2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
8 * Version: $Id: route.c,v 1.103 2002/01/12 07:44:09 davem Exp $
11 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
12 * Alan Cox, <gw4pts@gw4pts.ampr.org>
13 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
14 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
17 * Alan Cox : Verify area fixes.
18 * Alan Cox : cli() protects routing changes
19 * Rui Oliveira : ICMP routing table updates
20 * (rco@di.uminho.pt) Routing table insertion and update
21 * Linus Torvalds : Rewrote bits to be sensible
22 * Alan Cox : Added BSD route gw semantics
23 * Alan Cox : Super /proc >4K
24 * Alan Cox : MTU in route table
25 * Alan Cox : MSS actually. Also added the window
27 * Sam Lantinga : Fixed route matching in rt_del()
28 * Alan Cox : Routing cache support.
29 * Alan Cox : Removed compatibility cruft.
30 * Alan Cox : RTF_REJECT support.
31 * Alan Cox : TCP irtt support.
32 * Jonathan Naylor : Added Metric support.
33 * Miquel van Smoorenburg : BSD API fixes.
34 * Miquel van Smoorenburg : Metrics.
35 * Alan Cox : Use __u32 properly
36 * Alan Cox : Aligned routing errors more closely with BSD
37 * our system is still very different.
38 * Alan Cox : Faster /proc handling
39 * Alexey Kuznetsov : Massive rework to support tree based routing,
40 * routing caches and better behaviour.
42 * Olaf Erb : irtt wasn't being copied right.
43 * Bjorn Ekwall : Kerneld route support.
44 * Alan Cox : Multicast fixed (I hope)
45 * Pavel Krauz : Limited broadcast fixed
46 * Mike McLagan : Routing by source
47 * Alexey Kuznetsov : End of old history. Split to fib.c and
48 * route.c and rewritten from scratch.
49 * Andi Kleen : Load-limit warning messages.
50 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
51 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
52 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
53 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
54 * Marc Boucher : routing by fwmark
55 * Robert Olsson : Added rt_cache statistics
56 * Arnaldo C. Melo : Convert proc stuff to seq_file
57 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
58 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
59 * Ilia Sotnikov : Removed TOS from hash calculations
61 * This program is free software; you can redistribute it and/or
62 * modify it under the terms of the GNU General Public License
63 * as published by the Free Software Foundation; either version
64 * 2 of the License, or (at your option) any later version.
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <asm/system.h>
70 #include <linux/bitops.h>
71 #include <linux/types.h>
72 #include <linux/kernel.h>
74 #include <linux/bootmem.h>
75 #include <linux/string.h>
76 #include <linux/socket.h>
77 #include <linux/sockios.h>
78 #include <linux/errno.h>
80 #include <linux/inet.h>
81 #include <linux/netdevice.h>
82 #include <linux/proc_fs.h>
83 #include <linux/init.h>
84 #include <linux/workqueue.h>
85 #include <linux/skbuff.h>
86 #include <linux/inetdevice.h>
87 #include <linux/igmp.h>
88 #include <linux/pkt_sched.h>
89 #include <linux/mroute.h>
90 #include <linux/netfilter_ipv4.h>
91 #include <linux/random.h>
92 #include <linux/jhash.h>
93 #include <linux/rcupdate.h>
94 #include <linux/times.h>
95 #include <net/net_namespace.h>
96 #include <net/protocol.h>
98 #include <net/route.h>
99 #include <net/inetpeer.h>
100 #include <net/sock.h>
101 #include <net/ip_fib.h>
104 #include <net/icmp.h>
105 #include <net/xfrm.h>
106 #include <net/netevent.h>
107 #include <net/rtnetlink.h>
109 #include <linux/sysctl.h>
112 #define RT_FL_TOS(oldflp) \
113 ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
115 #define IP_MAX_MTU 0xFFF0
117 #define RT_GC_TIMEOUT (300*HZ)
119 static int ip_rt_min_delay = 2 * HZ;
120 static int ip_rt_max_delay = 10 * HZ;
121 static int ip_rt_max_size;
122 static int ip_rt_gc_timeout = RT_GC_TIMEOUT;
123 static int ip_rt_gc_interval = 60 * HZ;
124 static int ip_rt_gc_min_interval = HZ / 2;
125 static int ip_rt_redirect_number = 9;
126 static int ip_rt_redirect_load = HZ / 50;
127 static int ip_rt_redirect_silence = ((HZ / 50) << (9 + 1));
128 static int ip_rt_error_cost = HZ;
129 static int ip_rt_error_burst = 5 * HZ;
130 static int ip_rt_gc_elasticity = 8;
131 static int ip_rt_mtu_expires = 10 * 60 * HZ;
132 static int ip_rt_min_pmtu = 512 + 20 + 20;
133 static int ip_rt_min_advmss = 256;
134 static int ip_rt_secret_interval = 10 * 60 * HZ;
135 static unsigned long rt_deadline;
137 #define RTprint(a...) printk(KERN_DEBUG a)
139 static struct timer_list rt_flush_timer;
140 static void rt_check_expire(struct work_struct *work);
141 static DECLARE_DELAYED_WORK(expires_work, rt_check_expire);
142 static struct timer_list rt_secret_timer;
145 * Interface to generic destination cache.
148 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
149 static void ipv4_dst_destroy(struct dst_entry *dst);
150 static void ipv4_dst_ifdown(struct dst_entry *dst,
151 struct net_device *dev, int how);
152 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
153 static void ipv4_link_failure(struct sk_buff *skb);
154 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
155 static int rt_garbage_collect(void);
158 static struct dst_ops ipv4_dst_ops = {
160 .protocol = __constant_htons(ETH_P_IP),
161 .gc = rt_garbage_collect,
162 .check = ipv4_dst_check,
163 .destroy = ipv4_dst_destroy,
164 .ifdown = ipv4_dst_ifdown,
165 .negative_advice = ipv4_negative_advice,
166 .link_failure = ipv4_link_failure,
167 .update_pmtu = ip_rt_update_pmtu,
168 .entry_size = sizeof(struct rtable),
171 #define ECN_OR_COST(class) TC_PRIO_##class
173 const __u8 ip_tos2prio[16] = {
177 ECN_OR_COST(BESTEFFORT),
183 ECN_OR_COST(INTERACTIVE),
185 ECN_OR_COST(INTERACTIVE),
186 TC_PRIO_INTERACTIVE_BULK,
187 ECN_OR_COST(INTERACTIVE_BULK),
188 TC_PRIO_INTERACTIVE_BULK,
189 ECN_OR_COST(INTERACTIVE_BULK)
197 /* The locking scheme is rather straight forward:
199 * 1) Read-Copy Update protects the buckets of the central route hash.
200 * 2) Only writers remove entries, and they hold the lock
201 * as they look at rtable reference counts.
202 * 3) Only readers acquire references to rtable entries,
203 * they do so with atomic increments and with the
207 struct rt_hash_bucket {
208 struct rtable *chain;
210 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
211 defined(CONFIG_PROVE_LOCKING)
213 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
214 * The size of this table is a power of two and depends on the number of CPUS.
215 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
217 #ifdef CONFIG_LOCKDEP
218 # define RT_HASH_LOCK_SZ 256
221 # define RT_HASH_LOCK_SZ 4096
223 # define RT_HASH_LOCK_SZ 2048
225 # define RT_HASH_LOCK_SZ 1024
227 # define RT_HASH_LOCK_SZ 512
229 # define RT_HASH_LOCK_SZ 256
233 static spinlock_t *rt_hash_locks;
234 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
235 # define rt_hash_lock_init() { \
237 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ, GFP_KERNEL); \
238 if (!rt_hash_locks) panic("IP: failed to allocate rt_hash_locks\n"); \
239 for (i = 0; i < RT_HASH_LOCK_SZ; i++) \
240 spin_lock_init(&rt_hash_locks[i]); \
243 # define rt_hash_lock_addr(slot) NULL
244 # define rt_hash_lock_init()
247 static struct rt_hash_bucket *rt_hash_table;
248 static unsigned rt_hash_mask;
249 static unsigned int rt_hash_log;
250 static unsigned int rt_hash_rnd;
252 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
253 #define RT_CACHE_STAT_INC(field) \
254 (__raw_get_cpu_var(rt_cache_stat).field++)
256 static int rt_intern_hash(unsigned hash, struct rtable *rth,
257 struct rtable **res);
259 static unsigned int rt_hash_code(u32 daddr, u32 saddr)
261 return (jhash_2words(daddr, saddr, rt_hash_rnd)
265 #define rt_hash(daddr, saddr, idx) \
266 rt_hash_code((__force u32)(__be32)(daddr),\
267 (__force u32)(__be32)(saddr) ^ ((idx) << 5))
269 #ifdef CONFIG_PROC_FS
270 struct rt_cache_iter_state {
274 static struct rtable *rt_cache_get_first(struct seq_file *seq)
276 struct rtable *r = NULL;
277 struct rt_cache_iter_state *st = seq->private;
279 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
281 r = rt_hash_table[st->bucket].chain;
284 rcu_read_unlock_bh();
289 static struct rtable *rt_cache_get_next(struct seq_file *seq, struct rtable *r)
291 struct rt_cache_iter_state *st = rcu_dereference(seq->private);
293 r = r->u.dst.rt_next;
295 rcu_read_unlock_bh();
296 if (--st->bucket < 0)
299 r = rt_hash_table[st->bucket].chain;
304 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
306 struct rtable *r = rt_cache_get_first(seq);
309 while (pos && (r = rt_cache_get_next(seq, r)))
311 return pos ? NULL : r;
314 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
316 return *pos ? rt_cache_get_idx(seq, *pos - 1) : SEQ_START_TOKEN;
319 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
321 struct rtable *r = NULL;
323 if (v == SEQ_START_TOKEN)
324 r = rt_cache_get_first(seq);
326 r = rt_cache_get_next(seq, v);
331 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
333 if (v && v != SEQ_START_TOKEN)
334 rcu_read_unlock_bh();
337 static int rt_cache_seq_show(struct seq_file *seq, void *v)
339 if (v == SEQ_START_TOKEN)
340 seq_printf(seq, "%-127s\n",
341 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
342 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
345 struct rtable *r = v;
348 sprintf(temp, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t"
349 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X",
350 r->u.dst.dev ? r->u.dst.dev->name : "*",
351 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway,
352 r->rt_flags, atomic_read(&r->u.dst.__refcnt),
353 r->u.dst.__use, 0, (unsigned long)r->rt_src,
354 (dst_metric(&r->u.dst, RTAX_ADVMSS) ?
