// SPDX-License-Identifier: GPL-2.0-or-later
/*
 *  net/dccp/output.c
 *
 *  An implementation of the DCCP protocol
 *  Arnaldo Carvalho de Melo <acme@conectiva.com.br>
 */

#include <linux/dccp.h>
#include <linux/kernel.h>
#include <linux/skbuff.h>
#include <linux/slab.h>
#include <linux/sched/signal.h>

#include <net/inet_sock.h>
#include <net/sock.h>

#include "ackvec.h"
#include "ccid.h"
#include "dccp.h"

static inline void dccp_event_ack_sent(struct sock *sk)
{
        inet_csk_clear_xmit_timer(sk, ICSK_TIME_DACK);
}

/* enqueue @skb on sk_send_head for retransmission, return clone to send now */
static struct sk_buff *dccp_skb_entail(struct sock *sk, struct sk_buff *skb)
{
        skb_set_owner_w(skb, sk);
        WARN_ON(sk->sk_send_head);
        sk->sk_send_head = skb;
        return skb_clone(sk->sk_send_head, gfp_any());
}

/*
 * All SKB's seen here are completely headerless. It is our
 * job to build the DCCP header, and pass the packet down to
 * IP so it can do the same plus pass the packet off to the
 * device.
 */
static int dccp_transmit_skb(struct sock *sk, struct sk_buff *skb)
{
        if (likely(skb != NULL)) {
                struct inet_sock *inet = inet_sk(sk);
                const struct inet_connection_sock *icsk = inet_csk(sk);
                struct dccp_sock *dp = dccp_sk(sk);
                struct dccp_skb_cb *dcb = DCCP_SKB_CB(skb);
                struct dccp_hdr *dh;
                /* XXX For now we're using only 48 bits sequence numbers */
                const u32 dccp_header_size = sizeof(*dh) +
                                             sizeof(struct dccp_hdr_ext) +
                                          dccp_packet_hdr_len(dcb->dccpd_type);
                int err, set_ack = 1;
                u64 ackno = dp->dccps_gsr;
                /*
                 * Increment GSS here already in case the option code needs it.
                 * Update GSS for real only if option processing below succeeds.
                 */
                dcb->dccpd_seq = ADD48(dp->dccps_gss, 1);

                switch (dcb->dccpd_type) {
                case DCCP_PKT_DATA:
                        set_ack = 0;
                        fallthrough;
                case DCCP_PKT_DATAACK:
                case DCCP_PKT_RESET:
                        break;

                case DCCP_PKT_REQUEST:
                        set_ack = 0;
                        /* Use ISS on the first (non-retransmitted) Request. */
                        if (icsk->icsk_retransmits == 0)
                                dcb->dccpd_seq = dp->dccps_iss;
                        fallthrough;

                case DCCP_PKT_SYNC:
                case DCCP_PKT_SYNCACK:
                        ackno = dcb->dccpd_ack_seq;
                        fallthrough;
                default:
                        /*
                         * Set owner/destructor: some skbs are allocated via
                         * alloc_skb (e.g. when retransmission may happen).
                         * Only Data, DataAck, and Reset packets should come
                         * through here with skb->sk set.
                         */
                        WARN_ON(skb->sk);
                        skb_set_owner_w(skb, sk);
                        break;
                }

                if (dccp_insert_options(sk, skb)) {
                        kfree_skb(skb);
                        return -EPROTO;
                }


