]>
Commit | Line | Data |
---|---|---|
1da177e4 LT |
1 | /* |
2 | * INET An implementation of the TCP/IP protocol suite for the LINUX | |
3 | * operating system. INET is implemented using the BSD Socket | |
4 | * interface as the means of communication with the user level. | |
5 | * | |
6 | * ROUTE - implementation of the IP router. | |
7 | * | |
8 | * Version: $Id: route.c,v 1.103 2002/01/12 07:44:09 davem Exp $ | |
9 | * | |
02c30a84 | 10 | * Authors: Ross Biro |
1da177e4 LT |
11 | * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> |
12 | * Alan Cox, <gw4pts@gw4pts.ampr.org> | |
13 | * Linus Torvalds, <Linus.Torvalds@helsinki.fi> | |
14 | * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru> | |
15 | * | |
16 | * Fixes: | |
17 | * Alan Cox : Verify area fixes. | |
18 | * Alan Cox : cli() protects routing changes | |
19 | * Rui Oliveira : ICMP routing table updates | |
20 | * (rco@di.uminho.pt) Routing table insertion and update | |
21 | * Linus Torvalds : Rewrote bits to be sensible | |
22 | * Alan Cox : Added BSD route gw semantics | |
e905a9ed | 23 | * Alan Cox : Super /proc >4K |
1da177e4 LT |
24 | * Alan Cox : MTU in route table |
25 | * Alan Cox : MSS actually. Also added the window | |
26 | * clamper. | |
27 | * Sam Lantinga : Fixed route matching in rt_del() | |
28 | * Alan Cox : Routing cache support. | |
29 | * Alan Cox : Removed compatibility cruft. | |
30 | * Alan Cox : RTF_REJECT support. | |
31 | * Alan Cox : TCP irtt support. | |
32 | * Jonathan Naylor : Added Metric support. | |
33 | * Miquel van Smoorenburg : BSD API fixes. | |
34 | * Miquel van Smoorenburg : Metrics. | |
35 | * Alan Cox : Use __u32 properly | |
36 | * Alan Cox : Aligned routing errors more closely with BSD | |
37 | * our system is still very different. | |
38 | * Alan Cox : Faster /proc handling | |
39 | * Alexey Kuznetsov : Massive rework to support tree based routing, | |
40 | * routing caches and better behaviour. | |
e905a9ed | 41 | * |
1da177e4 LT |
42 | * Olaf Erb : irtt wasn't being copied right. |
43 | * Bjorn Ekwall : Kerneld route support. | |
44 | * Alan Cox : Multicast fixed (I hope) | |
45 | * Pavel Krauz : Limited broadcast fixed | |
46 | * Mike McLagan : Routing by source | |
47 | * Alexey Kuznetsov : End of old history. Split to fib.c and | |
48 | * route.c and rewritten from scratch. | |
49 | * Andi Kleen : Load-limit warning messages. | |
50 | * Vitaly E. Lavrov : Transparent proxy revived after year coma. | |
51 | * Vitaly E. Lavrov : Race condition in ip_route_input_slow. | |
52 | * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow. | |
53 | * Vladimir V. Ivanov : IP rule info (flowid) is really useful. | |
54 | * Marc Boucher : routing by fwmark | |
55 | * Robert Olsson : Added rt_cache statistics | |
56 | * Arnaldo C. Melo : Convert proc stuff to seq_file | |
bb1d23b0 | 57 | * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes. |
cef2685e IS |
58 | * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect |
59 | * Ilia Sotnikov : Removed TOS from hash calculations | |
1da177e4 LT |
60 | * |
61 | * This program is free software; you can redistribute it and/or | |
62 | * modify it under the terms of the GNU General Public License | |
63 | * as published by the Free Software Foundation; either version | |
64 | * 2 of the License, or (at your option) any later version. | |
65 | */ | |
66 | ||
1da177e4 LT |
67 | #include <linux/module.h> |
68 | #include <asm/uaccess.h> | |
69 | #include <asm/system.h> | |
70 | #include <linux/bitops.h> | |
71 | #include <linux/types.h> | |
72 | #include <linux/kernel.h> | |
1da177e4 | 73 | #include <linux/mm.h> |
424c4b70 | 74 | #include <linux/bootmem.h> |
1da177e4 LT |
75 | #include <linux/string.h> |
76 | #include <linux/socket.h> | |
77 | #include <linux/sockios.h> | |
78 | #include <linux/errno.h> | |
79 | #include <linux/in.h> | |
80 | #include <linux/inet.h> | |
81 | #include <linux/netdevice.h> | |
82 | #include <linux/proc_fs.h> | |
83 | #include <linux/init.h> | |
39c90ece | 84 | #include <linux/workqueue.h> |
1da177e4 | 85 | #include <linux/skbuff.h> |
1da177e4 LT |
86 | #include <linux/inetdevice.h> |
87 | #include <linux/igmp.h> | |
88 | #include <linux/pkt_sched.h> | |
89 | #include <linux/mroute.h> | |
90 | #include <linux/netfilter_ipv4.h> | |
91 | #include <linux/random.h> | |
92 | #include <linux/jhash.h> | |
93 | #include <linux/rcupdate.h> | |
94 | #include <linux/times.h> | |
352e512c | 95 | #include <net/dst.h> |
457c4cbc | 96 | #include <net/net_namespace.h> |
1da177e4 LT |
97 | #include <net/protocol.h> |
98 | #include <net/ip.h> | |
99 | #include <net/route.h> | |
100 | #include <net/inetpeer.h> | |
101 | #include <net/sock.h> | |
102 | #include <net/ip_fib.h> | |
103 | #include <net/arp.h> | |
104 | #include <net/tcp.h> | |
105 | #include <net/icmp.h> | |
106 | #include <net/xfrm.h> | |
8d71740c | 107 | #include <net/netevent.h> |
63f3444f | 108 | #include <net/rtnetlink.h> |
1da177e4 LT |
109 | #ifdef CONFIG_SYSCTL |
110 | #include <linux/sysctl.h> | |
111 | #endif | |
112 | ||
113 | #define RT_FL_TOS(oldflp) \ | |
114 | ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK))) | |
115 | ||
116 | #define IP_MAX_MTU 0xFFF0 | |
117 | ||
118 | #define RT_GC_TIMEOUT (300*HZ) | |
119 | ||
120 | static int ip_rt_min_delay = 2 * HZ; | |
121 | static int ip_rt_max_delay = 10 * HZ; | |
122 | static int ip_rt_max_size; | |
123 | static int ip_rt_gc_timeout = RT_GC_TIMEOUT; | |
124 | static int ip_rt_gc_interval = 60 * HZ; | |
125 | static int ip_rt_gc_min_interval = HZ / 2; | |
126 | static int ip_rt_redirect_number = 9; | |
127 | static int ip_rt_redirect_load = HZ / 50; | |
128 | static int ip_rt_redirect_silence = ((HZ / 50) << (9 + 1)); | |
129 | static int ip_rt_error_cost = HZ; | |
130 | static int ip_rt_error_burst = 5 * HZ; | |
131 | static int ip_rt_gc_elasticity = 8; | |
132 | static int ip_rt_mtu_expires = 10 * 60 * HZ; | |
133 | static int ip_rt_min_pmtu = 512 + 20 + 20; | |
134 | static int ip_rt_min_advmss = 256; | |
135 | static int ip_rt_secret_interval = 10 * 60 * HZ; | |
beb659bd | 136 | static int ip_rt_flush_expected; |
1da177e4 LT |
137 | static unsigned long rt_deadline; |
138 | ||
139 | #define RTprint(a...) printk(KERN_DEBUG a) | |
140 | ||
141 | static struct timer_list rt_flush_timer; | |
beb659bd ED |
142 | static void rt_worker_func(struct work_struct *work); |
143 | static DECLARE_DELAYED_WORK(expires_work, rt_worker_func); | |
1da177e4 LT |
144 | static struct timer_list rt_secret_timer; |
145 | ||
146 | /* | |
147 | * Interface to generic destination cache. | |
148 | */ | |
149 | ||
150 | static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie); | |
151 | static void ipv4_dst_destroy(struct dst_entry *dst); | |
152 | static void ipv4_dst_ifdown(struct dst_entry *dst, | |
153 | struct net_device *dev, int how); | |
154 | static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst); | |
155 | static void ipv4_link_failure(struct sk_buff *skb); | |
156 | static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu); | |
569d3645 | 157 | static int rt_garbage_collect(struct dst_ops *ops); |
1da177e4 LT |
158 | |
159 | ||
160 | static struct dst_ops ipv4_dst_ops = { | |
161 | .family = AF_INET, | |
162 | .protocol = __constant_htons(ETH_P_IP), | |
163 | .gc = rt_garbage_collect, | |
164 | .check = ipv4_dst_check, | |
165 | .destroy = ipv4_dst_destroy, | |
166 | .ifdown = ipv4_dst_ifdown, | |
167 | .negative_advice = ipv4_negative_advice, | |
168 | .link_failure = ipv4_link_failure, | |
169 | .update_pmtu = ip_rt_update_pmtu, | |
862b82c6 | 170 | .local_out = ip_local_out, |
1da177e4 | 171 | .entry_size = sizeof(struct rtable), |
e2422970 | 172 | .entries = ATOMIC_INIT(0), |
1da177e4 LT |
173 | }; |
174 | ||
175 | #define ECN_OR_COST(class) TC_PRIO_##class | |
176 | ||
4839c52b | 177 | const __u8 ip_tos2prio[16] = { |
1da177e4 LT |
178 | TC_PRIO_BESTEFFORT, |
179 | ECN_OR_COST(FILLER), | |
180 | TC_PRIO_BESTEFFORT, | |
181 | ECN_OR_COST(BESTEFFORT), | |
182 | TC_PRIO_BULK, | |
183 | ECN_OR_COST(BULK), | |
184 | TC_PRIO_BULK, | |
185 | ECN_OR_COST(BULK), | |
186 | TC_PRIO_INTERACTIVE, | |
187 | ECN_OR_COST(INTERACTIVE), | |
188 | TC_PRIO_INTERACTIVE, | |
189 | ECN_OR_COST(INTERACTIVE), | |
190 | TC_PRIO_INTERACTIVE_BULK, | |
191 | ECN_OR_COST(INTERACTIVE_BULK), | |
192 | TC_PRIO_INTERACTIVE_BULK, | |
193 | ECN_OR_COST(INTERACTIVE_BULK) | |
194 | }; | |
195 | ||
196 | ||
197 | /* | |
198 | * Route cache. | |
199 | */ | |
200 | ||
201 | /* The locking scheme is rather straight forward: | |
202 | * | |
203 | * 1) Read-Copy Update protects the buckets of the central route hash. | |
204 | * 2) Only writers remove entries, and they hold the lock | |
205 | * as they look at rtable reference counts. | |
206 | * 3) Only readers acquire references to rtable entries, | |
207 | * they do so with atomic increments and with the | |
208 | * lock held. | |
209 | */ | |
210 | ||
211 | struct rt_hash_bucket { | |
212 | struct rtable *chain; | |
22c047cc | 213 | }; |
8a25d5de IM |
214 | #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \ |
215 | defined(CONFIG_PROVE_LOCKING) | |
22c047cc ED |
216 | /* |
217 | * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks | |
218 | * The size of this table is a power of two and depends on the number of CPUS. | |
62051200 | 219 | * (on lockdep we have a quite big spinlock_t, so keep the size down there) |
22c047cc | 220 | */ |
62051200 IM |
221 | #ifdef CONFIG_LOCKDEP |
222 | # define RT_HASH_LOCK_SZ 256 | |
22c047cc | 223 | #else |
62051200 IM |
224 | # if NR_CPUS >= 32 |
225 | # define RT_HASH_LOCK_SZ 4096 | |
226 | # elif NR_CPUS >= 16 | |
227 | # define RT_HASH_LOCK_SZ 2048 | |
228 | # elif NR_CPUS >= 8 | |
229 | # define RT_HASH_LOCK_SZ 1024 | |
230 | # elif NR_CPUS >= 4 | |
231 | # define RT_HASH_LOCK_SZ 512 | |
232 | # else | |
233 | # define RT_HASH_LOCK_SZ 256 | |
234 | # endif | |
22c047cc ED |
235 | #endif |
236 | ||
237 | static spinlock_t *rt_hash_locks; | |
238 | # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)] | |
1ff1cc20 PE |
239 | |
240 | static __init void rt_hash_lock_init(void) | |
241 | { | |
242 | int i; | |
243 | ||
244 | rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ, | |
245 | GFP_KERNEL); | |
246 | if (!rt_hash_locks) | |
247 | panic("IP: failed to allocate rt_hash_locks\n"); | |
248 | ||
249 | for (i = 0; i < RT_HASH_LOCK_SZ; i++) | |
250 | spin_lock_init(&rt_hash_locks[i]); | |
251 | } | |
22c047cc ED |
252 | #else |
253 | # define rt_hash_lock_addr(slot) NULL | |
1ff1cc20 PE |
254 | |
255 | static inline void rt_hash_lock_init(void) | |
256 | { | |
257 | } | |
22c047cc | 258 | #endif |
1da177e4 LT |
259 | |
260 | static struct rt_hash_bucket *rt_hash_table; | |
261 | static unsigned rt_hash_mask; | |
cfcabdcc | 262 | static unsigned int rt_hash_log; |
1da177e4 LT |
263 | static unsigned int rt_hash_rnd; |
264 | ||
2f970d83 | 265 | static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat); |
dbd2915c | 266 | #define RT_CACHE_STAT_INC(field) \ |
bfe5d834 | 267 | (__raw_get_cpu_var(rt_cache_stat).field++) |
1da177e4 LT |
268 | |
269 | static int rt_intern_hash(unsigned hash, struct rtable *rth, | |
270 | struct rtable **res); | |
271 | ||
cef2685e | 272 | static unsigned int rt_hash_code(u32 daddr, u32 saddr) |
1da177e4 | 273 | { |
cef2685e | 274 | return (jhash_2words(daddr, saddr, rt_hash_rnd) |
1da177e4 LT |
275 | & rt_hash_mask); |
276 | } | |
277 | ||
8c7bc840 AV |
278 | #define rt_hash(daddr, saddr, idx) \ |
279 | rt_hash_code((__force u32)(__be32)(daddr),\ | |
280 | (__force u32)(__be32)(saddr) ^ ((idx) << 5)) | |
281 | ||
1da177e4 LT |
282 | #ifdef CONFIG_PROC_FS |
283 | struct rt_cache_iter_state { | |
284 | int bucket; | |
285 | }; | |
286 | ||
287 | static struct rtable *rt_cache_get_first(struct seq_file *seq) | |
288 | { | |
289 | struct rtable *r = NULL; | |
290 | struct rt_cache_iter_state *st = seq->private; | |
291 | ||
292 | for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) { | |
293 | rcu_read_lock_bh(); | |
294 | r = rt_hash_table[st->bucket].chain; | |
295 | if (r) | |
296 | break; | |
297 | rcu_read_unlock_bh(); | |
298 | } | |
0bcceadc | 299 | return rcu_dereference(r); |
1da177e4 LT |
300 | } |
301 | ||
302 | static struct rtable *rt_cache_get_next(struct seq_file *seq, struct rtable *r) | |
303 | { | |
0bcceadc | 304 | struct rt_cache_iter_state *st = seq->private; |
1da177e4 | 305 | |
093c2ca4 | 306 | r = r->u.dst.rt_next; |
1da177e4 LT |
307 | while (!r) { |
308 | rcu_read_unlock_bh(); | |
309 | if (--st->bucket < 0) | |
310 | break; | |
311 | rcu_read_lock_bh(); | |
312 | r = rt_hash_table[st->bucket].chain; | |
313 | } | |
0bcceadc | 314 | return rcu_dereference(r); |
1da177e4 LT |
315 | } |
316 | ||
317 | static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos) | |
318 | { | |
319 | struct rtable *r = rt_cache_get_first(seq); | |
320 | ||
321 | if (r) | |
322 | while (pos && (r = rt_cache_get_next(seq, r))) | |
323 | --pos; | |
324 | return pos ? NULL : r; | |
325 | } | |
326 | ||
327 | static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos) | |
328 | { | |
329 | return *pos ? rt_cache_get_idx(seq, *pos - 1) : SEQ_START_TOKEN; | |
330 | } | |
331 | ||
332 | static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos) | |
333 | { | |
334 | struct rtable *r = NULL; | |
335 | ||
336 | if (v == SEQ_START_TOKEN) | |
337 | r = rt_cache_get_first(seq); | |
338 | else | |
339 | r = rt_cache_get_next(seq, v); | |
340 | ++*pos; | |
341 | return r; | |
342 | } | |
343 | ||
344 | static void rt_cache_seq_stop(struct seq_file *seq, void *v) | |
345 | { | |
346 | if (v && v != SEQ_START_TOKEN) | |
347 | rcu_read_unlock_bh(); | |
348 | } | |
349 | ||
350 | static int rt_cache_seq_show(struct seq_file *seq, void *v) | |
351 | { | |
352 | if (v == SEQ_START_TOKEN) | |