355 (int)dst_metric(&r->u.dst, RTAX_ADVMSS) + 40 : 0),
356 dst_metric(&r->u.dst, RTAX_WINDOW),
357 (int)((dst_metric(&r->u.dst, RTAX_RTT) >> 3) +
358 dst_metric(&r->u.dst, RTAX_RTTVAR)),
360 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1,
361 r->u.dst.hh ? (r->u.dst.hh->hh_output ==
364 seq_printf(seq, "%-127s\n", temp);
369 static const struct seq_operations rt_cache_seq_ops = {
370 .start = rt_cache_seq_start,
371 .next = rt_cache_seq_next,
372 .stop = rt_cache_seq_stop,
373 .show = rt_cache_seq_show,
376 static int rt_cache_seq_open(struct inode *inode, struct file *file)
378 return seq_open_private(file, &rt_cache_seq_ops,
379 sizeof(struct rt_cache_iter_state));
382 static const struct file_operations rt_cache_seq_fops = {
383 .owner = THIS_MODULE,
384 .open = rt_cache_seq_open,
387 .release = seq_release_private,
391 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
396 return SEQ_START_TOKEN;
398 for (cpu = *pos-1; cpu < NR_CPUS; ++cpu) {
399 if (!cpu_possible(cpu))
402 return &per_cpu(rt_cache_stat, cpu);
407 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
411 for (cpu = *pos; cpu < NR_CPUS; ++cpu) {
412 if (!cpu_possible(cpu))
415 return &per_cpu(rt_cache_stat, cpu);
421 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
426 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
428 struct rt_cache_stat *st = v;
430 if (v == SEQ_START_TOKEN) {
431 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
435 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
436 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
437 atomic_read(&ipv4_dst_ops.entries),
460 static const struct seq_operations rt_cpu_seq_ops = {
461 .start = rt_cpu_seq_start,
462 .next = rt_cpu_seq_next,
463 .stop = rt_cpu_seq_stop,
464 .show = rt_cpu_seq_show,
468 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
470 return seq_open(file, &rt_cpu_seq_ops);
473 static const struct file_operations rt_cpu_seq_fops = {
474 .owner = THIS_MODULE,
475 .open = rt_cpu_seq_open,
478 .release = seq_release,
481 #endif /* CONFIG_PROC_FS */
483 static __inline__ void rt_free(struct rtable *rt)
485 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
488 static __inline__ void rt_drop(struct rtable *rt)
491 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
494 static __inline__ int rt_fast_clean(struct rtable *rth)
496 /* Kill broadcast/multicast entries very aggresively, if they
497 collide in hash table with more useful entries */
498 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
499 rth->fl.iif && rth->u.dst.rt_next;
502 static __inline__ int rt_valuable(struct rtable *rth)
504 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
508 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
513 if (atomic_read(&rth->u.dst.__refcnt))
517 if (rth->u.dst.expires &&
518 time_after_eq(jiffies, rth->u.dst.expires))
521 age = jiffies - rth->u.dst.lastuse;
523 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
524 (age <= tmo2 && rt_valuable(rth)))
530 /* Bits of score are:
532 * 30: not quite useless
533 * 29..0: usage counter
535 static inline u32 rt_score(struct rtable *rt)
537 u32 score = jiffies - rt->u.dst.lastuse;
539 score = ~score & ~(3<<30);
545 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
551 static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
553 return ((__force u32)((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) |
554 (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr)) |
555 (fl1->mark ^ fl2->mark) |
556 (*(u16 *)&fl1->nl_u.ip4_u.tos ^
557 *(u16 *)&fl2->nl_u.ip4_u.tos) |
558 (fl1->oif ^ fl2->oif) |
559 (fl1->iif ^ fl2->iif)) == 0;
562 static void rt_check_expire(struct work_struct *work)
564 static unsigned int rover;
565 unsigned int i = rover, goal;
566 struct rtable *rth, **rthp;
569 mult = ((u64)ip_rt_gc_interval) << rt_hash_log;
570 if (ip_rt_gc_timeout > 1)
571 do_div(mult, ip_rt_gc_timeout);
572 goal = (unsigned int)mult;
573 if (goal > rt_hash_mask)
574 goal = rt_hash_mask + 1;
575 for (; goal > 0; goal--) {
576 unsigned long tmo = ip_rt_gc_timeout;
578 i = (i + 1) & rt_hash_mask;
579 rthp = &rt_hash_table[i].chain;
583 spin_lock_bh(rt_hash_lock_addr(i));
584 while ((rth = *rthp) != NULL) {
585 if (rth->u.dst.expires) {
586 /* Entry is expired even if it is in use */
587 if (time_before_eq(jiffies, rth->u.dst.expires)) {
589 rthp = &rth->u.dst.rt_next;
592 } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout)) {
594 rthp = &rth->u.dst.rt_next;
598 /* Cleanup aged off entries. */
599 *rthp = rth->u.dst.rt_next;
602 spin_unlock_bh(rt_hash_lock_addr(i));
605 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
608 /* This can run from both BH and non-BH contexts, the latter
609 * in the case of a forced flush event.
611 static void rt_run_flush(unsigned long dummy)
614 struct rtable *rth, *next;
618 get_random_bytes(&rt_hash_rnd, 4);
620 for (i = rt_hash_mask; i >= 0; i--) {
621 spin_lock_bh(rt_hash_lock_addr(i));
622 rth = rt_hash_table[i].chain;
624 rt_hash_table[i].chain = NULL;
625 spin_unlock_bh(rt_hash_lock_addr(i));
627 for (; rth; rth = next) {
628 next = rth->u.dst.rt_next;
634 static DEFINE_SPINLOCK(rt_flush_lock);
636 void rt_cache_flush(int delay)
638 unsigned long now = jiffies;
639 int user_mode = !in_softirq();
642 delay = ip_rt_min_delay;
644 spin_lock_bh(&rt_flush_lock);
646 if (del_timer(&rt_flush_timer) && delay > 0 && rt_deadline) {
647 long tmo = (long)(rt_deadline - now);
649 /* If flush timer is already running
650 and flush request is not immediate (delay > 0):
652 if deadline is not achieved, prolongate timer to "delay",
653 otherwise fire it at deadline time.
656 if (user_mode && tmo < ip_rt_max_delay-ip_rt_min_delay)
664 spin_unlock_bh(&rt_flush_lock);
669 if (rt_deadline == 0)
670 rt_deadline = now + ip_rt_max_delay;
672 mod_timer(&rt_flush_timer, now+delay);
673 spin_unlock_bh(&rt_flush_lock);
676 static void rt_secret_rebuild(unsigned long dummy)
678 unsigned long now = jiffies;
681 mod_timer(&rt_secret_timer, now + ip_rt_secret_interval);
685 Short description of GC goals.
687 We want to build algorithm, which will keep routing cache
688 at some equilibrium point, when number of aged off entries
689 is kept approximately equal to newly generated ones.
691 Current expiration strength is variable "expire".
692 We try to adjust it dynamically, so that if networking
693 is idle expires is large enough to keep enough of warm entries,
694 and when load increases it reduces to limit cache size.
697 static int rt_garbage_collect(void)
699 static unsigned long expire = RT_GC_TIMEOUT;
700 static unsigned long last_gc;
702 static int equilibrium;
703 struct rtable *rth, **rthp;
704 unsigned long now = jiffies;
708 * Garbage collection is pretty expensive,
709 * do not make it too frequently.
712 RT_CACHE_STAT_INC(gc_total);
714 if (now - last_gc < ip_rt_gc_min_interval &&
715 atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) {
716 RT_CACHE_STAT_INC(gc_ignored);
720 /* Calculate number of entries, which we want to expire now. */
721 goal = atomic_read(&ipv4_dst_ops.entries) -
722 (ip_rt_gc_elasticity << rt_hash_log);
724 if (equilibrium < ipv4_dst_ops.gc_thresh)
725 equilibrium = ipv4_dst_ops.gc_thresh;
726 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
728 equilibrium += min_t(unsigned int, goal / 2, rt_hash_mask + 1);
729 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
732 /* We are in dangerous area. Try to reduce cache really
735 goal = max_t(unsigned int, goal / 2, rt_hash_mask + 1);
736 equilibrium = atomic_read(&ipv4_dst_ops.entries) - goal;
739 if (now - last_gc >= ip_rt_gc_min_interval)
750 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
751 unsigned long tmo = expire;
753 k = (k + 1) & rt_hash_mask;
754 rthp = &rt_hash_table[k].chain;
755 spin_lock_bh(rt_hash_lock_addr(k));
756 while ((rth = *rthp) != NULL) {
757 if (!rt_may_expire(rth, tmo, expire)) {
759 rthp = &rth->u.dst.rt_next;
762 *rthp = rth->u.dst.rt_next;
766 spin_unlock_bh(rt_hash_lock_addr(k));
775 /* Goal is not achieved. We stop process if:
777 - if expire reduced to zero. Otherwise, expire is halfed.
