2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
8 * Version: $Id: route.c,v 1.103 2002/01/12 07:44:09 davem Exp $
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
13 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
14 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 * Alan Cox : Verify area fixes.
18 * Alan Cox : cli() protects routing changes
19 * Rui Oliveira : ICMP routing table updates
20 * (rco@di.uminho.pt) Routing table insertion and update
21 * Linus Torvalds : Rewrote bits to be sensible
22 * Alan Cox : Added BSD route gw semantics
23 * Alan Cox : Super /proc >4K
24 * Alan Cox : MTU in route table
25 * Alan Cox : MSS actually. Also added the window
27 * Sam Lantinga : Fixed route matching in rt_del()
28 * Alan Cox : Routing cache support.
29 * Alan Cox : Removed compatibility cruft.
30 * Alan Cox : RTF_REJECT support.
31 * Alan Cox : TCP irtt support.
32 * Jonathan Naylor : Added Metric support.
33 * Miquel van Smoorenburg : BSD API fixes.
34 * Miquel van Smoorenburg : Metrics.
35 * Alan Cox : Use __u32 properly
36 * Alan Cox : Aligned routing errors more closely with BSD
37 * our system is still very different.
38 * Alan Cox : Faster /proc handling
39 * Alexey Kuznetsov : Massive rework to support tree based routing,
40 * routing caches and better behaviour.
42 * Olaf Erb : irtt wasn't being copied right.
43 * Bjorn Ekwall : Kerneld route support.
44 * Alan Cox : Multicast fixed (I hope)
45 * Pavel Krauz : Limited broadcast fixed
46 * Mike McLagan : Routing by source
47 * Alexey Kuznetsov : End of old history. Split to fib.c and
48 * route.c and rewritten from scratch.
49 * Andi Kleen : Load-limit warning messages.
50 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
51 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
52 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
53 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
54 * Marc Boucher : routing by fwmark
55 * Robert Olsson : Added rt_cache statistics
56 * Arnaldo C. Melo : Convert proc stuff to seq_file
57 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
58 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
59 * Ilia Sotnikov : Removed TOS from hash calculations
61 * This program is free software; you can redistribute it and/or
62 * modify it under the terms of the GNU General Public License
63 * as published by the Free Software Foundation; either version
64 * 2 of the License, or (at your option) any later version.
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <asm/system.h>
70 #include <linux/bitops.h>
71 #include <linux/types.h>
72 #include <linux/kernel.h>
74 #include <linux/bootmem.h>
75 #include <linux/string.h>
76 #include <linux/socket.h>
77 #include <linux/sockios.h>
78 #include <linux/errno.h>
80 #include <linux/inet.h>
81 #include <linux/netdevice.h>
82 #include <linux/proc_fs.h>
83 #include <linux/init.h>
84 #include <linux/workqueue.h>
85 #include <linux/skbuff.h>
86 #include <linux/inetdevice.h>
87 #include <linux/igmp.h>
88 #include <linux/pkt_sched.h>
89 #include <linux/mroute.h>
90 #include <linux/netfilter_ipv4.h>
91 #include <linux/random.h>
92 #include <linux/jhash.h>
93 #include <linux/rcupdate.h>
94 #include <linux/times.h>
95 #include <net/net_namespace.h>
96 #include <net/protocol.h>
98 #include <net/route.h>
99 #include <net/inetpeer.h>
100 #include <net/sock.h>
101 #include <net/ip_fib.h>
104 #include <net/icmp.h>
105 #include <net/xfrm.h>
106 #include <net/netevent.h>
107 #include <net/rtnetlink.h>
109 #include <linux/sysctl.h>
112 #define RT_FL_TOS(oldflp) \
113 ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
115 #define IP_MAX_MTU 0xFFF0
117 #define RT_GC_TIMEOUT (300*HZ)
119 static int ip_rt_min_delay = 2 * HZ;
120 static int ip_rt_max_delay = 10 * HZ;
121 static int ip_rt_max_size;
122 static int ip_rt_gc_timeout = RT_GC_TIMEOUT;
123 static int ip_rt_gc_interval = 60 * HZ;
124 static int ip_rt_gc_min_interval = HZ / 2;
125 static int ip_rt_redirect_number = 9;
126 static int ip_rt_redirect_load = HZ / 50;
127 static int ip_rt_redirect_silence = ((HZ / 50) << (9 + 1));
128 static int ip_rt_error_cost = HZ;
129 static int ip_rt_error_burst = 5 * HZ;
130 static int ip_rt_gc_elasticity = 8;
131 static int ip_rt_mtu_expires = 10 * 60 * HZ;
132 static int ip_rt_min_pmtu = 512 + 20 + 20;
133 static int ip_rt_min_advmss = 256;
134 static int ip_rt_secret_interval = 10 * 60 * HZ;
135 static unsigned long rt_deadline;
137 #define RTprint(a...) printk(KERN_DEBUG a)
139 static struct timer_list rt_flush_timer;
140 static void rt_check_expire(struct work_struct *work);
141 static DECLARE_DELAYED_WORK(expires_work, rt_check_expire);
142 static struct timer_list rt_secret_timer;
145 * Interface to generic destination cache.
148 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
149 static void ipv4_dst_destroy(struct dst_entry *dst);
150 static void ipv4_dst_ifdown(struct dst_entry *dst,
151 struct net_device *dev, int how);
152 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
153 static void ipv4_link_failure(struct sk_buff *skb);
154 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
155 static int rt_garbage_collect(void);
158 static struct dst_ops ipv4_dst_ops = {
160 .protocol = __constant_htons(ETH_P_IP),
161 .gc = rt_garbage_collect,
162 .check = ipv4_dst_check,
163 .destroy = ipv4_dst_destroy,
164 .ifdown = ipv4_dst_ifdown,
165 .negative_advice = ipv4_negative_advice,
166 .link_failure = ipv4_link_failure,
167 .update_pmtu = ip_rt_update_pmtu,
168 .entry_size = sizeof(struct rtable),
171 #define ECN_OR_COST(class) TC_PRIO_##class
173 const __u8 ip_tos2prio[16] = {
177 ECN_OR_COST(BESTEFFORT),
183 ECN_OR_COST(INTERACTIVE),
185 ECN_OR_COST(INTERACTIVE),
186 TC_PRIO_INTERACTIVE_BULK,
187 ECN_OR_COST(INTERACTIVE_BULK),
188 TC_PRIO_INTERACTIVE_BULK,
189 ECN_OR_COST(INTERACTIVE_BULK)
197 /* The locking scheme is rather straight forward:
199 * 1) Read-Copy Update protects the buckets of the central route hash.
200 * 2) Only writers remove entries, and they hold the lock
201 * as they look at rtable reference counts.
202 * 3) Only readers acquire references to rtable entries,
203 * they do so with atomic increments and with the
207 struct rt_hash_bucket {
208 struct rtable *chain;
210 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
211 defined(CONFIG_PROVE_LOCKING)
213 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
214 * The size of this table is a power of two and depends on the number of CPUS.
215 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
217 #ifdef CONFIG_LOCKDEP
218 # define RT_HASH_LOCK_SZ 256
221 # define RT_HASH_LOCK_SZ 4096
223 # define RT_HASH_LOCK_SZ 2048
225 # define RT_HASH_LOCK_SZ 1024
227 # define RT_HASH_LOCK_SZ 512
229 # define RT_HASH_LOCK_SZ 256
233 static spinlock_t *rt_hash_locks;
234 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
235 # define rt_hash_lock_init() { \
237 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ, GFP_KERNEL); \
238 if (!rt_hash_locks) panic("IP: failed to allocate rt_hash_locks\n"); \
239 for (i = 0; i < RT_HASH_LOCK_SZ; i++) \
240 spin_lock_init(&rt_hash_locks[i]); \
243 # define rt_hash_lock_addr(slot) NULL
244 # define rt_hash_lock_init()
247 static struct rt_hash_bucket *rt_hash_table;
248 static unsigned rt_hash_mask;
249 static unsigned int rt_hash_log;
250 static unsigned int rt_hash_rnd;
252 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
253 #define RT_CACHE_STAT_INC(field) \
254 (__raw_get_cpu_var(rt_cache_stat).field++)
256 static int rt_intern_hash(unsigned hash, struct rtable *rth,
257 struct rtable **res);
259 static unsigned int rt_hash_code(u32 daddr, u32 saddr)
261 return (jhash_2words(daddr, saddr, rt_hash_rnd)
265 #define rt_hash(daddr, saddr, idx) \
266 rt_hash_code((__force u32)(__be32)(daddr),\
267 (__force u32)(__be32)(saddr) ^ ((idx) << 5))
269 #ifdef CONFIG_PROC_FS
270 struct rt_cache_iter_state {
274 static struct rtable *rt_cache_get_first(struct seq_file *seq)
276 struct rtable *r = NULL;
277 struct rt_cache_iter_state *st = seq->private;
279 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
281 r = rt_hash_table[st->bucket].chain;
284 rcu_read_unlock_bh();
289 static struct rtable *rt_cache_get_next(struct seq_file *seq, struct rtable *r)
291 struct rt_cache_iter_state *st = rcu_dereference(seq->private);
293 r = r->u.dst.rt_next;
295 rcu_read_unlock_bh();
296 if (--st->bucket < 0)
299 r = rt_hash_table[st->bucket].chain;
304 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
306 struct rtable *r = rt_cache_get_first(seq);
309 while (pos && (r = rt_cache_get_next(seq, r)))
311 return pos ? NULL : r;
314 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
316 return *pos ? rt_cache_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
319 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
321 struct rtable *r = NULL;
323 if (v == SEQ_START_TOKEN)
324 r = rt_cache_get_first(seq);
326 r = rt_cache_get_next(seq, v);
331 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
333 if (v && v != SEQ_START_TOKEN)
334 rcu_read_unlock_bh();
337 static int rt_cache_seq_show(struct seq_file *seq, void *v)
339 if (v == SEQ_START_TOKEN)
340 seq_printf(seq, "%-127s\n",
341 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
342 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
345 struct rtable *r = v;
348 sprintf(temp, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t"
349 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X",
350 r->u.dst.dev ? r->u.dst.dev->name : "*",
351 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway,
352 r->rt_flags, atomic_read(&r->u.dst.__refcnt),
353 r->u.dst.__use, 0, (unsigned long)r->rt_src,
354 (dst_metric(&r->u.dst, RTAX_ADVMSS) ?