353 | seq_printf(seq, "%-127s\n", | |
354 | "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t" | |
355 | "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t" | |
356 | "HHUptod\tSpecDst"); | |
357 | else { | |
358 | struct rtable *r = v; | |
359 | char temp[256]; | |
360 | ||
361 | sprintf(temp, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t" | |
362 | "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X", | |
363 | r->u.dst.dev ? r->u.dst.dev->name : "*", | |
364 | (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway, | |
365 | r->rt_flags, atomic_read(&r->u.dst.__refcnt), | |
366 | r->u.dst.__use, 0, (unsigned long)r->rt_src, | |
367 | (dst_metric(&r->u.dst, RTAX_ADVMSS) ? | |
368 | (int)dst_metric(&r->u.dst, RTAX_ADVMSS) + 40 : 0), | |
369 | dst_metric(&r->u.dst, RTAX_WINDOW), | |
370 | (int)((dst_metric(&r->u.dst, RTAX_RTT) >> 3) + | |
371 | dst_metric(&r->u.dst, RTAX_RTTVAR)), | |
372 | r->fl.fl4_tos, | |
373 | r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1, | |
374 | r->u.dst.hh ? (r->u.dst.hh->hh_output == | |
375 | dev_queue_xmit) : 0, | |
376 | r->rt_spec_dst); | |
377 | seq_printf(seq, "%-127s\n", temp); | |
e905a9ed YH |
378 | } |
379 | return 0; | |
1da177e4 LT |
380 | } |
381 | ||
f690808e | 382 | static const struct seq_operations rt_cache_seq_ops = { |
1da177e4 LT |
383 | .start = rt_cache_seq_start, |
384 | .next = rt_cache_seq_next, | |
385 | .stop = rt_cache_seq_stop, | |
386 | .show = rt_cache_seq_show, | |
387 | }; | |
388 | ||
389 | static int rt_cache_seq_open(struct inode *inode, struct file *file) | |
390 | { | |
cf7732e4 PE |
391 | return seq_open_private(file, &rt_cache_seq_ops, |
392 | sizeof(struct rt_cache_iter_state)); | |
1da177e4 LT |
393 | } |
394 | ||
9a32144e | 395 | static const struct file_operations rt_cache_seq_fops = { |
1da177e4 LT |
396 | .owner = THIS_MODULE, |
397 | .open = rt_cache_seq_open, | |
398 | .read = seq_read, | |
399 | .llseek = seq_lseek, | |
400 | .release = seq_release_private, | |
401 | }; | |
402 | ||
403 | ||
404 | static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos) | |
405 | { | |
406 | int cpu; | |
407 | ||
408 | if (*pos == 0) | |
409 | return SEQ_START_TOKEN; | |
410 | ||
411 | for (cpu = *pos-1; cpu < NR_CPUS; ++cpu) { | |
412 | if (!cpu_possible(cpu)) | |
413 | continue; | |
414 | *pos = cpu+1; | |
2f970d83 | 415 | return &per_cpu(rt_cache_stat, cpu); |
1da177e4 LT |
416 | } |
417 | return NULL; | |
418 | } | |
419 | ||
420 | static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos) | |
421 | { | |
422 | int cpu; | |
423 | ||
424 | for (cpu = *pos; cpu < NR_CPUS; ++cpu) { | |
425 | if (!cpu_possible(cpu)) | |
426 | continue; | |
427 | *pos = cpu+1; | |
2f970d83 | 428 | return &per_cpu(rt_cache_stat, cpu); |
1da177e4 LT |
429 | } |
430 | return NULL; | |
e905a9ed | 431 | |
1da177e4 LT |
432 | } |
433 | ||
434 | static void rt_cpu_seq_stop(struct seq_file *seq, void *v) | |
435 | { | |
436 | ||
437 | } | |
438 | ||
439 | static int rt_cpu_seq_show(struct seq_file *seq, void *v) | |
440 | { | |
441 | struct rt_cache_stat *st = v; | |
442 | ||
443 | if (v == SEQ_START_TOKEN) { | |
5bec0039 | 444 | seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n"); |
1da177e4 LT |
445 | return 0; |
446 | } | |
e905a9ed | 447 | |
1da177e4 LT |
448 | seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x " |
449 | " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n", | |
450 | atomic_read(&ipv4_dst_ops.entries), | |
451 | st->in_hit, | |
452 | st->in_slow_tot, | |
453 | st->in_slow_mc, | |
454 | st->in_no_route, | |
455 | st->in_brd, | |
456 | st->in_martian_dst, | |
457 | st->in_martian_src, | |
458 | ||
459 | st->out_hit, | |
460 | st->out_slow_tot, | |
e905a9ed | 461 | st->out_slow_mc, |
1da177e4 LT |
462 | |
463 | st->gc_total, | |
464 | st->gc_ignored, | |
465 | st->gc_goal_miss, | |
466 | st->gc_dst_overflow, | |
467 | st->in_hlist_search, | |
468 | st->out_hlist_search | |
469 | ); | |
470 | return 0; | |
471 | } | |
472 | ||
f690808e | 473 | static const struct seq_operations rt_cpu_seq_ops = { |
1da177e4 LT |
474 | .start = rt_cpu_seq_start, |
475 | .next = rt_cpu_seq_next, | |
476 | .stop = rt_cpu_seq_stop, | |
477 | .show = rt_cpu_seq_show, | |
478 | }; | |
479 | ||
480 | ||
481 | static int rt_cpu_seq_open(struct inode *inode, struct file *file) | |
482 | { | |
483 | return seq_open(file, &rt_cpu_seq_ops); | |
484 | } | |
485 | ||
9a32144e | 486 | static const struct file_operations rt_cpu_seq_fops = { |
1da177e4 LT |
487 | .owner = THIS_MODULE, |
488 | .open = rt_cpu_seq_open, | |
489 | .read = seq_read, | |
490 | .llseek = seq_lseek, | |
491 | .release = seq_release, | |
492 | }; | |
493 | ||
78c686e9 PE |
494 | #ifdef CONFIG_NET_CLS_ROUTE |
495 | static int ip_rt_acct_read(char *buffer, char **start, off_t offset, | |
496 | int length, int *eof, void *data) | |
497 | { | |
498 | unsigned int i; | |
499 | ||
500 | if ((offset & 3) || (length & 3)) | |
501 | return -EIO; | |
502 | ||
503 | if (offset >= sizeof(struct ip_rt_acct) * 256) { | |
504 | *eof = 1; | |
505 | return 0; | |
506 | } | |
507 | ||
508 | if (offset + length >= sizeof(struct ip_rt_acct) * 256) { | |
509 | length = sizeof(struct ip_rt_acct) * 256 - offset; | |
510 | *eof = 1; | |
511 | } | |
512 | ||
513 | offset /= sizeof(u32); | |
514 | ||
515 | if (length > 0) { | |
516 | u32 *dst = (u32 *) buffer; | |
517 | ||
518 | *start = buffer; | |
519 | memset(dst, 0, length); | |
520 | ||
521 | for_each_possible_cpu(i) { | |
522 | unsigned int j; | |
523 | u32 *src; | |
524 | ||
525 | src = ((u32 *) per_cpu_ptr(ip_rt_acct, i)) + offset; | |
526 | for (j = 0; j < length/4; j++) | |
527 | dst[j] += src[j]; | |
528 | } | |
529 | } | |
530 | return length; | |
531 | } | |
532 | #endif | |
107f1634 PE |
533 | |
534 | static __init int ip_rt_proc_init(struct net *net) | |
535 | { | |
536 | struct proc_dir_entry *pde; | |
537 | ||
538 | pde = proc_net_fops_create(net, "rt_cache", S_IRUGO, | |
539 | &rt_cache_seq_fops); | |
540 | if (!pde) | |
541 | goto err1; | |
542 | ||
543 | pde = create_proc_entry("rt_cache", S_IRUGO, net->proc_net_stat); | |
544 | if (!pde) | |
545 | goto err2; | |
546 | ||
547 | pde->proc_fops = &rt_cpu_seq_fops; | |
548 | ||
549 | #ifdef CONFIG_NET_CLS_ROUTE | |
550 | pde = create_proc_read_entry("rt_acct", 0, net->proc_net, | |
551 | ip_rt_acct_read, NULL); | |
552 | if (!pde) | |
553 | goto err3; | |
554 | #endif | |
555 | return 0; | |
556 | ||
557 | #ifdef CONFIG_NET_CLS_ROUTE | |
558 | err3: | |
559 | remove_proc_entry("rt_cache", net->proc_net_stat); | |
560 | #endif | |
561 | err2: | |
562 | remove_proc_entry("rt_cache", net->proc_net); | |
563 | err1: | |
564 | return -ENOMEM; | |
565 | } | |
566 | #else | |
567 | static inline int ip_rt_proc_init(struct net *net) | |
568 | { | |
569 | return 0; | |
570 | } | |
1da177e4 | 571 | #endif /* CONFIG_PROC_FS */ |
e905a9ed | 572 | |
1da177e4 LT |
573 | static __inline__ void rt_free(struct rtable *rt) |
574 | { | |
1da177e4 LT |
575 | call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free); |
576 | } | |
577 | ||
578 | static __inline__ void rt_drop(struct rtable *rt) | |
579 | { | |
1da177e4 LT |
580 | ip_rt_put(rt); |
581 | call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free); | |
582 | } | |
583 | ||
584 | static __inline__ int rt_fast_clean(struct rtable *rth) | |
585 | { | |
586 | /* Kill broadcast/multicast entries very aggresively, if they | |
587 | collide in hash table with more useful entries */ | |
588 | return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) && | |
093c2ca4 | 589 | rth->fl.iif && rth->u.dst.rt_next; |
1da177e4 LT |
590 | } |
591 | ||
592 | static __inline__ int rt_valuable(struct rtable *rth) | |
593 | { | |
594 | return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) || | |
595 | rth->u.dst.expires; | |
596 | } | |
597 | ||
598 | static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2) | |
599 | { | |
600 | unsigned long age; | |
601 | int ret = 0; | |
602 | ||
603 | if (atomic_read(&rth->u.dst.__refcnt)) | |
604 | goto out; | |
605 | ||
606 | ret = 1; | |
607 | if (rth->u.dst.expires && | |
608 | time_after_eq(jiffies, rth->u.dst.expires)) | |
609 | goto out; | |
610 | ||
611 | age = jiffies - rth->u.dst.lastuse; | |
612 | ret = 0; | |
613 | if ((age <= tmo1 && !rt_fast_clean(rth)) || | |
614 | (age <= tmo2 && rt_valuable(rth))) | |
615 | goto out; | |
616 | ret = 1; | |
617 | out: return ret; | |
618 | } | |
619 | ||
620 | /* Bits of score are: | |
621 | * 31: very valuable | |
622 | * 30: not quite useless | |
623 | * 29..0: usage counter | |
624 | */ | |
625 | static inline u32 rt_score(struct rtable *rt) | |
626 | { | |
627 | u32 score = jiffies - rt->u.dst.lastuse; | |
628 | ||
629 | score = ~score & ~(3<<30); | |
630 | ||
631 | if (rt_valuable(rt)) | |
632 | score |= (1<<31); | |
633 | ||
634 | if (!rt->fl.iif || | |
635 | !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL))) | |
636 | score |= (1<<30); | |
637 | ||
638 | return score; | |
639 | } | |
640 | ||
641 | static inline int compare_keys(struct flowi *fl1, struct flowi *fl2) | |
642 | { | |
714e85be AV |
643 | return ((__force u32)((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) | |
644 | (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr)) | | |
47dcf0cb | 645 | (fl1->mark ^ fl2->mark) | |
8238b218 DM |
646 | (*(u16 *)&fl1->nl_u.ip4_u.tos ^ |
647 | *(u16 *)&fl2->nl_u.ip4_u.tos) | | |
648 | (fl1->oif ^ fl2->oif) | | |
649 | (fl1->iif ^ fl2->iif)) == 0; | |
1da177e4 LT |
650 | } |
651 | ||
b5921910 DL |
652 | static inline int compare_netns(struct rtable *rt1, struct rtable *rt2) |
653 | { | |
654 | return rt1->u.dst.dev->nd_net == rt2->u.dst.dev->nd_net; | |
655 | } | |
656 | ||
beb659bd ED |
657 | /* |
658 | * Perform a full scan of hash table and free all entries. | |
659 | * Can be called by a softirq or a process. | |
660 | * In the later case, we want to be reschedule if necessary | |
661 | */ | |
662 | static void rt_do_flush(int process_context) | |
663 | { | |
664 | unsigned int i; | |
665 | struct rtable *rth, *next; | |
666 | ||
667 | for (i = 0; i <= rt_hash_mask; i++) { | |
668 | if (process_context && need_resched()) | |
669 | cond_resched(); | |
670 | rth = rt_hash_table[i].chain; | |
671 | if (!rth) | |
672 | continue; | |
673 | ||
674 | spin_lock_bh(rt_hash_lock_addr(i)); | |
675 | rth = rt_hash_table[i].chain; | |
676 | rt_hash_table[i].chain = NULL; | |
677 | spin_unlock_bh(rt_hash_lock_addr(i)); | |
678 | ||
679 | for (; rth; rth = next) { | |
680 | next = rth->u.dst.rt_next; | |
681 | rt_free(rth); | |
682 | } | |
683 | } | |
684 | } | |
685 | ||
686 | static void rt_check_expire(void) | |
1da177e4 | 687 | { |
bb1d23b0 ED |
688 | static unsigned int rover; |
689 | unsigned int i = rover, goal; | |
1da177e4 | 690 | struct rtable *rth, **rthp; |
bb1d23b0 ED |
691 | u64 mult; |
692 | ||
693 | mult = ((u64)ip_rt_gc_interval) << rt_hash_log; | |
694 | if (ip_rt_gc_timeout > 1) | |
695 | do_div(mult, ip_rt_gc_timeout); | |
696 | goal = (unsigned int)mult; | |
39c90ece ED |
697 | if (goal > rt_hash_mask) |
698 | goal = rt_hash_mask + 1; | |
bb1d23b0 | 699 | for (; goal > 0; goal--) { |
1da177e4 LT |
700 | unsigned long tmo = ip_rt_gc_timeout; |
701 | ||
702 | i = (i + 1) & rt_hash_mask; | |
703 | rthp = &rt_hash_table[i].chain; | |
704 | ||
d90bf5a9 ED |
705 | if (need_resched()) |
706 | cond_resched(); | |
707 | ||
cfcabdcc | 708 | if (*rthp == NULL) |
bb1d23b0 | 709 | continue; |
39c90ece | 710 | spin_lock_bh(rt_hash_lock_addr(i)); |
1da177e4 LT |
711 | while ((rth = *rthp) != NULL) { |
712 | if (rth->u.dst.expires) { | |
713 | /* Entry is expired even if it is in use */ | |
39c90ece | 714 | if (time_before_eq(jiffies, rth->u.dst.expires)) { |
1da177e4 | 715 | tmo >>= 1; |
093c2ca4 | 716 | rthp = &rth->u.dst.rt_next; |
1da177e4 LT |
717 | continue; |
718 | } | |
719 | } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout)) { | |
720 | tmo >>= 1; | |
093c2ca4 | 721 | rthp = &rth->u.dst.rt_next; |
1da177e4 LT |
722 | continue; |
723 | } | |
724 | ||
725 | /* Cleanup aged off entries. */ | |
093c2ca4 | 726 | *rthp = rth->u.dst.rt_next; |
e905a9ed | 727 | rt_free(rth); |
1da177e4 | 728 | } |
39c90ece | 729 | spin_unlock_bh(rt_hash_lock_addr(i)); |
1da177e4 LT |
730 | } |
731 | rover = i; | |
beb659bd ED |
732 | } |
733 | ||
734 | /* | |
735 | * rt_worker_func() is run in process context. | |
736 | * If a whole flush was scheduled, it is done. | |
737 | * Else, we call rt_check_expire() to scan part of the hash table | |
738 | */ | |
739 | static void rt_worker_func(struct work_struct *work) | |
740 | { | |
741 | if (ip_rt_flush_expected) { | |
742 | ip_rt_flush_expected = 0; | |
743 | rt_do_flush(1); | |
744 | } else | |
745 | rt_check_expire(); | |
39c90ece | 746 | schedule_delayed_work(&expires_work, ip_rt_gc_interval); |
1da177e4 LT |
747 | } |
748 | ||
749 | /* This can run from both BH and non-BH contexts, the latter | |
750 | * in the case of a forced flush event. | |
751 | */ | |
beb659bd | 752 | static void rt_run_flush(unsigned long process_context) |
1da177e4 | 753 | { |
1da177e4 LT |
754 | rt_deadline = 0; |
755 | ||
756 | get_random_bytes(&rt_hash_rnd, 4); | |
757 | ||
beb659bd | 758 | rt_do_flush(process_context); |
1da177e4 LT |
759 | } |
760 | ||
761 | static DEFINE_SPINLOCK(rt_flush_lock); | |
762 | ||
763 | void rt_cache_flush(int delay) | |
764 | { | |
765 | unsigned long now = jiffies; | |
766 | int user_mode = !in_softirq(); | |
767 | ||
768 | if (delay < 0) | |
769 | delay = ip_rt_min_delay; | |
770 | ||
1da177e4 LT |
771 | spin_lock_bh(&rt_flush_lock); |
772 | ||
773 | if (del_timer(&rt_flush_timer) && delay > 0 && rt_deadline) { | |
774 | long tmo = (long)(rt_deadline - now); | |
775 | ||
776 | /* If flush timer is already running | |
