2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
8 * Version: $Id: route.c,v 1.103 2002/01/12 07:44:09 davem Exp $
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
13 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
14 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 * Alan Cox : Verify area fixes.
18 * Alan Cox : cli() protects routing changes
19 * Rui Oliveira : ICMP routing table updates
20 * (rco@di.uminho.pt) Routing table insertion and update
21 * Linus Torvalds : Rewrote bits to be sensible
22 * Alan Cox : Added BSD route gw semantics
23 * Alan Cox : Super /proc >4K
24 * Alan Cox : MTU in route table
25 * Alan Cox : MSS actually. Also added the window
27 * Sam Lantinga : Fixed route matching in rt_del()
28 * Alan Cox : Routing cache support.
29 * Alan Cox : Removed compatibility cruft.
30 * Alan Cox : RTF_REJECT support.
31 * Alan Cox : TCP irtt support.
32 * Jonathan Naylor : Added Metric support.
33 * Miquel van Smoorenburg : BSD API fixes.
34 * Miquel van Smoorenburg : Metrics.
35 * Alan Cox : Use __u32 properly
36 * Alan Cox : Aligned routing errors more closely with BSD
37 * our system is still very different.
38 * Alan Cox : Faster /proc handling
39 * Alexey Kuznetsov : Massive rework to support tree based routing,
40 * routing caches and better behaviour.
42 * Olaf Erb : irtt wasn't being copied right.
43 * Bjorn Ekwall : Kerneld route support.
44 * Alan Cox : Multicast fixed (I hope)
45 * Pavel Krauz : Limited broadcast fixed
46 * Mike McLagan : Routing by source
47 * Alexey Kuznetsov : End of old history. Split to fib.c and
48 * route.c and rewritten from scratch.
49 * Andi Kleen : Load-limit warning messages.
50 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
51 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
52 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
53 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
54 * Marc Boucher : routing by fwmark
55 * Robert Olsson : Added rt_cache statistics
56 * Arnaldo C. Melo : Convert proc stuff to seq_file
57 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
58 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
59 * Ilia Sotnikov : Removed TOS from hash calculations
61 * This program is free software; you can redistribute it and/or
62 * modify it under the terms of the GNU General Public License
63 * as published by the Free Software Foundation; either version
64 * 2 of the License, or (at your option) any later version.
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <asm/system.h>
70 #include <linux/bitops.h>
71 #include <linux/types.h>
72 #include <linux/kernel.h>
74 #include <linux/bootmem.h>
75 #include <linux/string.h>
76 #include <linux/socket.h>
77 #include <linux/sockios.h>
78 #include <linux/errno.h>
80 #include <linux/inet.h>
81 #include <linux/netdevice.h>
82 #include <linux/proc_fs.h>
83 #include <linux/init.h>
84 #include <linux/workqueue.h>
85 #include <linux/skbuff.h>
86 #include <linux/inetdevice.h>
87 #include <linux/igmp.h>
88 #include <linux/pkt_sched.h>
89 #include <linux/mroute.h>
90 #include <linux/netfilter_ipv4.h>
91 #include <linux/random.h>
92 #include <linux/jhash.h>
93 #include <linux/rcupdate.h>
94 #include <linux/times.h>
96 #include <net/net_namespace.h>
97 #include <net/protocol.h>
99 #include <net/route.h>
100 #include <net/inetpeer.h>
101 #include <net/sock.h>
102 #include <net/ip_fib.h>
105 #include <net/icmp.h>
106 #include <net/xfrm.h>
107 #include <net/netevent.h>
108 #include <net/rtnetlink.h>
110 #include <linux/sysctl.h>
113 #define RT_FL_TOS(oldflp) \
114 ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
116 #define IP_MAX_MTU 0xFFF0
118 #define RT_GC_TIMEOUT (300*HZ)
120 static int ip_rt_min_delay = 2 * HZ;
121 static int ip_rt_max_delay = 10 * HZ;
122 static int ip_rt_max_size;
123 static int ip_rt_gc_timeout = RT_GC_TIMEOUT;
124 static int ip_rt_gc_interval = 60 * HZ;
125 static int ip_rt_gc_min_interval = HZ / 2;
126 static int ip_rt_redirect_number = 9;
127 static int ip_rt_redirect_load = HZ / 50;
128 static int ip_rt_redirect_silence = ((HZ / 50) << (9 + 1));
129 static int ip_rt_error_cost = HZ;
130 static int ip_rt_error_burst = 5 * HZ;
131 static int ip_rt_gc_elasticity = 8;
132 static int ip_rt_mtu_expires = 10 * 60 * HZ;
133 static int ip_rt_min_pmtu = 512 + 20 + 20;
134 static int ip_rt_min_advmss = 256;
135 static int ip_rt_secret_interval = 10 * 60 * HZ;
136 static int ip_rt_flush_expected;
137 static unsigned long rt_deadline;
139 #define RTprint(a...) printk(KERN_DEBUG a)
141 static struct timer_list rt_flush_timer;
142 static void rt_worker_func(struct work_struct *work);
143 static DECLARE_DELAYED_WORK(expires_work, rt_worker_func);
144 static struct timer_list rt_secret_timer;
147 * Interface to generic destination cache.
150 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
151 static void ipv4_dst_destroy(struct dst_entry *dst);
152 static void ipv4_dst_ifdown(struct dst_entry *dst,
153 struct net_device *dev, int how);
154 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
155 static void ipv4_link_failure(struct sk_buff *skb);
156 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
157 static int rt_garbage_collect(void);
160 static struct dst_ops ipv4_dst_ops = {
162 .protocol = __constant_htons(ETH_P_IP),
163 .gc = rt_garbage_collect,
164 .check = ipv4_dst_check,
165 .destroy = ipv4_dst_destroy,
166 .ifdown = ipv4_dst_ifdown,
167 .negative_advice = ipv4_negative_advice,
168 .link_failure = ipv4_link_failure,
169 .update_pmtu = ip_rt_update_pmtu,
170 .local_out = ip_local_out,
171 .entry_size = sizeof(struct rtable),
174 #define ECN_OR_COST(class) TC_PRIO_##class
176 const __u8 ip_tos2prio[16] = {
180 ECN_OR_COST(BESTEFFORT),
186 ECN_OR_COST(INTERACTIVE),
188 ECN_OR_COST(INTERACTIVE),
189 TC_PRIO_INTERACTIVE_BULK,
190 ECN_OR_COST(INTERACTIVE_BULK),
191 TC_PRIO_INTERACTIVE_BULK,
192 ECN_OR_COST(INTERACTIVE_BULK)
200 /* The locking scheme is rather straight forward:
202 * 1) Read-Copy Update protects the buckets of the central route hash.
203 * 2) Only writers remove entries, and they hold the lock
204 * as they look at rtable reference counts.
205 * 3) Only readers acquire references to rtable entries,
206 * they do so with atomic increments and with the
210 struct rt_hash_bucket {
211 struct rtable *chain;
213 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
214 defined(CONFIG_PROVE_LOCKING)
216 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
217 * The size of this table is a power of two and depends on the number of CPUS.
218 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
220 #ifdef CONFIG_LOCKDEP
221 # define RT_HASH_LOCK_SZ 256
224 # define RT_HASH_LOCK_SZ 4096
226 # define RT_HASH_LOCK_SZ 2048
228 # define RT_HASH_LOCK_SZ 1024
230 # define RT_HASH_LOCK_SZ 512
232 # define RT_HASH_LOCK_SZ 256
236 static spinlock_t *rt_hash_locks;
237 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
238 # define rt_hash_lock_init() { \
240 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ, GFP_KERNEL); \
241 if (!rt_hash_locks) panic("IP: failed to allocate rt_hash_locks\n"); \
242 for (i = 0; i < RT_HASH_LOCK_SZ; i++) \
243 spin_lock_init(&rt_hash_locks[i]); \
246 # define rt_hash_lock_addr(slot) NULL
247 # define rt_hash_lock_init()
250 static struct rt_hash_bucket *rt_hash_table;
251 static unsigned rt_hash_mask;
252 static unsigned int rt_hash_log;
253 static unsigned int rt_hash_rnd;
255 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
256 #define RT_CACHE_STAT_INC(field) \
257 (__raw_get_cpu_var(rt_cache_stat).field++)
259 static int rt_intern_hash(unsigned hash, struct rtable *rth,
260 struct rtable **res);
262 static unsigned int rt_hash_code(u32 daddr, u32 saddr)
264 return (jhash_2words(daddr, saddr, rt_hash_rnd)
268 #define rt_hash(daddr, saddr, idx) \
269 rt_hash_code((__force u32)(__be32)(daddr),\
270 (__force u32)(__be32)(saddr) ^ ((idx) << 5))
272 #ifdef CONFIG_PROC_FS
273 struct rt_cache_iter_state {
277 static struct rtable *rt_cache_get_first(struct seq_file *seq)
279 struct rtable *r = NULL;
280 struct rt_cache_iter_state *st = seq->private;
282 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
284 r = rt_hash_table[st->bucket].chain;
287 rcu_read_unlock_bh();
289 return rcu_dereference(r);
292 static struct rtable *rt_cache_get_next(struct seq_file *seq, struct rtable *r)
294 struct rt_cache_iter_state *st = seq->private;
296 r = r->u.dst.rt_next;
298 rcu_read_unlock_bh();
299 if (--st->bucket < 0)
302 r = rt_hash_table[st->bucket].chain;
304 return rcu_dereference(r);
307 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
309 struct rtable *r = rt_cache_get_first(seq);
312 while (pos && (r = rt_cache_get_next(seq, r)))
314 return pos ? NULL : r;
317 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
319 return *pos ? rt_cache_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
322 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
324 struct rtable *r = NULL;
326 if (v == SEQ_START_TOKEN)
327 r = rt_cache_get_first(seq);
329 r = rt_cache_get_next(seq, v);
334 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
336 if (v && v != SEQ_START_TOKEN)
337 rcu_read_unlock_bh();
340 static int rt_cache_seq_show(struct seq_file *seq, void *v)
342 if (v == SEQ_START_TOKEN)
343 seq_printf(seq, "%-127s\n",
344 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
345 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
348 struct rtable *r = v;
351 sprintf(temp, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t"
352 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X",
353 r->u.dst.dev ? r->u.dst.dev->name : "*",
354 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway,
355 r->rt_flags, atomic_read(&r->u.dst.__refcnt),
356 r->u.dst.__use, 0, (unsigned long)r->rt_src,
357 (dst_metric(&r->u.dst, RTAX_ADVMSS) ?