355 (int)dst_metric(&r->u.dst, RTAX_ADVMSS) + 40 : 0),
356 dst_metric(&r->u.dst, RTAX_WINDOW),
357 (int)((dst_metric(&r->u.dst, RTAX_RTT) >> 3) +
358 dst_metric(&r->u.dst, RTAX_RTTVAR)),
360 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1,
361 r->u.dst.hh ? (r->u.dst.hh->hh_output ==
364 seq_printf(seq, "%-127s\n", temp);
369 static const struct seq_operations rt_cache_seq_ops = {
370 .start = rt_cache_seq_start,
371 .next = rt_cache_seq_next,
372 .stop = rt_cache_seq_stop,
373 .show = rt_cache_seq_show,
376 static int rt_cache_seq_open(struct inode *inode, struct file *file)
378 return seq_open_private(file, &rt_cache_seq_ops,
379 sizeof(struct rt_cache_iter_state));
382 static const struct file_operations rt_cache_seq_fops = {
383 .owner = THIS_MODULE,
384 .open = rt_cache_seq_open,
387 .release = seq_release_private,
391 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
396 return SEQ_START_TOKEN;
398 for (cpu = *pos-1; cpu < NR_CPUS; ++cpu) {
399 if (!cpu_possible(cpu))
402 return &per_cpu(rt_cache_stat, cpu);
407 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
411 for (cpu = *pos; cpu < NR_CPUS; ++cpu) {
412 if (!cpu_possible(cpu))
415 return &per_cpu(rt_cache_stat, cpu);
421 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
426 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
428 struct rt_cache_stat *st = v;
430 if (v == SEQ_START_TOKEN) {
431 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
435 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
436 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
437 atomic_read(&ipv4_dst_ops.entries),
460 static const struct seq_operations rt_cpu_seq_ops = {
461 .start = rt_cpu_seq_start,
462 .next = rt_cpu_seq_next,
463 .stop = rt_cpu_seq_stop,
464 .show = rt_cpu_seq_show,
468 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
470 return seq_open(file, &rt_cpu_seq_ops);
473 static const struct file_operations rt_cpu_seq_fops = {
474 .owner = THIS_MODULE,
475 .open = rt_cpu_seq_open,
478 .release = seq_release,
481 #endif /* CONFIG_PROC_FS */
483 static __inline__ void rt_free(struct rtable *rt)
485 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
488 static __inline__ void rt_drop(struct rtable *rt)
491 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
494 static __inline__ int rt_fast_clean(struct rtable *rth)
496 /* Kill broadcast/multicast entries very aggresively, if they
497 collide in hash table with more useful entries */
498 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
499 rth->fl.iif && rth->u.dst.rt_next;
502 static __inline__ int rt_valuable(struct rtable *rth)
504 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
508 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
513 if (atomic_read(&rth->u.dst.__refcnt))
517 if (rth->u.dst.expires &&
518 time_after_eq(jiffies, rth->u.dst.expires))
521 age = jiffies - rth->u.dst.lastuse;
523 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
524 (age <= tmo2 && rt_valuable(rth)))
530 /* Bits of score are:
532 * 30: not quite useless
533 * 29..0: usage counter
535 static inline u32 rt_score(struct rtable *rt)
537 u32 score = jiffies - rt->u.dst.lastuse;
539 score = ~score & ~(3<<30);
545 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
551 static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
553 return ((__force u32)((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) |
554 (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr)) |
555 (fl1->mark ^ fl2->mark) |
556 (*(u16 *)&fl1->nl_u.ip4_u.tos ^
557 *(u16 *)&fl2->nl_u.ip4_u.tos) |
558 (fl1->oif ^ fl2->oif) |
559 (fl1->iif ^ fl2->iif)) == 0;
562 static void rt_check_expire(struct work_struct *work)
564 static unsigned int rover;
565 unsigned int i = rover, goal;
566 struct rtable *rth, **rthp;
569 mult = ((u64)ip_rt_gc_interval) << rt_hash_log;
570 if (ip_rt_gc_timeout > 1)
571 do_div(mult, ip_rt_gc_timeout);
572 goal = (unsigned int)mult;
573 if (goal > rt_hash_mask)
574 goal = rt_hash_mask + 1;
575 for (; goal > 0; goal--) {
576 unsigned long tmo = ip_rt_gc_timeout;
578 i = (i + 1) & rt_hash_mask;
579 rthp = &rt_hash_table[i].chain;
586 spin_lock_bh(rt_hash_lock_addr(i));
587 while ((rth = *rthp) != NULL) {
588 if (rth->u.dst.expires) {
589 /* Entry is expired even if it is in use */
590 if (time_before_eq(jiffies, rth->u.dst.expires)) {
592 rthp = &rth->u.dst.rt_next;
595 } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout)) {
597 rthp = &rth->u.dst.rt_next;
601 /* Cleanup aged off entries. */
602 *rthp = rth->u.dst.rt_next;
605 spin_unlock_bh(rt_hash_lock_addr(i));
608 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
611 /* This can run from both BH and non-BH contexts, the latter
612 * in the case of a forced flush event.
614 static void rt_run_flush(unsigned long dummy)
617 struct rtable *rth, *next;
621 get_random_bytes(&rt_hash_rnd, 4);
623 for (i = rt_hash_mask; i >= 0; i--) {
624 spin_lock_bh(rt_hash_lock_addr(i));
625 rth = rt_hash_table[i].chain;
627 rt_hash_table[i].chain = NULL;
628 spin_unlock_bh(rt_hash_lock_addr(i));
630 for (; rth; rth = next) {
631 next = rth->u.dst.rt_next;
637 static DEFINE_SPINLOCK(rt_flush_lock);
639 void rt_cache_flush(int delay)
641 unsigned long now = jiffies;
642 int user_mode = !in_softirq();
645 delay = ip_rt_min_delay;
647 spin_lock_bh(&rt_flush_lock);
649 if (del_timer(&rt_flush_timer) && delay > 0 && rt_deadline) {
650 long tmo = (long)(rt_deadline - now);
652 /* If flush timer is already running
653 and flush request is not immediate (delay > 0):
655 if deadline is not achieved, prolongate timer to "delay",
656 otherwise fire it at deadline time.
659 if (user_mode && tmo < ip_rt_max_delay-ip_rt_min_delay)
667 spin_unlock_bh(&rt_flush_lock);
672 if (rt_deadline == 0)
673 rt_deadline = now + ip_rt_max_delay;
675 mod_timer(&rt_flush_timer, now+delay);
676 spin_unlock_bh(&rt_flush_lock);
679 static void rt_secret_rebuild(unsigned long dummy)
681 unsigned long now = jiffies;
684 mod_timer(&rt_secret_timer, now + ip_rt_secret_interval);
688 Short description of GC goals.
690 We want to build algorithm, which will keep routing cache
691 at some equilibrium point, when number of aged off entries
692 is kept approximately equal to newly generated ones.
694 Current expiration strength is variable "expire".
695 We try to adjust it dynamically, so that if networking
696 is idle expires is large enough to keep enough of warm entries,
697 and when load increases it reduces to limit cache size.
700 static int rt_garbage_collect(void)
702 static unsigned long expire = RT_GC_TIMEOUT;
703 static unsigned long last_gc;
705 static int equilibrium;
706 struct rtable *rth, **rthp;
707 unsigned long now = jiffies;
711 * Garbage collection is pretty expensive,
712 * do not make it too frequently.
715 RT_CACHE_STAT_INC(gc_total);
717 if (now - last_gc < ip_rt_gc_min_interval &&
718 atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) {
719 RT_CACHE_STAT_INC(gc_ignored);
723 /* Calculate number of entries, which we want to expire now. */
724 goal = atomic_read(&ipv4_dst_ops.entries) -
725 (ip_rt_gc_elasticity << rt_hash_log);
727 if (equilibrium < ipv4_dst_ops.gc_thresh)
728 equilibrium = ipv4_dst_ops.gc_thresh;
729 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
731 equilibrium += min_t(unsigned int, goal / 2, rt_hash_mask + 1);
732 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
735 /* We are in dangerous area. Try to reduce cache really
738 goal = max_t(unsigned int, goal / 2, rt_hash_mask + 1);
739 equilibrium = atomic_read(&ipv4_dst_ops.entries) - goal;
742 if (now - last_gc >= ip_rt_gc_min_interval)
753 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
754 unsigned long tmo = expire;
756 k = (k + 1) & rt_hash_mask;
757 rthp = &rt_hash_table[k].chain;
758 spin_lock_bh(rt_hash_lock_addr(k));
759 while ((rth = *rthp) != NULL) {
760 if (!rt_may_expire(rth, tmo, expire)) {
762 rthp = &rth->u.dst.rt_next;
765 *rthp = rth->u.dst.rt_next;
769 spin_unlock_bh(rt_hash_lock_addr(k));
778 /* Goal is not achieved. We stop process if:
780 - if expire reduced to zero. Otherwise, expire is halfed.
