git: 6b2977c5978b - stable/14 - tcp: fix duplicate retransmissions when RTO happens during SACK loss recovery

From: Richard Scheffenegger <rscheff_at_FreeBSD.org>
Date: Fri, 18 Oct 2024 07:54:21 UTC
The branch stable/14 has been updated by rscheff:

URL: https://cgit.FreeBSD.org/src/commit/?id=6b2977c5978b58718d9cddc0a8c31e1bd9aa0361

commit 6b2977c5978b58718d9cddc0a8c31e1bd9aa0361
Author:     Richard Scheffenegger <rscheff@FreeBSD.org>
AuthorDate: 2024-10-10 10:50:22 +0000
Commit:     Richard Scheffenegger <rscheff@FreeBSD.org>
CommitDate: 2024-10-18 07:51:38 +0000

    tcp: fix duplicate retransmissions when RTO happens during SACK loss recovery
    
    When snd_nxt doesn't track snd_max, partial SACK ACKs may elicit
    unexpected duplicate retransmissions. This is usually masked by
    LRO not necessarily ACKing every individual segment, and prior
    to RFC6675 SACK loss recovery, harder to trigger even when an
    RTO happens while SACK loss recovery is ongoing.
    
    Address this by improving the logic when to start a SACK loss recovery
    and how to deal with a RTO, as well as improvements to the adjusted
    congestion window during transmission selection.
    
    Reviewed By:    tuexen, cc, #transport
    Sponsored by:   NetApp, Inc.
    MFC after:      1 week
    Differential Revision:  https://reviews.freebsd.org/D43355
    
    (cherry picked from commit 440f4ba18e3ab7be912858bbcb96a419fcf14809)
---
 sys/netinet/tcp_input.c  | 16 ++++++++++------
 sys/netinet/tcp_output.c | 27 +++++++++++++++++----------
 sys/netinet/tcp_sack.c   | 42 +++++++++++++++++++++++++++---------------
 sys/netinet/tcp_var.h    |  2 +-
 4 files changed, 55 insertions(+), 32 deletions(-)

diff --git a/sys/netinet/tcp_input.c b/sys/netinet/tcp_input.c
index 500d208b7756..83f85a50ed40 100644
--- a/sys/netinet/tcp_input.c
+++ b/sys/netinet/tcp_input.c
@@ -2723,9 +2723,7 @@ enter_recovery:
 						    tp->snd_nxt - tp->snd_una);
 					}
 					if (tcp_is_sack_recovery(tp, &to)) {
-						TCPSTAT_INC(
-						    tcps_sack_recovery_episode);
-						tp->snd_recover = tp->snd_nxt;
+						TCPSTAT_INC(tcps_sack_recovery_episode);
 						tp->snd_cwnd = maxseg;
 						(void) tcp_output(tp);
 						if (SEQ_GT(th->th_ack, tp->snd_una))
@@ -2768,8 +2766,12 @@ enter_recovery:
 					    __func__));
 					if (tp->t_dupacks == 1)
 						tp->snd_limited = 0;
-					tp->snd_cwnd =
-					    (tp->snd_nxt - tp->snd_una) +
+					if ((tp->snd_nxt == tp->snd_max) &&
+					    (tp->t_rxtshift == 0))
+						tp->snd_cwnd =
+						    SEQ_SUB(tp->snd_nxt,
+							    tp->snd_una);
+					tp->snd_cwnd +=
 					    (tp->t_dupacks - tp->snd_limited) *
 					    maxseg;
 					/*
@@ -2815,7 +2817,9 @@ enter_recovery:
 			 * counted as dupacks here.
 			 */
 			if (tcp_is_sack_recovery(tp, &to) &&
-			    (sack_changed != SACK_NOCHANGE)) {
+			    (((tp->t_rxtshift == 0) && (sack_changed != SACK_NOCHANGE)) ||
+			     ((tp->t_rxtshift > 0) && (sack_changed == SACK_NEWLOSS))) &&
+			    (tp->snd_nxt == tp->snd_max)) {
 				tp->t_dupacks++;
 				/* limit overhead by setting maxseg last */
 				if (!IN_FASTRECOVERY(tp->t_flags) &&
diff --git a/sys/netinet/tcp_output.c b/sys/netinet/tcp_output.c
index 9269ba443bd9..d1a81123ebad 100644
--- a/sys/netinet/tcp_output.c
+++ b/sys/netinet/tcp_output.c
@@ -266,6 +266,7 @@ tcp_default_output(struct tcpcb *tp)
 		}
 	}
 again:
+	sendwin = 0;
 	/*
 	 * If we've recently taken a timeout, snd_max will be greater than
 	 * snd_nxt.  There may be SACK information that allows us to avoid
@@ -273,12 +274,12 @@ again:
 	 */
 	if ((tp->t_flags & TF_SACK_PERMIT) &&
 	    SEQ_LT(tp->snd_nxt, tp->snd_max))
-		tcp_sack_adjust(tp);
+		sendwin = tcp_sack_adjust(tp);
 	sendalot = 0;
 	tso = 0;
 	mtu = 0;
 	off = tp->snd_nxt - tp->snd_una;
-	sendwin = min(tp->snd_wnd, tp->snd_cwnd);
+	sendwin = min(tp->snd_wnd, tp->snd_cwnd + sendwin);
 