358 (int)dst_metric(&r->u.dst, RTAX_ADVMSS) + 40 : 0),
359 dst_metric(&r->u.dst, RTAX_WINDOW),
360 (int)((dst_metric(&r->u.dst, RTAX_RTT) >> 3) +
361 dst_metric(&r->u.dst, RTAX_RTTVAR)),
363 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1,
364 r->u.dst.hh ? (r->u.dst.hh->hh_output ==
367 seq_printf(seq, "%-127s\n", temp);
372 static const struct seq_operations rt_cache_seq_ops = {
373 .start = rt_cache_seq_start,
374 .next = rt_cache_seq_next,
375 .stop = rt_cache_seq_stop,
376 .show = rt_cache_seq_show,
379 static int rt_cache_seq_open(struct inode *inode, struct file *file)
381 return seq_open_private(file, &rt_cache_seq_ops,
382 sizeof(struct rt_cache_iter_state));
385 static const struct file_operations rt_cache_seq_fops = {
386 .owner = THIS_MODULE,
387 .open = rt_cache_seq_open,
390 .release = seq_release_private,
394 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
399 return SEQ_START_TOKEN;
401 for (cpu = *pos-1; cpu < NR_CPUS; ++cpu) {
402 if (!cpu_possible(cpu))
405 return &per_cpu(rt_cache_stat, cpu);
410 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
414 for (cpu = *pos; cpu < NR_CPUS; ++cpu) {
415 if (!cpu_possible(cpu))
418 return &per_cpu(rt_cache_stat, cpu);
424 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
429 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
431 struct rt_cache_stat *st = v;
433 if (v == SEQ_START_TOKEN) {
434 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
438 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
439 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
440 atomic_read(&ipv4_dst_ops.entries),
463 static const struct seq_operations rt_cpu_seq_ops = {
464 .start = rt_cpu_seq_start,
465 .next = rt_cpu_seq_next,
466 .stop = rt_cpu_seq_stop,
467 .show = rt_cpu_seq_show,
471 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
473 return seq_open(file, &rt_cpu_seq_ops);
476 static const struct file_operations rt_cpu_seq_fops = {
477 .owner = THIS_MODULE,
478 .open = rt_cpu_seq_open,
481 .release = seq_release,
484 #endif /* CONFIG_PROC_FS */
486 static __inline__ void rt_free(struct rtable *rt)
488 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
491 static __inline__ void rt_drop(struct rtable *rt)
494 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
497 static __inline__ int rt_fast_clean(struct rtable *rth)
499 /* Kill broadcast/multicast entries very aggresively, if they
500 collide in hash table with more useful entries */
501 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
502 rth->fl.iif && rth->u.dst.rt_next;
505 static __inline__ int rt_valuable(struct rtable *rth)
507 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
511 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
516 if (atomic_read(&rth->u.dst.__refcnt))
520 if (rth->u.dst.expires &&
521 time_after_eq(jiffies, rth->u.dst.expires))
524 age = jiffies - rth->u.dst.lastuse;
526 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
527 (age <= tmo2 && rt_valuable(rth)))
533 /* Bits of score are:
535 * 30: not quite useless
536 * 29..0: usage counter
538 static inline u32 rt_score(struct rtable *rt)
540 u32 score = jiffies - rt->u.dst.lastuse;
542 score = ~score & ~(3<<30);
548 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
554 static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
556 return ((__force u32)((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) |
557 (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr)) |
558 (fl1->mark ^ fl2->mark) |
559 (*(u16 *)&fl1->nl_u.ip4_u.tos ^
560 *(u16 *)&fl2->nl_u.ip4_u.tos) |
561 (fl1->oif ^ fl2->oif) |
562 (fl1->iif ^ fl2->iif)) == 0;
566 * Perform a full scan of hash table and free all entries.
567 * Can be called by a softirq or a process.
568 * In the later case, we want to be reschedule if necessary
570 static void rt_do_flush(int process_context)
573 struct rtable *rth, *next;
575 for (i = 0; i <= rt_hash_mask; i++) {
576 if (process_context && need_resched())
578 rth = rt_hash_table[i].chain;
582 spin_lock_bh(rt_hash_lock_addr(i));
583 rth = rt_hash_table[i].chain;
584 rt_hash_table[i].chain = NULL;
585 spin_unlock_bh(rt_hash_lock_addr(i));
587 for (; rth; rth = next) {
588 next = rth->u.dst.rt_next;
594 static void rt_check_expire(void)
596 static unsigned int rover;
597 unsigned int i = rover, goal;
598 struct rtable *rth, **rthp;
601 mult = ((u64)ip_rt_gc_interval) << rt_hash_log;
602 if (ip_rt_gc_timeout > 1)
603 do_div(mult, ip_rt_gc_timeout);
604 goal = (unsigned int)mult;
605 if (goal > rt_hash_mask)
606 goal = rt_hash_mask + 1;
607 for (; goal > 0; goal--) {
608 unsigned long tmo = ip_rt_gc_timeout;
610 i = (i + 1) & rt_hash_mask;
611 rthp = &rt_hash_table[i].chain;
618 spin_lock_bh(rt_hash_lock_addr(i));
619 while ((rth = *rthp) != NULL) {
620 if (rth->u.dst.expires) {
621 /* Entry is expired even if it is in use */
622 if (time_before_eq(jiffies, rth->u.dst.expires)) {
624 rthp = &rth->u.dst.rt_next;
627 } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout)) {
629 rthp = &rth->u.dst.rt_next;
633 /* Cleanup aged off entries. */
634 *rthp = rth->u.dst.rt_next;
637 spin_unlock_bh(rt_hash_lock_addr(i));
643 * rt_worker_func() is run in process context.
644 * If a whole flush was scheduled, it is done.
645 * Else, we call rt_check_expire() to scan part of the hash table
647 static void rt_worker_func(struct work_struct *work)
649 if (ip_rt_flush_expected) {
650 ip_rt_flush_expected = 0;
654 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
657 /* This can run from both BH and non-BH contexts, the latter
658 * in the case of a forced flush event.
660 static void rt_run_flush(unsigned long process_context)
664 get_random_bytes(&rt_hash_rnd, 4);
666 rt_do_flush(process_context);
669 static DEFINE_SPINLOCK(rt_flush_lock);
671 void rt_cache_flush(int delay)
673 unsigned long now = jiffies;
674 int user_mode = !in_softirq();
677 delay = ip_rt_min_delay;
679 spin_lock_bh(&rt_flush_lock);
681 if (del_timer(&rt_flush_timer) && delay > 0 && rt_deadline) {
682 long tmo = (long)(rt_deadline - now);
684 /* If flush timer is already running
685 and flush request is not immediate (delay > 0):
687 if deadline is not achieved, prolongate timer to "delay",
688 otherwise fire it at deadline time.
691 if (user_mode && tmo < ip_rt_max_delay-ip_rt_min_delay)
699 spin_unlock_bh(&rt_flush_lock);
700 rt_run_flush(user_mode);
704 if (rt_deadline == 0)
705 rt_deadline = now + ip_rt_max_delay;
707 mod_timer(&rt_flush_timer, now+delay);
708 spin_unlock_bh(&rt_flush_lock);
712 * We change rt_hash_rnd and ask next rt_worker_func() invocation
713 * to perform a flush in process context
715 static void rt_secret_rebuild(unsigned long dummy)
717 get_random_bytes(&rt_hash_rnd, 4);
718 ip_rt_flush_expected = 1;
719 cancel_delayed_work(&expires_work);
720 schedule_delayed_work(&expires_work, HZ/10);
721 mod_timer(&rt_secret_timer, jiffies + ip_rt_secret_interval);
725 Short description of GC goals.
727 We want to build algorithm, which will keep routing cache
728 at some equilibrium point, when number of aged off entries
729 is kept approximately equal to newly generated ones.
731 Current expiration strength is variable "expire".
732 We try to adjust it dynamically, so that if networking
733 is idle expires is large enough to keep enough of warm entries,
734 and when load increases it reduces to limit cache size.
737 static int rt_garbage_collect(void)
739 static unsigned long expire = RT_GC_TIMEOUT;
740 static unsigned long last_gc;
742 static int equilibrium;
743 struct rtable *rth, **rthp;
744 unsigned long now = jiffies;
748 * Garbage collection is pretty expensive,
749 * do not make it too frequently.