781 - if table is not full.
782 - if we are called from interrupt.
783 - jiffies check is just fallback/debug loop breaker.
784 We will not spin here for long time in any case.
787 RT_CACHE_STAT_INC(gc_goal_miss);
793 #if RT_CACHE_DEBUG >= 2
794 printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire,
795 atomic_read(&ipv4_dst_ops.entries), goal, i);
798 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
800 } while (!in_softirq() && time_before_eq(jiffies, now));
802 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
805 printk(KERN_WARNING "dst cache overflow\n");
806 RT_CACHE_STAT_INC(gc_dst_overflow);
810 expire += ip_rt_gc_min_interval;
811 if (expire > ip_rt_gc_timeout ||
812 atomic_read(&ipv4_dst_ops.entries) < ipv4_dst_ops.gc_thresh)
813 expire = ip_rt_gc_timeout;
814 #if RT_CACHE_DEBUG >= 2
815 printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire,
816 atomic_read(&ipv4_dst_ops.entries), goal, rover);
821 static int rt_intern_hash(unsigned hash, struct rtable *rt, struct rtable **rp)
823 struct rtable *rth, **rthp;
825 struct rtable *cand, **candp;
828 int attempts = !in_softirq();
837 rthp = &rt_hash_table[hash].chain;
839 spin_lock_bh(rt_hash_lock_addr(hash));
840 while ((rth = *rthp) != NULL) {
841 if (compare_keys(&rth->fl, &rt->fl)) {
843 *rthp = rth->u.dst.rt_next;
845 * Since lookup is lockfree, the deletion
846 * must be visible to another weakly ordered CPU before
847 * the insertion at the start of the hash chain.
849 rcu_assign_pointer(rth->u.dst.rt_next,
850 rt_hash_table[hash].chain);
852 * Since lookup is lockfree, the update writes
853 * must be ordered for consistency on SMP.
855 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
857 dst_use(&rth->u.dst, now);
858 spin_unlock_bh(rt_hash_lock_addr(hash));
865 if (!atomic_read(&rth->u.dst.__refcnt)) {
866 u32 score = rt_score(rth);
868 if (score <= min_score) {
877 rthp = &rth->u.dst.rt_next;
881 /* ip_rt_gc_elasticity used to be average length of chain
882 * length, when exceeded gc becomes really aggressive.
884 * The second limit is less certain. At the moment it allows
885 * only 2 entries per bucket. We will see.
887 if (chain_length > ip_rt_gc_elasticity) {
888 *candp = cand->u.dst.rt_next;
893 /* Try to bind route to arp only if it is output
894 route or unicast forwarding path.
896 if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) {
897 int err = arp_bind_neighbour(&rt->u.dst);
899 spin_unlock_bh(rt_hash_lock_addr(hash));
901 if (err != -ENOBUFS) {
906 /* Neighbour tables are full and nothing
907 can be released. Try to shrink route cache,
908 it is most likely it holds some neighbour records.
910 if (attempts-- > 0) {
911 int saved_elasticity = ip_rt_gc_elasticity;
912 int saved_int = ip_rt_gc_min_interval;
913 ip_rt_gc_elasticity = 1;
914 ip_rt_gc_min_interval = 0;
915 rt_garbage_collect();
916 ip_rt_gc_min_interval = saved_int;
917 ip_rt_gc_elasticity = saved_elasticity;
922 printk(KERN_WARNING "Neighbour table overflow.\n");
928 rt->u.dst.rt_next = rt_hash_table[hash].chain;
929 #if RT_CACHE_DEBUG >= 2
930 if (rt->u.dst.rt_next) {
932 printk(KERN_DEBUG "rt_cache @%02x: %u.%u.%u.%u", hash,
933 NIPQUAD(rt->rt_dst));
934 for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next)
935 printk(" . %u.%u.%u.%u", NIPQUAD(trt->rt_dst));
939 rt_hash_table[hash].chain = rt;
940 spin_unlock_bh(rt_hash_lock_addr(hash));
945 void rt_bind_peer(struct rtable *rt, int create)
947 static DEFINE_SPINLOCK(rt_peer_lock);
948 struct inet_peer *peer;
950 peer = inet_getpeer(rt->rt_dst, create);
952 spin_lock_bh(&rt_peer_lock);
953 if (rt->peer == NULL) {
957 spin_unlock_bh(&rt_peer_lock);
963 * Peer allocation may fail only in serious out-of-memory conditions. However
964 * we still can generate some output.
965 * Random ID selection looks a bit dangerous because we have no chances to
966 * select ID being unique in a reasonable period of time.
967 * But broken packet identifier may be better than no packet at all.
969 static void ip_select_fb_ident(struct iphdr *iph)
971 static DEFINE_SPINLOCK(ip_fb_id_lock);
972 static u32 ip_fallback_id;
975 spin_lock_bh(&ip_fb_id_lock);
976 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
977 iph->id = htons(salt & 0xFFFF);
978 ip_fallback_id = salt;
979 spin_unlock_bh(&ip_fb_id_lock);
982 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
984 struct rtable *rt = (struct rtable *) dst;
987 if (rt->peer == NULL)
990 /* If peer is attached to destination, it is never detached,
991 so that we need not to grab a lock to dereference it.
994 iph->id = htons(inet_getid(rt->peer, more));
998 printk(KERN_DEBUG "rt_bind_peer(0) @%p\n",
999 __builtin_return_address(0));
1001 ip_select_fb_ident(iph);
1004 static void rt_del(unsigned hash, struct rtable *rt)
1006 struct rtable **rthp;
1008 spin_lock_bh(rt_hash_lock_addr(hash));
1010 for (rthp = &rt_hash_table[hash].chain; *rthp;
1011 rthp = &(*rthp)->u.dst.rt_next)
1013 *rthp = rt->u.dst.rt_next;
1017 spin_unlock_bh(rt_hash_lock_addr(hash));
1020 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1021 __be32 saddr, struct net_device *dev)
1024 struct in_device *in_dev = in_dev_get(dev);
1025 struct rtable *rth, **rthp;
1026 __be32 skeys[2] = { saddr, 0 };
1027 int ikeys[2] = { dev->ifindex, 0 };
1028 struct netevent_redirect netevent;
1033 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev)
1034 || MULTICAST(new_gw) || BADCLASS(new_gw) || ZERONET(new_gw))
1035 goto reject_redirect;
1037 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1038 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1039 goto reject_redirect;
1040 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1041 goto reject_redirect;
1043 if (inet_addr_type(new_gw) != RTN_UNICAST)
1044 goto reject_redirect;
1047 for (i = 0; i < 2; i++) {
1048 for (k = 0; k < 2; k++) {
1049 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k]);
1051 rthp=&rt_hash_table[hash].chain;
1054 while ((rth = rcu_dereference(*rthp)) != NULL) {
1057 if (rth->fl.fl4_dst != daddr ||
1058 rth->fl.fl4_src != skeys[i] ||
1059 rth->fl.oif != ikeys[k] ||
1061 rthp = &rth->u.dst.rt_next;
1065 if (rth->rt_dst != daddr ||
1066 rth->rt_src != saddr ||
1068 rth->rt_gateway != old_gw ||
1069 rth->u.dst.dev != dev)
1072 dst_hold(&rth->u.dst);
1075 rt = dst_alloc(&ipv4_dst_ops);
1082 /* Copy all the information. */
1084 INIT_RCU_HEAD(&rt->u.dst.rcu_head);
1085 rt->u.dst.__use = 1;
1086 atomic_set(&rt->u.dst.__refcnt, 1);
1087 rt->u.dst.child = NULL;
1089 dev_hold(rt->u.dst.dev);
1091 in_dev_hold(rt->idev);
1092 rt->u.dst.obsolete = 0;
1093 rt->u.dst.lastuse = jiffies;
1094 rt->u.dst.path = &rt->u.dst;
1095 rt->u.dst.neighbour = NULL;
1096 rt->u.dst.hh = NULL;
1097 rt->u.dst.xfrm = NULL;
1099 rt->rt_flags |= RTCF_REDIRECTED;
1101 /* Gateway is different ... */
1102 rt->rt_gateway = new_gw;
1104 /* Redirect received -> path was valid */
1105 dst_confirm(&rth->u.dst);
1108 atomic_inc(&rt->peer->refcnt);
1110 if (arp_bind_neighbour(&rt->u.dst) ||
1111 !(rt->u.dst.neighbour->nud_state &
1113 if (rt->u.dst.neighbour)
1114 neigh_event_send(rt->u.dst.neighbour, NULL);
1120 netevent.old = &rth->u.dst;
1121 netevent.new = &rt->u.dst;
1122 call_netevent_notifiers(NETEVENT_REDIRECT,
1126 if (!rt_intern_hash(hash, rt, &rt))
1139 #ifdef CONFIG_IP_ROUTE_VERBOSE
1140 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1141 printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about "
1142 "%u.%u.%u.%u ignored.\n"
1143 " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u\n",
1144 NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw),
1145 NIPQUAD(saddr), NIPQUAD(daddr));
1150 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1152 struct rtable *rt = (struct rtable*)dst;
1153 struct dst_entry *ret = dst;
1156 if (dst->obsolete) {
1159 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1160 rt->u.dst.expires) {
1161 unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1163 #if RT_CACHE_DEBUG >= 1
1164 printk(KERN_DEBUG "ip_rt_advice: redirect to "
1165 "%u.%u.%u.%u/%02x dropped\n",
1166 NIPQUAD(rt->rt_dst), rt->fl.fl4_tos);
1177 * 1. The first ip_rt_redirect_number redirects are sent
1178 * with exponential backoff, then we stop sending them at all,
1179 * assuming that the host ignores our redirects.