                /* Build DCCP header and checksum it. */
                dh = dccp_zeroed_hdr(skb, dccp_header_size);
                dh->dccph_type  = dcb->dccpd_type;
                dh->dccph_sport = inet->inet_sport;
                dh->dccph_dport = inet->inet_dport;
                dh->dccph_doff  = (dccp_header_size + dcb->dccpd_opt_len) / 4;
                dh->dccph_ccval = dcb->dccpd_ccval;
                dh->dccph_cscov = dp->dccps_pcslen;
                /* XXX For now we're using only 48 bits sequence numbers */
                dh->dccph_x     = 1;

                dccp_update_gss(sk, dcb->dccpd_seq);
                dccp_hdr_set_seq(dh, dp->dccps_gss);
                if (set_ack)
                        dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), ackno);

                switch (dcb->dccpd_type) {
                case DCCP_PKT_REQUEST:
                        dccp_hdr_request(skb)->dccph_req_service =
                                                        dp->dccps_service;
                        /*
                         * Limit Ack window to ISS <= P.ackno <= GSS, so that
                         * only Responses to Requests we sent are considered.
                         */
                        dp->dccps_awl = dp->dccps_iss;
                        break;
                case DCCP_PKT_RESET:
                        dccp_hdr_reset(skb)->dccph_reset_code =
                                                        dcb->dccpd_reset_code;
                        break;
                }

                icsk->icsk_af_ops->send_check(sk, skb);

                if (set_ack)
                        dccp_event_ack_sent(sk);

                DCCP_INC_STATS(DCCP_MIB_OUTSEGS);

                err = icsk->icsk_af_ops->queue_xmit(sk, skb, &inet->cork.fl);
                return net_xmit_eval(err);
        }
        return -ENOBUFS;
}

/**
 * dccp_determine_ccmps  -  Find out about CCID-specific packet-size limits
 * @dp: socket to find packet size limits of
 *
 * We only consider the HC-sender CCID for setting the CCMPS (RFC 4340, 14.),
 * since the RX CCID is restricted to feedback packets (Acks), which are small
 * in comparison with the data traffic. A value of 0 means "no current CCMPS".
 */
static u32 dccp_determine_ccmps(const struct dccp_sock *dp)
{
        const struct ccid *tx_ccid = dp->dccps_hc_tx_ccid;

        if (tx_ccid == NULL || tx_ccid->ccid_ops == NULL)
                return 0;
        return tx_ccid->ccid_ops->ccid_ccmps;
}

unsigned int dccp_sync_mss(struct sock *sk, u32 pmtu)
{
        struct inet_connection_sock *icsk = inet_csk(sk);
        struct dccp_sock *dp = dccp_sk(sk);
        u32 ccmps = dccp_determine_ccmps(dp);
        u32 cur_mps = ccmps ? min(pmtu, ccmps) : pmtu;

        /* Account for header lengths and IPv4/v6 option overhead */
        cur_mps -= (icsk->icsk_af_ops->net_header_len + icsk->icsk_ext_hdr_len +
                    sizeof(struct dccp_hdr) + sizeof(struct dccp_hdr_ext));

        /*
         * Leave enough headroom for common DCCP header options.
         * This only considers options which may appear on DCCP-Data packets, as
         * per table 3 in RFC 4340, 5.8. When running out of space for other
         * options (eg. Ack Vector which can take up to 255 bytes), it is better
         * to schedule a separate Ack. Thus we leave headroom for the following:
         *  - 1 byte for Slow Receiver (11.6)
         *  - 6 bytes for Timestamp (13.1)
         *  - 10 bytes for Timestamp Echo (13.3)
         *  - 8 bytes for NDP count (7.7, when activated)
         *  - 6 bytes for Data Checksum (9.3)
         *  - %DCCPAV_MIN_OPTLEN bytes for Ack Vector size (11.4, when enabled)
         */
        cur_mps -= roundup(1 + 6 + 10 + dp->dccps_send_ndp_count * 8 + 6 +
                           (dp->dccps_hc_rx_ackvec ? DCCPAV_MIN_OPTLEN : 0), 4);