778 - if table is not full.
779 - if we are called from interrupt.
780 - jiffies check is just fallback/debug loop breaker.
781 We will not spin here for long time in any case.
784 RT_CACHE_STAT_INC(gc_goal_miss);
790 #if RT_CACHE_DEBUG >= 2
791 printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire,
792 atomic_read(&ipv4_dst_ops.entries), goal, i);
795 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
797 } while (!in_softirq() && time_before_eq(jiffies, now));
799 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
802 printk(KERN_WARNING "dst cache overflow\n");
803 RT_CACHE_STAT_INC(gc_dst_overflow);
807 expire += ip_rt_gc_min_interval;
808 if (expire > ip_rt_gc_timeout ||
809 atomic_read(&ipv4_dst_ops.entries) < ipv4_dst_ops.gc_thresh)
810 expire = ip_rt_gc_timeout;
811 #if RT_CACHE_DEBUG >= 2
812 printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire,
813 atomic_read(&ipv4_dst_ops.entries), goal, rover);
818 static int rt_intern_hash(unsigned hash, struct rtable *rt, struct rtable **rp)
820 struct rtable *rth, **rthp;
822 struct rtable *cand, **candp;
825 int attempts = !in_softirq();
834 rthp = &rt_hash_table[hash].chain;
836 spin_lock_bh(rt_hash_lock_addr(hash));
837 while ((rth = *rthp) != NULL) {
838 if (compare_keys(&rth->fl, &rt->fl)) {
840 *rthp = rth->u.dst.rt_next;
842 * Since lookup is lockfree, the deletion
843 * must be visible to another weakly ordered CPU before
844 * the insertion at the start of the hash chain.
846 rcu_assign_pointer(rth->u.dst.rt_next,
847 rt_hash_table[hash].chain);
849 * Since lookup is lockfree, the update writes
850 * must be ordered for consistency on SMP.
852 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
854 dst_use(&rth->u.dst, now);
855 spin_unlock_bh(rt_hash_lock_addr(hash));
862 if (!atomic_read(&rth->u.dst.__refcnt)) {
863 u32 score = rt_score(rth);
865 if (score <= min_score) {
874 rthp = &rth->u.dst.rt_next;
878 /* ip_rt_gc_elasticity used to be average length of chain
879 * length, when exceeded gc becomes really aggressive.
881 * The second limit is less certain. At the moment it allows
882 * only 2 entries per bucket. We will see.
884 if (chain_length > ip_rt_gc_elasticity) {
885 *candp = cand->u.dst.rt_next;
890 /* Try to bind route to arp only if it is output
891 route or unicast forwarding path.
893 if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) {
894 int err = arp_bind_neighbour(&rt->u.dst);
896 spin_unlock_bh(rt_hash_lock_addr(hash));
898 if (err != -ENOBUFS) {
903 /* Neighbour tables are full and nothing
904 can be released. Try to shrink route cache,
905 it is most likely it holds some neighbour records.
907 if (attempts-- > 0) {
908 int saved_elasticity = ip_rt_gc_elasticity;
909 int saved_int = ip_rt_gc_min_interval;
910 ip_rt_gc_elasticity = 1;
911 ip_rt_gc_min_interval = 0;
912 rt_garbage_collect();
913 ip_rt_gc_min_interval = saved_int;
914 ip_rt_gc_elasticity = saved_elasticity;
919 printk(KERN_WARNING "Neighbour table overflow.\n");
925 rt->u.dst.rt_next = rt_hash_table[hash].chain;
926 #if RT_CACHE_DEBUG >= 2
927 if (rt->u.dst.rt_next) {
929 printk(KERN_DEBUG "rt_cache @%02x: %u.%u.%u.%u", hash,
930 NIPQUAD(rt->rt_dst));
931 for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next)
932 printk(" . %u.%u.%u.%u", NIPQUAD(trt->rt_dst));
936 rt_hash_table[hash].chain = rt;
937 spin_unlock_bh(rt_hash_lock_addr(hash));
942 void rt_bind_peer(struct rtable *rt, int create)
944 static DEFINE_SPINLOCK(rt_peer_lock);
945 struct inet_peer *peer;
947 peer = inet_getpeer(rt->rt_dst, create);
949 spin_lock_bh(&rt_peer_lock);
950 if (rt->peer == NULL) {
954 spin_unlock_bh(&rt_peer_lock);
960 * Peer allocation may fail only in serious out-of-memory conditions. However
961 * we still can generate some output.
962 * Random ID selection looks a bit dangerous because we have no chances to
963 * select ID being unique in a reasonable period of time.
964 * But broken packet identifier may be better than no packet at all.
966 static void ip_select_fb_ident(struct iphdr *iph)
968 static DEFINE_SPINLOCK(ip_fb_id_lock);
969 static u32 ip_fallback_id;
972 spin_lock_bh(&ip_fb_id_lock);
973 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
974 iph->id = htons(salt & 0xFFFF);
975 ip_fallback_id = salt;
976 spin_unlock_bh(&ip_fb_id_lock);
979 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
981 struct rtable *rt = (struct rtable *) dst;
984 if (rt->peer == NULL)
987 /* If peer is attached to destination, it is never detached,
988 so that we need not to grab a lock to dereference it.
991 iph->id = htons(inet_getid(rt->peer, more));
995 printk(KERN_DEBUG "rt_bind_peer(0) @%p\n",
996 __builtin_return_address(0));
998 ip_select_fb_ident(iph);
1001 static void rt_del(unsigned hash, struct rtable *rt)
1003 struct rtable **rthp;
1005 spin_lock_bh(rt_hash_lock_addr(hash));
1007 for (rthp = &rt_hash_table[hash].chain; *rthp;
1008 rthp = &(*rthp)->u.dst.rt_next)
1010 *rthp = rt->u.dst.rt_next;
1014 spin_unlock_bh(rt_hash_lock_addr(hash));
1017 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1018 __be32 saddr, struct net_device *dev)
1021 struct in_device *in_dev = in_dev_get(dev);
1022 struct rtable *rth, **rthp;
1023 __be32 skeys[2] = { saddr, 0 };
1024 int ikeys[2] = { dev->ifindex, 0 };
1025 struct netevent_redirect netevent;
1030 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev)
1031 || MULTICAST(new_gw) || BADCLASS(new_gw) || ZERONET(new_gw))
1032 goto reject_redirect;
1034 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1035 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1036 goto reject_redirect;
1037 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1038 goto reject_redirect;
1040 if (inet_addr_type(new_gw) != RTN_UNICAST)
1041 goto reject_redirect;
1044 for (i = 0; i < 2; i++) {
1045 for (k = 0; k < 2; k++) {
1046 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k]);
1048 rthp=&rt_hash_table[hash].chain;
1051 while ((rth = rcu_dereference(*rthp)) != NULL) {
1054 if (rth->fl.fl4_dst != daddr ||
1055 rth->fl.fl4_src != skeys[i] ||
1056 rth->fl.oif != ikeys[k] ||
1058 rthp = &rth->u.dst.rt_next;
1062 if (rth->rt_dst != daddr ||
1063 rth->rt_src != saddr ||
1065 rth->rt_gateway != old_gw ||
1066 rth->u.dst.dev != dev)
1069 dst_hold(&rth->u.dst);
1072 rt = dst_alloc(&ipv4_dst_ops);
1079 /* Copy all the information. */
1081 INIT_RCU_HEAD(&rt->u.dst.rcu_head);
1082 rt->u.dst.__use = 1;
1083 atomic_set(&rt->u.dst.__refcnt, 1);
1084 rt->u.dst.child = NULL;
1086 dev_hold(rt->u.dst.dev);
1088 in_dev_hold(rt->idev);
1089 rt->u.dst.obsolete = 0;
1090 rt->u.dst.lastuse = jiffies;
1091 rt->u.dst.path = &rt->u.dst;
1092 rt->u.dst.neighbour = NULL;
1093 rt->u.dst.hh = NULL;
1094 rt->u.dst.xfrm = NULL;
1096 rt->rt_flags |= RTCF_REDIRECTED;
1098 /* Gateway is different ... */
1099 rt->rt_gateway = new_gw;
1101 /* Redirect received -> path was valid */
1102 dst_confirm(&rth->u.dst);
1105 atomic_inc(&rt->peer->refcnt);
1107 if (arp_bind_neighbour(&rt->u.dst) ||
1108 !(rt->u.dst.neighbour->nud_state &
1110 if (rt->u.dst.neighbour)
1111 neigh_event_send(rt->u.dst.neighbour, NULL);
1117 netevent.old = &rth->u.dst;
1118 netevent.new = &rt->u.dst;
1119 call_netevent_notifiers(NETEVENT_REDIRECT,
1123 if (!rt_intern_hash(hash, rt, &rt))
1136 #ifdef CONFIG_IP_ROUTE_VERBOSE
1137 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1138 printk(KERN_INFO "Redirect from %u.%u.%u.%u on %s about "
1139 "%u.%u.%u.%u ignored.\n"
1140 " Advised path = %u.%u.%u.%u -> %u.%u.%u.%u\n",
1141 NIPQUAD(old_gw), dev->name, NIPQUAD(new_gw),
1142 NIPQUAD(saddr), NIPQUAD(daddr));
1147 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1149 struct rtable *rt = (struct rtable*)dst;
1150 struct dst_entry *ret = dst;
1153 if (dst->obsolete) {
1156 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1157 rt->u.dst.expires) {
1158 unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1160 #if RT_CACHE_DEBUG >= 1
1161 printk(KERN_DEBUG "ip_rt_advice: redirect to "
1162 "%u.%u.%u.%u/%02x dropped\n",
1163 NIPQUAD(rt->rt_dst), rt->fl.fl4_tos);
1174 * 1. The first ip_rt_redirect_number redirects are sent
1175 * with exponential backoff, then we stop sending them at all,
1176 * assuming that the host ignores our redirects.
