2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Alan Cox, <gw4pts@gw4pts.ampr.org>
11 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alan Cox : Verify area fixes.
16 * Alan Cox : cli() protects routing changes
17 * Rui Oliveira : ICMP routing table updates
18 * (rco@di.uminho.pt) Routing table insertion and update
19 * Linus Torvalds : Rewrote bits to be sensible
20 * Alan Cox : Added BSD route gw semantics
21 * Alan Cox : Super /proc >4K
22 * Alan Cox : MTU in route table
23 * Alan Cox : MSS actually. Also added the window
25 * Sam Lantinga : Fixed route matching in rt_del()
26 * Alan Cox : Routing cache support.
27 * Alan Cox : Removed compatibility cruft.
28 * Alan Cox : RTF_REJECT support.
29 * Alan Cox : TCP irtt support.
30 * Jonathan Naylor : Added Metric support.
31 * Miquel van Smoorenburg : BSD API fixes.
32 * Miquel van Smoorenburg : Metrics.
33 * Alan Cox : Use __u32 properly
34 * Alan Cox : Aligned routing errors more closely with BSD
35 * our system is still very different.
36 * Alan Cox : Faster /proc handling
37 * Alexey Kuznetsov : Massive rework to support tree based routing,
38 * routing caches and better behaviour.
40 * Olaf Erb : irtt wasn't being copied right.
41 * Bjorn Ekwall : Kerneld route support.
42 * Alan Cox : Multicast fixed (I hope)
43 * Pavel Krauz : Limited broadcast fixed
44 * Mike McLagan : Routing by source
45 * Alexey Kuznetsov : End of old history. Split to fib.c and
46 * route.c and rewritten from scratch.
47 * Andi Kleen : Load-limit warning messages.
48 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
49 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
50 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
51 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
52 * Marc Boucher : routing by fwmark
53 * Robert Olsson : Added rt_cache statistics
54 * Arnaldo C. Melo : Convert proc stuff to seq_file
55 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
56 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
57 * Ilia Sotnikov : Removed TOS from hash calculations
59 * This program is free software; you can redistribute it and/or
60 * modify it under the terms of the GNU General Public License
61 * as published by the Free Software Foundation; either version
62 * 2 of the License, or (at your option) any later version.
65 #define pr_fmt(fmt) "IPv4: " fmt
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <linux/bitops.h>
70 #include <linux/types.h>
71 #include <linux/kernel.h>
73 #include <linux/bootmem.h>
74 #include <linux/string.h>
75 #include <linux/socket.h>
76 #include <linux/sockios.h>
77 #include <linux/errno.h>
79 #include <linux/inet.h>
80 #include <linux/netdevice.h>
81 #include <linux/proc_fs.h>
82 #include <linux/init.h>
83 #include <linux/skbuff.h>
84 #include <linux/inetdevice.h>
85 #include <linux/igmp.h>
86 #include <linux/pkt_sched.h>
87 #include <linux/mroute.h>
88 #include <linux/netfilter_ipv4.h>
89 #include <linux/random.h>
90 #include <linux/rcupdate.h>
91 #include <linux/times.h>
92 #include <linux/slab.h>
93 #include <linux/jhash.h>
95 #include <net/dst_metadata.h>
96 #include <net/net_namespace.h>
97 #include <net/protocol.h>
99 #include <net/route.h>
100 #include <net/inetpeer.h>
101 #include <net/sock.h>
102 #include <net/ip_fib.h>
105 #include <net/icmp.h>
106 #include <net/xfrm.h>
107 #include <net/lwtunnel.h>
108 #include <net/netevent.h>
109 #include <net/rtnetlink.h>
111 #include <linux/sysctl.h>
112 #include <linux/kmemleak.h>
114 #include <net/secure_seq.h>
115 #include <net/ip_tunnels.h>
116 #include <net/l3mdev.h>
118 #define RT_FL_TOS(oldflp4) \
119 ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK))
121 #define RT_GC_TIMEOUT (300*HZ)
123 static int ip_rt_max_size;
124 static int ip_rt_redirect_number __read_mostly = 9;
125 static int ip_rt_redirect_load __read_mostly = HZ / 50;
126 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
127 static int ip_rt_error_cost __read_mostly = HZ;
128 static int ip_rt_error_burst __read_mostly = 5 * HZ;
129 static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
130 static u32 ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
131 static int ip_rt_min_advmss __read_mostly = 256;
133 static int ip_rt_gc_timeout __read_mostly = RT_GC_TIMEOUT;
136 * Interface to generic destination cache.