777 | and flush request is not immediate (delay > 0): | |
778 | ||
779 | if deadline is not achieved, prolongate timer to "delay", | |
780 | otherwise fire it at deadline time. | |
781 | */ | |
782 | ||
783 | if (user_mode && tmo < ip_rt_max_delay-ip_rt_min_delay) | |
784 | tmo = 0; | |
e905a9ed | 785 | |
1da177e4 LT |
786 | if (delay > tmo) |
787 | delay = tmo; | |
788 | } | |
789 | ||
790 | if (delay <= 0) { | |
791 | spin_unlock_bh(&rt_flush_lock); | |
beb659bd | 792 | rt_run_flush(user_mode); |
1da177e4 LT |
793 | return; |
794 | } | |
795 | ||
796 | if (rt_deadline == 0) | |
797 | rt_deadline = now + ip_rt_max_delay; | |
798 | ||
799 | mod_timer(&rt_flush_timer, now+delay); | |
800 | spin_unlock_bh(&rt_flush_lock); | |
801 | } | |
802 | ||
beb659bd ED |
803 | /* |
804 | * We change rt_hash_rnd and ask next rt_worker_func() invocation | |
805 | * to perform a flush in process context | |
806 | */ | |
1da177e4 LT |
807 | static void rt_secret_rebuild(unsigned long dummy) |
808 | { | |
beb659bd ED |
809 | get_random_bytes(&rt_hash_rnd, 4); |
810 | ip_rt_flush_expected = 1; | |
811 | cancel_delayed_work(&expires_work); | |
812 | schedule_delayed_work(&expires_work, HZ/10); | |
813 | mod_timer(&rt_secret_timer, jiffies + ip_rt_secret_interval); | |
1da177e4 LT |
814 | } |
815 | ||
816 | /* | |
817 | Short description of GC goals. | |
818 | ||
819 | We want to build algorithm, which will keep routing cache | |
820 | at some equilibrium point, when number of aged off entries | |
821 | is kept approximately equal to newly generated ones. | |
822 | ||
823 | Current expiration strength is variable "expire". | |
824 | We try to adjust it dynamically, so that if networking | |
825 | is idle expires is large enough to keep enough of warm entries, | |
826 | and when load increases it reduces to limit cache size. | |
827 | */ | |
828 | ||
569d3645 | 829 | static int rt_garbage_collect(struct dst_ops *ops) |
1da177e4 LT |
830 | { |
831 | static unsigned long expire = RT_GC_TIMEOUT; | |
832 | static unsigned long last_gc; | |
833 | static int rover; | |
834 | static int equilibrium; | |
835 | struct rtable *rth, **rthp; | |
836 | unsigned long now = jiffies; | |
837 | int goal; | |
838 | ||
839 | /* | |
840 | * Garbage collection is pretty expensive, | |
841 | * do not make it too frequently. | |
842 | */ | |
843 | ||
844 | RT_CACHE_STAT_INC(gc_total); | |
845 | ||
846 | if (now - last_gc < ip_rt_gc_min_interval && | |
847 | atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) { | |
848 | RT_CACHE_STAT_INC(gc_ignored); | |
849 | goto out; | |
850 | } | |
851 | ||
852 | /* Calculate number of entries, which we want to expire now. */ | |
853 | goal = atomic_read(&ipv4_dst_ops.entries) - | |
854 | (ip_rt_gc_elasticity << rt_hash_log); | |
855 | if (goal <= 0) { | |
856 | if (equilibrium < ipv4_dst_ops.gc_thresh) | |
857 | equilibrium = ipv4_dst_ops.gc_thresh; | |
858 | goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium; | |
859 | if (goal > 0) { | |
b790cedd | 860 | equilibrium += min_t(unsigned int, goal >> 1, rt_hash_mask + 1); |
1da177e4 LT |
861 | goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium; |
862 | } | |
863 | } else { | |
864 | /* We are in dangerous area. Try to reduce cache really | |
865 | * aggressively. | |
866 | */ | |
b790cedd | 867 | goal = max_t(unsigned int, goal >> 1, rt_hash_mask + 1); |
1da177e4 LT |
868 | equilibrium = atomic_read(&ipv4_dst_ops.entries) - goal; |
869 | } | |
870 | ||
871 | if (now - last_gc >= ip_rt_gc_min_interval) | |
872 | last_gc = now; | |
873 | ||
874 | if (goal <= 0) { | |
875 | equilibrium += goal; | |
876 | goto work_done; | |
877 | } | |
878 | ||
879 | do { | |
880 | int i, k; | |
881 | ||
882 | for (i = rt_hash_mask, k = rover; i >= 0; i--) { | |
883 | unsigned long tmo = expire; | |
884 | ||
885 | k = (k + 1) & rt_hash_mask; | |
886 | rthp = &rt_hash_table[k].chain; | |
22c047cc | 887 | spin_lock_bh(rt_hash_lock_addr(k)); |
1da177e4 LT |
888 | while ((rth = *rthp) != NULL) { |
889 | if (!rt_may_expire(rth, tmo, expire)) { | |
890 | tmo >>= 1; | |
093c2ca4 | 891 | rthp = &rth->u.dst.rt_next; |
1da177e4 LT |
892 | continue; |
893 | } | |
093c2ca4 | 894 | *rthp = rth->u.dst.rt_next; |
1da177e4 LT |
895 | rt_free(rth); |
896 | goal--; | |
1da177e4 | 897 | } |
22c047cc | 898 | spin_unlock_bh(rt_hash_lock_addr(k)); |
1da177e4 LT |
899 | if (goal <= 0) |
900 | break; | |
901 | } | |
902 | rover = k; | |
903 | ||
904 | if (goal <= 0) | |
905 | goto work_done; | |
906 | ||
907 | /* Goal is not achieved. We stop process if: | |
908 | ||
909 | - if expire reduced to zero. Otherwise, expire is halfed. | |
910 | - if table is not full. | |
911 | - if we are called from interrupt. | |
912 | - jiffies check is just fallback/debug loop breaker. | |
913 | We will not spin here for long time in any case. | |
914 | */ | |
915 | ||
916 | RT_CACHE_STAT_INC(gc_goal_miss); | |
917 | ||
918 | if (expire == 0) | |
919 | break; | |
920 | ||
921 | expire >>= 1; | |
922 | #if RT_CACHE_DEBUG >= 2 | |
923 | printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire, | |
924 | atomic_read(&ipv4_dst_ops.entries), goal, i); | |
925 | #endif | |
926 | ||
927 | if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) | |
928 | goto out; | |
929 | } while (!in_softirq() && time_before_eq(jiffies, now)); | |
930 | ||
931 | if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) | |
932 | goto out; | |
933 | if (net_ratelimit()) | |
934 | printk(KERN_WARNING "dst cache overflow\n"); | |
935 | RT_CACHE_STAT_INC(gc_dst_overflow); | |
936 | return 1; | |
937 | ||
938 | work_done: | |
939 | expire += ip_rt_gc_min_interval; | |
940 | if (expire > ip_rt_gc_timeout || | |
941 | atomic_read(&ipv4_dst_ops.entries) < ipv4_dst_ops.gc_thresh) | |
942 | expire = ip_rt_gc_timeout; | |
943 | #if RT_CACHE_DEBUG >= 2 | |
944 | printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire, | |
945 | atomic_read(&ipv4_dst_ops.entries), goal, rover); | |
946 | #endif | |
947 | out: return 0; | |
948 | } | |
949 | ||
950 | static int rt_intern_hash(unsigned hash, struct rtable *rt, struct rtable **rp) | |
951 | { | |
952 | struct rtable *rth, **rthp; | |
953 | unsigned long now; | |
954 | struct rtable *cand, **candp; | |
955 | u32 min_score; | |
956 | int chain_length; | |
957 | int attempts = !in_softirq(); | |
958 | ||
959 | restart: | |
960 | chain_length = 0; | |
961 | min_score = ~(u32)0; | |
962 | cand = NULL; | |
963 | candp = NULL; | |
964 | now = jiffies; | |
965 | ||
966 | rthp = &rt_hash_table[hash].chain; | |
967 | ||
22c047cc | 968 | spin_lock_bh(rt_hash_lock_addr(hash)); |
1da177e4 | 969 | while ((rth = *rthp) != NULL) { |
b5921910 | 970 | if (compare_keys(&rth->fl, &rt->fl) && compare_netns(rth, rt)) { |
1da177e4 | 971 | /* Put it first */ |
093c2ca4 | 972 | *rthp = rth->u.dst.rt_next; |
1da177e4 LT |
973 | /* |
974 | * Since lookup is lockfree, the deletion | |
975 | * must be visible to another weakly ordered CPU before | |
976 | * the insertion at the start of the hash chain. | |
977 | */ | |
093c2ca4 | 978 | rcu_assign_pointer(rth->u.dst.rt_next, |
1da177e4 LT |
979 | rt_hash_table[hash].chain); |
980 | /* | |
981 | * Since lookup is lockfree, the update writes | |
982 | * must be ordered for consistency on SMP. | |
983 | */ | |
984 | rcu_assign_pointer(rt_hash_table[hash].chain, rth); | |
985 | ||
03f49f34 | 986 | dst_use(&rth->u.dst, now); |
22c047cc | 987 | spin_unlock_bh(rt_hash_lock_addr(hash)); |
1da177e4 LT |
988 | |
989 | rt_drop(rt); | |
990 | *rp = rth; | |
991 | return 0; | |
992 | } | |
993 | ||
994 | if (!atomic_read(&rth->u.dst.__refcnt)) { | |
995 | u32 score = rt_score(rth); | |
996 | ||
997 | if (score <= min_score) { | |
998 | cand = rth; | |
999 | candp = rthp; | |
1000 | min_score = score; | |
1001 | } | |
1002 | } | |
1003 | ||
1004 | chain_length++; | |
1005 | ||
093c2ca4 | 1006 | rthp = &rth->u.dst.rt_next; |
1da177e4 LT |
1007 | } |
1008 | ||
1009 | if (cand) { | |
1010 | /* ip_rt_gc_elasticity used to be average length of chain | |
1011 | * length, when exceeded gc becomes really aggressive. | |
1012 | * | |
1013 | * The second limit is less certain. At the moment it allows | |
1014 | * only 2 entries per bucket. We will see. | |
1015 | */ | |
1016 | if (chain_length > ip_rt_gc_elasticity) { | |
093c2ca4 | 1017 | *candp = cand->u.dst.rt_next; |
1da177e4 LT |
1018 | rt_free(cand); |
1019 | } | |
1020 | } | |
1021 | ||
1022 | /* Try to bind route to arp only if it is output | |
1023 | route or unicast forwarding path. | |
1024 | */ | |
1025 | if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) { | |
1026 | int err = arp_bind_neighbour(&rt->u.dst); | |
1027 | if (err) { | |
22c047cc | 1028 | spin_unlock_bh(rt_hash_lock_addr(hash)); |
1da177e4 LT |
1029 | |
1030 | if (err != -ENOBUFS) { | |
1031 | rt_drop(rt); | |
1032 | return err; | |
1033 | } | |
1034 | ||
1035 | /* Neighbour tables are full and nothing | |
1036 | can be released. Try to shrink route cache, | |
1037 | it is most likely it holds some neighbour records. | |
1038 | */ | |
1039 | if (attempts-- > 0) { | |
1040 | int saved_elasticity = ip_rt_gc_elasticity; | |
1041 | int saved_int = ip_rt_gc_min_interval; | |
1042 | ip_rt_gc_elasticity = 1; | |
1043 | ip_rt_gc_min_interval = 0; | |
569d3645 | 1044 | rt_garbage_collect(&ipv4_dst_ops); |
1da177e4 LT |
1045 | ip_rt_gc_min_interval = saved_int; |
1046 | ip_rt_gc_elasticity = saved_elasticity; | |
1047 | goto restart; | |
1048 | } | |
1049 | ||
1050 | if (net_ratelimit()) | |
1051 | printk(KERN_WARNING "Neighbour table overflow.\n"); | |
1052 | rt_drop(rt); | |
1053 | return -ENOBUFS; | |
1054 | } | |
1055 | } | |
1056 | ||
093c2ca4 | 1057 | rt->u.dst.rt_next = rt_hash_table[hash].chain; |
1da177e4 | 1058 | #if RT_CACHE_DEBUG >= 2 |
093c2ca4 | 1059 | if (rt->u.dst.rt_next) { |
1da177e4 LT |
1060 | struct rtable *trt; |
1061 | printk(KERN_DEBUG "rt_cache @%02x: %u.%u.%u.%u", hash, | |
1062 | NIPQUAD(rt->rt_dst)); | |
093c2ca4 | 1063 | for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next) |
1da177e4 LT |
1064 | printk(" . %u.%u.%u.%u", NIPQUAD(trt->rt_dst)); |
1065 | printk("\n"); | |
1066 | } | |
1067 | #endif | |
1068 | rt_hash_table[hash].chain = rt; | |
22c047cc | 1069 | spin_unlock_bh(rt_hash_lock_addr(hash)); |
1da177e4 LT |
1070 | *rp = rt; |
1071 | return 0; | |
1072 | } | |
1073 | ||
1074 | void rt_bind_peer(struct rtable *rt, int create) | |
1075 | { | |
1076 | static DEFINE_SPINLOCK(rt_peer_lock); | |
1077 | struct inet_peer *peer; | |
1078 | ||
1079 | peer = inet_getpeer(rt->rt_dst, create); | |
1080 | ||
1081 | spin_lock_bh(&rt_peer_lock); | |
1082 | if (rt->peer == NULL) { | |
1083 | rt->peer = peer; | |
1084 | peer = NULL; | |
1085 | } | |
1086 | spin_unlock_bh(&rt_peer_lock); | |
1087 | if (peer) | |
1088 | inet_putpeer(peer); | |
1089 | } | |
1090 | ||
1091 | /* | |
1092 | * Peer allocation may fail only in serious out-of-memory conditions. However | |
1093 | * we still can generate some output. | |
1094 | * Random ID selection looks a bit dangerous because we have no chances to | |
1095 | * select ID being unique in a reasonable period of time. | |
1096 | * But broken packet identifier may be better than no packet at all. | |
1097 | */ | |
1098 | static void ip_select_fb_ident(struct iphdr *iph) | |
1099 | { | |
1100 | static DEFINE_SPINLOCK(ip_fb_id_lock); | |
1101 | static u32 ip_fallback_id; | |
1102 | u32 salt; | |
1103 | ||
1104 | spin_lock_bh(&ip_fb_id_lock); | |
e448515c | 1105 | salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr); |
1da177e4 LT |
1106 | iph->id = htons(salt & 0xFFFF); |
1107 | ip_fallback_id = salt; | |
1108 | spin_unlock_bh(&ip_fb_id_lock); | |
1109 | } | |
1110 | ||
1111 | void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more) | |
1112 | { | |
1113 | struct rtable *rt = (struct rtable *) dst; | |
1114 | ||
1115 | if (rt) { | |
1116 | if (rt->peer == NULL) | |
1117 | rt_bind_peer(rt, 1); | |
1118 | ||
1119 | /* If peer is attached to destination, it is never detached, | |
1120 | so that we need not to grab a lock to dereference it. | |
1121 | */ | |
1122 | if (rt->peer) { | |
1123 | iph->id = htons(inet_getid(rt->peer, more)); | |
1124 | return; | |
1125 | } | |
1126 | } else | |
e905a9ed | 1127 | printk(KERN_DEBUG "rt_bind_peer(0) @%p\n", |
9c2b3328 | 1128 | __builtin_return_address(0)); |
1da177e4 LT |
1129 | |
1130 | ip_select_fb_ident(iph); | |
1131 | } | |
1132 | ||
1133 | static void rt_del(unsigned hash, struct rtable *rt) | |
1134 | { | |
1135 | struct rtable **rthp; | |
1136 | ||
22c047cc | 1137 | spin_lock_bh(rt_hash_lock_addr(hash)); |
1da177e4 LT |
1138 | ip_rt_put(rt); |
1139 | for (rthp = &rt_hash_table[hash].chain; *rthp; | |
093c2ca4 | 1140 | rthp = &(*rthp)->u.dst.rt_next) |
1da177e4 | 1141 | if (*rthp == rt) { |
093c2ca4 | 1142 | *rthp = rt->u.dst.rt_next; |
1da177e4 LT |
1143 | rt_free(rt); |
1144 | break; | |
1145 | } | |
22c047cc | 1146 | spin_unlock_bh(rt_hash_lock_addr(hash)); |
1da177e4 LT |
1147 | } |
1148 | ||
f7655229 AV |
1149 | void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw, |
1150 | __be32 saddr, struct net_device *dev) | |
1da177e4 LT |
1151 | { |
1152 | int i, k; | |
1153 | struct in_device *in_dev = in_dev_get(dev); | |
1154 | struct rtable *rth, **rthp; | |
f7655229 | 1155 | __be32 skeys[2] = { saddr, 0 }; |
1da177e4 | 1156 | int ikeys[2] = { dev->ifindex, 0 }; |
8d71740c | 1157 | struct netevent_redirect netevent; |
1da177e4 | 1158 | |
1da177e4 LT |
1159 | if (!in_dev) |
1160 | return; | |
1161 | ||
1162 | if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) | |
1e637c74 | 1163 | || ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) |
f97c1e0c | 1164 | || ipv4_is_zeronet(new_gw)) |
1da177e4 LT |
1165 | goto reject_redirect; |
1166 | ||
1167 | if (!IN_DEV_SHARED_MEDIA(in_dev)) { | |
