2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Alan Cox, <gw4pts@gw4pts.ampr.org>
11 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alan Cox : Verify area fixes.
16 * Alan Cox : cli() protects routing changes
17 * Rui Oliveira : ICMP routing table updates
18 * (rco@di.uminho.pt) Routing table insertion and update
19 * Linus Torvalds : Rewrote bits to be sensible
20 * Alan Cox : Added BSD route gw semantics
21 * Alan Cox : Super /proc >4K
22 * Alan Cox : MTU in route table
23 * Alan Cox : MSS actually. Also added the window
25 * Sam Lantinga : Fixed route matching in rt_del()
26 * Alan Cox : Routing cache support.
27 * Alan Cox : Removed compatibility cruft.
28 * Alan Cox : RTF_REJECT support.
29 * Alan Cox : TCP irtt support.
30 * Jonathan Naylor : Added Metric support.
31 * Miquel van Smoorenburg : BSD API fixes.
32 * Miquel van Smoorenburg : Metrics.
33 * Alan Cox : Use __u32 properly
34 * Alan Cox : Aligned routing errors more closely with BSD
35 * our system is still very different.
36 * Alan Cox : Faster /proc handling
37 * Alexey Kuznetsov : Massive rework to support tree based routing,
38 * routing caches and better behaviour.
40 * Olaf Erb : irtt wasn't being copied right.
41 * Bjorn Ekwall : Kerneld route support.
42 * Alan Cox : Multicast fixed (I hope)
43 * Pavel Krauz : Limited broadcast fixed
44 * Mike McLagan : Routing by source
45 * Alexey Kuznetsov : End of old history. Split to fib.c and
46 * route.c and rewritten from scratch.
47 * Andi Kleen : Load-limit warning messages.
48 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
49 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
50 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
51 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
52 * Marc Boucher : routing by fwmark
53 * Robert Olsson : Added rt_cache statistics
54 * Arnaldo C. Melo : Convert proc stuff to seq_file
55 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
56 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
57 * Ilia Sotnikov : Removed TOS from hash calculations
59 * This program is free software; you can redistribute it and/or
60 * modify it under the terms of the GNU General Public License
61 * as published by the Free Software Foundation; either version
62 * 2 of the License, or (at your option) any later version.
65 #define pr_fmt(fmt) "IPv4: " fmt
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <linux/bitops.h>
70 #include <linux/types.h>
71 #include <linux/kernel.h>
73 #include <linux/bootmem.h>
74 #include <linux/string.h>
75 #include <linux/socket.h>
76 #include <linux/sockios.h>
77 #include <linux/errno.h>
79 #include <linux/inet.h>
80 #include <linux/netdevice.h>
81 #include <linux/proc_fs.h>
82 #include <linux/init.h>
83 #include <linux/workqueue.h>
84 #include <linux/skbuff.h>
85 #include <linux/inetdevice.h>
86 #include <linux/igmp.h>
87 #include <linux/pkt_sched.h>
88 #include <linux/mroute.h>
89 #include <linux/netfilter_ipv4.h>
90 #include <linux/random.h>
91 #include <linux/jhash.h>
92 #include <linux/rcupdate.h>
93 #include <linux/times.h>
94 #include <linux/slab.h>
95 #include <linux/prefetch.h>
97 #include <net/net_namespace.h>
98 #include <net/protocol.h>
100 #include <net/route.h>
101 #include <net/inetpeer.h>
102 #include <net/sock.h>
103 #include <net/ip_fib.h>
106 #include <net/icmp.h>
107 #include <net/xfrm.h>
108 #include <net/netevent.h>
109 #include <net/rtnetlink.h>
111 #include <linux/sysctl.h>
112 #include <linux/kmemleak.h>
114 #include <net/secure_seq.h>
116 #define RT_FL_TOS(oldflp4) \
117 ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK))
119 #define IP_MAX_MTU 0xFFF0
121 #define RT_GC_TIMEOUT (300*HZ)
123 static int ip_rt_max_size;
124 static int ip_rt_gc_timeout __read_mostly = RT_GC_TIMEOUT;
125 static int ip_rt_gc_interval __read_mostly = 60 * HZ;
126 static int ip_rt_gc_min_interval __read_mostly = HZ / 2;
127 static int ip_rt_redirect_number __read_mostly = 9;
128 static int ip_rt_redirect_load __read_mostly = HZ / 50;
129 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
130 static int ip_rt_error_cost __read_mostly = HZ;
131 static int ip_rt_error_burst __read_mostly = 5 * HZ;
132 static int ip_rt_gc_elasticity __read_mostly = 8;
133 static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
134 static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
135 static int ip_rt_min_advmss __read_mostly = 256;
136 static int rt_chain_length_max __read_mostly = 20;
138 static struct delayed_work expires_work;
139 static unsigned long expires_ljiffies;
142 * Interface to generic destination cache.
145 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
146 static unsigned int ipv4_default_advmss(const struct dst_entry *dst);
147 static unsigned int ipv4_mtu(const struct dst_entry *dst);
148 static void ipv4_dst_destroy(struct dst_entry *dst);
149 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
150 static void ipv4_link_failure(struct sk_buff *skb);
151 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
152 static int rt_garbage_collect(struct dst_ops *ops);
154 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
159 static u32 *ipv4_cow_metrics(struct dst_entry *dst, unsigned long old)
165 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
169 static struct dst_ops ipv4_dst_ops = {
171 .protocol = cpu_to_be16(ETH_P_IP),
172 .gc = rt_garbage_collect,
173 .check = ipv4_dst_check,
174 .default_advmss = ipv4_default_advmss,
176 .cow_metrics = ipv4_cow_metrics,
177 .destroy = ipv4_dst_destroy,
178 .ifdown = ipv4_dst_ifdown,
179 .negative_advice = ipv4_negative_advice,
180 .link_failure = ipv4_link_failure,
181 .update_pmtu = ip_rt_update_pmtu,
182 .local_out = __ip_local_out,
183 .neigh_lookup = ipv4_neigh_lookup,
186 #define ECN_OR_COST(class) TC_PRIO_##class
188 const __u8 ip_tos2prio[16] = {
190 ECN_OR_COST(BESTEFFORT),
192 ECN_OR_COST(BESTEFFORT),
198 ECN_OR_COST(INTERACTIVE),
200 ECN_OR_COST(INTERACTIVE),
201 TC_PRIO_INTERACTIVE_BULK,
202 ECN_OR_COST(INTERACTIVE_BULK),
203 TC_PRIO_INTERACTIVE_BULK,
204 ECN_OR_COST(INTERACTIVE_BULK)
206 EXPORT_SYMBOL(ip_tos2prio);
212 /* The locking scheme is rather straight forward:
214 * 1) Read-Copy Update protects the buckets of the central route hash.
215 * 2) Only writers remove entries, and they hold the lock
216 * as they look at rtable reference counts.
217 * 3) Only readers acquire references to rtable entries,
218 * they do so with atomic increments and with the
222 struct rt_hash_bucket {
223 struct rtable __rcu *chain;
226 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
227 defined(CONFIG_PROVE_LOCKING)
229 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
230 * The size of this table is a power of two and depends on the number of CPUS.
231 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
233 #ifdef CONFIG_LOCKDEP
234 # define RT_HASH_LOCK_SZ 256
237 # define RT_HASH_LOCK_SZ 4096
239 # define RT_HASH_LOCK_SZ 2048
241 # define RT_HASH_LOCK_SZ 1024
243 # define RT_HASH_LOCK_SZ 512
245 # define RT_HASH_LOCK_SZ 256
249 static spinlock_t *rt_hash_locks;
250 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
252 static __init void rt_hash_lock_init(void)
256 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ,
259 panic("IP: failed to allocate rt_hash_locks\n");
261 for (i = 0; i < RT_HASH_LOCK_SZ; i++)
262 spin_lock_init(&rt_hash_locks[i]);
265 # define rt_hash_lock_addr(slot) NULL
267 static inline void rt_hash_lock_init(void)
272 static struct rt_hash_bucket *rt_hash_table __read_mostly;
273 static unsigned int rt_hash_mask __read_mostly;
274 static unsigned int rt_hash_log __read_mostly;
276 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
277 #define RT_CACHE_STAT_INC(field) __this_cpu_inc(rt_cache_stat.field)
279 static inline unsigned int rt_hash(__be32 daddr, __be32 saddr, int idx,
282 return jhash_3words((__force u32)daddr, (__force u32)saddr,
287 static inline int rt_genid(struct net *net)
289 return atomic_read(&net->ipv4.rt_genid);
292 #ifdef CONFIG_PROC_FS
293 struct rt_cache_iter_state {
294 struct seq_net_private p;
299 static struct rtable *rt_cache_get_first(struct seq_file *seq)
301 struct rt_cache_iter_state *st = seq->private;
302 struct rtable *r = NULL;
304 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
305 if (!rcu_access_pointer(rt_hash_table[st->bucket].chain))
308 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
310 if (dev_net(r->dst.dev) == seq_file_net(seq) &&
311 r->rt_genid == st->genid)
313 r = rcu_dereference_bh(r->dst.rt_next);
315 rcu_read_unlock_bh();
320 static struct rtable *__rt_cache_get_next(struct seq_file *seq,
323 struct rt_cache_iter_state *st = seq->private;
325 r = rcu_dereference_bh(r->dst.rt_next);
327 rcu_read_unlock_bh();
329 if (--st->bucket < 0)
331 } while (!rcu_access_pointer(rt_hash_table[st->bucket].chain));
333 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
338 static struct rtable *rt_cache_get_next(struct seq_file *seq,