139 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
140 static unsigned int ipv4_default_advmss(const struct dst_entry *dst);
141 static unsigned int ipv4_mtu(const struct dst_entry *dst);
142 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
143 static void ipv4_link_failure(struct sk_buff *skb);
144 static void ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
145 struct sk_buff *skb, u32 mtu);
146 static void ip_do_redirect(struct dst_entry *dst, struct sock *sk,
147 struct sk_buff *skb);
148 static void ipv4_dst_destroy(struct dst_entry *dst);
150 static u32 *ipv4_cow_metrics(struct dst_entry *dst, unsigned long old)
156 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
160 static struct dst_ops ipv4_dst_ops = {
162 .check = ipv4_dst_check,
163 .default_advmss = ipv4_default_advmss,
165 .cow_metrics = ipv4_cow_metrics,
166 .destroy = ipv4_dst_destroy,
167 .negative_advice = ipv4_negative_advice,
168 .link_failure = ipv4_link_failure,
169 .update_pmtu = ip_rt_update_pmtu,
170 .redirect = ip_do_redirect,
171 .local_out = __ip_local_out,
172 .neigh_lookup = ipv4_neigh_lookup,
175 #define ECN_OR_COST(class) TC_PRIO_##class
177 const __u8 ip_tos2prio[16] = {
179 ECN_OR_COST(BESTEFFORT),
181 ECN_OR_COST(BESTEFFORT),
187 ECN_OR_COST(INTERACTIVE),
189 ECN_OR_COST(INTERACTIVE),
190 TC_PRIO_INTERACTIVE_BULK,
191 ECN_OR_COST(INTERACTIVE_BULK),
192 TC_PRIO_INTERACTIVE_BULK,
193 ECN_OR_COST(INTERACTIVE_BULK)
195 EXPORT_SYMBOL(ip_tos2prio);
197 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
198 #define RT_CACHE_STAT_INC(field) raw_cpu_inc(rt_cache_stat.field)
200 #ifdef CONFIG_PROC_FS
201 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
205 return SEQ_START_TOKEN;
208 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
214 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
218 static int rt_cache_seq_show(struct seq_file *seq, void *v)
220 if (v == SEQ_START_TOKEN)
221 seq_printf(seq, "%-127s\n",
222 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
223 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
228 static const struct seq_operations rt_cache_seq_ops = {
229 .start = rt_cache_seq_start,
230 .next = rt_cache_seq_next,
231 .stop = rt_cache_seq_stop,
232 .show = rt_cache_seq_show,
235 static int rt_cache_seq_open(struct inode *inode, struct file *file)
237 return seq_open(file, &rt_cache_seq_ops);
240 static const struct file_operations rt_cache_seq_fops = {
241 .owner = THIS_MODULE,
242 .open = rt_cache_seq_open,
245 .release = seq_release,
249 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
254 return SEQ_START_TOKEN;
256 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
257 if (!cpu_possible(cpu))
260 return &per_cpu(rt_cache_stat, cpu);
265 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
269 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
270 if (!cpu_possible(cpu))
273 return &per_cpu(rt_cache_stat, cpu);
280 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
285 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
287 struct rt_cache_stat *st = v;
289 if (v == SEQ_START_TOKEN) {
290 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
294 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
295 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
296 dst_entries_get_slow(&ipv4_dst_ops),
309 0, /* st->gc_total */
310 0, /* st->gc_ignored */
311 0, /* st->gc_goal_miss */
312 0, /* st->gc_dst_overflow */
313 0, /* st->in_hlist_search */
314 0 /* st->out_hlist_search */
319 static const struct seq_operations rt_cpu_seq_ops = {
320 .start = rt_cpu_seq_start,
321 .next = rt_cpu_seq_next,
322 .stop = rt_cpu_seq_stop,
323 .show = rt_cpu_seq_show,
327 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
329 return seq_open(file, &rt_cpu_seq_ops);
332 static const struct file_operations rt_cpu_seq_fops = {
333 .owner = THIS_MODULE,
334 .open = rt_cpu_seq_open,
337 .release = seq_release,
340 #ifdef CONFIG_IP_ROUTE_CLASSID
341 static int rt_acct_proc_show(struct seq_file *m, void *v)
343 struct ip_rt_acct *dst, *src;
346 dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
350 for_each_possible_cpu(i) {
351 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
352 for (j = 0; j < 256; j++) {
353 dst[j].o_bytes += src[j].o_bytes;
354 dst[j].o_packets += src[j].o_packets;
355 dst[j].i_bytes += src[j].i_bytes;
356 dst[j].i_packets += src[j].i_packets;
360 seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
365 static int rt_acct_proc_open(struct inode *inode, struct file *file)
367 return single_open(file, rt_acct_proc_show, NULL);
370 static const struct file_operations rt_acct_proc_fops = {
371 .owner = THIS_MODULE,
372 .open = rt_acct_proc_open,
375 .release = single_release,
379 static int __net_init ip_rt_do_proc_init(struct net *net)
381 struct proc_dir_entry *pde;
383 pde = proc_create("rt_cache", S_IRUGO, net->proc_net,
388 pde = proc_create("rt_cache", S_IRUGO,
389 net->proc_net_stat, &rt_cpu_seq_fops);
393 #ifdef CONFIG_IP_ROUTE_CLASSID
394 pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
400 #ifdef CONFIG_IP_ROUTE_CLASSID
402 remove_proc_entry("rt_cache", net->proc_net_stat);
405 remove_proc_entry("rt_cache", net->proc_net);
410 static void __net_exit ip_rt_do_proc_exit(struct net *net)
412 remove_proc_entry("rt_cache", net->proc_net_stat);
413 remove_proc_entry("rt_cache", net->proc_net);
414 #ifdef CONFIG_IP_ROUTE_CLASSID
415 remove_proc_entry("rt_acct", net->proc_net);
419 static struct pernet_operations ip_rt_proc_ops __net_initdata = {
420 .init = ip_rt_do_proc_init,
421 .exit = ip_rt_do_proc_exit,
424 static int __init ip_rt_proc_init(void)
426 return register_pernet_subsys(&ip_rt_proc_ops);
430 static inline int ip_rt_proc_init(void)
434 #endif /* CONFIG_PROC_FS */
436 static inline bool rt_is_expired(const struct rtable *rth)
438 return rth->rt_genid != rt_genid_ipv4(dev_net(rth->dst.dev));
441 void rt_cache_flush(struct net *net)
443 rt_genid_bump_ipv4(net);
446 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
450 struct net_device *dev = dst->dev;
451 const __be32 *pkey = daddr;
452 const struct rtable *rt;
455 rt = (const struct rtable *) dst;
457 pkey = (const __be32 *) &rt->rt_gateway;
459 pkey = &ip_hdr(skb)->daddr;
461 n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
464 return neigh_create(&arp_tbl, pkey, dev);
467 /* Hash tables of size 2048..262144 depending on RAM size.