1168 | if (!inet_addr_onlink(in_dev, new_gw, old_gw)) | |
1169 | goto reject_redirect; | |
1170 | if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev)) | |
1171 | goto reject_redirect; | |
1172 | } else { | |
6b175b26 | 1173 | if (inet_addr_type(&init_net, new_gw) != RTN_UNICAST) |
1da177e4 LT |
1174 | goto reject_redirect; |
1175 | } | |
1176 | ||
1177 | for (i = 0; i < 2; i++) { | |
1178 | for (k = 0; k < 2; k++) { | |
8c7bc840 | 1179 | unsigned hash = rt_hash(daddr, skeys[i], ikeys[k]); |
1da177e4 LT |
1180 | |
1181 | rthp=&rt_hash_table[hash].chain; | |
1182 | ||
1183 | rcu_read_lock(); | |
1184 | while ((rth = rcu_dereference(*rthp)) != NULL) { | |
1185 | struct rtable *rt; | |
1186 | ||
1187 | if (rth->fl.fl4_dst != daddr || | |
1188 | rth->fl.fl4_src != skeys[i] || | |
1da177e4 LT |
1189 | rth->fl.oif != ikeys[k] || |
1190 | rth->fl.iif != 0) { | |
093c2ca4 | 1191 | rthp = &rth->u.dst.rt_next; |
1da177e4 LT |
1192 | continue; |
1193 | } | |
1194 | ||
1195 | if (rth->rt_dst != daddr || | |
1196 | rth->rt_src != saddr || | |
1197 | rth->u.dst.error || | |
1198 | rth->rt_gateway != old_gw || | |
1199 | rth->u.dst.dev != dev) | |
1200 | break; | |
1201 | ||
1202 | dst_hold(&rth->u.dst); | |
1203 | rcu_read_unlock(); | |
1204 | ||
1205 | rt = dst_alloc(&ipv4_dst_ops); | |
1206 | if (rt == NULL) { | |
1207 | ip_rt_put(rth); | |
1208 | in_dev_put(in_dev); | |
1209 | return; | |
1210 | } | |
1211 | ||
1212 | /* Copy all the information. */ | |
1213 | *rt = *rth; | |
e905a9ed | 1214 | INIT_RCU_HEAD(&rt->u.dst.rcu_head); |
1da177e4 LT |
1215 | rt->u.dst.__use = 1; |
1216 | atomic_set(&rt->u.dst.__refcnt, 1); | |
1217 | rt->u.dst.child = NULL; | |
1218 | if (rt->u.dst.dev) | |
1219 | dev_hold(rt->u.dst.dev); | |
1220 | if (rt->idev) | |
1221 | in_dev_hold(rt->idev); | |
1222 | rt->u.dst.obsolete = 0; | |
1223 | rt->u.dst.lastuse = jiffies; | |
1224 | rt->u.dst.path = &rt->u.dst; | |
1225 | rt->u.dst.neighbour = NULL; | |
1226 | rt->u.dst.hh = NULL; | |
1227 | rt->u.dst.xfrm = NULL; | |
1228 | ||
1229 | rt->rt_flags |= RTCF_REDIRECTED; | |
1230 | ||
1231 | /* Gateway is different ... */ | |
1232 | rt->rt_gateway = new_gw; | |
1233 | ||
1234 | /* Redirect received -> path was valid */ | |
1235 | dst_confirm(&rth->u.dst); | |
1236 | ||
1237 | if (rt->peer) | |
1238 | atomic_inc(&rt->peer->refcnt); | |
1239 | ||
1240 | if (arp_bind_neighbour(&rt->u.dst) || | |
1241 | !(rt->u.dst.neighbour->nud_state & | |
1242 | NUD_VALID)) { | |
1243 | if (rt->u.dst.neighbour) | |
1244 | neigh_event_send(rt->u.dst.neighbour, NULL); | |
1245 | ip_rt_put(rth); | |
1246 | rt_drop(rt); | |
1247 | goto do_next; | |
1248 | } | |
e905a9ed | 1249 | |
8d71740c TT |
1250 | netevent.old = &rth->u.dst; |
1251 | netevent.new = &rt->u.dst; | |
e905a9ed YH |
1252 | call_netevent_notifiers(NETEVENT_REDIRECT, |
1253 | &netevent); | |
1da177e4 LT |
1254 | |
1255 | rt_del(hash, rth); | |
1256 | if (!rt_intern_hash(hash, rt, &rt)) | |
1257 | ip_rt_put(rt); | |
1258 | goto do_next; | |
1259 | } | |
1260 | rcu_read_unlock(); | |
1261 | do_next: | |
1262 | ; | |
1263 | } | |
1264 | } | |
1265 | in_dev_put(in_dev); | |
1266 | return; | |
1267 | ||
1268 | reject_redirect: | |
1269 | #ifdef CONFIG_IP_ROUTE_VERBOSE | |
1270 | if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) | |
1271 | printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about " | |
1272 | "%u.%u.%u.%u ignored.\n" | |
cef2685e | 1273 | " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u\n", |
1da177e4 | 1274 | NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw), |
cef2685e | 1275 | NIPQUAD(saddr), NIPQUAD(daddr)); |
1da177e4 LT |
1276 | #endif |
1277 | in_dev_put(in_dev); | |
1278 | } | |
1279 | ||
1280 | static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst) | |
1281 | { | |
1282 | struct rtable *rt = (struct rtable*)dst; | |
1283 | struct dst_entry *ret = dst; | |
1284 | ||
1285 | if (rt) { | |
1286 | if (dst->obsolete) { | |
1287 | ip_rt_put(rt); | |
1288 | ret = NULL; | |
1289 | } else if ((rt->rt_flags & RTCF_REDIRECTED) || | |
1290 | rt->u.dst.expires) { | |
8c7bc840 AV |
1291 | unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src, |
1292 | rt->fl.oif); | |
1da177e4 | 1293 | #if RT_CACHE_DEBUG >= 1 |
56c99d04 | 1294 | printk(KERN_DEBUG "ipv4_negative_advice: redirect to " |
1da177e4 LT |
1295 | "%u.%u.%u.%u/%02x dropped\n", |
1296 | NIPQUAD(rt->rt_dst), rt->fl.fl4_tos); | |
1297 | #endif | |
1298 | rt_del(hash, rt); | |
1299 | ret = NULL; | |
1300 | } | |
1301 | } | |
1302 | return ret; | |
1303 | } | |
1304 | ||
1305 | /* | |
1306 | * Algorithm: | |
1307 | * 1. The first ip_rt_redirect_number redirects are sent | |
1308 | * with exponential backoff, then we stop sending them at all, | |
1309 | * assuming that the host ignores our redirects. | |
1310 | * 2. If we did not see packets requiring redirects | |
1311 | * during ip_rt_redirect_silence, we assume that the host | |
1312 | * forgot redirected route and start to send redirects again. | |
1313 | * | |
1314 | * This algorithm is much cheaper and more intelligent than dumb load limiting | |
1315 | * in icmp.c. | |
1316 | * | |
1317 | * NOTE. Do not forget to inhibit load limiting for redirects (redundant) | |
1318 | * and "frag. need" (breaks PMTU discovery) in icmp.c. | |
1319 | */ | |
1320 | ||
1321 | void ip_rt_send_redirect(struct sk_buff *skb) | |
1322 | { | |
1323 | struct rtable *rt = (struct rtable*)skb->dst; | |
1324 | struct in_device *in_dev = in_dev_get(rt->u.dst.dev); | |
1325 | ||
1326 | if (!in_dev) | |
1327 | return; | |
1328 | ||
1329 | if (!IN_DEV_TX_REDIRECTS(in_dev)) | |
1330 | goto out; | |
1331 | ||
1332 | /* No redirected packets during ip_rt_redirect_silence; | |
1333 | * reset the algorithm. | |
1334 | */ | |
1335 | if (time_after(jiffies, rt->u.dst.rate_last + ip_rt_redirect_silence)) | |
1336 | rt->u.dst.rate_tokens = 0; | |
1337 | ||
1338 | /* Too many ignored redirects; do not send anything | |
1339 | * set u.dst.rate_last to the last seen redirected packet. | |
1340 | */ | |
1341 | if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) { | |
1342 | rt->u.dst.rate_last = jiffies; | |
1343 | goto out; | |
1344 | } | |
1345 | ||
1346 | /* Check for load limit; set rate_last to the latest sent | |
1347 | * redirect. | |
1348 | */ | |
14fb8a76 LY |
1349 | if (rt->u.dst.rate_tokens == 0 || |
1350 | time_after(jiffies, | |
1da177e4 LT |
1351 | (rt->u.dst.rate_last + |
1352 | (ip_rt_redirect_load << rt->u.dst.rate_tokens)))) { | |
1353 | icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway); | |
1354 | rt->u.dst.rate_last = jiffies; | |
1355 | ++rt->u.dst.rate_tokens; | |
1356 | #ifdef CONFIG_IP_ROUTE_VERBOSE | |
1357 | if (IN_DEV_LOG_MARTIANS(in_dev) && | |
1358 | rt->u.dst.rate_tokens == ip_rt_redirect_number && | |
1359 | net_ratelimit()) | |
1360 | printk(KERN_WARNING "host %u.%u.%u.%u/if%d ignores " | |
1361 | "redirects for %u.%u.%u.%u to %u.%u.%u.%u.\n", | |
1362 | NIPQUAD(rt->rt_src), rt->rt_iif, | |
1363 | NIPQUAD(rt->rt_dst), NIPQUAD(rt->rt_gateway)); | |
1364 | #endif | |
1365 | } | |
1366 | out: | |
e905a9ed | 1367 | in_dev_put(in_dev); |
1da177e4 LT |
1368 | } |
1369 | ||
1370 | static int ip_error(struct sk_buff *skb) | |
1371 | { | |
1372 | struct rtable *rt = (struct rtable*)skb->dst; | |
1373 | unsigned long now; | |
1374 | int code; | |
1375 | ||
1376 | switch (rt->u.dst.error) { | |
1377 | case EINVAL: | |
1378 | default: | |
1379 | goto out; | |
1380 | case EHOSTUNREACH: | |
1381 | code = ICMP_HOST_UNREACH; | |
1382 | break; | |
1383 | case ENETUNREACH: | |
1384 | code = ICMP_NET_UNREACH; | |
7f53878d | 1385 | IP_INC_STATS_BH(IPSTATS_MIB_INNOROUTES); |
1da177e4 LT |
1386 | break; |
1387 | case EACCES: | |
1388 | code = ICMP_PKT_FILTERED; | |
1389 | break; | |
1390 | } | |
1391 | ||
1392 | now = jiffies; | |
1393 | rt->u.dst.rate_tokens += now - rt->u.dst.rate_last; | |
1394 | if (rt->u.dst.rate_tokens > ip_rt_error_burst) | |
1395 | rt->u.dst.rate_tokens = ip_rt_error_burst; | |
1396 | rt->u.dst.rate_last = now; | |
1397 | if (rt->u.dst.rate_tokens >= ip_rt_error_cost) { | |
1398 | rt->u.dst.rate_tokens -= ip_rt_error_cost; | |
1399 | icmp_send(skb, ICMP_DEST_UNREACH, code, 0); | |
1400 | } | |
1401 | ||
1402 | out: kfree_skb(skb); | |
1403 | return 0; | |
e905a9ed | 1404 | } |
1da177e4 LT |
1405 | |
1406 | /* | |
1407 | * The last two values are not from the RFC but | |
1408 | * are needed for AMPRnet AX.25 paths. | |
1409 | */ | |
1410 | ||
9b5b5cff | 1411 | static const unsigned short mtu_plateau[] = |
1da177e4 LT |
1412 | {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 }; |
1413 | ||
1414 | static __inline__ unsigned short guess_mtu(unsigned short old_mtu) | |
1415 | { | |
1416 | int i; | |
e905a9ed | 1417 | |
1da177e4 LT |
1418 | for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++) |
1419 | if (old_mtu > mtu_plateau[i]) | |
1420 | return mtu_plateau[i]; | |
1421 | return 68; | |
1422 | } | |
1423 | ||
b5921910 DL |
1424 | unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph, |
1425 | unsigned short new_mtu) | |
1da177e4 LT |
1426 | { |
1427 | int i; | |
1428 | unsigned short old_mtu = ntohs(iph->tot_len); | |
1429 | struct rtable *rth; | |
e448515c AV |
1430 | __be32 skeys[2] = { iph->saddr, 0, }; |
1431 | __be32 daddr = iph->daddr; | |
1da177e4 LT |
1432 | unsigned short est_mtu = 0; |
1433 | ||
1434 | if (ipv4_config.no_pmtu_disc) | |
1435 | return 0; | |
1436 | ||
1437 | for (i = 0; i < 2; i++) { | |
8c7bc840 | 1438 | unsigned hash = rt_hash(daddr, skeys[i], 0); |
1da177e4 LT |
1439 | |
1440 | rcu_read_lock(); | |
1441 | for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; | |
093c2ca4 | 1442 | rth = rcu_dereference(rth->u.dst.rt_next)) { |
1da177e4 LT |
1443 | if (rth->fl.fl4_dst == daddr && |
1444 | rth->fl.fl4_src == skeys[i] && | |
1445 | rth->rt_dst == daddr && | |
1446 | rth->rt_src == iph->saddr && | |
1da177e4 | 1447 | rth->fl.iif == 0 && |
b5921910 DL |
1448 | !(dst_metric_locked(&rth->u.dst, RTAX_MTU)) && |
1449 | rth->u.dst.dev->nd_net == net) { | |
1da177e4 LT |
1450 | unsigned short mtu = new_mtu; |
1451 | ||
1452 | if (new_mtu < 68 || new_mtu >= old_mtu) { | |
1453 | ||
1454 | /* BSD 4.2 compatibility hack :-( */ | |
1455 | if (mtu == 0 && | |
1456 | old_mtu >= rth->u.dst.metrics[RTAX_MTU-1] && | |
1457 | old_mtu >= 68 + (iph->ihl << 2)) | |
1458 | old_mtu -= iph->ihl << 2; | |
1459 | ||
1460 | mtu = guess_mtu(old_mtu); | |
1461 | } | |
1462 | if (mtu <= rth->u.dst.metrics[RTAX_MTU-1]) { | |
e905a9ed | 1463 | if (mtu < rth->u.dst.metrics[RTAX_MTU-1]) { |
1da177e4 LT |
1464 | dst_confirm(&rth->u.dst); |
1465 | if (mtu < ip_rt_min_pmtu) { | |
1466 | mtu = ip_rt_min_pmtu; | |
1467 | rth->u.dst.metrics[RTAX_LOCK-1] |= | |
1468 | (1 << RTAX_MTU); | |
1469 | } | |
1470 | rth->u.dst.metrics[RTAX_MTU-1] = mtu; | |
1471 | dst_set_expires(&rth->u.dst, | |
1472 | ip_rt_mtu_expires); | |
1473 | } | |
1474 | est_mtu = mtu; | |
1475 | } | |
1476 | } | |
1477 | } | |
1478 | rcu_read_unlock(); | |
1479 | } | |
1480 | return est_mtu ? : new_mtu; | |
1481 | } | |
1482 | ||
1483 | static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu) | |
1484 | { | |
1485 | if (dst->metrics[RTAX_MTU-1] > mtu && mtu >= 68 && | |
1486 | !(dst_metric_locked(dst, RTAX_MTU))) { | |
1487 | if (mtu < ip_rt_min_pmtu) { | |
1488 | mtu = ip_rt_min_pmtu; | |
1489 | dst->metrics[RTAX_LOCK-1] |= (1 << RTAX_MTU); | |
1490 | } | |
1491 | dst->metrics[RTAX_MTU-1] = mtu; | |
1492 | dst_set_expires(dst, ip_rt_mtu_expires); | |
8d71740c | 1493 | call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst); |
1da177e4 LT |
1494 | } |
1495 | } | |
1496 | ||
1497 | static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie) | |
1498 | { | |
1499 | return NULL; | |
1500 | } | |
1501 | ||
1502 | static void ipv4_dst_destroy(struct dst_entry *dst) | |
1503 | { | |
1504 | struct rtable *rt = (struct rtable *) dst; | |
1505 | struct inet_peer *peer = rt->peer; | |
1506 | struct in_device *idev = rt->idev; | |
1507 | ||
1508 | if (peer) { | |
1509 | rt->peer = NULL; | |
1510 | inet_putpeer(peer); | |
1511 | } | |
1512 | ||
1513 | if (idev) { | |
1514 | rt->idev = NULL; | |
1515 | in_dev_put(idev); | |
1516 | } | |
1517 | } | |
1518 | ||
1519 | static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev, | |
1520 | int how) | |
1521 | { | |
1522 | struct rtable *rt = (struct rtable *) dst; | |
1523 | struct in_device *idev = rt->idev; | |
5a3e55d6 DL |
1524 | if (dev != dev->nd_net->loopback_dev && idev && idev->dev == dev) { |
1525 | struct in_device *loopback_idev = | |
1526 | in_dev_get(dev->nd_net->loopback_dev); | |
1da177e4 LT |
1527 | if (loopback_idev) { |
1528 | rt->idev = loopback_idev; | |
1529 | in_dev_put(idev); | |
1530 | } | |
1531 | } | |
1532 | } | |
1533 | ||
1534 | static void ipv4_link_failure(struct sk_buff *skb) | |
1535 | { | |
1536 | struct rtable *rt; | |
1537 | ||
1538 | icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0); | |
1539 | ||
1540 | rt = (struct rtable *) skb->dst; | |
1541 | if (rt) | |
1542 | dst_set_expires(&rt->u.dst, 0); | |
1543 | } | |
1544 | ||
1545 | static int ip_rt_bug(struct sk_buff *skb) | |
1546 | { | |
1547 | printk(KERN_DEBUG "ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s\n", | |
eddc9ec5 | 1548 | NIPQUAD(ip_hdr(skb)->saddr), NIPQUAD(ip_hdr(skb)->daddr), |
1da177e4 LT |
1549 | skb->dev ? skb->dev->name : "?"); |
1550 | kfree_skb(skb); | |
1551 | return 0; | |
1552 | } | |
1553 | ||
1554 | /* | |
1555 | We do not cache source address of outgoing interface, | |
1556 | because it is used only by IP RR, TS and SRR options, | |
1557 | so that it out of fast path. | |
1558 | ||
1559 | BTW remember: "addr" is allowed to be not aligned | |
1560 | in IP options! | |
1561 | */ | |
1562 | ||
1563 | void ip_rt_get_source(u8 *addr, struct rtable *rt) | |
1564 | { | |