341 struct rt_cache_iter_state *st = seq->private;
342 while ((r = __rt_cache_get_next(seq, r)) != NULL) {
343 if (dev_net(r->dst.dev) != seq_file_net(seq))
345 if (r->rt_genid == st->genid)
351 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
353 struct rtable *r = rt_cache_get_first(seq);
356 while (pos && (r = rt_cache_get_next(seq, r)))
358 return pos ? NULL : r;
361 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
363 struct rt_cache_iter_state *st = seq->private;
365 return rt_cache_get_idx(seq, *pos - 1);
366 st->genid = rt_genid(seq_file_net(seq));
367 return SEQ_START_TOKEN;
370 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
374 if (v == SEQ_START_TOKEN)
375 r = rt_cache_get_first(seq);
377 r = rt_cache_get_next(seq, v);
382 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
384 if (v && v != SEQ_START_TOKEN)
385 rcu_read_unlock_bh();
388 static int rt_cache_seq_show(struct seq_file *seq, void *v)
390 if (v == SEQ_START_TOKEN)
391 seq_printf(seq, "%-127s\n",
392 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
393 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
396 struct rtable *r = v;
399 seq_printf(seq, "%s\t%08X\t%08X\t%8X\t%d\t%u\t%d\t"
400 "%08X\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X%n",
401 r->dst.dev ? r->dst.dev->name : "*",
402 (__force u32)r->rt_dst,
403 (__force u32)r->rt_gateway,
404 r->rt_flags, atomic_read(&r->dst.__refcnt),
405 r->dst.__use, 0, (__force u32)r->rt_src,
406 dst_metric_advmss(&r->dst) + 40,
407 dst_metric(&r->dst, RTAX_WINDOW), 0,
411 seq_printf(seq, "%*s\n", 127 - len, "");
416 static const struct seq_operations rt_cache_seq_ops = {
417 .start = rt_cache_seq_start,
418 .next = rt_cache_seq_next,
419 .stop = rt_cache_seq_stop,
420 .show = rt_cache_seq_show,
423 static int rt_cache_seq_open(struct inode *inode, struct file *file)
425 return seq_open_net(inode, file, &rt_cache_seq_ops,
426 sizeof(struct rt_cache_iter_state));
429 static const struct file_operations rt_cache_seq_fops = {
430 .owner = THIS_MODULE,
431 .open = rt_cache_seq_open,
434 .release = seq_release_net,
438 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
443 return SEQ_START_TOKEN;
445 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
446 if (!cpu_possible(cpu))
449 return &per_cpu(rt_cache_stat, cpu);
454 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
458 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
459 if (!cpu_possible(cpu))
462 return &per_cpu(rt_cache_stat, cpu);
468 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
473 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
475 struct rt_cache_stat *st = v;
477 if (v == SEQ_START_TOKEN) {
478 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
482 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
483 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
484 dst_entries_get_slow(&ipv4_dst_ops),
507 static const struct seq_operations rt_cpu_seq_ops = {
508 .start = rt_cpu_seq_start,
509 .next = rt_cpu_seq_next,
510 .stop = rt_cpu_seq_stop,
511 .show = rt_cpu_seq_show,
515 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
517 return seq_open(file, &rt_cpu_seq_ops);
520 static const struct file_operations rt_cpu_seq_fops = {
521 .owner = THIS_MODULE,
522 .open = rt_cpu_seq_open,
525 .release = seq_release,
528 #ifdef CONFIG_IP_ROUTE_CLASSID
529 static int rt_acct_proc_show(struct seq_file *m, void *v)
531 struct ip_rt_acct *dst, *src;
534 dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
538 for_each_possible_cpu(i) {
539 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
540 for (j = 0; j < 256; j++) {
541 dst[j].o_bytes += src[j].o_bytes;
542 dst[j].o_packets += src[j].o_packets;
543 dst[j].i_bytes += src[j].i_bytes;
544 dst[j].i_packets += src[j].i_packets;
548 seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
553 static int rt_acct_proc_open(struct inode *inode, struct file *file)
555 return single_open(file, rt_acct_proc_show, NULL);
558 static const struct file_operations rt_acct_proc_fops = {
559 .owner = THIS_MODULE,
560 .open = rt_acct_proc_open,
563 .release = single_release,
567 static int __net_init ip_rt_do_proc_init(struct net *net)
569 struct proc_dir_entry *pde;
571 pde = proc_net_fops_create(net, "rt_cache", S_IRUGO,
576 pde = proc_create("rt_cache", S_IRUGO,
577 net->proc_net_stat, &rt_cpu_seq_fops);
581 #ifdef CONFIG_IP_ROUTE_CLASSID
582 pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
588 #ifdef CONFIG_IP_ROUTE_CLASSID
590 remove_proc_entry("rt_cache", net->proc_net_stat);
593 remove_proc_entry("rt_cache", net->proc_net);
598 static void __net_exit ip_rt_do_proc_exit(struct net *net)
600 remove_proc_entry("rt_cache", net->proc_net_stat);
601 remove_proc_entry("rt_cache", net->proc_net);
602 #ifdef CONFIG_IP_ROUTE_CLASSID
603 remove_proc_entry("rt_acct", net->proc_net);
607 static struct pernet_operations ip_rt_proc_ops __net_initdata = {
608 .init = ip_rt_do_proc_init,
609 .exit = ip_rt_do_proc_exit,
612 static int __init ip_rt_proc_init(void)
614 return register_pernet_subsys(&ip_rt_proc_ops);
618 static inline int ip_rt_proc_init(void)
622 #endif /* CONFIG_PROC_FS */
624 static inline void rt_free(struct rtable *rt)
626 call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
629 static inline void rt_drop(struct rtable *rt)
632 call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
635 static inline int rt_fast_clean(struct rtable *rth)
637 /* Kill broadcast/multicast entries very aggresively, if they
638 collide in hash table with more useful entries */
639 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
640 rt_is_input_route(rth) && rth->dst.rt_next;
643 static inline int rt_valuable(struct rtable *rth)
645 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
649 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
654 if (atomic_read(&rth->dst.__refcnt))
657 age = jiffies - rth->dst.lastuse;
658 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
659 (age <= tmo2 && rt_valuable(rth)))
665 /* Bits of score are:
667 * 30: not quite useless
668 * 29..0: usage counter
670 static inline u32 rt_score(struct rtable *rt)
672 u32 score = jiffies - rt->dst.lastuse;
674 score = ~score & ~(3<<30);
679 if (rt_is_output_route(rt) ||
680 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
686 static inline bool rt_caching(const struct net *net)
688 return net->ipv4.current_rt_cache_rebuild_count <=
689 net->ipv4.sysctl_rt_cache_rebuild_count;
692 static inline bool compare_hash_inputs(const struct rtable *rt1,
693 const struct rtable *rt2)
695 return ((((__force u32)rt1->rt_key_dst ^ (__force u32)rt2->rt_key_dst) |
696 ((__force u32)rt1->rt_key_src ^ (__force u32)rt2->rt_key_src) |
697 (rt1->rt_route_iif ^ rt2->rt_route_iif)) == 0);
700 static inline int compare_keys(struct rtable *rt1, struct rtable *rt2)
702 return (((__force u32)rt1->rt_key_dst ^ (__force u32)rt2->rt_key_dst) |
703 ((__force u32)rt1->rt_key_src ^ (__force u32)rt2->rt_key_src) |
704 (rt1->rt_mark ^ rt2->rt_mark) |
705 (rt1->rt_key_tos ^ rt2->rt_key_tos) |
706 (rt1->rt_route_iif ^ rt2->rt_route_iif) |
707 (rt1->rt_oif ^ rt2->rt_oif)) == 0;
710 static inline int compare_netns(struct rtable *rt1, struct rtable *rt2)
712 return net_eq(dev_net(rt1->dst.dev), dev_net(rt2->dst.dev));
715 static inline int rt_is_expired(struct rtable *rth)
717 return rth->rt_genid != rt_genid(dev_net(rth->dst.dev));
721 * Perform a full scan of hash table and free all entries.
722 * Can be called by a softirq or a process.
723 * In the later case, we want to be reschedule if necessary
725 static void rt_do_flush(struct net *net, int process_context)
728 struct rtable *rth, *next;
730 for (i = 0; i <= rt_hash_mask; i++) {
731 struct rtable __rcu **pprev;
734 if (process_context && need_resched())
736 rth = rcu_access_pointer(rt_hash_table[i].chain);
740 spin_lock_bh(rt_hash_lock_addr(i));
743 pprev = &rt_hash_table[i].chain;
744 rth = rcu_dereference_protected(*pprev,
745 lockdep_is_held(rt_hash_lock_addr(i)));
748 next = rcu_dereference_protected(rth->dst.rt_next,
749 lockdep_is_held(rt_hash_lock_addr(i)));
752 net_eq(dev_net(rth->dst.dev), net)) {
753 rcu_assign_pointer(*pprev, next);
754 rcu_assign_pointer(rth->dst.rt_next, list);
757 pprev = &rth->dst.rt_next;
762 spin_unlock_bh(rt_hash_lock_addr(i));
764 for (; list; list = next) {
765 next = rcu_dereference_protected(list->dst.rt_next, 1);
772 * While freeing expired entries, we compute average chain length
773 * and standard deviation, using fixed-point arithmetic.
774 * This to have an estimation of rt_chain_length_max
775 * rt_chain_length_max = max(elasticity, AVG + 4*SD)
776 * We use 3 bits for frational part, and 29 (or 61) for magnitude.
780 #define ONE (1UL << FRACT_BITS)
783 * Given a hash chain and an item in this hash chain,
784 * find if a previous entry has the same hash_inputs
785 * (but differs on tos, mark or oif)
786 * Returns 0 if an alias is found.
787 * Returns ONE if rth has no alias before itself.
