1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
--- sys/netinet/tcp_input.c.orig
+++ sys/netinet/tcp_input.c
@@ -287,6 +287,20 @@
counter_u64_add(VNET(tcpstat)[statnum], val);
}
+/*
+ * Make sure that we only start a SACK loss recovery when
+ * receiving a duplicate ACK with a SACK block, and also
+ * complete SACK loss recovery in case the other end
+ * reneges.
+ */
+static bool inline
+tcp_is_sack_recovery(struct tcpcb *tp, struct tcpopt *to)
+{
+ return ((tp->t_flags & TF_SACK_PERMIT) &&
+ ((to->to_flags & TOF_SACK) ||
+ (!TAILQ_EMPTY(&tp->snd_holes))));
+}
+
#ifdef TCP_HHOOK
/*
* Wrapper for the TCP established input helper hook.
@@ -2525,9 +2539,7 @@
TCPSTAT_INC(tcps_rcvacktoomuch);
goto dropafterack;
}
- if ((tp->t_flags & TF_SACK_PERMIT) &&
- ((to.to_flags & TOF_SACK) ||
- !TAILQ_EMPTY(&tp->snd_holes)))
+ if (tcp_is_sack_recovery(tp, &to))
sack_changed = tcp_sack_doack(tp, &to, th->th_ack);
else
/*
@@ -2597,8 +2609,7 @@
* duplicating packets or a possible DoS attack.
*/
if (th->th_ack != tp->snd_una ||
- ((tp->t_flags & TF_SACK_PERMIT) &&
- (to.to_flags & TOF_SACK) &&
+ (tcp_is_sack_recovery(tp, &to) &&
!sack_changed))
break;
else if (!tcp_timer_active(tp, TT_REXMT))
@@ -2610,8 +2621,7 @@
if (V_tcp_do_prr &&
IN_FASTRECOVERY(tp->t_flags)) {
tcp_do_prr_ack(tp, th, &to);
- } else if ((tp->t_flags & TF_SACK_PERMIT) &&
- (to.to_flags & TOF_SACK) &&
+ } else if (tcp_is_sack_recovery(tp, &to) &&
IN_FASTRECOVERY(tp->t_flags)) {
int awnd;
@@ -2684,8 +2694,7 @@
* snd_ssthresh is already updated by
* cc_cong_signal.
*/
- if ((tp->t_flags & TF_SACK_PERMIT) &&
- (to.to_flags & TOF_SACK)) {
+ if (tcp_is_sack_recovery(tp, &to)) {
tp->sackhint.prr_delivered =
tp->sackhint.sacked_bytes;
} else {
@@ -2697,8 +2706,7 @@
tp->sackhint.recover_fs = max(1,
tp->snd_nxt - tp->snd_una);
}
- if ((tp->t_flags & TF_SACK_PERMIT) &&
- (to.to_flags & TOF_SACK)) {
+ if (tcp_is_sack_recovery(tp, &to)) {
TCPSTAT_INC(
tcps_sack_recovery_episode);
tp->snd_recover = tp->snd_nxt;
@@ -2790,8 +2798,7 @@
* from the left side. Such partial ACKs should not be
* counted as dupacks here.
*/
- if ((tp->t_flags & TF_SACK_PERMIT) &&
- (to.to_flags & TOF_SACK) &&
+ if (tcp_is_sack_recovery(tp, &to) &&
sack_changed) {
tp->t_dupacks++;
/* limit overhead by setting maxseg last */
@@ -3973,8 +3980,7 @@
* (del_data) and an estimate of how many bytes are in the
* network.
*/
- if (((tp->t_flags & TF_SACK_PERMIT) &&
- (to->to_flags & TOF_SACK)) ||
+ if (tcp_is_sack_recovery(tp, to) ||
(IN_CONGRECOVERY(tp->t_flags) &&
!IN_FASTRECOVERY(tp->t_flags))) {
del_data = tp->sackhint.delivered_data;
@@ -4018,8 +4024,7 @@
* accordingly.
*/
if (IN_FASTRECOVERY(tp->t_flags)) {
- if ((tp->t_flags & TF_SACK_PERMIT) &&
- (to->to_flags & TOF_SACK)) {
+ if (tcp_is_sack_recovery(tp, to)) {
tp->snd_cwnd = tp->snd_nxt - tp->snd_recover +
tp->sackhint.sack_bytes_rexmit +
(snd_cnt * maxseg);
|