a61ced5d | 1565 | __be32 src; |
1da177e4 LT |
1566 | struct fib_result res; |
1567 | ||
1568 | if (rt->fl.iif == 0) | |
1569 | src = rt->rt_src; | |
ecfdc8c5 | 1570 | else if (fib_lookup(rt->u.dst.dev->nd_net, &rt->fl, &res) == 0) { |
1da177e4 LT |
1571 | src = FIB_RES_PREFSRC(res); |
1572 | fib_res_put(&res); | |
1573 | } else | |
1574 | src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway, | |
1575 | RT_SCOPE_UNIVERSE); | |
1576 | memcpy(addr, &src, 4); | |
1577 | } | |
1578 | ||
1579 | #ifdef CONFIG_NET_CLS_ROUTE | |
1580 | static void set_class_tag(struct rtable *rt, u32 tag) | |
1581 | { | |
1582 | if (!(rt->u.dst.tclassid & 0xFFFF)) | |
1583 | rt->u.dst.tclassid |= tag & 0xFFFF; | |
1584 | if (!(rt->u.dst.tclassid & 0xFFFF0000)) | |
1585 | rt->u.dst.tclassid |= tag & 0xFFFF0000; | |
1586 | } | |
1587 | #endif | |
1588 | ||
1589 | static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag) | |
1590 | { | |
1591 | struct fib_info *fi = res->fi; | |
1592 | ||
1593 | if (fi) { | |
1594 | if (FIB_RES_GW(*res) && | |
1595 | FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) | |
1596 | rt->rt_gateway = FIB_RES_GW(*res); | |
1597 | memcpy(rt->u.dst.metrics, fi->fib_metrics, | |
1598 | sizeof(rt->u.dst.metrics)); | |
1599 | if (fi->fib_mtu == 0) { | |
1600 | rt->u.dst.metrics[RTAX_MTU-1] = rt->u.dst.dev->mtu; | |
1601 | if (rt->u.dst.metrics[RTAX_LOCK-1] & (1 << RTAX_MTU) && | |
1602 | rt->rt_gateway != rt->rt_dst && | |
1603 | rt->u.dst.dev->mtu > 576) | |
1604 | rt->u.dst.metrics[RTAX_MTU-1] = 576; | |
1605 | } | |
1606 | #ifdef CONFIG_NET_CLS_ROUTE | |
1607 | rt->u.dst.tclassid = FIB_RES_NH(*res).nh_tclassid; | |
1608 | #endif | |
1609 | } else | |
1610 | rt->u.dst.metrics[RTAX_MTU-1]= rt->u.dst.dev->mtu; | |
1611 | ||
1612 | if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0) | |
1613 | rt->u.dst.metrics[RTAX_HOPLIMIT-1] = sysctl_ip_default_ttl; | |
1614 | if (rt->u.dst.metrics[RTAX_MTU-1] > IP_MAX_MTU) | |
1615 | rt->u.dst.metrics[RTAX_MTU-1] = IP_MAX_MTU; | |
1616 | if (rt->u.dst.metrics[RTAX_ADVMSS-1] == 0) | |
1617 | rt->u.dst.metrics[RTAX_ADVMSS-1] = max_t(unsigned int, rt->u.dst.dev->mtu - 40, | |
1618 | ip_rt_min_advmss); | |
1619 | if (rt->u.dst.metrics[RTAX_ADVMSS-1] > 65535 - 40) | |
1620 | rt->u.dst.metrics[RTAX_ADVMSS-1] = 65535 - 40; | |
1621 | ||
1622 | #ifdef CONFIG_NET_CLS_ROUTE | |
1623 | #ifdef CONFIG_IP_MULTIPLE_TABLES | |
1624 | set_class_tag(rt, fib_rules_tclass(res)); | |
1625 | #endif | |
1626 | set_class_tag(rt, itag); | |
1627 | #endif | |
e905a9ed | 1628 | rt->rt_type = res->type; |
1da177e4 LT |
1629 | } |
1630 | ||
9e12bb22 | 1631 | static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr, |
1da177e4 LT |
1632 | u8 tos, struct net_device *dev, int our) |
1633 | { | |
1634 | unsigned hash; | |
1635 | struct rtable *rth; | |
a61ced5d | 1636 | __be32 spec_dst; |
1da177e4 LT |
1637 | struct in_device *in_dev = in_dev_get(dev); |
1638 | u32 itag = 0; | |
1639 | ||
1640 | /* Primary sanity checks. */ | |
1641 | ||
1642 | if (in_dev == NULL) | |
1643 | return -EINVAL; | |
1644 | ||
1e637c74 | 1645 | if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) || |
f97c1e0c | 1646 | ipv4_is_loopback(saddr) || skb->protocol != htons(ETH_P_IP)) |
1da177e4 LT |
1647 | goto e_inval; |
1648 | ||
f97c1e0c JP |
1649 | if (ipv4_is_zeronet(saddr)) { |
1650 | if (!ipv4_is_local_multicast(daddr)) | |
1da177e4 LT |
1651 | goto e_inval; |
1652 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); | |
1653 | } else if (fib_validate_source(saddr, 0, tos, 0, | |
1654 | dev, &spec_dst, &itag) < 0) | |
1655 | goto e_inval; | |
1656 | ||
1657 | rth = dst_alloc(&ipv4_dst_ops); | |
1658 | if (!rth) | |
1659 | goto e_nobufs; | |
1660 | ||
1661 | rth->u.dst.output= ip_rt_bug; | |
1662 | ||
1663 | atomic_set(&rth->u.dst.__refcnt, 1); | |
1664 | rth->u.dst.flags= DST_HOST; | |
42f811b8 | 1665 | if (IN_DEV_CONF_GET(in_dev, NOPOLICY)) |
1da177e4 LT |
1666 | rth->u.dst.flags |= DST_NOPOLICY; |
1667 | rth->fl.fl4_dst = daddr; | |
1668 | rth->rt_dst = daddr; | |
1669 | rth->fl.fl4_tos = tos; | |
47dcf0cb | 1670 | rth->fl.mark = skb->mark; |
1da177e4 LT |
1671 | rth->fl.fl4_src = saddr; |
1672 | rth->rt_src = saddr; | |
1673 | #ifdef CONFIG_NET_CLS_ROUTE | |
1674 | rth->u.dst.tclassid = itag; | |
1675 | #endif | |
1676 | rth->rt_iif = | |
1677 | rth->fl.iif = dev->ifindex; | |
2774c7ab | 1678 | rth->u.dst.dev = init_net.loopback_dev; |
1da177e4 LT |
1679 | dev_hold(rth->u.dst.dev); |
1680 | rth->idev = in_dev_get(rth->u.dst.dev); | |
1681 | rth->fl.oif = 0; | |
1682 | rth->rt_gateway = daddr; | |
1683 | rth->rt_spec_dst= spec_dst; | |
1684 | rth->rt_type = RTN_MULTICAST; | |
1685 | rth->rt_flags = RTCF_MULTICAST; | |
1686 | if (our) { | |
1687 | rth->u.dst.input= ip_local_deliver; | |
1688 | rth->rt_flags |= RTCF_LOCAL; | |
1689 | } | |
1690 | ||
1691 | #ifdef CONFIG_IP_MROUTE | |
f97c1e0c | 1692 | if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev)) |
1da177e4 LT |
1693 | rth->u.dst.input = ip_mr_input; |
1694 | #endif | |
1695 | RT_CACHE_STAT_INC(in_slow_mc); | |
1696 | ||
1697 | in_dev_put(in_dev); | |
8c7bc840 | 1698 | hash = rt_hash(daddr, saddr, dev->ifindex); |
1da177e4 LT |
1699 | return rt_intern_hash(hash, rth, (struct rtable**) &skb->dst); |
1700 | ||
1701 | e_nobufs: | |
1702 | in_dev_put(in_dev); | |
1703 | return -ENOBUFS; | |
1704 | ||
1705 | e_inval: | |
1706 | in_dev_put(in_dev); | |
1707 | return -EINVAL; | |
1708 | } | |
1709 | ||
1710 | ||
1711 | static void ip_handle_martian_source(struct net_device *dev, | |
1712 | struct in_device *in_dev, | |
1713 | struct sk_buff *skb, | |
9e12bb22 AV |
1714 | __be32 daddr, |
1715 | __be32 saddr) | |
1da177e4 LT |
1716 | { |
1717 | RT_CACHE_STAT_INC(in_martian_src); | |
1718 | #ifdef CONFIG_IP_ROUTE_VERBOSE | |
1719 | if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) { | |
1720 | /* | |
1721 | * RFC1812 recommendation, if source is martian, | |
1722 | * the only hint is MAC header. | |
1723 | */ | |
1724 | printk(KERN_WARNING "martian source %u.%u.%u.%u from " | |
1725 | "%u.%u.%u.%u, on dev %s\n", | |
1726 | NIPQUAD(daddr), NIPQUAD(saddr), dev->name); | |
98e399f8 | 1727 | if (dev->hard_header_len && skb_mac_header_was_set(skb)) { |
1da177e4 | 1728 | int i; |
98e399f8 | 1729 | const unsigned char *p = skb_mac_header(skb); |
1da177e4 LT |
1730 | printk(KERN_WARNING "ll header: "); |
1731 | for (i = 0; i < dev->hard_header_len; i++, p++) { | |
1732 | printk("%02x", *p); | |
1733 | if (i < (dev->hard_header_len - 1)) | |
1734 | printk(":"); | |
1735 | } | |
1736 | printk("\n"); | |
1737 | } | |
1738 | } | |
1739 | #endif | |
1740 | } | |
1741 | ||
e905a9ed YH |
1742 | static inline int __mkroute_input(struct sk_buff *skb, |
1743 | struct fib_result* res, | |
1744 | struct in_device *in_dev, | |
9e12bb22 | 1745 | __be32 daddr, __be32 saddr, u32 tos, |
e905a9ed | 1746 | struct rtable **result) |
1da177e4 LT |
1747 | { |
1748 | ||
1749 | struct rtable *rth; | |
1750 | int err; | |
1751 | struct in_device *out_dev; | |
1752 | unsigned flags = 0; | |
d9c9df8c AV |
1753 | __be32 spec_dst; |
1754 | u32 itag; | |
1da177e4 LT |
1755 | |
1756 | /* get a working reference to the output device */ | |
1757 | out_dev = in_dev_get(FIB_RES_DEV(*res)); | |
1758 | if (out_dev == NULL) { | |
1759 | if (net_ratelimit()) | |
1760 | printk(KERN_CRIT "Bug in ip_route_input" \ | |
1761 | "_slow(). Please, report\n"); | |
1762 | return -EINVAL; | |
1763 | } | |
1764 | ||
1765 | ||
e905a9ed | 1766 | err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res), |
1da177e4 LT |
1767 | in_dev->dev, &spec_dst, &itag); |
1768 | if (err < 0) { | |
e905a9ed | 1769 | ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr, |
1da177e4 | 1770 | saddr); |
e905a9ed | 1771 | |
1da177e4 LT |
1772 | err = -EINVAL; |
1773 | goto cleanup; | |
1774 | } | |
1775 | ||
1776 | if (err) | |
1777 | flags |= RTCF_DIRECTSRC; | |
1778 | ||
cb7928a5 | 1779 | if (out_dev == in_dev && err && !(flags & RTCF_MASQ) && |
1da177e4 LT |
1780 | (IN_DEV_SHARED_MEDIA(out_dev) || |
1781 | inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res)))) | |
1782 | flags |= RTCF_DOREDIRECT; | |
1783 | ||
1784 | if (skb->protocol != htons(ETH_P_IP)) { | |
1785 | /* Not IP (i.e. ARP). Do not create route, if it is | |
1786 | * invalid for proxy arp. DNAT routes are always valid. | |
1787 | */ | |
cb7928a5 | 1788 | if (out_dev == in_dev) { |
1da177e4 LT |
1789 | err = -EINVAL; |
1790 | goto cleanup; | |
1791 | } | |
1792 | } | |
1793 | ||
1794 | ||
1795 | rth = dst_alloc(&ipv4_dst_ops); | |
1796 | if (!rth) { | |
1797 | err = -ENOBUFS; | |
1798 | goto cleanup; | |
1799 | } | |
1800 | ||
ce723d8e | 1801 | atomic_set(&rth->u.dst.__refcnt, 1); |
1da177e4 | 1802 | rth->u.dst.flags= DST_HOST; |
42f811b8 | 1803 | if (IN_DEV_CONF_GET(in_dev, NOPOLICY)) |
1da177e4 | 1804 | rth->u.dst.flags |= DST_NOPOLICY; |
42f811b8 | 1805 | if (IN_DEV_CONF_GET(out_dev, NOXFRM)) |
1da177e4 LT |
1806 | rth->u.dst.flags |= DST_NOXFRM; |
1807 | rth->fl.fl4_dst = daddr; | |
1808 | rth->rt_dst = daddr; | |
1809 | rth->fl.fl4_tos = tos; | |
47dcf0cb | 1810 | rth->fl.mark = skb->mark; |
1da177e4 LT |
1811 | rth->fl.fl4_src = saddr; |
1812 | rth->rt_src = saddr; | |
1813 | rth->rt_gateway = daddr; | |
1814 | rth->rt_iif = | |
1815 | rth->fl.iif = in_dev->dev->ifindex; | |
1816 | rth->u.dst.dev = (out_dev)->dev; | |
1817 | dev_hold(rth->u.dst.dev); | |
1818 | rth->idev = in_dev_get(rth->u.dst.dev); | |
1819 | rth->fl.oif = 0; | |
1820 | rth->rt_spec_dst= spec_dst; | |
1821 | ||
1822 | rth->u.dst.input = ip_forward; | |
1823 | rth->u.dst.output = ip_output; | |
1824 | ||
1825 | rt_set_nexthop(rth, res, itag); | |
1826 | ||
1827 | rth->rt_flags = flags; | |
1828 | ||
1829 | *result = rth; | |
1830 | err = 0; | |
1831 | cleanup: | |
1832 | /* release the working reference to the output device */ | |
1833 | in_dev_put(out_dev); | |
1834 | return err; | |
e905a9ed | 1835 | } |
1da177e4 | 1836 | |
e06e7c61 DM |
1837 | static inline int ip_mkroute_input(struct sk_buff *skb, |
1838 | struct fib_result* res, | |
1839 | const struct flowi *fl, | |
1840 | struct in_device *in_dev, | |
1841 | __be32 daddr, __be32 saddr, u32 tos) | |
1da177e4 | 1842 | { |
7abaa27c | 1843 | struct rtable* rth = NULL; |
1da177e4 LT |
1844 | int err; |
1845 | unsigned hash; | |
1846 | ||
1847 | #ifdef CONFIG_IP_ROUTE_MULTIPATH | |
1848 | if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0) | |
1849 | fib_select_multipath(fl, res); | |
1850 | #endif | |
1851 | ||
1852 | /* create a routing cache entry */ | |
1853 | err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth); | |
1854 | if (err) | |
1855 | return err; | |
1da177e4 LT |
1856 | |
1857 | /* put it into the cache */ | |
8c7bc840 | 1858 | hash = rt_hash(daddr, saddr, fl->iif); |
e905a9ed | 1859 | return rt_intern_hash(hash, rth, (struct rtable**)&skb->dst); |
1da177e4 LT |
1860 | } |
1861 | ||
1da177e4 LT |
1862 | /* |
1863 | * NOTE. We drop all the packets that has local source | |
1864 | * addresses, because every properly looped back packet | |
1865 | * must have correct destination already attached by output routine. | |
1866 | * | |
1867 | * Such approach solves two big problems: | |
1868 | * 1. Not simplex devices are handled properly. | |
1869 | * 2. IP spoofing attempts are filtered with 100% of guarantee. | |
1870 | */ | |
1871 | ||
9e12bb22 | 1872 | static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, |
1da177e4 LT |
1873 | u8 tos, struct net_device *dev) |
1874 | { | |
1875 | struct fib_result res; | |
1876 | struct in_device *in_dev = in_dev_get(dev); | |
1877 | struct flowi fl = { .nl_u = { .ip4_u = | |
1878 | { .daddr = daddr, | |
1879 | .saddr = saddr, | |
1880 | .tos = tos, | |
1881 | .scope = RT_SCOPE_UNIVERSE, | |
1da177e4 | 1882 | } }, |
47dcf0cb | 1883 | .mark = skb->mark, |
1da177e4 LT |
1884 | .iif = dev->ifindex }; |
1885 | unsigned flags = 0; | |
1886 | u32 itag = 0; | |
1887 | struct rtable * rth; | |
1888 | unsigned hash; | |
9e12bb22 | 1889 | __be32 spec_dst; |
1da177e4 LT |
1890 | int err = -EINVAL; |
1891 | int free_res = 0; | |
84a885f4 | 1892 | struct net * net = dev->nd_net; |
1da177e4 LT |
1893 | |
1894 | /* IP on this device is disabled. */ | |
1895 | ||
1896 | if (!in_dev) | |
1897 | goto out; | |
1898 | ||
1899 | /* Check for the most weird martians, which can be not detected | |
1900 | by fib_lookup. | |
1901 | */ | |
1902 | ||
1e637c74 | 1903 | if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) || |
f97c1e0c | 1904 | ipv4_is_loopback(saddr)) |
1da177e4 LT |
1905 | goto martian_source; |
1906 | ||
e448515c | 1907 | if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0)) |
1da177e4 LT |
1908 | goto brd_input; |
1909 | ||
1910 | /* Accept zero addresses only to limited broadcast; | |
1911 | * I even do not know to fix it or not. Waiting for complains :-) | |
1912 | */ | |
f97c1e0c | 1913 | if (ipv4_is_zeronet(saddr)) |
1da177e4 LT |
1914 | goto martian_source; |
1915 | ||
1e637c74 | 1916 | if (ipv4_is_lbcast(daddr) || ipv4_is_zeronet(daddr) || |
f97c1e0c | 1917 | ipv4_is_loopback(daddr)) |
1da177e4 LT |
1918 | goto martian_destination; |
1919 | ||
1920 | /* | |
1921 | * Now we are ready to route packet. | |
1922 | */ | |
84a885f4 | 1923 | if ((err = fib_lookup(net, &fl, &res)) != 0) { |
1da177e4 | 1924 | if (!IN_DEV_FORWARD(in_dev)) |
2c2910a4 | 1925 | goto e_hostunreach; |
1da177e4 LT |
1926 | goto no_route; |
1927 | } | |
1928 | free_res = 1; | |
1929 | ||
1930 | RT_CACHE_STAT_INC(in_slow_tot); | |
1931 | ||
1932 | if (res.type == RTN_BROADCAST) | |
1933 | goto brd_input; | |
1934 | ||
1935 | if (res.type == RTN_LOCAL) { | |
1936 | int result; | |
1937 | result = fib_validate_source(saddr, daddr, tos, | |
84a885f4 | 1938 | net->loopback_dev->ifindex, |
1da177e4 LT |
1939 | dev, &spec_dst, &itag); |