789 static int has_noalias(const struct rtable *head, const struct rtable *rth)
791 const struct rtable *aux = head;
794 if (compare_hash_inputs(aux, rth))
796 aux = rcu_dereference_protected(aux->dst.rt_next, 1);
801 static void rt_check_expire(void)
803 static unsigned int rover;
804 unsigned int i = rover, goal;
806 struct rtable __rcu **rthp;
807 unsigned long samples = 0;
808 unsigned long sum = 0, sum2 = 0;
812 delta = jiffies - expires_ljiffies;
813 expires_ljiffies = jiffies;
814 mult = ((u64)delta) << rt_hash_log;
815 if (ip_rt_gc_timeout > 1)
816 do_div(mult, ip_rt_gc_timeout);
817 goal = (unsigned int)mult;
818 if (goal > rt_hash_mask)
819 goal = rt_hash_mask + 1;
820 for (; goal > 0; goal--) {
821 unsigned long tmo = ip_rt_gc_timeout;
822 unsigned long length;
824 i = (i + 1) & rt_hash_mask;
825 rthp = &rt_hash_table[i].chain;
832 if (rcu_dereference_raw(*rthp) == NULL)
835 spin_lock_bh(rt_hash_lock_addr(i));
836 while ((rth = rcu_dereference_protected(*rthp,
837 lockdep_is_held(rt_hash_lock_addr(i)))) != NULL) {
838 prefetch(rth->dst.rt_next);
839 if (rt_is_expired(rth) ||
840 rt_may_expire(rth, tmo, ip_rt_gc_timeout)) {
841 *rthp = rth->dst.rt_next;
846 /* We only count entries on a chain with equal
847 * hash inputs once so that entries for
848 * different QOS levels, and other non-hash
849 * input attributes don't unfairly skew the
853 rthp = &rth->dst.rt_next;
854 length += has_noalias(rt_hash_table[i].chain, rth);
856 spin_unlock_bh(rt_hash_lock_addr(i));
858 sum2 += length*length;
861 unsigned long avg = sum / samples;
862 unsigned long sd = int_sqrt(sum2 / samples - avg*avg);
863 rt_chain_length_max = max_t(unsigned long,
865 (avg + 4*sd) >> FRACT_BITS);
871 * rt_worker_func() is run in process context.
872 * we call rt_check_expire() to scan part of the hash table
874 static void rt_worker_func(struct work_struct *work)
877 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
881 * Perturbation of rt_genid by a small quantity [1..256]
882 * Using 8 bits of shuffling ensure we can call rt_cache_invalidate()
883 * many times (2^24) without giving recent rt_genid.
884 * Jenkins hash is strong enough that litle changes of rt_genid are OK.
886 static void rt_cache_invalidate(struct net *net)
888 unsigned char shuffle;
890 get_random_bytes(&shuffle, sizeof(shuffle));
891 atomic_add(shuffle + 1U, &net->ipv4.rt_genid);
895 * delay < 0 : invalidate cache (fast : entries will be deleted later)
896 * delay >= 0 : invalidate & flush cache (can be long)
898 void rt_cache_flush(struct net *net, int delay)
900 rt_cache_invalidate(net);
902 rt_do_flush(net, !in_softirq());
905 /* Flush previous cache invalidated entries from the cache */
906 void rt_cache_flush_batch(struct net *net)
908 rt_do_flush(net, !in_softirq());
911 static void rt_emergency_hash_rebuild(struct net *net)
913 net_warn_ratelimited("Route hash chain too long!\n");
914 rt_cache_invalidate(net);
918 Short description of GC goals.
920 We want to build algorithm, which will keep routing cache
921 at some equilibrium point, when number of aged off entries
922 is kept approximately equal to newly generated ones.
924 Current expiration strength is variable "expire".
925 We try to adjust it dynamically, so that if networking
926 is idle expires is large enough to keep enough of warm entries,
927 and when load increases it reduces to limit cache size.
930 static int rt_garbage_collect(struct dst_ops *ops)
932 static unsigned long expire = RT_GC_TIMEOUT;
933 static unsigned long last_gc;
935 static int equilibrium;
937 struct rtable __rcu **rthp;
938 unsigned long now = jiffies;
940 int entries = dst_entries_get_fast(&ipv4_dst_ops);
943 * Garbage collection is pretty expensive,
944 * do not make it too frequently.
947 RT_CACHE_STAT_INC(gc_total);
949 if (now - last_gc < ip_rt_gc_min_interval &&
950 entries < ip_rt_max_size) {
951 RT_CACHE_STAT_INC(gc_ignored);
955 entries = dst_entries_get_slow(&ipv4_dst_ops);
956 /* Calculate number of entries, which we want to expire now. */
957 goal = entries - (ip_rt_gc_elasticity << rt_hash_log);
959 if (equilibrium < ipv4_dst_ops.gc_thresh)
960 equilibrium = ipv4_dst_ops.gc_thresh;
961 goal = entries - equilibrium;
963 equilibrium += min_t(unsigned int, goal >> 1, rt_hash_mask + 1);
964 goal = entries - equilibrium;
967 /* We are in dangerous area. Try to reduce cache really
970 goal = max_t(unsigned int, goal >> 1, rt_hash_mask + 1);
971 equilibrium = entries - goal;
974 if (now - last_gc >= ip_rt_gc_min_interval)
985 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
986 unsigned long tmo = expire;
988 k = (k + 1) & rt_hash_mask;
989 rthp = &rt_hash_table[k].chain;
990 spin_lock_bh(rt_hash_lock_addr(k));
991 while ((rth = rcu_dereference_protected(*rthp,
992 lockdep_is_held(rt_hash_lock_addr(k)))) != NULL) {
993 if (!rt_is_expired(rth) &&
994 !rt_may_expire(rth, tmo, expire)) {
996 rthp = &rth->dst.rt_next;
999 *rthp = rth->dst.rt_next;
1003 spin_unlock_bh(rt_hash_lock_addr(k));
1012 /* Goal is not achieved. We stop process if:
1014 - if expire reduced to zero. Otherwise, expire is halfed.
1015 - if table is not full.
1016 - if we are called from interrupt.
1017 - jiffies check is just fallback/debug loop breaker.
1018 We will not spin here for long time in any case.
1021 RT_CACHE_STAT_INC(gc_goal_miss);
1028 if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1030 } while (!in_softirq() && time_before_eq(jiffies, now));
1032 if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1034 if (dst_entries_get_slow(&ipv4_dst_ops) < ip_rt_max_size)
1036 net_warn_ratelimited("dst cache overflow\n");
1037 RT_CACHE_STAT_INC(gc_dst_overflow);
1041 expire += ip_rt_gc_min_interval;
1042 if (expire > ip_rt_gc_timeout ||
1043 dst_entries_get_fast(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh ||
1044 dst_entries_get_slow(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh)
1045 expire = ip_rt_gc_timeout;
1050 * Returns number of entries in a hash chain that have different hash_inputs
1052 static int slow_chain_length(const struct rtable *head)
1055 const struct rtable *rth = head;
1058 length += has_noalias(head, rth);
1059 rth = rcu_dereference_protected(rth->dst.rt_next, 1);
1061 return length >> FRACT_BITS;
1064 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
1065 struct sk_buff *skb,
1068 struct net_device *dev = dst->dev;
1069 const __be32 *pkey = daddr;
1070 const struct rtable *rt;
1071 struct neighbour *n;
1073 rt = (const struct rtable *) dst;
1075 pkey = (const __be32 *) &rt->rt_gateway;
1077 pkey = &ip_hdr(skb)->daddr;
1079 n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
1082 return neigh_create(&arp_tbl, pkey, dev);
1085 static struct rtable *rt_intern_hash(unsigned int hash, struct rtable *rt,
1086 struct sk_buff *skb, int ifindex)
1088 struct rtable *rth, *cand;
1089 struct rtable __rcu **rthp, **candp;
1096 min_score = ~(u32)0;
1101 if (!rt_caching(dev_net(rt->dst.dev)) || (rt->dst.flags & DST_NOCACHE)) {
1103 * If we're not caching, just tell the caller we
1104 * were successful and don't touch the route. The
1105 * caller hold the sole reference to the cache entry, and
1106 * it will be released when the caller is done with it.
1107 * If we drop it here, the callers have no way to resolve routes
1108 * when we're not caching. Instead, just point *rp at rt, so
1109 * the caller gets a single use out of the route
1110 * Note that we do rt_free on this new route entry, so that
1111 * once its refcount hits zero, we are still able to reap it
1113 * Note: To avoid expensive rcu stuff for this uncached dst,
1114 * we set DST_NOCACHE so that dst_release() can free dst without
1115 * waiting a grace period.
1118 rt->dst.flags |= DST_NOCACHE;
1122 rthp = &rt_hash_table[hash].chain;
1124 spin_lock_bh(rt_hash_lock_addr(hash));
1125 while ((rth = rcu_dereference_protected(*rthp,
1126 lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1127 if (rt_is_expired(rth)) {
1128 *rthp = rth->dst.rt_next;
1132 if (compare_keys(rth, rt) && compare_netns(rth, rt)) {
1134 *rthp = rth->dst.rt_next;
1136 * Since lookup is lockfree, the deletion
1137 * must be visible to another weakly ordered CPU before
1138 * the insertion at the start of the hash chain.
1140 rcu_assign_pointer(rth->dst.rt_next,
1141 rt_hash_table[hash].chain);
1143 * Since lookup is lockfree, the update writes
1144 * must be ordered for consistency on SMP.
1146 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
1148 dst_use(&rth->dst, now);
1149 spin_unlock_bh(rt_hash_lock_addr(hash));
1153 skb_dst_set(skb, &rth->dst);
1157 if (!atomic_read(&rth->dst.__refcnt)) {
1158 u32 score = rt_score(rth);
1160 if (score <= min_score) {
1169 rthp = &rth->dst.rt_next;
1173 /* ip_rt_gc_elasticity used to be average length of chain
1174 * length, when exceeded gc becomes really aggressive.
1176 * The second limit is less certain. At the moment it allows
1177 * only 2 entries per bucket. We will see.
1179 if (chain_length > ip_rt_gc_elasticity) {
1180 *candp = cand->dst.rt_next;
1184 if (chain_length > rt_chain_length_max &&
1185 slow_chain_length(rt_hash_table[hash].chain) > rt_chain_length_max) {
1186 struct net *net = dev_net(rt->dst.dev);
1187 int num = ++net->ipv4.current_rt_cache_rebuild_count;
1188 if (!rt_caching(net)) {
1189 pr_warn("%s: %d rebuilds is over limit, route caching disabled\n",
1190 rt->dst.dev->name, num);
1192 rt_emergency_hash_rebuild(net);
1193 spin_unlock_bh(rt_hash_lock_addr(hash));
1195 hash = rt_hash(rt->rt_key_dst, rt->rt_key_src,
1196 ifindex, rt_genid(net));
1201 rt->dst.rt_next = rt_hash_table[hash].chain;
1204 * Since lookup is lockfree, we must make sure
1205 * previous writes to rt are committed to memory
1206 * before making rt visible to other CPUS.
