd = tp->snd_cwnd;
151 tcp_ca_event(sk, CA_EVENT_CWND_RESTART);
153 tp->snd_ssthresh = tcp_current_ssthresh(sk);
154 restart_cwnd = min(restart_cwnd, cwnd);
156 while ((delta -= inet_csk(sk)->icsk_rto) > 0 && cwnd > restart_cwnd)
158 tp->snd_cwnd = max(cwnd, restart_cwnd);
159 tp->snd_cwnd_stamp = tcp_time_stamp;
160 tp->snd_cwnd_used = 0;
163 /* Congestion state accounting after a packet has been sent. */
164 static void tcp_event_data_sent(struct tcp_sock *tp,
167 struct inet_connection_sock *icsk = inet_csk(sk);
168 const u32 now = tcp_time_stamp;
169 const struct dst_entry *dst = __sk_dst_get(sk);
171 if (sysctl_tcp_slow_start_after_idle &&
172 (!tp->packets_out && (s32)(now - tp->lsndtime) > icsk->icsk_rto))
173 tcp_cwnd_restart(sk, __sk_dst_get(sk));
177 /* If it is a reply for ato after last received
178 * packet, enter pingpong mode.
180 if ((u32)(now - icsk->icsk_ack.lrcvtime) < icsk->icsk_ack.ato &&
181 (!dst || !dst_metric(dst, RTAX_QUICKACK)))
182 icsk->icsk_ack.pingpong = 1;
185 /* Account for an ACK we sent. */
186 static inline void tcp_event_ack_sent(struct sock *sk, unsigned int pkts)
188 tcp_dec_quickack_mode(sk, pkts);
189 inet_csk_clear_xmit_timer(sk, ICSK_TIME_DACK);
193 u32 tcp_default_init_rwnd(u32 mss)
195 /* Initial receive window should be twice of TCP_INIT_CWND to
196 * enable proper sending of new unsent data during fast recovery
197 * (RFC 3517, Section 4, NextSeg() rule (2)). Further place a
198 * limit when mss is larger than 1460.
200 u32 init_rwnd = TCP_INIT_CWND * 2;
203 init_rwnd = max((1460 * init_rwnd) / mss, 2U);
207 /* Determine a window scaling and initial window to offer.
208 * Based on the assumption that the given amount of space
209 * will be offered. Store the results in the tp structure.
210 * NOTE: for smooth operation initial space offering should
211 * be a multiple of mss if possible. We assume here that mss >= 1.
212 * This MUST be enforced by all callers.
214 void tcp_select_initial_window(int __space, __u32 mss,
215 __u32 *rcv_wnd, __u32 *window_clamp,
216 int wscale_ok, __u8 *rcv_wscale,
219 unsigned int space = (__space < 0 ? 0 : __space);
221 /* If no clamp set the clamp to the max possible scaled window */
222 if (*window_clamp == 0)
223 (*window_clamp) = (65535 << 14);
224 space = min(*window_clamp, space);
226 /* Quantize space offering to a multiple of mss if possible. */
228 space = (space / mss) * mss;
230 /* NOTE: offering an initial window larger than 32767
231 * will break some buggy TCP stacks. If the admin tells us
232 * it is likely we could be speaking with such a buggy stack
233 * we will truncate our initial window offering to 32K-1
234 * unless the remote has sent us a window scaling option,
235 * which we interpret as a sign the remote TCP is not
236 * misinterpreting the window field as a signed quantity.
238 if (sysctl_tcp_workaround_signed_windows)
239 (*rcv_wnd) = min(space, MAX_TCP_WINDOW);
245 /* Set window scaling on max possible window
246 * See RFC1323 for an explanation of the limit to 14
248 space = max_t(u32, sysctl_tcp_rmem[2], sysctl_rmem_max);
249 space = min_t(u32, space, *window_clamp);
250 while (space > 65535 && (*rcv_wscale) < 14) {
256 if (mss > (1 << *rcv_wscale)) {
257 if (!init_rcv_wnd) /* Use default unless specified otherwise */
258 init_rcv_wnd = tcp_default_init_rwnd(mss);
259 *rcv_wnd = min(*rcv_wnd, init_rcv_wnd * mss);
262 /* Set the clamp no higher than max representable value */
263 (*window_clamp) = min(65535U << (*rcv_wscale), *window_clamp);
265 EXPORT_SYMBOL(tcp_select_initial_window);
267 /* Chose a new window to advertise, update state in tcp_sock for the
268 * socket, and return result with RFC1323 scaling applied. The return
269 * value can be stuffed directly into th->window for an outgoing
272 static u16 tcp_select_window(struct sock *sk)
274 struct tcp_sock *tp = tcp_sk(sk);
275 u32 old_win = tp->rcv_wnd;
276 u32 cur_win = tcp_receive_window(tp);
277 u32 new_win = __tcp_select_window(sk);
279 /* Never shrink the offered window */
280 if (new_win < cur_win) {
281 /* Danger Will Robinson!
282 * Don't update rcv_wup/rcv_wnd here or else
283 * we will not be able to advertise a zero
284 * window in time. --DaveM
286 * Relax Will Robinson.
289 NET_INC_STATS(sock_net(sk),
290 LINUX_MIB_TCPWANTZEROWINDOWADV);
291 new_win = ALIGN(cur_win, 1 << tp->rx_opt.rcv_wscale);
293 tp->rcv_wnd = new_win;
294 tp->rcv_wup = tp->rcv_nxt;
296 /* Make sure we do not exceed the maximum possible
299 if (!tp->rx_opt.rcv_wscale && sysctl_tcp_workaround_signed_windows)
300 new_win = min(new_win, MAX_TCP_WINDOW);
302 new_win = min(new_win, (65535U << tp->rx_opt.rcv_wscale));
304 /* RFC1323 scaling applied */
305 new_win >>= tp->rx_opt.rcv_wscale;
307 /* If we advertise zero window, disable fast path. */
311 NET_INC_STATS(sock_net(sk),
312 LINUX_MIB_TCPTOZEROWINDOWADV);
313 } else if (old_win == 0) {
314 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPFROMZEROWINDOWADV);
320 /* Packet ECN state for a SYN-ACK */
321 static void tcp_ecn_send_synack(struct sock *sk, struct sk_buff *skb)
323 const struct tcp_sock *tp = tcp_sk(sk);
325 TCP_SKB_CB(skb)->tcp_flags &= ~TCPHDR_CWR;
326 if (!(tp->ecn_flags & TCP_ECN_OK))
327 TCP_SKB_CB(skb)->tcp_flags &= ~TCPHDR_ECE;
328 else if (tcp_ca_needs_ecn(sk))
332 /* Packet ECN state for a SYN. */
333 static void tcp_ecn_send_syn(struct sock *sk, struct sk_buff *skb)
335 struct tcp_sock *tp = tcp_sk(sk);
338 if (sock_net(sk)->ipv4.sysctl_tcp_ecn == 1 ||
339 tcp_ca_needs_ecn(sk)) {
340 TCP_SKB_CB(skb)->tcp_flags |= TCPHDR_ECE | TCPHDR_CWR;
341 tp->ecn_flags = TCP_ECN_OK;
342 if (tcp_ca_needs_ecn(sk))
348 tcp_ecn_make_synack(const struct request_sock *req, struct tcphdr *th,
351 if (inet_rsk(req)->ecn_ok) {
353 if (tcp_ca_needs_ecn(sk))
358 /* Set up ECN state for a packet on a ESTABLISHED socket that is about to
361 static void tcp_ecn_send(struct sock *sk, struct sk_buff *skb,
364 struct tcp_sock *tp = tcp_sk(sk);
366 if (tp->ecn_flags & TCP_ECN_OK) {
367 /* Not-retransmitted data segment: set ECT and inject CWR. */
368 if (skb->len != tcp_header_len &&
369 !before(TCP_SKB_CB(skb)->seq, tp->snd_nxt)) {
371 if (tp->ecn_flags & TCP_ECN_QUEUE_CWR) {
372 tp->ecn_flags &= ~TCP_ECN_QUEUE_CWR;
373 tcp_hdr(skb)->cwr = 1;
374 skb_shinfo(skb)->gso_type |= SKB_GSO_TCP_ECN;
376 } else if (!tcp_ca_needs_ecn(sk)) {
377 /* ACK or retransmitted segment: clear ECT|CE */
378 INET_ECN_dontxmit(sk);
380 if (tp->ecn_flags & TCP_ECN_DEMAND_CWR)
381 tcp_hdr(skb)->ece = 1;
385 /* Constructs common control bits of non-data skb. If SYN/FIN is present,
386 * auto increment end seqno.
388 static void tcp_init_nondata_skb(struct sk_buff *skb, u32 seq, u8 flags)
390 struct skb_shared_info *shinfo = skb_shinfo(skb);
392 skb->ip_summed = CHECKSUM_PARTIAL;
395 TCP_SKB_CB(skb)->tcp_flags = flags;
396 TCP_SKB_CB(skb)->sacked = 0;
398 tcp_skb_pcount_set(skb, 1);
399 shinfo->gso_size = 0;
400 shinfo->gso_type = 0;
402 TCP_SKB_CB(skb)->seq = seq;
403 if (flags & (TCPHDR_SYN | TCPHDR_FIN))
405 TCP_SKB_CB(skb)->end_seq = seq;
408 static inline bool tcp_urg_mode(const struct tcp_sock *tp)
410 return tp->snd_una != tp->snd_up;
413 #define OPTION_SACK_ADVERTISE (1 << 0)
414 #define OPTION_TS (1 << 1)
415 #define OPTION_MD5 (1 << 2)
416 #define OPTION_WSCALE (1 << 3)
417 #define OPTION_FAST_OPEN_COOKIE (1 << 8)
419 struct tcp_out_options {
420 u16 options; /* bit field of OPTION_* */
421 u16 mss; /* 0 to disable */
422 u8 ws; /* window scale, 0 to disable */
423 u8 num_sack_blocks; /* number of SACK blocks to include */
424 u8 hash_size; /* bytes in hash_location */
425 __u8 *hash_location; /* temporary pointer, overloaded */
426 __u32 tsval, tsecr; /* need to include OPTION_TS */
427 struct tcp_fastopen_cookie *fastopen_cookie; /* Fast open cookie */
430 /* Write previously computed TCP options to the packet.
432 * Beware: Something in the Internet is very sensitive to the ordering of
433 * TCP options, we learned this through the hard way, so be careful here.
434 * Luckily we can at least blame others for their non-compliance but from
435 * inter-operability perspective it seems that we're somewhat stuck with
436 * the ordering which we have been using if we want to keep working with
437 * those broken things (not that it currently hurts anybody as there isn't
438 * particular reason why the ordering would need to be changed).
440 * At least SACK_PERM as the first option is known to lead to a disaster
441 * (but it may well be that other scenarios fail similarly).
443 static void tcp_options_write(__be32 *ptr, struct tcp_sock *tp,
444 struct tcp_out_options *opts)
446 u16 options = opts->options; /* mungable copy */
448 if (unlikely(OPTION_MD5 & options)) {
449 *ptr++ = htonl((TCPOPT_NOP << 24) | (TCPOPT_NOP << 16) |
450 (TCPOPT_MD5SIG << 8) | TCPOLEN_MD5SIG);
451 /* overload cookie hash location */
452 opts->hash_location = (__u8 *)ptr;
456 if (unlikely(opts->mss)) {
457 *ptr++ = htonl((TCPOPT_MSS << 24) |
458 (TCPOLEN_MSS << 16) |
462 if (likely(OPTION_TS & options)) {
463 if (unlikely(OPTION_SACK_ADVERTISE & options)) {
464 *ptr++ = htonl((TCPOPT_SACK_PERM << 24) |
465 (TCPOLEN_SACK_PERM << 16) |
466 (TCPOPT_TIMESTAMP << 8) |
468 options &= ~OPTION_SACK_ADVERTISE;
470 *ptr++ = htonl((TCPOPT_NOP << 24) |
472 (TCPOPT_TIMESTAMP << 8) |
475 *ptr++ = htonl(opts->tsval);
476 *ptr++ = htonl(opts->tsecr);
479 if (unlikely(OPTION_SACK_ADVERTISE & options)) {
480 *ptr++ = htonl((TCPOPT_NOP << 24) |
482 (TCPOPT_SACK_PERM << 8) |
486 if (unlikely(OPTION_WSCALE & options)) {
487 *ptr++ = htonl((TCPOPT_NOP << 24) |
488 (TCPOPT_WINDOW << 16) |
489 (TCPOLEN_WINDOW << 8) |
493 if (unlikely(opts->num_sack_blocks)) {
494 struct tcp_sack_block *sp = tp->rx_opt.dsack ?
495 tp->duplicate_sack : tp->selective_acks;
498 *ptr++ = htonl((TCPOPT_NOP << 24) |
501 (TCPOLEN_SACK_BASE + (opts->num_sack_blocks *
502 TCPOLEN_SACK_PERBLOCK)));
504 for (this_sack = 0; this_sack < opts->num_sack_blocks;
506 *ptr++ = htonl(sp[this_sack].start_seq);
507 *ptr++ = htonl(sp[this_sack].end_seq);
510 tp->rx_opt.dsack = 0;
513 if (unlikely(OPTION_FAST_OPEN_COOKIE & options)) {
514 struct tcp_fastopen_cookie *foc = opts->fastopen_cookie;
516 *ptr++ = htonl((TCPOPT_EXP << 24) |
517 ((TCPOLEN_EXP_FASTOPEN_BASE + foc->len) << 16) |
518 TCPOPT_FASTOPEN_MAGIC);
520 memcpy(ptr, foc->val, foc->len);
521 if ((foc->len & 3) == 2) {
522 u8 *align = ((u8 *)ptr) + foc->len;
523 align[0] = align[1] = TCPOPT_NOP;
525 ptr += (foc->len + 3) >> 2;
529 /* Compute TCP options for SYN packets. This is not the final
530 * network wire format yet.
