17c478bd9Sstevel@tonic-gate /*
27c478bd9Sstevel@tonic-gate  * CDDL HEADER START
37c478bd9Sstevel@tonic-gate  *
47c478bd9Sstevel@tonic-gate  * The contents of this file are subject to the terms of the
545916cd2Sjpk  * Common Development and Distribution License (the "License").
645916cd2Sjpk  * You may not use this file except in compliance with the License.
77c478bd9Sstevel@tonic-gate  *
87c478bd9Sstevel@tonic-gate  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
97c478bd9Sstevel@tonic-gate  * or http://www.opensolaris.org/os/licensing.
107c478bd9Sstevel@tonic-gate  * See the License for the specific language governing permissions
117c478bd9Sstevel@tonic-gate  * and limitations under the License.
127c478bd9Sstevel@tonic-gate  *
137c478bd9Sstevel@tonic-gate  * When distributing Covered Code, include this CDDL HEADER in each
147c478bd9Sstevel@tonic-gate  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
157c478bd9Sstevel@tonic-gate  * If applicable, add the following below this CDDL HEADER, with the
167c478bd9Sstevel@tonic-gate  * fields enclosed by brackets "[]" replaced with your own identifying
177c478bd9Sstevel@tonic-gate  * information: Portions Copyright [yyyy] [name of copyright owner]
187c478bd9Sstevel@tonic-gate  *
197c478bd9Sstevel@tonic-gate  * CDDL HEADER END
207c478bd9Sstevel@tonic-gate  */
2177c67f2fSkcpoon 
227c478bd9Sstevel@tonic-gate /*
23fd7b5aedSGeorge Shepherd  * Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
247c478bd9Sstevel@tonic-gate  */
257c478bd9Sstevel@tonic-gate 
267c478bd9Sstevel@tonic-gate #include <sys/types.h>
277c478bd9Sstevel@tonic-gate #include <sys/systm.h>
287c478bd9Sstevel@tonic-gate #include <sys/stream.h>
297c478bd9Sstevel@tonic-gate #include <sys/cmn_err.h>
307c478bd9Sstevel@tonic-gate #define	_SUN_TPI_VERSION 2
317c478bd9Sstevel@tonic-gate #include <sys/tihdr.h>
327c478bd9Sstevel@tonic-gate #include <sys/socket.h>
337c478bd9Sstevel@tonic-gate #include <sys/stropts.h>
347c478bd9Sstevel@tonic-gate #include <sys/strsun.h>
357c478bd9Sstevel@tonic-gate #include <sys/strsubr.h>
367c478bd9Sstevel@tonic-gate #include <sys/socketvar.h>
377c478bd9Sstevel@tonic-gate #include <inet/common.h>
387c478bd9Sstevel@tonic-gate #include <inet/mi.h>
397c478bd9Sstevel@tonic-gate #include <inet/ip.h>
40bd670b35SErik Nordmark #include <inet/ip_ire.h>
417c478bd9Sstevel@tonic-gate #include <inet/ip6.h>
427c478bd9Sstevel@tonic-gate #include <inet/sctp_ip.h>
437c478bd9Sstevel@tonic-gate #include <inet/ipclassifier.h>
447c478bd9Sstevel@tonic-gate 
457c478bd9Sstevel@tonic-gate /*
467c478bd9Sstevel@tonic-gate  * PR-SCTP comments.
477c478bd9Sstevel@tonic-gate  *
487c478bd9Sstevel@tonic-gate  * A message can expire before it gets to the transmit list (i.e. it is still
497c478bd9Sstevel@tonic-gate  * in the unsent list - unchunked), after it gets to the transmit list, but
507c478bd9Sstevel@tonic-gate  * before transmission has actually started, or after transmission has begun.
517c478bd9Sstevel@tonic-gate  * Accordingly, we check for the status of a message in sctp_chunkify() when
527c478bd9Sstevel@tonic-gate  * the message is being transferred from the unsent list to the transmit list;
537c478bd9Sstevel@tonic-gate  * in sctp_get_msg_to_send(), when we get the next chunk from the transmit
547c478bd9Sstevel@tonic-gate  * list and in sctp_rexmit() when we get the next chunk to be (re)transmitted.
557c478bd9Sstevel@tonic-gate  * When we nuke a message in sctp_chunkify(), all we need to do is take it
567c478bd9Sstevel@tonic-gate  * out of the unsent list and update sctp_unsent; when a message is deemed
577c478bd9Sstevel@tonic-gate  * timed-out in sctp_get_msg_to_send() we can just take it out of the transmit
587c478bd9Sstevel@tonic-gate  * list, update sctp_unsent IFF transmission for the message has not yet begun
597c478bd9Sstevel@tonic-gate  * (i.e. !SCTP_CHUNK_ISSENT(meta->b_cont)). However, if transmission for the
607c478bd9Sstevel@tonic-gate  * message has started, then we cannot just take it out of the list, we need
617c478bd9Sstevel@tonic-gate  * to send Forward TSN chunk to the peer so that the peer can clear its
627c478bd9Sstevel@tonic-gate  * fragment list for this message. However, we cannot just send the Forward
637c478bd9Sstevel@tonic-gate  * TSN in sctp_get_msg_to_send() because there might be unacked chunks for
647c478bd9Sstevel@tonic-gate  * messages preceeding this abandoned message. So, we send a Forward TSN
657c478bd9Sstevel@tonic-gate  * IFF all messages prior to this abandoned message has been SACKd, if not
667c478bd9Sstevel@tonic-gate  * we defer sending the Forward TSN to sctp_cumack(), which will check for
677c478bd9Sstevel@tonic-gate  * this condition and send the Forward TSN via sctp_check_abandoned_msg(). In
687c478bd9Sstevel@tonic-gate  * sctp_rexmit() when we check for retransmissions, we need to determine if
697c478bd9Sstevel@tonic-gate  * the advanced peer ack point can be moved ahead, and if so, send a Forward
707c478bd9Sstevel@tonic-gate  * TSN to the peer instead of retransmitting the chunk. Note that when
717c478bd9Sstevel@tonic-gate  * we send a Forward TSN for a message, there may be yet unsent chunks for
727c478bd9Sstevel@tonic-gate  * this message; we need to mark all such chunks as abandoned, so that
737c478bd9Sstevel@tonic-gate  * sctp_cumack() can take the message out of the transmit list, additionally
747c478bd9Sstevel@tonic-gate  * sctp_unsent need to be adjusted. Whenever sctp_unsent is updated (i.e.
757c478bd9Sstevel@tonic-gate  * decremented when a message/chunk is deemed abandoned), sockfs needs to
767c478bd9Sstevel@tonic-gate  * be notified so that it can adjust its idea of the queued message.
777c478bd9Sstevel@tonic-gate  */
787c478bd9Sstevel@tonic-gate 
797c478bd9Sstevel@tonic-gate #include "sctp_impl.h"
807c478bd9Sstevel@tonic-gate 
817c478bd9Sstevel@tonic-gate static struct kmem_cache	*sctp_kmem_ftsn_set_cache;
821e109b40SNick Street static mblk_t			*sctp_chunkify(sctp_t *, int, int, int);
837c478bd9Sstevel@tonic-gate 
847c478bd9Sstevel@tonic-gate #ifdef	DEBUG
857c478bd9Sstevel@tonic-gate static boolean_t	sctp_verify_chain(mblk_t *, mblk_t *);
867c478bd9Sstevel@tonic-gate #endif
877c478bd9Sstevel@tonic-gate 
887c478bd9Sstevel@tonic-gate /*
897c478bd9Sstevel@tonic-gate  * Called to allocate a header mblk when sending data to SCTP.
907c478bd9Sstevel@tonic-gate  * Data will follow in b_cont of this mblk.