1940 | if (result < 0) | |
1941 | goto martian_source; | |
1942 | if (result) | |
1943 | flags |= RTCF_DIRECTSRC; | |
1944 | spec_dst = daddr; | |
1945 | goto local_input; | |
1946 | } | |
1947 | ||
1948 | if (!IN_DEV_FORWARD(in_dev)) | |
2c2910a4 | 1949 | goto e_hostunreach; |
1da177e4 LT |
1950 | if (res.type != RTN_UNICAST) |
1951 | goto martian_destination; | |
1952 | ||
1953 | err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos); | |
1da177e4 LT |
1954 | done: |
1955 | in_dev_put(in_dev); | |
1956 | if (free_res) | |
1957 | fib_res_put(&res); | |
1958 | out: return err; | |
1959 | ||
1960 | brd_input: | |
1961 | if (skb->protocol != htons(ETH_P_IP)) | |
1962 | goto e_inval; | |
1963 | ||
f97c1e0c | 1964 | if (ipv4_is_zeronet(saddr)) |
1da177e4 LT |
1965 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); |
1966 | else { | |
1967 | err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst, | |
1968 | &itag); | |
1969 | if (err < 0) | |
1970 | goto martian_source; | |
1971 | if (err) | |
1972 | flags |= RTCF_DIRECTSRC; | |
1973 | } | |
1974 | flags |= RTCF_BROADCAST; | |
1975 | res.type = RTN_BROADCAST; | |
1976 | RT_CACHE_STAT_INC(in_brd); | |
1977 | ||
1978 | local_input: | |
1979 | rth = dst_alloc(&ipv4_dst_ops); | |
1980 | if (!rth) | |
1981 | goto e_nobufs; | |
1982 | ||
1983 | rth->u.dst.output= ip_rt_bug; | |
1984 | ||
1985 | atomic_set(&rth->u.dst.__refcnt, 1); | |
1986 | rth->u.dst.flags= DST_HOST; | |
42f811b8 | 1987 | if (IN_DEV_CONF_GET(in_dev, NOPOLICY)) |
1da177e4 LT |
1988 | rth->u.dst.flags |= DST_NOPOLICY; |
1989 | rth->fl.fl4_dst = daddr; | |
1990 | rth->rt_dst = daddr; | |
1991 | rth->fl.fl4_tos = tos; | |
47dcf0cb | 1992 | rth->fl.mark = skb->mark; |
1da177e4 LT |
1993 | rth->fl.fl4_src = saddr; |
1994 | rth->rt_src = saddr; | |
1995 | #ifdef CONFIG_NET_CLS_ROUTE | |
1996 | rth->u.dst.tclassid = itag; | |
1997 | #endif | |
1998 | rth->rt_iif = | |
1999 | rth->fl.iif = dev->ifindex; | |
84a885f4 | 2000 | rth->u.dst.dev = net->loopback_dev; |
1da177e4 LT |
2001 | dev_hold(rth->u.dst.dev); |
2002 | rth->idev = in_dev_get(rth->u.dst.dev); | |
2003 | rth->rt_gateway = daddr; | |
2004 | rth->rt_spec_dst= spec_dst; | |
2005 | rth->u.dst.input= ip_local_deliver; | |
2006 | rth->rt_flags = flags|RTCF_LOCAL; | |
2007 | if (res.type == RTN_UNREACHABLE) { | |
2008 | rth->u.dst.input= ip_error; | |
2009 | rth->u.dst.error= -err; | |
2010 | rth->rt_flags &= ~RTCF_LOCAL; | |
2011 | } | |
2012 | rth->rt_type = res.type; | |
8c7bc840 | 2013 | hash = rt_hash(daddr, saddr, fl.iif); |
1da177e4 LT |
2014 | err = rt_intern_hash(hash, rth, (struct rtable**)&skb->dst); |
2015 | goto done; | |
2016 | ||
2017 | no_route: | |
2018 | RT_CACHE_STAT_INC(in_no_route); | |
2019 | spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE); | |
2020 | res.type = RTN_UNREACHABLE; | |
7f53878d MC |
2021 | if (err == -ESRCH) |
2022 | err = -ENETUNREACH; | |
1da177e4 LT |
2023 | goto local_input; |
2024 | ||
2025 | /* | |
2026 | * Do not cache martian addresses: they should be logged (RFC1812) | |
2027 | */ | |
2028 | martian_destination: | |
2029 | RT_CACHE_STAT_INC(in_martian_dst); | |
2030 | #ifdef CONFIG_IP_ROUTE_VERBOSE | |
2031 | if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) | |
2032 | printk(KERN_WARNING "martian destination %u.%u.%u.%u from " | |
2033 | "%u.%u.%u.%u, dev %s\n", | |
2034 | NIPQUAD(daddr), NIPQUAD(saddr), dev->name); | |
2035 | #endif | |
2c2910a4 DE |
2036 | |
2037 | e_hostunreach: | |
e905a9ed YH |
2038 | err = -EHOSTUNREACH; |
2039 | goto done; | |
2c2910a4 | 2040 | |
1da177e4 LT |
2041 | e_inval: |
2042 | err = -EINVAL; | |
2043 | goto done; | |
2044 | ||
2045 | e_nobufs: | |
2046 | err = -ENOBUFS; | |
2047 | goto done; | |
2048 | ||
2049 | martian_source: | |
2050 | ip_handle_martian_source(dev, in_dev, skb, daddr, saddr); | |
2051 | goto e_inval; | |
2052 | } | |
2053 | ||
9e12bb22 | 2054 | int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr, |
1da177e4 LT |
2055 | u8 tos, struct net_device *dev) |
2056 | { | |
2057 | struct rtable * rth; | |
2058 | unsigned hash; | |
2059 | int iif = dev->ifindex; | |
b5921910 | 2060 | struct net *net; |
1da177e4 | 2061 | |
b5921910 | 2062 | net = skb->dev->nd_net; |
1da177e4 | 2063 | tos &= IPTOS_RT_MASK; |
8c7bc840 | 2064 | hash = rt_hash(daddr, saddr, iif); |
1da177e4 LT |
2065 | |
2066 | rcu_read_lock(); | |
2067 | for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; | |
093c2ca4 | 2068 | rth = rcu_dereference(rth->u.dst.rt_next)) { |
1da177e4 LT |
2069 | if (rth->fl.fl4_dst == daddr && |
2070 | rth->fl.fl4_src == saddr && | |
2071 | rth->fl.iif == iif && | |
2072 | rth->fl.oif == 0 && | |
47dcf0cb | 2073 | rth->fl.mark == skb->mark && |
b5921910 DL |
2074 | rth->fl.fl4_tos == tos && |
2075 | rth->u.dst.dev->nd_net == net) { | |
03f49f34 | 2076 | dst_use(&rth->u.dst, jiffies); |
1da177e4 LT |
2077 | RT_CACHE_STAT_INC(in_hit); |
2078 | rcu_read_unlock(); | |
2079 | skb->dst = (struct dst_entry*)rth; | |
2080 | return 0; | |
2081 | } | |
2082 | RT_CACHE_STAT_INC(in_hlist_search); | |
2083 | } | |
2084 | rcu_read_unlock(); | |
2085 | ||
2086 | /* Multicast recognition logic is moved from route cache to here. | |
2087 | The problem was that too many Ethernet cards have broken/missing | |
2088 | hardware multicast filters :-( As result the host on multicasting | |
2089 | network acquires a lot of useless route cache entries, sort of | |
2090 | SDR messages from all the world. Now we try to get rid of them. | |
2091 | Really, provided software IP multicast filter is organized | |
2092 | reasonably (at least, hashed), it does not result in a slowdown | |
2093 | comparing with route cache reject entries. | |
2094 | Note, that multicast routers are not affected, because | |
2095 | route cache entry is created eventually. | |
2096 | */ | |
f97c1e0c | 2097 | if (ipv4_is_multicast(daddr)) { |
1da177e4 LT |
2098 | struct in_device *in_dev; |
2099 | ||
2100 | rcu_read_lock(); | |
e5ed6399 | 2101 | if ((in_dev = __in_dev_get_rcu(dev)) != NULL) { |
1da177e4 | 2102 | int our = ip_check_mc(in_dev, daddr, saddr, |
eddc9ec5 | 2103 | ip_hdr(skb)->protocol); |
1da177e4 LT |
2104 | if (our |
2105 | #ifdef CONFIG_IP_MROUTE | |
f97c1e0c JP |
2106 | || (!ipv4_is_local_multicast(daddr) && |
2107 | IN_DEV_MFORWARD(in_dev)) | |
1da177e4 LT |
2108 | #endif |
2109 | ) { | |
2110 | rcu_read_unlock(); | |
2111 | return ip_route_input_mc(skb, daddr, saddr, | |
2112 | tos, dev, our); | |
2113 | } | |
2114 | } | |
2115 | rcu_read_unlock(); | |
2116 | return -EINVAL; | |
2117 | } | |
2118 | return ip_route_input_slow(skb, daddr, saddr, tos, dev); | |
2119 | } | |
2120 | ||
2121 | static inline int __mkroute_output(struct rtable **result, | |
e905a9ed | 2122 | struct fib_result* res, |
1da177e4 | 2123 | const struct flowi *fl, |
e905a9ed YH |
2124 | const struct flowi *oldflp, |
2125 | struct net_device *dev_out, | |
2126 | unsigned flags) | |
1da177e4 LT |
2127 | { |
2128 | struct rtable *rth; | |
2129 | struct in_device *in_dev; | |
2130 | u32 tos = RT_FL_TOS(oldflp); | |
2131 | int err = 0; | |
2132 | ||
f97c1e0c | 2133 | if (ipv4_is_loopback(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK)) |
1da177e4 LT |
2134 | return -EINVAL; |
2135 | ||
e448515c | 2136 | if (fl->fl4_dst == htonl(0xFFFFFFFF)) |
1da177e4 | 2137 | res->type = RTN_BROADCAST; |
f97c1e0c | 2138 | else if (ipv4_is_multicast(fl->fl4_dst)) |
1da177e4 | 2139 | res->type = RTN_MULTICAST; |
1e637c74 | 2140 | else if (ipv4_is_lbcast(fl->fl4_dst) || ipv4_is_zeronet(fl->fl4_dst)) |
1da177e4 LT |
2141 | return -EINVAL; |
2142 | ||
2143 | if (dev_out->flags & IFF_LOOPBACK) | |
2144 | flags |= RTCF_LOCAL; | |
2145 | ||
2146 | /* get work reference to inet device */ | |
2147 | in_dev = in_dev_get(dev_out); | |
2148 | if (!in_dev) | |
2149 | return -EINVAL; | |
2150 | ||
2151 | if (res->type == RTN_BROADCAST) { | |
2152 | flags |= RTCF_BROADCAST | RTCF_LOCAL; | |
2153 | if (res->fi) { | |
2154 | fib_info_put(res->fi); | |
2155 | res->fi = NULL; | |
2156 | } | |
2157 | } else if (res->type == RTN_MULTICAST) { | |
2158 | flags |= RTCF_MULTICAST|RTCF_LOCAL; | |
e905a9ed | 2159 | if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src, |
1da177e4 LT |
2160 | oldflp->proto)) |
2161 | flags &= ~RTCF_LOCAL; | |
2162 | /* If multicast route do not exist use | |
2163 | default one, but do not gateway in this case. | |
2164 | Yes, it is hack. | |
2165 | */ | |
2166 | if (res->fi && res->prefixlen < 4) { | |
2167 | fib_info_put(res->fi); | |
2168 | res->fi = NULL; | |
2169 | } | |
2170 | } | |
2171 | ||
2172 | ||
2173 | rth = dst_alloc(&ipv4_dst_ops); | |
2174 | if (!rth) { | |
2175 | err = -ENOBUFS; | |
2176 | goto cleanup; | |
e905a9ed | 2177 | } |
1da177e4 | 2178 | |
ce723d8e | 2179 | atomic_set(&rth->u.dst.__refcnt, 1); |
1da177e4 | 2180 | rth->u.dst.flags= DST_HOST; |
42f811b8 | 2181 | if (IN_DEV_CONF_GET(in_dev, NOXFRM)) |
1da177e4 | 2182 | rth->u.dst.flags |= DST_NOXFRM; |
42f811b8 | 2183 | if (IN_DEV_CONF_GET(in_dev, NOPOLICY)) |
1da177e4 LT |
2184 | rth->u.dst.flags |= DST_NOPOLICY; |
2185 | ||
2186 | rth->fl.fl4_dst = oldflp->fl4_dst; | |
2187 | rth->fl.fl4_tos = tos; | |
2188 | rth->fl.fl4_src = oldflp->fl4_src; | |
2189 | rth->fl.oif = oldflp->oif; | |
47dcf0cb | 2190 | rth->fl.mark = oldflp->mark; |
1da177e4 LT |
2191 | rth->rt_dst = fl->fl4_dst; |
2192 | rth->rt_src = fl->fl4_src; | |
2193 | rth->rt_iif = oldflp->oif ? : dev_out->ifindex; | |
e905a9ed | 2194 | /* get references to the devices that are to be hold by the routing |
1da177e4 LT |
2195 | cache entry */ |
2196 | rth->u.dst.dev = dev_out; | |
2197 | dev_hold(dev_out); | |
2198 | rth->idev = in_dev_get(dev_out); | |
2199 | rth->rt_gateway = fl->fl4_dst; | |
2200 | rth->rt_spec_dst= fl->fl4_src; | |
2201 | ||
2202 | rth->u.dst.output=ip_output; | |
2203 | ||
2204 | RT_CACHE_STAT_INC(out_slow_tot); | |
2205 | ||
2206 | if (flags & RTCF_LOCAL) { | |
2207 | rth->u.dst.input = ip_local_deliver; | |
2208 | rth->rt_spec_dst = fl->fl4_dst; | |
2209 | } | |
2210 | if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) { | |
2211 | rth->rt_spec_dst = fl->fl4_src; | |
e905a9ed | 2212 | if (flags & RTCF_LOCAL && |
1da177e4 LT |
2213 | !(dev_out->flags & IFF_LOOPBACK)) { |
2214 | rth->u.dst.output = ip_mc_output; | |
2215 | RT_CACHE_STAT_INC(out_slow_mc); | |
2216 | } | |
2217 | #ifdef CONFIG_IP_MROUTE | |
2218 | if (res->type == RTN_MULTICAST) { | |
2219 | if (IN_DEV_MFORWARD(in_dev) && | |
f97c1e0c | 2220 | !ipv4_is_local_multicast(oldflp->fl4_dst)) { |
1da177e4 LT |
2221 | rth->u.dst.input = ip_mr_input; |
2222 | rth->u.dst.output = ip_mc_output; | |
2223 | } | |
2224 | } | |
2225 | #endif | |
2226 | } | |
2227 | ||
2228 | rt_set_nexthop(rth, res, 0); | |
2229 | ||
2230 | rth->rt_flags = flags; | |
2231 | ||
2232 | *result = rth; | |
2233 | cleanup: | |
2234 | /* release work reference to inet device */ | |
2235 | in_dev_put(in_dev); | |
2236 | ||
2237 | return err; | |
2238 | } | |
2239 | ||
e06e7c61 DM |
2240 | static inline int ip_mkroute_output(struct rtable **rp, |
2241 | struct fib_result* res, | |
2242 | const struct flowi *fl, | |
2243 | const struct flowi *oldflp, | |
2244 | struct net_device *dev_out, | |
2245 | unsigned flags) | |
1da177e4 | 2246 | { |
7abaa27c | 2247 | struct rtable *rth = NULL; |
1da177e4 LT |
2248 | int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags); |
2249 | unsigned hash; | |
2250 | if (err == 0) { | |
8c7bc840 | 2251 | hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif); |
1da177e4 LT |
2252 | err = rt_intern_hash(hash, rth, rp); |
2253 | } | |
e905a9ed | 2254 | |
1da177e4 LT |
2255 | return err; |
2256 | } | |
2257 | ||
1da177e4 LT |
2258 | /* |
2259 | * Major route resolver routine. | |
2260 | */ | |
2261 | ||
b40afd0e DL |
2262 | static int ip_route_output_slow(struct net *net, struct rtable **rp, |
2263 | const struct flowi *oldflp) | |
1da177e4 LT |
2264 | { |
2265 | u32 tos = RT_FL_TOS(oldflp); | |
2266 | struct flowi fl = { .nl_u = { .ip4_u = | |
2267 | { .daddr = oldflp->fl4_dst, | |
2268 | .saddr = oldflp->fl4_src, | |
2269 | .tos = tos & IPTOS_RT_MASK, | |
2270 | .scope = ((tos & RTO_ONLINK) ? | |
2271 | RT_SCOPE_LINK : | |
2272 | RT_SCOPE_UNIVERSE), | |
1da177e4 | 2273 | } }, |
47dcf0cb | 2274 | .mark = oldflp->mark, |
b40afd0e | 2275 | .iif = net->loopback_dev->ifindex, |
1da177e4 LT |
2276 | .oif = oldflp->oif }; |
2277 | struct fib_result res; | |
2278 | unsigned flags = 0; | |
2279 | struct net_device *dev_out = NULL; | |
2280 | int free_res = 0; | |
2281 | int err; | |
2282 | ||
2283 | ||
2284 | res.fi = NULL; | |
2285 | #ifdef CONFIG_IP_MULTIPLE_TABLES | |
2286 | res.r = NULL; | |
2287 | #endif | |
2288 | ||
2289 | if (oldflp->fl4_src) { | |
2290 | err = -EINVAL; | |
f97c1e0c | 2291 | if (ipv4_is_multicast(oldflp->fl4_src) || |
1e637c74 | 2292 | ipv4_is_lbcast(oldflp->fl4_src) || |
f97c1e0c | 2293 | ipv4_is_zeronet(oldflp->fl4_src)) |
1da177e4 LT |
2294 | goto out; |
2295 | ||
2296 | /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */ | |
b40afd0e | 2297 | dev_out = ip_dev_find(net, oldflp->fl4_src); |
f6c5d736 | 2298 | if (dev_out == NULL) |
1da177e4 LT |
2299 | goto out; |
2300 | ||
2301 | /* I removed check for oif == dev_out->oif here. | |
2302 | It was wrong for two reasons: | |
1ab35276 DL |
2303 | 1. ip_dev_find(net, saddr) can return wrong iface, if saddr |
2304 | is assigned to multiple interfaces. | |
1da177e4 LT |
2305 | 2. Moreover, we are allowed to send packets with saddr |
2306 | of another iface. --ANK | |
2307 | */ | |
2308 | ||
f6c5d736 | 2309 | if (oldflp->oif == 0 |
f97c1e0c JP |
2310 | && (ipv4_is_multicast(oldflp->fl4_dst) || |
2311 | oldflp->fl4_dst == htonl(0xFFFFFFFF))) { | |
1da177e4 LT |
2312 | /* Special hack: user can direct multicasts |
2313 | and limited broadcast via necessary interface | |