1180 * 2. If we did not see packets requiring redirects
1181 * during ip_rt_redirect_silence, we assume that the host
1182 * forgot redirected route and start to send redirects again.
1184 * This algorithm is much cheaper and more intelligent than dumb load limiting
1187 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1188 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1191 void ip_rt_send_redirect(struct sk_buff *skb)
1193 struct rtable *rt = (struct rtable*)skb->dst;
1194 struct in_device *in_dev = in_dev_get(rt->u.dst.dev);
1199 if (!IN_DEV_TX_REDIRECTS(in_dev))
1202 /* No redirected packets during ip_rt_redirect_silence;
1203 * reset the algorithm.
1205 if (time_after(jiffies, rt->u.dst.rate_last + ip_rt_redirect_silence))
1206 rt->u.dst.rate_tokens = 0;
1208 /* Too many ignored redirects; do not send anything
1209 * set u.dst.rate_last to the last seen redirected packet.
1211 if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) {
1212 rt->u.dst.rate_last = jiffies;
1216 /* Check for load limit; set rate_last to the latest sent
1219 if (rt->u.dst.rate_tokens == 0 ||
1221 (rt->u.dst.rate_last +
1222 (ip_rt_redirect_load << rt->u.dst.rate_tokens)))) {
1223 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1224 rt->u.dst.rate_last = jiffies;
1225 ++rt->u.dst.rate_tokens;
1226 #ifdef CONFIG_IP_ROUTE_VERBOSE
1227 if (IN_DEV_LOG_MARTIANS(in_dev) &&
1228 rt->u.dst.rate_tokens == ip_rt_redirect_number &&
1230 printk(KERN_WARNING "host %u.%u.%u.%u/if%d ignores "
1231 "redirects for %u.%u.%u.%u to %u.%u.%u.%u.\n",
1232 NIPQUAD(rt->rt_src), rt->rt_iif,
1233 NIPQUAD(rt->rt_dst), NIPQUAD(rt->rt_gateway));
1240 static int ip_error(struct sk_buff *skb)
1242 struct rtable *rt = (struct rtable*)skb->dst;
1246 switch (rt->u.dst.error) {
1251 code = ICMP_HOST_UNREACH;
1254 code = ICMP_NET_UNREACH;
1257 code = ICMP_PKT_FILTERED;
1262 rt->u.dst.rate_tokens += now - rt->u.dst.rate_last;
1263 if (rt->u.dst.rate_tokens > ip_rt_error_burst)
1264 rt->u.dst.rate_tokens = ip_rt_error_burst;
1265 rt->u.dst.rate_last = now;
1266 if (rt->u.dst.rate_tokens >= ip_rt_error_cost) {
1267 rt->u.dst.rate_tokens -= ip_rt_error_cost;
1268 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1271 out: kfree_skb(skb);
1276 * The last two values are not from the RFC but
1277 * are needed for AMPRnet AX.25 paths.
1280 static const unsigned short mtu_plateau[] =
1281 {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 };
1283 static __inline__ unsigned short guess_mtu(unsigned short old_mtu)
1287 for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++)
1288 if (old_mtu > mtu_plateau[i])
1289 return mtu_plateau[i];
1293 unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu)
1296 unsigned short old_mtu = ntohs(iph->tot_len);
1298 __be32 skeys[2] = { iph->saddr, 0, };
1299 __be32 daddr = iph->daddr;
1300 unsigned short est_mtu = 0;
1302 if (ipv4_config.no_pmtu_disc)
1305 for (i = 0; i < 2; i++) {
1306 unsigned hash = rt_hash(daddr, skeys[i], 0);
1309 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1310 rth = rcu_dereference(rth->u.dst.rt_next)) {
1311 if (rth->fl.fl4_dst == daddr &&
1312 rth->fl.fl4_src == skeys[i] &&
1313 rth->rt_dst == daddr &&
1314 rth->rt_src == iph->saddr &&
1316 !(dst_metric_locked(&rth->u.dst, RTAX_MTU))) {
1317 unsigned short mtu = new_mtu;
1319 if (new_mtu < 68 || new_mtu >= old_mtu) {
1321 /* BSD 4.2 compatibility hack :-( */
1323 old_mtu >= rth->u.dst.metrics[RTAX_MTU-1] &&
1324 old_mtu >= 68 + (iph->ihl << 2))
1325 old_mtu -= iph->ihl << 2;
1327 mtu = guess_mtu(old_mtu);
1329 if (mtu <= rth->u.dst.metrics[RTAX_MTU-1]) {
1330 if (mtu < rth->u.dst.metrics[RTAX_MTU-1]) {
1331 dst_confirm(&rth->u.dst);
1332 if (mtu < ip_rt_min_pmtu) {
1333 mtu = ip_rt_min_pmtu;
1334 rth->u.dst.metrics[RTAX_LOCK-1] |=
1337 rth->u.dst.metrics[RTAX_MTU-1] = mtu;
1338 dst_set_expires(&rth->u.dst,
1347 return est_mtu ? : new_mtu;
1350 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1352 if (dst->metrics[RTAX_MTU-1] > mtu && mtu >= 68 &&
1353 !(dst_metric_locked(dst, RTAX_MTU))) {
1354 if (mtu < ip_rt_min_pmtu) {
1355 mtu = ip_rt_min_pmtu;
1356 dst->metrics[RTAX_LOCK-1] |= (1 << RTAX_MTU);
1358 dst->metrics[RTAX_MTU-1] = mtu;
1359 dst_set_expires(dst, ip_rt_mtu_expires);
1360 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
1364 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1369 static void ipv4_dst_destroy(struct dst_entry *dst)
1371 struct rtable *rt = (struct rtable *) dst;
1372 struct inet_peer *peer = rt->peer;
1373 struct in_device *idev = rt->idev;
1386 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
1389 struct rtable *rt = (struct rtable *) dst;
1390 struct in_device *idev = rt->idev;
1391 if (dev != init_net.loopback_dev && idev && idev->dev == dev) {
1392 struct in_device *loopback_idev = in_dev_get(init_net.loopback_dev);
1393 if (loopback_idev) {
1394 rt->idev = loopback_idev;
1400 static void ipv4_link_failure(struct sk_buff *skb)
1404 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1406 rt = (struct rtable *) skb->dst;
1408 dst_set_expires(&rt->u.dst, 0);
1411 static int ip_rt_bug(struct sk_buff *skb)
1413 printk(KERN_DEBUG "ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s\n",
1414 NIPQUAD(ip_hdr(skb)->saddr), NIPQUAD(ip_hdr(skb)->daddr),
1415 skb->dev ? skb->dev->name : "?");
1421 We do not cache source address of outgoing interface,
1422 because it is used only by IP RR, TS and SRR options,
1423 so that it out of fast path.