532 static unsigned int tcp_syn_options(struct sock *sk, struct sk_buff *skb,
533 struct tcp_out_options *opts,
534 struct tcp_md5sig_key **md5)
536 struct tcp_sock *tp = tcp_sk(sk);
537 unsigned int remaining = MAX_TCP_OPTION_SPACE;
538 struct tcp_fastopen_request *fastopen = tp->fastopen_req;
540 #ifdef CONFIG_TCP_MD5SIG
541 *md5 = tp->af_specific->md5_lookup(sk, sk);
543 opts->options |= OPTION_MD5;
544 remaining -= TCPOLEN_MD5SIG_ALIGNED;
550 /* We always get an MSS option. The option bytes which will be seen in
551 * normal data packets should timestamps be used, must be in the MSS
552 * advertised. But we subtract them from tp->mss_cache so that
553 * calculations in tcp_sendmsg are simpler etc. So account for this
554 * fact here if necessary. If we don't do this correctly, as a
555 * receiver we won't recognize data packets as being full sized when we
556 * should, and thus we won't abide by the delayed ACK rules correctly.
557 * SACKs don't matter, we never delay an ACK when we have any of those
559 opts->mss = tcp_advertise_mss(sk);
560 remaining -= TCPOLEN_MSS_ALIGNED;
562 if (likely(sysctl_tcp_timestamps && *md5 == NULL)) {
563 opts->options |= OPTION_TS;
564 opts->tsval = tcp_skb_timestamp(skb) + tp->tsoffset;
565 opts->tsecr = tp->rx_opt.ts_recent;
566 remaining -= TCPOLEN_TSTAMP_ALIGNED;
568 if (likely(sysctl_tcp_window_scaling)) {
569 opts->ws = tp->rx_opt.rcv_wscale;
570 opts->options |= OPTION_WSCALE;
571 remaining -= TCPOLEN_WSCALE_ALIGNED;
573 if (likely(sysctl_tcp_sack)) {
574 opts->options |= OPTION_SACK_ADVERTISE;
575 if (unlikely(!(OPTION_TS & opts->options)))
576 remaining -= TCPOLEN_SACKPERM_ALIGNED;
579 if (fastopen && fastopen->cookie.len >= 0) {
580 u32 need = TCPOLEN_EXP_FASTOPEN_BASE + fastopen->cookie.len;
581 need = (need + 3) & ~3U; /* Align to 32 bits */
582 if (remaining >= need) {
583 opts->options |= OPTION_FAST_OPEN_COOKIE;
584 opts->fastopen_cookie = &fastopen->cookie;
586 tp->syn_fastopen = 1;
590 return MAX_TCP_OPTION_SPACE - remaining;
593 /* Set up TCP options for SYN-ACKs. */
594 static unsigned int tcp_synack_options(struct sock *sk,
595 struct request_sock *req,
596 unsigned int mss, struct sk_buff *skb,
597 struct tcp_out_options *opts,
598 struct tcp_md5sig_key **md5,
599 struct tcp_fastopen_cookie *foc)
601 struct inet_request_sock *ireq = inet_rsk(req);
602 unsigned int remaining = MAX_TCP_OPTION_SPACE;
604 #ifdef CONFIG_TCP_MD5SIG
605 *md5 = tcp_rsk(req)->af_specific->md5_lookup(sk, req);
607 opts->options |= OPTION_MD5;
608 remaining -= TCPOLEN_MD5SIG_ALIGNED;
610 /* We can't fit any SACK blocks in a packet with MD5 + TS
611 * options. There was discussion about disabling SACK
612 * rather than TS in order to fit in better with old,
613 * buggy kernels, but that was deemed to be unnecessary.
615 ireq->tstamp_ok &= !ireq->sack_ok;
621 /* We always send an MSS option. */
623 remaining -= TCPOLEN_MSS_ALIGNED;
625 if (likely(ireq->wscale_ok)) {
626 opts->ws = ireq->rcv_wscale;
627 opts->options |= OPTION_WSCALE;
628 remaining -= TCPOLEN_WSCALE_ALIGNED;
630 if (likely(ireq->tstamp_ok)) {
631 opts->options |= OPTION_TS;
632 opts->tsval = tcp_skb_timestamp(skb);
633 opts->tsecr = req->ts_recent;
634 remaining -= TCPOLEN_TSTAMP_ALIGNED;
636 if (likely(ireq->sack_ok)) {
637 opts->options |= OPTION_SACK_ADVERTISE;
638 if (unlikely(!ireq->tstamp_ok))
639 remaining -= TCPOLEN_SACKPERM_ALIGNED;
641 if (foc != NULL && foc->len >= 0) {
642 u32 need = TCPOLEN_EXP_FASTOPEN_BASE + foc->len;
643 need = (need + 3) & ~3U; /* Align to 32 bits */
644 if (remaining >= need) {
645 opts->options |= OPTION_FAST_OPEN_COOKIE;
646 opts->fastopen_cookie = foc;
651 return MAX_TCP_OPTION_SPACE - remaining;
654 /* Compute TCP options for ESTABLISHED sockets. This is not the
655 * final wire format yet.
657 static unsigned int tcp_established_options(struct sock *sk, struct sk_buff *skb,
658 struct tcp_out_options *opts,
659 struct tcp_md5sig_key **md5)
661 struct tcp_sock *tp = tcp_sk(sk);
662 unsigned int size = 0;
663 unsigned int eff_sacks;
667 #ifdef CONFIG_TCP_MD5SIG
668 *md5 = tp->af_specific->md5_lookup(sk, sk);
669 if (unlikely(*md5)) {
670 opts->options |= OPTION_MD5;
671 size += TCPOLEN_MD5SIG_ALIGNED;
677 if (likely(tp->rx_opt.tstamp_ok)) {
678 opts->options |= OPTION_TS;
679 opts->tsval = skb ? tcp_skb_timestamp(skb) + tp->tsoffset : 0;
680 opts->tsecr = tp->rx_opt.ts_recent;
681 size += TCPOLEN_TSTAMP_ALIGNED;
684 eff_sacks = tp->rx_opt.num_sacks + tp->rx_opt.dsack;
685 if (unlikely(eff_sacks)) {
686 const unsigned int remaining = MAX_TCP_OPTION_SPACE - size;
687 opts->num_sack_blocks =
688 min_t(unsigned int, eff_sacks,
689 (remaining - TCPOLEN_SACK_BASE_ALIGNED) /
690 TCPOLEN_SACK_PERBLOCK);
691 size += TCPOLEN_SACK_BASE_ALIGNED +
692 opts->num_sack_blocks * TCPOLEN_SACK_PERBLOCK;
699 /* TCP SMALL QUEUES (TSQ)
701 * TSQ goal is to keep small amount of skbs per tcp flow in tx queues (qdisc+dev)
702 * to reduce RTT and bufferbloat.
703 * We do this using a special skb destructor (tcp_wfree).
705 * Its important tcp_wfree() can be replaced by sock_wfree() in the event skb
706 * needs to be reallocated in a driver.
707 * The invariant being skb->truesize subtracted from sk->sk_wmem_alloc
709 * Since transmit from skb destructor is forbidden, we use a tasklet
710 * to process all sockets that eventually need to send more skbs.
711 * We use one tasklet per cpu, with its own queue of sockets.
714 struct tasklet_struct tasklet;
715 struct list_head head; /* queue of tcp sockets */
717 static DEFINE_PER_CPU(struct tsq_tasklet, tsq_tasklet);
719 static void tcp_tsq_handler(struct sock *sk)
721 if ((1 << sk->sk_state) &
722 (TCPF_ESTABLISHED | TCPF_FIN_WAIT1 | TCPF_CLOSING |
723 TCPF_CLOSE_WAIT | TCPF_LAST_ACK))
724 tcp_write_xmit(sk, tcp_current_mss(sk), tcp_sk(sk)->nonagle,
728 * One tasklet per cpu tries to send more skbs.
729 * We run in tasklet context but need to disable irqs when
730 * transferring tsq->head because tcp_wfree() might
731 * interrupt us (non NAPI drivers)
733 static void tcp_tasklet_func(unsigned long data)
735 struct tsq_tasklet *tsq = (struct tsq_tasklet *)data;
738 struct list_head *q, *n;
742 local_irq_save(flags);
743 list_splice_init(&tsq->head, &list);
744 local_irq_restore(flags);
746 list_for_each_safe(q, n, &list) {
747 tp = list_entry(q, struct tcp_sock, tsq_node);
748 list_del(&tp->tsq_node);
750 sk = (struct sock *)tp;
753 if (!sock_owned_by_user(sk)) {
756 /* defer the work to tcp_release_cb() */
757 set_bit(TCP_TSQ_DEFERRED, &tp->tsq_flags);
761 clear_bit(TSQ_QUEUED, &tp->tsq_flags);
766 #define TCP_DEFERRED_ALL ((1UL << TCP_TSQ_DEFERRED) | \
767 (1UL << TCP_WRITE_TIMER_DEFERRED) | \
768 (1UL << TCP_DELACK_TIMER_DEFERRED) | \
769 (1UL << TCP_MTU_REDUCED_DEFERRED))
771 * tcp_release_cb - tcp release_sock() callback
774 * called from release_sock() to perform protocol dependent
775 * actions before socket release.
777 void tcp_release_cb(struct sock *sk)
779 struct tcp_sock *tp = tcp_sk(sk);
780 unsigned long flags, nflags;
782 /* perform an atomic operation only if at least one flag is set */
784 flags = tp->tsq_flags;
785 if (!(flags & TCP_DEFERRED_ALL))
787 nflags = flags & ~TCP_DEFERRED_ALL;
788 } while (cmpxchg(&tp->tsq_flags, flags, nflags) != flags);
790 if (flags & (1UL << TCP_TSQ_DEFERRED))
793 /* Here begins the tricky part :
794 * We are called from release_sock() with :
796 * 2) sk_lock.slock spinlock held
797 * 3) socket owned by us (sk->sk_lock.owned == 1)
799 * But following code is meant to be called from BH handlers,
800 * so we should keep BH disabled, but early release socket ownership
802 sock_release_ownership(sk);
804 if (flags & (1UL << TCP_WRITE_TIMER_DEFERRED)) {
805 tcp_write_timer_handler(sk);
808 if (flags & (1UL << TCP_DELACK_TIMER_DEFERRED)) {
809 tcp_delack_timer_handler(sk);
812 if (flags & (1UL << TCP_MTU_REDUCED_DEFERRED)) {
813 inet_csk(sk)->icsk_af_ops->mtu_reduced(sk);
817 EXPORT_SYMBOL(tcp_release_cb);
819 void __init tcp_tasklet_init(void)
823 for_each_possible_cpu(i) {
824 struct tsq_tasklet *tsq = &per_cpu(tsq_tasklet, i);
826 INIT_LIST_HEAD(&tsq->head);
827 tasklet_init(&tsq->tasklet,
834 * Write buffer destructor automatically called from kfree_skb.
835 * We can't xmit new skbs from this context, as we might already
838 void tcp_wfree(struct sk_buff *skb)
840 struct sock *sk = skb->sk;
841 struct tcp_sock *tp = tcp_sk(sk);
843 if (test_and_clear_bit(TSQ_THROTTLED, &tp->tsq_flags) &&
844 !test_and_set_bit(TSQ_QUEUED, &tp->tsq_flags)) {
846 struct tsq_tasklet *tsq;
848 /* Keep a ref on socket.
849 * This last ref will be released in tcp_tasklet_func()
851 atomic_sub(skb->truesize - 1, &sk->sk_wmem_alloc);
853 /* queue this socket to tasklet queue */
854 local_irq_save(flags);
855 tsq = &__get_cpu_var(tsq_tasklet);
856 list_add(&tp->tsq_node, &tsq->head);
857 tasklet_schedule(&tsq->tasklet);
858 local_irq_restore(flags);
864 /* This routine actually transmits TCP packets queued in by
865 * tcp_do_sendmsg(). This is used by both the initial
866 * transmission and possible later retransmissions.
867 * All SKB's seen here are completely headerless. It is our
868 * job to build the TCP header, and pass the packet down to
869 * IP so it can do the same plus pass the packet off to the
872 * We are working here with either a clone of the original
873 * SKB, or a fresh unique copy made by the retransmit engine.
875 static int tcp_transmit_skb(struct sock *sk, struct sk_buff *skb, int clone_it,
878 const struct inet_connection_sock *icsk = inet_csk(sk);
879 struct inet_sock *inet;
881 struct tcp_skb_cb *tcb;
882 struct tcp_out_options opts;
883 unsigned int tcp_options_size, tcp_header_size;
884 struct tcp_md5sig_key *md5;
888 BUG_ON(!skb || !tcp_skb_pcount(skb));
891 skb_mstamp_get(&skb->skb_mstamp);
893 if (unlikely(skb_cloned(skb)))
894 skb = pskb_copy(skb, gfp_mask);
896 skb = skb_clone(skb, gfp_mask);
903 tcb = TCP_SKB_CB(skb);
904 memset(&opts, 0, sizeof(opts));
906 if (unlikely(tcb->tcp_flags & TCPHDR_SYN))
907 tcp_options_size = tcp_syn_options(sk, skb, &opts, &md5);
909 tcp_options_size = tcp_established_options(sk, skb, &opts,
911 tcp_header_size = tcp_options_size + sizeof(struct tcphdr);
913 if (tcp_packets_in_flight(tp) == 0)
914 tcp_ca_event(sk, CA_EVENT_TX_START);
916 /* if no packet is in qdisc/device queue, then allow XPS to select
917 * another queue. We can be called from tcp_tsq_handler()
918 * which holds one reference to sk_wmem_alloc.
920 * TODO: Ideally, in-flight pure ACK packets should not matter here.
921 * One way to get this would be to set skb->truesize = 2 on them.