752 RT_CACHE_STAT_INC(gc_total);
754 if (now - last_gc < ip_rt_gc_min_interval &&
755 atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) {
756 RT_CACHE_STAT_INC(gc_ignored);
760 /* Calculate number of entries, which we want to expire now. */
761 goal = atomic_read(&ipv4_dst_ops.entries) -
762 (ip_rt_gc_elasticity << rt_hash_log);
764 if (equilibrium < ipv4_dst_ops.gc_thresh)
765 equilibrium = ipv4_dst_ops.gc_thresh;
766 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
768 equilibrium += min_t(unsigned int, goal / 2, rt_hash_mask + 1);
769 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
772 /* We are in dangerous area. Try to reduce cache really
775 goal = max_t(unsigned int, goal / 2, rt_hash_mask + 1);
776 equilibrium = atomic_read(&ipv4_dst_ops.entries) - goal;
779 if (now - last_gc >= ip_rt_gc_min_interval)
790 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
791 unsigned long tmo = expire;
793 k = (k + 1) & rt_hash_mask;
794 rthp = &rt_hash_table[k].chain;
795 spin_lock_bh(rt_hash_lock_addr(k));
796 while ((rth = *rthp) != NULL) {
797 if (!rt_may_expire(rth, tmo, expire)) {
799 rthp = &rth->u.dst.rt_next;
802 *rthp = rth->u.dst.rt_next;
806 spin_unlock_bh(rt_hash_lock_addr(k));
815 /* Goal is not achieved. We stop process if:
817 - if expire reduced to zero. Otherwise, expire is halfed.
818 - if table is not full.
819 - if we are called from interrupt.
820 - jiffies check is just fallback/debug loop breaker.
821 We will not spin here for long time in any case.
824 RT_CACHE_STAT_INC(gc_goal_miss);
830 #if RT_CACHE_DEBUG >= 2
831 printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire,
832 atomic_read(&ipv4_dst_ops.entries), goal, i);
835 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
837 } while (!in_softirq() && time_before_eq(jiffies, now));
839 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
842 printk(KERN_WARNING "dst cache overflow\n");
843 RT_CACHE_STAT_INC(gc_dst_overflow);
847 expire += ip_rt_gc_min_interval;
848 if (expire > ip_rt_gc_timeout ||
849 atomic_read(&ipv4_dst_ops.entries) < ipv4_dst_ops.gc_thresh)
850 expire = ip_rt_gc_timeout;
851 #if RT_CACHE_DEBUG >= 2
852 printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire,
853 atomic_read(&ipv4_dst_ops.entries), goal, rover);
858 static int rt_intern_hash(unsigned hash, struct rtable *rt, struct rtable **rp)
860 struct rtable *rth, **rthp;
862 struct rtable *cand, **candp;
865 int attempts = !in_softirq();
874 rthp = &rt_hash_table[hash].chain;
876 spin_lock_bh(rt_hash_lock_addr(hash));
877 while ((rth = *rthp) != NULL) {
878 if (compare_keys(&rth->fl, &rt->fl)) {
880 *rthp = rth->u.dst.rt_next;
882 * Since lookup is lockfree, the deletion
883 * must be visible to another weakly ordered CPU before
884 * the insertion at the start of the hash chain.
886 rcu_assign_pointer(rth->u.dst.rt_next,
887 rt_hash_table[hash].chain);
889 * Since lookup is lockfree, the update writes
890 * must be ordered for consistency on SMP.
892 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
894 dst_use(&rth->u.dst, now);
895 spin_unlock_bh(rt_hash_lock_addr(hash));
902 if (!atomic_read(&rth->u.dst.__refcnt)) {
903 u32 score = rt_score(rth);
905 if (score <= min_score) {
914 rthp = &rth->u.dst.rt_next;
918 /* ip_rt_gc_elasticity used to be average length of chain
919 * length, when exceeded gc becomes really aggressive.
921 * The second limit is less certain. At the moment it allows
922 * only 2 entries per bucket. We will see.
924 if (chain_length > ip_rt_gc_elasticity) {
925 *candp = cand->u.dst.rt_next;
930 /* Try to bind route to arp only if it is output
931 route or unicast forwarding path.
933 if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) {
934 int err = arp_bind_neighbour(&rt->u.dst);
936 spin_unlock_bh(rt_hash_lock_addr(hash));
938 if (err != -ENOBUFS) {
943 /* Neighbour tables are full and nothing
944 can be released. Try to shrink route cache,
945 it is most likely it holds some neighbour records.
947 if (attempts-- > 0) {
948 int saved_elasticity = ip_rt_gc_elasticity;
949 int saved_int = ip_rt_gc_min_interval;
950 ip_rt_gc_elasticity = 1;
951 ip_rt_gc_min_interval = 0;
952 rt_garbage_collect();
953 ip_rt_gc_min_interval = saved_int;
954 ip_rt_gc_elasticity = saved_elasticity;
959 printk(KERN_WARNING "Neighbour table overflow.\n");
965 rt->u.dst.rt_next = rt_hash_table[hash].chain;
966 #if RT_CACHE_DEBUG >= 2
967 if (rt->u.dst.rt_next) {
969 printk(KERN_DEBUG "rt_cache @%02x: %u.%u.%u.%u", hash,
970 NIPQUAD(rt->rt_dst));
971 for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next)
972 printk(" . %u.%u.%u.%u", NIPQUAD(trt->rt_dst));
976 rt_hash_table[hash].chain = rt;
977 spin_unlock_bh(rt_hash_lock_addr(hash));
982 void rt_bind_peer(struct rtable *rt, int create)
984 static DEFINE_SPINLOCK(rt_peer_lock);
985 struct inet_peer *peer;
987 peer = inet_getpeer(rt->rt_dst, create);
989 spin_lock_bh(&rt_peer_lock);
990 if (rt->peer == NULL) {
994 spin_unlock_bh(&rt_peer_lock);
1000 * Peer allocation may fail only in serious out-of-memory conditions. However
1001 * we still can generate some output.
1002 * Random ID selection looks a bit dangerous because we have no chances to
1003 * select ID being unique in a reasonable period of time.
1004 * But broken packet identifier may be better than no packet at all.
1006 static void ip_select_fb_ident(struct iphdr *iph)
1008 static DEFINE_SPINLOCK(ip_fb_id_lock);
1009 static u32 ip_fallback_id;
1012 spin_lock_bh(&ip_fb_id_lock);
1013 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
1014 iph->id = htons(salt & 0xFFFF);
1015 ip_fallback_id = salt;
1016 spin_unlock_bh(&ip_fb_id_lock);
1019 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
1021 struct rtable *rt = (struct rtable *) dst;
1024 if (rt->peer == NULL)
1025 rt_bind_peer(rt, 1);
1027 /* If peer is attached to destination, it is never detached,
1028 so that we need not to grab a lock to dereference it.
1031 iph->id = htons(inet_getid(rt->peer, more));
1035 printk(KERN_DEBUG "rt_bind_peer(0) @%p\n",
1036 __builtin_return_address(0));
1038 ip_select_fb_ident(iph);
1041 static void rt_del(unsigned hash, struct rtable *rt)
1043 struct rtable **rthp;
1045 spin_lock_bh(rt_hash_lock_addr(hash));
1047 for (rthp = &rt_hash_table[hash].chain; *rthp;
1048 rthp = &(*rthp)->u.dst.rt_next)
1050 *rthp = rt->u.dst.rt_next;
1054 spin_unlock_bh(rt_hash_lock_addr(hash));
1057 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1058 __be32 saddr, struct net_device *dev)
1061 struct in_device *in_dev = in_dev_get(dev);
1062 struct rtable *rth, **rthp;
1063 __be32 skeys[2] = { saddr, 0 };
1064 int ikeys[2] = { dev->ifindex, 0 };
1065 struct netevent_redirect netevent;
1070 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev)
1071 || MULTICAST(new_gw) || BADCLASS(new_gw) || ZERONET(new_gw))
1072 goto reject_redirect;
1074 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1075 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1076 goto reject_redirect;
1077 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1078 goto reject_redirect;
1080 if (inet_addr_type(new_gw) != RTN_UNICAST)
1081 goto reject_redirect;
1084 for (i = 0; i < 2; i++) {
1085 for (k = 0; k < 2; k++) {
1086 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k]);
1088 rthp=&rt_hash_table[hash].chain;
1091 while ((rth = rcu_dereference(*rthp)) != NULL) {
1094 if (rth->fl.fl4_dst != daddr ||
1095 rth->fl.fl4_src != skeys[i] ||
1096 rth->fl.oif != ikeys[k] ||
1098 rthp = &rth->u.dst.rt_next;
1102 if (rth->rt_dst != daddr ||
1103 rth->rt_src != saddr ||
1105 rth->rt_gateway != old_gw ||
1106 rth->u.dst.dev != dev)
1109 dst_hold(&rth->u.dst);
1112 rt = dst_alloc(&ipv4_dst_ops);
1119 /* Copy all the information. */
1121 INIT_RCU_HEAD(&rt->u.dst.rcu_head);
1122 rt->u.dst.__use = 1;
1123 atomic_set(&rt->u.dst.__refcnt, 1);
1124 rt->u.dst.child = NULL;
1126 dev_hold(rt->u.dst.dev);
1128 in_dev_hold(rt->idev);
1129 rt->u.dst.obsolete = 0;
1130 rt->u.dst.lastuse = jiffies;
1131 rt->u.dst.path = &rt->u.dst;
1132 rt->u.dst.neighbour = NULL;
1133 rt->u.dst.hh = NULL;
1134 rt->u.dst.xfrm = NULL;
1136 rt->rt_flags |= RTCF_REDIRECTED;
1138 /* Gateway is different ... */
1139 rt->rt_gateway = new_gw;
1141 /* Redirect received -> path was valid */
1142 dst_confirm(&rth->u.dst);
1145 atomic_inc(&rt->peer->refcnt);
1147 if (arp_bind_neighbour(&rt->u.dst) ||
1148 !(rt->u.dst.neighbour->nud_state &
1150 if (rt->u.dst.neighbour)
1151 neigh_event_send(rt->u.dst.neighbour, NULL);
1157 netevent.old = &rth->u.dst;
1158 netevent.new = &rt->u.dst;
1159 call_netevent_notifiers(NETEVENT_REDIRECT,
1163 if (!rt_intern_hash(hash, rt, &rt))
1176 #ifdef CONFIG_IP_ROUTE_VERBOSE
1177 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1178 printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about "
1179 "%u.%u.%u.%u ignored.\n"
1180 " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u\n",
1181 NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw),
1182 NIPQUAD(saddr), NIPQUAD(daddr));
1187 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1189 struct rtable *rt = (struct rtable*)dst;
1190 struct dst_entry *ret = dst;
1193 if (dst->obsolete) {
1196 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1197 rt->u.dst.expires) {
1198 unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1200 #if RT_CACHE_DEBUG >= 1
1201 printk(KERN_DEBUG "ipv4_negative_advice: redirect to "
1202 "%u.%u.%u.%u/%02x dropped\n",
1203 NIPQUAD(rt->rt_dst), rt->fl.fl4_tos);
1214 * 1. The first ip_rt_redirect_number redirects are sent
1215 * with exponential backoff, then we stop sending them at all,
1216 * assuming that the host ignores our redirects.