917c478bd9Sstevel@tonic-gate  */
927c478bd9Sstevel@tonic-gate mblk_t *
sctp_alloc_hdr(const char * name,int nlen,const char * control,int clen,int flags)937c478bd9Sstevel@tonic-gate sctp_alloc_hdr(const char *name, int nlen, const char *control, int clen,
947c478bd9Sstevel@tonic-gate     int flags)
957c478bd9Sstevel@tonic-gate {
967c478bd9Sstevel@tonic-gate 	mblk_t *mp;
977c478bd9Sstevel@tonic-gate 	struct T_unitdata_req *tudr;
987c478bd9Sstevel@tonic-gate 	size_t size;
997c478bd9Sstevel@tonic-gate 	int error;
1007c478bd9Sstevel@tonic-gate 
1017c478bd9Sstevel@tonic-gate 	size = sizeof (*tudr) + _TPI_ALIGN_TOPT(nlen) + clen;
1027c478bd9Sstevel@tonic-gate 	size = MAX(size, sizeof (sctp_msg_hdr_t));
1037c478bd9Sstevel@tonic-gate 	if (flags & SCTP_CAN_BLOCK) {
1047c478bd9Sstevel@tonic-gate 		mp = allocb_wait(size, BPRI_MED, 0, &error);
1057c478bd9Sstevel@tonic-gate 	} else {
1067c478bd9Sstevel@tonic-gate 		mp = allocb(size, BPRI_MED);
1077c478bd9Sstevel@tonic-gate 	}
1087c478bd9Sstevel@tonic-gate 	if (mp) {
1097c478bd9Sstevel@tonic-gate 		tudr = (struct T_unitdata_req *)mp->b_rptr;
1107c478bd9Sstevel@tonic-gate 		tudr->PRIM_type = T_UNITDATA_REQ;
1117c478bd9Sstevel@tonic-gate 		tudr->DEST_length = nlen;
1127c478bd9Sstevel@tonic-gate 		tudr->DEST_offset = sizeof (*tudr);
1137c478bd9Sstevel@tonic-gate 		tudr->OPT_length = clen;
1147c478bd9Sstevel@tonic-gate 		tudr->OPT_offset = (t_scalar_t)(sizeof (*tudr) +
1157c478bd9Sstevel@tonic-gate 		    _TPI_ALIGN_TOPT(nlen));
1167c478bd9Sstevel@tonic-gate 		if (nlen > 0)
1177c478bd9Sstevel@tonic-gate 			bcopy(name, tudr + 1, nlen);
1187c478bd9Sstevel@tonic-gate 		if (clen > 0)
1197c478bd9Sstevel@tonic-gate 			bcopy(control, (char *)tudr + tudr->OPT_offset, clen);
1207c478bd9Sstevel@tonic-gate 		mp->b_wptr += (tudr ->OPT_offset + clen);
1217c478bd9Sstevel@tonic-gate 		mp->b_datap->db_type = M_PROTO;
1227c478bd9Sstevel@tonic-gate 	}
1237c478bd9Sstevel@tonic-gate 	return (mp);
1247c478bd9Sstevel@tonic-gate }
1257c478bd9Sstevel@tonic-gate 
1267c478bd9Sstevel@tonic-gate /*ARGSUSED2*/
1277c478bd9Sstevel@tonic-gate int
sctp_sendmsg(sctp_t * sctp,mblk_t * mp,int flags)1287c478bd9Sstevel@tonic-gate sctp_sendmsg(sctp_t *sctp, mblk_t *mp, int flags)
1297c478bd9Sstevel@tonic-gate {
1307c478bd9Sstevel@tonic-gate 	sctp_faddr_t	*fp = NULL;
1317c478bd9Sstevel@tonic-gate 	struct T_unitdata_req	*tudr;
1327c478bd9Sstevel@tonic-gate 	int		error = 0;
1337c478bd9Sstevel@tonic-gate 	mblk_t		*mproto = mp;
1347c478bd9Sstevel@tonic-gate 	in6_addr_t	*addr;
1357c478bd9Sstevel@tonic-gate 	in6_addr_t	tmpaddr;
1367c478bd9Sstevel@tonic-gate 	uint16_t	sid = sctp->sctp_def_stream;
1377c478bd9Sstevel@tonic-gate 	uint32_t	ppid = sctp->sctp_def_ppid;
1387c478bd9Sstevel@tonic-gate 	uint32_t	context = sctp->sctp_def_context;
1397c478bd9Sstevel@tonic-gate 	uint16_t	msg_flags = sctp->sctp_def_flags;
1407c478bd9Sstevel@tonic-gate 	sctp_msg_hdr_t	*sctp_msg_hdr;
1417c478bd9Sstevel@tonic-gate 	uint32_t	msg_len = 0;
1427c478bd9Sstevel@tonic-gate 	uint32_t	timetolive = sctp->sctp_def_timetolive;
143bd670b35SErik Nordmark 	conn_t		*connp = sctp->sctp_connp;
1447c478bd9Sstevel@tonic-gate 
1457c478bd9Sstevel@tonic-gate 	ASSERT(DB_TYPE(mproto) == M_PROTO);
1467c478bd9Sstevel@tonic-gate 
1477c478bd9Sstevel@tonic-gate 	mp = mp->b_cont;
1487c478bd9Sstevel@tonic-gate 	ASSERT(mp == NULL || DB_TYPE(mp) == M_DATA);
1497c478bd9Sstevel@tonic-gate 
1507c478bd9Sstevel@tonic-gate 	tudr = (struct T_unitdata_req *)mproto->b_rptr;
1517c478bd9Sstevel@tonic-gate 	ASSERT(tudr->PRIM_type == T_UNITDATA_REQ);
1527c478bd9Sstevel@tonic-gate 
1537c478bd9Sstevel@tonic-gate 	/* Get destination address, if specified */
1547c478bd9Sstevel@tonic-gate 	if (tudr->DEST_length > 0) {
1557c478bd9Sstevel@tonic-gate 		sin_t *sin;
1567c478bd9Sstevel@tonic-gate 		sin6_t *sin6;
1577c478bd9Sstevel@tonic-gate 
1587c478bd9Sstevel@tonic-gate 		sin = (struct sockaddr_in *)
1597c478bd9Sstevel@tonic-gate 		    (mproto->b_rptr + tudr->DEST_offset);
1607c478bd9Sstevel@tonic-gate 		switch (sin->sin_family) {
1617c478bd9Sstevel@tonic-gate 		case AF_INET:
1627c478bd9Sstevel@tonic-gate 			if (tudr->DEST_length < sizeof (*sin)) {
1637c478bd9Sstevel@tonic-gate 				return (EINVAL);
1647c478bd9Sstevel@tonic-gate 			}
1657c478bd9Sstevel@tonic-gate 			IN6_IPADDR_TO_V4MAPPED(sin->sin_addr.s_addr, &tmpaddr);
1667c478bd9Sstevel@tonic-gate 			addr = &tmpaddr;
1677c478bd9Sstevel@tonic-gate 			break;
1687c478bd9Sstevel@tonic-gate 		case AF_INET6:
1697c478bd9Sstevel@tonic-gate 			if (tudr->DEST_length < sizeof (*sin6)) {
1707c478bd9Sstevel@tonic-gate 				return (EINVAL);
1717c478bd9Sstevel@tonic-gate 			}
1727c478bd9Sstevel@tonic-gate 			sin6 = (struct sockaddr_in6 *)
1737c478bd9Sstevel@tonic-gate 			    (mproto->b_rptr + tudr->DEST_offset);
1747c478bd9Sstevel@tonic-gate 			addr = &sin6->sin6_addr;
1757c478bd9Sstevel@tonic-gate 			break;
1767c478bd9Sstevel@tonic-gate 		default:
1777c478bd9Sstevel@tonic-gate 			return (EAFNOSUPPORT);
1787c478bd9Sstevel@tonic-gate 		}
1797c478bd9Sstevel@tonic-gate 		fp = sctp_lookup_faddr(sctp, addr);
1807c478bd9Sstevel@tonic-gate 		if (fp == NULL) {
1817c478bd9Sstevel@tonic-gate 			return (EINVAL);
1827c478bd9Sstevel@tonic-gate 		}
1837c478bd9Sstevel@tonic-gate 	}
1847c478bd9Sstevel@tonic-gate 	/* Ancillary Data? */
1857c478bd9Sstevel@tonic-gate 	if (tudr->OPT_length > 0) {
1867c478bd9Sstevel@tonic-gate 		struct cmsghdr		*cmsg;
1877c478bd9Sstevel@tonic-gate 		char			*cend;
1887c478bd9Sstevel@tonic-gate 		struct sctp_sndrcvinfo	*sndrcv;
1897c478bd9Sstevel@tonic-gate 
1907c478bd9Sstevel@tonic-gate 		cmsg = (struct cmsghdr *)(mproto->b_rptr + tudr->OPT_offset);
1917c478bd9Sstevel@tonic-gate 		cend = ((char *)cmsg + tudr->OPT_length);