468 * Each bucket uses 8 bytes.
470 static u32 ip_idents_mask __read_mostly;
471 static atomic_t *ip_idents __read_mostly;
472 static u32 *ip_tstamps __read_mostly;
474 /* In order to protect privacy, we add a perturbation to identifiers
475 * if one generator is seldom used. This makes hard for an attacker
476 * to infer how many packets were sent between two points in time.
478 u32 ip_idents_reserve(u32 hash, int segs)
480 u32 bucket, old, now = (u32)jiffies;
485 bucket = hash & ip_idents_mask;
486 p_tstamp = ip_tstamps + bucket;
487 p_id = ip_idents + bucket;
488 old = ACCESS_ONCE(*p_tstamp);
490 if (old != now && cmpxchg(p_tstamp, old, now) == old)
491 delta = prandom_u32_max(now - old);
493 /* If UBSAN reports an error there, please make sure your compiler
494 * supports -fno-strict-overflow before reporting it that was a bug
495 * in UBSAN, and it has been fixed in GCC-8.
497 return atomic_add_return(segs + delta, p_id) - segs;
499 EXPORT_SYMBOL(ip_idents_reserve);
501 void __ip_select_ident(struct net *net, struct iphdr *iph, int segs)
505 /* Note the following code is not safe, but this is okay. */
506 if (unlikely(siphash_key_is_zero(&net->ipv4.ip_id_key)))
507 get_random_bytes(&net->ipv4.ip_id_key,
508 sizeof(net->ipv4.ip_id_key));
510 hash = siphash_3u32((__force u32)iph->daddr,
511 (__force u32)iph->saddr,
513 &net->ipv4.ip_id_key);
514 id = ip_idents_reserve(hash, segs);
517 EXPORT_SYMBOL(__ip_select_ident);
519 static void __build_flow_key(struct flowi4 *fl4, const struct sock *sk,
520 const struct iphdr *iph,
522 u8 prot, u32 mark, int flow_flags)
525 const struct inet_sock *inet = inet_sk(sk);
527 oif = sk->sk_bound_dev_if;
529 tos = RT_CONN_FLAGS(sk);
530 prot = inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol;
532 flowi4_init_output(fl4, oif, mark, tos,
533 RT_SCOPE_UNIVERSE, prot,
535 iph->daddr, iph->saddr, 0, 0);
538 static void build_skb_flow_key(struct flowi4 *fl4, const struct sk_buff *skb,
539 const struct sock *sk)
541 const struct iphdr *iph = ip_hdr(skb);
542 int oif = skb->dev->ifindex;
543 u8 tos = RT_TOS(iph->tos);
544 u8 prot = iph->protocol;
545 u32 mark = skb->mark;
547 __build_flow_key(fl4, sk, iph, oif, tos, prot, mark, 0);
550 static void build_sk_flow_key(struct flowi4 *fl4, const struct sock *sk)
552 const struct inet_sock *inet = inet_sk(sk);
553 const struct ip_options_rcu *inet_opt;
554 __be32 daddr = inet->inet_daddr;
557 inet_opt = rcu_dereference(inet->inet_opt);
558 if (inet_opt && inet_opt->opt.srr)
559 daddr = inet_opt->opt.faddr;
560 flowi4_init_output(fl4, sk->sk_bound_dev_if, sk->sk_mark,
561 RT_CONN_FLAGS(sk), RT_SCOPE_UNIVERSE,
562 inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
563 inet_sk_flowi_flags(sk),
564 daddr, inet->inet_saddr, 0, 0);
568 static void ip_rt_build_flow_key(struct flowi4 *fl4, const struct sock *sk,
569 const struct sk_buff *skb)
572 build_skb_flow_key(fl4, skb, sk);
574 build_sk_flow_key(fl4, sk);
577 static inline void rt_free(struct rtable *rt)
579 call_rcu(&rt->dst.rcu_head, dst_rcu_free);
582 static DEFINE_SPINLOCK(fnhe_lock);
584 static void fnhe_flush_routes(struct fib_nh_exception *fnhe)
588 rt = rcu_dereference(fnhe->fnhe_rth_input);
590 RCU_INIT_POINTER(fnhe->fnhe_rth_input, NULL);
593 rt = rcu_dereference(fnhe->fnhe_rth_output);
595 RCU_INIT_POINTER(fnhe->fnhe_rth_output, NULL);
600 static struct fib_nh_exception *fnhe_oldest(struct fnhe_hash_bucket *hash)
602 struct fib_nh_exception *fnhe, *oldest;
604 oldest = rcu_dereference(hash->chain);
605 for (fnhe = rcu_dereference(oldest->fnhe_next); fnhe;
606 fnhe = rcu_dereference(fnhe->fnhe_next)) {
607 if (time_before(fnhe->fnhe_stamp, oldest->fnhe_stamp))
610 fnhe_flush_routes(oldest);
614 static inline u32 fnhe_hashfun(__be32 daddr)
616 static u32 fnhe_hashrnd __read_mostly;
619 net_get_random_once(&fnhe_hashrnd, sizeof(fnhe_hashrnd));
620 hval = jhash_1word((__force u32) daddr, fnhe_hashrnd);
621 return hash_32(hval, FNHE_HASH_SHIFT);
624 static void fill_route_from_fnhe(struct rtable *rt, struct fib_nh_exception *fnhe)
626 rt->rt_pmtu = fnhe->fnhe_pmtu;
627 rt->rt_mtu_locked = fnhe->fnhe_mtu_locked;
628 rt->dst.expires = fnhe->fnhe_expires;
631 rt->rt_flags |= RTCF_REDIRECTED;
632 rt->rt_gateway = fnhe->fnhe_gw;
633 rt->rt_uses_gateway = 1;