1217 * 2. If we did not see packets requiring redirects
1218 * during ip_rt_redirect_silence, we assume that the host
1219 * forgot redirected route and start to send redirects again.
1221 * This algorithm is much cheaper and more intelligent than dumb load limiting
1224 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1225 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1228 void ip_rt_send_redirect(struct sk_buff *skb)
1230 struct rtable *rt = (struct rtable*)skb->dst;
1231 struct in_device *in_dev = in_dev_get(rt->u.dst.dev);
1236 if (!IN_DEV_TX_REDIRECTS(in_dev))
1239 /* No redirected packets during ip_rt_redirect_silence;
1240 * reset the algorithm.
1242 if (time_after(jiffies, rt->u.dst.rate_last + ip_rt_redirect_silence))
1243 rt->u.dst.rate_tokens = 0;
1245 /* Too many ignored redirects; do not send anything
1246 * set u.dst.rate_last to the last seen redirected packet.
1248 if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) {
1249 rt->u.dst.rate_last = jiffies;
1253 /* Check for load limit; set rate_last to the latest sent
1256 if (rt->u.dst.rate_tokens == 0 ||
1258 (rt->u.dst.rate_last +
1259 (ip_rt_redirect_load << rt->u.dst.rate_tokens)))) {
1260 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1261 rt->u.dst.rate_last = jiffies;
1262 ++rt->u.dst.rate_tokens;
1263 #ifdef CONFIG_IP_ROUTE_VERBOSE
1264 if (IN_DEV_LOG_MARTIANS(in_dev) &&
1265 rt->u.dst.rate_tokens == ip_rt_redirect_number &&
1267 printk(KERN_WARNING "host %u.%u.%u.%u/if%d ignores "
1268 "redirects for %u.%u.%u.%u to %u.%u.%u.%u.\n",
1269 NIPQUAD(rt->rt_src), rt->rt_iif,
1270 NIPQUAD(rt->rt_dst), NIPQUAD(rt->rt_gateway));
1277 static int ip_error(struct sk_buff *skb)
1279 struct rtable *rt = (struct rtable*)skb->dst;
1283 switch (rt->u.dst.error) {
1288 code = ICMP_HOST_UNREACH;
1291 code = ICMP_NET_UNREACH;
1292 IP_INC_STATS_BH(IPSTATS_MIB_INNOROUTES);
1295 code = ICMP_PKT_FILTERED;
1300 rt->u.dst.rate_tokens += now - rt->u.dst.rate_last;
1301 if (rt->u.dst.rate_tokens > ip_rt_error_burst)
1302 rt->u.dst.rate_tokens = ip_rt_error_burst;
1303 rt->u.dst.rate_last = now;
1304 if (rt->u.dst.rate_tokens >= ip_rt_error_cost) {
1305 rt->u.dst.rate_tokens -= ip_rt_error_cost;
1306 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1309 out: kfree_skb(skb);
1314 * The last two values are not from the RFC but
1315 * are needed for AMPRnet AX.25 paths.
1318 static const unsigned short mtu_plateau[] =
1319 {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 };
1321 static __inline__ unsigned short guess_mtu(unsigned short old_mtu)
1325 for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++)
1326 if (old_mtu > mtu_plateau[i])
1327 return mtu_plateau[i];
1331 unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu)
1334 unsigned short old_mtu = ntohs(iph->tot_len);
1336 __be32 skeys[2] = { iph->saddr, 0, };
1337 __be32 daddr = iph->daddr;
1338 unsigned short est_mtu = 0;
1340 if (ipv4_config.no_pmtu_disc)
1343 for (i = 0; i < 2; i++) {
1344 unsigned hash = rt_hash(daddr, skeys[i], 0);
1347 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1348 rth = rcu_dereference(rth->u.dst.rt_next)) {
1349 if (rth->fl.fl4_dst == daddr &&
1350 rth->fl.fl4_src == skeys[i] &&
1351 rth->rt_dst == daddr &&
1352 rth->rt_src == iph->saddr &&
1354 !(dst_metric_locked(&rth->u.dst, RTAX_MTU))) {
1355 unsigned short mtu = new_mtu;
1357 if (new_mtu < 68 || new_mtu >= old_mtu) {
1359 /* BSD 4.2 compatibility hack :-( */
1361 old_mtu >= rth->u.dst.metrics[RTAX_MTU-1] &&
1362 old_mtu >= 68 + (iph->ihl << 2))
1363 old_mtu -= iph->ihl << 2;
1365 mtu = guess_mtu(old_mtu);
1367 if (mtu <= rth->u.dst.metrics[RTAX_MTU-1]) {
1368 if (mtu < rth->u.dst.metrics[RTAX_MTU-1]) {
1369 dst_confirm(&rth->u.dst);
1370 if (mtu < ip_rt_min_pmtu) {
1371 mtu = ip_rt_min_pmtu;
1372 rth->u.dst.metrics[RTAX_LOCK-1] |=
1375 rth->u.dst.metrics[RTAX_MTU-1] = mtu;
1376 dst_set_expires(&rth->u.dst,
1385 return est_mtu ? : new_mtu;
1388 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1390 if (dst->metrics[RTAX_MTU-1] > mtu && mtu >= 68 &&
1391 !(dst_metric_locked(dst, RTAX_MTU))) {
1392 if (mtu < ip_rt_min_pmtu) {
1393 mtu = ip_rt_min_pmtu;
1394 dst->metrics[RTAX_LOCK-1] |= (1 << RTAX_MTU);
1396 dst->metrics[RTAX_MTU-1] = mtu;
1397 dst_set_expires(dst, ip_rt_mtu_expires);
1398 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
1402 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1407 static void ipv4_dst_destroy(struct dst_entry *dst)
1409 struct rtable *rt = (struct rtable *) dst;
1410 struct inet_peer *peer = rt->peer;
1411 struct in_device *idev = rt->idev;
1424 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
1427 struct rtable *rt = (struct rtable *) dst;
1428 struct in_device *idev = rt->idev;
1429 if (dev != init_net.loopback_dev && idev && idev->dev == dev) {
1430 struct in_device *loopback_idev = in_dev_get(init_net.loopback_dev);
1431 if (loopback_idev) {
1432 rt->idev = loopback_idev;
1438 static void ipv4_link_failure(struct sk_buff *skb)
1442 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1444 rt = (struct rtable *) skb->dst;
1446 dst_set_expires(&rt->u.dst, 0);
1449 static int ip_rt_bug(struct sk_buff *skb)
1451 printk(KERN_DEBUG "ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s\n",
1452 NIPQUAD(ip_hdr(skb)->saddr), NIPQUAD(ip_hdr(skb)->daddr),
1453 skb->dev ? skb->dev->name : "?");
1459 We do not cache source address of outgoing interface,
1460 because it is used only by IP RR, TS and SRR options,
1461 so that it out of fast path.