923 skb->ooo_okay = sk_wmem_alloc_get(sk) < SKB_TRUESIZE(1);
925 skb_push(skb, tcp_header_size);
926 skb_reset_transport_header(skb);
930 skb->destructor = tcp_wfree;
931 skb_set_hash_from_sk(skb, sk);
932 atomic_add(skb->truesize, &sk->sk_wmem_alloc);
934 /* Build TCP header and checksum it. */
936 th->source = inet->inet_sport;
937 th->dest = inet->inet_dport;
938 th->seq = htonl(tcb->seq);
939 th->ack_seq = htonl(tp->rcv_nxt);
940 *(((__be16 *)th) + 6) = htons(((tcp_header_size >> 2) << 12) |
943 if (unlikely(tcb->tcp_flags & TCPHDR_SYN)) {
944 /* RFC1323: The window in SYN & SYN/ACK segments
947 th->window = htons(min(tp->rcv_wnd, 65535U));
949 th->window = htons(tcp_select_window(sk));
954 /* The urg_mode check is necessary during a below snd_una win probe */
955 if (unlikely(tcp_urg_mode(tp) && before(tcb->seq, tp->snd_up))) {
956 if (before(tp->snd_up, tcb->seq + 0x10000)) {
957 th->urg_ptr = htons(tp->snd_up - tcb->seq);
959 } else if (after(tcb->seq + 0xFFFF, tp->snd_nxt)) {
960 th->urg_ptr = htons(0xFFFF);
965 tcp_options_write((__be32 *)(th + 1), tp, &opts);
966 if (likely((tcb->tcp_flags & TCPHDR_SYN) == 0))
967 tcp_ecn_send(sk, skb, tcp_header_size);
969 #ifdef CONFIG_TCP_MD5SIG
970 /* Calculate the MD5 hash, as we have all we need now */
972 sk_nocaps_add(sk, NETIF_F_GSO_MASK);
973 tp->af_specific->calc_md5_hash(opts.hash_location,
978 icsk->icsk_af_ops->send_check(sk, skb);
980 if (likely(tcb->tcp_flags & TCPHDR_ACK))
981 tcp_event_ack_sent(sk, tcp_skb_pcount(skb));
983 if (skb->len != tcp_header_size)
984 tcp_event_data_sent(tp, sk);
986 if (after(tcb->end_seq, tp->snd_nxt) || tcb->seq == tcb->end_seq)
987 TCP_ADD_STATS(sock_net(sk), TCP_MIB_OUTSEGS,
988 tcp_skb_pcount(skb));
990 /* OK, its time to fill skb_shinfo(skb)->gso_segs */
991 skb_shinfo(skb)->gso_segs = tcp_skb_pcount(skb);
993 /* Our usage of tstamp should remain private */
994 skb->tstamp.tv64 = 0;
996 /* Cleanup our debris for IP stacks */
997 memset(skb->cb, 0, max(sizeof(struct inet_skb_parm),
998 sizeof(struct inet6_skb_parm)));
1000 err = icsk->icsk_af_ops->queue_xmit(sk, skb, &inet->cork.fl);
1002 if (likely(err <= 0))
1007 return net_xmit_eval(err);
1010 /* This routine just queues the buffer for sending.
1012 * NOTE: probe0 timer is not checked, do not forget tcp_push_pending_frames,
1013 * otherwise socket can stall.
1015 static void tcp_queue_skb(struct sock *sk, struct sk_buff *skb)
1017 struct tcp_sock *tp = tcp_sk(sk);
1019 /* Advance write_seq and place onto the write_queue. */
1020 tp->write_seq = TCP_SKB_CB(skb)->end_seq;
1021 __skb_header_release(skb);
1022 tcp_add_write_queue_tail(sk, skb);
1023 sk->sk_wmem_queued += skb->truesize;
1024 sk_mem_charge(sk, skb->truesize);
1027 /* Initialize TSO segments for a packet. */
1028 static void tcp_set_skb_tso_segs(const struct sock *sk, struct sk_buff *skb,
1029 unsigned int mss_now)
1031 struct skb_shared_info *shinfo = skb_shinfo(skb);
1033 /* Make sure we own this skb before messing gso_size/gso_segs */
1034 WARN_ON_ONCE(skb_cloned(skb));
1036 if (skb->len <= mss_now || skb->ip_summed == CHECKSUM_NONE) {
1037 /* Avoid the costly divide in the normal
1040 tcp_skb_pcount_set(skb, 1);
1041 shinfo->gso_size = 0;
1042 shinfo->gso_type = 0;
1044 tcp_skb_pcount_set(skb, DIV_ROUND_UP(skb->len, mss_now));
1045 shinfo->gso_size = mss_now;
1046 shinfo->gso_type = sk->sk_gso_type;
1050 /* When a modification to fackets out becomes necessary, we need to check
1051 * skb is counted to fackets_out or not.
1053 static void tcp_adjust_fackets_out(struct sock *sk, const struct sk_buff *skb,
1056 struct tcp_sock *tp = tcp_sk(sk);
1058 if (!tp->sacked_out || tcp_is_reno(tp))
1061 if (after(tcp_highest_sack_seq(tp), TCP_SKB_CB(skb)->seq))
1062 tp->fackets_out -= decr;
1065 /* Pcount in the middle of the write queue got changed, we need to do various
1066 * tweaks to fix counters
1068 static void tcp_adjust_pcount(struct sock *sk, const struct sk_buff *skb, int decr)
1070 struct tcp_sock *tp = tcp_sk(sk);
1072 tp->packets_out -= decr;
1074 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED)
1075 tp->sacked_out -= decr;
1076 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_RETRANS)
1077 tp->retrans_out -= decr;
1078 if (TCP_SKB_CB(skb)->sacked & TCPCB_LOST)
1079 tp->lost_out -= decr;
1081 /* Reno case is special. Sigh... */
1082 if (tcp_is_reno(tp) && decr > 0)
1083 tp->sacked_out -= min_t(u32, tp->sacked_out, decr);
1085 tcp_adjust_fackets_out(sk, skb, decr);
1087 if (tp->lost_skb_hint &&
1088 before(TCP_SKB_CB(skb)->seq, TCP_SKB_CB(tp->lost_skb_hint)->seq) &&
1089 (tcp_is_fack(tp) || (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED)))
1090 tp->lost_cnt_hint -= decr;
1092 tcp_verify_left_out(tp);
1095 static void tcp_fragment_tstamp(struct sk_buff *skb, struct sk_buff *skb2)
1097 struct skb_shared_info *shinfo = skb_shinfo(skb);
1099 if (unlikely(shinfo->tx_flags & SKBTX_ANY_TSTAMP) &&
1100 !before(shinfo->tskey, TCP_SKB_CB(skb2)->seq)) {
1101 struct skb_shared_info *shinfo2 = skb_shinfo(skb2);
1102 u8 tsflags = shinfo->tx_flags & SKBTX_ANY_TSTAMP;
1104 shinfo->tx_flags &= ~tsflags;
1105 shinfo2->tx_flags |= tsflags;
1106 swap(shinfo->tskey, shinfo2->tskey);
1110 /* Function to create two new TCP segments. Shrinks the given segment
1111 * to the specified size and appends a new segment with the rest of the
1112 * packet to the list. This won't be called frequently, I hope.
1113 * Remember, these are still headerless SKBs at this point.
1115 int tcp_fragment(struct sock *sk, struct sk_buff *skb, u32 len,
1116 unsigned int mss_now, gfp_t gfp)
1118 struct tcp_sock *tp = tcp_sk(sk);
1119 struct sk_buff *buff;
1120 int nsize, old_factor;
1124 if (WARN_ON(len > skb->len))
1127 nsize = skb_headlen(skb) - len;
1131 if (skb_unclone(skb, gfp))
1134 /* Get a new skb... force flag on. */
1135 buff = sk_stream_alloc_skb(sk, nsize, gfp);
1137 return -ENOMEM; /* We'll just try again later. */
1139 sk->sk_wmem_queued += buff->truesize;
1140 sk_mem_charge(sk, buff->truesize);
1141 nlen = skb->len - len - nsize;
1142 buff->truesize += nlen;
1143 skb->truesize -= nlen;
1145 /* Correct the sequence numbers. */
1146 TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len;
1147 TCP_SKB_CB(buff)->end_seq = TCP_SKB_CB(skb)->end_seq;
1148 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(buff)->seq;
1150 /* PSH and FIN should only be set in the second packet. */
1151 flags = TCP_SKB_CB(skb)->tcp_flags;
1152 TCP_SKB_CB(skb)->tcp_flags = flags & ~(TCPHDR_FIN | TCPHDR_PSH);
1153 TCP_SKB_CB(buff)->tcp_flags = flags;
1154 TCP_SKB_CB(buff)->sacked = TCP_SKB_CB(skb)->sacked;
1156 if (!skb_shinfo(skb)->nr_frags && skb->ip_summed != CHECKSUM_PARTIAL) {
1157 /* Copy and checksum data tail into the new buffer. */
1158 buff->csum = csum_partial_copy_nocheck(skb->data + len,
1159 skb_put(buff, nsize),
1164 skb->csum = csum_block_sub(skb->csum, buff->csum, len);
1166 skb->ip_summed = CHECKSUM_PARTIAL;
1167 skb_split(skb, buff, len);
1170 buff->ip_summed = skb->ip_summed;
1172 buff->tstamp = skb->tstamp;
1173 tcp_fragment_tstamp(skb, buff);
1175 old_factor = tcp_skb_pcount(skb);
1177 /* Fix up tso_factor for both original and new SKB. */
1178 tcp_set_skb_tso_segs(sk, skb, mss_now);
1179 tcp_set_skb_tso_segs(sk, buff, mss_now);
1181 /* If this packet has been sent out already, we must
1182 * adjust the various packet counters.
1184 if (!before(tp->snd_nxt, TCP_SKB_CB(buff)->end_seq)) {
1185 int diff = old_factor - tcp_skb_pcount(skb) -
1186 tcp_skb_pcount(buff);
1189 tcp_adjust_pcount(sk, skb, diff);
1192 /* Link BUFF into the send queue. */
1193 __skb_header_release(buff);
1194 tcp_insert_write_queue_after(skb, buff, sk);
1199 /* This is similar to __pskb_pull_head() (it will go to core/skbuff.c
1200 * eventually). The difference is that pulled data not copied, but
1201 * immediately discarded.
1203 static void __pskb_trim_head(struct sk_buff *skb, int len)
1205 struct skb_shared_info *shinfo;
1208 eat = min_t(int, len, skb_headlen(skb));
1210 __skb_pull(skb, eat);
1217 shinfo = skb_shinfo(skb);
1218 for (i = 0; i < shinfo->nr_frags; i++) {
1219 int size = skb_frag_size(&shinfo->frags[i]);
1222 skb_frag_unref(skb, i);
1225 shinfo->frags[k] = shinfo->frags[i];
1227 shinfo->frags[k].page_offset += eat;
1228 skb_frag_size_sub(&shinfo->frags[k], eat);
1234 shinfo->nr_frags = k;
1236 skb_reset_tail_pointer(skb);
1237 skb->data_len -= len;
1238 skb->len = skb->data_len;
1241 /* Remove acked data from a packet in the transmit queue. */
1242 int tcp_trim_head(struct sock *sk, struct sk_buff *skb, u32 len)
1244 if (skb_unclone(skb, GFP_ATOMIC))
1247 __pskb_trim_head(skb, len);
1249 TCP_SKB_CB(skb)->seq += len;
1250 skb->ip_summed = CHECKSUM_PARTIAL;
1252 skb->truesize -= len;
1253 sk->sk_wmem_queued -= len;
1254 sk_mem_uncharge(sk, len);
1255 sock_set_flag(sk, SOCK_QUEUE_SHRUNK);
1257 /* Any change of skb->len requires recalculation of tso factor. */
1258 if (tcp_skb_pcount(skb) > 1)
1259 tcp_set_skb_tso_segs(sk, skb, tcp_skb_mss(skb));
1264 /* Calculate MSS not accounting any TCP options. */
1265 static inline int __tcp_mtu_to_mss(struct sock *sk, int pmtu)
1267 const struct tcp_sock *tp = tcp_sk(sk);
1268 const struct inet_connection_sock *icsk = inet_csk(sk);
1271 /* Calculate base mss without TCP options:
1272 It is MMS_S - sizeof(tcphdr) of rfc1122
1274 mss_now = pmtu - icsk->icsk_af_ops->net_header_len - sizeof(struct tcphdr);
1276 /* IPv6 adds a frag_hdr in case RTAX_FEATURE_ALLFRAG is set */
1277 if (icsk->icsk_af_ops->net_frag_header_len) {
1278 const struct dst_entry *dst = __sk_dst_get(sk);
1280 if (dst && dst_allfrag(dst))
1281 mss_now -= icsk->icsk_af_ops->net_frag_header_len;
1284 /* Clamp it (mss_clamp does not include tcp options) */
1285 if (mss_now > tp->rx_opt.mss_clamp)
1286 mss_now = tp->rx_opt.mss_clamp;
1288 /* Now subtract optional transport overhead */
1289 mss_now -= icsk->icsk_ext_hdr_len;
1291 /* Then reserve room for full set of TCP options and 8 bytes of data */
1297 /* Calculate MSS. Not accounting for SACKs here. */
1298 int tcp_mtu_to_mss(struct sock *sk, int pmtu)
1300 /* Subtract TCP options size, not including SACKs */
1301 return __tcp_mtu_to_mss(sk, pmtu) -
1302 (tcp_sk(sk)->tcp_header_len - sizeof(struct tcphdr));
1305 /* Inverse of above */
1306 int tcp_mss_to_mtu(struct sock *sk, int mss)
1308 const struct tcp_sock *tp = tcp_sk(sk);
1309 const struct inet_connection_sock *icsk = inet_csk(sk);
1313 tp->tcp_header_len +
1314 icsk->icsk_ext_hdr_len +
1315 icsk->icsk_af_ops->net_header_len;
1317 /* IPv6 adds a frag_hdr in case RTAX_FEATURE_ALLFRAG is set */
1318 if (icsk->icsk_af_ops->net_frag_header_len) {
1319 const struct dst_entry *dst = __sk_dst_get(sk);
1321 if (dst && dst_allfrag(dst))
1322 mtu += icsk->icsk_af_ops->net_frag_header_len;
1327 /* MTU probing init per socket */
1328 void tcp_mtup_init(struct sock *sk)
1330 struct tcp_sock *tp = tcp_sk(sk);
1331 struct inet_connection_sock *icsk = inet_csk(sk);
1333 icsk->icsk_mtup.enabled = sysctl_tcp_mtu_probing > 1;
1334 icsk->icsk_mtup.search_high = tp->rx_opt.mss_clamp + sizeof(struct tcphdr) +
1335 icsk->icsk_af_ops->net_header_len;
1336 icsk->icsk_mtup.search_low = tcp_mss_to_mtu(sk, sysctl_tcp_base_mss);
1337 icsk->icsk_mtup.probe_size = 0;
1339 EXPORT_SYMBOL(tcp_mtup_init);
1341 /* This function synchronize snd mss to current pmtu/exthdr set.
1343 tp->rx_opt.user_mss is mss set by user by TCP_MAXSEG. It does NOT counts
1344 for TCP options, but includes only bare TCP header.
1346 tp->rx_opt.mss_clamp is mss negotiated at connection setup.
1347 It is minimum of user_mss and mss received with SYN.
1348 It also does not include TCP options.
1350 inet_csk(sk)->icsk_pmtu_cookie is last pmtu, seen by this function.