1177 * 2. If we did not see packets requiring redirects
1178 * during ip_rt_redirect_silence, we assume that the host
1179 * forgot redirected route and start to send redirects again.
1181 * This algorithm is much cheaper and more intelligent than dumb load limiting
1184 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1185 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1188 void ip_rt_send_redirect(struct sk_buff *skb)
1190 struct rtable *rt = (struct rtable*)skb->dst;
1191 struct in_device *in_dev = in_dev_get(rt->u.dst.dev);
1196 if (!IN_DEV_TX_REDIRECTS(in_dev))
1199 /* No redirected packets during ip_rt_redirect_silence;
1200 * reset the algorithm.
1202 if (time_after(jiffies, rt->u.dst.rate_last + ip_rt_redirect_silence))
1203 rt->u.dst.rate_tokens = 0;
1205 /* Too many ignored redirects; do not send anything
1206 * set u.dst.rate_last to the last seen redirected packet.
1208 if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) {
1209 rt->u.dst.rate_last = jiffies;
1213 /* Check for load limit; set rate_last to the latest sent
1216 if (rt->u.dst.rate_tokens == 0 ||
1218 (rt->u.dst.rate_last +
1219 (ip_rt_redirect_load << rt->u.dst.rate_tokens)))) {
1220 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1221 rt->u.dst.rate_last = jiffies;
1222 ++rt->u.dst.rate_tokens;
1223 #ifdef CONFIG_IP_ROUTE_VERBOSE
1224 if (IN_DEV_LOG_MARTIANS(in_dev) &&
1225 rt->u.dst.rate_tokens == ip_rt_redirect_number &&
1227 printk(KERN_WARNING "host %u.%u.%u.%u/if%d ignores "
1228 "redirects for %u.%u.%u.%u to %u.%u.%u.%u.\n",
1229 NIPQUAD(rt->rt_src), rt->rt_iif,
1230 NIPQUAD(rt->rt_dst), NIPQUAD(rt->rt_gateway));
1237 static int ip_error(struct sk_buff *skb)
1239 struct rtable *rt = (struct rtable*)skb->dst;
1243 switch (rt->u.dst.error) {
1248 code = ICMP_HOST_UNREACH;
1251 code = ICMP_NET_UNREACH;
1254 code = ICMP_PKT_FILTERED;
1259 rt->u.dst.rate_tokens += now - rt->u.dst.rate_last;
1260 if (rt->u.dst.rate_tokens > ip_rt_error_burst)
1261 rt->u.dst.rate_tokens = ip_rt_error_burst;
1262 rt->u.dst.rate_last = now;
1263 if (rt->u.dst.rate_tokens >= ip_rt_error_cost) {
1264 rt->u.dst.rate_tokens -= ip_rt_error_cost;
1265 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1268 out: kfree_skb(skb);
1273 * The last two values are not from the RFC but
1274 * are needed for AMPRnet AX.25 paths.
1277 static const unsigned short mtu_plateau[] =
1278 {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 };
1280 static __inline__ unsigned short guess_mtu(unsigned short old_mtu)
1284 for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++)
1285 if (old_mtu > mtu_plateau[i])
1286 return mtu_plateau[i];
1290 unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu)
1293 unsigned short old_mtu = ntohs(iph->tot_len);
1295 __be32 skeys[2] = { iph->saddr, 0, };
1296 __be32 daddr = iph->daddr;
1297 unsigned short est_mtu = 0;
1299 if (ipv4_config.no_pmtu_disc)
1302 for (i = 0; i < 2; i++) {
1303 unsigned hash = rt_hash(daddr, skeys[i], 0);
1306 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1307 rth = rcu_dereference(rth->u.dst.rt_next)) {
1308 if (rth->fl.fl4_dst == daddr &&
1309 rth->fl.fl4_src == skeys[i] &&
1310 rth->rt_dst == daddr &&
1311 rth->rt_src == iph->saddr &&
1313 !(dst_metric_locked(&rth->u.dst, RTAX_MTU))) {
1314 unsigned short mtu = new_mtu;
1316 if (new_mtu < 68 || new_mtu >= old_mtu) {
1318 /* BSD 4.2 compatibility hack :-( */
1320 old_mtu >= rth->u.dst.metrics[RTAX_MTU-1] &&
1321 old_mtu >= 68 + (iph->ihl << 2))
1322 old_mtu -= iph->ihl << 2;
1324 mtu = guess_mtu(old_mtu);
1326 if (mtu <= rth->u.dst.metrics[RTAX_MTU-1]) {
1327 if (mtu < rth->u.dst.metrics[RTAX_MTU-1]) {
1328 dst_confirm(&rth->u.dst);
1329 if (mtu < ip_rt_min_pmtu) {
1330 mtu = ip_rt_min_pmtu;
1331 rth->u.dst.metrics[RTAX_LOCK-1] |=
1334 rth->u.dst.metrics[RTAX_MTU-1] = mtu;
1335 dst_set_expires(&rth->u.dst,
1344 return est_mtu ? : new_mtu;
1347 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1349 if (dst->metrics[RTAX_MTU-1] > mtu && mtu >= 68 &&
1350 !(dst_metric_locked(dst, RTAX_MTU))) {
1351 if (mtu < ip_rt_min_pmtu) {
1352 mtu = ip_rt_min_pmtu;
1353 dst->metrics[RTAX_LOCK-1] |= (1 << RTAX_MTU);
1355 dst->metrics[RTAX_MTU-1] = mtu;
1356 dst_set_expires(dst, ip_rt_mtu_expires);
1357 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
1361 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1366 static void ipv4_dst_destroy(struct dst_entry *dst)
1368 struct rtable *rt = (struct rtable *) dst;
1369 struct inet_peer *peer = rt->peer;
1370 struct in_device *idev = rt->idev;
1383 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
1386 struct rtable *rt = (struct rtable *) dst;
1387 struct in_device *idev = rt->idev;
1388 if (dev != init_net.loopback_dev && idev && idev->dev == dev) {
1389 struct in_device *loopback_idev = in_dev_get(init_net.loopback_dev);
1390 if (loopback_idev) {
1391 rt->idev = loopback_idev;
1397 static void ipv4_link_failure(struct sk_buff *skb)
1401 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1403 rt = (struct rtable *) skb->dst;
1405 dst_set_expires(&rt->u.dst, 0);
1408 static int ip_rt_bug(struct sk_buff *skb)
1410 printk(KERN_DEBUG "ip_rt_bug: %u.%u.%u.%u -> %u.%u.%u.%u, %s\n",
1411 NIPQUAD(ip_hdr(skb)->saddr), NIPQUAD(ip_hdr(skb)->daddr),
1412 skb->dev ? skb->dev->name : "?");
1418 We do not cache source address of outgoing interface,
1419 because it is used only by IP RR, TS and SRR options,
1420 so that it out of fast path.
1422 BTW remember: "addr" is allowed to be not aligned
1426 void ip_rt_get_source(u8 *addr, struct rtable *rt)
1429 struct fib_result res;
1431 if (rt->fl.iif == 0)
1433 else if (fib_lookup(&rt->fl, &res) == 0) {
1434 src = FIB_RES_PREFSRC(res);
1437 src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
1439 memcpy(addr, &src, 4);
1442 #ifdef CONFIG_NET_CLS_ROUTE
1443 static void set_class_tag(struct rtable *rt, u32 tag)
1445 if (!(rt->u.dst.tclassid & 0xFFFF))
1446 rt->u.dst.tclassid |= tag & 0xFFFF;
1447 if (!(rt->u.dst.tclassid & 0xFFFF0000))
1448 rt->u.dst.tclassid |= tag & 0xFFFF0000;
1452 static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag)
1454 struct fib_info *fi = res->fi;
1457 if (FIB_RES_GW(*res) &&
1458 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1459 rt->rt_gateway = FIB_RES_GW(*res);
1460 memcpy(rt->u.dst.metrics, fi->fib_metrics,
1461 sizeof(rt->u.dst.metrics));
1462 if (fi->fib_mtu == 0) {
1463 rt->u.dst.metrics[RTAX_MTU-1] = rt->u.dst.dev->mtu;
1464 if (rt->u.dst.metrics[RTAX_LOCK-1] & (1 << RTAX_MTU) &&
1465 rt->rt_gateway != rt->rt_dst &&
1466 rt->u.dst.dev->mtu > 576)
1467 rt->u.dst.metrics[RTAX_MTU-1] = 576;
1469 #ifdef CONFIG_NET_CLS_ROUTE
1470 rt->u.dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1473 rt->u.dst.metrics[RTAX_MTU-1]= rt->u.dst.dev->mtu;
1475 if (rt->u.dst.metrics[RTAX_HOPLIMIT-1] == 0)
1476 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = sysctl_ip_default_ttl;
1477 if (rt->u.dst.metrics[RTAX_MTU-1] > IP_MAX_MTU)
1478 rt->u.dst.metrics[RTAX_MTU-1] = IP_MAX_MTU;
1479 if (rt->u.dst.metrics[RTAX_ADVMSS-1] == 0)
1480 rt->u.dst.metrics[RTAX_ADVMSS-1] = max_t(unsigned int, rt->u.dst.dev->mtu - 40,
1482 if (rt->u.dst.metrics[RTAX_ADVMSS-1] > 65535 - 40)
1483 rt->u.dst.metrics[RTAX_ADVMSS-1] = 65535 - 40;
1485 #ifdef CONFIG_NET_CLS_ROUTE
1486 #ifdef CONFIG_IP_MULTIPLE_TABLES
1487 set_class_tag(rt, fib_rules_tclass(res));
1489 set_class_tag(rt, itag);
1491 rt->rt_type = res->type;
1494 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1495 u8 tos, struct net_device *dev, int our)
1500 struct in_device *in_dev = in_dev_get(dev);
1503 /* Primary sanity checks. */
1508 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr) ||
1509 skb->protocol != htons(ETH_P_IP))
1512 if (ZERONET(saddr)) {
1513 if (!LOCAL_MCAST(daddr))
1515 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1516 } else if (fib_validate_source(saddr, 0, tos, 0,
1517 dev, &spec_dst, &itag) < 0)
1520 rth = dst_alloc(&ipv4_dst_ops);
1524 rth->u.dst.output= ip_rt_bug;
1526 atomic_set(&rth->u.dst.__refcnt, 1);
1527 rth->u.dst.flags= DST_HOST;
1528 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1529 rth->u.dst.flags |= DST_NOPOLICY;
1530 rth->fl.fl4_dst = daddr;
1531 rth->rt_dst = daddr;
1532 rth->fl.fl4_tos = tos;
1533 rth->fl.mark = skb->mark;
1534 rth->fl.fl4_src = saddr;
1535 rth->rt_src = saddr;
1536 #ifdef CONFIG_NET_CLS_ROUTE
1537 rth->u.dst.tclassid = itag;
1540 rth->fl.iif = dev->ifindex;
1541 rth->u.dst.dev = init_net.loopback_dev;
1542 dev_hold(rth->u.dst.dev);
1543 rth->idev = in_dev_get(rth->u.dst.dev);
1545 rth->rt_gateway = daddr;
1546 rth->rt_spec_dst= spec_dst;
1547 rth->rt_type = RTN_MULTICAST;
1548 rth->rt_flags = RTCF_MULTICAST;
1550 rth->u.dst.input= ip_local_deliver;
1551 rth->rt_flags |= RTCF_LOCAL;
1554 #ifdef CONFIG_IP_MROUTE
1555 if (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
1556 rth->u.dst.input = ip_mr_input;
1558 RT_CACHE_STAT_INC(in_slow_mc);
1561 hash = rt_hash(daddr, saddr, dev->ifindex);
1562 return rt_intern_hash(hash, rth, (struct rtable**) &skb->dst);
1574 static void ip_handle_martian_source(struct net_device *dev,
1575 struct in_device *in_dev,
1576 struct sk_buff *skb,
1580 RT_CACHE_STAT_INC(in_martian_src);
1581 #ifdef CONFIG_IP_ROUTE_VERBOSE
1582 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1584 * RFC1812 recommendation, if source is martian,
1585 * the only hint is MAC header.