1463 BTW remember: "addr" is allowed to be not aligned
1467 void ip_rt_get_source(u8 *addr, struct rtable *rt)
1470 struct fib_result res;
1472 if (rt->fl.iif == 0)
1474 else if (fib_lookup(&rt->fl, &res) == 0) {
1475 src = FIB_RES_PREFSRC(res);
1478 src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
1480 memcpy(addr, &src, 4);
1483 #ifdef CONFIG_NET_CLS_ROUTE
1484 static void set_class_tag(struct rtable *rt, u32 tag)
1486 if (!(rt->u.dst.tclassid & 0xFFFF))
1487 rt->u.dst.tclassid |= tag & 0xFFFF;
1488 if (!(rt->u.dst.tclassid & 0xFFFF0000))
1489 rt->u.dst.tclassid |= tag & 0xFFFF0000;
1493 static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag)
1495 struct fib_info *fi = res->fi;
1498 if (FIB_RES_GW(*res) &&
1499 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1500 rt->rt_gateway = FIB_RES_GW(*res);
1501 memcpy(rt->u.dst.metrics, fi->fib_metrics,
1502 sizeof(rt->u.dst.metrics));
1503 if (fi->fib_mtu == 0) {
1504 rt->u.dst.metrics[RTAX_MTU-1] = rt->u.dst.dev->mtu;
1505 if (rt->u.dst.metrics[RTAX_LOCK-1] & (1 << RTAX_MTU) &&
1506 rt->rt_gateway != rt->rt_dst &&
1507 rt->u.dst.dev->mtu > 576)
1508 rt->u.dst.metrics[RTAX_MTU-1] = 576;
1510 #ifdef CONFIG_NET_CLS_ROUTE
1511 rt->u.dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1514 rt->u.dst.metrics[RTAX_MTU-1]= rt->u.dst.dev->mtu;
1516 if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0)
1517 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = sysctl_ip_default_ttl;
1518 if (rt->u.dst.metrics[RTAX_MTU-1] > IP_MAX_MTU)
1519 rt->u.dst.metrics[RTAX_MTU-1] = IP_MAX_MTU;
1520 if (rt->u.dst.metrics[RTAX_ADVMSS-1] == 0)
1521 rt->u.dst.metrics[RTAX_ADVMSS-1] = max_t(unsigned int, rt->u.dst.dev->mtu - 40,
1523 if (rt->u.dst.metrics[RTAX_ADVMSS-1] > 65535 - 40)
1524 rt->u.dst.metrics[RTAX_ADVMSS-1] = 65535 - 40;
1526 #ifdef CONFIG_NET_CLS_ROUTE
1527 #ifdef CONFIG_IP_MULTIPLE_TABLES
1528 set_class_tag(rt, fib_rules_tclass(res));
1530 set_class_tag(rt, itag);
1532 rt->rt_type = res->type;
1535 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1536 u8 tos, struct net_device *dev, int our)
1541 struct in_device *in_dev = in_dev_get(dev);
1544 /* Primary sanity checks. */
1549 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr) ||
1550 skb->protocol != htons(ETH_P_IP))
1553 if (ZERONET(saddr)) {
1554 if (!LOCAL_MCAST(daddr))
1556 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1557 } else if (fib_validate_source(saddr, 0, tos, 0,
1558 dev, &spec_dst, &itag) < 0)
1561 rth = dst_alloc(&ipv4_dst_ops);
1565 rth->u.dst.output= ip_rt_bug;
1567 atomic_set(&rth->u.dst.__refcnt, 1);
1568 rth->u.dst.flags= DST_HOST;
1569 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1570 rth->u.dst.flags |= DST_NOPOLICY;
1571 rth->fl.fl4_dst = daddr;
1572 rth->rt_dst = daddr;
1573 rth->fl.fl4_tos = tos;
1574 rth->fl.mark = skb->mark;
1575 rth->fl.fl4_src = saddr;
1576 rth->rt_src = saddr;
1577 #ifdef CONFIG_NET_CLS_ROUTE
1578 rth->u.dst.tclassid = itag;
1581 rth->fl.iif = dev->ifindex;
1582 rth->u.dst.dev = init_net.loopback_dev;
1583 dev_hold(rth->u.dst.dev);
1584 rth->idev = in_dev_get(rth->u.dst.dev);
1586 rth->rt_gateway = daddr;
1587 rth->rt_spec_dst= spec_dst;
1588 rth->rt_type = RTN_MULTICAST;
1589 rth->rt_flags = RTCF_MULTICAST;
1591 rth->u.dst.input= ip_local_deliver;
1592 rth->rt_flags |= RTCF_LOCAL;
1595 #ifdef CONFIG_IP_MROUTE
1596 if (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
1597 rth->u.dst.input = ip_mr_input;
1599 RT_CACHE_STAT_INC(in_slow_mc);
1602 hash = rt_hash(daddr, saddr, dev->ifindex);
1603 return rt_intern_hash(hash, rth, (struct rtable**) &skb->dst);
1615 static void ip_handle_martian_source(struct net_device *dev,
1616 struct in_device *in_dev,
1617 struct sk_buff *skb,
1621 RT_CACHE_STAT_INC(in_martian_src);
1622 #ifdef CONFIG_IP_ROUTE_VERBOSE
1623 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1625 * RFC1812 recommendation, if source is martian,
1626 * the only hint is MAC header.
1628 printk(KERN_WARNING "martian source %u.%u.%u.%u from "
1629 "%u.%u.%u.%u, on dev %s\n",
1630 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1631 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1633 const unsigned char *p = skb_mac_header(skb);
1634 printk(KERN_WARNING "ll header: ");
1635 for (i = 0; i < dev->hard_header_len; i++, p++) {
1637 if (i < (dev->hard_header_len - 1))
1646 static inline int __mkroute_input(struct sk_buff *skb,
1647 struct fib_result* res,
1648 struct in_device *in_dev,
1649 __be32 daddr, __be32 saddr, u32 tos,
1650 struct rtable **result)
1655 struct in_device *out_dev;
1660 /* get a working reference to the output device */
1661 out_dev = in_dev_get(FIB_RES_DEV(*res));
1662 if (out_dev == NULL) {
1663 if (net_ratelimit())
1664 printk(KERN_CRIT "Bug in ip_route_input" \
1665 "_slow(). Please, report\n");
1670 err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
1671 in_dev->dev, &spec_dst, &itag);
1673 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1681 flags |= RTCF_DIRECTSRC;
1683 if (out_dev == in_dev && err && !(flags & (RTCF_NAT | RTCF_MASQ)) &&
1684 (IN_DEV_SHARED_MEDIA(out_dev) ||
1685 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1686 flags |= RTCF_DOREDIRECT;
1688 if (skb->protocol != htons(ETH_P_IP)) {
1689 /* Not IP (i.e. ARP). Do not create route, if it is
1690 * invalid for proxy arp. DNAT routes are always valid.
1692 if (out_dev == in_dev && !(flags & RTCF_DNAT)) {
1699 rth = dst_alloc(&ipv4_dst_ops);
1705 atomic_set(&rth->u.dst.__refcnt, 1);
1706 rth->u.dst.flags= DST_HOST;
1707 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1708 rth->u.dst.flags |= DST_NOPOLICY;
1709 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
1710 rth->u.dst.flags |= DST_NOXFRM;
1711 rth->fl.fl4_dst = daddr;
1712 rth->rt_dst = daddr;
1713 rth->fl.fl4_tos = tos;
1714 rth->fl.mark = skb->mark;
1715 rth->fl.fl4_src = saddr;
1716 rth->rt_src = saddr;
1717 rth->rt_gateway = daddr;
1719 rth->fl.iif = in_dev->dev->ifindex;
1720 rth->u.dst.dev = (out_dev)->dev;
1721 dev_hold(rth->u.dst.dev);
1722 rth->idev = in_dev_get(rth->u.dst.dev);
1724 rth->rt_spec_dst= spec_dst;
1726 rth->u.dst.input = ip_forward;
1727 rth->u.dst.output = ip_output;
1729 rt_set_nexthop(rth, res, itag);
1731 rth->rt_flags = flags;
1736 /* release the working reference to the output device */
1737 in_dev_put(out_dev);
1741 static inline int ip_mkroute_input(struct sk_buff *skb,
1742 struct fib_result* res,
1743 const struct flowi *fl,
1744 struct in_device *in_dev,
1745 __be32 daddr, __be32 saddr, u32 tos)
1747 struct rtable* rth = NULL;
1751 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1752 if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
1753 fib_select_multipath(fl, res);
1756 /* create a routing cache entry */
1757 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
1761 /* put it into the cache */
1762 hash = rt_hash(daddr, saddr, fl->iif);
1763 return rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1767 * NOTE. We drop all the packets that has local source
1768 * addresses, because every properly looped back packet
1769 * must have correct destination already attached by output routine.
1771 * Such approach solves two big problems:
1772 * 1. Not simplex devices are handled properly.
1773 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1776 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1777 u8 tos, struct net_device *dev)
1779 struct fib_result res;
1780 struct in_device *in_dev = in_dev_get(dev);
1781 struct flowi fl = { .nl_u = { .ip4_u =
1785 .scope = RT_SCOPE_UNIVERSE,
1788 .iif = dev->ifindex };
1791 struct rtable * rth;
1797 /* IP on this device is disabled. */
1802 /* Check for the most weird martians, which can be not detected
1806 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr))
1807 goto martian_source;
1809 if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0))
1812 /* Accept zero addresses only to limited broadcast;
1813 * I even do not know to fix it or not. Waiting for complains :-)
1816 goto martian_source;
1818 if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))
1819 goto martian_destination;
1822 * Now we are ready to route packet.