1208 rcu_assign_pointer(rt_hash_table[hash].chain, rt);
1210 spin_unlock_bh(rt_hash_lock_addr(hash));
1214 skb_dst_set(skb, &rt->dst);
1219 * Peer allocation may fail only in serious out-of-memory conditions. However
1220 * we still can generate some output.
1221 * Random ID selection looks a bit dangerous because we have no chances to
1222 * select ID being unique in a reasonable period of time.
1223 * But broken packet identifier may be better than no packet at all.
1225 static void ip_select_fb_ident(struct iphdr *iph)
1227 static DEFINE_SPINLOCK(ip_fb_id_lock);
1228 static u32 ip_fallback_id;
1231 spin_lock_bh(&ip_fb_id_lock);
1232 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
1233 iph->id = htons(salt & 0xFFFF);
1234 ip_fallback_id = salt;
1235 spin_unlock_bh(&ip_fb_id_lock);
1238 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
1240 struct net *net = dev_net(dst->dev);
1241 struct inet_peer *peer;
1243 peer = inet_getpeer_v4(net->ipv4.peers, iph->daddr, 1);
1245 iph->id = htons(inet_getid(peer, more));
1250 ip_select_fb_ident(iph);
1252 EXPORT_SYMBOL(__ip_select_ident);
1254 static void rt_del(unsigned int hash, struct rtable *rt)
1256 struct rtable __rcu **rthp;
1259 rthp = &rt_hash_table[hash].chain;
1260 spin_lock_bh(rt_hash_lock_addr(hash));
1262 while ((aux = rcu_dereference_protected(*rthp,
1263 lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1264 if (aux == rt || rt_is_expired(aux)) {
1265 *rthp = aux->dst.rt_next;
1269 rthp = &aux->dst.rt_next;
1271 spin_unlock_bh(rt_hash_lock_addr(hash));
1274 /* called in rcu_read_lock() section */
1275 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1276 __be32 saddr, struct net_device *dev)
1279 struct in_device *in_dev = __in_dev_get_rcu(dev);
1280 __be32 skeys[2] = { saddr, 0 };
1281 int ikeys[2] = { dev->ifindex, 0 };
1288 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
1289 ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
1290 ipv4_is_zeronet(new_gw))
1291 goto reject_redirect;
1293 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1294 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1295 goto reject_redirect;
1296 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1297 goto reject_redirect;
1299 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
1300 goto reject_redirect;
1303 for (s = 0; s < 2; s++) {
1304 for (i = 0; i < 2; i++) {
1306 struct rtable __rcu **rthp;
1309 hash = rt_hash(daddr, skeys[s], ikeys[i], rt_genid(net));
1311 rthp = &rt_hash_table[hash].chain;
1313 while ((rt = rcu_dereference(*rthp)) != NULL) {
1314 struct neighbour *n;
1316 rthp = &rt->dst.rt_next;
1318 if (rt->rt_key_dst != daddr ||
1319 rt->rt_key_src != skeys[s] ||
1320 rt->rt_oif != ikeys[i] ||
1321 rt_is_input_route(rt) ||
1322 rt_is_expired(rt) ||
1323 !net_eq(dev_net(rt->dst.dev), net) ||
1325 rt->dst.dev != dev ||
1326 rt->rt_gateway != old_gw)
1329 n = ipv4_neigh_lookup(&rt->dst, NULL, &new_gw);
1331 if (!(n->nud_state & NUD_VALID)) {
1332 neigh_event_send(n, NULL);
1334 rt->rt_gateway = new_gw;
1335 rt->rt_flags |= RTCF_REDIRECTED;
1336 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, n);
1346 #ifdef CONFIG_IP_ROUTE_VERBOSE
1347 if (IN_DEV_LOG_MARTIANS(in_dev))
1348 net_info_ratelimited("Redirect from %pI4 on %s about %pI4 ignored\n"
1349 " Advised path = %pI4 -> %pI4\n",
1350 &old_gw, dev->name, &new_gw,
1356 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1358 struct rtable *rt = (struct rtable *)dst;
1359 struct dst_entry *ret = dst;
1362 if (dst->obsolete > 0) {
1365 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1367 unsigned int hash = rt_hash(rt->rt_key_dst, rt->rt_key_src,
1369 rt_genid(dev_net(dst->dev)));
1379 * 1. The first ip_rt_redirect_number redirects are sent
1380 * with exponential backoff, then we stop sending them at all,
1381 * assuming that the host ignores our redirects.
1382 * 2. If we did not see packets requiring redirects
1383 * during ip_rt_redirect_silence, we assume that the host
1384 * forgot redirected route and start to send redirects again.
1386 * This algorithm is much cheaper and more intelligent than dumb load limiting
1389 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1390 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1393 void ip_rt_send_redirect(struct sk_buff *skb)
1395 struct rtable *rt = skb_rtable(skb);
1396 struct in_device *in_dev;
1397 struct inet_peer *peer;
1402 in_dev = __in_dev_get_rcu(rt->dst.dev);
1403 if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
1407 log_martians = IN_DEV_LOG_MARTIANS(in_dev);
1410 net = dev_net(rt->dst.dev);
1411 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
1413 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1417 /* No redirected packets during ip_rt_redirect_silence;
1418 * reset the algorithm.
1420 if (time_after(jiffies, peer->rate_last + ip_rt_redirect_silence))
1421 peer->rate_tokens = 0;
1423 /* Too many ignored redirects; do not send anything
1424 * set dst.rate_last to the last seen redirected packet.
1426 if (peer->rate_tokens >= ip_rt_redirect_number) {
1427 peer->rate_last = jiffies;
1431 /* Check for load limit; set rate_last to the latest sent
1434 if (peer->rate_tokens == 0 ||
1437 (ip_rt_redirect_load << peer->rate_tokens)))) {
1438 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1439 peer->rate_last = jiffies;
1440 ++peer->rate_tokens;
1441 #ifdef CONFIG_IP_ROUTE_VERBOSE
1443 peer->rate_tokens == ip_rt_redirect_number)
1444 net_warn_ratelimited("host %pI4/if%d ignores redirects for %pI4 to %pI4\n",
1445 &ip_hdr(skb)->saddr, rt->rt_iif,
1446 &rt->rt_dst, &rt->rt_gateway);
1453 static int ip_error(struct sk_buff *skb)
1455 struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
1456 struct rtable *rt = skb_rtable(skb);
1457 struct inet_peer *peer;
1463 net = dev_net(rt->dst.dev);
1464 if (!IN_DEV_FORWARD(in_dev)) {
1465 switch (rt->dst.error) {
1467 IP_INC_STATS_BH(net, IPSTATS_MIB_INADDRERRORS);
1471 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
1477 switch (rt->dst.error) {
1482 code = ICMP_HOST_UNREACH;
1485 code = ICMP_NET_UNREACH;
1486 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
1489 code = ICMP_PKT_FILTERED;
1493 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
1498 peer->rate_tokens += now - peer->rate_last;
1499 if (peer->rate_tokens > ip_rt_error_burst)
1500 peer->rate_tokens = ip_rt_error_burst;
1501 peer->rate_last = now;
1502 if (peer->rate_tokens >= ip_rt_error_cost)
1503 peer->rate_tokens -= ip_rt_error_cost;
1509 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1511 out: kfree_skb(skb);
1515 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1517 struct rtable *rt = (struct rtable *) dst;
1521 if (mtu < ip_rt_min_pmtu)
1522 mtu = ip_rt_min_pmtu;
1525 dst_set_expires(&rt->dst, ip_rt_mtu_expires);
1528 void ipv4_update_pmtu(struct sk_buff *skb, struct net *net, u32 mtu,
1529 int oif, u32 mark, u8 protocol, int flow_flags)
1531 const struct iphdr *iph = (const struct iphdr *)skb->data;
1535 flowi4_init_output(&fl4, oif, mark, RT_TOS(iph->tos), RT_SCOPE_UNIVERSE,
1536 protocol, flow_flags,
1537 iph->daddr, iph->saddr, 0, 0);
1538 rt = __ip_route_output_key(net, &fl4);
1540 ip_rt_update_pmtu(&rt->dst, mtu);
1544 EXPORT_SYMBOL_GPL(ipv4_update_pmtu);
1546 void ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1548 const struct inet_sock *inet = inet_sk(sk);
1550 return ipv4_update_pmtu(skb, sock_net(sk), mtu,
1551 sk->sk_bound_dev_if, sk->sk_mark,
1552 inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
1553 inet_sk_flowi_flags(sk));
1555 EXPORT_SYMBOL_GPL(ipv4_sk_update_pmtu);
1557 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1559 struct rtable *rt = (struct rtable *) dst;
1561 if (rt_is_expired(rt))
1566 static void ipv4_dst_destroy(struct dst_entry *dst)
1568 struct rtable *rt = (struct rtable *) dst;
1571 fib_info_put(rt->fi);
1577 static void ipv4_link_failure(struct sk_buff *skb)
1581 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1583 rt = skb_rtable(skb);
1585 dst_set_expires(&rt->dst, 0);
1588 static int ip_rt_bug(struct sk_buff *skb)
1590 pr_debug("%s: %pI4 -> %pI4, %s\n",
1591 __func__, &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1592 skb->dev ? skb->dev->name : "?");
1599 We do not cache source address of outgoing interface,
1600 because it is used only by IP RR, TS and SRR options,
1601 so that it out of fast path.