1352 tp->mss_cache is current effective sending mss, including
1353 all tcp options except for SACKs. It is evaluated,
1354 taking into account current pmtu, but never exceeds
1355 tp->rx_opt.mss_clamp.
1357 NOTE1. rfc1122 clearly states that advertised MSS
1358 DOES NOT include either tcp or ip options.
1360 NOTE2. inet_csk(sk)->icsk_pmtu_cookie and tp->mss_cache
1361 are READ ONLY outside this function. --ANK (980731)
1363 unsigned int tcp_sync_mss(struct sock *sk, u32 pmtu)
1365 struct tcp_sock *tp = tcp_sk(sk);
1366 struct inet_connection_sock *icsk = inet_csk(sk);
1369 if (icsk->icsk_mtup.search_high > pmtu)
1370 icsk->icsk_mtup.search_high = pmtu;
1372 mss_now = tcp_mtu_to_mss(sk, pmtu);
1373 mss_now = tcp_bound_to_half_wnd(tp, mss_now);
1375 /* And store cached results */
1376 icsk->icsk_pmtu_cookie = pmtu;
1377 if (icsk->icsk_mtup.enabled)
1378 mss_now = min(mss_now, tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_low));
1379 tp->mss_cache = mss_now;
1383 EXPORT_SYMBOL(tcp_sync_mss);
1385 /* Compute the current effective MSS, taking SACKs and IP options,
1386 * and even PMTU discovery events into account.
1388 unsigned int tcp_current_mss(struct sock *sk)
1390 const struct tcp_sock *tp = tcp_sk(sk);
1391 const struct dst_entry *dst = __sk_dst_get(sk);
1393 unsigned int header_len;
1394 struct tcp_out_options opts;
1395 struct tcp_md5sig_key *md5;
1397 mss_now = tp->mss_cache;
1400 u32 mtu = dst_mtu(dst);
1401 if (mtu != inet_csk(sk)->icsk_pmtu_cookie)
1402 mss_now = tcp_sync_mss(sk, mtu);
1405 header_len = tcp_established_options(sk, NULL, &opts, &md5) +
1406 sizeof(struct tcphdr);
1407 /* The mss_cache is sized based on tp->tcp_header_len, which assumes
1408 * some common options. If this is an odd packet (because we have SACK
1409 * blocks etc) then our calculated header_len will be different, and
1410 * we have to adjust mss_now correspondingly */
1411 if (header_len != tp->tcp_header_len) {
1412 int delta = (int) header_len - tp->tcp_header_len;
1419 /* RFC2861, slow part. Adjust cwnd, after it was not full during one rto.
1420 * As additional protections, we do not touch cwnd in retransmission phases,
1421 * and if application hit its sndbuf limit recently.
1423 static void tcp_cwnd_application_limited(struct sock *sk)
1425 struct tcp_sock *tp = tcp_sk(sk);
1427 if (inet_csk(sk)->icsk_ca_state == TCP_CA_Open &&
1428 sk->sk_socket && !test_bit(SOCK_NOSPACE, &sk->sk_socket->flags)) {
1429 /* Limited by application or receiver window. */
1430 u32 init_win = tcp_init_cwnd(tp, __sk_dst_get(sk));
1431 u32 win_used = max(tp->snd_cwnd_used, init_win);
1432 if (win_used < tp->snd_cwnd) {
1433 tp->snd_ssthresh = tcp_current_ssthresh(sk);
1434 tp->snd_cwnd = (tp->snd_cwnd + win_used) >> 1;
1436 tp->snd_cwnd_used = 0;
1438 tp->snd_cwnd_stamp = tcp_time_stamp;
1441 static void tcp_cwnd_validate(struct sock *sk, bool is_cwnd_limited)
1443 struct tcp_sock *tp = tcp_sk(sk);
1445 /* Track the maximum number of outstanding packets in each
1446 * window, and remember whether we were cwnd-limited then.
1448 if (!before(tp->snd_una, tp->max_packets_seq) ||
1449 tp->packets_out > tp->max_packets_out) {
1450 tp->max_packets_out = tp->packets_out;
1451 tp->max_packets_seq = tp->snd_nxt;
1452 tp->is_cwnd_limited = is_cwnd_limited;
1455 if (tcp_is_cwnd_limited(sk)) {
1456 /* Network is feed fully. */
1457 tp->snd_cwnd_used = 0;
1458 tp->snd_cwnd_stamp = tcp_time_stamp;
1460 /* Network starves. */
1461 if (tp->packets_out > tp->snd_cwnd_used)
1462 tp->snd_cwnd_used = tp->packets_out;
1464 if (sysctl_tcp_slow_start_after_idle &&
1465 (s32)(tcp_time_stamp - tp->snd_cwnd_stamp) >= inet_csk(sk)->icsk_rto)
1466 tcp_cwnd_application_limited(sk);
1470 /* Minshall's variant of the Nagle send check. */
1471 static bool tcp_minshall_check(const struct tcp_sock *tp)
1473 return after(tp->snd_sml, tp->snd_una) &&
1474 !after(tp->snd_sml, tp->snd_nxt);
1477 /* Update snd_sml if this skb is under mss
1478 * Note that a TSO packet might end with a sub-mss segment
1479 * The test is really :
1480 * if ((skb->len % mss) != 0)
1481 * tp->snd_sml = TCP_SKB_CB(skb)->end_seq;
1482 * But we can avoid doing the divide again given we already have
1483 * skb_pcount = skb->len / mss_now
1485 static void tcp_minshall_update(struct tcp_sock *tp, unsigned int mss_now,
1486 const struct sk_buff *skb)
1488 if (skb->len < tcp_skb_pcount(skb) * mss_now)
1489 tp->snd_sml = TCP_SKB_CB(skb)->end_seq;
1492 /* Return false, if packet can be sent now without violation Nagle's rules:
1493 * 1. It is full sized. (provided by caller in %partial bool)
1494 * 2. Or it contains FIN. (already checked by caller)
1495 * 3. Or TCP_CORK is not set, and TCP_NODELAY is set.
1496 * 4. Or TCP_CORK is not set, and all sent packets are ACKed.
1497 * With Minshall's modification: all sent small packets are ACKed.
1499 static bool tcp_nagle_check(bool partial, const struct tcp_sock *tp,
1503 ((nonagle & TCP_NAGLE_CORK) ||
1504 (!nonagle && tp->packets_out && tcp_minshall_check(tp)));
1506 /* Returns the portion of skb which can be sent right away */
1507 static unsigned int tcp_mss_split_point(const struct sock *sk,
1508 const struct sk_buff *skb,
1509 unsigned int mss_now,
1510 unsigned int max_segs,
1513 const struct tcp_sock *tp = tcp_sk(sk);
1514 u32 partial, needed, window, max_len;
1516 window = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq;
1517 max_len = mss_now * max_segs;
1519 if (likely(max_len <= window && skb != tcp_write_queue_tail(sk)))
1522 needed = min(skb->len, window);
1524 if (max_len <= needed)
1527 partial = needed % mss_now;
1528 /* If last segment is not a full MSS, check if Nagle rules allow us
1529 * to include this last segment in this skb.
1530 * Otherwise, we'll split the skb at last MSS boundary
1532 if (tcp_nagle_check(partial != 0, tp, nonagle))
1533 return needed - partial;
1538 /* Can at least one segment of SKB be sent right now, according to the
1539 * congestion window rules? If so, return how many segments are allowed.
1541 static inline unsigned int tcp_cwnd_test(const struct tcp_sock *tp,
1542 const struct sk_buff *skb)
1544 u32 in_flight, cwnd;
1546 /* Don't be strict about the congestion window for the final FIN. */
1547 if ((TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN) &&
1548 tcp_skb_pcount(skb) == 1)
1551 in_flight = tcp_packets_in_flight(tp);
1552 cwnd = tp->snd_cwnd;
1553 if (in_flight < cwnd)
1554 return (cwnd - in_flight);
1559 /* Initialize TSO state of a skb.
1560 * This must be invoked the first time we consider transmitting
1561 * SKB onto the wire.
1563 static int tcp_init_tso_segs(const struct sock *sk, struct sk_buff *skb,
1564 unsigned int mss_now)
1566 int tso_segs = tcp_skb_pcount(skb);
1568 if (!tso_segs || (tso_segs > 1 && tcp_skb_mss(skb) != mss_now)) {
1569 tcp_set_skb_tso_segs(sk, skb, mss_now);
1570 tso_segs = tcp_skb_pcount(skb);
1576 /* Return true if the Nagle test allows this packet to be
1579 static inline bool tcp_nagle_test(const struct tcp_sock *tp, const struct sk_buff *skb,
1580 unsigned int cur_mss, int nonagle)
1582 /* Nagle rule does not apply to frames, which sit in the middle of the
1583 * write_queue (they have no chances to get new data).
1585 * This is implemented in the callers, where they modify the 'nonagle'
1586 * argument based upon the location of SKB in the send queue.
1588 if (nonagle & TCP_NAGLE_PUSH)
1591 /* Don't use the nagle rule for urgent data (or for the final FIN). */
1592 if (tcp_urg_mode(tp) || (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN))
1595 if (!tcp_nagle_check(skb->len < cur_mss, tp, nonagle))
1601 /* Does at least the first segment of SKB fit into the send window? */
1602 static bool tcp_snd_wnd_test(const struct tcp_sock *tp,
1603 const struct sk_buff *skb,
1604 unsigned int cur_mss)
1606 u32 end_seq = TCP_SKB_CB(skb)->end_seq;
1608 if (skb->len > cur_mss)
1609 end_seq = TCP_SKB_CB(skb)->seq + cur_mss;
1611 return !after(end_seq, tcp_wnd_end(tp));
1614 /* This checks if the data bearing packet SKB (usually tcp_send_head(sk))
1615 * should be put on the wire right now. If so, it returns the number of
1616 * packets allowed by the congestion window.
1618 static unsigned int tcp_snd_test(const struct sock *sk, struct sk_buff *skb,
1619 unsigned int cur_mss, int nonagle)
1621 const struct tcp_sock *tp = tcp_sk(sk);
1622 unsigned int cwnd_quota;
1624 tcp_init_tso_segs(sk, skb, cur_mss);
1626 if (!tcp_nagle_test(tp, skb, cur_mss, nonagle))
1629 cwnd_quota = tcp_cwnd_test(tp, skb);
1630 if (cwnd_quota && !tcp_snd_wnd_test(tp, skb, cur_mss))
1636 /* Test if sending is allowed right now. */
1637 bool tcp_may_send_now(struct sock *sk)
1639 const struct tcp_sock *tp = tcp_sk(sk);
1640 struct sk_buff *skb = tcp_send_head(sk);
1643 tcp_snd_test(sk, skb, tcp_current_mss(sk),
1644 (tcp_skb_is_last(sk, skb) ?
1645 tp->nonagle : TCP_NAGLE_PUSH));
1648 /* Trim TSO SKB to LEN bytes, put the remaining data into a new packet
1649 * which is put after SKB on the list. It is very much like
1650 * tcp_fragment() except that it may make several kinds of assumptions
1651 * in order to speed up the splitting operation. In particular, we
1652 * know that all the data is in scatter-gather pages, and that the
1653 * packet has never been sent out before (and thus is not cloned).
1655 static int tso_fragment(struct sock *sk, struct sk_buff *skb, unsigned int len,
1656 unsigned int mss_now, gfp_t gfp)
1658 struct sk_buff *buff;
1659 int nlen = skb->len - len;
1662 /* All of a TSO frame must be composed of paged data. */
1663 if (skb->len != skb->data_len)
1664 return tcp_fragment(sk, skb, len, mss_now, gfp);
1666 buff = sk_stream_alloc_skb(sk, 0, gfp);
1667 if (unlikely(buff == NULL))
1670 sk->sk_wmem_queued += buff->truesize;
1671 sk_mem_charge(sk, buff->truesize);
1672 buff->truesize += nlen;
1673 skb->truesize -= nlen;
1675 /* Correct the sequence numbers. */
1676 TCP_SKB_CB(buff)->seq = TCP_SKB_CB(skb)->seq + len;
1677 TCP_SKB_CB(buff)->end_seq = TCP_SKB_CB(skb)->end_seq;
1678 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(buff)->seq;
1680 /* PSH and FIN should only be set in the second packet. */
1681 flags = TCP_SKB_CB(skb)->tcp_flags;
1682 TCP_SKB_CB(skb)->tcp_flags = flags & ~(TCPHDR_FIN | TCPHDR_PSH);
1683 TCP_SKB_CB(buff)->tcp_flags = flags;
1685 /* This packet was never sent out yet, so no SACK bits. */
1686 TCP_SKB_CB(buff)->sacked = 0;
1688 buff->ip_summed = skb->ip_summed = CHECKSUM_PARTIAL;
1689 skb_split(skb, buff, len);
1690 tcp_fragment_tstamp(skb, buff);
1692 /* Fix up tso_factor for both original and new SKB. */
1693 tcp_set_skb_tso_segs(sk, skb, mss_now);
1694 tcp_set_skb_tso_segs(sk, buff, mss_now);
1696 /* Link BUFF into the send queue. */
1697 __skb_header_release(buff);
1698 tcp_insert_write_queue_after(skb, buff, sk);
1703 /* Try to defer sending, if possible, in order to minimize the amount
1704 * of TSO splitting we do. View it as a kind of TSO Nagle test.
1706 * This algorithm is from John Heffner.
1708 static bool tcp_tso_should_defer(struct sock *sk, struct sk_buff *skb,
1709 bool *is_cwnd_limited)
1711 struct tcp_sock *tp = tcp_sk(sk);
1712 const struct inet_connection_sock *icsk = inet_csk(sk);
1713 u32 send_win, cong_win, limit, in_flight;
1716 if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_FIN)
1719 if (icsk->icsk_ca_state != TCP_CA_Open)
1722 /* Defer for less than two clock ticks. */
1723 if (tp->tso_deferred &&
1724 (((u32)jiffies << 1) >> 1) - (tp->tso_deferred >> 1) > 1)
1727 in_flight = tcp_packets_in_flight(tp);
1729 BUG_ON(tcp_skb_pcount(skb) <= 1 || (tp->snd_cwnd <= in_flight));
1731 send_win = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq;
1733 /* From in_flight test above, we know that cwnd > in_flight. */
1734 cong_win = (tp->snd_cwnd - in_flight) * tp->mss_cache;
1736 limit = min(send_win, cong_win);
1738 /* If a full-sized TSO skb can be sent, do it. */
1739 if (limit >= min_t(unsigned int, sk->sk_gso_max_size,
1740 tp->xmit_size_goal_segs * tp->mss_cache))
1743 /* Middle in queue won't get any more data, full sendable already? */
1744 if ((skb != tcp_write_queue_tail(sk)) && (limit >= skb->len))
1747 win_divisor = ACCESS_ONCE(sysctl_tcp_tso_win_divisor);
1749 u32 chunk = min(tp->snd_wnd, tp->snd_cwnd * tp->mss_cache);
1751 /* If at least some fraction of a window is available,
1754 chunk /= win_divisor;
1758 /* Different approach, try not to defer past a single
1759 * ACK. Receiver should ACK every other full sized
1760 * frame, so if we have space for more than 3 frames
1763 if (limit > tcp_max_tso_deferred_mss(tp) * tp->mss_cache)
1767 /* Ok, it looks like it is advisable to defer.