1587 printk(KERN_WARNING "martian source %u.%u.%u.%u from "
1588 "%u.%u.%u.%u, on dev %s\n",
1589 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1590 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1592 const unsigned char *p = skb_mac_header(skb);
1593 printk(KERN_WARNING "ll header: ");
1594 for (i = 0; i < dev->hard_header_len; i++, p++) {
1596 if (i < (dev->hard_header_len - 1))
1605 static inline int __mkroute_input(struct sk_buff *skb,
1606 struct fib_result* res,
1607 struct in_device *in_dev,
1608 __be32 daddr, __be32 saddr, u32 tos,
1609 struct rtable **result)
1614 struct in_device *out_dev;
1619 /* get a working reference to the output device */
1620 out_dev = in_dev_get(FIB_RES_DEV(*res));
1621 if (out_dev == NULL) {
1622 if (net_ratelimit())
1623 printk(KERN_CRIT "Bug in ip_route_input" \
1624 "_slow(). Please, report\n");
1629 err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
1630 in_dev->dev, &spec_dst, &itag);
1632 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1640 flags |= RTCF_DIRECTSRC;
1642 if (out_dev == in_dev && err && !(flags & (RTCF_NAT | RTCF_MASQ)) &&
1643 (IN_DEV_SHARED_MEDIA(out_dev) ||
1644 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1645 flags |= RTCF_DOREDIRECT;
1647 if (skb->protocol != htons(ETH_P_IP)) {
1648 /* Not IP (i.e. ARP). Do not create route, if it is
1649 * invalid for proxy arp. DNAT routes are always valid.
1651 if (out_dev == in_dev && !(flags & RTCF_DNAT)) {
1658 rth = dst_alloc(&ipv4_dst_ops);
1664 atomic_set(&rth->u.dst.__refcnt, 1);
1665 rth->u.dst.flags= DST_HOST;
1666 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1667 rth->u.dst.flags |= DST_NOPOLICY;
1668 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
1669 rth->u.dst.flags |= DST_NOXFRM;
1670 rth->fl.fl4_dst = daddr;
1671 rth->rt_dst = daddr;
1672 rth->fl.fl4_tos = tos;
1673 rth->fl.mark = skb->mark;
1674 rth->fl.fl4_src = saddr;
1675 rth->rt_src = saddr;
1676 rth->rt_gateway = daddr;
1678 rth->fl.iif = in_dev->dev->ifindex;
1679 rth->u.dst.dev = (out_dev)->dev;
1680 dev_hold(rth->u.dst.dev);
1681 rth->idev = in_dev_get(rth->u.dst.dev);
1683 rth->rt_spec_dst= spec_dst;
1685 rth->u.dst.input = ip_forward;
1686 rth->u.dst.output = ip_output;
1688 rt_set_nexthop(rth, res, itag);
1690 rth->rt_flags = flags;
1695 /* release the working reference to the output device */
1696 in_dev_put(out_dev);
1700 static inline int ip_mkroute_input(struct sk_buff *skb,
1701 struct fib_result* res,
1702 const struct flowi *fl,
1703 struct in_device *in_dev,
1704 __be32 daddr, __be32 saddr, u32 tos)
1706 struct rtable* rth = NULL;
1710 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1711 if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
1712 fib_select_multipath(fl, res);
1715 /* create a routing cache entry */
1716 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
1720 /* put it into the cache */
1721 hash = rt_hash(daddr, saddr, fl->iif);
1722 return rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1726 * NOTE. We drop all the packets that has local source
1727 * addresses, because every properly looped back packet
1728 * must have correct destination already attached by output routine.
1730 * Such approach solves two big problems:
1731 * 1. Not simplex devices are handled properly.
1732 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1735 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1736 u8 tos, struct net_device *dev)
1738 struct fib_result res;
1739 struct in_device *in_dev = in_dev_get(dev);
1740 struct flowi fl = { .nl_u = { .ip4_u =
1744 .scope = RT_SCOPE_UNIVERSE,
1747 .iif = dev->ifindex };
1750 struct rtable * rth;
1756 /* IP on this device is disabled. */
1761 /* Check for the most weird martians, which can be not detected
1765 if (MULTICAST(saddr) || BADCLASS(saddr) || LOOPBACK(saddr))
1766 goto martian_source;
1768 if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0))
1771 /* Accept zero addresses only to limited broadcast;
1772 * I even do not know to fix it or not. Waiting for complains :-)
1775 goto martian_source;
1777 if (BADCLASS(daddr) || ZERONET(daddr) || LOOPBACK(daddr))
1778 goto martian_destination;
1781 * Now we are ready to route packet.
1783 if ((err = fib_lookup(&fl, &res)) != 0) {
1784 if (!IN_DEV_FORWARD(in_dev))
1790 RT_CACHE_STAT_INC(in_slow_tot);
1792 if (res.type == RTN_BROADCAST)
1795 if (res.type == RTN_LOCAL) {
1797 result = fib_validate_source(saddr, daddr, tos,
1798 init_net.loopback_dev->ifindex,
1799 dev, &spec_dst, &itag);
1801 goto martian_source;
1803 flags |= RTCF_DIRECTSRC;
1808 if (!IN_DEV_FORWARD(in_dev))
1810 if (res.type != RTN_UNICAST)
1811 goto martian_destination;
1813 err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
1821 if (skb->protocol != htons(ETH_P_IP))
1825 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1827 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
1830 goto martian_source;
1832 flags |= RTCF_DIRECTSRC;
1834 flags |= RTCF_BROADCAST;
1835 res.type = RTN_BROADCAST;
1836 RT_CACHE_STAT_INC(in_brd);
1839 rth = dst_alloc(&ipv4_dst_ops);
1843 rth->u.dst.output= ip_rt_bug;
1845 atomic_set(&rth->u.dst.__refcnt, 1);
1846 rth->u.dst.flags= DST_HOST;
1847 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1848 rth->u.dst.flags |= DST_NOPOLICY;
1849 rth->fl.fl4_dst = daddr;
1850 rth->rt_dst = daddr;
1851 rth->fl.fl4_tos = tos;
1852 rth->fl.mark = skb->mark;
1853 rth->fl.fl4_src = saddr;
1854 rth->rt_src = saddr;
1855 #ifdef CONFIG_NET_CLS_ROUTE
1856 rth->u.dst.tclassid = itag;
1859 rth->fl.iif = dev->ifindex;
1860 rth->u.dst.dev = init_net.loopback_dev;
1861 dev_hold(rth->u.dst.dev);
1862 rth->idev = in_dev_get(rth->u.dst.dev);
1863 rth->rt_gateway = daddr;
1864 rth->rt_spec_dst= spec_dst;
1865 rth->u.dst.input= ip_local_deliver;
1866 rth->rt_flags = flags|RTCF_LOCAL;
1867 if (res.type == RTN_UNREACHABLE) {
1868 rth->u.dst.input= ip_error;
1869 rth->u.dst.error= -err;
1870 rth->rt_flags &= ~RTCF_LOCAL;
1872 rth->rt_type = res.type;
1873 hash = rt_hash(daddr, saddr, fl.iif);
1874 err = rt_intern_hash(hash, rth, (struct rtable**)&skb->dst);
1878 RT_CACHE_STAT_INC(in_no_route);
1879 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
1880 res.type = RTN_UNREACHABLE;
1884 * Do not cache martian addresses: they should be logged (RFC1812)
1886 martian_destination:
1887 RT_CACHE_STAT_INC(in_martian_dst);
1888 #ifdef CONFIG_IP_ROUTE_VERBOSE
1889 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1890 printk(KERN_WARNING "martian destination %u.%u.%u.%u from "
1891 "%u.%u.%u.%u, dev %s\n",
1892 NIPQUAD(daddr), NIPQUAD(saddr), dev->name);
1896 err = -EHOSTUNREACH;
1908 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
1912 int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1913 u8 tos, struct net_device *dev)
1915 struct rtable * rth;
1917 int iif = dev->ifindex;
1919 tos &= IPTOS_RT_MASK;
1920 hash = rt_hash(daddr, saddr, iif);
1923 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1924 rth = rcu_dereference(rth->u.dst.rt_next)) {
1925 if (rth->fl.fl4_dst == daddr &&
1926 rth->fl.fl4_src == saddr &&
1927 rth->fl.iif == iif &&
1929 rth->fl.mark == skb->mark &&
1930 rth->fl.fl4_tos == tos) {
1931 dst_use(&rth->u.dst, jiffies);
1932 RT_CACHE_STAT_INC(in_hit);
1934 skb->dst = (struct dst_entry*)rth;
1937 RT_CACHE_STAT_INC(in_hlist_search);
1941 /* Multicast recognition logic is moved from route cache to here.