 	flags = tcp_outflags[tp->t_state];
 	/*
@@ -295,7 +296,8 @@ again:
 	sack_bytes_rxmt = 0;
 	len = 0;
 	p = NULL;
-	if ((tp->t_flags & TF_SACK_PERMIT) && IN_FASTRECOVERY(tp->t_flags) &&
+	if ((tp->t_flags & TF_SACK_PERMIT) &&
+	    (IN_FASTRECOVERY(tp->t_flags) || SEQ_LT(tp->snd_nxt, tp->snd_max)) &&
 	    (p = tcp_sack_output(tp, &sack_bytes_rxmt))) {
 		uint32_t cwin;
 
@@ -397,10 +399,10 @@ after_sack_rexmit:
 	 * in which case len is already set.
 	 */
 	if (sack_rxmit == 0) {
-		if (sack_bytes_rxmt == 0)
+		if ((sack_bytes_rxmt == 0) || SEQ_LT(tp->snd_nxt, tp->snd_max)) {
 			len = ((int32_t)min(sbavail(&so->so_snd), sendwin) -
 			    off);
-		else {
+		} else {
 			int32_t cwin;
 
 			/*
@@ -1635,11 +1637,16 @@ timer:
 			tp->snd_max = tp->snd_nxt + xlen;
 	}
 	if ((error == 0) &&
-	    (TCPS_HAVEESTABLISHED(tp->t_state) &&
-	     (tp->t_flags & TF_SACK_PERMIT) &&
-	     tp->rcv_numsacks > 0)) {
-		    /* Clean up any DSACK's sent */
-		    tcp_clean_dsack_blocks(tp);
+	    (tp->rcv_numsacks > 0) &&
+	    TCPS_HAVEESTABLISHED(tp->t_state) &&
+	    (tp->t_flags & TF_SACK_PERMIT)) {
+		/* Clean up any DSACK's sent */
+		tcp_clean_dsack_blocks(tp);
+	}
+	if ((error == 0) &&
+	    sack_rxmit &&
+	    SEQ_LT(tp->snd_nxt, SEQ_MIN(p->rxmit, p->end))) {
+		tp->snd_nxt = SEQ_MIN(p->rxmit, p->end);
 	}
 	if (error) {
 		/*
diff --git a/sys/netinet/tcp_sack.c b/sys/netinet/tcp_sack.c
index 05aaa0b4a662..f33c7030f21e 100644
--- a/sys/netinet/tcp_sack.c
+++ b/sys/netinet/tcp_sack.c
@@ -897,8 +897,8 @@ tcp_sack_partialack(struct tcpcb *tp, struct tcphdr *th)
 		if (tp->t_flags & TF_SENTFIN)
 			highdata--;
 		highdata = SEQ_MIN(highdata, tp->snd_recover);
-		if (th->th_ack != highdata) {
-			tp->snd_fack = th->th_ack;
+		if (SEQ_LT(th->th_ack, highdata)) {
+			tp->snd_fack = SEQ_MAX(th->th_ack, tp->snd_fack);
 			(void)tcp_sackhole_insert(tp, SEQ_MAX(th->th_ack,
 			    highdata - maxseg), highdata, NULL);
 		}
@@ -991,35 +991,47 @@ tcp_sack_output(struct tcpcb *tp, int *sack_bytes_rexmt)
  * After a timeout, the SACK list may be rebuilt.  This SACK information
  * should be used to avoid retransmitting SACKed data.  This function
  * traverses the SACK list to see if snd_nxt should be moved forward.
+ * In addition, cwnd will be inflated by the sacked bytes traversed when
+ * moving snd_nxt forward. This prevents a traffic burst after the final
+ * full ACK, and also keeps ACKs coming back.
  */
-void
+int
 tcp_sack_adjust(struct tcpcb *tp)
 {
+	int sacked = 0;
 	struct sackhole *p, *cur = TAILQ_FIRST(&tp->snd_holes);
 