1927c478bd9Sstevel@tonic-gate 		ASSERT(cend <= (char *)mproto->b_wptr);
1937c478bd9Sstevel@tonic-gate 
1947c478bd9Sstevel@tonic-gate 		for (;;) {
1957c478bd9Sstevel@tonic-gate 			if ((char *)(cmsg + 1) > cend ||
1967c478bd9Sstevel@tonic-gate 			    ((char *)cmsg + cmsg->cmsg_len) > cend) {
1977c478bd9Sstevel@tonic-gate 				break;
1987c478bd9Sstevel@tonic-gate 			}
1997c478bd9Sstevel@tonic-gate 			if ((cmsg->cmsg_level == IPPROTO_SCTP) &&
2007c478bd9Sstevel@tonic-gate 			    (cmsg->cmsg_type == SCTP_SNDRCV)) {
2017c478bd9Sstevel@tonic-gate 				if (cmsg->cmsg_len <
2027c478bd9Sstevel@tonic-gate 				    (sizeof (*sndrcv) + sizeof (*cmsg))) {
2037c478bd9Sstevel@tonic-gate 					return (EINVAL);
2047c478bd9Sstevel@tonic-gate 				}
2057c478bd9Sstevel@tonic-gate 				sndrcv = (struct sctp_sndrcvinfo *)(cmsg + 1);
2067c478bd9Sstevel@tonic-gate 				sid = sndrcv->sinfo_stream;
2077c478bd9Sstevel@tonic-gate 				msg_flags = sndrcv->sinfo_flags;
2087c478bd9Sstevel@tonic-gate 				ppid = sndrcv->sinfo_ppid;
2097c478bd9Sstevel@tonic-gate 				context = sndrcv->sinfo_context;
2107c478bd9Sstevel@tonic-gate 				timetolive = sndrcv->sinfo_timetolive;
2117c478bd9Sstevel@tonic-gate 				break;
2127c478bd9Sstevel@tonic-gate 			}
2137c478bd9Sstevel@tonic-gate 			if (cmsg->cmsg_len > 0)
2147c478bd9Sstevel@tonic-gate 				cmsg = CMSG_NEXT(cmsg);
2157c478bd9Sstevel@tonic-gate 			else
2167c478bd9Sstevel@tonic-gate 				break;
2177c478bd9Sstevel@tonic-gate 		}
2187c478bd9Sstevel@tonic-gate 	}
2197c478bd9Sstevel@tonic-gate 	if (msg_flags & MSG_ABORT) {
2207c478bd9Sstevel@tonic-gate 		if (mp && mp->b_cont) {
2217c478bd9Sstevel@tonic-gate 			mblk_t *pump = msgpullup(mp, -1);
2227c478bd9Sstevel@tonic-gate 			if (!pump) {
2237c478bd9Sstevel@tonic-gate 				return (ENOMEM);
2247c478bd9Sstevel@tonic-gate 			}
2257c478bd9Sstevel@tonic-gate 			freemsg(mp);
2267c478bd9Sstevel@tonic-gate 			mp = pump;
2277c478bd9Sstevel@tonic-gate 			mproto->b_cont = mp;
2287c478bd9Sstevel@tonic-gate 		}
2297c478bd9Sstevel@tonic-gate 		RUN_SCTP(sctp);
230e6f13f86SKacheong Poon 		sctp_user_abort(sctp, mp);
2317c478bd9Sstevel@tonic-gate 		freemsg(mproto);
232bd670b35SErik Nordmark 		goto done2;
2337c478bd9Sstevel@tonic-gate 	}
2347c478bd9Sstevel@tonic-gate 	if (mp == NULL)
2357c478bd9Sstevel@tonic-gate 		goto done;
2367c478bd9Sstevel@tonic-gate 
2377c478bd9Sstevel@tonic-gate 	RUN_SCTP(sctp);
2387c478bd9Sstevel@tonic-gate 
2397c478bd9Sstevel@tonic-gate 	/* Reject any new data requests if we are shutting down */
240b34b8d1aSkcpoon 	if (sctp->sctp_state > SCTPS_ESTABLISHED ||
241b34b8d1aSkcpoon 	    (sctp->sctp_connp->conn_state_flags & CONN_CLOSING)) {
2427c478bd9Sstevel@tonic-gate 		error = EPIPE;
2437c478bd9Sstevel@tonic-gate 		goto unlock_done;
2447c478bd9Sstevel@tonic-gate 	}
2457c478bd9Sstevel@tonic-gate 
2467c478bd9Sstevel@tonic-gate 	/* Re-use the mproto to store relevant info. */
2477c478bd9Sstevel@tonic-gate 	ASSERT(MBLKSIZE(mproto) >= sizeof (*sctp_msg_hdr));
2487c478bd9Sstevel@tonic-gate 
2497c478bd9Sstevel@tonic-gate 	mproto->b_rptr = mproto->b_datap->db_base;
2507c478bd9Sstevel@tonic-gate 	mproto->b_wptr = mproto->b_rptr + sizeof (*sctp_msg_hdr);
2517c478bd9Sstevel@tonic-gate 
2527c478bd9Sstevel@tonic-gate 	sctp_msg_hdr = (sctp_msg_hdr_t *)mproto->b_rptr;
2537c478bd9Sstevel@tonic-gate 	bzero(sctp_msg_hdr, sizeof (*sctp_msg_hdr));
2547c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_context = context;
2557c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_sid = sid;
2567c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_ppid = ppid;
2577c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_flags = msg_flags;
2587c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_ttl = MSEC_TO_TICK(timetolive);
259d3d50737SRafael Vanoni 	sctp_msg_hdr->smh_tob = ddi_get_lbolt64();
2607c478bd9Sstevel@tonic-gate 	for (; mp != NULL; mp = mp->b_cont)
2617c478bd9Sstevel@tonic-gate 		msg_len += MBLKL(mp);
2627c478bd9Sstevel@tonic-gate 	sctp_msg_hdr->smh_msglen = msg_len;
2637c478bd9Sstevel@tonic-gate 
2647c478bd9Sstevel@tonic-gate 	/* User requested specific destination */
2657c478bd9Sstevel@tonic-gate 	SCTP_SET_CHUNK_DEST(mproto, fp);
2667c478bd9Sstevel@tonic-gate 
2677c478bd9Sstevel@tonic-gate 	if (sctp->sctp_state >= SCTPS_COOKIE_ECHOED &&
2687c478bd9Sstevel@tonic-gate 	    sid >= sctp->sctp_num_ostr) {
2697c478bd9Sstevel@tonic-gate 		/* Send sendfail event */
2707c478bd9Sstevel@tonic-gate 		sctp_sendfail_event(sctp, dupmsg(mproto), SCTP_ERR_BAD_SID,
2717c478bd9Sstevel@tonic-gate 		    B_FALSE);
2727c478bd9Sstevel@tonic-gate 		error = EINVAL;
2737c478bd9Sstevel@tonic-gate 		goto unlock_done;
2747c478bd9Sstevel@tonic-gate 	}
2757c478bd9Sstevel@tonic-gate 
2767c478bd9Sstevel@tonic-gate 	/* no data */
2777c478bd9Sstevel@tonic-gate 	if (msg_len == 0) {
2787c478bd9Sstevel@tonic-gate 		sctp_sendfail_event(sctp, dupmsg(mproto),
2797c478bd9Sstevel@tonic-gate 		    SCTP_ERR_NO_USR_DATA, B_FALSE);
2807c478bd9Sstevel@tonic-gate 		error = EINVAL;
2817c478bd9Sstevel@tonic-gate 		goto unlock_done;
2827c478bd9Sstevel@tonic-gate 	}
2837c478bd9Sstevel@tonic-gate 
2847c478bd9Sstevel@tonic-gate 	/* Add it to the unsent list */
2857c478bd9Sstevel@tonic-gate 	if (sctp->sctp_xmit_unsent == NULL) {
2867c478bd9Sstevel@tonic-gate 		sctp->sctp_xmit_unsent = sctp->sctp_xmit_unsent_tail = mproto;
2877c478bd9Sstevel@tonic-gate 	} else {
2887c478bd9Sstevel@tonic-gate 		sctp->sctp_xmit_unsent_tail->b_next = mproto;
2897c478bd9Sstevel@tonic-gate 		sctp->sctp_xmit_unsent_tail = mproto;
2907c478bd9Sstevel@tonic-gate 	}
2917c478bd9Sstevel@tonic-gate 	sctp->sctp_unsent += msg_len;
2927c478bd9Sstevel@tonic-gate 	BUMP_LOCAL(sctp->sctp_msgcount);
2930f1702c5SYu Xiangning 	/*
2940f1702c5SYu Xiangning 	 * Notify sockfs if the tx queue is full.