1942 The problem was that too many Ethernet cards have broken/missing
1943 hardware multicast filters :-( As result the host on multicasting
1944 network acquires a lot of useless route cache entries, sort of
1945 SDR messages from all the world. Now we try to get rid of them.
1946 Really, provided software IP multicast filter is organized
1947 reasonably (at least, hashed), it does not result in a slowdown
1948 comparing with route cache reject entries.
1949 Note, that multicast routers are not affected, because
1950 route cache entry is created eventually.
1952 if (MULTICAST(daddr)) {
1953 struct in_device *in_dev;
1956 if ((in_dev = __in_dev_get_rcu(dev)) != NULL) {
1957 int our = ip_check_mc(in_dev, daddr, saddr,
1958 ip_hdr(skb)->protocol);
1960 #ifdef CONFIG_IP_MROUTE
1961 || (!LOCAL_MCAST(daddr) && IN_DEV_MFORWARD(in_dev))
1965 return ip_route_input_mc(skb, daddr, saddr,
1972 return ip_route_input_slow(skb, daddr, saddr, tos, dev);
1975 static inline int __mkroute_output(struct rtable **result,
1976 struct fib_result* res,
1977 const struct flowi *fl,
1978 const struct flowi *oldflp,
1979 struct net_device *dev_out,
1983 struct in_device *in_dev;
1984 u32 tos = RT_FL_TOS(oldflp);
1987 if (LOOPBACK(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK))
1990 if (fl->fl4_dst == htonl(0xFFFFFFFF))
1991 res->type = RTN_BROADCAST;
1992 else if (MULTICAST(fl->fl4_dst))
1993 res->type = RTN_MULTICAST;
1994 else if (BADCLASS(fl->fl4_dst) || ZERONET(fl->fl4_dst))
1997 if (dev_out->flags & IFF_LOOPBACK)
1998 flags |= RTCF_LOCAL;
2000 /* get work reference to inet device */
2001 in_dev = in_dev_get(dev_out);
2005 if (res->type == RTN_BROADCAST) {
2006 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2008 fib_info_put(res->fi);
2011 } else if (res->type == RTN_MULTICAST) {
2012 flags |= RTCF_MULTICAST|RTCF_LOCAL;
2013 if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src,
2015 flags &= ~RTCF_LOCAL;
2016 /* If multicast route do not exist use
2017 default one, but do not gateway in this case.
2020 if (res->fi && res->prefixlen < 4) {
2021 fib_info_put(res->fi);
2027 rth = dst_alloc(&ipv4_dst_ops);
2033 atomic_set(&rth->u.dst.__refcnt, 1);
2034 rth->u.dst.flags= DST_HOST;
2035 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2036 rth->u.dst.flags |= DST_NOXFRM;
2037 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2038 rth->u.dst.flags |= DST_NOPOLICY;
2040 rth->fl.fl4_dst = oldflp->fl4_dst;
2041 rth->fl.fl4_tos = tos;
2042 rth->fl.fl4_src = oldflp->fl4_src;
2043 rth->fl.oif = oldflp->oif;
2044 rth->fl.mark = oldflp->mark;
2045 rth->rt_dst = fl->fl4_dst;
2046 rth->rt_src = fl->fl4_src;
2047 rth->rt_iif = oldflp->oif ? : dev_out->ifindex;
2048 /* get references to the devices that are to be hold by the routing
2050 rth->u.dst.dev = dev_out;
2052 rth->idev = in_dev_get(dev_out);
2053 rth->rt_gateway = fl->fl4_dst;
2054 rth->rt_spec_dst= fl->fl4_src;
2056 rth->u.dst.output=ip_output;
2058 RT_CACHE_STAT_INC(out_slow_tot);
2060 if (flags & RTCF_LOCAL) {
2061 rth->u.dst.input = ip_local_deliver;
2062 rth->rt_spec_dst = fl->fl4_dst;
2064 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2065 rth->rt_spec_dst = fl->fl4_src;
2066 if (flags & RTCF_LOCAL &&
2067 !(dev_out->flags & IFF_LOOPBACK)) {
2068 rth->u.dst.output = ip_mc_output;
2069 RT_CACHE_STAT_INC(out_slow_mc);
2071 #ifdef CONFIG_IP_MROUTE
2072 if (res->type == RTN_MULTICAST) {
2073 if (IN_DEV_MFORWARD(in_dev) &&
2074 !LOCAL_MCAST(oldflp->fl4_dst)) {
2075 rth->u.dst.input = ip_mr_input;
2076 rth->u.dst.output = ip_mc_output;
2082 rt_set_nexthop(rth, res, 0);
2084 rth->rt_flags = flags;
2088 /* release work reference to inet device */
2094 static inline int ip_mkroute_output(struct rtable **rp,
2095 struct fib_result* res,
2096 const struct flowi *fl,
2097 const struct flowi *oldflp,
2098 struct net_device *dev_out,
2101 struct rtable *rth = NULL;
2102 int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags);
2105 hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif);
2106 err = rt_intern_hash(hash, rth, rp);
2113 * Major route resolver routine.
2116 static int ip_route_output_slow(struct rtable **rp, const struct flowi *oldflp)
2118 u32 tos = RT_FL_TOS(oldflp);
2119 struct flowi fl = { .nl_u = { .ip4_u =
2120 { .daddr = oldflp->fl4_dst,
2121 .saddr = oldflp->fl4_src,
2122 .tos = tos & IPTOS_RT_MASK,
2123 .scope = ((tos & RTO_ONLINK) ?
2127 .mark = oldflp->mark,
2128 .iif = init_net.loopback_dev->ifindex,
2129 .oif = oldflp->oif };
2130 struct fib_result res;
2132 struct net_device *dev_out = NULL;
2138 #ifdef CONFIG_IP_MULTIPLE_TABLES
2142 if (oldflp->fl4_src) {
2144 if (MULTICAST(oldflp->fl4_src) ||
2145 BADCLASS(oldflp->fl4_src) ||
2146 ZERONET(oldflp->fl4_src))
2149 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2150 dev_out = ip_dev_find(oldflp->fl4_src);
2151 if (dev_out == NULL)
2154 /* I removed check for oif == dev_out->oif here.
2155 It was wrong for two reasons:
2156 1. ip_dev_find(saddr) can return wrong iface, if saddr is
2157 assigned to multiple interfaces.
2158 2. Moreover, we are allowed to send packets with saddr
2159 of another iface. --ANK
2162 if (oldflp->oif == 0
2163 && (MULTICAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
2164 /* Special hack: user can direct multicasts
2165 and limited broadcast via necessary interface
2166 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2167 This hack is not just for fun, it allows
2168 vic,vat and friends to work.
2169 They bind socket to loopback, set ttl to zero
2170 and expect that it will work.
2171 From the viewpoint of routing cache they are broken,
2172 because we are not allowed to build multicast path
2173 with loopback source addr (look, routing cache
2174 cannot know, that ttl is zero, so that packet
2175 will not leave this host and route is valid).
2176 Luckily, this hack is good workaround.
2179 fl.oif = dev_out->ifindex;
2189 dev_out = dev_get_by_index(&init_net, oldflp->oif);
2191 if (dev_out == NULL)
2194 /* RACE: Check return value of inet_select_addr instead. */
2195 if (__in_dev_get_rtnl(dev_out) == NULL) {
2197 goto out; /* Wrong error code */
2200 if (LOCAL_MCAST(oldflp->fl4_dst) || oldflp->fl4_dst == htonl(0xFFFFFFFF)) {
2202 fl.fl4_src = inet_select_addr(dev_out, 0,
2207 if (MULTICAST(oldflp->fl4_dst))
2208 fl.fl4_src = inet_select_addr(dev_out, 0,
2210 else if (!oldflp->fl4_dst)
2211 fl.fl4_src = inet_select_addr(dev_out, 0,
2217 fl.fl4_dst = fl.fl4_src;
2219 fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK);
2222 dev_out = init_net.loopback_dev;
2224 fl.oif = init_net.loopback_dev->ifindex;
2225 res.type = RTN_LOCAL;
2226 flags |= RTCF_LOCAL;
2230 if (fib_lookup(&fl, &res)) {
2233 /* Apparently, routing tables are wrong. Assume,
2234 that the destination is on link.