1603 BTW remember: "addr" is allowed to be not aligned
1607 void ip_rt_get_source(u8 *addr, struct sk_buff *skb, struct rtable *rt)
1611 if (rt_is_output_route(rt))
1612 src = ip_hdr(skb)->saddr;
1614 struct fib_result res;
1620 memset(&fl4, 0, sizeof(fl4));
1621 fl4.daddr = iph->daddr;
1622 fl4.saddr = iph->saddr;
1623 fl4.flowi4_tos = RT_TOS(iph->tos);
1624 fl4.flowi4_oif = rt->dst.dev->ifindex;
1625 fl4.flowi4_iif = skb->dev->ifindex;
1626 fl4.flowi4_mark = skb->mark;
1629 if (fib_lookup(dev_net(rt->dst.dev), &fl4, &res) == 0)
1630 src = FIB_RES_PREFSRC(dev_net(rt->dst.dev), res);
1632 src = inet_select_addr(rt->dst.dev, rt->rt_gateway,
1636 memcpy(addr, &src, 4);
1639 #ifdef CONFIG_IP_ROUTE_CLASSID
1640 static void set_class_tag(struct rtable *rt, u32 tag)
1642 if (!(rt->dst.tclassid & 0xFFFF))
1643 rt->dst.tclassid |= tag & 0xFFFF;
1644 if (!(rt->dst.tclassid & 0xFFFF0000))
1645 rt->dst.tclassid |= tag & 0xFFFF0000;
1649 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1651 unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1654 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1656 if (advmss > 65535 - 40)
1657 advmss = 65535 - 40;
1662 static unsigned int ipv4_mtu(const struct dst_entry *dst)
1664 const struct rtable *rt = (const struct rtable *) dst;
1665 unsigned int mtu = rt->rt_pmtu;
1667 if (mtu && time_after_eq(jiffies, rt->dst.expires))
1671 mtu = dst_metric_raw(dst, RTAX_MTU);
1673 if (mtu && rt_is_output_route(rt))
1676 mtu = dst->dev->mtu;
1678 if (unlikely(dst_metric_locked(dst, RTAX_MTU))) {
1680 if (rt->rt_gateway != rt->rt_dst && mtu > 576)
1684 if (mtu > IP_MAX_MTU)
1690 static void rt_init_metrics(struct rtable *rt, const struct flowi4 *fl4,
1691 struct fib_info *fi)
1693 if (fi->fib_metrics != (u32 *) dst_default_metrics) {
1695 atomic_inc(&fi->fib_clntref);
1697 dst_init_metrics(&rt->dst, fi->fib_metrics, true);
1700 static void rt_set_nexthop(struct rtable *rt, const struct flowi4 *fl4,
1701 const struct fib_result *res,
1702 struct fib_info *fi, u16 type, u32 itag)
1705 if (FIB_RES_GW(*res) &&
1706 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1707 rt->rt_gateway = FIB_RES_GW(*res);
1708 rt_init_metrics(rt, fl4, fi);
1709 #ifdef CONFIG_IP_ROUTE_CLASSID
1710 rt->dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1714 #ifdef CONFIG_IP_ROUTE_CLASSID
1715 #ifdef CONFIG_IP_MULTIPLE_TABLES
1716 set_class_tag(rt, fib_rules_tclass(res));
1718 set_class_tag(rt, itag);
1722 static struct rtable *rt_dst_alloc(struct net_device *dev,
1723 bool nopolicy, bool noxfrm)
1725 return dst_alloc(&ipv4_dst_ops, dev, 1, -1,
1727 (nopolicy ? DST_NOPOLICY : 0) |
1728 (noxfrm ? DST_NOXFRM : 0));
1731 /* called in rcu_read_lock() section */
1732 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1733 u8 tos, struct net_device *dev, int our)
1737 struct in_device *in_dev = __in_dev_get_rcu(dev);
1741 /* Primary sanity checks. */
1746 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1747 skb->protocol != htons(ETH_P_IP))
1750 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1751 if (ipv4_is_loopback(saddr))
1754 if (ipv4_is_zeronet(saddr)) {
1755 if (!ipv4_is_local_multicast(daddr))
1758 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1763 rth = rt_dst_alloc(dev_net(dev)->loopback_dev,
1764 IN_DEV_CONF_GET(in_dev, NOPOLICY), false);
1768 #ifdef CONFIG_IP_ROUTE_CLASSID
1769 rth->dst.tclassid = itag;
1771 rth->dst.output = ip_rt_bug;
1773 rth->rt_key_dst = daddr;
1774 rth->rt_key_src = saddr;
1775 rth->rt_genid = rt_genid(dev_net(dev));
1776 rth->rt_flags = RTCF_MULTICAST;
1777 rth->rt_type = RTN_MULTICAST;
1778 rth->rt_key_tos = tos;
1779 rth->rt_dst = daddr;
1780 rth->rt_src = saddr;
1781 rth->rt_route_iif = dev->ifindex;
1782 rth->rt_iif = dev->ifindex;
1784 rth->rt_mark = skb->mark;
1786 rth->rt_gateway = daddr;
1789 rth->dst.input= ip_local_deliver;
1790 rth->rt_flags |= RTCF_LOCAL;
1793 #ifdef CONFIG_IP_MROUTE
1794 if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1795 rth->dst.input = ip_mr_input;
1797 RT_CACHE_STAT_INC(in_slow_mc);
1799 hash = rt_hash(daddr, saddr, dev->ifindex, rt_genid(dev_net(dev)));
1800 rth = rt_intern_hash(hash, rth, skb, dev->ifindex);
1801 return IS_ERR(rth) ? PTR_ERR(rth) : 0;
1812 static void ip_handle_martian_source(struct net_device *dev,
1813 struct in_device *in_dev,
1814 struct sk_buff *skb,
1818 RT_CACHE_STAT_INC(in_martian_src);
1819 #ifdef CONFIG_IP_ROUTE_VERBOSE
1820 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1822 * RFC1812 recommendation, if source is martian,
1823 * the only hint is MAC header.
1825 pr_warn("martian source %pI4 from %pI4, on dev %s\n",
1826 &daddr, &saddr, dev->name);
1827 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1828 print_hex_dump(KERN_WARNING, "ll header: ",
1829 DUMP_PREFIX_OFFSET, 16, 1,
1830 skb_mac_header(skb),
1831 dev->hard_header_len, true);
1837 /* called in rcu_read_lock() section */
1838 static int __mkroute_input(struct sk_buff *skb,
1839 const struct fib_result *res,
1840 struct in_device *in_dev,
1841 __be32 daddr, __be32 saddr, u32 tos,
1842 struct rtable **result)
1846 struct in_device *out_dev;
1847 unsigned int flags = 0;
1850 /* get a working reference to the output device */
1851 out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1852 if (out_dev == NULL) {
1853 net_crit_ratelimited("Bug in ip_route_input_slow(). Please report.\n");
1858 err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res),
1859 in_dev->dev, in_dev, &itag);
1861 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1868 flags |= RTCF_DIRECTSRC;
1870 if (out_dev == in_dev && err &&
1871 (IN_DEV_SHARED_MEDIA(out_dev) ||
1872 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1873 flags |= RTCF_DOREDIRECT;
1875 if (skb->protocol != htons(ETH_P_IP)) {
1876 /* Not IP (i.e. ARP). Do not create route, if it is
1877 * invalid for proxy arp. DNAT routes are always valid.
1879 * Proxy arp feature have been extended to allow, ARP
1880 * replies back to the same interface, to support
1881 * Private VLAN switch technologies. See arp.c.
1883 if (out_dev == in_dev &&
1884 IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
1890 rth = rt_dst_alloc(out_dev->dev,
1891 IN_DEV_CONF_GET(in_dev, NOPOLICY),
1892 IN_DEV_CONF_GET(out_dev, NOXFRM));
1898 rth->rt_key_dst = daddr;
1899 rth->rt_key_src = saddr;
1900 rth->rt_genid = rt_genid(dev_net(rth->dst.dev));
1901 rth->rt_flags = flags;
1902 rth->rt_type = res->type;
1903 rth->rt_key_tos = tos;
1904 rth->rt_dst = daddr;
1905 rth->rt_src = saddr;
1906 rth->rt_route_iif = in_dev->dev->ifindex;
1907 rth->rt_iif = in_dev->dev->ifindex;
1909 rth->rt_mark = skb->mark;
1911 rth->rt_gateway = daddr;
1914 rth->dst.input = ip_forward;
1915 rth->dst.output = ip_output;
1917 rt_set_nexthop(rth, NULL, res, res->fi, res->type, itag);
1925 static int ip_mkroute_input(struct sk_buff *skb,
1926 struct fib_result *res,
1927 const struct flowi4 *fl4,
1928 struct in_device *in_dev,
1929 __be32 daddr, __be32 saddr, u32 tos)
1931 struct rtable *rth = NULL;
1935 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1936 if (res->fi && res->fi->fib_nhs > 1)
1937 fib_select_multipath(res);
1940 /* create a routing cache entry */
1941 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
1945 /* put it into the cache */
1946 hash = rt_hash(daddr, saddr, fl4->flowi4_iif,
1947 rt_genid(dev_net(rth->dst.dev)));
1948 rth = rt_intern_hash(hash, rth, skb, fl4->flowi4_iif);
1950 return PTR_ERR(rth);
1955 * NOTE. We drop all the packets that has local source
1956 * addresses, because every properly looped back packet
1957 * must have correct destination already attached by output routine.
1959 * Such approach solves two big problems:
1960 * 1. Not simplex devices are handled properly.
1961 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1962 * called with rcu_read_lock()
1965 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1966 u8 tos, struct net_device *dev)
1968 struct fib_result res;
1969 struct in_device *in_dev = __in_dev_get_rcu(dev);
1971 unsigned int flags = 0;
1976 struct net *net = dev_net(dev);
1978 /* IP on this device is disabled. */
1983 /* Check for the most weird martians, which can be not detected
1987 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
1988 goto martian_source;
1990 if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
1993 /* Accept zero addresses only to limited broadcast;
1994 * I even do not know to fix it or not. Waiting for complains :-)
1996 if (ipv4_is_zeronet(saddr))
1997 goto martian_source;
1999 if (ipv4_is_zeronet(daddr))
2000 goto martian_destination;
2002 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev))) {
2003 if (ipv4_is_loopback(daddr))
2004 goto martian_destination;
2006 if (ipv4_is_loopback(saddr))
2007 goto martian_source;
2011 * Now we are ready to route packet.