1768 * Do not rearm the timer if already set to not break TCP ACK clocking.
1770 if (!tp->tso_deferred)
1771 tp->tso_deferred = 1 | (jiffies << 1);
1773 if (cong_win < send_win && cong_win < skb->len)
1774 *is_cwnd_limited = true;
1779 tp->tso_deferred = 0;
1783 /* Create a new MTU probe if we are ready.
1784 * MTU probe is regularly attempting to increase the path MTU by
1785 * deliberately sending larger packets. This discovers routing
1786 * changes resulting in larger path MTUs.
1788 * Returns 0 if we should wait to probe (no cwnd available),
1789 * 1 if a probe was sent,
1792 static int tcp_mtu_probe(struct sock *sk)
1794 struct tcp_sock *tp = tcp_sk(sk);
1795 struct inet_connection_sock *icsk = inet_csk(sk);
1796 struct sk_buff *skb, *nskb, *next;
1803 /* Not currently probing/verifying,
1805 * have enough cwnd, and
1806 * not SACKing (the variable headers throw things off) */
1807 if (!icsk->icsk_mtup.enabled ||
1808 icsk->icsk_mtup.probe_size ||
1809 inet_csk(sk)->icsk_ca_state != TCP_CA_Open ||
1810 tp->snd_cwnd < 11 ||
1811 tp->rx_opt.num_sacks || tp->rx_opt.dsack)
1814 /* Very simple search strategy: just double the MSS. */
1815 mss_now = tcp_current_mss(sk);
1816 probe_size = 2 * tp->mss_cache;
1817 size_needed = probe_size + (tp->reordering + 1) * tp->mss_cache;
1818 if (probe_size > tcp_mtu_to_mss(sk, icsk->icsk_mtup.search_high)) {
1819 /* TODO: set timer for probe_converge_event */
1823 /* Have enough data in the send queue to probe? */
1824 if (tp->write_seq - tp->snd_nxt < size_needed)
1827 if (tp->snd_wnd < size_needed)
1829 if (after(tp->snd_nxt + size_needed, tcp_wnd_end(tp)))
1832 /* Do we need to wait to drain cwnd? With none in flight, don't stall */
1833 if (tcp_packets_in_flight(tp) + 2 > tp->snd_cwnd) {
1834 if (!tcp_packets_in_flight(tp))
1840 /* We're allowed to probe. Build it now. */
1841 if ((nskb = sk_stream_alloc_skb(sk, probe_size, GFP_ATOMIC)) == NULL)
1843 sk->sk_wmem_queued += nskb->truesize;
1844 sk_mem_charge(sk, nskb->truesize);
1846 skb = tcp_send_head(sk);
1848 TCP_SKB_CB(nskb)->seq = TCP_SKB_CB(skb)->seq;
1849 TCP_SKB_CB(nskb)->end_seq = TCP_SKB_CB(skb)->seq + probe_size;
1850 TCP_SKB_CB(nskb)->tcp_flags = TCPHDR_ACK;
1851 TCP_SKB_CB(nskb)->sacked = 0;
1853 nskb->ip_summed = skb->ip_summed;
1855 tcp_insert_write_queue_before(nskb, skb, sk);
1858 tcp_for_write_queue_from_safe(skb, next, sk) {
1859 copy = min_t(int, skb->len, probe_size - len);
1860 if (nskb->ip_summed)
1861 skb_copy_bits(skb, 0, skb_put(nskb, copy), copy);
1863 nskb->csum = skb_copy_and_csum_bits(skb, 0,
1864 skb_put(nskb, copy),
1867 if (skb->len <= copy) {
1868 /* We've eaten all the data from this skb.
1870 TCP_SKB_CB(nskb)->tcp_flags |= TCP_SKB_CB(skb)->tcp_flags;
1871 tcp_unlink_write_queue(skb, sk);
1872 sk_wmem_free_skb(sk, skb);
1874 TCP_SKB_CB(nskb)->tcp_flags |= TCP_SKB_CB(skb)->tcp_flags &
1875 ~(TCPHDR_FIN|TCPHDR_PSH);
1876 if (!skb_shinfo(skb)->nr_frags) {
1877 skb_pull(skb, copy);
1878 if (skb->ip_summed != CHECKSUM_PARTIAL)
1879 skb->csum = csum_partial(skb->data,
1882 __pskb_trim_head(skb, copy);
1883 tcp_set_skb_tso_segs(sk, skb, mss_now);
1885 TCP_SKB_CB(skb)->seq += copy;
1890 if (len >= probe_size)
1893 tcp_init_tso_segs(sk, nskb, nskb->len);
1895 /* We're ready to send. If this fails, the probe will
1896 * be resegmented into mss-sized pieces by tcp_write_xmit().
1898 if (!tcp_transmit_skb(sk, nskb, 1, GFP_ATOMIC)) {
1899 /* Decrement cwnd here because we are sending
1900 * effectively two packets. */
1902 tcp_event_new_data_sent(sk, nskb);
1904 icsk->icsk_mtup.probe_size = tcp_mss_to_mtu(sk, nskb->len);
1905 tp->mtu_probe.probe_seq_start = TCP_SKB_CB(nskb)->seq;
1906 tp->mtu_probe.probe_seq_end = TCP_SKB_CB(nskb)->end_seq;
1914 /* This routine writes packets to the network. It advances the
1915 * send_head. This happens as incoming acks open up the remote
1918 * LARGESEND note: !tcp_urg_mode is overkill, only frames between
1919 * snd_up-64k-mss .. snd_up cannot be large. However, taking into
1920 * account rare use of URG, this is not a big flaw.
1922 * Send at most one packet when push_one > 0. Temporarily ignore
1923 * cwnd limit to force at most one packet out when push_one == 2.
1925 * Returns true, if no segments are in flight and we have queued segments,
1926 * but cannot send anything now because of SWS or another problem.
1928 static bool tcp_write_xmit(struct sock *sk, unsigned int mss_now, int nonagle,
1929 int push_one, gfp_t gfp)
1931 struct tcp_sock *tp = tcp_sk(sk);
1932 struct sk_buff *skb;
1933 unsigned int tso_segs, sent_pkts;
1936 bool is_cwnd_limited = false;
1941 /* Do MTU probing. */
1942 result = tcp_mtu_probe(sk);
1945 } else if (result > 0) {
1950 while ((skb = tcp_send_head(sk))) {
1953 tso_segs = tcp_init_tso_segs(sk, skb, mss_now);
1956 if (unlikely(tp->repair) && tp->repair_queue == TCP_SEND_QUEUE) {
1957 /* "skb_mstamp" is used as a start point for the retransmit timer */
1958 skb_mstamp_get(&skb->skb_mstamp);
1959 goto repair; /* Skip network transmission */
1962 cwnd_quota = tcp_cwnd_test(tp, skb);
1964 is_cwnd_limited = true;
1966 /* Force out a loss probe pkt. */
1972 if (unlikely(!tcp_snd_wnd_test(tp, skb, mss_now)))
1975 if (tso_segs == 1) {
1976 if (unlikely(!tcp_nagle_test(tp, skb, mss_now,
1977 (tcp_skb_is_last(sk, skb) ?
1978 nonagle : TCP_NAGLE_PUSH))))
1982 tcp_tso_should_defer(sk, skb, &is_cwnd_limited))
1986 /* TCP Small Queues :
1987 * Control number of packets in qdisc/devices to two packets / or ~1 ms.
1989 * - better RTT estimation and ACK scheduling
1992 * Alas, some drivers / subsystems require a fair amount
1993 * of queued bytes to ensure line rate.
1994 * One example is wifi aggregation (802.11 AMPDU)
1996 limit = max_t(unsigned int, sysctl_tcp_limit_output_bytes,
1997 sk->sk_pacing_rate >> 10);
1999 if (atomic_read(&sk->sk_wmem_alloc) > limit) {
2000 set_bit(TSQ_THROTTLED, &tp->tsq_flags);
2001 /* It is possible TX completion already happened
2002 * before we set TSQ_THROTTLED, so we must
2003 * test again the condition.
2005 smp_mb__after_atomic();
2006 if (atomic_read(&sk->sk_wmem_alloc) > limit)
2011 if (tso_segs > 1 && !tcp_urg_mode(tp))
2012 limit = tcp_mss_split_point(sk, skb, mss_now,
2015 sk->sk_gso_max_segs),
2018 if (skb->len > limit &&
2019 unlikely(tso_fragment(sk, skb, limit, mss_now, gfp)))
2022 if (unlikely(tcp_transmit_skb(sk, skb, 1, gfp)))
2026 /* Advance the send_head. This one is sent out.
2027 * This call will increment packets_out.
2029 tcp_event_new_data_sent(sk, skb);
2031 tcp_minshall_update(tp, mss_now, skb);
2032 sent_pkts += tcp_skb_pcount(skb);
2038 if (likely(sent_pkts)) {
2039 if (tcp_in_cwnd_reduction(sk))
2040 tp->prr_out += sent_pkts;
2042 /* Send one loss probe per tail loss episode. */
2044 tcp_schedule_loss_probe(sk);
2045 tcp_cwnd_validate(sk, is_cwnd_limited);
2048 return (push_one == 2) || (!tp->packets_out && tcp_send_head(sk));
2051 bool tcp_schedule_loss_probe(struct sock *sk)
2053 struct inet_connection_sock *icsk = inet_csk(sk);
2054 struct tcp_sock *tp = tcp_sk(sk);
2055 u32 timeout, tlp_time_stamp, rto_time_stamp;
2056 u32 rtt = usecs_to_jiffies(tp->srtt_us >> 3);
2058 if (WARN_ON(icsk->icsk_pending == ICSK_TIME_EARLY_RETRANS))
2060 /* No consecutive loss probes. */
2061 if (WARN_ON(icsk->icsk_pending == ICSK_TIME_LOSS_PROBE)) {
2065 /* Don't do any loss probe on a Fast Open connection before 3WHS
2068 if (sk->sk_state == TCP_SYN_RECV)
2071 /* TLP is only scheduled when next timer event is RTO. */
2072 if (icsk->icsk_pending != ICSK_TIME_RETRANS)
2075 /* Schedule a loss probe in 2*RTT for SACK capable connections
2076 * in Open state, that are either limited by cwnd or application.
2078 if (sysctl_tcp_early_retrans < 3 || !tp->srtt_us || !tp->packets_out ||
2079 !tcp_is_sack(tp) || inet_csk(sk)->icsk_ca_state != TCP_CA_Open)
2082 if ((tp->snd_cwnd > tcp_packets_in_flight(tp)) &&
2086 /* Probe timeout is at least 1.5*rtt + TCP_DELACK_MAX to account
2087 * for delayed ack when there's one outstanding packet.
2090 if (tp->packets_out == 1)
2091 timeout = max_t(u32, timeout,
2092 (rtt + (rtt >> 1) + TCP_DELACK_MAX));
2093 timeout = max_t(u32, timeout, msecs_to_jiffies(10));
2095 /* If RTO is shorter, just schedule TLP in its place. */
2096 tlp_time_stamp = tcp_time_stamp + timeout;
2097 rto_time_stamp = (u32)inet_csk(sk)->icsk_timeout;
2098 if ((s32)(tlp_time_stamp - rto_time_stamp) > 0) {
2099 s32 delta = rto_time_stamp - tcp_time_stamp;
2104 inet_csk_reset_xmit_timer(sk, ICSK_TIME_LOSS_PROBE, timeout,
2109 /* Thanks to skb fast clones, we can detect if a prior transmit of
2110 * a packet is still in a qdisc or driver queue.
2111 * In this case, there is very little point doing a retransmit !
2112 * Note: This is called from BH context only.
2114 static bool skb_still_in_host_queue(const struct sock *sk,
2115 const struct sk_buff *skb)
2117 if (unlikely(skb_fclone_busy(skb))) {
2118 NET_INC_STATS_BH(sock_net(sk),
2119 LINUX_MIB_TCPSPURIOUS_RTX_HOSTQUEUES);
2125 /* When probe timeout (PTO) fires, send a new segment if one exists, else
2126 * retransmit the last segment.
2128 void tcp_send_loss_probe(struct sock *sk)
2130 struct tcp_sock *tp = tcp_sk(sk);
2131 struct sk_buff *skb;
2133 int mss = tcp_current_mss(sk);
2136 if (tcp_send_head(sk) != NULL) {
2137 err = tcp_write_xmit(sk, mss, TCP_NAGLE_OFF, 2, GFP_ATOMIC);
2141 /* At most one outstanding TLP retransmission. */
2142 if (tp->tlp_high_seq)
2145 /* Retransmit last segment. */
2146 skb = tcp_write_queue_tail(sk);
2150 if (skb_still_in_host_queue(sk, skb))
2153 pcount = tcp_skb_pcount(skb);
2154 if (WARN_ON(!pcount))
2157 if ((pcount > 1) && (skb->len > (pcount - 1) * mss)) {
2158 if (unlikely(tcp_fragment(sk, skb, (pcount - 1) * mss, mss,
2161 skb = tcp_write_queue_tail(sk);
2164 if (WARN_ON(!skb || !tcp_skb_pcount(skb)))
2167 err = __tcp_retransmit_skb(sk, skb);
2169 /* Record snd_nxt for loss detection. */
2171 tp->tlp_high_seq = tp->snd_nxt;
2174 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
2175 inet_csk(sk)->icsk_rto,
2179 NET_INC_STATS_BH(sock_net(sk),
2180 LINUX_MIB_TCPLOSSPROBES);
2183 /* Push out any pending frames which were held back due to
2184 * TCP_CORK or attempt at coalescing tiny packets.