2237 Because we are allowed to send to iface
2238 even if it has NO routes and NO assigned
2239 addresses. When oif is specified, routing
2240 tables are looked up with only one purpose:
2241 to catch if destination is gatewayed, rather than
2242 direct. Moreover, if MSG_DONTROUTE is set,
2243 we send packet, ignoring both routing tables
2244 and ifaddr state. --ANK
2247 We could make it even if oif is unknown,
2248 likely IPv6, but we do not.
2251 if (fl.fl4_src == 0)
2252 fl.fl4_src = inet_select_addr(dev_out, 0,
2254 res.type = RTN_UNICAST;
2264 if (res.type == RTN_LOCAL) {
2266 fl.fl4_src = fl.fl4_dst;
2269 dev_out = init_net.loopback_dev;
2271 fl.oif = dev_out->ifindex;
2273 fib_info_put(res.fi);
2275 flags |= RTCF_LOCAL;
2279 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2280 if (res.fi->fib_nhs > 1 && fl.oif == 0)
2281 fib_select_multipath(&fl, &res);
2284 if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
2285 fib_select_default(&fl, &res);
2288 fl.fl4_src = FIB_RES_PREFSRC(res);
2292 dev_out = FIB_RES_DEV(res);
2294 fl.oif = dev_out->ifindex;
2298 err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags);
2308 int __ip_route_output_key(struct rtable **rp, const struct flowi *flp)
2313 hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif);
2316 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2317 rth = rcu_dereference(rth->u.dst.rt_next)) {
2318 if (rth->fl.fl4_dst == flp->fl4_dst &&
2319 rth->fl.fl4_src == flp->fl4_src &&
2321 rth->fl.oif == flp->oif &&
2322 rth->fl.mark == flp->mark &&
2323 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
2324 (IPTOS_RT_MASK | RTO_ONLINK))) {
2325 dst_use(&rth->u.dst, jiffies);
2326 RT_CACHE_STAT_INC(out_hit);
2327 rcu_read_unlock_bh();
2331 RT_CACHE_STAT_INC(out_hlist_search);
2333 rcu_read_unlock_bh();
2335 return ip_route_output_slow(rp, flp);
2338 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2340 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2344 static struct dst_ops ipv4_dst_blackhole_ops = {
2346 .protocol = __constant_htons(ETH_P_IP),
2347 .destroy = ipv4_dst_destroy,
2348 .check = ipv4_dst_check,
2349 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2350 .entry_size = sizeof(struct rtable),
2354 static int ipv4_blackhole_output(struct sk_buff *skb)
2360 static int ipv4_dst_blackhole(struct rtable **rp, struct flowi *flp, struct sock *sk)
2362 struct rtable *ort = *rp;
2363 struct rtable *rt = (struct rtable *)
2364 dst_alloc(&ipv4_dst_blackhole_ops);
2367 struct dst_entry *new = &rt->u.dst;
2369 atomic_set(&new->__refcnt, 1);
2371 new->input = ipv4_blackhole_output;
2372 new->output = ipv4_blackhole_output;
2373 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
2375 new->dev = ort->u.dst.dev;
2381 rt->idev = ort->idev;
2383 in_dev_hold(rt->idev);
2384 rt->rt_flags = ort->rt_flags;
2385 rt->rt_type = ort->rt_type;
2386 rt->rt_dst = ort->rt_dst;
2387 rt->rt_src = ort->rt_src;
2388 rt->rt_iif = ort->rt_iif;
2389 rt->rt_gateway = ort->rt_gateway;
2390 rt->rt_spec_dst = ort->rt_spec_dst;
2391 rt->peer = ort->peer;
2393 atomic_inc(&rt->peer->refcnt);
2398 dst_release(&(*rp)->u.dst);
2400 return (rt ? 0 : -ENOMEM);
2403 int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags)
2407 if ((err = __ip_route_output_key(rp, flp)) != 0)
2412 flp->fl4_src = (*rp)->rt_src;
2414 flp->fl4_dst = (*rp)->rt_dst;
2415 err = __xfrm_lookup((struct dst_entry **)rp, flp, sk, flags);
2416 if (err == -EREMOTE)
2417 err = ipv4_dst_blackhole(rp, flp, sk);
2425 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2427 int ip_route_output_key(struct rtable **rp, struct flowi *flp)
2429 return ip_route_output_flow(rp, flp, NULL, 0);
2432 static int rt_fill_info(struct sk_buff *skb, u32 pid, u32 seq, int event,
2433 int nowait, unsigned int flags)
2435 struct rtable *rt = (struct rtable*)skb->dst;
2437 struct nlmsghdr *nlh;
2439 u32 id = 0, ts = 0, tsage = 0, error;
2441 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2445 r = nlmsg_data(nlh);
2446 r->rtm_family = AF_INET;
2447 r->rtm_dst_len = 32;
2449 r->rtm_tos = rt->fl.fl4_tos;
2450 r->rtm_table = RT_TABLE_MAIN;
2451 NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN);
2452 r->rtm_type = rt->rt_type;
2453 r->rtm_scope = RT_SCOPE_UNIVERSE;
2454 r->rtm_protocol = RTPROT_UNSPEC;
2455 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2456 if (rt->rt_flags & RTCF_NOTIFY)
2457 r->rtm_flags |= RTM_F_NOTIFY;
2459 NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst);
2461 if (rt->fl.fl4_src) {
2462 r->rtm_src_len = 32;
2463 NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src);
2466 NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex);
2467 #ifdef CONFIG_NET_CLS_ROUTE
2468 if (rt->u.dst.tclassid)
2469 NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid);
2472 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst);
2473 else if (rt->rt_src != rt->fl.fl4_src)
2474 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src);
2476 if (rt->rt_dst != rt->rt_gateway)
2477 NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway);
2479 if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0)
2480 goto nla_put_failure;
2482 error = rt->u.dst.error;
2483 expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0;
2485 id = rt->peer->ip_id_count;
2486 if (rt->peer->tcp_ts_stamp) {
2487 ts = rt->peer->tcp_ts;
2488 tsage = get_seconds() - rt->peer->tcp_ts_stamp;
2493 #ifdef CONFIG_IP_MROUTE
2494 __be32 dst = rt->rt_dst;
2496 if (MULTICAST(dst) && !LOCAL_MCAST(dst) &&
2497 IPV4_DEVCONF_ALL(MC_FORWARDING)) {
2498 int err = ipmr_get_route(skb, r, nowait);
2503 goto nla_put_failure;
2505 if (err == -EMSGSIZE)
2506 goto nla_put_failure;
2512 NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif);
2515 if (rtnl_put_cacheinfo(skb, &rt->u.dst, id, ts, tsage,
2516 expires, error) < 0)
2517 goto nla_put_failure;
2519 return nlmsg_end(skb, nlh);
2522 nlmsg_cancel(skb, nlh);
2526 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2529 struct nlattr *tb[RTA_MAX+1];
2530 struct rtable *rt = NULL;
2535 struct sk_buff *skb;
2537 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2541 rtm = nlmsg_data(nlh);
2543 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2549 /* Reserve room for dummy headers, this skb can pass
2550 through good chunk of routing engine.