2014 fl4.flowi4_iif = dev->ifindex;
2015 fl4.flowi4_mark = skb->mark;
2016 fl4.flowi4_tos = tos;
2017 fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
2020 err = fib_lookup(net, &fl4, &res);
2024 RT_CACHE_STAT_INC(in_slow_tot);
2026 if (res.type == RTN_BROADCAST)
2029 if (res.type == RTN_LOCAL) {
2030 err = fib_validate_source(skb, saddr, daddr, tos,
2031 net->loopback_dev->ifindex,
2032 dev, in_dev, &itag);
2034 goto martian_source_keep_err;
2036 flags |= RTCF_DIRECTSRC;
2040 if (!IN_DEV_FORWARD(in_dev))
2042 if (res.type != RTN_UNICAST)
2043 goto martian_destination;
2045 err = ip_mkroute_input(skb, &res, &fl4, in_dev, daddr, saddr, tos);
2049 if (skb->protocol != htons(ETH_P_IP))
2052 if (!ipv4_is_zeronet(saddr)) {
2053 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
2056 goto martian_source_keep_err;
2058 flags |= RTCF_DIRECTSRC;
2060 flags |= RTCF_BROADCAST;
2061 res.type = RTN_BROADCAST;
2062 RT_CACHE_STAT_INC(in_brd);
2065 rth = rt_dst_alloc(net->loopback_dev,
2066 IN_DEV_CONF_GET(in_dev, NOPOLICY), false);
2070 rth->dst.input= ip_local_deliver;
2071 rth->dst.output= ip_rt_bug;
2072 #ifdef CONFIG_IP_ROUTE_CLASSID
2073 rth->dst.tclassid = itag;
2076 rth->rt_key_dst = daddr;
2077 rth->rt_key_src = saddr;
2078 rth->rt_genid = rt_genid(net);
2079 rth->rt_flags = flags|RTCF_LOCAL;
2080 rth->rt_type = res.type;
2081 rth->rt_key_tos = tos;
2082 rth->rt_dst = daddr;
2083 rth->rt_src = saddr;
2084 rth->rt_route_iif = dev->ifindex;
2085 rth->rt_iif = dev->ifindex;
2087 rth->rt_mark = skb->mark;
2089 rth->rt_gateway = daddr;
2091 if (res.type == RTN_UNREACHABLE) {
2092 rth->dst.input= ip_error;
2093 rth->dst.error= -err;
2094 rth->rt_flags &= ~RTCF_LOCAL;
2096 hash = rt_hash(daddr, saddr, fl4.flowi4_iif, rt_genid(net));
2097 rth = rt_intern_hash(hash, rth, skb, fl4.flowi4_iif);
2104 RT_CACHE_STAT_INC(in_no_route);
2105 res.type = RTN_UNREACHABLE;
2111 * Do not cache martian addresses: they should be logged (RFC1812)
2113 martian_destination:
2114 RT_CACHE_STAT_INC(in_martian_dst);
2115 #ifdef CONFIG_IP_ROUTE_VERBOSE
2116 if (IN_DEV_LOG_MARTIANS(in_dev))
2117 net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n",
2118 &daddr, &saddr, dev->name);
2131 martian_source_keep_err:
2132 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
2136 int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2137 u8 tos, struct net_device *dev, bool noref)
2141 int iif = dev->ifindex;
2149 if (!rt_caching(net))
2152 tos &= IPTOS_RT_MASK;
2153 hash = rt_hash(daddr, saddr, iif, rt_genid(net));
2155 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2156 rth = rcu_dereference(rth->dst.rt_next)) {
2157 if ((((__force u32)rth->rt_key_dst ^ (__force u32)daddr) |
2158 ((__force u32)rth->rt_key_src ^ (__force u32)saddr) |
2159 (rth->rt_route_iif ^ iif) |
2160 (rth->rt_key_tos ^ tos)) == 0 &&
2161 rth->rt_mark == skb->mark &&
2162 net_eq(dev_net(rth->dst.dev), net) &&
2163 !rt_is_expired(rth)) {
2165 dst_use_noref(&rth->dst, jiffies);
2166 skb_dst_set_noref(skb, &rth->dst);
2168 dst_use(&rth->dst, jiffies);
2169 skb_dst_set(skb, &rth->dst);
2171 RT_CACHE_STAT_INC(in_hit);
2175 RT_CACHE_STAT_INC(in_hlist_search);
2179 /* Multicast recognition logic is moved from route cache to here.
2180 The problem was that too many Ethernet cards have broken/missing
2181 hardware multicast filters :-( As result the host on multicasting
2182 network acquires a lot of useless route cache entries, sort of
2183 SDR messages from all the world. Now we try to get rid of them.
2184 Really, provided software IP multicast filter is organized
2185 reasonably (at least, hashed), it does not result in a slowdown
2186 comparing with route cache reject entries.
2187 Note, that multicast routers are not affected, because
2188 route cache entry is created eventually.
2190 if (ipv4_is_multicast(daddr)) {
2191 struct in_device *in_dev = __in_dev_get_rcu(dev);
2194 int our = ip_check_mc_rcu(in_dev, daddr, saddr,
2195 ip_hdr(skb)->protocol);
2197 #ifdef CONFIG_IP_MROUTE
2199 (!ipv4_is_local_multicast(daddr) &&
2200 IN_DEV_MFORWARD(in_dev))
2203 int res = ip_route_input_mc(skb, daddr, saddr,
2212 res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
2216 EXPORT_SYMBOL(ip_route_input_common);
2218 /* called with rcu_read_lock() */
2219 static struct rtable *__mkroute_output(const struct fib_result *res,
2220 const struct flowi4 *fl4,
2221 __be32 orig_daddr, __be32 orig_saddr,
2222 int orig_oif, __u8 orig_rtos,
2223 struct net_device *dev_out,
2226 struct fib_info *fi = res->fi;
2227 struct in_device *in_dev;
2228 u16 type = res->type;
2231 in_dev = __in_dev_get_rcu(dev_out);
2233 return ERR_PTR(-EINVAL);
2235 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
2236 if (ipv4_is_loopback(fl4->saddr) && !(dev_out->flags & IFF_LOOPBACK))
2237 return ERR_PTR(-EINVAL);
2239 if (ipv4_is_lbcast(fl4->daddr))
2240 type = RTN_BROADCAST;
2241 else if (ipv4_is_multicast(fl4->daddr))
2242 type = RTN_MULTICAST;
2243 else if (ipv4_is_zeronet(fl4->daddr))
2244 return ERR_PTR(-EINVAL);
2246 if (dev_out->flags & IFF_LOOPBACK)
2247 flags |= RTCF_LOCAL;
2249 if (type == RTN_BROADCAST) {
2250 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2252 } else if (type == RTN_MULTICAST) {
2253 flags |= RTCF_MULTICAST | RTCF_LOCAL;
2254 if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
2256 flags &= ~RTCF_LOCAL;
2257 /* If multicast route do not exist use
2258 * default one, but do not gateway in this case.
2261 if (fi && res->prefixlen < 4)
2265 rth = rt_dst_alloc(dev_out,
2266 IN_DEV_CONF_GET(in_dev, NOPOLICY),
2267 IN_DEV_CONF_GET(in_dev, NOXFRM));
2269 return ERR_PTR(-ENOBUFS);
2271 rth->dst.output = ip_output;
2273 rth->rt_key_dst = orig_daddr;
2274 rth->rt_key_src = orig_saddr;
2275 rth->rt_genid = rt_genid(dev_net(dev_out));
2276 rth->rt_flags = flags;
2277 rth->rt_type = type;
2278 rth->rt_key_tos = orig_rtos;
2279 rth->rt_dst = fl4->daddr;
2280 rth->rt_src = fl4->saddr;
2281 rth->rt_route_iif = 0;
2282 rth->rt_iif = orig_oif ? : dev_out->ifindex;
2283 rth->rt_oif = orig_oif;
2284 rth->rt_mark = fl4->flowi4_mark;
2286 rth->rt_gateway = fl4->daddr;
2289 RT_CACHE_STAT_INC(out_slow_tot);
2291 if (flags & RTCF_LOCAL)
2292 rth->dst.input = ip_local_deliver;
2293 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2294 if (flags & RTCF_LOCAL &&
2295 !(dev_out->flags & IFF_LOOPBACK)) {
2296 rth->dst.output = ip_mc_output;
2297 RT_CACHE_STAT_INC(out_slow_mc);
2299 #ifdef CONFIG_IP_MROUTE
2300 if (type == RTN_MULTICAST) {
2301 if (IN_DEV_MFORWARD(in_dev) &&
2302 !ipv4_is_local_multicast(fl4->daddr)) {
2303 rth->dst.input = ip_mr_input;
2304 rth->dst.output = ip_mc_output;
2310 rt_set_nexthop(rth, fl4, res, fi, type, 0);
2312 if (fl4->flowi4_flags & FLOWI_FLAG_RT_NOCACHE)
2313 rth->dst.flags |= DST_NOCACHE;
2319 * Major route resolver routine.
2320 * called with rcu_read_lock();
2323 static struct rtable *ip_route_output_slow(struct net *net, struct flowi4 *fl4)
2325 struct net_device *dev_out = NULL;
2326 __u8 tos = RT_FL_TOS(fl4);
2327 unsigned int flags = 0;
2328 struct fib_result res;
2336 #ifdef CONFIG_IP_MULTIPLE_TABLES
2340 orig_daddr = fl4->daddr;
2341 orig_saddr = fl4->saddr;
2342 orig_oif = fl4->flowi4_oif;
2344 fl4->flowi4_iif = net->loopback_dev->ifindex;
2345 fl4->flowi4_tos = tos & IPTOS_RT_MASK;
2346 fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
2347 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
2351 rth = ERR_PTR(-EINVAL);
2352 if (ipv4_is_multicast(fl4->saddr) ||
2353 ipv4_is_lbcast(fl4->saddr) ||
2354 ipv4_is_zeronet(fl4->saddr))
2357 /* I removed check for oif == dev_out->oif here.
2358 It was wrong for two reasons:
2359 1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2360 is assigned to multiple interfaces.
2361 2. Moreover, we are allowed to send packets with saddr
2362 of another iface. --ANK
2365 if (fl4->flowi4_oif == 0 &&
2366 (ipv4_is_multicast(fl4->daddr) ||
2367 ipv4_is_lbcast(fl4->daddr))) {
2368 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2369 dev_out = __ip_dev_find(net, fl4->saddr, false);
2370 if (dev_out == NULL)
2373 /* Special hack: user can direct multicasts
2374 and limited broadcast via necessary interface
2375 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2376 This hack is not just for fun, it allows
2377 vic,vat and friends to work.