2950f1702c5SYu Xiangning 	 */
296bd670b35SErik Nordmark 	if (SCTP_TXQ_LEN(sctp) >= connp->conn_sndbuf) {
2970f1702c5SYu Xiangning 		sctp->sctp_txq_full = 1;
298a215d4ebSKacheong Poon 		sctp->sctp_ulp_txq_full(sctp->sctp_ulpd, B_TRUE);
2990f1702c5SYu Xiangning 	}
3007c478bd9Sstevel@tonic-gate 	if (sctp->sctp_state == SCTPS_ESTABLISHED)
30112f47623Skcpoon 		sctp_output(sctp, UINT_MAX);
302bd670b35SErik Nordmark done2:
3037c478bd9Sstevel@tonic-gate 	WAKE_SCTP(sctp);
3047c478bd9Sstevel@tonic-gate 	return (0);
3057c478bd9Sstevel@tonic-gate unlock_done:
3067c478bd9Sstevel@tonic-gate 	WAKE_SCTP(sctp);
3077c478bd9Sstevel@tonic-gate done:
3087c478bd9Sstevel@tonic-gate 	return (error);
3097c478bd9Sstevel@tonic-gate }
3107c478bd9Sstevel@tonic-gate 
3111e109b40SNick Street /*
3121e109b40SNick Street  * While there are messages on sctp_xmit_unsent, detach each one. For each:
3131e109b40SNick Street  * allocate space for the chunk header, fill in the data chunk, and fill in
3141e109b40SNick Street  * the chunk header. Then append it to sctp_xmit_tail.
3151e109b40SNick Street  * Return after appending as many bytes as required (bytes_to_send).
3161e109b40SNick Street  * We also return if we've appended one or more chunks, and find a subsequent
3171e109b40SNick Street  * unsent message is too big to fit in the segment.
3181e109b40SNick Street  */
3191e109b40SNick Street mblk_t *
sctp_chunkify(sctp_t * sctp,int mss,int firstseg_len,int bytes_to_send)3201e109b40SNick Street sctp_chunkify(sctp_t *sctp, int mss, int firstseg_len, int bytes_to_send)
3217c478bd9Sstevel@tonic-gate {
3227c478bd9Sstevel@tonic-gate 	mblk_t			*mp;
3237c478bd9Sstevel@tonic-gate 	mblk_t			*chunk_mp;
3247c478bd9Sstevel@tonic-gate 	mblk_t			*chunk_head;
3257c478bd9Sstevel@tonic-gate 	mblk_t			*chunk_hdr;
3267c478bd9Sstevel@tonic-gate 	mblk_t			*chunk_tail = NULL;
3277c478bd9Sstevel@tonic-gate 	int			count;
3287c478bd9Sstevel@tonic-gate 	int			chunksize;
3297c478bd9Sstevel@tonic-gate 	sctp_data_hdr_t		*sdc;
3307c478bd9Sstevel@tonic-gate 	mblk_t			*mdblk = sctp->sctp_xmit_unsent;
3317c478bd9Sstevel@tonic-gate 	sctp_faddr_t		*fp;
3327c478bd9Sstevel@tonic-gate 	sctp_faddr_t		*fp1;
3337c478bd9Sstevel@tonic-gate 	size_t			xtralen;
3347c478bd9Sstevel@tonic-gate 	sctp_msg_hdr_t		*msg_hdr;
3351e109b40SNick Street 	sctp_stack_t		*sctps = sctp->sctp_sctps;
3361e109b40SNick Street 	sctp_msg_hdr_t		*next_msg_hdr;
3371e109b40SNick Street 	size_t			nextlen;
3381e109b40SNick Street 	int			remaining_len = mss - firstseg_len;
3391e109b40SNick Street 
3401e109b40SNick Street 	ASSERT(remaining_len >= 0);
3417c478bd9Sstevel@tonic-gate 
3427c478bd9Sstevel@tonic-gate 	fp = SCTP_CHUNK_DEST(mdblk);
3437c478bd9Sstevel@tonic-gate 	if (fp == NULL)
3447c478bd9Sstevel@tonic-gate 		fp = sctp->sctp_current;
3456be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	if (fp->sf_isv4)
346f4b3ec61Sdh 		xtralen = sctp->sctp_hdr_len + sctps->sctps_wroff_xtra +
347f4b3ec61Sdh 		    sizeof (*sdc);
3487c478bd9Sstevel@tonic-gate 	else
349f4b3ec61Sdh 		xtralen = sctp->sctp_hdr6_len + sctps->sctps_wroff_xtra +
350f4b3ec61Sdh 		    sizeof (*sdc);
3511e109b40SNick Street 	count = chunksize = remaining_len - sizeof (*sdc);
3527c478bd9Sstevel@tonic-gate nextmsg:
3531e109b40SNick Street 	next_msg_hdr = (sctp_msg_hdr_t *)sctp->sctp_xmit_unsent->b_rptr;
3541e109b40SNick Street 	nextlen = next_msg_hdr->smh_msglen;
3551e109b40SNick Street 	/*
3561e109b40SNick Street 	 * Will the entire next message fit in the current packet ?
3571e109b40SNick Street 	 * if not, leave it on the unsent list.
3581e109b40SNick Street 	 */
3591e109b40SNick Street 	if ((firstseg_len != 0) && (nextlen > remaining_len))
3601e109b40SNick Street 		return (NULL);
3611e109b40SNick Street 
3627c478bd9Sstevel@tonic-gate 	chunk_mp = mdblk->b_cont;
3637c478bd9Sstevel@tonic-gate 
3647c478bd9Sstevel@tonic-gate 	/*
3651e109b40SNick Street 	 * If this partially chunked, we ignore the next one for now and
3661e109b40SNick Street 	 * use the one already present. For the unchunked bits, we use the
3671e109b40SNick Street 	 * length of the last chunk.