2314 | without fiddling with IP_MULTICAST_IF or IP_PKTINFO. | |
2315 | This hack is not just for fun, it allows | |
2316 | vic,vat and friends to work. | |
2317 | They bind socket to loopback, set ttl to zero | |
2318 | and expect that it will work. | |
2319 | From the viewpoint of routing cache they are broken, | |
2320 | because we are not allowed to build multicast path | |
2321 | with loopback source addr (look, routing cache | |
2322 | cannot know, that ttl is zero, so that packet | |
2323 | will not leave this host and route is valid). | |
2324 | Luckily, this hack is good workaround. | |
2325 | */ | |
2326 | ||
2327 | fl.oif = dev_out->ifindex; | |
2328 | goto make_route; | |
2329 | } | |
2330 | if (dev_out) | |
2331 | dev_put(dev_out); | |
2332 | dev_out = NULL; | |
2333 | } | |
2334 | ||
2335 | ||
2336 | if (oldflp->oif) { | |
b40afd0e | 2337 | dev_out = dev_get_by_index(net, oldflp->oif); |
1da177e4 LT |
2338 | err = -ENODEV; |
2339 | if (dev_out == NULL) | |
2340 | goto out; | |
e5ed6399 HX |
2341 | |
2342 | /* RACE: Check return value of inet_select_addr instead. */ | |
2343 | if (__in_dev_get_rtnl(dev_out) == NULL) { | |
1da177e4 LT |
2344 | dev_put(dev_out); |
2345 | goto out; /* Wrong error code */ | |
2346 | } | |
2347 | ||
f97c1e0c JP |
2348 | if (ipv4_is_local_multicast(oldflp->fl4_dst) || |
2349 | oldflp->fl4_dst == htonl(0xFFFFFFFF)) { | |
1da177e4 LT |
2350 | if (!fl.fl4_src) |
2351 | fl.fl4_src = inet_select_addr(dev_out, 0, | |
2352 | RT_SCOPE_LINK); | |
2353 | goto make_route; | |
2354 | } | |
2355 | if (!fl.fl4_src) { | |
f97c1e0c | 2356 | if (ipv4_is_multicast(oldflp->fl4_dst)) |
1da177e4 LT |
2357 | fl.fl4_src = inet_select_addr(dev_out, 0, |
2358 | fl.fl4_scope); | |
2359 | else if (!oldflp->fl4_dst) | |
2360 | fl.fl4_src = inet_select_addr(dev_out, 0, | |
2361 | RT_SCOPE_HOST); | |
2362 | } | |
2363 | } | |
2364 | ||
2365 | if (!fl.fl4_dst) { | |
2366 | fl.fl4_dst = fl.fl4_src; | |
2367 | if (!fl.fl4_dst) | |
2368 | fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK); | |
2369 | if (dev_out) | |
2370 | dev_put(dev_out); | |
b40afd0e | 2371 | dev_out = net->loopback_dev; |
1da177e4 | 2372 | dev_hold(dev_out); |
b40afd0e | 2373 | fl.oif = net->loopback_dev->ifindex; |
1da177e4 LT |
2374 | res.type = RTN_LOCAL; |
2375 | flags |= RTCF_LOCAL; | |
2376 | goto make_route; | |
2377 | } | |
2378 | ||
b40afd0e | 2379 | if (fib_lookup(net, &fl, &res)) { |
1da177e4 LT |
2380 | res.fi = NULL; |
2381 | if (oldflp->oif) { | |
2382 | /* Apparently, routing tables are wrong. Assume, | |
2383 | that the destination is on link. | |
2384 | ||
2385 | WHY? DW. | |
2386 | Because we are allowed to send to iface | |
2387 | even if it has NO routes and NO assigned | |
2388 | addresses. When oif is specified, routing | |
2389 | tables are looked up with only one purpose: | |
2390 | to catch if destination is gatewayed, rather than | |
2391 | direct. Moreover, if MSG_DONTROUTE is set, | |
2392 | we send packet, ignoring both routing tables | |
2393 | and ifaddr state. --ANK | |
2394 | ||
2395 | ||
2396 | We could make it even if oif is unknown, | |
2397 | likely IPv6, but we do not. | |
2398 | */ | |
2399 | ||
2400 | if (fl.fl4_src == 0) | |
2401 | fl.fl4_src = inet_select_addr(dev_out, 0, | |
2402 | RT_SCOPE_LINK); | |
2403 | res.type = RTN_UNICAST; | |
2404 | goto make_route; | |
2405 | } | |
2406 | if (dev_out) | |
2407 | dev_put(dev_out); | |
2408 | err = -ENETUNREACH; | |
2409 | goto out; | |
2410 | } | |
2411 | free_res = 1; | |
2412 | ||
2413 | if (res.type == RTN_LOCAL) { | |
2414 | if (!fl.fl4_src) | |
2415 | fl.fl4_src = fl.fl4_dst; | |
2416 | if (dev_out) | |
2417 | dev_put(dev_out); | |
b40afd0e | 2418 | dev_out = net->loopback_dev; |
1da177e4 LT |
2419 | dev_hold(dev_out); |
2420 | fl.oif = dev_out->ifindex; | |
2421 | if (res.fi) | |
2422 | fib_info_put(res.fi); | |
2423 | res.fi = NULL; | |
2424 | flags |= RTCF_LOCAL; | |
2425 | goto make_route; | |
2426 | } | |
2427 | ||
2428 | #ifdef CONFIG_IP_ROUTE_MULTIPATH | |
2429 | if (res.fi->fib_nhs > 1 && fl.oif == 0) | |
2430 | fib_select_multipath(&fl, &res); | |
2431 | else | |
2432 | #endif | |
2433 | if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif) | |
b40afd0e | 2434 | fib_select_default(net, &fl, &res); |
1da177e4 LT |
2435 | |
2436 | if (!fl.fl4_src) | |
2437 | fl.fl4_src = FIB_RES_PREFSRC(res); | |
2438 | ||
2439 | if (dev_out) | |
2440 | dev_put(dev_out); | |
2441 | dev_out = FIB_RES_DEV(res); | |
2442 | dev_hold(dev_out); | |
2443 | fl.oif = dev_out->ifindex; | |
2444 | ||
2445 | ||
2446 | make_route: | |
2447 | err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags); | |
2448 | ||
2449 | ||
2450 | if (free_res) | |
2451 | fib_res_put(&res); | |
2452 | if (dev_out) | |
2453 | dev_put(dev_out); | |
2454 | out: return err; | |
2455 | } | |
2456 | ||
611c183e DL |
2457 | int __ip_route_output_key(struct net *net, struct rtable **rp, |
2458 | const struct flowi *flp) | |
1da177e4 LT |
2459 | { |
2460 | unsigned hash; | |
2461 | struct rtable *rth; | |
2462 | ||
8c7bc840 | 2463 | hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif); |
1da177e4 LT |
2464 | |
2465 | rcu_read_lock_bh(); | |
2466 | for (rth = rcu_dereference(rt_hash_table[hash].chain); rth; | |
093c2ca4 | 2467 | rth = rcu_dereference(rth->u.dst.rt_next)) { |
1da177e4 LT |
2468 | if (rth->fl.fl4_dst == flp->fl4_dst && |
2469 | rth->fl.fl4_src == flp->fl4_src && | |
2470 | rth->fl.iif == 0 && | |
2471 | rth->fl.oif == flp->oif && | |
47dcf0cb | 2472 | rth->fl.mark == flp->mark && |
1da177e4 | 2473 | !((rth->fl.fl4_tos ^ flp->fl4_tos) & |
b5921910 DL |
2474 | (IPTOS_RT_MASK | RTO_ONLINK)) && |
2475 | rth->u.dst.dev->nd_net == net) { | |
03f49f34 | 2476 | dst_use(&rth->u.dst, jiffies); |
1da177e4 LT |
2477 | RT_CACHE_STAT_INC(out_hit); |
2478 | rcu_read_unlock_bh(); | |
2479 | *rp = rth; | |
2480 | return 0; | |
2481 | } | |
2482 | RT_CACHE_STAT_INC(out_hlist_search); | |
2483 | } | |
2484 | rcu_read_unlock_bh(); | |
2485 | ||
611c183e | 2486 | return ip_route_output_slow(net, rp, flp); |
1da177e4 LT |
2487 | } |
2488 | ||
d8c97a94 ACM |
2489 | EXPORT_SYMBOL_GPL(__ip_route_output_key); |
2490 | ||
14e50e57 DM |
2491 | static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu) |
2492 | { | |
2493 | } | |
2494 | ||
2495 | static struct dst_ops ipv4_dst_blackhole_ops = { | |
2496 | .family = AF_INET, | |
2497 | .protocol = __constant_htons(ETH_P_IP), | |
2498 | .destroy = ipv4_dst_destroy, | |
2499 | .check = ipv4_dst_check, | |
2500 | .update_pmtu = ipv4_rt_blackhole_update_pmtu, | |
2501 | .entry_size = sizeof(struct rtable), | |
e2422970 | 2502 | .entries = ATOMIC_INIT(0), |
14e50e57 DM |
2503 | }; |
2504 | ||
2505 | ||
14e50e57 DM |
2506 | static int ipv4_dst_blackhole(struct rtable **rp, struct flowi *flp, struct sock *sk) |
2507 | { | |
2508 | struct rtable *ort = *rp; | |
2509 | struct rtable *rt = (struct rtable *) | |
2510 | dst_alloc(&ipv4_dst_blackhole_ops); | |
2511 | ||
2512 | if (rt) { | |
2513 | struct dst_entry *new = &rt->u.dst; | |
2514 | ||
2515 | atomic_set(&new->__refcnt, 1); | |
2516 | new->__use = 1; | |
352e512c HX |
2517 | new->input = dst_discard; |
2518 | new->output = dst_discard; | |
14e50e57 DM |
2519 | memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32)); |
2520 | ||
2521 | new->dev = ort->u.dst.dev; | |
2522 | if (new->dev) | |
2523 | dev_hold(new->dev); | |
2524 | ||
2525 | rt->fl = ort->fl; | |
2526 | ||
2527 | rt->idev = ort->idev; | |
2528 | if (rt->idev) | |
2529 | in_dev_hold(rt->idev); | |
2530 | rt->rt_flags = ort->rt_flags; | |
2531 | rt->rt_type = ort->rt_type; | |
2532 | rt->rt_dst = ort->rt_dst; | |
2533 | rt->rt_src = ort->rt_src; | |
2534 | rt->rt_iif = ort->rt_iif; | |
2535 | rt->rt_gateway = ort->rt_gateway; | |
2536 | rt->rt_spec_dst = ort->rt_spec_dst; | |
2537 | rt->peer = ort->peer; | |
2538 | if (rt->peer) | |
2539 | atomic_inc(&rt->peer->refcnt); | |
2540 | ||
2541 | dst_free(new); | |
2542 | } | |
2543 | ||
2544 | dst_release(&(*rp)->u.dst); | |
2545 | *rp = rt; | |
2546 | return (rt ? 0 : -ENOMEM); | |
2547 | } | |
2548 | ||
f1b050bf DL |
2549 | int ip_route_output_flow(struct net *net, struct rtable **rp, struct flowi *flp, |
2550 | struct sock *sk, int flags) | |
1da177e4 LT |
2551 | { |
2552 | int err; | |
2553 | ||
f1b050bf | 2554 | if ((err = __ip_route_output_key(net, rp, flp)) != 0) |
1da177e4 LT |
2555 | return err; |
2556 | ||
2557 | if (flp->proto) { | |
2558 | if (!flp->fl4_src) | |
2559 | flp->fl4_src = (*rp)->rt_src; | |
2560 | if (!flp->fl4_dst) | |
2561 | flp->fl4_dst = (*rp)->rt_dst; | |
bb72845e HX |
2562 | err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, |
2563 | flags ? XFRM_LOOKUP_WAIT : 0); | |
14e50e57 DM |
2564 | if (err == -EREMOTE) |
2565 | err = ipv4_dst_blackhole(rp, flp, sk); | |
2566 | ||
2567 | return err; | |
1da177e4 LT |
2568 | } |
2569 | ||
2570 | return 0; | |
2571 | } | |
2572 | ||
d8c97a94 ACM |
2573 | EXPORT_SYMBOL_GPL(ip_route_output_flow); |
2574 | ||
f206351a | 2575 | int ip_route_output_key(struct net *net, struct rtable **rp, struct flowi *flp) |
1da177e4 | 2576 | { |
f206351a | 2577 | return ip_route_output_flow(net, rp, flp, NULL, 0); |
1da177e4 LT |
2578 | } |
2579 | ||
2580 | static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event, | |
b6544c0b | 2581 | int nowait, unsigned int flags) |
1da177e4 LT |
2582 | { |
2583 | struct rtable *rt = (struct rtable*)skb->dst; | |
2584 | struct rtmsg *r; | |
be403ea1 | 2585 | struct nlmsghdr *nlh; |
e3703b3d TG |
2586 | long expires; |
2587 | u32 id = 0, ts = 0, tsage = 0, error; | |
be403ea1 TG |
2588 | |
2589 | nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags); | |
2590 | if (nlh == NULL) | |
26932566 | 2591 | return -EMSGSIZE; |
be403ea1 TG |
2592 | |
2593 | r = nlmsg_data(nlh); | |
1da177e4 LT |
2594 | r->rtm_family = AF_INET; |
2595 | r->rtm_dst_len = 32; | |
2596 | r->rtm_src_len = 0; | |
2597 | r->rtm_tos = rt->fl.fl4_tos; | |
2598 | r->rtm_table = RT_TABLE_MAIN; | |
be403ea1 | 2599 | NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN); |
1da177e4 LT |
2600 | r->rtm_type = rt->rt_type; |
2601 | r->rtm_scope = RT_SCOPE_UNIVERSE; | |
2602 | r->rtm_protocol = RTPROT_UNSPEC; | |
2603 | r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED; | |
2604 | if (rt->rt_flags & RTCF_NOTIFY) | |
2605 | r->rtm_flags |= RTM_F_NOTIFY; | |
be403ea1 | 2606 | |
17fb2c64 | 2607 | NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst); |
be403ea1 | 2608 | |
1da177e4 LT |
2609 | if (rt->fl.fl4_src) { |
2610 | r->rtm_src_len = 32; | |
17fb2c64 | 2611 | NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src); |
1da177e4 LT |
2612 | } |
2613 | if (rt->u.dst.dev) | |
be403ea1 | 2614 | NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex); |
1da177e4 LT |
2615 | #ifdef CONFIG_NET_CLS_ROUTE |
2616 | if (rt->u.dst.tclassid) | |
be403ea1 | 2617 | NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid); |
1da177e4 LT |
2618 | #endif |
2619 | if (rt->fl.iif) | |
17fb2c64 | 2620 | NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst); |
1da177e4 | 2621 | else if (rt->rt_src != rt->fl.fl4_src) |
17fb2c64 | 2622 | NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src); |
be403ea1 | 2623 | |
1da177e4 | 2624 | if (rt->rt_dst != rt->rt_gateway) |
17fb2c64 | 2625 | NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway); |
be403ea1 | 2626 | |
1da177e4 | 2627 | if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0) |
be403ea1 TG |
2628 | goto nla_put_failure; |
2629 | ||
e3703b3d TG |
2630 | error = rt->u.dst.error; |
2631 | expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0; | |
1da177e4 | 2632 | if (rt->peer) { |
e3703b3d | 2633 | id = rt->peer->ip_id_count; |
1da177e4 | 2634 | if (rt->peer->tcp_ts_stamp) { |
e3703b3d | 2635 | ts = rt->peer->tcp_ts; |
9d729f72 | 2636 | tsage = get_seconds() - rt->peer->tcp_ts_stamp; |
1da177e4 LT |
2637 | } |
2638 | } | |
be403ea1 | 2639 | |
1da177e4 LT |
2640 | if (rt->fl.iif) { |
2641 | #ifdef CONFIG_IP_MROUTE | |
e448515c | 2642 | __be32 dst = rt->rt_dst; |
1da177e4 | 2643 | |
f97c1e0c | 2644 | if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) && |
586f1211 | 2645 | IPV4_DEVCONF_ALL(&init_net, MC_FORWARDING)) { |
1da177e4 LT |
2646 | int err = ipmr_get_route(skb, r, nowait); |
2647 | if (err <= 0) { | |
2648 | if (!nowait) { | |
2649 | if (err == 0) | |
2650 | return 0; | |
be403ea1 | 2651 | goto nla_put_failure; |
1da177e4 LT |
2652 | } else { |
2653 | if (err == -EMSGSIZE) | |
be403ea1 | 2654 | goto nla_put_failure; |
e3703b3d | 2655 | error = err; |
1da177e4 LT |
2656 | } |
2657 | } | |
2658 | } else | |
2659 | #endif | |
be403ea1 | 2660 | NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif); |
1da177e4 LT |
2661 | } |
2662 | ||
e3703b3d TG |
2663 | if (rtnl_put_cacheinfo(skb, &rt->u.dst, id, ts, tsage, |
2664 | expires, error) < 0) | |
2665 | goto nla_put_failure; | |
be403ea1 TG |
2666 | |
2667 | return nlmsg_end(skb, nlh); | |
1da177e4 | 2668 | |
be403ea1 | 2669 | nla_put_failure: |
26932566 PM |
2670 | nlmsg_cancel(skb, nlh); |
2671 | return -EMSGSIZE; | |
1da177e4 LT |
2672 | } |
2673 | ||
63f3444f | 2674 | static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg) |
1da177e4 | 2675 | { |
b854272b | 2676 | struct net *net = in_skb->sk->sk_net; |
d889ce3b TG |
2677 | struct rtmsg *rtm; |
2678 | struct nlattr *tb[RTA_MAX+1]; | |
1da177e4 | 2679 | struct rtable *rt = NULL; |
9e12bb22 AV |
2680 | __be32 dst = 0; |
2681 | __be32 src = 0; | |
2682 | u32 iif; | |
d889ce3b | 2683 | int err; |
1da177e4 LT |
2684 | struct sk_buff *skb; |
2685 | ||
b854272b DL |
2686 | if (net != &init_net) |
2687 | return -EINVAL; | |
2688 | ||
d889ce3b TG |
2689 | err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy); |
2690 | if (err < 0) | |
2691 | goto errout; | |
2692 | ||
2693 | rtm = nlmsg_data(nlh); | |
2694 | ||