637 static void update_or_create_fnhe(struct fib_nh *nh, __be32 daddr, __be32 gw,
638 u32 pmtu, bool lock, unsigned long expires)
640 struct fnhe_hash_bucket *hash;
641 struct fib_nh_exception *fnhe;
647 genid = fnhe_genid(dev_net(nh->nh_dev));
648 hval = fnhe_hashfun(daddr);
650 spin_lock_bh(&fnhe_lock);
652 hash = rcu_dereference(nh->nh_exceptions);
654 hash = kzalloc(FNHE_HASH_SIZE * sizeof(*hash), GFP_ATOMIC);
657 rcu_assign_pointer(nh->nh_exceptions, hash);
663 for (fnhe = rcu_dereference(hash->chain); fnhe;
664 fnhe = rcu_dereference(fnhe->fnhe_next)) {
665 if (fnhe->fnhe_daddr == daddr)
671 if (fnhe->fnhe_genid != genid)
672 fnhe->fnhe_genid = genid;
676 fnhe->fnhe_pmtu = pmtu;
677 fnhe->fnhe_mtu_locked = lock;
679 fnhe->fnhe_expires = max(1UL, expires);
680 /* Update all cached dsts too */
681 rt = rcu_dereference(fnhe->fnhe_rth_input);
683 fill_route_from_fnhe(rt, fnhe);
684 rt = rcu_dereference(fnhe->fnhe_rth_output);
686 fill_route_from_fnhe(rt, fnhe);
688 if (depth > FNHE_RECLAIM_DEPTH)
689 fnhe = fnhe_oldest(hash);
691 fnhe = kzalloc(sizeof(*fnhe), GFP_ATOMIC);
695 fnhe->fnhe_next = hash->chain;
696 rcu_assign_pointer(hash->chain, fnhe);
698 fnhe->fnhe_genid = genid;
699 fnhe->fnhe_daddr = daddr;
701 fnhe->fnhe_pmtu = pmtu;
702 fnhe->fnhe_mtu_locked = lock;
703 fnhe->fnhe_expires = expires;
705 /* Exception created; mark the cached routes for the nexthop
706 * stale, so anyone caching it rechecks if this exception
709 rt = rcu_dereference(nh->nh_rth_input);
711 rt->dst.obsolete = DST_OBSOLETE_KILL;
713 for_each_possible_cpu(i) {
714 struct rtable __rcu **prt;
715 prt = per_cpu_ptr(nh->nh_pcpu_rth_output, i);
716 rt = rcu_dereference(*prt);
718 rt->dst.obsolete = DST_OBSOLETE_KILL;
722 fnhe->fnhe_stamp = jiffies;
725 spin_unlock_bh(&fnhe_lock);
728 static void __ip_do_redirect(struct rtable *rt, struct sk_buff *skb, struct flowi4 *fl4,
731 __be32 new_gw = icmp_hdr(skb)->un.gateway;
732 __be32 old_gw = ip_hdr(skb)->saddr;
733 struct net_device *dev = skb->dev;
734 struct in_device *in_dev;
735 struct fib_result res;
739 switch (icmp_hdr(skb)->code & 7) {
741 case ICMP_REDIR_NETTOS:
742 case ICMP_REDIR_HOST:
743 case ICMP_REDIR_HOSTTOS:
750 if (rt->rt_gateway != old_gw)
753 in_dev = __in_dev_get_rcu(dev);
758 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
759 ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
760 ipv4_is_zeronet(new_gw))
761 goto reject_redirect;
763 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
764 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
765 goto reject_redirect;
766 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
767 goto reject_redirect;
769 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
770 goto reject_redirect;
773 n = __ipv4_neigh_lookup(rt->dst.dev, new_gw);
775 n = neigh_create(&arp_tbl, &new_gw, rt->dst.dev);
777 if (!(n->nud_state & NUD_VALID)) {
778 neigh_event_send(n, NULL);
780 if (fib_lookup(net, fl4, &res, 0) == 0) {
781 struct fib_nh *nh = &FIB_RES_NH(res);
783 update_or_create_fnhe(nh, fl4->daddr, new_gw,
785 jiffies + ip_rt_gc_timeout);
788 rt->dst.obsolete = DST_OBSOLETE_KILL;
789 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, n);
796 #ifdef CONFIG_IP_ROUTE_VERBOSE
797 if (IN_DEV_LOG_MARTIANS(in_dev)) {
798 const struct iphdr *iph = (const struct iphdr *) skb->data;
799 __be32 daddr = iph->daddr;
800 __be32 saddr = iph->saddr;
802 net_info_ratelimited("Redirect from %pI4 on %s about %pI4 ignored\n"
803 " Advised path = %pI4 -> %pI4\n",
804 &old_gw, dev->name, &new_gw,
811 static void ip_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
815 const struct iphdr *iph = (const struct iphdr *) skb->data;
816 int oif = skb->dev->ifindex;
817 u8 tos = RT_TOS(iph->tos);
818 u8 prot = iph->protocol;
819 u32 mark = skb->mark;
821 rt = (struct rtable *) dst;
823 __build_flow_key(&fl4, sk, iph, oif, tos, prot, mark, 0);
824 __ip_do_redirect(rt, skb, &fl4, true);
827 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
829 struct rtable *rt = (struct rtable *)dst;
830 struct dst_entry *ret = dst;
833 if (dst->obsolete > 0) {
836 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
847 * 1. The first ip_rt_redirect_number redirects are sent
848 * with exponential backoff, then we stop sending them at all,
849 * assuming that the host ignores our redirects.