3687c478bd9Sstevel@tonic-gate 	 */
3697c478bd9Sstevel@tonic-gate 	if (SCTP_IS_MSG_CHUNKED(mdblk)) {
3707c478bd9Sstevel@tonic-gate 		int	chunk_len;
3717c478bd9Sstevel@tonic-gate 
3727c478bd9Sstevel@tonic-gate 		ASSERT(chunk_mp->b_next != NULL);
3737c478bd9Sstevel@tonic-gate 		mdblk->b_cont = chunk_mp->b_next;
3747c478bd9Sstevel@tonic-gate 		chunk_mp->b_next = NULL;
3757c478bd9Sstevel@tonic-gate 		SCTP_MSG_CLEAR_CHUNKED(mdblk);
3767c478bd9Sstevel@tonic-gate 		mp = mdblk->b_cont;
3777c478bd9Sstevel@tonic-gate 		while (mp->b_next != NULL)
3787c478bd9Sstevel@tonic-gate 			mp = mp->b_next;
3797c478bd9Sstevel@tonic-gate 		chunk_len = ntohs(((sctp_data_hdr_t *)mp->b_rptr)->sdh_len);
3806be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 		if (fp->sf_pmss - chunk_len > sizeof (*sdc))
3816be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			count = chunksize = fp->sf_pmss - chunk_len;
3827c478bd9Sstevel@tonic-gate 		else
3836be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			count = chunksize = fp->sf_pmss;
3847c478bd9Sstevel@tonic-gate 		count = chunksize = count - sizeof (*sdc);
3857c478bd9Sstevel@tonic-gate 	} else {
3867c478bd9Sstevel@tonic-gate 		msg_hdr = (sctp_msg_hdr_t *)mdblk->b_rptr;
3877c478bd9Sstevel@tonic-gate 		if (SCTP_MSG_TO_BE_ABANDONED(mdblk, msg_hdr, sctp)) {
3887c478bd9Sstevel@tonic-gate 			sctp->sctp_xmit_unsent = mdblk->b_next;
3897c478bd9Sstevel@tonic-gate 			if (sctp->sctp_xmit_unsent == NULL)
3907c478bd9Sstevel@tonic-gate 				sctp->sctp_xmit_unsent_tail = NULL;
3917c478bd9Sstevel@tonic-gate 			ASSERT(sctp->sctp_unsent >= msg_hdr->smh_msglen);
3927c478bd9Sstevel@tonic-gate 			sctp->sctp_unsent -= msg_hdr->smh_msglen;
3937c478bd9Sstevel@tonic-gate 			mdblk->b_next = NULL;
3947c478bd9Sstevel@tonic-gate 			BUMP_LOCAL(sctp->sctp_prsctpdrop);
3957c478bd9Sstevel@tonic-gate 			/*
3967c478bd9Sstevel@tonic-gate 			 * Update ULP the amount of queued data, which is
3977c478bd9Sstevel@tonic-gate 			 * sent-unack'ed + unsent.
3987c478bd9Sstevel@tonic-gate 			 */
3990f1702c5SYu Xiangning 			if (!SCTP_IS_DETACHED(sctp))
4000f1702c5SYu Xiangning 				SCTP_TXQ_UPDATE(sctp);
4017c478bd9Sstevel@tonic-gate 			sctp_sendfail_event(sctp, mdblk, 0, B_FALSE);
4027c478bd9Sstevel@tonic-gate 			goto try_next;
4037c478bd9Sstevel@tonic-gate 		}
4047c478bd9Sstevel@tonic-gate 		mdblk->b_cont = NULL;
4057c478bd9Sstevel@tonic-gate 	}
4067c478bd9Sstevel@tonic-gate 	msg_hdr = (sctp_msg_hdr_t *)mdblk->b_rptr;
4077c478bd9Sstevel@tonic-gate nextchunk:
4087c478bd9Sstevel@tonic-gate 	chunk_head = chunk_mp;
4097c478bd9Sstevel@tonic-gate 	chunk_tail = NULL;
4107c478bd9Sstevel@tonic-gate 
4117c478bd9Sstevel@tonic-gate 	/* Skip as many mblk's as we need */
4127c478bd9Sstevel@tonic-gate 	while (chunk_mp != NULL && ((count - MBLKL(chunk_mp)) >= 0)) {
4137c478bd9Sstevel@tonic-gate 		count -= MBLKL(chunk_mp);
4147c478bd9Sstevel@tonic-gate 		chunk_tail = chunk_mp;
4157c478bd9Sstevel@tonic-gate 		chunk_mp = chunk_mp->b_cont;
4167c478bd9Sstevel@tonic-gate 	}
4177c478bd9Sstevel@tonic-gate 	/* Split the chain, if needed */
4187c478bd9Sstevel@tonic-gate 	if (chunk_mp != NULL) {
4197c478bd9Sstevel@tonic-gate 		if (count > 0) {
4207c478bd9Sstevel@tonic-gate 			mblk_t	*split_mp = dupb(chunk_mp);
4217c478bd9Sstevel@tonic-gate 
4227c478bd9Sstevel@tonic-gate 			if (split_mp == NULL) {
4237c478bd9Sstevel@tonic-gate 				if (mdblk->b_cont == NULL) {
4247c478bd9Sstevel@tonic-gate 					mdblk->b_cont = chunk_head;
4257c478bd9Sstevel@tonic-gate 				} else  {
4267c478bd9Sstevel@tonic-gate 					SCTP_MSG_SET_CHUNKED(mdblk);
4277c478bd9Sstevel@tonic-gate 					ASSERT(chunk_head->b_next == NULL);
4287c478bd9Sstevel@tonic-gate 					chunk_head->b_next = mdblk->b_cont;
4297c478bd9Sstevel@tonic-gate 					mdblk->b_cont = chunk_head;
4307c478bd9Sstevel@tonic-gate 				}
4311e109b40SNick Street 				return (sctp->sctp_xmit_tail);
4327c478bd9Sstevel@tonic-gate 			}
4337c478bd9Sstevel@tonic-gate 			if (chunk_tail != NULL) {
4347c478bd9Sstevel@tonic-gate 				chunk_tail->b_cont = split_mp;
4357c478bd9Sstevel@tonic-gate 				chunk_tail = chunk_tail->b_cont;
4367c478bd9Sstevel@tonic-gate 			} else {
4377c478bd9Sstevel@tonic-gate 				chunk_head = chunk_tail = split_mp;
4387c478bd9Sstevel@tonic-gate 			}
4397c478bd9Sstevel@tonic-gate 			chunk_tail->b_wptr = chunk_tail->b_rptr + count;
4407c478bd9Sstevel@tonic-gate 			chunk_mp->b_rptr = chunk_tail->b_wptr;
4417c478bd9Sstevel@tonic-gate 			count = 0;
4427c478bd9Sstevel@tonic-gate 		} else if (chunk_tail == NULL) {
4437c478bd9Sstevel@tonic-gate 			goto next;
4447c478bd9Sstevel@tonic-gate 		} else {
4457c478bd9Sstevel@tonic-gate 			chunk_tail->b_cont = NULL;
4467c478bd9Sstevel@tonic-gate 		}
4477c478bd9Sstevel@tonic-gate 	}
4487c478bd9Sstevel@tonic-gate 	/* Alloc chunk hdr, if needed */
4497c478bd9Sstevel@tonic-gate 	if (DB_REF(chunk_head) > 1 ||
4507c478bd9Sstevel@tonic-gate 	    ((intptr_t)chunk_head->b_rptr) & (SCTP_ALIGN - 1) ||
4517c478bd9Sstevel@tonic-gate 	    MBLKHEAD(chunk_head) < sizeof (*sdc)) {
4527c478bd9Sstevel@tonic-gate 		if ((chunk_hdr = allocb(xtralen, BPRI_MED)) == NULL) {
4537c478bd9Sstevel@tonic-gate 			if (mdblk->b_cont == NULL) {
4547c478bd9Sstevel@tonic-gate 				if (chunk_mp != NULL)
4557c478bd9Sstevel@tonic-gate 					linkb(chunk_head, chunk_mp);
4567c478bd9Sstevel@tonic-gate 				mdblk->b_cont = chunk_head;
4577c478bd9Sstevel@tonic-gate 			} else {
4587c478bd9Sstevel@tonic-gate 				SCTP_MSG_SET_CHUNKED(mdblk);
4597c478bd9Sstevel@tonic-gate 				if (chunk_mp != NULL)
4607c478bd9Sstevel@tonic-gate 					linkb(chunk_head, chunk_mp);
4617c478bd9Sstevel@tonic-gate 				ASSERT(chunk_head->b_next == NULL);
4627c478bd9Sstevel@tonic-gate 				chunk_head->b_next = mdblk->b_cont;
4637c478bd9Sstevel@tonic-gate 				mdblk->b_cont = chunk_head;
4647c478bd9Sstevel@tonic-gate 			}
4651e109b40SNick Street 			return (sctp->sctp_xmit_tail);
4667c478bd9Sstevel@tonic-gate 		}
4677c478bd9Sstevel@tonic-gate 		chunk_hdr->b_rptr += xtralen - sizeof (*sdc);
4687c478bd9Sstevel@tonic-gate 		chunk_hdr->b_wptr = chunk_hdr->b_rptr + sizeof (*sdc);
4697c478bd9Sstevel@tonic-gate 		chunk_hdr->b_cont = chunk_head;
4707c478bd9Sstevel@tonic-gate 	} else {
4717c478bd9Sstevel@tonic-gate 		chunk_hdr = chunk_head;
4727c478bd9Sstevel@tonic-gate 		chunk_hdr->b_rptr -= sizeof (*sdc);
4737c478bd9Sstevel@tonic-gate 	}
4747c478bd9Sstevel@tonic-gate 	ASSERT(chunk_hdr->b_datap->db_ref == 1);
4757c478bd9Sstevel@tonic-gate 	sdc = (sctp_data_hdr_t *)chunk_hdr->b_rptr;
4767c478bd9Sstevel@tonic-gate 	sdc->sdh_id = CHUNK_DATA;
4777c478bd9Sstevel@tonic-gate 	sdc->sdh_flags = 0;
4787c478bd9Sstevel@tonic-gate 	sdc->sdh_len = htons(sizeof (*sdc) + chunksize - count);
4797c478bd9Sstevel@tonic-gate 	ASSERT(sdc->sdh_len);
4807c478bd9Sstevel@tonic-gate 	sdc->sdh_sid = htons(msg_hdr->smh_sid);
4817c478bd9Sstevel@tonic-gate 	/*
4827c478bd9Sstevel@tonic-gate 	 * We defer assigning the SSN just before sending the chunk, else
4837c478bd9Sstevel@tonic-gate 	 * if we drop the chunk in sctp_get_msg_to_send(), we would need
4847c478bd9Sstevel@tonic-gate 	 * to send a Forward TSN to let the peer know. Some more comments
4857c478bd9Sstevel@tonic-gate 	 * about this in sctp_impl.h for SCTP_CHUNK_SENT.