1da177e4 | 2695 | skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL); |
d889ce3b TG |
2696 | if (skb == NULL) { |
2697 | err = -ENOBUFS; | |
2698 | goto errout; | |
2699 | } | |
1da177e4 LT |
2700 | |
2701 | /* Reserve room for dummy headers, this skb can pass | |
2702 | through good chunk of routing engine. | |
2703 | */ | |
459a98ed | 2704 | skb_reset_mac_header(skb); |
c1d2bbe1 | 2705 | skb_reset_network_header(skb); |
d2c962b8 SH |
2706 | |
2707 | /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */ | |
eddc9ec5 | 2708 | ip_hdr(skb)->protocol = IPPROTO_ICMP; |
1da177e4 LT |
2709 | skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr)); |
2710 | ||
17fb2c64 AV |
2711 | src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0; |
2712 | dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0; | |
d889ce3b | 2713 | iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0; |
1da177e4 LT |
2714 | |
2715 | if (iif) { | |
d889ce3b TG |
2716 | struct net_device *dev; |
2717 | ||
881d966b | 2718 | dev = __dev_get_by_index(&init_net, iif); |
d889ce3b TG |
2719 | if (dev == NULL) { |
2720 | err = -ENODEV; | |
2721 | goto errout_free; | |
2722 | } | |
2723 | ||
1da177e4 LT |
2724 | skb->protocol = htons(ETH_P_IP); |
2725 | skb->dev = dev; | |
2726 | local_bh_disable(); | |
2727 | err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev); | |
2728 | local_bh_enable(); | |
d889ce3b TG |
2729 | |
2730 | rt = (struct rtable*) skb->dst; | |
2731 | if (err == 0 && rt->u.dst.error) | |
1da177e4 LT |
2732 | err = -rt->u.dst.error; |
2733 | } else { | |
d889ce3b TG |
2734 | struct flowi fl = { |
2735 | .nl_u = { | |
2736 | .ip4_u = { | |
2737 | .daddr = dst, | |
2738 | .saddr = src, | |
2739 | .tos = rtm->rtm_tos, | |
2740 | }, | |
2741 | }, | |
2742 | .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0, | |
2743 | }; | |
f206351a | 2744 | err = ip_route_output_key(&init_net, &rt, &fl); |
1da177e4 | 2745 | } |
d889ce3b | 2746 | |
1da177e4 | 2747 | if (err) |
d889ce3b | 2748 | goto errout_free; |
1da177e4 LT |
2749 | |
2750 | skb->dst = &rt->u.dst; | |
2751 | if (rtm->rtm_flags & RTM_F_NOTIFY) | |
2752 | rt->rt_flags |= RTCF_NOTIFY; | |
2753 | ||
1da177e4 | 2754 | err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq, |
b6544c0b | 2755 | RTM_NEWROUTE, 0, 0); |
d889ce3b TG |
2756 | if (err <= 0) |
2757 | goto errout_free; | |
1da177e4 | 2758 | |
97c53cac | 2759 | err = rtnl_unicast(skb, &init_net, NETLINK_CB(in_skb).pid); |
d889ce3b | 2760 | errout: |
2942e900 | 2761 | return err; |
1da177e4 | 2762 | |
d889ce3b | 2763 | errout_free: |
1da177e4 | 2764 | kfree_skb(skb); |
d889ce3b | 2765 | goto errout; |
1da177e4 LT |
2766 | } |
2767 | ||
2768 | int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb) | |
2769 | { | |
2770 | struct rtable *rt; | |
2771 | int h, s_h; | |
2772 | int idx, s_idx; | |
2773 | ||
2774 | s_h = cb->args[0]; | |
d8c92830 ED |
2775 | if (s_h < 0) |
2776 | s_h = 0; | |
1da177e4 | 2777 | s_idx = idx = cb->args[1]; |
d8c92830 | 2778 | for (h = s_h; h <= rt_hash_mask; h++) { |
1da177e4 LT |
2779 | rcu_read_lock_bh(); |
2780 | for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt; | |
093c2ca4 | 2781 | rt = rcu_dereference(rt->u.dst.rt_next), idx++) { |
1da177e4 LT |
2782 | if (idx < s_idx) |
2783 | continue; | |
2784 | skb->dst = dst_clone(&rt->u.dst); | |
2785 | if (rt_fill_info(skb, NETLINK_CB(cb->skb).pid, | |
e905a9ed | 2786 | cb->nlh->nlmsg_seq, RTM_NEWROUTE, |
b6544c0b | 2787 | 1, NLM_F_MULTI) <= 0) { |
1da177e4 LT |
2788 | dst_release(xchg(&skb->dst, NULL)); |
2789 | rcu_read_unlock_bh(); | |
2790 | goto done; | |
2791 | } | |
2792 | dst_release(xchg(&skb->dst, NULL)); | |
2793 | } | |
2794 | rcu_read_unlock_bh(); | |
d8c92830 | 2795 | s_idx = 0; |
1da177e4 LT |
2796 | } |
2797 | ||
2798 | done: | |
2799 | cb->args[0] = h; | |
2800 | cb->args[1] = idx; | |
2801 | return skb->len; | |
2802 | } | |
2803 | ||
2804 | void ip_rt_multicast_event(struct in_device *in_dev) | |
2805 | { | |
2806 | rt_cache_flush(0); | |
2807 | } | |
2808 | ||
2809 | #ifdef CONFIG_SYSCTL | |
2810 | static int flush_delay; | |
2811 | ||
2812 | static int ipv4_sysctl_rtcache_flush(ctl_table *ctl, int write, | |
2813 | struct file *filp, void __user *buffer, | |
2814 | size_t *lenp, loff_t *ppos) | |
2815 | { | |
2816 | if (write) { | |
2817 | proc_dointvec(ctl, write, filp, buffer, lenp, ppos); | |
2818 | rt_cache_flush(flush_delay); | |
2819 | return 0; | |
e905a9ed | 2820 | } |
1da177e4 LT |
2821 | |
2822 | return -EINVAL; | |
2823 | } | |
2824 | ||
2825 | static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table, | |
2826 | int __user *name, | |
2827 | int nlen, | |
2828 | void __user *oldval, | |
2829 | size_t __user *oldlenp, | |
2830 | void __user *newval, | |
1f29bcd7 | 2831 | size_t newlen) |
1da177e4 LT |
2832 | { |
2833 | int delay; | |
2834 | if (newlen != sizeof(int)) | |
2835 | return -EINVAL; | |
2836 | if (get_user(delay, (int __user *)newval)) | |
e905a9ed YH |
2837 | return -EFAULT; |
2838 | rt_cache_flush(delay); | |
1da177e4 LT |
2839 | return 0; |
2840 | } | |
2841 | ||
2842 | ctl_table ipv4_route_table[] = { | |
e905a9ed | 2843 | { |
1da177e4 LT |
2844 | .ctl_name = NET_IPV4_ROUTE_FLUSH, |
2845 | .procname = "flush", | |
2846 | .data = &flush_delay, | |
2847 | .maxlen = sizeof(int), | |
7e3e0360 | 2848 | .mode = 0200, |
1da177e4 LT |
2849 | .proc_handler = &ipv4_sysctl_rtcache_flush, |
2850 | .strategy = &ipv4_sysctl_rtcache_flush_strategy, | |
2851 | }, | |
2852 | { | |
2853 | .ctl_name = NET_IPV4_ROUTE_MIN_DELAY, | |
2854 | .procname = "min_delay", | |
2855 | .data = &ip_rt_min_delay, | |
2856 | .maxlen = sizeof(int), | |
2857 | .mode = 0644, | |
2858 | .proc_handler = &proc_dointvec_jiffies, | |
2859 | .strategy = &sysctl_jiffies, | |
2860 | }, | |
2861 | { | |
2862 | .ctl_name = NET_IPV4_ROUTE_MAX_DELAY, | |
2863 | .procname = "max_delay", | |
2864 | .data = &ip_rt_max_delay, | |
2865 | .maxlen = sizeof(int), | |
2866 | .mode = 0644, | |
2867 | .proc_handler = &proc_dointvec_jiffies, | |
2868 | .strategy = &sysctl_jiffies, | |
2869 | }, | |
2870 | { | |
2871 | .ctl_name = NET_IPV4_ROUTE_GC_THRESH, | |
2872 | .procname = "gc_thresh", | |
2873 | .data = &ipv4_dst_ops.gc_thresh, | |
2874 | .maxlen = sizeof(int), | |
2875 | .mode = 0644, | |
2876 | .proc_handler = &proc_dointvec, | |
2877 | }, | |
2878 | { | |
2879 | .ctl_name = NET_IPV4_ROUTE_MAX_SIZE, | |
2880 | .procname = "max_size", | |
2881 | .data = &ip_rt_max_size, | |
2882 | .maxlen = sizeof(int), | |
2883 | .mode = 0644, | |
2884 | .proc_handler = &proc_dointvec, | |
2885 | }, | |
2886 | { | |
2887 | /* Deprecated. Use gc_min_interval_ms */ | |
e905a9ed | 2888 | |
1da177e4 LT |
2889 | .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL, |
2890 | .procname = "gc_min_interval", | |
2891 | .data = &ip_rt_gc_min_interval, | |
2892 | .maxlen = sizeof(int), | |
2893 | .mode = 0644, | |
2894 | .proc_handler = &proc_dointvec_jiffies, | |
2895 | .strategy = &sysctl_jiffies, | |
2896 | }, | |
2897 | { | |
2898 | .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS, | |
2899 | .procname = "gc_min_interval_ms", | |
2900 | .data = &ip_rt_gc_min_interval, | |
2901 | .maxlen = sizeof(int), | |
2902 | .mode = 0644, | |
2903 | .proc_handler = &proc_dointvec_ms_jiffies, | |
2904 | .strategy = &sysctl_ms_jiffies, | |
2905 | }, | |
2906 | { | |
2907 | .ctl_name = NET_IPV4_ROUTE_GC_TIMEOUT, | |
2908 | .procname = "gc_timeout", | |
2909 | .data = &ip_rt_gc_timeout, | |
2910 | .maxlen = sizeof(int), | |
2911 | .mode = 0644, | |
2912 | .proc_handler = &proc_dointvec_jiffies, | |
2913 | .strategy = &sysctl_jiffies, | |
2914 | }, | |
2915 | { | |
2916 | .ctl_name = NET_IPV4_ROUTE_GC_INTERVAL, | |
2917 | .procname = "gc_interval", | |
2918 | .data = &ip_rt_gc_interval, | |
2919 | .maxlen = sizeof(int), | |
2920 | .mode = 0644, | |
2921 | .proc_handler = &proc_dointvec_jiffies, | |
2922 | .strategy = &sysctl_jiffies, | |
2923 | }, | |
2924 | { | |
2925 | .ctl_name = NET_IPV4_ROUTE_REDIRECT_LOAD, | |
2926 | .procname = "redirect_load", | |
2927 | .data = &ip_rt_redirect_load, | |
2928 | .maxlen = sizeof(int), | |
2929 | .mode = 0644, | |
2930 | .proc_handler = &proc_dointvec, | |
2931 | }, | |
2932 | { | |
2933 | .ctl_name = NET_IPV4_ROUTE_REDIRECT_NUMBER, | |
2934 | .procname = "redirect_number", | |
2935 | .data = &ip_rt_redirect_number, | |
2936 | .maxlen = sizeof(int), | |
2937 | .mode = 0644, | |
2938 | .proc_handler = &proc_dointvec, | |
2939 | }, | |
2940 | { | |
2941 | .ctl_name = NET_IPV4_ROUTE_REDIRECT_SILENCE, | |
2942 | .procname = "redirect_silence", | |
2943 | .data = &ip_rt_redirect_silence, | |
2944 | .maxlen = sizeof(int), | |
2945 | .mode = 0644, | |
2946 | .proc_handler = &proc_dointvec, | |
2947 | }, | |
2948 | { | |
2949 | .ctl_name = NET_IPV4_ROUTE_ERROR_COST, | |
2950 | .procname = "error_cost", | |
2951 | .data = &ip_rt_error_cost, | |
2952 | .maxlen = sizeof(int), | |
2953 | .mode = 0644, | |
2954 | .proc_handler = &proc_dointvec, | |
2955 | }, | |
2956 | { | |
2957 | .ctl_name = NET_IPV4_ROUTE_ERROR_BURST, | |
2958 | .procname = "error_burst", | |
2959 | .data = &ip_rt_error_burst, | |
2960 | .maxlen = sizeof(int), | |
2961 | .mode = 0644, | |
2962 | .proc_handler = &proc_dointvec, | |
2963 | }, | |
2964 | { | |
2965 | .ctl_name = NET_IPV4_ROUTE_GC_ELASTICITY, | |
2966 | .procname = "gc_elasticity", | |
2967 | .data = &ip_rt_gc_elasticity, | |
2968 | .maxlen = sizeof(int), | |
2969 | .mode = 0644, | |
2970 | .proc_handler = &proc_dointvec, | |
2971 | }, | |
2972 | { | |
2973 | .ctl_name = NET_IPV4_ROUTE_MTU_EXPIRES, | |
2974 | .procname = "mtu_expires", | |
2975 | .data = &ip_rt_mtu_expires, | |
2976 | .maxlen = sizeof(int), | |
2977 | .mode = 0644, | |
2978 | .proc_handler = &proc_dointvec_jiffies, | |
2979 | .strategy = &sysctl_jiffies, | |
2980 | }, | |
2981 | { | |
2982 | .ctl_name = NET_IPV4_ROUTE_MIN_PMTU, | |
2983 | .procname = "min_pmtu", | |
2984 | .data = &ip_rt_min_pmtu, | |
2985 | .maxlen = sizeof(int), | |
2986 | .mode = 0644, | |
2987 | .proc_handler = &proc_dointvec, | |
2988 | }, | |
2989 | { | |
2990 | .ctl_name = NET_IPV4_ROUTE_MIN_ADVMSS, | |
2991 | .procname = "min_adv_mss", | |
2992 | .data = &ip_rt_min_advmss, | |
2993 | .maxlen = sizeof(int), | |
2994 | .mode = 0644, | |
2995 | .proc_handler = &proc_dointvec, | |
2996 | }, | |
2997 | { | |
2998 | .ctl_name = NET_IPV4_ROUTE_SECRET_INTERVAL, | |
2999 | .procname = "secret_interval", | |
3000 | .data = &ip_rt_secret_interval, | |
3001 | .maxlen = sizeof(int), | |
3002 | .mode = 0644, | |
3003 | .proc_handler = &proc_dointvec_jiffies, | |
3004 | .strategy = &sysctl_jiffies, | |
3005 | }, | |
3006 | { .ctl_name = 0 } | |
3007 | }; | |
3008 | #endif | |
3009 | ||
3010 | #ifdef CONFIG_NET_CLS_ROUTE | |
8dbde28d | 3011 | struct ip_rt_acct *ip_rt_acct __read_mostly; |
1da177e4 LT |
3012 | #endif /* CONFIG_NET_CLS_ROUTE */ |
3013 | ||
3014 | static __initdata unsigned long rhash_entries; | |
3015 | static int __init set_rhash_entries(char *str) | |
3016 | { | |
3017 | if (!str) | |
3018 | return 0; | |
3019 | rhash_entries = simple_strtoul(str, &str, 0); | |
3020 | return 1; | |
3021 | } | |
3022 | __setup("rhash_entries=", set_rhash_entries); | |
3023 | ||
3024 | int __init ip_rt_init(void) | |
3025 | { | |
424c4b70 | 3026 | int rc = 0; |
1da177e4 LT |
3027 | |
3028 | rt_hash_rnd = (int) ((num_physpages ^ (num_physpages>>8)) ^ | |
3029 | (jiffies ^ (jiffies >> 7))); | |
3030 | ||
3031 | #ifdef CONFIG_NET_CLS_ROUTE | |
8dbde28d | 3032 | ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct)); |
1da177e4 LT |
3033 | if (!ip_rt_acct) |
3034 | panic("IP: failed to allocate ip_rt_acct\n"); | |
1da177e4 LT |
3035 | #endif |
3036 | ||
e5d679f3 AD |
3037 | ipv4_dst_ops.kmem_cachep = |
3038 | kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0, | |
20c2df83 | 3039 | SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL); |
1da177e4 | 3040 | |
14e50e57 DM |
3041 | ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep; |
3042 | ||
424c4b70 ED |
3043 | rt_hash_table = (struct rt_hash_bucket *) |
3044 | alloc_large_system_hash("IP route cache", | |
3045 | sizeof(struct rt_hash_bucket), | |
3046 | rhash_entries, | |
3047 | (num_physpages >= 128 * 1024) ? | |
18955cfc | 3048 | 15 : 17, |
8d1502de | 3049 | 0, |
424c4b70 ED |
3050 | &rt_hash_log, |
3051 | &rt_hash_mask, | |
3052 | 0); | |
22c047cc ED |
3053 | memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket)); |
3054 | rt_hash_lock_init(); | |
1da177e4 LT |
3055 | |
3056 | ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1); | |
3057 | ip_rt_max_size = (rt_hash_mask + 1) * 16; | |
3058 | ||
1da177e4 LT |
3059 | devinet_init(); |
3060 | ip_fib_init(); | |
3061 | ||
b24b8a24 PE |
3062 | setup_timer(&rt_flush_timer, rt_run_flush, 0); |
3063 | setup_timer(&rt_secret_timer, rt_secret_rebuild, 0); | |
1da177e4 LT |
3064 | |
3065 | /* All the timers, started at system startup tend | |
3066 | to synchronize. Perturb it a bit. | |
3067 | */ | |
39c90ece ED |
3068 | schedule_delayed_work(&expires_work, |
3069 | net_random() % ip_rt_gc_interval + ip_rt_gc_interval); | |
1da177e4 LT |
3070 | |
3071 | rt_secret_timer.expires = jiffies + net_random() % ip_rt_secret_interval + | |
3072 | ip_rt_secret_interval; | |
3073 | add_timer(&rt_secret_timer); | |
3074 | ||
107f1634 PE |
3075 | if (ip_rt_proc_init(&init_net)) |
3076 | printk(KERN_ERR "Unable to create route proc files\n"); | |
1da177e4 LT |
3077 | #ifdef CONFIG_XFRM |
3078 | xfrm_init(); | |
3079 | xfrm4_init(); | |
3080 | #endif | |
63f3444f TG |
3081 | rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL); |
3082 | ||
1da177e4 LT |
3083 | return rc; |
3084 | } | |
3085 | ||
3086 | EXPORT_SYMBOL(__ip_select_ident); | |
3087 | EXPORT_SYMBOL(ip_route_input); | |
3088 | EXPORT_SYMBOL(ip_route_output_key); |