1425 BTW remember: "addr" is allowed to be not aligned
1429 void ip_rt_get_source(u8 *addr, struct rtable *rt)
1432 struct fib_result res;
1434 if (rt->fl.iif == 0)
1436 else if (fib_lookup(&rt->fl, &res) == 0) {
1437 src = FIB_RES_PREFSRC(res);
1440 src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
1442 memcpy(addr, &src, 4);
1445 #ifdef CONFIG_NET_CLS_ROUTE
1446 static void set_class_tag(struct rtable *rt, u32 tag)
1448 if (!(rt->u.dst.tclassid & 0xFFFF))
1449 rt->u.dst.tclassid |= tag & 0xFFFF;
1450 if (!(rt->u.dst.tclassid & 0xFFFF0000))
1451 rt->u.dst.tclassid |= tag & 0xFFFF0000;
1455 static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag)
1457 struct fib_info *fi = res->fi;
1460 if (FIB_RES_GW(*res) &&
1461 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1462 rt->rt_gateway = FIB_RES_GW(*res);
1463 memcpy(rt->u.dst.metrics, fi->fib_metrics,
1464 sizeof(rt->u.dst.metrics));
1465 if (fi->fib_mtu == 0) {
1466 rt->u.dst.metrics[RTAX_MTU-1] = rt->u.dst.dev->mtu;
1467 if (rt->u.dst.metrics[RTAX_LOCK-1] & (1 << RTAX_MTU) &&
1468 rt->rt_gateway != rt->rt_dst &&
1469 rt->u.dst.dev->mtu > 576)
1470 rt->u.dst.metrics[RTAX_MTU-1] = 576;
1472 #ifdef CONFIG_NET_CLS_ROUTE
1473 rt->u.dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1476 rt->u.dst.metrics[RTAX_MTU-1]= rt->u.dst.dev->mtu;
1478 if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0)
1479 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = sysctl_ip_default_ttl;
1480 if (rt->u.dst.metrics[RTAX_MTU-1] > IP_MAX_MTU)
1481 rt->u.dst.metrics[RTAX_MTU-1] = IP_MAX_MTU;
1482 if (rt->u.dst.metrics[RTAX_ADVMSS-1] == 0)
1483 rt->u.dst.metrics[RTAX_ADVMSS-1] = max_t(unsigned int, rt->u.dst.dev->mtu - 40,
1485 if (rt->u.dst.metrics[RTAX_ADVMSS-1] > 65535 - 40)
1486 rt->u.dst.metrics[RTAX_ADVMSS-1] = 65535 - 40;
1488 #ifdef CONFIG_NET_CLS_ROUTE
1489 #ifdef CONFIG_IP_MULTIPLE_TABLES
1490 set_class_tag(rt, fib_rules_tclass(res));
1492 set_class_tag(rt, itag);
1494 rt->rt_type = res->type;
1497 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1498 u8 tos, struct net_device *dev, int our)
1503 struct in_device *in_dev = in_dev_get(dev);
1506 /* Primary sanity checks. */
1511 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr) ||
1512 skb->protocol != htons(ETH_P_IP))
1515 if (ZERONET(saddr)) {
1516 if (!LOCAL_MCAST(daddr))
1518 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1519 } else if (fib_validate_source(saddr, 0, tos, 0,
1520 dev, &spec_dst, &itag) < 0)
1523 rth = dst_alloc(&ipv4_dst_ops);
1527 rth->u.dst.output= ip_rt_bug;
1529 atomic_set(&rth->u.dst.__refcnt, 1);
1530 rth->u.dst.flags= DST_HOST;
1531 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1532 rth->u.dst.flags |= DST_NOPOLICY;
1533 rth->fl.fl4_dst = daddr;
1534 rth->rt_dst = daddr;
1535 rth->fl.fl4_tos = tos;
1536 rth->fl.mark = skb->mark;
1537 rth->fl.fl4_src = saddr;
1538 rth->rt_src = saddr;
1539 #ifdef CONFIG_NET_CLS_ROUTE
1540 rth->u.dst.tclassid = itag;
1543 rth->fl.iif = dev->ifindex;
1544 rth->u.dst.dev = init_net.loopback_dev;
1545 dev_hold(rth->u.dst.dev);
1546 rth->idev = in_dev_get(rth->u.dst.dev);
1548 rth->rt_gateway = daddr;
1549 rth->rt_spec_dst= spec_dst;
1550 rth->rt_type = RTN_MULTICAST;
1551 rth->rt_flags = RTCF_MULTICAST;
1553 rth->u.dst.input= ip_local_deliver;
1554 rth->rt_flags |= RTCF_LOCAL;
1557 #ifdef CONFIG_IP_MROUTE
1558 if (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
1559 rth->u.dst.input = ip_mr_input;
1561 RT_CACHE_STAT_INC(in_slow_mc);
1564 hash = rt_hash(daddr, saddr, dev->ifindex);
1565 return rt_intern_hash(hash, rth, (struct rtable**) &skb->dst);
1577 static void ip_handle_martian_source(struct net_device *dev,
1578 struct in_device *in_dev,
1579 struct sk_buff *skb,
1583 RT_CACHE_STAT_INC(in_martian_src);
1584 #ifdef CONFIG_IP_ROUTE_VERBOSE
1585 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1587 * RFC1812 recommendation, if source is martian,
1588 * the only hint is MAC header.
1590 printk(KERN_WARNING "martian source %u.%u.%u.%u from "
1591 "%u.%u.%u.%u, on dev %s\n",
1592 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1593 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1595 const unsigned char *p = skb_mac_header(skb);
1596 printk(KERN_WARNING "ll header: ");
1597 for (i = 0; i < dev->hard_header_len; i++, p++) {
1599 if (i < (dev->hard_header_len - 1))
1608 static inline int __mkroute_input(struct sk_buff *skb,
1609 struct fib_result* res,
1610 struct in_device *in_dev,
1611 __be32 daddr, __be32 saddr, u32 tos,
1612 struct rtable **result)
1617 struct in_device *out_dev;
1622 /* get a working reference to the output device */
1623 out_dev = in_dev_get(FIB_RES_DEV(*res));
1624 if (out_dev == NULL) {
1625 if (net_ratelimit())
1626 printk(KERN_CRIT "Bug in ip_route_input" \
1627 "_slow(). Please, report\n");
1632 err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
1633 in_dev->dev, &spec_dst, &itag);
1635 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1643 flags |= RTCF_DIRECTSRC;
1645 if (out_dev == in_dev && err && !(flags & (RTCF_NAT | RTCF_MASQ)) &&
1646 (IN_DEV_SHARED_MEDIA(out_dev) ||
1647 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1648 flags |= RTCF_DOREDIRECT;
1650 if (skb->protocol != htons(ETH_P_IP)) {
1651 /* Not IP (i.e. ARP). Do not create route, if it is
1652 * invalid for proxy arp. DNAT routes are always valid.
1654 if (out_dev == in_dev && !(flags & RTCF_DNAT)) {
1661 rth = dst_alloc(&ipv4_dst_ops);
1667 atomic_set(&rth->u.dst.__refcnt, 1);
1668 rth->u.dst.flags= DST_HOST;
1669 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1670 rth->u.dst.flags |= DST_NOPOLICY;
1671 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
1672 rth->u.dst.flags |= DST_NOXFRM;
1673 rth->fl.fl4_dst = daddr;
1674 rth->rt_dst = daddr;
1675 rth->fl.fl4_tos = tos;
1676 rth->fl.mark = skb->mark;
1677 rth->fl.fl4_src = saddr;
1678 rth->rt_src = saddr;
1679 rth->rt_gateway = daddr;
1681 rth->fl.iif = in_dev->dev->ifindex;
1682 rth->u.dst.dev = (out_dev)->dev;
1683 dev_hold(rth->u.dst.dev);
1684 rth->idev = in_dev_get(rth->u.dst.dev);
1686 rth->rt_spec_dst= spec_dst;
1688 rth->u.dst.input = ip_forward;
1689 rth->u.dst.output = ip_output;
1691 rt_set_nexthop(rth, res, itag);
1693 rth->rt_flags = flags;
1698 /* release the working reference to the output device */
1699 in_dev_put(out_dev);
1703 static inline int ip_mkroute_input(struct sk_buff *skb,
1704 struct fib_result* res,
1705 const struct flowi *fl,
1706 struct in_device *in_dev,
1707 __be32 daddr, __be32 saddr, u32 tos)
1709 struct rtable* rth = NULL;
1713 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1714 if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
1715 fib_select_multipath(fl, res);
1718 /* create a routing cache entry */
1719 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
1723 /* put it into the cache */
1724 hash = rt_hash(daddr, saddr, fl->iif);
1725 return rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1729 * NOTE. We drop all the packets that has local source
1730 * addresses, because every properly looped back packet
1731 * must have correct destination already attached by output routine.
1733 * Such approach solves two big problems:
1734 * 1. Not simplex devices are handled properly.
1735 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1738 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1739 u8 tos, struct net_device *dev)
1741 struct fib_result res;
1742 struct in_device *in_dev = in_dev_get(dev);
1743 struct flowi fl = { .nl_u = { .ip4_u =
1747 .scope = RT_SCOPE_UNIVERSE,
1750 .iif = dev->ifindex };
1753 struct rtable * rth;
1759 /* IP on this device is disabled. */
1764 /* Check for the most weird martians, which can be not detected
1768 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr))
1769 goto martian_source;
1771 if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0))
1774 /* Accept zero addresses only to limited broadcast;
1775 * I even do not know to fix it or not. Waiting for complains :-)
1778 goto martian_source;
1780 if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))
1781 goto martian_destination;
1784 * Now we are ready to route packet.
1786 if ((err = fib_lookup(&fl, &res)) != 0) {
1787 if (!IN_DEV_FORWARD(in_dev))
1793 RT_CACHE_STAT_INC(in_slow_tot);
1795 if (res.type == RTN_BROADCAST)
1798 if (res.type == RTN_LOCAL) {
1800 result = fib_validate_source(saddr, daddr, tos,
1801 init_net.loopback_dev->ifindex,
1802 dev, &spec_dst, &itag);
1804 goto martian_source;
1806 flags |= RTCF_DIRECTSRC;
1811 if (!IN_DEV_FORWARD(in_dev))
1813 if (res.type != RTN_UNICAST)
1814 goto martian_destination;
1816 err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
1824 if (skb->protocol != htons(ETH_P_IP))
1828 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1830 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
1833 goto martian_source;
1835 flags |= RTCF_DIRECTSRC;
1837 flags |= RTCF_BROADCAST;
1838 res.type = RTN_BROADCAST;
1839 RT_CACHE_STAT_INC(in_brd);
1842 rth = dst_alloc(&ipv4_dst_ops);
1846 rth->u.dst.output= ip_rt_bug;
1848 atomic_set(&rth->u.dst.__refcnt, 1);
1849 rth->u.dst.flags= DST_HOST;
1850 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1851 rth->u.dst.flags |= DST_NOPOLICY;
1852 rth->fl.fl4_dst = daddr;
1853 rth->rt_dst = daddr;
1854 rth->fl.fl4_tos = tos;
1855 rth->fl.mark = skb->mark;
1856 rth->fl.fl4_src = saddr;
1857 rth->rt_src = saddr;
1858 #ifdef CONFIG_NET_CLS_ROUTE
1859 rth->u.dst.tclassid = itag;
1862 rth->fl.iif = dev->ifindex;
1863 rth->u.dst.dev = init_net.loopback_dev;
1864 dev_hold(rth->u.dst.dev);
1865 rth->idev = in_dev_get(rth->u.dst.dev);
1866 rth->rt_gateway = daddr;
1867 rth->rt_spec_dst= spec_dst;
1868 rth->u.dst.input= ip_local_deliver;
1869 rth->rt_flags = flags|RTCF_LOCAL;
1870 if (res.type == RTN_UNREACHABLE) {
1871 rth->u.dst.input= ip_error;
1872 rth->u.dst.error= -err;
1873 rth->rt_flags &= ~RTCF_LOCAL;
1875 rth->rt_type = res.type;
1876 hash = rt_hash(daddr, saddr, fl.iif);
1877 err = rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1881 RT_CACHE_STAT_INC(in_no_route);
1882 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
1883 res.type = RTN_UNREACHABLE;
1887 * Do not cache martian addresses: they should be logged (RFC1812)
1889 martian_destination:
1890 RT_CACHE_STAT_INC(in_martian_dst);
1891 #ifdef CONFIG_IP_ROUTE_VERBOSE
1892 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1893 printk(KERN_WARNING "martian destination %u.%u.%u.%u from "
1894 "%u.%u.%u.%u, dev %s\n",
1895 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1899 err = -EHOSTUNREACH;
1911 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
1915 int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1916 u8 tos, struct net_device *dev)
1918 struct rtable * rth;
1920 int iif = dev->ifindex;
1922 tos &= IPTOS_RT_MASK;
1923 hash = rt_hash(daddr, saddr, iif);
1926 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1927 rth = rcu_dereference(rth->u.dst.rt_next)) {
1928 if (rth->fl.fl4_dst == daddr &&
1929 rth->fl.fl4_src == saddr &&
1930 rth->fl.iif == iif &&
1932 rth->fl.mark == skb->mark &&
1933 rth->fl.fl4_tos == tos) {
1934 dst_use(&rth->u.dst, jiffies);
1935 RT_CACHE_STAT_INC(in_hit);
1937 skb->dst = (struct dst_entry*)rth;
1940 RT_CACHE_STAT_INC(in_hlist_search);
1944 /* Multicast recognition logic is moved from route cache to here.