4867c478bd9Sstevel@tonic-gate 	 */
4877c478bd9Sstevel@tonic-gate 	sdc->sdh_payload_id = msg_hdr->smh_ppid;
4887c478bd9Sstevel@tonic-gate 
4897c478bd9Sstevel@tonic-gate 	if (mdblk->b_cont == NULL) {
4907c478bd9Sstevel@tonic-gate 		mdblk->b_cont = chunk_hdr;
4917c478bd9Sstevel@tonic-gate 		SCTP_DATA_SET_BBIT(sdc);
4927c478bd9Sstevel@tonic-gate 	} else {
4937c478bd9Sstevel@tonic-gate 		mp = mdblk->b_cont;
4947c478bd9Sstevel@tonic-gate 		while (mp->b_next != NULL)
4957c478bd9Sstevel@tonic-gate 			mp = mp->b_next;
4967c478bd9Sstevel@tonic-gate 		mp->b_next = chunk_hdr;
4977c478bd9Sstevel@tonic-gate 	}
4987c478bd9Sstevel@tonic-gate 
4997c478bd9Sstevel@tonic-gate 	bytes_to_send -= (chunksize - count);
5007c478bd9Sstevel@tonic-gate 	if (chunk_mp != NULL) {
5017c478bd9Sstevel@tonic-gate next:
5026be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 		count = chunksize = fp->sf_pmss - sizeof (*sdc);
5037c478bd9Sstevel@tonic-gate 		goto nextchunk;
5047c478bd9Sstevel@tonic-gate 	}
5057c478bd9Sstevel@tonic-gate 	SCTP_DATA_SET_EBIT(sdc);
5067c478bd9Sstevel@tonic-gate 	sctp->sctp_xmit_unsent = mdblk->b_next;
5077c478bd9Sstevel@tonic-gate 	if (mdblk->b_next == NULL) {
5087c478bd9Sstevel@tonic-gate 		sctp->sctp_xmit_unsent_tail = NULL;
5097c478bd9Sstevel@tonic-gate 	}
5107c478bd9Sstevel@tonic-gate 	mdblk->b_next = NULL;
5117c478bd9Sstevel@tonic-gate 
5127c478bd9Sstevel@tonic-gate 	if (sctp->sctp_xmit_tail == NULL) {
5137c478bd9Sstevel@tonic-gate 		sctp->sctp_xmit_head = sctp->sctp_xmit_tail = mdblk;
5147c478bd9Sstevel@tonic-gate 	} else {
5157c478bd9Sstevel@tonic-gate 		mp = sctp->sctp_xmit_tail;
5167c478bd9Sstevel@tonic-gate 		while (mp->b_next != NULL)
5177c478bd9Sstevel@tonic-gate 			mp = mp->b_next;
5187c478bd9Sstevel@tonic-gate 		mp->b_next = mdblk;
5197c478bd9Sstevel@tonic-gate 		mdblk->b_prev = mp;
5207c478bd9Sstevel@tonic-gate 	}
5217c478bd9Sstevel@tonic-gate try_next:
5227c478bd9Sstevel@tonic-gate 	if (bytes_to_send > 0 && sctp->sctp_xmit_unsent != NULL) {
5237c478bd9Sstevel@tonic-gate 		mdblk = sctp->sctp_xmit_unsent;
5247c478bd9Sstevel@tonic-gate 		fp1 = SCTP_CHUNK_DEST(mdblk);
5257c478bd9Sstevel@tonic-gate 		if (fp1 == NULL)
5267c478bd9Sstevel@tonic-gate 			fp1 = sctp->sctp_current;
5277c478bd9Sstevel@tonic-gate 		if (fp == fp1) {
5287c478bd9Sstevel@tonic-gate 			size_t len = MBLKL(mdblk->b_cont);
5297c478bd9Sstevel@tonic-gate 			if ((count > 0) &&
5306be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			    ((len > fp->sf_pmss - sizeof (*sdc)) ||
531b34b8d1aSkcpoon 			    (len <= count))) {
5327c478bd9Sstevel@tonic-gate 				count -= sizeof (*sdc);
5337c478bd9Sstevel@tonic-gate 				count = chunksize = count - (count & 0x3);
5347c478bd9Sstevel@tonic-gate 			} else {
5356be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 				count = chunksize = fp->sf_pmss -
5367c478bd9Sstevel@tonic-gate 				    sizeof (*sdc);
5377c478bd9Sstevel@tonic-gate 			}
5387c478bd9Sstevel@tonic-gate 		} else {
5396be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			if (fp1->sf_isv4)
5407c478bd9Sstevel@tonic-gate 				xtralen = sctp->sctp_hdr_len;
5417c478bd9Sstevel@tonic-gate 			else
5427c478bd9Sstevel@tonic-gate 				xtralen = sctp->sctp_hdr6_len;
543f4b3ec61Sdh 			xtralen += sctps->sctps_wroff_xtra + sizeof (*sdc);
5446be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			count = chunksize = fp1->sf_pmss - sizeof (*sdc);
5457c478bd9Sstevel@tonic-gate 			fp = fp1;
5467c478bd9Sstevel@tonic-gate 		}
5477c478bd9Sstevel@tonic-gate 		goto nextmsg;
5487c478bd9Sstevel@tonic-gate 	}
5491e109b40SNick Street 	return (sctp->sctp_xmit_tail);
5507c478bd9Sstevel@tonic-gate }
5517c478bd9Sstevel@tonic-gate 
5527c478bd9Sstevel@tonic-gate void
sctp_free_msg(mblk_t * ump)5537c478bd9Sstevel@tonic-gate sctp_free_msg(mblk_t *ump)
5547c478bd9Sstevel@tonic-gate {
5557c478bd9Sstevel@tonic-gate 	mblk_t *mp, *nmp;
5567c478bd9Sstevel@tonic-gate 
5577c478bd9Sstevel@tonic-gate 	for (mp = ump->b_cont; mp; mp = nmp) {
5587c478bd9Sstevel@tonic-gate 		nmp = mp->b_next;
5597c478bd9Sstevel@tonic-gate 		mp->b_next = mp->b_prev = NULL;
5607c478bd9Sstevel@tonic-gate 		freemsg(mp);
5617c478bd9Sstevel@tonic-gate 	}
5627c478bd9Sstevel@tonic-gate 	ASSERT(!ump->b_prev);
5637c478bd9Sstevel@tonic-gate 	ump->b_next = NULL;
5647c478bd9Sstevel@tonic-gate 	freeb(ump);
5657c478bd9Sstevel@tonic-gate }
5667c478bd9Sstevel@tonic-gate 
5677c478bd9Sstevel@tonic-gate mblk_t *
sctp_add_proto_hdr(sctp_t * sctp,sctp_faddr_t * fp,mblk_t * mp,int sacklen,int * error)568df19b344Svi sctp_add_proto_hdr(sctp_t *sctp, sctp_faddr_t *fp, mblk_t *mp, int sacklen,
569df19b344Svi     int *error)
5707c478bd9Sstevel@tonic-gate {
5717c478bd9Sstevel@tonic-gate 	int hdrlen;
572bd670b35SErik Nordmark 	uchar_t *hdr;
5736be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	int isv4 = fp->sf_isv4;
574f4b3ec61Sdh 	sctp_stack_t	*sctps = sctp->sctp_sctps;
5757c478bd9Sstevel@tonic-gate 
576df19b344Svi 	if (error != NULL)
577df19b344Svi 		*error = 0;
578df19b344Svi 
5797c478bd9Sstevel@tonic-gate 	if (isv4) {
5807c478bd9Sstevel@tonic-gate 		hdrlen = sctp->sctp_hdr_len;
5817c478bd9Sstevel@tonic-gate 		hdr = sctp->sctp_iphc;
5827c478bd9Sstevel@tonic-gate 	} else {
5837c478bd9Sstevel@tonic-gate 		hdrlen = sctp->sctp_hdr6_len;
5847c478bd9Sstevel@tonic-gate 		hdr = sctp->sctp_iphc6;
5857c478bd9Sstevel@tonic-gate 	}
586df19b344Svi 	/*
587bd670b35SErik Nordmark 	 * A reject|blackhole could mean that the address is 'down'. Similarly,
588df19b344Svi 	 * it is possible that the address went down, we tried to send an
5896be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	 * heartbeat and ended up setting fp->sf_saddr as unspec because we
59077c67f2fSkcpoon 	 * didn't have any usable source address.  In either case
591bd670b35SErik Nordmark 	 * sctp_get_dest() will try find an IRE, if available, and set
59277c67f2fSkcpoon 	 * the source address, if needed.  If we still don't have any
5936be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	 * usable source address, fp->sf_state will be SCTP_FADDRS_UNREACH and
594df19b344Svi 	 * we return EHOSTUNREACH.