        /* And store cached results */
        icsk->icsk_pmtu_cookie = pmtu;
        dp->dccps_mss_cache = cur_mps;

        return cur_mps;
}

EXPORT_SYMBOL_GPL(dccp_sync_mss);

void dccp_write_space(struct sock *sk)
{
        struct socket_wq *wq;

        rcu_read_lock();
        wq = rcu_dereference(sk->sk_wq);
        if (skwq_has_sleeper(wq))
                wake_up_interruptible(&wq->wait);
        /* Should agree with poll, otherwise some programs break */
        if (sock_writeable(sk))
                sk_wake_async(sk, SOCK_WAKE_SPACE, POLL_OUT);

        rcu_read_unlock();
}

/**
 * dccp_wait_for_ccid  -  Await CCID send permission
 * @sk:    socket to wait for
 * @delay: timeout in jiffies
 *
 * This is used by CCIDs which need to delay the send time in process context.
 */
static int dccp_wait_for_ccid(struct sock *sk, unsigned long delay)
{
        DEFINE_WAIT(wait);
        long remaining;

        prepare_to_wait(sk_sleep(sk), &wait, TASK_INTERRUPTIBLE);
        sk->sk_write_pending++;
        release_sock(sk);

        remaining = schedule_timeout(delay);

        lock_sock(sk);
        sk->sk_write_pending--;
        finish_wait(sk_sleep(sk), &wait);

        if (signal_pending(current) || sk->sk_err)
                return -1;
        return remaining;
}

/**
 * dccp_xmit_packet  -  Send data packet under control of CCID
 * @sk: socket to send data packet on
 *
 * Transmits next-queued payload and informs CCID to account for the packet.
 */
static void dccp_xmit_packet(struct sock *sk)
{
        int err, len;
        struct dccp_sock *dp = dccp_sk(sk);
        struct sk_buff *skb = dccp_qpolicy_pop(sk);

        if (unlikely(skb == NULL))
                return;
        len = skb->len;

        if (sk->sk_state == DCCP_PARTOPEN) {
                const u32 cur_mps = dp->dccps_mss_cache - DCCP_FEATNEG_OVERHEAD;
                /*
                 * See 8.1.5 - Handshake Completion.
                 *
                 * For robustness we resend Confirm options until the client has
                 * entered OPEN. During the initial feature negotiation, the MPS
                 * is smaller than usual, reduced by the Change/Confirm options.
                 */
                if (!list_empty(&dp->dccps_featneg) && len > cur_mps) {
                        DCCP_WARN("Payload too large (%d) for featneg.\n", len);
                        dccp_send_ack(sk);
                        dccp_feat_list_purge(&dp->dccps_featneg);
                }

                inet_csk_schedule_ack(sk);
                inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK,
                                              inet_csk(sk)->icsk_rto,
                                              DCCP_RTO_MAX);
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_DATAACK;
        } else if (dccp_ack_pending(sk)) {
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_DATAACK;
        } else {
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_DATA;
        }

        err = dccp_transmit_skb(sk, skb);
        if (err)
                dccp_pr_debug("transmit_skb() returned err=%d\n", err);
        /*
         * Register this one as sent even if an error occurred. To the remote
         * end a local packet drop is indistinguishable from network loss, i.e.
         * any local drop will eventually be reported via receiver feedback.
         */
        ccid_hc_tx_packet_sent(dp->dccps_hc_tx_ccid, sk, len);

        /*
         * If the CCID needs to transfer additional header options out-of-band
         * (e.g. Ack Vectors or feature-negotiation options), it activates this
         * flag to schedule a Sync. The Sync will automatically incorporate all
         * currently pending header options, thus clearing the backlog.
         */
        if (dp->dccps_sync_scheduled)
                dccp_send_sync(sk, dp->dccps_gsr, DCCP_PKT_SYNC);
}

/**
 * dccp_flush_write_queue  -  Drain queue at end of connection
 * @sk: socket to be drained
 * @time_budget: time allowed to drain the queue
 *
 * Since dccp_sendmsg queues packets without waiting for them to be sent, it may
 * happen that the TX queue is not empty at the end of a connection. We give the
 * HC-sender CCID a grace period of up to @time_budget jiffies. If this function
 * returns with a non-empty write queue, it will be purged later.
 */
void dccp_flush_write_queue(struct sock *sk, long *time_budget)
{
        struct dccp_sock *dp = dccp_sk(sk);
        struct sk_buff *skb;
        long delay, rc;