2378 They bind socket to loopback, set ttl to zero
2379 and expect that it will work.
2380 From the viewpoint of routing cache they are broken,
2381 because we are not allowed to build multicast path
2382 with loopback source addr (look, routing cache
2383 cannot know, that ttl is zero, so that packet
2384 will not leave this host and route is valid).
2385 Luckily, this hack is good workaround.
2388 fl4->flowi4_oif = dev_out->ifindex;
2392 if (!(fl4->flowi4_flags & FLOWI_FLAG_ANYSRC)) {
2393 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2394 if (!__ip_dev_find(net, fl4->saddr, false))
2400 if (fl4->flowi4_oif) {
2401 dev_out = dev_get_by_index_rcu(net, fl4->flowi4_oif);
2402 rth = ERR_PTR(-ENODEV);
2403 if (dev_out == NULL)
2406 /* RACE: Check return value of inet_select_addr instead. */
2407 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
2408 rth = ERR_PTR(-ENETUNREACH);
2411 if (ipv4_is_local_multicast(fl4->daddr) ||
2412 ipv4_is_lbcast(fl4->daddr)) {
2414 fl4->saddr = inet_select_addr(dev_out, 0,
2419 if (ipv4_is_multicast(fl4->daddr))
2420 fl4->saddr = inet_select_addr(dev_out, 0,
2422 else if (!fl4->daddr)
2423 fl4->saddr = inet_select_addr(dev_out, 0,
2429 fl4->daddr = fl4->saddr;
2431 fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
2432 dev_out = net->loopback_dev;
2433 fl4->flowi4_oif = net->loopback_dev->ifindex;
2434 res.type = RTN_LOCAL;
2435 flags |= RTCF_LOCAL;
2439 if (fib_lookup(net, fl4, &res)) {
2442 if (fl4->flowi4_oif) {
2443 /* Apparently, routing tables are wrong. Assume,
2444 that the destination is on link.
2447 Because we are allowed to send to iface
2448 even if it has NO routes and NO assigned
2449 addresses. When oif is specified, routing
2450 tables are looked up with only one purpose:
2451 to catch if destination is gatewayed, rather than
2452 direct. Moreover, if MSG_DONTROUTE is set,
2453 we send packet, ignoring both routing tables
2454 and ifaddr state. --ANK
2457 We could make it even if oif is unknown,
2458 likely IPv6, but we do not.
2461 if (fl4->saddr == 0)
2462 fl4->saddr = inet_select_addr(dev_out, 0,
2464 res.type = RTN_UNICAST;
2467 rth = ERR_PTR(-ENETUNREACH);
2471 if (res.type == RTN_LOCAL) {
2473 if (res.fi->fib_prefsrc)
2474 fl4->saddr = res.fi->fib_prefsrc;
2476 fl4->saddr = fl4->daddr;
2478 dev_out = net->loopback_dev;
2479 fl4->flowi4_oif = dev_out->ifindex;
2481 flags |= RTCF_LOCAL;
2485 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2486 if (res.fi->fib_nhs > 1 && fl4->flowi4_oif == 0)
2487 fib_select_multipath(&res);
2490 if (!res.prefixlen &&
2491 res.table->tb_num_default > 1 &&
2492 res.type == RTN_UNICAST && !fl4->flowi4_oif)
2493 fib_select_default(&res);
2496 fl4->saddr = FIB_RES_PREFSRC(net, res);
2498 dev_out = FIB_RES_DEV(res);
2499 fl4->flowi4_oif = dev_out->ifindex;
2503 rth = __mkroute_output(&res, fl4, orig_daddr, orig_saddr, orig_oif,
2504 tos, dev_out, flags);
2508 hash = rt_hash(orig_daddr, orig_saddr, orig_oif,
2509 rt_genid(dev_net(dev_out)));
2510 rth = rt_intern_hash(hash, rth, NULL, orig_oif);
2518 struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *flp4)
2523 if (!rt_caching(net))
2526 hash = rt_hash(flp4->daddr, flp4->saddr, flp4->flowi4_oif, rt_genid(net));
2529 for (rth = rcu_dereference_bh(rt_hash_table[hash].chain); rth;
2530 rth = rcu_dereference_bh(rth->dst.rt_next)) {
2531 if (rth->rt_key_dst == flp4->daddr &&
2532 rth->rt_key_src == flp4->saddr &&
2533 rt_is_output_route(rth) &&
2534 rth->rt_oif == flp4->flowi4_oif &&
2535 rth->rt_mark == flp4->flowi4_mark &&
2536 !((rth->rt_key_tos ^ flp4->flowi4_tos) &
2537 (IPTOS_RT_MASK | RTO_ONLINK)) &&
2538 net_eq(dev_net(rth->dst.dev), net) &&
2539 !rt_is_expired(rth)) {
2540 dst_use(&rth->dst, jiffies);
2541 RT_CACHE_STAT_INC(out_hit);
2542 rcu_read_unlock_bh();
2544 flp4->saddr = rth->rt_src;
2546 flp4->daddr = rth->rt_dst;
2549 RT_CACHE_STAT_INC(out_hlist_search);
2551 rcu_read_unlock_bh();
2554 return ip_route_output_slow(net, flp4);
2556 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2558 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2563 static unsigned int ipv4_blackhole_mtu(const struct dst_entry *dst)
2565 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
2567 return mtu ? : dst->dev->mtu;
2570 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2574 static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2580 static struct dst_ops ipv4_dst_blackhole_ops = {
2582 .protocol = cpu_to_be16(ETH_P_IP),
2583 .destroy = ipv4_dst_destroy,
2584 .check = ipv4_blackhole_dst_check,
2585 .mtu = ipv4_blackhole_mtu,
2586 .default_advmss = ipv4_default_advmss,
2587 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2588 .cow_metrics = ipv4_rt_blackhole_cow_metrics,
2589 .neigh_lookup = ipv4_neigh_lookup,
2592 struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2594 struct rtable *rt = dst_alloc(&ipv4_dst_blackhole_ops, NULL, 1, 0, 0);
2595 struct rtable *ort = (struct rtable *) dst_orig;
2598 struct dst_entry *new = &rt->dst;
2601 new->input = dst_discard;
2602 new->output = dst_discard;
2604 new->dev = ort->dst.dev;
2608 rt->rt_key_dst = ort->rt_key_dst;
2609 rt->rt_key_src = ort->rt_key_src;
2610 rt->rt_key_tos = ort->rt_key_tos;
2611 rt->rt_route_iif = ort->rt_route_iif;
2612 rt->rt_iif = ort->rt_iif;
2613 rt->rt_oif = ort->rt_oif;
2614 rt->rt_mark = ort->rt_mark;
2615 rt->rt_pmtu = ort->rt_pmtu;
2617 rt->rt_genid = rt_genid(net);
2618 rt->rt_flags = ort->rt_flags;
2619 rt->rt_type = ort->rt_type;
2620 rt->rt_dst = ort->rt_dst;
2621 rt->rt_src = ort->rt_src;
2622 rt->rt_gateway = ort->rt_gateway;
2625 atomic_inc(&rt->fi->fib_clntref);
2630 dst_release(dst_orig);
2632 return rt ? &rt->dst : ERR_PTR(-ENOMEM);
2635 struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2638 struct rtable *rt = __ip_route_output_key(net, flp4);
2643 if (flp4->flowi4_proto)
2644 rt = (struct rtable *) xfrm_lookup(net, &rt->dst,
2645 flowi4_to_flowi(flp4),
2650 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2652 static int rt_fill_info(struct net *net,
2653 struct sk_buff *skb, u32 pid, u32 seq, int event,
2654 int nowait, unsigned int flags)
2656 struct rtable *rt = skb_rtable(skb);
2658 struct nlmsghdr *nlh;
2659 unsigned long expires = 0;
2662 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2666 r = nlmsg_data(nlh);
2667 r->rtm_family = AF_INET;
2668 r->rtm_dst_len = 32;
2670 r->rtm_tos = rt->rt_key_tos;
2671 r->rtm_table = RT_TABLE_MAIN;
2672 if (nla_put_u32(skb, RTA_TABLE, RT_TABLE_MAIN))
2673 goto nla_put_failure;
2674 r->rtm_type = rt->rt_type;
2675 r->rtm_scope = RT_SCOPE_UNIVERSE;
2676 r->rtm_protocol = RTPROT_UNSPEC;
2677 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2678 if (rt->rt_flags & RTCF_NOTIFY)
2679 r->rtm_flags |= RTM_F_NOTIFY;
2681 if (nla_put_be32(skb, RTA_DST, rt->rt_dst))
2682 goto nla_put_failure;
2683 if (rt->rt_key_src) {
2684 r->rtm_src_len = 32;
2685 if (nla_put_be32(skb, RTA_SRC, rt->rt_key_src))
2686 goto nla_put_failure;
2689 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2690 goto nla_put_failure;
2691 #ifdef CONFIG_IP_ROUTE_CLASSID
2692 if (rt->dst.tclassid &&
2693 nla_put_u32(skb, RTA_FLOW, rt->dst.tclassid))
2694 goto nla_put_failure;
2696 if (!rt_is_input_route(rt) &&
2697 rt->rt_src != rt->rt_key_src) {
2698 if (nla_put_be32(skb, RTA_PREFSRC, rt->rt_src))
2699 goto nla_put_failure;
2701 if (rt->rt_dst != rt->rt_gateway &&
2702 nla_put_be32(skb, RTA_GATEWAY, rt->rt_gateway))
2703 goto nla_put_failure;
2705 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2706 goto nla_put_failure;
2709 nla_put_be32(skb, RTA_MARK, rt->rt_mark))
2710 goto nla_put_failure;
2712 error = rt->dst.error;
2713 expires = rt->dst.expires;
2715 if (time_before(jiffies, expires))
2721 if (rt_is_input_route(rt)) {
2722 #ifdef CONFIG_IP_MROUTE
2723 __be32 dst = rt->rt_dst;
2725 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2726 IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2727 int err = ipmr_get_route(net, skb,
2728 rt->rt_src, rt->rt_dst,
2734 goto nla_put_failure;
2736 if (err == -EMSGSIZE)
2737 goto nla_put_failure;
2743 if (nla_put_u32(skb, RTA_IIF, rt->rt_iif))
2744 goto nla_put_failure;
2747 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, error) < 0)
2748 goto nla_put_failure;
2750 return nlmsg_end(skb, nlh);
2753 nlmsg_cancel(skb, nlh);
2757 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void *arg)
2759 struct net *net = sock_net(in_skb->sk);
2761 struct nlattr *tb[RTA_MAX+1];
2762 struct rtable *rt = NULL;
2768 struct sk_buff *skb;
2770 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2774 rtm = nlmsg_data(nlh);
2776 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2782 /* Reserve room for dummy headers, this skb can pass
2783 through good chunk of routing engine.