2552 skb_reset_mac_header(skb);
2553 skb_reset_network_header(skb);
2555 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2556 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2557 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2559 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2560 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2561 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2564 struct net_device *dev;
2566 dev = __dev_get_by_index(&init_net, iif);
2572 skb->protocol = htons(ETH_P_IP);
2575 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2578 rt = (struct rtable*) skb->dst;
2579 if (err == 0 && rt->u.dst.error)
2580 err = -rt->u.dst.error;
2587 .tos = rtm->rtm_tos,
2590 .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2592 err = ip_route_output_key(&rt, &fl);
2598 skb->dst = &rt->u.dst;
2599 if (rtm->rtm_flags & RTM_F_NOTIFY)
2600 rt->rt_flags |= RTCF_NOTIFY;
2602 err = rt_fill_info(skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2603 RTM_NEWROUTE, 0, 0);
2607 err = rtnl_unicast(skb, NETLINK_CB(in_skb).pid);
2616 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2623 s_idx = idx = cb->args[1];
2624 for (h = 0; h <= rt_hash_mask; h++) {
2625 if (h < s_h) continue;
2629 for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt;
2630 rt = rcu_dereference(rt->u.dst.rt_next), idx++) {
2633 skb->dst = dst_clone(&rt->u.dst);
2634 if (rt_fill_info(skb, NETLINK_CB(cb->skb).pid,
2635 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2636 1, NLM_F_MULTI) <= 0) {
2637 dst_release(xchg(&skb->dst, NULL));
2638 rcu_read_unlock_bh();
2641 dst_release(xchg(&skb->dst, NULL));
2643 rcu_read_unlock_bh();
2652 void ip_rt_multicast_event(struct in_device *in_dev)
2657 #ifdef CONFIG_SYSCTL
2658 static int flush_delay;
2660 static int ipv4_sysctl_rtcache_flush(ctl_table *ctl, int write,
2661 struct file *filp, void __user *buffer,
2662 size_t *lenp, loff_t *ppos)
2665 proc_dointvec(ctl, write, filp, buffer, lenp, ppos);
2666 rt_cache_flush(flush_delay);
2673 static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
2676 void __user *oldval,
2677 size_t __user *oldlenp,
2678 void __user *newval,
2682 if (newlen != sizeof(int))
2684 if (get_user(delay, (int __user *)newval))
2686 rt_cache_flush(delay);
2690 ctl_table ipv4_route_table[] = {
2692 .ctl_name = NET_IPV4_ROUTE_FLUSH,
2693 .procname = "flush",
2694 .data = &flush_delay,
2695 .maxlen = sizeof(int),
2697 .proc_handler = &ipv4_sysctl_rtcache_flush,
2698 .strategy = &ipv4_sysctl_rtcache_flush_strategy,
2701 .ctl_name = NET_IPV4_ROUTE_MIN_DELAY,
2702 .procname = "min_delay",
2703 .data = &ip_rt_min_delay,
2704 .maxlen = sizeof(int),
2706 .proc_handler = &proc_dointvec_jiffies,
2707 .strategy = &sysctl_jiffies,
2710 .ctl_name = NET_IPV4_ROUTE_MAX_DELAY,
2711 .procname = "max_delay",
2712 .data = &ip_rt_max_delay,
2713 .maxlen = sizeof(int),
2715 .proc_handler = &proc_dointvec_jiffies,
2716 .strategy = &sysctl_jiffies,
2719 .ctl_name = NET_IPV4_ROUTE_GC_THRESH,
2720 .procname = "gc_thresh",
2721 .data = &ipv4_dst_ops.gc_thresh,
2722 .maxlen = sizeof(int),
2724 .proc_handler = &proc_dointvec,
2727 .ctl_name = NET_IPV4_ROUTE_MAX_SIZE,
2728 .procname = "max_size",
2729 .data = &ip_rt_max_size,
2730 .maxlen = sizeof(int),
2732 .proc_handler = &proc_dointvec,
2735 /* Deprecated. Use gc_min_interval_ms */
2737 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL,
2738 .procname = "gc_min_interval",
2739 .data = &ip_rt_gc_min_interval,
2740 .maxlen = sizeof(int),
2742 .proc_handler = &proc_dointvec_jiffies,
2743 .strategy = &sysctl_jiffies,
2746 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS,
2747 .procname = "gc_min_interval_ms",
2748 .data = &ip_rt_gc_min_interval,
2749 .maxlen = sizeof(int),
2751 .proc_handler = &proc_dointvec_ms_jiffies,
2752 .strategy = &sysctl_ms_jiffies,
2755 .ctl_name = NET_IPV4_ROUTE_GC_TIMEOUT,
2756 .procname = "gc_timeout",
2757 .data = &ip_rt_gc_timeout,
2758 .maxlen = sizeof(int),
2760 .proc_handler = &proc_dointvec_jiffies,
2761 .strategy = &sysctl_jiffies,
2764 .ctl_name = NET_IPV4_ROUTE_GC_INTERVAL,
2765 .procname = "gc_interval",
2766 .data = &ip_rt_gc_interval,
2767 .maxlen = sizeof(int),
2769 .proc_handler = &proc_dointvec_jiffies,
2770 .strategy = &sysctl_jiffies,
2773 .ctl_name = NET_IPV4_ROUTE_REDIRECT_LOAD,
2774 .procname = "redirect_load",
2775 .data = &ip_rt_redirect_load,
2776 .maxlen = sizeof(int),
2778 .proc_handler = &proc_dointvec,
2781 .ctl_name = NET_IPV4_ROUTE_REDIRECT_NUMBER,
2782 .procname = "redirect_number",
2783 .data = &ip_rt_redirect_number,
2784 .maxlen = sizeof(int),
2786 .proc_handler = &proc_dointvec,
2789 .ctl_name = NET_IPV4_ROUTE_REDIRECT_SILENCE,
2790 .procname = "redirect_silence",
2791 .data = &ip_rt_redirect_silence,
2792 .maxlen = sizeof(int),
2794 .proc_handler = &proc_dointvec,
2797 .ctl_name = NET_IPV4_ROUTE_ERROR_COST,
2798 .procname = "error_cost",
2799 .data = &ip_rt_error_cost,
2800 .maxlen = sizeof(int),
2802 .proc_handler = &proc_dointvec,
2805 .ctl_name = NET_IPV4_ROUTE_ERROR_BURST,
2806 .procname = "error_burst",
2807 .data = &ip_rt_error_burst,
2808 .maxlen = sizeof(int),
2810 .proc_handler = &proc_dointvec,
2813 .ctl_name = NET_IPV4_ROUTE_GC_ELASTICITY,
2814 .procname = "gc_elasticity",
2815 .data = &ip_rt_gc_elasticity,
2816 .maxlen = sizeof(int),
2818 .proc_handler = &proc_dointvec,
2821 .ctl_name = NET_IPV4_ROUTE_MTU_EXPIRES,
2822 .procname = "mtu_expires",
2823 .data = &ip_rt_mtu_expires,
2824 .maxlen = sizeof(int),
2826 .proc_handler = &proc_dointvec_jiffies,
2827 .strategy = &sysctl_jiffies,
2830 .ctl_name = NET_IPV4_ROUTE_MIN_PMTU,
2831 .procname = "min_pmtu",
2832 .data = &ip_rt_min_pmtu,
2833 .maxlen = sizeof(int),
2835 .proc_handler = &proc_dointvec,
2838 .ctl_name = NET_IPV4_ROUTE_MIN_ADVMSS,
2839 .procname = "min_adv_mss",
2840 .data = &ip_rt_min_advmss,
2841 .maxlen = sizeof(int),
2843 .proc_handler = &proc_dointvec,
2846 .ctl_name = NET_IPV4_ROUTE_SECRET_INTERVAL,
2847 .procname = "secret_interval",
2848 .data = &ip_rt_secret_interval,
2849 .maxlen = sizeof(int),
2851 .proc_handler = &proc_dointvec_jiffies,
2852 .strategy = &sysctl_jiffies,
2858 #ifdef CONFIG_NET_CLS_ROUTE
2859 struct ip_rt_acct *ip_rt_acct;
2861 /* This code sucks. But you should have seen it before! --RR */
2863 /* IP route accounting ptr for this logical cpu number. */
2864 #define IP_RT_ACCT_CPU(i) (ip_rt_acct + i * 256)
2866 #ifdef CONFIG_PROC_FS
2867 static int ip_rt_acct_read(char *buffer, char **start, off_t offset,
2868 int length, int *eof, void *data)
2872 if ((offset & 3) || (length & 3))
2875 if (offset >= sizeof(struct ip_rt_acct) * 256) {
2880 if (offset + length >= sizeof(struct ip_rt_acct) * 256) {
2881 length = sizeof(struct ip_rt_acct) * 256 - offset;
2885 offset /= sizeof(u32);
2888 u32 *src = ((u32 *) IP_RT_ACCT_CPU(0)) + offset;
2889 u32 *dst = (u32 *) buffer;
2891 /* Copy first cpu. */
2893 memcpy(dst, src, length);
2895 /* Add the other cpus in, one int at a time */
2896 for_each_possible_cpu(i) {
2899 src = ((u32 *) IP_RT_ACCT_CPU(i)) + offset;
2901 for (j = 0; j < length/4; j++)
2907 #endif /* CONFIG_PROC_FS */
2908 #endif /* CONFIG_NET_CLS_ROUTE */
2910 static __initdata unsigned long rhash_entries;
2911 static int __init set_rhash_entries(char *str)
2915 rhash_entries = simple_strtoul(str, &str, 0);
2918 __setup("rhash_entries=", set_rhash_entries);
2920 int __init ip_rt_init(void)
2924 rt_hash_rnd = (int) ((num_physpages ^ (num_physpages>>8)) ^
2925 (jiffies ^ (jiffies >> 7)));
2927 #ifdef CONFIG_NET_CLS_ROUTE
2931 (PAGE_SIZE << order) < 256 * sizeof(struct ip_rt_acct) * NR_CPUS; order++)
2933 ip_rt_acct = (struct ip_rt_acct *)__get_free_pages(GFP_KERNEL, order);
2935 panic("IP: failed to allocate ip_rt_acct\n");
2936 memset(ip_rt_acct, 0, PAGE_SIZE << order);
2940 ipv4_dst_ops.kmem_cachep =
2941 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2942 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2944 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2946 rt_hash_table = (struct rt_hash_bucket *)
2947 alloc_large_system_hash("IP route cache",
2948 sizeof(struct rt_hash_bucket),
2950 (num_physpages >= 128 * 1024) ?
2956 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
2957 rt_hash_lock_init();
2959 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
2960 ip_rt_max_size = (rt_hash_mask + 1) * 16;
2965 init_timer(&rt_flush_timer);
2966 rt_flush_timer.function = rt_run_flush;
2967 init_timer(&rt_secret_timer);
2968 rt_secret_timer.function = rt_secret_rebuild;
2970 /* All the timers, started at system startup tend
2971 to synchronize. Perturb it a bit.
2973 schedule_delayed_work(&expires_work,
2974 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
2976 rt_secret_timer.expires = jiffies + net_random() % ip_rt_secret_interval +
2977 ip_rt_secret_interval;
2978 add_timer(&rt_secret_timer);
2980 #ifdef CONFIG_PROC_FS
2982 struct proc_dir_entry *rtstat_pde = NULL; /* keep gcc happy */
2983 if (!proc_net_fops_create(&init_net, "rt_cache", S_IRUGO, &rt_cache_seq_fops) ||
2984 !(rtstat_pde = create_proc_entry("rt_cache", S_IRUGO,
2985 init_net.proc_net_stat))) {
2988 rtstat_pde->proc_fops = &rt_cpu_seq_fops;
2990 #ifdef CONFIG_NET_CLS_ROUTE
2991 create_proc_read_entry("rt_acct", 0, init_net.proc_net, ip_rt_acct_read, NULL);
2998 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3003 EXPORT_SYMBOL(__ip_select_ident);
3004 EXPORT_SYMBOL(ip_route_input);
3005 EXPORT_SYMBOL(ip_route_output_key);
projects / linux-2.6-omap-h63xx.git / blob