1945 The problem was that too many Ethernet cards have broken/missing
1946 hardware multicast filters :-( As result the host on multicasting
1947 network acquires a lot of useless route cache entries, sort of
1948 SDR messages from all the world. Now we try to get rid of them.
1949 Really, provided software IP multicast filter is organized
1950 reasonably (at least, hashed), it does not result in a slowdown
1951 comparing with route cache reject entries.
1952 Note, that multicast routers are not affected, because
1953 route cache entry is created eventually.
1955 if (MULTICAST(daddr)) {
1956 struct in_device *in_dev;
1959 if ((in_dev = __in_dev_get_rcu(dev)) != NULL) {
1960 int our = ip_check_mc(in_dev, daddr, saddr,
1961 ip_hdr(skb)->protocol);
1963 #ifdef CONFIG_IP_MROUTE
1964 || (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
1968 return ip_route_input_mc(skb, daddr, saddr,
1975 return ip_route_input_slow(skb, daddr, saddr, tos, dev);
1978 static inline int __mkroute_output(struct rtable **result,
1979 struct fib_result* res,
1980 const struct flowi *fl,
1981 const struct flowi *oldflp,
1982 struct net_device *dev_out,
1986 struct in_device *in_dev;
1987 u32 tos = RT_FL_TOS(oldflp);
1990 if (LOOPBACK(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK))
1993 if (fl->fl4_dst == htonl(0xFFFFFFFF))
1994 res->type = RTN_BROADCAST;
1995 else if (MULTICAST(fl->fl4_dst))
1996 res->type = RTN_MULTICAST;
1997 else if (BADCLASS(fl->fl4_dst) || ZERONET(fl->fl4_dst))
2000 if (dev_out->flags & IFF_LOOPBACK)
2001 flags |= RTCF_LOCAL;
2003 /* get work reference to inet device */
2004 in_dev = in_dev_get(dev_out);
2008 if (res->type == RTN_BROADCAST) {
2009 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2011 fib_info_put(res->fi);
2014 } else if (res->type == RTN_MULTICAST) {
2015 flags |= RTCF_MULTICAST|RTCF_LOCAL;
2016 if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src,
2018 flags &= ~RTCF_LOCAL;
2019 /* If multicast route do not exist use
2020 default one, but do not gateway in this case.
2023 if (res->fi && res->prefixlen < 4) {
2024 fib_info_put(res->fi);
2030 rth = dst_alloc(&ipv4_dst_ops);
2036 atomic_set(&rth->u.dst.__refcnt, 1);
2037 rth->u.dst.flags= DST_HOST;
2038 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2039 rth->u.dst.flags |= DST_NOXFRM;
2040 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2041 rth->u.dst.flags |= DST_NOPOLICY;
2043 rth->fl.fl4_dst = oldflp->fl4_dst;
2044 rth->fl.fl4_tos = tos;
2045 rth->fl.fl4_src = oldflp->fl4_src;
2046 rth->fl.oif = oldflp->oif;
2047 rth->fl.mark = oldflp->mark;
2048 rth->rt_dst = fl->fl4_dst;
2049 rth->rt_src = fl->fl4_src;
2050 rth->rt_iif = oldflp->oif ? : dev_out->ifindex;
2051 /* get references to the devices that are to be hold by the routing
2053 rth->u.dst.dev = dev_out;
2055 rth->idev = in_dev_get(dev_out);
2056 rth->rt_gateway = fl->fl4_dst;
2057 rth->rt_spec_dst= fl->fl4_src;
2059 rth->u.dst.output=ip_output;
2061 RT_CACHE_STAT_INC(out_slow_tot);
2063 if (flags & RTCF_LOCAL) {
2064 rth->u.dst.input = ip_local_deliver;
2065 rth->rt_spec_dst = fl->fl4_dst;
2067 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2068 rth->rt_spec_dst = fl->fl4_src;
2069 if (flags & RTCF_LOCAL &&
2070 !(dev_out->flags & IFF_LOOPBACK)) {
2071 rth->u.dst.output = ip_mc_output;
2072 RT_CACHE_STAT_INC(out_slow_mc);
2074 #ifdef CONFIG_IP_MROUTE
2075 if (res->type == RTN_MULTICAST) {
2076 if (IN_DEV_MFORWARD(in_dev) &&
2077 !LOCAL_MCAST(oldflp->fl4_dst)) {
2078 rth->u.dst.input = ip_mr_input;
2079 rth->u.dst.output = ip_mc_output;
2085 rt_set_nexthop(rth, res, 0);
2087 rth->rt_flags = flags;
2091 /* release work reference to inet device */
2097 static inline int ip_mkroute_output(struct rtable **rp,
2098 struct fib_result* res,
2099 const struct flowi *fl,
2100 const struct flowi *oldflp,
2101 struct net_device *dev_out,
2104 struct rtable *rth = NULL;
2105 int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags);
2108 hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif);
2109 err = rt_intern_hash(hash, rth, rp);
2116 * Major route resolver routine.
2119 static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp)
2121 u32 tos = RT_FL_TOS(oldflp);
2122 struct flowi fl = { .nl_u = { .ip4_u =
2123 { .daddr = oldflp->fl4_dst,
2124 .saddr = oldflp->fl4_src,
2125 .tos = tos & IPTOS_RT_MASK,
2126 .scope = ((tos & RTO_ONLINK) ?
2130 .mark = oldflp->mark,
2131 .iif = init_net.loopback_dev->ifindex,
2132 .oif = oldflp->oif };
2133 struct fib_result res;
2135 struct net_device *dev_out = NULL;
2141 #ifdef CONFIG_IP_MULTIPLE_TABLES
2145 if (oldflp->fl4_src) {
2147 if (MULTICAST(oldflp->fl4_src) ||
2148 BADCLASS(oldflp->fl4_src) ||
2149 ZERONET(oldflp->fl4_src))
2152 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2153 dev_out = ip_dev_find(oldflp->fl4_src);
2154 if (dev_out == NULL)
2157 /* I removed check for oif == dev_out->oif here.
2158 It was wrong for two reasons:
2159 1. ip_dev_find(saddr) can return wrong iface, if saddr is
2160 assigned to multiple interfaces.
2161 2. Moreover, we are allowed to send packets with saddr
2162 of another iface. --ANK
2165 if (oldflp->oif == 0
2166 && (MULTICAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
2167 /* Special hack: user can direct multicasts
2168 and limited broadcast via necessary interface
2169 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2170 This hack is not just for fun, it allows
2171 vic,vat and friends to work.
2172 They bind socket to loopback, set ttl to zero
2173 and expect that it will work.
2174 From the viewpoint of routing cache they are broken,
2175 because we are not allowed to build multicast path
2176 with loopback source addr (look, routing cache
2177 cannot know, that ttl is zero, so that packet
2178 will not leave this host and route is valid).
2179 Luckily, this hack is good workaround.
2182 fl.oif = dev_out->ifindex;
2192 dev_out = dev_get_by_index(&init_net, oldflp->oif);
2194 if (dev_out == NULL)
2197 /* RACE: Check return value of inet_select_addr instead. */
2198 if (__in_dev_get_rtnl(dev_out) == NULL) {
2200 goto out; /* Wrong error code */
2203 if (LOCAL_MCAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF)) {
2205 fl.fl4_src = inet_select_addr(dev_out, 0,
2210 if (MULTICAST(oldflp->fl4_dst))
2211 fl.fl4_src = inet_select_addr(dev_out, 0,
2213 else if (!oldflp->fl4_dst)
2214 fl.fl4_src = inet_select_addr(dev_out, 0,
2220 fl.fl4_dst = fl.fl4_src;
2222 fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK);
2225 dev_out = init_net.loopback_dev;
2227 fl.oif = init_net.loopback_dev->ifindex;
2228 res.type = RTN_LOCAL;
2229 flags |= RTCF_LOCAL;
2233 if (fib_lookup(&fl, &res)) {
2236 /* Apparently, routing tables are wrong. Assume,
2237 that the destination is on link.