 	INP_WLOCK_ASSERT(tptoinpcb(tp));
-	if (cur == NULL)
-		return; /* No holes */
-	if (SEQ_GEQ(tp->snd_nxt, tp->snd_fack))
-		return; /* We're already beyond any SACKed blocks */
-	/*-
+	if (cur == NULL) {
+		/* No holes */
+		return (0);
+	}
+	if (SEQ_GEQ(tp->snd_nxt, tp->snd_fack)) {
+		/* We're already beyond any SACKed blocks */
+		return (tp->sackhint.sacked_bytes);
+	}
+	/*
 	 * Two cases for which we want to advance snd_nxt:
 	 * i) snd_nxt lies between end of one hole and beginning of another
 	 * ii) snd_nxt lies between end of last hole and snd_fack
 	 */
 	while ((p = TAILQ_NEXT(cur, scblink)) != NULL) {
-		if (SEQ_LT(tp->snd_nxt, cur->end))
-			return;
-		if (SEQ_GEQ(tp->snd_nxt, p->start))
+		if (SEQ_LT(tp->snd_nxt, cur->end)) {
+			return (sacked);
+		}
+		sacked += p->start - cur->end;
+		if (SEQ_GEQ(tp->snd_nxt, p->start)) {
 			cur = p;
-		else {
+		} else {
 			tp->snd_nxt = p->start;
-			return;
+			return (sacked);
 		}
 	}
-	if (SEQ_LT(tp->snd_nxt, cur->end))
-		return;
+	if (SEQ_LT(tp->snd_nxt, cur->end)) {
+		return (sacked);
+	}
 	tp->snd_nxt = tp->snd_fack;
+	return (tp->sackhint.sacked_bytes);
 }
 
 /*
diff --git a/sys/netinet/tcp_var.h b/sys/netinet/tcp_var.h
index 83ea1608abe1..b75210acad33 100644
--- a/sys/netinet/tcp_var.h
+++ b/sys/netinet/tcp_var.h
@@ -1516,7 +1516,7 @@ void	 tcp_update_dsack_list(struct tcpcb *, tcp_seq, tcp_seq);
 void	 tcp_update_sack_list(struct tcpcb *tp, tcp_seq rcv_laststart, tcp_seq rcv_lastend);
 void	 tcp_clean_dsack_blocks(struct tcpcb *tp);
 void	 tcp_clean_sackreport(struct tcpcb *tp);
-void	 tcp_sack_adjust(struct tcpcb *tp);
+int	 tcp_sack_adjust(struct tcpcb *tp);
 struct sackhole *tcp_sack_output(struct tcpcb *tp, int *sack_bytes_rexmt);
 void	 tcp_do_prr_ack(struct tcpcb *, struct tcphdr *, struct tcpopt *, sackstatus_t);
 void	 tcp_lost_retransmission(struct tcpcb *, struct tcphdr *);