        while (*time_budget > 0 && (skb = skb_peek(&sk->sk_write_queue))) {
                rc = ccid_hc_tx_send_packet(dp->dccps_hc_tx_ccid, sk, skb);

                switch (ccid_packet_dequeue_eval(rc)) {
                case CCID_PACKET_WILL_DEQUEUE_LATER:
                        /*
                         * If the CCID determines when to send, the next sending
                         * time is unknown or the CCID may not even send again
                         * (e.g. remote host crashes or lost Ack packets).
                         */
                        DCCP_WARN("CCID did not manage to send all packets\n");
                        return;
                case CCID_PACKET_DELAY:
                        delay = msecs_to_jiffies(rc);
                        if (delay > *time_budget)
                                return;
                        rc = dccp_wait_for_ccid(sk, delay);
                        if (rc < 0)
                                return;
                        *time_budget -= (delay - rc);
                        /* check again if we can send now */
                        break;
                case CCID_PACKET_SEND_AT_ONCE:
                        dccp_xmit_packet(sk);
                        break;
                case CCID_PACKET_ERR:
                        skb_dequeue(&sk->sk_write_queue);
                        kfree_skb(skb);
                        dccp_pr_debug("packet discarded due to err=%ld\n", rc);
                }
        }
}

void dccp_write_xmit(struct sock *sk)
{
        struct dccp_sock *dp = dccp_sk(sk);
        struct sk_buff *skb;

        while ((skb = dccp_qpolicy_top(sk))) {
                int rc = ccid_hc_tx_send_packet(dp->dccps_hc_tx_ccid, sk, skb);

                switch (ccid_packet_dequeue_eval(rc)) {
                case CCID_PACKET_WILL_DEQUEUE_LATER:
                        return;
                case CCID_PACKET_DELAY:
                        sk_reset_timer(sk, &dp->dccps_xmit_timer,
                                       jiffies + msecs_to_jiffies(rc));
                        return;
                case CCID_PACKET_SEND_AT_ONCE:
                        dccp_xmit_packet(sk);
                        break;
                case CCID_PACKET_ERR:
                        dccp_qpolicy_drop(sk, skb);
                        dccp_pr_debug("packet discarded due to err=%d\n", rc);
                }
        }
}

/**
 * dccp_retransmit_skb  -  Retransmit Request, Close, or CloseReq packets
 * @sk: socket to perform retransmit on
 *
 * There are only four retransmittable packet types in DCCP:
 * - Request  in client-REQUEST  state (sec. 8.1.1),
 * - CloseReq in server-CLOSEREQ state (sec. 8.3),
 * - Close    in   node-CLOSING  state (sec. 8.3),
 * - Acks in client-PARTOPEN state (sec. 8.1.5, handled by dccp_delack_timer()).
 * This function expects sk->sk_send_head to contain the original skb.
 */
int dccp_retransmit_skb(struct sock *sk)
{
        WARN_ON(sk->sk_send_head == NULL);

        if (inet_csk(sk)->icsk_af_ops->rebuild_header(sk) != 0)
                return -EHOSTUNREACH; /* Routing failure or similar. */

        /* this count is used to distinguish original and retransmitted skb */
        inet_csk(sk)->icsk_retransmits++;

        return dccp_transmit_skb(sk, skb_clone(sk->sk_send_head, GFP_ATOMIC));
}

struct sk_buff *dccp_make_response(const struct sock *sk, struct dst_entry *dst,
                                   struct request_sock *req)
{
        struct dccp_hdr *dh;
        struct dccp_request_sock *dreq;
        const u32 dccp_header_size = sizeof(struct dccp_hdr) +
                                     sizeof(struct dccp_hdr_ext) +
                                     sizeof(struct dccp_hdr_response);
        struct sk_buff *skb;