1824 if ((err = fib_lookup(&fl, &res)) != 0) {
1825 if (!IN_DEV_FORWARD(in_dev))
1831 RT_CACHE_STAT_INC(in_slow_tot);
1833 if (res.type == RTN_BROADCAST)
1836 if (res.type == RTN_LOCAL) {
1838 result = fib_validate_source(saddr, daddr, tos,
1839 init_net.loopback_dev->ifindex,
1840 dev, &spec_dst, &itag);
1842 goto martian_source;
1844 flags |= RTCF_DIRECTSRC;
1849 if (!IN_DEV_FORWARD(in_dev))
1851 if (res.type != RTN_UNICAST)
1852 goto martian_destination;
1854 err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
1862 if (skb->protocol != htons(ETH_P_IP))
1866 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1868 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
1871 goto martian_source;
1873 flags |= RTCF_DIRECTSRC;
1875 flags |= RTCF_BROADCAST;
1876 res.type = RTN_BROADCAST;
1877 RT_CACHE_STAT_INC(in_brd);
1880 rth = dst_alloc(&ipv4_dst_ops);
1884 rth->u.dst.output= ip_rt_bug;
1886 atomic_set(&rth->u.dst.__refcnt, 1);
1887 rth->u.dst.flags= DST_HOST;
1888 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1889 rth->u.dst.flags |= DST_NOPOLICY;
1890 rth->fl.fl4_dst = daddr;
1891 rth->rt_dst = daddr;
1892 rth->fl.fl4_tos = tos;
1893 rth->fl.mark = skb->mark;
1894 rth->fl.fl4_src = saddr;
1895 rth->rt_src = saddr;
1896 #ifdef CONFIG_NET_CLS_ROUTE
1897 rth->u.dst.tclassid = itag;
1900 rth->fl.iif = dev->ifindex;
1901 rth->u.dst.dev = init_net.loopback_dev;
1902 dev_hold(rth->u.dst.dev);
1903 rth->idev = in_dev_get(rth->u.dst.dev);
1904 rth->rt_gateway = daddr;
1905 rth->rt_spec_dst= spec_dst;
1906 rth->u.dst.input= ip_local_deliver;
1907 rth->rt_flags = flags|RTCF_LOCAL;
1908 if (res.type == RTN_UNREACHABLE) {
1909 rth->u.dst.input= ip_error;
1910 rth->u.dst.error= -err;
1911 rth->rt_flags &= ~RTCF_LOCAL;
1913 rth->rt_type = res.type;
1914 hash = rt_hash(daddr, saddr, fl.iif);
1915 err = rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1919 RT_CACHE_STAT_INC(in_no_route);
1920 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
1921 res.type = RTN_UNREACHABLE;
1927 * Do not cache martian addresses: they should be logged (RFC1812)
1929 martian_destination:
1930 RT_CACHE_STAT_INC(in_martian_dst);
1931 #ifdef CONFIG_IP_ROUTE_VERBOSE
1932 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1933 printk(KERN_WARNING "martian destination %u.%u.%u.%u from "
1934 "%u.%u.%u.%u, dev %s\n",
1935 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1939 err = -EHOSTUNREACH;
1951 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
1955 int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1956 u8 tos, struct net_device *dev)
1958 struct rtable * rth;
1960 int iif = dev->ifindex;
1962 tos &= IPTOS_RT_MASK;
1963 hash = rt_hash(daddr, saddr, iif);
1966 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1967 rth = rcu_dereference(rth->u.dst.rt_next)) {
1968 if (rth->fl.fl4_dst == daddr &&
1969 rth->fl.fl4_src == saddr &&
1970 rth->fl.iif == iif &&
1972 rth->fl.mark == skb->mark &&
1973 rth->fl.fl4_tos == tos) {
1974 dst_use(&rth->u.dst, jiffies);
1975 RT_CACHE_STAT_INC(in_hit);
1977 skb->dst = (struct dst_entry*)rth;
1980 RT_CACHE_STAT_INC(in_hlist_search);
1984 /* Multicast recognition logic is moved from route cache to here.
1985 The problem was that too many Ethernet cards have broken/missing
1986 hardware multicast filters :-( As result the host on multicasting
1987 network acquires a lot of useless route cache entries, sort of
1988 SDR messages from all the world. Now we try to get rid of them.
1989 Really, provided software IP multicast filter is organized
1990 reasonably (at least, hashed), it does not result in a slowdown
1991 comparing with route cache reject entries.
1992 Note, that multicast routers are not affected, because
1993 route cache entry is created eventually.
1995 if (MULTICAST(daddr)) {
1996 struct in_device *in_dev;
1999 if ((in_dev = __in_dev_get_rcu(dev)) != NULL) {
2000 int our = ip_check_mc(in_dev, daddr, saddr,
2001 ip_hdr(skb)->protocol);
2003 #ifdef CONFIG_IP_MROUTE
2004 || (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
2008 return ip_route_input_mc(skb, daddr, saddr,
2015 return ip_route_input_slow(skb, daddr, saddr, tos, dev);
2018 static inline int __mkroute_output(struct rtable **result,
2019 struct fib_result* res,
2020 const struct flowi *fl,
2021 const struct flowi *oldflp,
2022 struct net_device *dev_out,
2026 struct in_device *in_dev;
2027 u32 tos = RT_FL_TOS(oldflp);
2030 if (LOOPBACK(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK))
2033 if (fl->fl4_dst == htonl(0xFFFFFFFF))
2034 res->type = RTN_BROADCAST;
2035 else if (MULTICAST(fl->fl4_dst))
2036 res->type = RTN_MULTICAST;
2037 else if (BADCLASS(fl->fl4_dst) || ZERONET(fl->fl4_dst))
2040 if (dev_out->flags & IFF_LOOPBACK)
2041 flags |= RTCF_LOCAL;
2043 /* get work reference to inet device */
2044 in_dev = in_dev_get(dev_out);
2048 if (res->type == RTN_BROADCAST) {
2049 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2051 fib_info_put(res->fi);
2054 } else if (res->type == RTN_MULTICAST) {
2055 flags |= RTCF_MULTICAST|RTCF_LOCAL;
2056 if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src,
2058 flags &= ~RTCF_LOCAL;
2059 /* If multicast route do not exist use
2060 default one, but do not gateway in this case.
2063 if (res->fi && res->prefixlen < 4) {
2064 fib_info_put(res->fi);
2070 rth = dst_alloc(&ipv4_dst_ops);
2076 atomic_set(&rth->u.dst.__refcnt, 1);
2077 rth->u.dst.flags= DST_HOST;
2078 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2079 rth->u.dst.flags |= DST_NOXFRM;
2080 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2081 rth->u.dst.flags |= DST_NOPOLICY;
2083 rth->fl.fl4_dst = oldflp->fl4_dst;
2084 rth->fl.fl4_tos = tos;
2085 rth->fl.fl4_src = oldflp->fl4_src;
2086 rth->fl.oif = oldflp->oif;
2087 rth->fl.mark = oldflp->mark;
2088 rth->rt_dst = fl->fl4_dst;
2089 rth->rt_src = fl->fl4_src;
2090 rth->rt_iif = oldflp->oif ? : dev_out->ifindex;
2091 /* get references to the devices that are to be hold by the routing
2093 rth->u.dst.dev = dev_out;
2095 rth->idev = in_dev_get(dev_out);
2096 rth->rt_gateway = fl->fl4_dst;
2097 rth->rt_spec_dst= fl->fl4_src;
2099 rth->u.dst.output=ip_output;
2101 RT_CACHE_STAT_INC(out_slow_tot);
2103 if (flags & RTCF_LOCAL) {
2104 rth->u.dst.input = ip_local_deliver;
2105 rth->rt_spec_dst = fl->fl4_dst;
2107 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2108 rth->rt_spec_dst = fl->fl4_src;
2109 if (flags & RTCF_LOCAL &&
2110 !(dev_out->flags & IFF_LOOPBACK)) {
2111 rth->u.dst.output = ip_mc_output;
2112 RT_CACHE_STAT_INC(out_slow_mc);
2114 #ifdef CONFIG_IP_MROUTE
2115 if (res->type == RTN_MULTICAST) {
2116 if (IN_DEV_MFORWARD(in_dev) &&
2117 !LOCAL_MCAST(oldflp->fl4_dst)) {
2118 rth->u.dst.input = ip_mr_input;
2119 rth->u.dst.output = ip_mc_output;
2125 rt_set_nexthop(rth, res, 0);
2127 rth->rt_flags = flags;
2131 /* release work reference to inet device */
2137 static inline int ip_mkroute_output(struct rtable **rp,
2138 struct fib_result* res,
2139 const struct flowi *fl,
2140 const struct flowi *oldflp,
2141 struct net_device *dev_out,
2144 struct rtable *rth = NULL;
2145 int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags);
2148 hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif);
2149 err = rt_intern_hash(hash, rth, rp);
2156 * Major route resolver routine.
2159 static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp)
2161 u32 tos = RT_FL_TOS(oldflp);
2162 struct flowi fl = { .nl_u = { .ip4_u =
2163 { .daddr = oldflp->fl4_dst,
2164 .saddr = oldflp->fl4_src,
2165 .tos = tos & IPTOS_RT_MASK,
2166 .scope = ((tos & RTO_ONLINK) ?
2170 .mark = oldflp->mark,
2171 .iif = init_net.loopback_dev->ifindex,
2172 .oif = oldflp->oif };
2173 struct fib_result res;
2175 struct net_device *dev_out = NULL;
2181 #ifdef CONFIG_IP_MULTIPLE_TABLES
2185 if (oldflp->fl4_src) {
2187 if (MULTICAST(oldflp->fl4_src) ||
2188 BADCLASS(oldflp->fl4_src) ||
2189 ZERONET(oldflp->fl4_src))
2192 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2193 dev_out = ip_dev_find(oldflp->fl4_src);
2194 if (dev_out == NULL)
2197 /* I removed check for oif == dev_out->oif here.
2198 It was wrong for two reasons:
2199 1. ip_dev_find(saddr) can return wrong iface, if saddr is
2200 assigned to multiple interfaces.
2201 2. Moreover, we are allowed to send packets with saddr
2202 of another iface. --ANK
2205 if (oldflp->oif == 0
2206 && (MULTICAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
2207 /* Special hack: user can direct multicasts
2208 and limited broadcast via necessary interface
2209 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2210 This hack is not just for fun, it allows
2211 vic,vat and friends to work.
2212 They bind socket to loopback, set ttl to zero
2213 and expect that it will work.
2214 From the viewpoint of routing cache they are broken,
2215 because we are not allowed to build multicast path
2216 with loopback source addr (look, routing cache
2217 cannot know, that ttl is zero, so that packet
2218 will not leave this host and route is valid).