850 * 2. If we did not see packets requiring redirects
851 * during ip_rt_redirect_silence, we assume that the host
852 * forgot redirected route and start to send redirects again.
854 * This algorithm is much cheaper and more intelligent than dumb load limiting
857 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
858 * and "frag. need" (breaks PMTU discovery) in icmp.c.
861 void ip_rt_send_redirect(struct sk_buff *skb)
863 struct rtable *rt = skb_rtable(skb);
864 struct in_device *in_dev;
865 struct inet_peer *peer;
871 in_dev = __in_dev_get_rcu(rt->dst.dev);
872 if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
876 log_martians = IN_DEV_LOG_MARTIANS(in_dev);
877 vif = l3mdev_master_ifindex_rcu(rt->dst.dev);
880 net = dev_net(rt->dst.dev);
881 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, vif, 1);
883 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST,
884 rt_nexthop(rt, ip_hdr(skb)->daddr));
888 /* No redirected packets during ip_rt_redirect_silence;
889 * reset the algorithm.
891 if (time_after(jiffies, peer->rate_last + ip_rt_redirect_silence)) {
892 peer->rate_tokens = 0;
893 peer->n_redirects = 0;
896 /* Too many ignored redirects; do not send anything
897 * set dst.rate_last to the last seen redirected packet.
899 if (peer->n_redirects >= ip_rt_redirect_number) {
900 peer->rate_last = jiffies;
904 /* Check for load limit; set rate_last to the latest sent
907 if (peer->n_redirects == 0 ||
910 (ip_rt_redirect_load << peer->n_redirects)))) {
911 __be32 gw = rt_nexthop(rt, ip_hdr(skb)->daddr);
913 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, gw);
914 peer->rate_last = jiffies;
916 #ifdef CONFIG_IP_ROUTE_VERBOSE
918 peer->n_redirects == ip_rt_redirect_number)
919 net_warn_ratelimited("host %pI4/if%d ignores redirects for %pI4 to %pI4\n",
920 &ip_hdr(skb)->saddr, inet_iif(skb),
921 &ip_hdr(skb)->daddr, &gw);
928 static int ip_error(struct sk_buff *skb)
930 struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
931 struct rtable *rt = skb_rtable(skb);
932 struct inet_peer *peer;
938 /* IP on this device is disabled. */
942 net = dev_net(rt->dst.dev);
943 if (!IN_DEV_FORWARD(in_dev)) {
944 switch (rt->dst.error) {
946 __IP_INC_STATS(net, IPSTATS_MIB_INADDRERRORS);
950 __IP_INC_STATS(net, IPSTATS_MIB_INNOROUTES);
956 switch (rt->dst.error) {
961 code = ICMP_HOST_UNREACH;
964 code = ICMP_NET_UNREACH;
965 __IP_INC_STATS(net, IPSTATS_MIB_INNOROUTES);
968 code = ICMP_PKT_FILTERED;
972 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr,
973 l3mdev_master_ifindex(skb->dev), 1);
978 peer->rate_tokens += now - peer->rate_last;
979 if (peer->rate_tokens > ip_rt_error_burst)
980 peer->rate_tokens = ip_rt_error_burst;
981 peer->rate_last = now;
982 if (peer->rate_tokens >= ip_rt_error_cost)
983 peer->rate_tokens -= ip_rt_error_cost;
989 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
995 static void __ip_rt_update_pmtu(struct rtable *rt, struct flowi4 *fl4, u32 mtu)
997 struct dst_entry *dst = &rt->dst;
998 u32 old_mtu = ipv4_mtu(dst);
999 struct fib_result res;
1002 if (ip_mtu_locked(dst))
1008 if (mtu < ip_rt_min_pmtu) {
1010 mtu = min(old_mtu, ip_rt_min_pmtu);
1013 if (rt->rt_pmtu == mtu && !lock &&
1014 time_before(jiffies, dst->expires - ip_rt_mtu_expires / 2))
1018 if (fib_lookup(dev_net(dst->dev), fl4, &res, 0) == 0) {
1019 struct fib_nh *nh = &FIB_RES_NH(res);
1021 update_or_create_fnhe(nh, fl4->daddr, 0, mtu, lock,
1022 jiffies + ip_rt_mtu_expires);
1027 static void ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
1028 struct sk_buff *skb, u32 mtu)
1030 struct rtable *rt = (struct rtable *) dst;
1033 ip_rt_build_flow_key(&fl4, sk, skb);
1034 __ip_rt_update_pmtu(rt, &fl4, mtu);
1037 void ipv4_update_pmtu(struct sk_buff *skb, struct net *net, u32 mtu,
1038 int oif, u32 mark, u8 protocol, int flow_flags)
1040 const struct iphdr *iph = (const struct iphdr *) skb->data;