2240 Because we are allowed to send to iface
2241 even if it has NO routes and NO assigned
2242 addresses. When oif is specified, routing
2243 tables are looked up with only one purpose:
2244 to catch if destination is gatewayed, rather than
2245 direct. Moreover, if MSG_DONTROUTE is set,
2246 we send packet, ignoring both routing tables
2247 and ifaddr state. --ANK
2250 We could make it even if oif is unknown,
2251 likely IPv6, but we do not.
2254 if (fl.fl4_src == 0)
2255 fl.fl4_src = inet_select_addr(dev_out, 0,
2257 res.type = RTN_UNICAST;
2267 if (res.type == RTN_LOCAL) {
2269 fl.fl4_src = fl.fl4_dst;
2272 dev_out = init_net.loopback_dev;
2274 fl.oif = dev_out->ifindex;
2276 fib_info_put(res.fi);
2278 flags |= RTCF_LOCAL;
2282 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2283 if (res.fi->fib_nhs > 1 && fl.oif == 0)
2284 fib_select_multipath(&fl, &res);
2287 if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
2288 fib_select_default(&fl, &res);
2291 fl.fl4_src = FIB_RES_PREFSRC(res);
2295 dev_out = FIB_RES_DEV(res);
2297 fl.oif = dev_out->ifindex;
2301 err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags);
2311 int __ip_route_output_key(struct rtable **rp, const struct flowi *flp)
2316 hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif);
2319 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2320 rth = rcu_dereference(rth->u.dst.rt_next)) {
2321 if (rth->fl.fl4_dst == flp->fl4_dst &&
2322 rth->fl.fl4_src == flp->fl4_src &&
2324 rth->fl.oif == flp->oif &&
2325 rth->fl.mark == flp->mark &&
2326 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
2327 (IPTOS_RT_MASK | RTO_ONLINK))) {
2328 dst_use(&rth->u.dst, jiffies);
2329 RT_CACHE_STAT_INC(out_hit);
2330 rcu_read_unlock_bh();
2334 RT_CACHE_STAT_INC(out_hlist_search);
2336 rcu_read_unlock_bh();
2338 return ip_route_output_slow(rp, flp);
2341 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2343 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2347 static struct dst_ops ipv4_dst_blackhole_ops = {
2349 .protocol = __constant_htons(ETH_P_IP),
2350 .destroy = ipv4_dst_destroy,
2351 .check = ipv4_dst_check,
2352 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2353 .entry_size = sizeof(struct rtable),
2357 static int ipv4_blackhole_output(struct sk_buff *skb)
2363 static int ipv4_dst_blackhole(struct rtable **rp, struct flowi *flp, struct sock *sk)
2365 struct rtable *ort = *rp;
2366 struct rtable *rt = (struct rtable *)
2367 dst_alloc(&ipv4_dst_blackhole_ops);
2370 struct dst_entry *new = &rt->u.dst;
2372 atomic_set(&new->__refcnt, 1);
2374 new->input = ipv4_blackhole_output;
2375 new->output = ipv4_blackhole_output;
2376 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
2378 new->dev = ort->u.dst.dev;
2384 rt->idev = ort->idev;
2386 in_dev_hold(rt->idev);
2387 rt->rt_flags = ort->rt_flags;
2388 rt->rt_type = ort->rt_type;
2389 rt->rt_dst = ort->rt_dst;
2390 rt->rt_src = ort->rt_src;
2391 rt->rt_iif = ort->rt_iif;
2392 rt->rt_gateway = ort->rt_gateway;
2393 rt->rt_spec_dst = ort->rt_spec_dst;
2394 rt->peer = ort->peer;
2396 atomic_inc(&rt->peer->refcnt);
2401 dst_release(&(*rp)->u.dst);
2403 return (rt ? 0 : -ENOMEM);
2406 int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags)
2410 if ((err = __ip_route_output_key(rp, flp)) != 0)
2415 flp->fl4_src = (*rp)->rt_src;
2417 flp->fl4_dst = (*rp)->rt_dst;
2418 err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, flags);
2419 if (err == -EREMOTE)
2420 err = ipv4_dst_blackhole(rp, flp, sk);
2428 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2430 int ip_route_output_key(struct rtable **rp, struct flowi *flp)
2432 return ip_route_output_flow(rp, flp, NULL, 0);
2435 static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event,
2436 int nowait, unsigned int flags)
2438 struct rtable *rt = (struct rtable*)skb->dst;
2440 struct nlmsghdr *nlh;
2442 u32 id = 0, ts = 0, tsage = 0, error;
2444 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2448 r = nlmsg_data(nlh);
2449 r->rtm_family = AF_INET;
2450 r->rtm_dst_len = 32;
2452 r->rtm_tos = rt->fl.fl4_tos;
2453 r->rtm_table = RT_TABLE_MAIN;
2454 NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN);
2455 r->rtm_type = rt->rt_type;
2456 r->rtm_scope = RT_SCOPE_UNIVERSE;
2457 r->rtm_protocol = RTPROT_UNSPEC;
2458 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2459 if (rt->rt_flags & RTCF_NOTIFY)
2460 r->rtm_flags |= RTM_F_NOTIFY;
2462 NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst);
2464 if (rt->fl.fl4_src) {
2465 r->rtm_src_len = 32;
2466 NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src);
2469 NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex);
2470 #ifdef CONFIG_NET_CLS_ROUTE
2471 if (rt->u.dst.tclassid)
2472 NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid);
2475 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst);
2476 else if (rt->rt_src != rt->fl.fl4_src)
2477 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src);
2479 if (rt->rt_dst != rt->rt_gateway)
2480 NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway);
2482 if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0)
2483 goto nla_put_failure;
2485 error = rt->u.dst.error;
2486 expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0;
2488 id = rt->peer->ip_id_count;
2489 if (rt->peer->tcp_ts_stamp) {
2490 ts = rt->peer->tcp_ts;
2491 tsage = get_seconds() - rt->peer->tcp_ts_stamp;
2496 #ifdef CONFIG_IP_MROUTE
2497 __be32 dst = rt->rt_dst;
2499 if (MULTICAST(dst) && !LOCAL_MCAST(dst) &&
2500 IPV4_DEVCONF_ALL(MC_FORWARDING)) {
2501 int err = ipmr_get_route(skb, r, nowait);
2506 goto nla_put_failure;
2508 if (err == -EMSGSIZE)
2509 goto nla_put_failure;
2515 NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif);
2518 if (rtnl_put_cacheinfo(skb, &rt->u.dst, id, ts, tsage,
2519 expires, error) < 0)
2520 goto nla_put_failure;
2522 return nlmsg_end(skb, nlh);
2525 nlmsg_cancel(skb, nlh);
2529 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2532 struct nlattr *tb[RTA_MAX+1];
2533 struct rtable *rt = NULL;
2538 struct sk_buff *skb;
2540 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2544 rtm = nlmsg_data(nlh);
2546 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2552 /* Reserve room for dummy headers, this skb can pass
2553 through good chunk of routing engine.