2185 * The socket must be locked by the caller.
2187 void __tcp_push_pending_frames(struct sock *sk, unsigned int cur_mss,
2190 /* If we are closed, the bytes will have to remain here.
2191 * In time closedown will finish, we empty the write queue and
2192 * all will be happy.
2194 if (unlikely(sk->sk_state == TCP_CLOSE))
2197 if (tcp_write_xmit(sk, cur_mss, nonagle, 0,
2198 sk_gfp_atomic(sk, GFP_ATOMIC)))
2199 tcp_check_probe_timer(sk);
2202 /* Send _single_ skb sitting at the send head. This function requires
2203 * true push pending frames to setup probe timer etc.
2205 void tcp_push_one(struct sock *sk, unsigned int mss_now)
2207 struct sk_buff *skb = tcp_send_head(sk);
2209 BUG_ON(!skb || skb->len < mss_now);
2211 tcp_write_xmit(sk, mss_now, TCP_NAGLE_PUSH, 1, sk->sk_allocation);
2214 /* This function returns the amount that we can raise the
2215 * usable window based on the following constraints
2217 * 1. The window can never be shrunk once it is offered (RFC 793)
2218 * 2. We limit memory per socket
2221 * "the suggested [SWS] avoidance algorithm for the receiver is to keep
2222 * RECV.NEXT + RCV.WIN fixed until:
2223 * RCV.BUFF - RCV.USER - RCV.WINDOW >= min(1/2 RCV.BUFF, MSS)"
2225 * i.e. don't raise the right edge of the window until you can raise
2226 * it at least MSS bytes.
2228 * Unfortunately, the recommended algorithm breaks header prediction,
2229 * since header prediction assumes th->window stays fixed.
2231 * Strictly speaking, keeping th->window fixed violates the receiver
2232 * side SWS prevention criteria. The problem is that under this rule
2233 * a stream of single byte packets will cause the right side of the
2234 * window to always advance by a single byte.
2236 * Of course, if the sender implements sender side SWS prevention
2237 * then this will not be a problem.
2239 * BSD seems to make the following compromise:
2241 * If the free space is less than the 1/4 of the maximum
2242 * space available and the free space is less than 1/2 mss,
2243 * then set the window to 0.
2244 * [ Actually, bsd uses MSS and 1/4 of maximal _window_ ]
2245 * Otherwise, just prevent the window from shrinking
2246 * and from being larger than the largest representable value.
2248 * This prevents incremental opening of the window in the regime
2249 * where TCP is limited by the speed of the reader side taking
2250 * data out of the TCP receive queue. It does nothing about
2251 * those cases where the window is constrained on the sender side
2252 * because the pipeline is full.
2254 * BSD also seems to "accidentally" limit itself to windows that are a
2255 * multiple of MSS, at least until the free space gets quite small.
2256 * This would appear to be a side effect of the mbuf implementation.
2257 * Combining these two algorithms results in the observed behavior
2258 * of having a fixed window size at almost all times.
2260 * Below we obtain similar behavior by forcing the offered window to
2261 * a multiple of the mss when it is feasible to do so.
2263 * Note, we don't "adjust" for TIMESTAMP or SACK option bytes.
2264 * Regular options like TIMESTAMP are taken into account.
2266 u32 __tcp_select_window(struct sock *sk)
2268 struct inet_connection_sock *icsk = inet_csk(sk);
2269 struct tcp_sock *tp = tcp_sk(sk);
2270 /* MSS for the peer's data. Previous versions used mss_clamp
2271 * here. I don't know if the value based on our guesses
2272 * of peer's MSS is better for the performance. It's more correct
2273 * but may be worse for the performance because of rcv_mss
2274 * fluctuations. --SAW 1998/11/1
2276 int mss = icsk->icsk_ack.rcv_mss;
2277 int free_space = tcp_space(sk);
2278 int allowed_space = tcp_full_space(sk);
2279 int full_space = min_t(int, tp->window_clamp, allowed_space);
2282 if (mss > full_space)
2285 if (free_space < (full_space >> 1)) {
2286 icsk->icsk_ack.quick = 0;
2288 if (sk_under_memory_pressure(sk))
2289 tp->rcv_ssthresh = min(tp->rcv_ssthresh,
2292 /* free_space might become our new window, make sure we don't
2293 * increase it due to wscale.
2295 free_space = round_down(free_space, 1 << tp->rx_opt.rcv_wscale);
2297 /* if free space is less than mss estimate, or is below 1/16th
2298 * of the maximum allowed, try to move to zero-window, else
2299 * tcp_clamp_window() will grow rcv buf up to tcp_rmem[2], and
2300 * new incoming data is dropped due to memory limits.
2301 * With large window, mss test triggers way too late in order
2302 * to announce zero window in time before rmem limit kicks in.
2304 if (free_space < (allowed_space >> 4) || free_space < mss)
2308 if (free_space > tp->rcv_ssthresh)
2309 free_space = tp->rcv_ssthresh;
2311 /* Don't do rounding if we are using window scaling, since the
2312 * scaled window will not line up with the MSS boundary anyway.
2314 window = tp->rcv_wnd;
2315 if (tp->rx_opt.rcv_wscale) {
2316 window = free_space;
2318 /* Advertise enough space so that it won't get scaled away.
2319 * Import case: prevent zero window announcement if
2320 * 1<<rcv_wscale > mss.
2322 if (((window >> tp->rx_opt.rcv_wscale) << tp->rx_opt.rcv_wscale) != window)
2323 window = (((window >> tp->rx_opt.rcv_wscale) + 1)
2324 << tp->rx_opt.rcv_wscale);
2326 /* Get the largest window that is a nice multiple of mss.
2327 * Window clamp already applied above.
2328 * If our current window offering is within 1 mss of the
2329 * free space we just keep it. This prevents the divide
2330 * and multiply from happening most of the time.
2331 * We also don't do any window rounding when the free space
2334 if (window <= free_space - mss || window > free_space)
2335 window = (free_space / mss) * mss;
2336 else if (mss == full_space &&
2337 free_space > window + (full_space >> 1))
2338 window = free_space;
2344 /* Collapses two adjacent SKB's during retransmission. */
2345 static void tcp_collapse_retrans(struct sock *sk, struct sk_buff *skb)
2347 struct tcp_sock *tp = tcp_sk(sk);
2348 struct sk_buff *next_skb = tcp_write_queue_next(sk, skb);
2349 int skb_size, next_skb_size;
2351 skb_size = skb->len;
2352 next_skb_size = next_skb->len;
2354 BUG_ON(tcp_skb_pcount(skb) != 1 || tcp_skb_pcount(next_skb) != 1);
2356 tcp_highest_sack_combine(sk, next_skb, skb);
2358 tcp_unlink_write_queue(next_skb, sk);
2360 skb_copy_from_linear_data(next_skb, skb_put(skb, next_skb_size),
2363 if (next_skb->ip_summed == CHECKSUM_PARTIAL)
2364 skb->ip_summed = CHECKSUM_PARTIAL;
2366 if (skb->ip_summed != CHECKSUM_PARTIAL)
2367 skb->csum = csum_block_add(skb->csum, next_skb->csum, skb_size);
2369 /* Update sequence range on original skb. */
2370 TCP_SKB_CB(skb)->end_seq = TCP_SKB_CB(next_skb)->end_seq;
2372 /* Merge over control information. This moves PSH/FIN etc. over */
2373 TCP_SKB_CB(skb)->tcp_flags |= TCP_SKB_CB(next_skb)->tcp_flags;
2375 /* All done, get rid of second SKB and account for it so
2376 * packet counting does not break.
2378 TCP_SKB_CB(skb)->sacked |= TCP_SKB_CB(next_skb)->sacked & TCPCB_EVER_RETRANS;
2380 /* changed transmit queue under us so clear hints */
2381 tcp_clear_retrans_hints_partial(tp);
2382 if (next_skb == tp->retransmit_skb_hint)
2383 tp->retransmit_skb_hint = skb;
2385 tcp_adjust_pcount(sk, next_skb, tcp_skb_pcount(next_skb));
2387 sk_wmem_free_skb(sk, next_skb);
2390 /* Check if coalescing SKBs is legal. */
2391 static bool tcp_can_collapse(const struct sock *sk, const struct sk_buff *skb)
2393 if (tcp_skb_pcount(skb) > 1)
2395 /* TODO: SACK collapsing could be used to remove this condition */
2396 if (skb_shinfo(skb)->nr_frags != 0)
2398 if (skb_cloned(skb))
2400 if (skb == tcp_send_head(sk))
2402 /* Some heurestics for collapsing over SACK'd could be invented */
2403 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_ACKED)
2409 /* Collapse packets in the retransmit queue to make to create
2410 * less packets on the wire. This is only done on retransmission.
2412 static void tcp_retrans_try_collapse(struct sock *sk, struct sk_buff *to,
2415 struct tcp_sock *tp = tcp_sk(sk);
2416 struct sk_buff *skb = to, *tmp;
2419 if (!sysctl_tcp_retrans_collapse)
2421 if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)
2424 tcp_for_write_queue_from_safe(skb, tmp, sk) {
2425 if (!tcp_can_collapse(sk, skb))
2437 /* Punt if not enough space exists in the first SKB for
2438 * the data in the second
2440 if (skb->len > skb_availroom(to))
2443 if (after(TCP_SKB_CB(skb)->end_seq, tcp_wnd_end(tp)))
2446 tcp_collapse_retrans(sk, to);
2450 /* This retransmits one SKB. Policy decisions and retransmit queue
2451 * state updates are done by the caller. Returns non-zero if an
2452 * error occurred which prevented the send.
2454 int __tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb)
2456 struct tcp_sock *tp = tcp_sk(sk);
2457 struct inet_connection_sock *icsk = inet_csk(sk);
2458 unsigned int cur_mss;
2461 /* Inconslusive MTU probe */
2462 if (icsk->icsk_mtup.probe_size) {
2463 icsk->icsk_mtup.probe_size = 0;
2466 /* Do not sent more than we queued. 1/4 is reserved for possible
2467 * copying overhead: fragmentation, tunneling, mangling etc.
2469 if (atomic_read(&sk->sk_wmem_alloc) >
2470 min(sk->sk_wmem_queued + (sk->sk_wmem_queued >> 2), sk->sk_sndbuf))
2473 if (skb_still_in_host_queue(sk, skb))
2476 if (before(TCP_SKB_CB(skb)->seq, tp->snd_una)) {
2477 if (before(TCP_SKB_CB(skb)->end_seq, tp->snd_una))
2479 if (tcp_trim_head(sk, skb, tp->snd_una - TCP_SKB_CB(skb)->seq))
2483 if (inet_csk(sk)->icsk_af_ops->rebuild_header(sk))
2484 return -EHOSTUNREACH; /* Routing failure or similar. */
2486 cur_mss = tcp_current_mss(sk);
2488 /* If receiver has shrunk his window, and skb is out of
2489 * new window, do not retransmit it. The exception is the
2490 * case, when window is shrunk to zero. In this case
2491 * our retransmit serves as a zero window probe.
2493 if (!before(TCP_SKB_CB(skb)->seq, tcp_wnd_end(tp)) &&
2494 TCP_SKB_CB(skb)->seq != tp->snd_una)
2497 if (skb->len > cur_mss) {
2498 if (tcp_fragment(sk, skb, cur_mss, cur_mss, GFP_ATOMIC))
2499 return -ENOMEM; /* We'll try again later. */
2501 int oldpcount = tcp_skb_pcount(skb);
2503 if (unlikely(oldpcount > 1)) {
2504 if (skb_unclone(skb, GFP_ATOMIC))
2506 tcp_init_tso_segs(sk, skb, cur_mss);
2507 tcp_adjust_pcount(sk, skb, oldpcount - tcp_skb_pcount(skb));
2511 tcp_retrans_try_collapse(sk, skb, cur_mss);
2513 /* Make a copy, if the first transmission SKB clone we made
2514 * is still in somebody's hands, else make a clone.
2517 /* make sure skb->data is aligned on arches that require it
2518 * and check if ack-trimming & collapsing extended the headroom
2519 * beyond what csum_start can cover.
2521 if (unlikely((NET_IP_ALIGN && ((unsigned long)skb->data & 3)) ||
2522 skb_headroom(skb) >= 0xFFFF)) {
2523 struct sk_buff *nskb = __pskb_copy(skb, MAX_TCP_HEADER,
2525 err = nskb ? tcp_transmit_skb(sk, nskb, 0, GFP_ATOMIC) :
2528 err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC);
2532 TCP_SKB_CB(skb)->sacked |= TCPCB_EVER_RETRANS;
2533 /* Update global TCP statistics. */
2534 TCP_INC_STATS(sock_net(sk), TCP_MIB_RETRANSSEGS);
2535 if (TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)
2536 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPSYNRETRANS);
2537 tp->total_retrans++;
2542 int tcp_retransmit_skb(struct sock *sk, struct sk_buff *skb)
2544 struct tcp_sock *tp = tcp_sk(sk);
2545 int err = __tcp_retransmit_skb(sk, skb);
2548 #if FASTRETRANS_DEBUG > 0
2549 if (TCP_SKB_CB(skb)->sacked & TCPCB_SACKED_RETRANS) {
2550 net_dbg_ratelimited("retrans_out leaked\n");
2553 if (!tp->retrans_out)
2554 tp->lost_retrans_low = tp->snd_nxt;
2555 TCP_SKB_CB(skb)->sacked |= TCPCB_RETRANS;
2556 tp->retrans_out += tcp_skb_pcount(skb);
2558 /* Save stamp of the first retransmit. */
2559 if (!tp->retrans_stamp)
2560 tp->retrans_stamp = tcp_skb_timestamp(skb);
2562 /* snd_nxt is stored to detect loss of retransmitted segment,
2563 * see tcp_input.c tcp_sacktag_write_queue().
2565 TCP_SKB_CB(skb)->ack_seq = tp->snd_nxt;
2566 } else if (err != -EBUSY) {
2567 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPRETRANSFAIL);
2570 if (tp->undo_retrans < 0)
2571 tp->undo_retrans = 0;
2572 tp->undo_retrans += tcp_skb_pcount(skb);
2576 /* Check if we forward retransmits are possible in the current
2577 * window/congestion state.