1045 mark = IP4_REPLY_MARK(net, skb->mark);
1047 __build_flow_key(&fl4, NULL, iph, oif,
1048 RT_TOS(iph->tos), protocol, mark, flow_flags);
1049 rt = __ip_route_output_key(net, &fl4);
1051 __ip_rt_update_pmtu(rt, &fl4, mtu);
1055 EXPORT_SYMBOL_GPL(ipv4_update_pmtu);
1057 static void __ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1059 const struct iphdr *iph = (const struct iphdr *) skb->data;
1063 __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1065 if (!fl4.flowi4_mark)
1066 fl4.flowi4_mark = IP4_REPLY_MARK(sock_net(sk), skb->mark);
1068 rt = __ip_route_output_key(sock_net(sk), &fl4);
1070 __ip_rt_update_pmtu(rt, &fl4, mtu);
1075 void ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1077 const struct iphdr *iph = (const struct iphdr *) skb->data;
1080 struct dst_entry *odst = NULL;
1085 if (!ip_sk_accept_pmtu(sk))
1088 odst = sk_dst_get(sk);
1090 if (sock_owned_by_user(sk) || !odst) {
1091 __ipv4_sk_update_pmtu(skb, sk, mtu);
1095 __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1097 rt = (struct rtable *)odst;
1098 if (odst->obsolete && !odst->ops->check(odst, 0)) {
1099 rt = ip_route_output_flow(sock_net(sk), &fl4, sk);
1106 __ip_rt_update_pmtu((struct rtable *) rt->dst.path, &fl4, mtu);
1108 if (!dst_check(&rt->dst, 0)) {
1110 dst_release(&rt->dst);
1112 rt = ip_route_output_flow(sock_net(sk), &fl4, sk);
1120 sk_dst_set(sk, &rt->dst);
1126 EXPORT_SYMBOL_GPL(ipv4_sk_update_pmtu);
1128 void ipv4_redirect(struct sk_buff *skb, struct net *net,
1129 int oif, u32 mark, u8 protocol, int flow_flags)
1131 const struct iphdr *iph = (const struct iphdr *) skb->data;
1135 __build_flow_key(&fl4, NULL, iph, oif,
1136 RT_TOS(iph->tos), protocol, mark, flow_flags);
1137 rt = __ip_route_output_key(net, &fl4);
1139 __ip_do_redirect(rt, skb, &fl4, false);
1143 EXPORT_SYMBOL_GPL(ipv4_redirect);
1145 void ipv4_sk_redirect(struct sk_buff *skb, struct sock *sk)
1147 const struct iphdr *iph = (const struct iphdr *) skb->data;
1151 __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1152 rt = __ip_route_output_key(sock_net(sk), &fl4);
1154 __ip_do_redirect(rt, skb, &fl4, false);
1158 EXPORT_SYMBOL_GPL(ipv4_sk_redirect);
1160 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1162 struct rtable *rt = (struct rtable *) dst;
1164 /* All IPV4 dsts are created with ->obsolete set to the value
1165 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1166 * into this function always.
1168 * When a PMTU/redirect information update invalidates a route,
1169 * this is indicated by setting obsolete to DST_OBSOLETE_KILL or
1170 * DST_OBSOLETE_DEAD by dst_free().
1172 if (dst->obsolete != DST_OBSOLETE_FORCE_CHK || rt_is_expired(rt))
1177 static void ipv4_send_dest_unreach(struct sk_buff *skb)
1179 struct ip_options opt;
1182 /* Recompile ip options since IPCB may not be valid anymore.
1183 * Also check we have a reasonable ipv4 header.
1185 if (!pskb_network_may_pull(skb, sizeof(struct iphdr)) ||
1186 ip_hdr(skb)->version != 4 || ip_hdr(skb)->ihl < 5)
1189 memset(&opt, 0, sizeof(opt));
1190 if (ip_hdr(skb)->ihl > 5) {
1191 if (!pskb_network_may_pull(skb, ip_hdr(skb)->ihl * 4))
1193 opt.optlen = ip_hdr(skb)->ihl * 4 - sizeof(struct iphdr);
1196 res = __ip_options_compile(dev_net(skb->dev), &opt, skb, NULL);
1202 __icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0, &opt);
1205 static void ipv4_link_failure(struct sk_buff *skb)
1209 ipv4_send_dest_unreach(skb);
1211 rt = skb_rtable(skb);
1213 dst_set_expires(&rt->dst, 0);
1216 static int ip_rt_bug(struct net *net, struct sock *sk, struct sk_buff *skb)
1218 pr_debug("%s: %pI4 -> %pI4, %s\n",
1219 __func__, &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1220 skb->dev ? skb->dev->name : "?");
1227 We do not cache source address of outgoing interface,
1228 because it is used only by IP RR, TS and SRR options,
1229 so that it out of fast path.