595df19b344Svi 	 */
5966be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	ASSERT(fp->sf_ixa->ixa_ire != NULL);
5976be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	if ((fp->sf_ixa->ixa_ire->ire_flags & (RTF_REJECT|RTF_BLACKHOLE)) ||
5986be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 	    SCTP_IS_ADDR_UNSPEC(fp->sf_isv4, fp->sf_saddr)) {
599bd670b35SErik Nordmark 		sctp_get_dest(sctp, fp);
6006be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 		if (fp->sf_state == SCTP_FADDRS_UNREACH) {
601df19b344Svi 			if (error != NULL)
602df19b344Svi 				*error = EHOSTUNREACH;
603df19b344Svi 			return (NULL);
6047c478bd9Sstevel@tonic-gate 		}
6057c478bd9Sstevel@tonic-gate 	}
6067c478bd9Sstevel@tonic-gate 	/* Copy in IP header. */
6077c478bd9Sstevel@tonic-gate 	if ((mp->b_rptr - mp->b_datap->db_base) <
608bd670b35SErik Nordmark 	    (sctps->sctps_wroff_xtra + hdrlen + sacklen) || DB_REF(mp) > 2) {
6097c478bd9Sstevel@tonic-gate 		mblk_t *nmp;
61077c67f2fSkcpoon 
6117c478bd9Sstevel@tonic-gate 		/*
6127c478bd9Sstevel@tonic-gate 		 * This can happen if IP headers are adjusted after
6137c478bd9Sstevel@tonic-gate 		 * data was moved into chunks, or during retransmission,
6147c478bd9Sstevel@tonic-gate 		 * or things like snoop is running.
6157c478bd9Sstevel@tonic-gate 		 */
616bd670b35SErik Nordmark 		nmp = allocb(sctps->sctps_wroff_xtra + hdrlen + sacklen,
617bd670b35SErik Nordmark 		    BPRI_MED);
6187c478bd9Sstevel@tonic-gate 		if (nmp == NULL) {
619df19b344Svi 			if (error !=  NULL)
620df19b344Svi 				*error = ENOMEM;
6217c478bd9Sstevel@tonic-gate 			return (NULL);
6227c478bd9Sstevel@tonic-gate 		}
623f4b3ec61Sdh 		nmp->b_rptr += sctps->sctps_wroff_xtra;
6247c478bd9Sstevel@tonic-gate 		nmp->b_wptr = nmp->b_rptr + hdrlen + sacklen;
6257c478bd9Sstevel@tonic-gate 		nmp->b_cont = mp;
6267c478bd9Sstevel@tonic-gate 		mp = nmp;
6277c478bd9Sstevel@tonic-gate 	} else {
6287c478bd9Sstevel@tonic-gate 		mp->b_rptr -= (hdrlen + sacklen);
6297c478bd9Sstevel@tonic-gate 	}
6307c478bd9Sstevel@tonic-gate 	bcopy(hdr, mp->b_rptr, hdrlen);
6317c478bd9Sstevel@tonic-gate 	if (sacklen) {
6327c478bd9Sstevel@tonic-gate 		sctp_fill_sack(sctp, mp->b_rptr + hdrlen, sacklen);
6337c478bd9Sstevel@tonic-gate 	}
6347c478bd9Sstevel@tonic-gate 	if (fp != sctp->sctp_current) {
6357c478bd9Sstevel@tonic-gate 		/* change addresses in header */
6367c478bd9Sstevel@tonic-gate 		if (isv4) {
6377c478bd9Sstevel@tonic-gate 			ipha_t *iph = (ipha_t *)mp->b_rptr;
6387c478bd9Sstevel@tonic-gate 
6396be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			IN6_V4MAPPED_TO_IPADDR(&fp->sf_faddr, iph->ipha_dst);
6406be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			if (!IN6_IS_ADDR_V4MAPPED_ANY(&fp->sf_saddr)) {
6416be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 				IN6_V4MAPPED_TO_IPADDR(&fp->sf_saddr,
6427c478bd9Sstevel@tonic-gate 				    iph->ipha_src);
6437c478bd9Sstevel@tonic-gate 			} else if (sctp->sctp_bound_to_all) {
6447c478bd9Sstevel@tonic-gate 				iph->ipha_src = INADDR_ANY;
6457c478bd9Sstevel@tonic-gate 			}
6467c478bd9Sstevel@tonic-gate 		} else {
647bd670b35SErik Nordmark 			ip6_t *ip6h = (ip6_t *)mp->b_rptr;
648bd670b35SErik Nordmark 
6496be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			ip6h->ip6_dst = fp->sf_faddr;
6506be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 			if (!IN6_IS_ADDR_UNSPECIFIED(&fp->sf_saddr)) {
6516be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 				ip6h->ip6_src = fp->sf_saddr;
6527c478bd9Sstevel@tonic-gate 			} else if (sctp->sctp_bound_to_all) {
653bd670b35SErik Nordmark 				ip6h->ip6_src = ipv6_all_zeros;
6547c478bd9Sstevel@tonic-gate 			}
6557c478bd9Sstevel@tonic-gate 		}
6567c478bd9Sstevel@tonic-gate 	}
6577c478bd9Sstevel@tonic-gate 	return (mp);
6587c478bd9Sstevel@tonic-gate }
6597c478bd9Sstevel@tonic-gate 
6607c478bd9Sstevel@tonic-gate /*
6617c478bd9Sstevel@tonic-gate  * SCTP requires every chunk to be padded so that the total length
6627c478bd9Sstevel@tonic-gate  * is a multiple of SCTP_ALIGN.  This function returns a mblk with
6637c478bd9Sstevel@tonic-gate  * the specified pad length.