2579 static bool tcp_can_forward_retransmit(struct sock *sk)
2581 const struct inet_connection_sock *icsk = inet_csk(sk);
2582 const struct tcp_sock *tp = tcp_sk(sk);
2584 /* Forward retransmissions are possible only during Recovery. */
2585 if (icsk->icsk_ca_state != TCP_CA_Recovery)
2588 /* No forward retransmissions in Reno are possible. */
2589 if (tcp_is_reno(tp))
2592 /* Yeah, we have to make difficult choice between forward transmission
2593 * and retransmission... Both ways have their merits...
2595 * For now we do not retransmit anything, while we have some new
2596 * segments to send. In the other cases, follow rule 3 for
2597 * NextSeg() specified in RFC3517.
2600 if (tcp_may_send_now(sk))
2606 /* This gets called after a retransmit timeout, and the initially
2607 * retransmitted data is acknowledged. It tries to continue
2608 * resending the rest of the retransmit queue, until either
2609 * we've sent it all or the congestion window limit is reached.
2610 * If doing SACK, the first ACK which comes back for a timeout
2611 * based retransmit packet might feed us FACK information again.
2612 * If so, we use it to avoid unnecessarily retransmissions.
2614 void tcp_xmit_retransmit_queue(struct sock *sk)
2616 const struct inet_connection_sock *icsk = inet_csk(sk);
2617 struct tcp_sock *tp = tcp_sk(sk);
2618 struct sk_buff *skb;
2619 struct sk_buff *hole = NULL;
2622 int fwd_rexmitting = 0;
2624 if (!tp->packets_out)
2628 tp->retransmit_high = tp->snd_una;
2630 if (tp->retransmit_skb_hint) {
2631 skb = tp->retransmit_skb_hint;
2632 last_lost = TCP_SKB_CB(skb)->end_seq;
2633 if (after(last_lost, tp->retransmit_high))
2634 last_lost = tp->retransmit_high;
2636 skb = tcp_write_queue_head(sk);
2637 last_lost = tp->snd_una;
2640 tcp_for_write_queue_from(skb, sk) {
2641 __u8 sacked = TCP_SKB_CB(skb)->sacked;
2643 if (skb == tcp_send_head(sk))
2645 /* we could do better than to assign each time */
2647 tp->retransmit_skb_hint = skb;
2649 /* Assume this retransmit will generate
2650 * only one packet for congestion window
2651 * calculation purposes. This works because
2652 * tcp_retransmit_skb() will chop up the
2653 * packet to be MSS sized and all the
2654 * packet counting works out.
2656 if (tcp_packets_in_flight(tp) >= tp->snd_cwnd)
2659 if (fwd_rexmitting) {
2661 if (!before(TCP_SKB_CB(skb)->seq, tcp_highest_sack_seq(tp)))
2663 mib_idx = LINUX_MIB_TCPFORWARDRETRANS;
2665 } else if (!before(TCP_SKB_CB(skb)->seq, tp->retransmit_high)) {
2666 tp->retransmit_high = last_lost;
2667 if (!tcp_can_forward_retransmit(sk))
2669 /* Backtrack if necessary to non-L'ed skb */
2677 } else if (!(sacked & TCPCB_LOST)) {
2678 if (hole == NULL && !(sacked & (TCPCB_SACKED_RETRANS|TCPCB_SACKED_ACKED)))
2683 last_lost = TCP_SKB_CB(skb)->end_seq;
2684 if (icsk->icsk_ca_state != TCP_CA_Loss)
2685 mib_idx = LINUX_MIB_TCPFASTRETRANS;
2687 mib_idx = LINUX_MIB_TCPSLOWSTARTRETRANS;
2690 if (sacked & (TCPCB_SACKED_ACKED|TCPCB_SACKED_RETRANS))
2693 if (tcp_retransmit_skb(sk, skb))
2696 NET_INC_STATS_BH(sock_net(sk), mib_idx);
2698 if (tcp_in_cwnd_reduction(sk))
2699 tp->prr_out += tcp_skb_pcount(skb);
2701 if (skb == tcp_write_queue_head(sk))
2702 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
2703 inet_csk(sk)->icsk_rto,
2708 /* Send a fin. The caller locks the socket for us. This cannot be
2709 * allowed to fail queueing a FIN frame under any circumstances.
2711 void tcp_send_fin(struct sock *sk)
2713 struct tcp_sock *tp = tcp_sk(sk);
2714 struct sk_buff *skb = tcp_write_queue_tail(sk);
2717 /* Optimization, tack on the FIN if we have a queue of
2718 * unsent frames. But be careful about outgoing SACKS
2721 mss_now = tcp_current_mss(sk);
2723 if (tcp_send_head(sk) != NULL) {
2724 TCP_SKB_CB(skb)->tcp_flags |= TCPHDR_FIN;
2725 TCP_SKB_CB(skb)->end_seq++;
2728 /* Socket is locked, keep trying until memory is available. */
2730 skb = alloc_skb_fclone(MAX_TCP_HEADER,
2737 /* Reserve space for headers and prepare control bits. */
2738 skb_reserve(skb, MAX_TCP_HEADER);
2739 /* FIN eats a sequence byte, write_seq advanced by tcp_queue_skb(). */
2740 tcp_init_nondata_skb(skb, tp->write_seq,
2741 TCPHDR_ACK | TCPHDR_FIN);
2742 tcp_queue_skb(sk, skb);
2744 __tcp_push_pending_frames(sk, mss_now, TCP_NAGLE_OFF);
2747 /* We get here when a process closes a file descriptor (either due to
2748 * an explicit close() or as a byproduct of exit()'ing) and there
2749 * was unread data in the receive queue. This behavior is recommended
2750 * by RFC 2525, section 2.17. -DaveM
2752 void tcp_send_active_reset(struct sock *sk, gfp_t priority)
2754 struct sk_buff *skb;
2756 /* NOTE: No TCP options attached and we never retransmit this. */
2757 skb = alloc_skb(MAX_TCP_HEADER, priority);
2759 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTFAILED);
2763 /* Reserve space for headers and prepare control bits. */
2764 skb_reserve(skb, MAX_TCP_HEADER);
2765 tcp_init_nondata_skb(skb, tcp_acceptable_seq(sk),
2766 TCPHDR_ACK | TCPHDR_RST);
2768 if (tcp_transmit_skb(sk, skb, 0, priority))
2769 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPABORTFAILED);
2771 TCP_INC_STATS(sock_net(sk), TCP_MIB_OUTRSTS);
2774 /* Send a crossed SYN-ACK during socket establishment.
2775 * WARNING: This routine must only be called when we have already sent
2776 * a SYN packet that crossed the incoming SYN that caused this routine
2777 * to get called. If this assumption fails then the initial rcv_wnd
2778 * and rcv_wscale values will not be correct.
2780 int tcp_send_synack(struct sock *sk)
2782 struct sk_buff *skb;
2784 skb = tcp_write_queue_head(sk);
2785 if (skb == NULL || !(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_SYN)) {
2786 pr_debug("%s: wrong queue state\n", __func__);
2789 if (!(TCP_SKB_CB(skb)->tcp_flags & TCPHDR_ACK)) {
2790 if (skb_cloned(skb)) {
2791 struct sk_buff *nskb = skb_copy(skb, GFP_ATOMIC);
2794 tcp_unlink_write_queue(skb, sk);
2795 __skb_header_release(nskb);
2796 __tcp_add_write_queue_head(sk, nskb);
2797 sk_wmem_free_skb(sk, skb);
2798 sk->sk_wmem_queued += nskb->truesize;
2799 sk_mem_charge(sk, nskb->truesize);
2803 TCP_SKB_CB(skb)->tcp_flags |= TCPHDR_ACK;
2804 tcp_ecn_send_synack(sk, skb);
2806 return tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC);
2810 * tcp_make_synack - Prepare a SYN-ACK.
2811 * sk: listener socket
2812 * dst: dst entry attached to the SYNACK
2813 * req: request_sock pointer
2815 * Allocate one skb and build a SYNACK packet.
2816 * @dst is consumed : Caller should not use it again.
2818 struct sk_buff *tcp_make_synack(struct sock *sk, struct dst_entry *dst,
2819 struct request_sock *req,
2820 struct tcp_fastopen_cookie *foc)
2822 struct tcp_out_options opts;
2823 struct inet_request_sock *ireq = inet_rsk(req);
2824 struct tcp_sock *tp = tcp_sk(sk);
2826 struct sk_buff *skb;
2827 struct tcp_md5sig_key *md5;
2828 int tcp_header_size;
2831 skb = sock_wmalloc(sk, MAX_TCP_HEADER, 1, GFP_ATOMIC);
2832 if (unlikely(!skb)) {
2836 /* Reserve space for headers. */
2837 skb_reserve(skb, MAX_TCP_HEADER);
2839 skb_dst_set(skb, dst);
2840 security_skb_owned_by(skb, sk);
2842 mss = dst_metric_advmss(dst);
2843 if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < mss)
2844 mss = tp->rx_opt.user_mss;
2846 memset(&opts, 0, sizeof(opts));
2847 #ifdef CONFIG_SYN_COOKIES
2848 if (unlikely(req->cookie_ts))
2849 skb->skb_mstamp.stamp_jiffies = cookie_init_timestamp(req);
2852 skb_mstamp_get(&skb->skb_mstamp);
2853 tcp_header_size = tcp_synack_options(sk, req, mss, skb, &opts, &md5,
2856 skb_push(skb, tcp_header_size);
2857 skb_reset_transport_header(skb);
2860 memset(th, 0, sizeof(struct tcphdr));
2863 tcp_ecn_make_synack(req, th, sk);
2864 th->source = htons(ireq->ir_num);
2865 th->dest = ireq->ir_rmt_port;
2866 /* Setting of flags are superfluous here for callers (and ECE is
2867 * not even correctly set)
2869 tcp_init_nondata_skb(skb, tcp_rsk(req)->snt_isn,
2870 TCPHDR_SYN | TCPHDR_ACK);
2872 th->seq = htonl(TCP_SKB_CB(skb)->seq);
2873 /* XXX data is queued and acked as is. No buffer/window check */
2874 th->ack_seq = htonl(tcp_rsk(req)->rcv_nxt);
2876 /* RFC1323: The window in SYN & SYN/ACK segments is never scaled. */
2877 th->window = htons(min(req->rcv_wnd, 65535U));
2878 tcp_options_write((__be32 *)(th + 1), tp, &opts);
2879 th->doff = (tcp_header_size >> 2);
2880 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_OUTSEGS);
2882 #ifdef CONFIG_TCP_MD5SIG
2883 /* Okay, we have all we need - do the md5 hash if needed */
2885 tcp_rsk(req)->af_specific->calc_md5_hash(opts.hash_location,
2886 md5, NULL, req, skb);
2892 EXPORT_SYMBOL(tcp_make_synack);
2894 /* Do all connect socket setups that can be done AF independent. */
2895 static void tcp_connect_init(struct sock *sk)
2897 const struct dst_entry *dst = __sk_dst_get(sk);
2898 struct tcp_sock *tp = tcp_sk(sk);
2901 /* We'll fix this up when we get a response from the other end.
2902 * See tcp_input.c:tcp_rcv_state_process case TCP_SYN_SENT.
2904 tp->tcp_header_len = sizeof(struct tcphdr) +
2905 (sysctl_tcp_timestamps ? TCPOLEN_TSTAMP_ALIGNED : 0);
2907 #ifdef CONFIG_TCP_MD5SIG
2908 if (tp->af_specific->md5_lookup(sk, sk) != NULL)
2909 tp->tcp_header_len += TCPOLEN_MD5SIG_ALIGNED;
2912 /* If user gave his TCP_MAXSEG, record it to clamp */
2913 if (tp->rx_opt.user_mss)
2914 tp->rx_opt.mss_clamp = tp->rx_opt.user_mss;
2917 tcp_sync_mss(sk, dst_mtu(dst));
2919 if (!tp->window_clamp)
2920 tp->window_clamp = dst_metric(dst, RTAX_WINDOW);
2921 tp->advmss = dst_metric_advmss(dst);
2922 if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < tp->advmss)
2923 tp->advmss = tp->rx_opt.user_mss;
2925 tcp_initialize_rcv_mss(sk);
2927 /* limit the window selection if the user enforce a smaller rx buffer */
2928 if (sk->sk_userlocks & SOCK_RCVBUF_LOCK &&
2929 (tp->window_clamp > tcp_full_space(sk) || tp->window_clamp == 0))
2930 tp->window_clamp = tcp_full_space(sk);
2932 tcp_select_initial_window(tcp_full_space(sk),
2933 tp->advmss - (tp->rx_opt.ts_recent_stamp ? tp->tcp_header_len - sizeof(struct tcphdr) : 0),
2936 sysctl_tcp_window_scaling,
2938 dst_metric(dst, RTAX_INITRWND));
2940 tp->rx_opt.rcv_wscale = rcv_wscale;
2941 tp->rcv_ssthresh = tp->rcv_wnd;
2944 sock_reset_flag(sk, SOCK_DONE);
2947 tp->snd_una = tp->write_seq;
2948 tp->snd_sml = tp->write_seq;
2949 tp->snd_up = tp->write_seq;
2950 tp->snd_nxt = tp->write_seq;
2952 if (likely(!tp->repair))
2955 tp->rcv_tstamp = tcp_time_stamp;
2956 tp->rcv_wup = tp->rcv_nxt;
2957 tp->copied_seq = tp->rcv_nxt;
2959 inet_csk(sk)->icsk_rto = TCP_TIMEOUT_INIT;
2960 inet_csk(sk)->icsk_retransmits = 0;
2961 tcp_clear_retrans(tp);
2964 static void tcp_connect_queue_skb(struct sock *sk, struct sk_buff *skb)
2966 struct tcp_sock *tp = tcp_sk(sk);
2967 struct tcp_skb_cb *tcb = TCP_SKB_CB(skb);
2969 tcb->end_seq += skb->len;
2970 __skb_header_release(skb);
2971 __tcp_add_write_queue_tail(sk, skb);
2972 sk->sk_wmem_queued += skb->truesize;
2973 sk_mem_charge(sk, skb->truesize);
2974 tp->write_seq = tcb->end_seq;
2975 tp->packets_out += tcp_skb_pcount(skb);
2978 /* Build and send a SYN with data and (cached) Fast Open cookie. However,
2979 * queue a data-only packet after the regular SYN, such that regular SYNs
2980 * are retransmitted on timeouts. Also if the remote SYN-ACK acknowledges
2981 * only the SYN sequence, the data are retransmitted in the first ACK.