2219 Luckily, this hack is good workaround.
2222 fl.oif = dev_out->ifindex;
2232 dev_out = dev_get_by_index(&init_net, oldflp->oif);
2234 if (dev_out == NULL)
2237 /* RACE: Check return value of inet_select_addr instead. */
2238 if (__in_dev_get_rtnl(dev_out) == NULL) {
2240 goto out; /* Wrong error code */
2243 if (LOCAL_MCAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF)) {
2245 fl.fl4_src = inet_select_addr(dev_out, 0,
2250 if (MULTICAST(oldflp->fl4_dst))
2251 fl.fl4_src = inet_select_addr(dev_out, 0,
2253 else if (!oldflp->fl4_dst)
2254 fl.fl4_src = inet_select_addr(dev_out, 0,
2260 fl.fl4_dst = fl.fl4_src;
2262 fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK);
2265 dev_out = init_net.loopback_dev;
2267 fl.oif = init_net.loopback_dev->ifindex;
2268 res.type = RTN_LOCAL;
2269 flags |= RTCF_LOCAL;
2273 if (fib_lookup(&fl, &res)) {
2276 /* Apparently, routing tables are wrong. Assume,
2277 that the destination is on link.
2280 Because we are allowed to send to iface
2281 even if it has NO routes and NO assigned
2282 addresses. When oif is specified, routing
2283 tables are looked up with only one purpose:
2284 to catch if destination is gatewayed, rather than
2285 direct. Moreover, if MSG_DONTROUTE is set,
2286 we send packet, ignoring both routing tables
2287 and ifaddr state. --ANK
2290 We could make it even if oif is unknown,
2291 likely IPv6, but we do not.
2294 if (fl.fl4_src == 0)
2295 fl.fl4_src = inet_select_addr(dev_out, 0,
2297 res.type = RTN_UNICAST;
2307 if (res.type == RTN_LOCAL) {
2309 fl.fl4_src = fl.fl4_dst;
2312 dev_out = init_net.loopback_dev;
2314 fl.oif = dev_out->ifindex;
2316 fib_info_put(res.fi);
2318 flags |= RTCF_LOCAL;
2322 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2323 if (res.fi->fib_nhs > 1 && fl.oif == 0)
2324 fib_select_multipath(&fl, &res);
2327 if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
2328 fib_select_default(&fl, &res);
2331 fl.fl4_src = FIB_RES_PREFSRC(res);
2335 dev_out = FIB_RES_DEV(res);
2337 fl.oif = dev_out->ifindex;
2341 err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags);
2351 int __ip_route_output_key(struct rtable **rp, const struct flowi *flp)
2356 hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif);
2359 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2360 rth = rcu_dereference(rth->u.dst.rt_next)) {
2361 if (rth->fl.fl4_dst == flp->fl4_dst &&
2362 rth->fl.fl4_src == flp->fl4_src &&
2364 rth->fl.oif == flp->oif &&
2365 rth->fl.mark == flp->mark &&
2366 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
2367 (IPTOS_RT_MASK | RTO_ONLINK))) {
2368 dst_use(&rth->u.dst, jiffies);
2369 RT_CACHE_STAT_INC(out_hit);
2370 rcu_read_unlock_bh();
2374 RT_CACHE_STAT_INC(out_hlist_search);
2376 rcu_read_unlock_bh();
2378 return ip_route_output_slow(rp, flp);
2381 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2383 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2387 static struct dst_ops ipv4_dst_blackhole_ops = {
2389 .protocol = __constant_htons(ETH_P_IP),
2390 .destroy = ipv4_dst_destroy,
2391 .check = ipv4_dst_check,
2392 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2393 .entry_size = sizeof(struct rtable),
2397 static int ipv4_dst_blackhole(struct rtable **rp, struct flowi *flp, struct sock *sk)
2399 struct rtable *ort = *rp;
2400 struct rtable *rt = (struct rtable *)
2401 dst_alloc(&ipv4_dst_blackhole_ops);
2404 struct dst_entry *new = &rt->u.dst;
2406 atomic_set(&new->__refcnt, 1);
2408 new->input = dst_discard;
2409 new->output = dst_discard;
2410 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
2412 new->dev = ort->u.dst.dev;
2418 rt->idev = ort->idev;
2420 in_dev_hold(rt->idev);
2421 rt->rt_flags = ort->rt_flags;
2422 rt->rt_type = ort->rt_type;
2423 rt->rt_dst = ort->rt_dst;
2424 rt->rt_src = ort->rt_src;
2425 rt->rt_iif = ort->rt_iif;
2426 rt->rt_gateway = ort->rt_gateway;
2427 rt->rt_spec_dst = ort->rt_spec_dst;
2428 rt->peer = ort->peer;
2430 atomic_inc(&rt->peer->refcnt);
2435 dst_release(&(*rp)->u.dst);
2437 return (rt ? 0 : -ENOMEM);
2440 int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags)
2444 if ((err = __ip_route_output_key(rp, flp)) != 0)
2449 flp->fl4_src = (*rp)->rt_src;
2451 flp->fl4_dst = (*rp)->rt_dst;
2452 err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, flags);
2453 if (err == -EREMOTE)
2454 err = ipv4_dst_blackhole(rp, flp, sk);
2462 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2464 int ip_route_output_key(struct rtable **rp, struct flowi *flp)
2466 return ip_route_output_flow(rp, flp, NULL, 0);
2469 static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event,
2470 int nowait, unsigned int flags)
2472 struct rtable *rt = (struct rtable*)skb->dst;
2474 struct nlmsghdr *nlh;
2476 u32 id = 0, ts = 0, tsage = 0, error;
2478 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2482 r = nlmsg_data(nlh);
2483 r->rtm_family = AF_INET;
2484 r->rtm_dst_len = 32;
2486 r->rtm_tos = rt->fl.fl4_tos;
2487 r->rtm_table = RT_TABLE_MAIN;
2488 NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN);
2489 r->rtm_type = rt->rt_type;
2490 r->rtm_scope = RT_SCOPE_UNIVERSE;
2491 r->rtm_protocol = RTPROT_UNSPEC;
2492 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2493 if (rt->rt_flags & RTCF_NOTIFY)
2494 r->rtm_flags |= RTM_F_NOTIFY;
2496 NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst);
2498 if (rt->fl.fl4_src) {
2499 r->rtm_src_len = 32;
2500 NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src);
2503 NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex);
2504 #ifdef CONFIG_NET_CLS_ROUTE
2505 if (rt->u.dst.tclassid)
2506 NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid);
2509 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst);
2510 else if (rt->rt_src != rt->fl.fl4_src)
2511 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src);
2513 if (rt->rt_dst != rt->rt_gateway)
2514 NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway);
2516 if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0)
2517 goto nla_put_failure;
2519 error = rt->u.dst.error;
2520 expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0;
2522 id = rt->peer->ip_id_count;
2523 if (rt->peer->tcp_ts_stamp) {
2524 ts = rt->peer->tcp_ts;
2525 tsage = get_seconds() - rt->peer->tcp_ts_stamp;
2530 #ifdef CONFIG_IP_MROUTE
2531 __be32 dst = rt->rt_dst;
2533 if (MULTICAST(dst) && !LOCAL_MCAST(dst) &&
2534 IPV4_DEVCONF_ALL(MC_FORWARDING)) {
2535 int err = ipmr_get_route(skb, r, nowait);
2540 goto nla_put_failure;
2542 if (err == -EMSGSIZE)
2543 goto nla_put_failure;
2549 NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif);
2552 if (rtnl_put_cacheinfo(skb, &rt->u.dst, id, ts, tsage,
2553 expires, error) < 0)
2554 goto nla_put_failure;
2556 return nlmsg_end(skb, nlh);
2559 nlmsg_cancel(skb, nlh);
2563 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2565 struct net *net = in_skb->sk->sk_net;
2567 struct nlattr *tb[RTA_MAX+1];
2568 struct rtable *rt = NULL;
2573 struct sk_buff *skb;
2575 if (net != &init_net)
2578 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2582 rtm = nlmsg_data(nlh);
2584 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2590 /* Reserve room for dummy headers, this skb can pass
2591 through good chunk of routing engine.