2785 skb_reset_mac_header(skb);
2786 skb_reset_network_header(skb);
2788 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2789 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2790 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2792 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2793 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2794 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2795 mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2798 struct net_device *dev;
2800 dev = __dev_get_by_index(net, iif);
2806 skb->protocol = htons(ETH_P_IP);
2810 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2813 rt = skb_rtable(skb);
2814 if (err == 0 && rt->dst.error)
2815 err = -rt->dst.error;
2817 struct flowi4 fl4 = {
2820 .flowi4_tos = rtm->rtm_tos,
2821 .flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2822 .flowi4_mark = mark,
2824 rt = ip_route_output_key(net, &fl4);
2834 skb_dst_set(skb, &rt->dst);
2835 if (rtm->rtm_flags & RTM_F_NOTIFY)
2836 rt->rt_flags |= RTCF_NOTIFY;
2838 err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2839 RTM_NEWROUTE, 0, 0);
2843 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2852 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2859 net = sock_net(skb->sk);
2864 s_idx = idx = cb->args[1];
2865 for (h = s_h; h <= rt_hash_mask; h++, s_idx = 0) {
2866 if (!rt_hash_table[h].chain)
2869 for (rt = rcu_dereference_bh(rt_hash_table[h].chain), idx = 0; rt;
2870 rt = rcu_dereference_bh(rt->dst.rt_next), idx++) {
2871 if (!net_eq(dev_net(rt->dst.dev), net) || idx < s_idx)
2873 if (rt_is_expired(rt))
2875 skb_dst_set_noref(skb, &rt->dst);
2876 if (rt_fill_info(net, skb, NETLINK_CB(cb->skb).pid,
2877 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2878 1, NLM_F_MULTI) <= 0) {
2880 rcu_read_unlock_bh();
2885 rcu_read_unlock_bh();
2894 void ip_rt_multicast_event(struct in_device *in_dev)
2896 rt_cache_flush(dev_net(in_dev->dev), 0);
2899 #ifdef CONFIG_SYSCTL
2900 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
2901 void __user *buffer,
2902 size_t *lenp, loff_t *ppos)
2909 memcpy(&ctl, __ctl, sizeof(ctl));
2910 ctl.data = &flush_delay;
2911 proc_dointvec(&ctl, write, buffer, lenp, ppos);
2913 net = (struct net *)__ctl->extra1;
2914 rt_cache_flush(net, flush_delay);
2921 static ctl_table ipv4_route_table[] = {
2923 .procname = "gc_thresh",
2924 .data = &ipv4_dst_ops.gc_thresh,
2925 .maxlen = sizeof(int),
2927 .proc_handler = proc_dointvec,
2930 .procname = "max_size",
2931 .data = &ip_rt_max_size,
2932 .maxlen = sizeof(int),
2934 .proc_handler = proc_dointvec,
2937 /* Deprecated. Use gc_min_interval_ms */
2939 .procname = "gc_min_interval",
2940 .data = &ip_rt_gc_min_interval,
2941 .maxlen = sizeof(int),
2943 .proc_handler = proc_dointvec_jiffies,
2946 .procname = "gc_min_interval_ms",
2947 .data = &ip_rt_gc_min_interval,
2948 .maxlen = sizeof(int),
2950 .proc_handler = proc_dointvec_ms_jiffies,
2953 .procname = "gc_timeout",
2954 .data = &ip_rt_gc_timeout,
2955 .maxlen = sizeof(int),
2957 .proc_handler = proc_dointvec_jiffies,
2960 .procname = "gc_interval",
2961 .data = &ip_rt_gc_interval,
2962 .maxlen = sizeof(int),
2964 .proc_handler = proc_dointvec_jiffies,
2967 .procname = "redirect_load",
2968 .data = &ip_rt_redirect_load,
2969 .maxlen = sizeof(int),
2971 .proc_handler = proc_dointvec,
2974 .procname = "redirect_number",
2975 .data = &ip_rt_redirect_number,
2976 .maxlen = sizeof(int),
2978 .proc_handler = proc_dointvec,
2981 .procname = "redirect_silence",
2982 .data = &ip_rt_redirect_silence,
2983 .maxlen = sizeof(int),
2985 .proc_handler = proc_dointvec,
2988 .procname = "error_cost",
2989 .data = &ip_rt_error_cost,
2990 .maxlen = sizeof(int),
2992 .proc_handler = proc_dointvec,
2995 .procname = "error_burst",
2996 .data = &ip_rt_error_burst,
2997 .maxlen = sizeof(int),
2999 .proc_handler = proc_dointvec,
3002 .procname = "gc_elasticity",
3003 .data = &ip_rt_gc_elasticity,
3004 .maxlen = sizeof(int),
3006 .proc_handler = proc_dointvec,
3009 .procname = "mtu_expires",
3010 .data = &ip_rt_mtu_expires,
3011 .maxlen = sizeof(int),
3013 .proc_handler = proc_dointvec_jiffies,
3016 .procname = "min_pmtu",
3017 .data = &ip_rt_min_pmtu,
3018 .maxlen = sizeof(int),
3020 .proc_handler = proc_dointvec,
3023 .procname = "min_adv_mss",
3024 .data = &ip_rt_min_advmss,
3025 .maxlen = sizeof(int),
3027 .proc_handler = proc_dointvec,
3032 static struct ctl_table ipv4_route_flush_table[] = {
3034 .procname = "flush",
3035 .maxlen = sizeof(int),
3037 .proc_handler = ipv4_sysctl_rtcache_flush,
3042 static __net_init int sysctl_route_net_init(struct net *net)
3044 struct ctl_table *tbl;
3046 tbl = ipv4_route_flush_table;
3047 if (!net_eq(net, &init_net)) {
3048 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
3052 tbl[0].extra1 = net;
3054 net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
3055 if (net->ipv4.route_hdr == NULL)
3060 if (tbl != ipv4_route_flush_table)
3066 static __net_exit void sysctl_route_net_exit(struct net *net)
3068 struct ctl_table *tbl;
3070 tbl = net->ipv4.route_hdr->ctl_table_arg;
3071 unregister_net_sysctl_table(net->ipv4.route_hdr);
3072 BUG_ON(tbl == ipv4_route_flush_table);
3076 static __net_initdata struct pernet_operations sysctl_route_ops = {
3077 .init = sysctl_route_net_init,
3078 .exit = sysctl_route_net_exit,
3082 static __net_init int rt_genid_init(struct net *net)
3084 get_random_bytes(&net->ipv4.rt_genid,
3085 sizeof(net->ipv4.rt_genid));
3086 get_random_bytes(&net->ipv4.dev_addr_genid,
3087 sizeof(net->ipv4.dev_addr_genid));
3091 static __net_initdata struct pernet_operations rt_genid_ops = {
3092 .init = rt_genid_init,
3095 static int __net_init ipv4_inetpeer_init(struct net *net)
3097 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3101 inet_peer_base_init(bp);
3102 net->ipv4.peers = bp;
3106 static void __net_exit ipv4_inetpeer_exit(struct net *net)
3108 struct inet_peer_base *bp = net->ipv4.peers;
3110 net->ipv4.peers = NULL;
3111 inetpeer_invalidate_tree(bp);
3115 static __net_initdata struct pernet_operations ipv4_inetpeer_ops = {
3116 .init = ipv4_inetpeer_init,
3117 .exit = ipv4_inetpeer_exit,
3120 #ifdef CONFIG_IP_ROUTE_CLASSID
3121 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
3122 #endif /* CONFIG_IP_ROUTE_CLASSID */
3124 static __initdata unsigned long rhash_entries;
3125 static int __init set_rhash_entries(char *str)
3132 ret = kstrtoul(str, 0, &rhash_entries);
3138 __setup("rhash_entries=", set_rhash_entries);
3140 int __init ip_rt_init(void)
3144 #ifdef CONFIG_IP_ROUTE_CLASSID
3145 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
3147 panic("IP: failed to allocate ip_rt_acct\n");
3150 ipv4_dst_ops.kmem_cachep =
3151 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
3152 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
3154 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
3156 if (dst_entries_init(&ipv4_dst_ops) < 0)
3157 panic("IP: failed to allocate ipv4_dst_ops counter\n");
3159 if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
3160 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
3162 rt_hash_table = (struct rt_hash_bucket *)
3163 alloc_large_system_hash("IP route cache",
3164 sizeof(struct rt_hash_bucket),
3166 (totalram_pages >= 128 * 1024) ?
3172 rhash_entries ? 0 : 512 * 1024);
3173 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
3174 rt_hash_lock_init();
3176 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
3177 ip_rt_max_size = (rt_hash_mask + 1) * 16;
3182 INIT_DELAYED_WORK_DEFERRABLE(&expires_work, rt_worker_func);
3183 expires_ljiffies = jiffies;
3184 schedule_delayed_work(&expires_work,
3185 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3187 if (ip_rt_proc_init())
3188 pr_err("Unable to create route proc files\n");
3191 xfrm4_init(ip_rt_max_size);
3193 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL, NULL);
3195 #ifdef CONFIG_SYSCTL
3196 register_pernet_subsys(&sysctl_route_ops);
3198 register_pernet_subsys(&rt_genid_ops);
3199 register_pernet_subsys(&ipv4_inetpeer_ops);
3203 #ifdef CONFIG_SYSCTL
3205 * We really need to sanitize the damn ipv4 init order, then all
3206 * this nonsense will go away.
3208 void __init ip_static_sysctl_init(void)
3210 register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);