        /* sk is marked const to clearly express we dont hold socket lock.
         * sock_wmalloc() will atomically change sk->sk_wmem_alloc,
         * it is safe to promote sk to non const.
         */
        skb = sock_wmalloc((struct sock *)sk, MAX_DCCP_HEADER, 1,
                           GFP_ATOMIC);
        if (!skb)
                return NULL;

        skb_reserve(skb, MAX_DCCP_HEADER);

        skb_dst_set(skb, dst_clone(dst));

        dreq = dccp_rsk(req);
        if (inet_rsk(req)->acked)       /* increase GSS upon retransmission */
                dccp_inc_seqno(&dreq->dreq_gss);
        DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_RESPONSE;
        DCCP_SKB_CB(skb)->dccpd_seq  = dreq->dreq_gss;

        /* Resolve feature dependencies resulting from choice of CCID */
        if (dccp_feat_server_ccid_dependencies(dreq))
                goto response_failed;

        if (dccp_insert_options_rsk(dreq, skb))
                goto response_failed;

        /* Build and checksum header */
        dh = dccp_zeroed_hdr(skb, dccp_header_size);

        dh->dccph_sport = htons(inet_rsk(req)->ir_num);
        dh->dccph_dport = inet_rsk(req)->ir_rmt_port;
        dh->dccph_doff  = (dccp_header_size +
                           DCCP_SKB_CB(skb)->dccpd_opt_len) / 4;
        dh->dccph_type  = DCCP_PKT_RESPONSE;
        dh->dccph_x     = 1;
        dccp_hdr_set_seq(dh, dreq->dreq_gss);
        dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), dreq->dreq_gsr);
        dccp_hdr_response(skb)->dccph_resp_service = dreq->dreq_service;

        dccp_csum_outgoing(skb);

        /* We use `acked' to remember that a Response was already sent. */
        inet_rsk(req)->acked = 1;
        DCCP_INC_STATS(DCCP_MIB_OUTSEGS);
        return skb;
response_failed:
        kfree_skb(skb);
        return NULL;
}

EXPORT_SYMBOL_GPL(dccp_make_response);

/* answer offending packet in @rcv_skb with Reset from control socket @ctl */
struct sk_buff *dccp_ctl_make_reset(struct sock *sk, struct sk_buff *rcv_skb)
{
        struct dccp_hdr *rxdh = dccp_hdr(rcv_skb), *dh;
        struct dccp_skb_cb *dcb = DCCP_SKB_CB(rcv_skb);
        const u32 dccp_hdr_reset_len = sizeof(struct dccp_hdr) +
                                       sizeof(struct dccp_hdr_ext) +
                                       sizeof(struct dccp_hdr_reset);
        struct dccp_hdr_reset *dhr;
        struct sk_buff *skb;

        skb = alloc_skb(sk->sk_prot->max_header, GFP_ATOMIC);
        if (skb == NULL)
                return NULL;

        skb_reserve(skb, sk->sk_prot->max_header);

        /* Swap the send and the receive. */
        dh = dccp_zeroed_hdr(skb, dccp_hdr_reset_len);
        dh->dccph_type  = DCCP_PKT_RESET;
        dh->dccph_sport = rxdh->dccph_dport;
        dh->dccph_dport = rxdh->dccph_sport;
        dh->dccph_doff  = dccp_hdr_reset_len / 4;
        dh->dccph_x     = 1;

        dhr = dccp_hdr_reset(skb);
        dhr->dccph_reset_code = dcb->dccpd_reset_code;

        switch (dcb->dccpd_reset_code) {
        case DCCP_RESET_CODE_PACKET_ERROR:
                dhr->dccph_reset_data[0] = rxdh->dccph_type;
                break;
        case DCCP_RESET_CODE_OPTION_ERROR:
        case DCCP_RESET_CODE_MANDATORY_ERROR:
                memcpy(dhr->dccph_reset_data, dcb->dccpd_reset_data, 3);
                break;
        }
        /*
         * From RFC 4340, 8.3.1:
         *   If P.ackno exists, set R.seqno := P.ackno + 1.
         *   Else set R.seqno := 0.
         */
        if (dcb->dccpd_ack_seq != DCCP_PKT_WITHOUT_ACK_SEQ)
                dccp_hdr_set_seq(dh, ADD48(dcb->dccpd_ack_seq, 1));
        dccp_hdr_set_ack(dccp_hdr_ack_bits(skb), dcb->dccpd_seq);

        dccp_csum_outgoing(skb);
        return skb;
}

EXPORT_SYMBOL_GPL(dccp_ctl_make_reset);