2593 skb_reset_mac_header(skb);
2594 skb_reset_network_header(skb);
2596 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2597 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2598 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2600 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2601 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2602 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2605 struct net_device *dev;
2607 dev = __dev_get_by_index(&init_net, iif);
2613 skb->protocol = htons(ETH_P_IP);
2616 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2619 rt = (struct rtable*) skb->dst;
2620 if (err == 0 && rt->u.dst.error)
2621 err = -rt->u.dst.error;
2628 .tos = rtm->rtm_tos,
2631 .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2633 err = ip_route_output_key(&rt, &fl);
2639 skb->dst = &rt->u.dst;
2640 if (rtm->rtm_flags & RTM_F_NOTIFY)
2641 rt->rt_flags |= RTCF_NOTIFY;
2643 err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2644 RTM_NEWROUTE, 0, 0);
2648 err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid);
2657 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2666 s_idx = idx = cb->args[1];
2667 for (h = s_h; h <= rt_hash_mask; h++) {
2669 for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt;
2670 rt = rcu_dereference(rt->u.dst.rt_next), idx++) {
2673 skb->dst = dst_clone(&rt->u.dst);
2674 if (rt_fill_info(skb, NETLINK_CB(cb->skb).pid,
2675 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2676 1, NLM_F_MULTI) <= 0) {
2677 dst_release(xchg(&skb->dst, NULL));
2678 rcu_read_unlock_bh();
2681 dst_release(xchg(&skb->dst, NULL));
2683 rcu_read_unlock_bh();
2693 void ip_rt_multicast_event(struct in_device *in_dev)
2698 #ifdef CONFIG_SYSCTL
2699 static int flush_delay;
2701 static int ipv4_sysctl_rtcache_flush(ctl_table *ctl, int write,
2702 struct file *filp, void __user *buffer,
2703 size_t *lenp, loff_t *ppos)
2706 proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
2707 rt_cache_flush(flush_delay);
2714 static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
2717 void __user *oldval,
2718 size_t __user *oldlenp,
2719 void __user *newval,
2723 if (newlen != sizeof(int))
2725 if (get_user(delay, (int __user *)newval))
2727 rt_cache_flush(delay);
2731 ctl_table ipv4_route_table[] = {
2733 .ctl_name = NET_IPV4_ROUTE_FLUSH,
2734 .procname = "flush",
2735 .data = &flush_delay,
2736 .maxlen = sizeof(int),
2738 .proc_handler = &ipv4_sysctl_rtcache_flush,
2739 .strategy = &ipv4_sysctl_rtcache_flush_strategy,
2742 .ctl_name = NET_IPV4_ROUTE_MIN_DELAY,
2743 .procname = "min_delay",
2744 .data = &ip_rt_min_delay,
2745 .maxlen = sizeof(int),
2747 .proc_handler = &proc_dointvec_jiffies,
2748 .strategy = &sysctl_jiffies,
2751 .ctl_name = NET_IPV4_ROUTE_MAX_DELAY,
2752 .procname = "max_delay",
2753 .data = &ip_rt_max_delay,
2754 .maxlen = sizeof(int),
2756 .proc_handler = &proc_dointvec_jiffies,
2757 .strategy = &sysctl_jiffies,
2760 .ctl_name = NET_IPV4_ROUTE_GC_THRESH,
2761 .procname = "gc_thresh",
2762 .data = &ipv4_dst_ops.gc_thresh,
2763 .maxlen = sizeof(int),
2765 .proc_handler = &proc_dointvec,
2768 .ctl_name = NET_IPV4_ROUTE_MAX_SIZE,
2769 .procname = "max_size",
2770 .data = &ip_rt_max_size,
2771 .maxlen = sizeof(int),
2773 .proc_handler = &proc_dointvec,
2776 /* Deprecated. Use gc_min_interval_ms */
2778 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL,
2779 .procname = "gc_min_interval",
2780 .data = &ip_rt_gc_min_interval,
2781 .maxlen = sizeof(int),
2783 .proc_handler = &proc_dointvec_jiffies,
2784 .strategy = &sysctl_jiffies,
2787 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS,
2788 .procname = "gc_min_interval_ms",
2789 .data = &ip_rt_gc_min_interval,
2790 .maxlen = sizeof(int),
2792 .proc_handler = &proc_dointvec_ms_jiffies,
2793 .strategy = &sysctl_ms_jiffies,
2796 .ctl_name = NET_IPV4_ROUTE_GC_TIMEOUT,
2797 .procname = "gc_timeout",
2798 .data = &ip_rt_gc_timeout,
2799 .maxlen = sizeof(int),
2801 .proc_handler = &proc_dointvec_jiffies,
2802 .strategy = &sysctl_jiffies,
2805 .ctl_name = NET_IPV4_ROUTE_GC_INTERVAL,
2806 .procname = "gc_interval",
2807 .data = &ip_rt_gc_interval,
2808 .maxlen = sizeof(int),
2810 .proc_handler = &proc_dointvec_jiffies,
2811 .strategy = &sysctl_jiffies,
2814 .ctl_name = NET_IPV4_ROUTE_REDIRECT_LOAD,
2815 .procname = "redirect_load",
2816 .data = &ip_rt_redirect_load,
2817 .maxlen = sizeof(int),
2819 .proc_handler = &proc_dointvec,
2822 .ctl_name = NET_IPV4_ROUTE_REDIRECT_NUMBER,
2823 .procname = "redirect_number",
2824 .data = &ip_rt_redirect_number,
2825 .maxlen = sizeof(int),
2827 .proc_handler = &proc_dointvec,
2830 .ctl_name = NET_IPV4_ROUTE_REDIRECT_SILENCE,
2831 .procname = "redirect_silence",
2832 .data = &ip_rt_redirect_silence,
2833 .maxlen = sizeof(int),
2835 .proc_handler = &proc_dointvec,
2838 .ctl_name = NET_IPV4_ROUTE_ERROR_COST,
2839 .procname = "error_cost",
2840 .data = &ip_rt_error_cost,
2841 .maxlen = sizeof(int),
2843 .proc_handler = &proc_dointvec,
2846 .ctl_name = NET_IPV4_ROUTE_ERROR_BURST,
2847 .procname = "error_burst",
2848 .data = &ip_rt_error_burst,
2849 .maxlen = sizeof(int),
2851 .proc_handler = &proc_dointvec,
2854 .ctl_name = NET_IPV4_ROUTE_GC_ELASTICITY,
2855 .procname = "gc_elasticity",
2856 .data = &ip_rt_gc_elasticity,
2857 .maxlen = sizeof(int),
2859 .proc_handler = &proc_dointvec,
2862 .ctl_name = NET_IPV4_ROUTE_MTU_EXPIRES,
2863 .procname = "mtu_expires",
2864 .data = &ip_rt_mtu_expires,
2865 .maxlen = sizeof(int),
2867 .proc_handler = &proc_dointvec_jiffies,
2868 .strategy = &sysctl_jiffies,
2871 .ctl_name = NET_IPV4_ROUTE_MIN_PMTU,
2872 .procname = "min_pmtu",
2873 .data = &ip_rt_min_pmtu,
2874 .maxlen = sizeof(int),
2876 .proc_handler = &proc_dointvec,
2879 .ctl_name = NET_IPV4_ROUTE_MIN_ADVMSS,
2880 .procname = "min_adv_mss",
2881 .data = &ip_rt_min_advmss,
2882 .maxlen = sizeof(int),
2884 .proc_handler = &proc_dointvec,
2887 .ctl_name = NET_IPV4_ROUTE_SECRET_INTERVAL,
2888 .procname = "secret_interval",
2889 .data = &ip_rt_secret_interval,
2890 .maxlen = sizeof(int),
2892 .proc_handler = &proc_dointvec_jiffies,
2893 .strategy = &sysctl_jiffies,
2899 #ifdef CONFIG_NET_CLS_ROUTE
2900 struct ip_rt_acct *ip_rt_acct __read_mostly;
2902 /* IP route accounting ptr for this logical cpu number. */
2903 #define IP_RT_ACCT_CPU(cpu) (per_cpu_ptr(ip_rt_acct, cpu))
2905 #ifdef CONFIG_PROC_FS
2906 static int ip_rt_acct_read(char *buffer, char **start, off_t offset,
2907 int length, int *eof, void *data)
2911 if ((offset & 3) || (length & 3))
2914 if (offset >= sizeof(struct ip_rt_acct) * 256) {
2919 if (offset + length >= sizeof(struct ip_rt_acct) * 256) {
2920 length = sizeof(struct ip_rt_acct) * 256 - offset;
2924 offset /= sizeof(u32);
2927 u32 *dst = (u32 *) buffer;
2930 memset(dst, 0, length);
2932 for_each_possible_cpu(i) {
2934 u32 *src = ((u32 *) IP_RT_ACCT_CPU(i)) + offset;
2936 for (j = 0; j < length/4; j++)
2942 #endif /* CONFIG_PROC_FS */
2943 #endif /* CONFIG_NET_CLS_ROUTE */
2945 static __initdata unsigned long rhash_entries;
2946 static int __init set_rhash_entries(char *str)
2950 rhash_entries = simple_strtoul(str, &str, 0);
2953 __setup("rhash_entries=", set_rhash_entries);
2955 int __init ip_rt_init(void)
2959 rt_hash_rnd = (int) ((num_physpages ^ (num_physpages>>8)) ^
2960 (jiffies ^ (jiffies >> 7)));
2962 #ifdef CONFIG_NET_CLS_ROUTE
2963 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct));
2965 panic("IP: failed to allocate ip_rt_acct\n");
2968 ipv4_dst_ops.kmem_cachep =
2969 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2970 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2972 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2974 rt_hash_table = (struct rt_hash_bucket *)
2975 alloc_large_system_hash("IP route cache",
2976 sizeof(struct rt_hash_bucket),
2978 (num_physpages >= 128 * 1024) ?
2984 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
2985 rt_hash_lock_init();
2987 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
2988 ip_rt_max_size = (rt_hash_mask + 1) * 16;
2993 setup_timer(&rt_flush_timer, rt_run_flush, 0);
2994 setup_timer(&rt_secret_timer, rt_secret_rebuild, 0);
2996 /* All the timers, started at system startup tend
2997 to synchronize. Perturb it a bit.
2999 schedule_delayed_work(&expires_work,
3000 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3002 rt_secret_timer.expires = jiffies + net_random() % ip_rt_secret_interval +
3003 ip_rt_secret_interval;
3004 add_timer(&rt_secret_timer);
3006 #ifdef CONFIG_PROC_FS
3008 struct proc_dir_entry *rtstat_pde = NULL; /* keep gcc happy */
3009 if (!proc_net_fops_create(&init_net, "rt_cache", S_IRUGO, &rt_cache_seq_fops) ||
3010 !(rtstat_pde = create_proc_entry("rt_cache", S_IRUGO,
3011 init_net.proc_net_stat))) {
3014 rtstat_pde->proc_fops = &rt_cpu_seq_fops;
3016 #ifdef CONFIG_NET_CLS_ROUTE
3017 create_proc_read_entry("rt_acct", 0, init_net.proc_net, ip_rt_acct_read, NULL);
3024 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3029 EXPORT_SYMBOL(__ip_select_ident);
3030 EXPORT_SYMBOL(ip_route_input);
3031 EXPORT_SYMBOL(ip_route_output_key);
git://bbs.cooldavid.org / net-next-2.6.git / blob