1231 BTW remember: "addr" is allowed to be not aligned
1235 void ip_rt_get_source(u8 *addr, struct sk_buff *skb, struct rtable *rt)
1239 if (rt_is_output_route(rt))
1240 src = ip_hdr(skb)->saddr;
1242 struct fib_result res;
1248 memset(&fl4, 0, sizeof(fl4));
1249 fl4.daddr = iph->daddr;
1250 fl4.saddr = iph->saddr;
1251 fl4.flowi4_tos = RT_TOS(iph->tos);
1252 fl4.flowi4_oif = rt->dst.dev->ifindex;
1253 fl4.flowi4_iif = skb->dev->ifindex;
1254 fl4.flowi4_mark = skb->mark;
1257 if (fib_lookup(dev_net(rt->dst.dev), &fl4, &res, 0) == 0)
1258 src = FIB_RES_PREFSRC(dev_net(rt->dst.dev), res);
1260 src = inet_select_addr(rt->dst.dev,
1261 rt_nexthop(rt, iph->daddr),
1265 memcpy(addr, &src, 4);
1268 #ifdef CONFIG_IP_ROUTE_CLASSID
1269 static void set_class_tag(struct rtable *rt, u32 tag)
1271 if (!(rt->dst.tclassid & 0xFFFF))
1272 rt->dst.tclassid |= tag & 0xFFFF;
1273 if (!(rt->dst.tclassid & 0xFFFF0000))
1274 rt->dst.tclassid |= tag & 0xFFFF0000;
1278 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1280 unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1283 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1285 if (advmss > 65535 - 40)
1286 advmss = 65535 - 40;
1291 static unsigned int ipv4_mtu(const struct dst_entry *dst)
1293 const struct rtable *rt = (const struct rtable *) dst;
1294 unsigned int mtu = rt->rt_pmtu;
1296 if (!mtu || time_after_eq(jiffies, rt->dst.expires))
1297 mtu = dst_metric_raw(dst, RTAX_MTU);
1302 mtu = READ_ONCE(dst->dev->mtu);
1304 if (unlikely(ip_mtu_locked(dst))) {
1305 if (rt->rt_uses_gateway && mtu > 576)
1309 mtu = min_t(unsigned int, mtu, IP_MAX_MTU);
1311 return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
1314 static struct fib_nh_exception *find_exception(struct fib_nh *nh, __be32 daddr)
1316 struct fnhe_hash_bucket *hash = rcu_dereference(nh->nh_exceptions);
1317 struct fib_nh_exception *fnhe;
1323 hval = fnhe_hashfun(daddr);
1325 for (fnhe = rcu_dereference(hash[hval].chain); fnhe;
1326 fnhe = rcu_dereference(fnhe->fnhe_next)) {
1327 if (fnhe->fnhe_daddr == daddr)
1333 static bool rt_bind_exception(struct rtable *rt, struct fib_nh_exception *fnhe,
1338 spin_lock_bh(&fnhe_lock);
1340 if (daddr == fnhe->fnhe_daddr) {
1341 struct rtable __rcu **porig;
1342 struct rtable *orig;
1343 int genid = fnhe_genid(dev_net(rt->dst.dev));
1345 if (rt_is_input_route(rt))
1346 porig = &fnhe->fnhe_rth_input;
1348 porig = &fnhe->fnhe_rth_output;
1349 orig = rcu_dereference(*porig);
1351 if (fnhe->fnhe_genid != genid) {
1352 fnhe->fnhe_genid = genid;
1354 fnhe->fnhe_pmtu = 0;
1355 fnhe->fnhe_expires = 0;
1356 fnhe_flush_routes(fnhe);
1359 fill_route_from_fnhe(rt, fnhe);
1360 if (!rt->rt_gateway)
1361 rt->rt_gateway = daddr;
1363 if (!(rt->dst.flags & DST_NOCACHE)) {
1364 rcu_assign_pointer(*porig, rt);
1370 fnhe->fnhe_stamp = jiffies;
1372 spin_unlock_bh(&fnhe_lock);
1377 static bool rt_cache_route(struct fib_nh *nh, struct rtable *rt)
1379 struct rtable *orig, *prev, **p;
1382 if (rt_is_input_route(rt)) {
1383 p = (struct rtable **)&nh->nh_rth_input;
1385 p = (struct rtable **)raw_cpu_ptr(nh->nh_pcpu_rth_output);
1389 prev = cmpxchg(p, orig, rt);
1399 struct uncached_list {
1401 struct list_head head;
1404 static DEFINE_PER_CPU_ALIGNED(struct uncached_list, rt_uncached_list);
1406 static void rt_add_uncached_list(struct rtable *rt)
1408 struct uncached_list *ul = raw_cpu_ptr(&rt_uncached_list);
1410 rt->rt_uncached_list = ul;
1412 spin_lock_bh(&ul->lock);
1413 list_add_tail(&rt->rt_uncached, &ul->head);
1414 spin_unlock_bh(&ul->lock);
1417 static void ipv4_dst_destroy(struct dst_entry *dst)
1419 struct dst_metrics *p = (struct dst_metrics *)DST_METRICS_PTR(dst);
1420 struct rtable *rt = (struct rtable *) dst;
1422 if (p != &dst_default_metrics && atomic_dec_and_test(&p->refcnt))
1425 if (!list_empty(&rt->rt_uncached)) {
1426 struct uncached_list *ul = rt->rt_uncached_list;