/* send Reset on established socket, to close or abort the connection */
int dccp_send_reset(struct sock *sk, enum dccp_reset_codes code)
{
        struct sk_buff *skb;
        /*
         * FIXME: what if rebuild_header fails?
         * Should we be doing a rebuild_header here?
         */
        int err = inet_csk(sk)->icsk_af_ops->rebuild_header(sk);

        if (err != 0)
                return err;

        skb = sock_wmalloc(sk, sk->sk_prot->max_header, 1, GFP_ATOMIC);
        if (skb == NULL)
                return -ENOBUFS;

        /* Reserve space for headers and prepare control bits. */
        skb_reserve(skb, sk->sk_prot->max_header);
        DCCP_SKB_CB(skb)->dccpd_type       = DCCP_PKT_RESET;
        DCCP_SKB_CB(skb)->dccpd_reset_code = code;

        return dccp_transmit_skb(sk, skb);
}

/*
 * Do all connect socket setups that can be done AF independent.
 */
int dccp_connect(struct sock *sk)
{
        struct sk_buff *skb;
        struct dccp_sock *dp = dccp_sk(sk);
        struct dst_entry *dst = __sk_dst_get(sk);
        struct inet_connection_sock *icsk = inet_csk(sk);

        sk->sk_err = 0;
        sock_reset_flag(sk, SOCK_DONE);

        dccp_sync_mss(sk, dst_mtu(dst));

        /* do not connect if feature negotiation setup fails */
        if (dccp_feat_finalise_settings(dccp_sk(sk)))
                return -EPROTO;

        /* Initialise GAR as per 8.5; AWL/AWH are set in dccp_transmit_skb() */
        dp->dccps_gar = dp->dccps_iss;

        skb = alloc_skb(sk->sk_prot->max_header, sk->sk_allocation);
        if (unlikely(skb == NULL))
                return -ENOBUFS;

        /* Reserve space for headers. */
        skb_reserve(skb, sk->sk_prot->max_header);

        DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_REQUEST;

        dccp_transmit_skb(sk, dccp_skb_entail(sk, skb));
        DCCP_INC_STATS(DCCP_MIB_ACTIVEOPENS);

        /* Timer for repeating the REQUEST until an answer. */
        icsk->icsk_retransmits = 0;
        inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
                                  icsk->icsk_rto, DCCP_RTO_MAX);
        return 0;
}

EXPORT_SYMBOL_GPL(dccp_connect);

void dccp_send_ack(struct sock *sk)
{
        /* If we have been reset, we may not send again. */
        if (sk->sk_state != DCCP_CLOSED) {
                struct sk_buff *skb = alloc_skb(sk->sk_prot->max_header,
                                                GFP_ATOMIC);

                if (skb == NULL) {
                        inet_csk_schedule_ack(sk);
                        inet_csk(sk)->icsk_ack.ato = TCP_ATO_MIN;
                        inet_csk_reset_xmit_timer(sk, ICSK_TIME_DACK,
                                                  TCP_DELACK_MAX,
                                                  DCCP_RTO_MAX);
                        return;
                }

                /* Reserve space for headers */
                skb_reserve(skb, sk->sk_prot->max_header);
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_ACK;
                dccp_transmit_skb(sk, skb);
        }
}

EXPORT_SYMBOL_GPL(dccp_send_ack);

#if 0
/* FIXME: Is this still necessary (11.3) - currently nowhere used by DCCP. */
void dccp_send_delayed_ack(struct sock *sk)
{
        struct inet_connection_sock *icsk = inet_csk(sk);
        /*
         * FIXME: tune this timer. elapsed time fixes the skew, so no problem
         * with using 2s, and active senders also piggyback the ACK into a
         * DATAACK packet, so this is really for quiescent senders.
         */
        unsigned long timeout = jiffies + 2 * HZ;