6647c478bd9Sstevel@tonic-gate  */
6657c478bd9Sstevel@tonic-gate static mblk_t *
sctp_get_padding(sctp_t * sctp,int pad)666121e5416Skcpoon sctp_get_padding(sctp_t *sctp, int pad)
6677c478bd9Sstevel@tonic-gate {
6687c478bd9Sstevel@tonic-gate 	mblk_t *fill;
6697c478bd9Sstevel@tonic-gate 
6707c478bd9Sstevel@tonic-gate 	ASSERT(pad < SCTP_ALIGN);
671121e5416Skcpoon 	ASSERT(sctp->sctp_pad_mp != NULL);
672121e5416Skcpoon 	if ((fill = dupb(sctp->sctp_pad_mp)) != NULL) {
6737c478bd9Sstevel@tonic-gate 		fill->b_wptr += pad;
6747c478bd9Sstevel@tonic-gate 		return (fill);
6757c478bd9Sstevel@tonic-gate 	}
6767c478bd9Sstevel@tonic-gate 
6777c478bd9Sstevel@tonic-gate 	/*
6787c478bd9Sstevel@tonic-gate 	 * The memory saving path of reusing the sctp_pad_mp
6797c478bd9Sstevel@tonic-gate 	 * fails may be because it has been dupb() too
6807c478bd9Sstevel@tonic-gate 	 * many times (DBLK_REFMAX).  Use the memory consuming
6817c478bd9Sstevel@tonic-gate 	 * path of allocating the pad mblk.
6827c478bd9Sstevel@tonic-gate 	 */
6837c478bd9Sstevel@tonic-gate 	if ((fill = allocb(SCTP_ALIGN, BPRI_MED)) != NULL) {
6847c478bd9Sstevel@tonic-gate 		/* Zero it out.  SCTP_ALIGN is sizeof (int32_t) */
6857c478bd9Sstevel@tonic-gate 		*(int32_t *)fill->b_rptr = 0;
6867c478bd9Sstevel@tonic-gate 		fill->b_wptr += pad;
6877c478bd9Sstevel@tonic-gate 	}
6887c478bd9Sstevel@tonic-gate 	return (fill);
6897c478bd9Sstevel@tonic-gate }
6907c478bd9Sstevel@tonic-gate 
6917c478bd9Sstevel@tonic-gate static mblk_t *
sctp_find_fast_rexmit_mblks(sctp_t * sctp,int * total,sctp_faddr_t ** fp)6927c478bd9Sstevel@tonic-gate sctp_find_fast_rexmit_mblks(sctp_t *sctp, int *total, sctp_faddr_t **fp)
6937c478bd9Sstevel@tonic-gate {
6947c478bd9Sstevel@tonic-gate 	mblk_t		*meta;
6957c478bd9Sstevel@tonic-gate 	mblk_t		*start_mp = NULL;
6967c478bd9Sstevel@tonic-gate 	mblk_t		*end_mp = NULL;
6977c478bd9Sstevel@tonic-gate 	mblk_t		*mp, *nmp;
6987c478bd9Sstevel@tonic-gate 	mblk_t		*fill;
6997c478bd9Sstevel@tonic-gate 	sctp_data_hdr_t	*sdh;
7007c478bd9Sstevel@tonic-gate 	int		msglen;
7017c478bd9Sstevel@tonic-gate 	int		extra;
7027c478bd9Sstevel@tonic-gate 	sctp_msg_hdr_t	*msg_hdr;
70377c67f2fSkcpoon 	sctp_faddr_t	*old_fp = NULL;
70477c67f2fSkcpoon 	sctp_faddr_t	*chunk_fp;
705f4b3ec61Sdh 	sctp_stack_t	*sctps = sctp->sctp_sctps;
7067c478bd9Sstevel@tonic-gate 
7077c478bd9Sstevel@tonic-gate 	for (meta = sctp->sctp_xmit_head; meta != NULL; meta = meta->b_next) {
7087c478bd9Sstevel@tonic-gate 		msg_hdr = (sctp_msg_hdr_t *)meta->b_rptr;
7097c478bd9Sstevel@tonic-gate 		if (SCTP_IS_MSG_ABANDONED(meta) ||
7107c478bd9Sstevel@tonic-gate 		    SCTP_MSG_TO_BE_ABANDONED(meta, msg_hdr, sctp)) {
7117c478bd9Sstevel@tonic-gate 			continue;
7127c478bd9Sstevel@tonic-gate 		}
7137c478bd9Sstevel@tonic-gate 		for (mp = meta->b_cont; mp != NULL; mp = mp->b_next) {
7147c478bd9Sstevel@tonic-gate 			if (SCTP_CHUNK_WANT_REXMIT(mp)) {
7157c478bd9Sstevel@tonic-gate 				/*
7167c478bd9Sstevel@tonic-gate 				 * Use the same peer address to do fast
71777c67f2fSkcpoon 				 * retransmission.  If the original peer
71877c67f2fSkcpoon 				 * address is dead, switch to the current
71977c67f2fSkcpoon 				 * one.  Record the old one so that we
72077c67f2fSkcpoon 				 * will pick the chunks sent to the old
72177c67f2fSkcpoon 				 * one for fast retransmission.
7227c478bd9Sstevel@tonic-gate 				 */
72377c67f2fSkcpoon 				chunk_fp = SCTP_CHUNK_DEST(mp);
7247c478bd9Sstevel@tonic-gate 				if (*fp == NULL) {
72577c67f2fSkcpoon 					*fp = chunk_fp;
7266be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 					if ((*fp)->sf_state !=
7276be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 					    SCTP_FADDRS_ALIVE) {
72877c67f2fSkcpoon 						old_fp = *fp;
7297c478bd9Sstevel@tonic-gate 						*fp = sctp->sctp_current;
73077c67f2fSkcpoon 					}
73177c67f2fSkcpoon 				} else if (old_fp == NULL && *fp != chunk_fp) {
73277c67f2fSkcpoon 					continue;
73377c67f2fSkcpoon 				} else if (old_fp != NULL &&
73477c67f2fSkcpoon 				    old_fp != chunk_fp) {
7357c478bd9Sstevel@tonic-gate 					continue;
7367c478bd9Sstevel@tonic-gate 				}
7377c478bd9Sstevel@tonic-gate 
7387c478bd9Sstevel@tonic-gate 				sdh = (sctp_data_hdr_t *)mp->b_rptr;
7397c478bd9Sstevel@tonic-gate 				msglen = ntohs(sdh->sdh_len);
7407c478bd9Sstevel@tonic-gate 				if ((extra = msglen & (SCTP_ALIGN - 1)) != 0) {
7417c478bd9Sstevel@tonic-gate 					extra = SCTP_ALIGN - extra;
7427c478bd9Sstevel@tonic-gate 				}
7437c478bd9Sstevel@tonic-gate 
7447c478bd9Sstevel@tonic-gate 				/*
7457c478bd9Sstevel@tonic-gate 				 * We still return at least the first message
7467c478bd9Sstevel@tonic-gate 				 * even if that message cannot fit in as
7477c478bd9Sstevel@tonic-gate 				 * PMTU may have changed.
7487c478bd9Sstevel@tonic-gate 				 */
7497c478bd9Sstevel@tonic-gate 				if (*total + msglen + extra >
7506be61d4eSchandrasekar marimuthu - Sun Microsystems - Bangalore India 				    (*fp)->sf_pmss && start_mp != NULL) {
7517c478bd9Sstevel@tonic-gate 					return (start_mp);
7527c478bd9Sstevel@tonic-gate 				}
7537c478bd9Sstevel@tonic-gate 				if ((nmp = dupmsg(mp)) == NULL)
7547c478bd9Sstevel@tonic-gate 					return (start_mp);
7557c478bd9Sstevel@tonic-gate 				if (extra > 0) {
756121e5416Skcpoon 					fill = sctp_get_padding(sctp, extra);
7577c478bd9Sstevel@tonic-gate 					if (fill != NULL) {
7587c478bd9Sstevel@tonic-gate 						linkb(nmp, fill);
7597c478bd9Sstevel@tonic-gate 					} else {
7607c478bd9Sstevel@tonic-gate 						return (start_mp);
7617c478bd9Sstevel@tonic-gate 					}
7627c478bd9Sstevel@tonic-gate 				}
763