2555 skb_reset_mac_header(skb);
2556 skb_reset_network_header(skb);
2558 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2559 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2560 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2562 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2563 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2564 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2567 struct net_device *dev;
2569 dev = __dev_get_by_index(&init_net, iif);
2575 skb->protocol = htons(ETH_P_IP);
2578 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2581 rt = (struct rtable*) skb->dst;
2582 if (err == 0 && rt->u.dst.error)
2583 err = -rt->u.dst.error;
2590 .tos = rtm->rtm_tos,
2593 .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2595 err = ip_route_output_key(&rt, &fl);
2601 skb->dst = &rt->u.dst;
2602 if (rtm->rtm_flags & RTM_F_NOTIFY)
2603 rt->rt_flags |= RTCF_NOTIFY;
2605 err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2606 RTM_NEWROUTE, 0, 0);
2610 err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid);
2619 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2626 s_idx = idx = cb->args[1];
2627 for (h = 0; h <= rt_hash_mask; h++) {
2628 if (h < s_h) continue;
2632 for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt;
2633 rt = rcu_dereference(rt->u.dst.rt_next), idx++) {
2636 skb->dst = dst_clone(&rt->u.dst);
2637 if (rt_fill_info(skb, NETLINK_CB(cb->skb).pid,
2638 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2639 1, NLM_F_MULTI) <= 0) {
2640 dst_release(xchg(&skb->dst, NULL));
2641 rcu_read_unlock_bh();
2644 dst_release(xchg(&skb->dst, NULL));
2646 rcu_read_unlock_bh();
2655 void ip_rt_multicast_event(struct in_device *in_dev)
2660 #ifdef CONFIG_SYSCTL
2661 static int flush_delay;
2663 static int ipv4_sysctl_rtcache_flush(ctl_table *ctl, int write,
2664 struct file *filp, void __user *buffer,
2665 size_t *lenp, loff_t *ppos)
2668 proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
2669 rt_cache_flush(flush_delay);
2676 static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
2679 void __user *oldval,
2680 size_t __user *oldlenp,
2681 void __user *newval,
2685 if (newlen != sizeof(int))
2687 if (get_user(delay, (int __user *)newval))
2689 rt_cache_flush(delay);
2693 ctl_table ipv4_route_table[] = {
2695 .ctl_name = NET_IPV4_ROUTE_FLUSH,
2696 .procname = "flush",
2697 .data = &flush_delay,
2698 .maxlen = sizeof(int),
2700 .proc_handler = &ipv4_sysctl_rtcache_flush,
2701 .strategy = &ipv4_sysctl_rtcache_flush_strategy,
2704 .ctl_name = NET_IPV4_ROUTE_MIN_DELAY,
2705 .procname = "min_delay",
2706 .data = &ip_rt_min_delay,
2707 .maxlen = sizeof(int),
2709 .proc_handler = &proc_dointvec_jiffies,
2710 .strategy = &sysctl_jiffies,
2713 .ctl_name = NET_IPV4_ROUTE_MAX_DELAY,
2714 .procname = "max_delay",
2715 .data = &ip_rt_max_delay,
2716 .maxlen = sizeof(int),
2718 .proc_handler = &proc_dointvec_jiffies,
2719 .strategy = &sysctl_jiffies,
2722 .ctl_name = NET_IPV4_ROUTE_GC_THRESH,
2723 .procname = "gc_thresh",
2724 .data = &ipv4_dst_ops.gc_thresh,
2725 .maxlen = sizeof(int),
2727 .proc_handler = &proc_dointvec,
2730 .ctl_name = NET_IPV4_ROUTE_MAX_SIZE,
2731 .procname = "max_size",
2732 .data = &ip_rt_max_size,
2733 .maxlen = sizeof(int),
2735 .proc_handler = &proc_dointvec,
2738 /* Deprecated. Use gc_min_interval_ms */
2740 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL,
2741 .procname = "gc_min_interval",
2742 .data = &ip_rt_gc_min_interval,
2743 .maxlen = sizeof(int),
2745 .proc_handler = &proc_dointvec_jiffies,
2746 .strategy = &sysctl_jiffies,
2749 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS,
2750 .procname = "gc_min_interval_ms",
2751 .data = &ip_rt_gc_min_interval,
2752 .maxlen = sizeof(int),
2754 .proc_handler = &proc_dointvec_ms_jiffies,
2755 .strategy = &sysctl_ms_jiffies,
2758 .ctl_name = NET_IPV4_ROUTE_GC_TIMEOUT,
2759 .procname = "gc_timeout",
2760 .data = &ip_rt_gc_timeout,
2761 .maxlen = sizeof(int),
2763 .proc_handler = &proc_dointvec_jiffies,
2764 .strategy = &sysctl_jiffies,
2767 .ctl_name = NET_IPV4_ROUTE_GC_INTERVAL,
2768 .procname = "gc_interval",
2769 .data = &ip_rt_gc_interval,
2770 .maxlen = sizeof(int),
2772 .proc_handler = &proc_dointvec_jiffies,
2773 .strategy = &sysctl_jiffies,
2776 .ctl_name = NET_IPV4_ROUTE_REDIRECT_LOAD,
2777 .procname = "redirect_load",
2778 .data = &ip_rt_redirect_load,
2779 .maxlen = sizeof(int),
2781 .proc_handler = &proc_dointvec,
2784 .ctl_name = NET_IPV4_ROUTE_REDIRECT_NUMBER,
2785 .procname = "redirect_number",
2786 .data = &ip_rt_redirect_number,
2787 .maxlen = sizeof(int),
2789 .proc_handler = &proc_dointvec,
2792 .ctl_name = NET_IPV4_ROUTE_REDIRECT_SILENCE,
2793 .procname = "redirect_silence",
2794 .data = &ip_rt_redirect_silence,
2795 .maxlen = sizeof(int),
2797 .proc_handler = &proc_dointvec,
2800 .ctl_name = NET_IPV4_ROUTE_ERROR_COST,
2801 .procname = "error_cost",
2802 .data = &ip_rt_error_cost,
2803 .maxlen = sizeof(int),
2805 .proc_handler = &proc_dointvec,
2808 .ctl_name = NET_IPV4_ROUTE_ERROR_BURST,
2809 .procname = "error_burst",
2810 .data = &ip_rt_error_burst,
2811 .maxlen = sizeof(int),
2813 .proc_handler = &proc_dointvec,
2816 .ctl_name = NET_IPV4_ROUTE_GC_ELASTICITY,
2817 .procname = "gc_elasticity",
2818 .data = &ip_rt_gc_elasticity,
2819 .maxlen = sizeof(int),
2821 .proc_handler = &proc_dointvec,
2824 .ctl_name = NET_IPV4_ROUTE_MTU_EXPIRES,
2825 .procname = "mtu_expires",
2826 .data = &ip_rt_mtu_expires,
2827 .maxlen = sizeof(int),
2829 .proc_handler = &proc_dointvec_jiffies,
2830 .strategy = &sysctl_jiffies,
2833 .ctl_name = NET_IPV4_ROUTE_MIN_PMTU,
2834 .procname = "min_pmtu",
2835 .data = &ip_rt_min_pmtu,
2836 .maxlen = sizeof(int),
2838 .proc_handler = &proc_dointvec,
2841 .ctl_name = NET_IPV4_ROUTE_MIN_ADVMSS,
2842 .procname = "min_adv_mss",
2843 .data = &ip_rt_min_advmss,
2844 .maxlen = sizeof(int),
2846 .proc_handler = &proc_dointvec,
2849 .ctl_name = NET_IPV4_ROUTE_SECRET_INTERVAL,
2850 .procname = "secret_interval",
2851 .data = &ip_rt_secret_interval,
2852 .maxlen = sizeof(int),
2854 .proc_handler = &proc_dointvec_jiffies,
2855 .strategy = &sysctl_jiffies,
2861 #ifdef CONFIG_NET_CLS_ROUTE
2862 struct ip_rt_acct *ip_rt_acct;
2864 /* This code sucks. But you should have seen it before! --RR */
2866 /* IP route accounting ptr for this logical cpu number. */
2867 #define IP_RT_ACCT_CPU(i) (ip_rt_acct + i * 256)
2869 #ifdef CONFIG_PROC_FS
2870 static int ip_rt_acct_read(char *buffer, char **start, off_t offset,
2871 int length, int *eof, void *data)
2875 if ((offset & 3) || (length & 3))
2878 if (offset >= sizeof(struct ip_rt_acct) * 256) {
2883 if (offset + length >= sizeof(struct ip_rt_acct) * 256) {
2884 length = sizeof(struct ip_rt_acct) * 256 - offset;
2888 offset /= sizeof(u32);
2891 u32 *src = ((u32 *) IP_RT_ACCT_CPU(0)) + offset;
2892 u32 *dst = (u32 *) buffer;
2894 /* Copy first cpu. */
2896 memcpy(dst, src, length);
2898 /* Add the other cpus in, one int at a time */
2899 for_each_possible_cpu(i) {
2902 src = ((u32 *) IP_RT_ACCT_CPU(i)) + offset;
2904 for (j = 0; j < length/4; j++)
2910 #endif /* CONFIG_PROC_FS */
2911 #endif /* CONFIG_NET_CLS_ROUTE */
2913 static __initdata unsigned long rhash_entries;
2914 static int __init set_rhash_entries(char *str)
2918 rhash_entries = simple_strtoul(str, &str, 0);
2921 __setup("rhash_entries=", set_rhash_entries);
2923 int __init ip_rt_init(void)
2927 rt_hash_rnd = (int) ((num_physpages ^ (num_physpages>>8)) ^
2928 (jiffies ^ (jiffies >> 7)));
2930 #ifdef CONFIG_NET_CLS_ROUTE
2934 (PAGE_SIZE << order) < 256 * sizeof(struct ip_rt_acct) * NR_CPUS; order++)
2936 ip_rt_acct = (struct ip_rt_acct *)__get_free_pages(GFP_KERNEL, order);
2938 panic("IP: failed to allocate ip_rt_acct\n");
2939 memset(ip_rt_acct, 0, PAGE_SIZE << order);
2943 ipv4_dst_ops.kmem_cachep =
2944 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2945 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2947 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2949 rt_hash_table = (struct rt_hash_bucket *)
2950 alloc_large_system_hash("IP route cache",
2951 sizeof(struct rt_hash_bucket),
2953 (num_physpages >= 128 * 1024) ?
2959 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
2960 rt_hash_lock_init();
2962 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
2963 ip_rt_max_size = (rt_hash_mask + 1) * 16;
2968 init_timer(&rt_flush_timer);
2969 rt_flush_timer.function = rt_run_flush;
2970 init_timer(&rt_secret_timer);
2971 rt_secret_timer.function = rt_secret_rebuild;
2973 /* All the timers, started at system startup tend
2974 to synchronize. Perturb it a bit.
2976 schedule_delayed_work(&expires_work,
2977 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
2979 rt_secret_timer.expires = jiffies + net_random() % ip_rt_secret_interval +
2980 ip_rt_secret_interval;
2981 add_timer(&rt_secret_timer);
2983 #ifdef CONFIG_PROC_FS
2985 struct proc_dir_entry *rtstat_pde = NULL; /* keep gcc happy */
2986 if (!proc_net_fops_create(&init_net, "rt_cache", S_IRUGO, &rt_cache_seq_fops) ||
2987 !(rtstat_pde = create_proc_entry("rt_cache", S_IRUGO,
2988 init_net.proc_net_stat))) {
2991 rtstat_pde->proc_fops = &rt_cpu_seq_fops;
2993 #ifdef CONFIG_NET_CLS_ROUTE
2994 create_proc_read_entry("rt_acct", 0, init_net.proc_net, ip_rt_acct_read, NULL);
3001 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3006 EXPORT_SYMBOL(__ip_select_ident);
3007 EXPORT_SYMBOL(ip_route_input);
3008 EXPORT_SYMBOL(ip_route_output_key);
git.samba.org / sfrench / cifs-2.6.git / blob