        /* Use new timeout only if there wasn't a older one earlier. */
        if (icsk->icsk_ack.pending & ICSK_ACK_TIMER) {
                /* If delack timer was blocked or is about to expire,
                 * send ACK now.
                 *
                 * FIXME: check the "about to expire" part
                 */
                if (icsk->icsk_ack.blocked) {
                        dccp_send_ack(sk);
                        return;
                }

                if (!time_before(timeout, icsk->icsk_ack.timeout))
                        timeout = icsk->icsk_ack.timeout;
        }
        icsk->icsk_ack.pending |= ICSK_ACK_SCHED | ICSK_ACK_TIMER;
        icsk->icsk_ack.timeout = timeout;
        sk_reset_timer(sk, &icsk->icsk_delack_timer, timeout);
}
#endif

void dccp_send_sync(struct sock *sk, const u64 ackno,
                    const enum dccp_pkt_type pkt_type)
{
        /*
         * We are not putting this on the write queue, so
         * dccp_transmit_skb() will set the ownership to this
         * sock.
         */
        struct sk_buff *skb = alloc_skb(sk->sk_prot->max_header, GFP_ATOMIC);

        if (skb == NULL) {
                /* FIXME: how to make sure the sync is sent? */
                DCCP_CRIT("could not send %s", dccp_packet_name(pkt_type));
                return;
        }

        /* Reserve space for headers and prepare control bits. */
        skb_reserve(skb, sk->sk_prot->max_header);
        DCCP_SKB_CB(skb)->dccpd_type = pkt_type;
        DCCP_SKB_CB(skb)->dccpd_ack_seq = ackno;

        /*
         * Clear the flag in case the Sync was scheduled for out-of-band data,
         * such as carrying a long Ack Vector.
         */
        dccp_sk(sk)->dccps_sync_scheduled = 0;

        dccp_transmit_skb(sk, skb);
}

EXPORT_SYMBOL_GPL(dccp_send_sync);

/*
 * Send a DCCP_PKT_CLOSE/CLOSEREQ. The caller locks the socket for us. This
 * cannot be allowed to fail queueing a DCCP_PKT_CLOSE/CLOSEREQ frame under
 * any circumstances.
 */
void dccp_send_close(struct sock *sk, const int active)
{
        struct dccp_sock *dp = dccp_sk(sk);
        struct sk_buff *skb;
        const gfp_t prio = active ? GFP_KERNEL : GFP_ATOMIC;

        skb = alloc_skb(sk->sk_prot->max_header, prio);
        if (skb == NULL)
                return;

        /* Reserve space for headers and prepare control bits. */
        skb_reserve(skb, sk->sk_prot->max_header);
        if (dp->dccps_role == DCCP_ROLE_SERVER && !dp->dccps_server_timewait)
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_CLOSEREQ;
        else
                DCCP_SKB_CB(skb)->dccpd_type = DCCP_PKT_CLOSE;

        if (active) {
                skb = dccp_skb_entail(sk, skb);
                /*
                 * Retransmission timer for active-close: RFC 4340, 8.3 requires
                 * to retransmit the Close/CloseReq until the CLOSING/CLOSEREQ
                 * state can be left. The initial timeout is 2 RTTs.
                 * Since RTT measurement is done by the CCIDs, there is no easy
                 * way to get an RTT sample. The fallback RTT from RFC 4340, 3.4
                 * is too low (200ms); we use a high value to avoid unnecessary
                 * retransmissions when the link RTT is > 0.2 seconds.
                 * FIXME: Let main module sample RTTs and use that instead.
                 */
                inet_csk_reset_xmit_timer(sk, ICSK_TIME_RETRANS,
                                          DCCP_TIMEOUT_INIT, DCCP_RTO_MAX);
        }
        dccp_transmit_skb(sk, skb);
}