2982 * If cookie is not cached or other error occurs, falls back to send a
2983 * regular SYN with Fast Open cookie request option.
2985 static int tcp_send_syn_data(struct sock *sk, struct sk_buff *syn)
2987 struct tcp_sock *tp = tcp_sk(sk);
2988 struct tcp_fastopen_request *fo = tp->fastopen_req;
2989 int syn_loss = 0, space, i, err = 0, iovlen = fo->data->msg_iovlen;
2990 struct sk_buff *syn_data = NULL, *data;
2991 unsigned long last_syn_loss = 0;
2993 tp->rx_opt.mss_clamp = tp->advmss; /* If MSS is not cached */
2994 tcp_fastopen_cache_get(sk, &tp->rx_opt.mss_clamp, &fo->cookie,
2995 &syn_loss, &last_syn_loss);
2996 /* Recurring FO SYN losses: revert to regular handshake temporarily */
2998 time_before(jiffies, last_syn_loss + (60*HZ << syn_loss))) {
2999 fo->cookie.len = -1;
3003 if (sysctl_tcp_fastopen & TFO_CLIENT_NO_COOKIE)
3004 fo->cookie.len = -1;
3005 else if (fo->cookie.len <= 0)
3008 /* MSS for SYN-data is based on cached MSS and bounded by PMTU and
3009 * user-MSS. Reserve maximum option space for middleboxes that add
3010 * private TCP options. The cost is reduced data space in SYN :(
3012 if (tp->rx_opt.user_mss && tp->rx_opt.user_mss < tp->rx_opt.mss_clamp)
3013 tp->rx_opt.mss_clamp = tp->rx_opt.user_mss;
3014 space = __tcp_mtu_to_mss(sk, inet_csk(sk)->icsk_pmtu_cookie) -
3015 MAX_TCP_OPTION_SPACE;
3017 space = min_t(size_t, space, fo->size);
3019 /* limit to order-0 allocations */
3020 space = min_t(size_t, space, SKB_MAX_HEAD(MAX_TCP_HEADER));
3022 syn_data = skb_copy_expand(syn, MAX_TCP_HEADER, space,
3024 if (syn_data == NULL)
3027 for (i = 0; i < iovlen && syn_data->len < space; ++i) {
3028 struct iovec *iov = &fo->data->msg_iov[i];
3029 unsigned char __user *from = iov->iov_base;
3030 int len = iov->iov_len;
3032 if (syn_data->len + len > space)
3033 len = space - syn_data->len;
3034 else if (i + 1 == iovlen)
3035 /* No more data pending in inet_wait_for_connect() */
3038 if (skb_add_data(syn_data, from, len))
3042 /* Queue a data-only packet after the regular SYN for retransmission */
3043 data = pskb_copy(syn_data, sk->sk_allocation);
3046 TCP_SKB_CB(data)->seq++;
3047 TCP_SKB_CB(data)->tcp_flags &= ~TCPHDR_SYN;
3048 TCP_SKB_CB(data)->tcp_flags = (TCPHDR_ACK|TCPHDR_PSH);
3049 tcp_connect_queue_skb(sk, data);
3050 fo->copied = data->len;
3052 /* syn_data is about to be sent, we need to take current time stamps
3053 * for the packets that are in write queue : SYN packet and DATA
3055 skb_mstamp_get(&syn->skb_mstamp);
3056 data->skb_mstamp = syn->skb_mstamp;
3058 if (tcp_transmit_skb(sk, syn_data, 0, sk->sk_allocation) == 0) {
3059 tp->syn_data = (fo->copied > 0);
3060 NET_INC_STATS(sock_net(sk), LINUX_MIB_TCPORIGDATASENT);
3066 /* Send a regular SYN with Fast Open cookie request option */
3067 if (fo->cookie.len > 0)
3069 err = tcp_transmit_skb(sk, syn, 1, sk->sk_allocation);
3071 tp->syn_fastopen = 0;
3072 kfree_skb(syn_data);
3074 fo->cookie.len = -1; /* Exclude Fast Open option for SYN retries */
3078 /* Build a SYN and send it off. */
3079 int tcp_connect(struct sock *sk)
3081 struct tcp_sock *tp = tcp_sk(sk);
3082 struct sk_buff *buff;
3085 tcp_connect_init(sk);
3087 if (unlikely(tp->repair)) {
3088 tcp_finish_connect(sk, NULL);
3092 buff = alloc_skb_fclone(MAX_TCP_HEADER + 15, sk->sk_allocation);
3093 if (unlikely(buff == NULL))
3096 /* Reserve space for headers. */
3097 skb_reserve(buff, MAX_TCP_HEADER);
3099 tcp_init_nondata_skb(buff, tp->write_seq++, TCPHDR_SYN);
3100 tp->retrans_stamp = tcp_time_stamp;
3101 tcp_connect_queue_skb(sk, buff);
3102 tcp_ecn_send_syn(sk, buff);
3104 /* Send off SYN; include data in Fast Open. */
3105 err = tp->fastopen_req ? tcp_send_syn_data(sk, buff) :
3106 tcp_transmit_skb(sk, buff, 1, sk->sk_allocation);
3107 if (err == -ECONNREFUSED)
3110 /* We change tp->snd_nxt after the tcp_transmit_skb() call
3111 * in order to make this packet get counted in tcpOutSegs.
3113 tp->snd_nxt = tp->write_seq;
3114 tp->pushed_seq = tp->write_seq;
3115 TCP_INC_STATS(sock_net(sk), TCP_MIB_ACTIVEOPENS);
3117 /* Timer for repeating the SYN until an answer. */
3118 inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
3119 inet_csk(sk)->icsk_rto, TCP_RTO_MAX);
3122 EXPORT_SYMBOL(tcp_connect);
3124 /* Send out a delayed ack, the caller does the policy checking
3125 * to see if we should even be here. See tcp_input.c:tcp_ack_snd_check()
3128 void tcp_send_delayed_ack(struct sock *sk)
3130 struct inet_connection_sock *icsk = inet_csk(sk);
3131 int ato = icsk->icsk_ack.ato;
3132 unsigned long timeout;
3134 tcp_ca_event(sk, CA_EVENT_DELAYED_ACK);
3136 if (ato > TCP_DELACK_MIN) {
3137 const struct tcp_sock *tp = tcp_sk(sk);
3138 int max_ato = HZ / 2;
3140 if (icsk->icsk_ack.pingpong ||
3141 (icsk->icsk_ack.pending & ICSK_ACK_PUSHED))
3142 max_ato = TCP_DELACK_MAX;
3144 /* Slow path, intersegment interval is "high". */
3146 /* If some rtt estimate is known, use it to bound delayed ack.
3147 * Do not use inet_csk(sk)->icsk_rto here, use results of rtt measurements
3151 int rtt = max_t(int, usecs_to_jiffies(tp->srtt_us >> 3),
3158 ato = min(ato, max_ato);
3161 /* Stay within the limit we were given */
3162 timeout = jiffies + ato;
3164 /* Use new timeout only if there wasn't a older one earlier. */
3165 if (icsk->icsk_ack.pending & ICSK_ACK_TIMER) {
3166 /* If delack timer was blocked or is about to expire,
3169 if (icsk->icsk_ack.blocked ||
3170 time_before_eq(icsk->icsk_ack.timeout, jiffies + (ato >> 2))) {
3175 if (!time_before(timeout, icsk->icsk_ack.timeout))
3176 timeout = icsk->icsk_ack.timeout;
3178 icsk->icsk_ack.pending |= ICSK_ACK_SCHED | ICSK_ACK_TIMER;
3179 icsk->icsk_ack.timeout = timeout;
3180 sk_reset_timer(sk, &icsk->icsk_delack_timer, timeout);
3183 /* This routine sends an ack and also updates the window. */
3184 void tcp_send_ack(struct sock *sk)
3186 struct sk_buff *buff;
3188 /* If we have been reset, we may not send again. */
3189 if (sk->sk_state == TCP_CLOSE)
3192 tcp_ca_event(sk, CA_EVENT_NON_DELAYED_ACK);
3194 /* We are not putting this on the write queue, so
3195 * tcp_transmit_skb() will set the ownership to this
3198 buff = alloc_skb(MAX_TCP_HEADER, sk_gfp_atomic(sk, GFP_ATOMIC));
3200 inet_csk_schedule_ack(sk);
3201 inet_csk(sk)->icsk_ack.ato = TCP_ATO_MIN;
3202 inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK,
3203 TCP_DELACK_MAX, TCP_RTO_MAX);
3207 /* Reserve space for headers and prepare control bits. */
3208 skb_reserve(buff, MAX_TCP_HEADER);
3209 tcp_init_nondata_skb(buff, tcp_acceptable_seq(sk), TCPHDR_ACK);
3211 /* Send it off, this clears delayed acks for us. */
3212 skb_mstamp_get(&buff->skb_mstamp);
3213 tcp_transmit_skb(sk, buff, 0, sk_gfp_atomic(sk, GFP_ATOMIC));
3215 EXPORT_SYMBOL_GPL(tcp_send_ack);
3217 /* This routine sends a packet with an out of date sequence
3218 * number. It assumes the other end will try to ack it.
3220 * Question: what should we make while urgent mode?
3221 * 4.4BSD forces sending single byte of data. We cannot send
3222 * out of window data, because we have SND.NXT==SND.MAX...
3224 * Current solution: to send TWO zero-length segments in urgent mode:
3225 * one is with SEG.SEQ=SND.UNA to deliver urgent pointer, another is
3226 * out-of-date with SND.UNA-1 to probe window.
3228 static int tcp_xmit_probe_skb(struct sock *sk, int urgent)
3230 struct tcp_sock *tp = tcp_sk(sk);
3231 struct sk_buff *skb;
3233 /* We don't queue it, tcp_transmit_skb() sets ownership. */
3234 skb = alloc_skb(MAX_TCP_HEADER, sk_gfp_atomic(sk, GFP_ATOMIC));
3238 /* Reserve space for headers and set control bits. */
3239 skb_reserve(skb, MAX_TCP_HEADER);
3240 /* Use a previous sequence. This should cause the other
3241 * end to send an ack. Don't queue or clone SKB, just
3244 tcp_init_nondata_skb(skb, tp->snd_una - !urgent, TCPHDR_ACK);
3245 skb_mstamp_get(&skb->skb_mstamp);
3246 return tcp_transmit_skb(sk, skb, 0, GFP_ATOMIC);
3249 void tcp_send_window_probe(struct sock *sk)
3251 if (sk->sk_state == TCP_ESTABLISHED) {
3252 tcp_sk(sk)->snd_wl1 = tcp_sk(sk)->rcv_nxt - 1;
3253 tcp_xmit_probe_skb(sk, 0);
3257 /* Initiate keepalive or window probe from timer. */
3258 int tcp_write_wakeup(struct sock *sk)
3260 struct tcp_sock *tp = tcp_sk(sk);
3261 struct sk_buff *skb;
3263 if (sk->sk_state == TCP_CLOSE)
3266 if ((skb = tcp_send_head(sk)) != NULL &&
3267 before(TCP_SKB_CB(skb)->seq, tcp_wnd_end(tp))) {
3269 unsigned int mss = tcp_current_mss(sk);
3270 unsigned int seg_size = tcp_wnd_end(tp) - TCP_SKB_CB(skb)->seq;
3272 if (before(tp->pushed_seq, TCP_SKB_CB(skb)->end_seq))
3273 tp->pushed_seq = TCP_SKB_CB(skb)->end_seq;
3275 /* We are probing the opening of a window
3276 * but the window size is != 0
3277 * must have been a result SWS avoidance ( sender )
3279 if (seg_size < TCP_SKB_CB(skb)->end_seq - TCP_SKB_CB(skb)->seq ||
3281 seg_size = min(seg_size, mss);
3282 TCP_SKB_CB(skb)->tcp_flags |= TCPHDR_PSH;
3283 if (tcp_fragment(sk, skb, seg_size, mss, GFP_ATOMIC))
3285 } else if (!tcp_skb_pcount(skb))
3286 tcp_set_skb_tso_segs(sk, skb, mss);
3288 TCP_SKB_CB(skb)->tcp_flags |= TCPHDR_PSH;
3289 err = tcp_transmit_skb(sk, skb, 1, GFP_ATOMIC);
3291 tcp_event_new_data_sent(sk, skb);
3294 if (between(tp->snd_up, tp->snd_una + 1, tp->snd_una + 0xFFFF))
3295 tcp_xmit_probe_skb(sk, 1);
3296 return tcp_xmit_probe_skb(sk, 0);
3300 /* A window probe timeout has occurred. If window is not closed send
3301 * a partial packet else a zero probe.
3303 void tcp_send_probe0(struct sock *sk)
3305 struct inet_connection_sock *icsk = inet_csk(sk);
3306 struct tcp_sock *tp = tcp_sk(sk);
3307 unsigned long probe_max;
3310 err = tcp_write_wakeup(sk);
3312 if (tp->packets_out || !tcp_send_head(sk)) {
3313 /* Cancel probe timer, if it is not required. */
3314 icsk->icsk_probes_out = 0;
3315 icsk->icsk_backoff = 0;
3320 if (icsk->icsk_backoff < sysctl_tcp_retries2)
3321 icsk->icsk_backoff++;
3322 icsk->icsk_probes_out++;
3323 probe_max = TCP_RTO_MAX;
3325 /* If packet was not sent due to local congestion,
3326 * do not backoff and do not remember icsk_probes_out.
3327 * Let local senders to fight for local resources.
3329 * Use accumulated backoff yet.
3331 if (!icsk->icsk_probes_out)
3332 icsk->icsk_probes_out = 1;
3333 probe_max = TCP_RESOURCE_PROBE_INTERVAL;
3335 inet_csk_reset_xmit_timer(sk, ICSK_TIME_PROBE0,
3336 inet_csk_rto_backoff(icsk, probe_max),
3340 int tcp_rtx_synack(struct sock *sk, struct request_sock *req)
3342 const struct tcp_request_sock_ops *af_ops = tcp_rsk(req)->af_specific;
3346 res = af_ops->send_synack(sk, NULL, &fl, req, 0, NULL);
3348 TCP_INC_STATS_BH(sock_net(sk), TCP_MIB_RETRANSSEGS);
3349 NET_INC_STATS_BH(sock_net(sk), LINUX_MIB_TCPSYNRETRANS);
3353 EXPORT_SYMBOL(tcp_rtx_synack);
git.openpandora.org / pandora-kernel.git / blob