1428 spin_lock_bh(&ul->lock);
1429 list_del(&rt->rt_uncached);
1430 spin_unlock_bh(&ul->lock);
1434 void rt_flush_dev(struct net_device *dev)
1436 struct net *net = dev_net(dev);
1440 for_each_possible_cpu(cpu) {
1441 struct uncached_list *ul = &per_cpu(rt_uncached_list, cpu);
1443 spin_lock_bh(&ul->lock);
1444 list_for_each_entry(rt, &ul->head, rt_uncached) {
1445 if (rt->dst.dev != dev)
1447 rt->dst.dev = net->loopback_dev;
1448 dev_hold(rt->dst.dev);
1451 spin_unlock_bh(&ul->lock);
1455 static bool rt_cache_valid(const struct rtable *rt)
1458 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1462 static void rt_set_nexthop(struct rtable *rt, __be32 daddr,
1463 const struct fib_result *res,
1464 struct fib_nh_exception *fnhe,
1465 struct fib_info *fi, u16 type, u32 itag)
1467 bool cached = false;
1470 struct fib_nh *nh = &FIB_RES_NH(*res);
1472 if (nh->nh_gw && nh->nh_scope == RT_SCOPE_LINK) {
1473 rt->rt_gateway = nh->nh_gw;
1474 rt->rt_uses_gateway = 1;
1476 dst_init_metrics(&rt->dst, fi->fib_metrics->metrics, true);
1477 if (fi->fib_metrics != &dst_default_metrics) {
1478 rt->dst._metrics |= DST_METRICS_REFCOUNTED;
1479 atomic_inc(&fi->fib_metrics->refcnt);
1481 #ifdef CONFIG_IP_ROUTE_CLASSID
1482 rt->dst.tclassid = nh->nh_tclassid;
1484 rt->dst.lwtstate = lwtstate_get(nh->nh_lwtstate);
1486 cached = rt_bind_exception(rt, fnhe, daddr);
1487 else if (!(rt->dst.flags & DST_NOCACHE))
1488 cached = rt_cache_route(nh, rt);
1489 if (unlikely(!cached)) {
1490 /* Routes we intend to cache in nexthop exception or
1491 * FIB nexthop have the DST_NOCACHE bit clear.
1492 * However, if we are unsuccessful at storing this
1493 * route into the cache we really need to set it.
1495 rt->dst.flags |= DST_NOCACHE;
1496 if (!rt->rt_gateway)
1497 rt->rt_gateway = daddr;
1498 rt_add_uncached_list(rt);
1501 rt_add_uncached_list(rt);
1503 #ifdef CONFIG_IP_ROUTE_CLASSID
1504 #ifdef CONFIG_IP_MULTIPLE_TABLES
1505 set_class_tag(rt, res->tclassid);
1507 set_class_tag(rt, itag);
1511 struct rtable *rt_dst_alloc(struct net_device *dev,
1512 unsigned int flags, u16 type,
1513 bool nopolicy, bool noxfrm, bool will_cache)
1517 rt = dst_alloc(&ipv4_dst_ops, dev, 1, DST_OBSOLETE_FORCE_CHK,
1518 (will_cache ? 0 : (DST_HOST | DST_NOCACHE)) |
1519 (nopolicy ? DST_NOPOLICY : 0) |
1520 (noxfrm ? DST_NOXFRM : 0));
1523 rt->rt_genid = rt_genid_ipv4(dev_net(dev));
1524 rt->rt_flags = flags;
1526 rt->rt_is_input = 0;
1529 rt->rt_mtu_locked = 0;
1531 rt->rt_uses_gateway = 0;
1532 rt->rt_table_id = 0;
1533 INIT_LIST_HEAD(&rt->rt_uncached);
1535 rt->dst.output = ip_output;
1536 if (flags & RTCF_LOCAL)
1537 rt->dst.input = ip_local_deliver;
1542 EXPORT_SYMBOL(rt_dst_alloc);
1544 /* called in rcu_read_lock() section */
1545 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1546 u8 tos, struct net_device *dev, int our)
1549 struct in_device *in_dev = __in_dev_get_rcu(dev);
1550 unsigned int flags = RTCF_MULTICAST;
1554 /* Primary sanity checks. */
1559 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1560 skb->protocol != htons(ETH_P_IP))
1563 if (ipv4_is_loopback(saddr) && !IN_DEV_ROUTE_LOCALNET(in_dev))
1566 if (ipv4_is_zeronet(saddr)) {
1567 if (!ipv4_is_local_multicast(daddr))
1570 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1576 flags |= RTCF_LOCAL;
1578 rth = rt_dst_alloc(dev_net(dev)->loopback_dev, flags, RTN_MULTICAST,
1579 IN_DEV_CONF_GET(in_dev, NOPOLICY), false, false);
1583 #ifdef CONFIG_IP_ROUTE_CLASSID
1584 rth->dst.tclassid = itag;
1586 rth->dst.output = ip_rt_bug;
1587 rth->rt_is_input= 1;
1589 #ifdef CONFIG_IP_MROUTE
1590 if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1591 rth->dst.input = ip_mr_input;
1593 RT_CACHE_STAT_INC(in_slow_mc);
1595 skb_dst_set(skb, &rth->dst);
1607 static void ip_handle_martian_source(struct net_device *dev,
1608 struct in_device *in_dev,
1609 struct sk_buff *skb,
1613 RT_CACHE_STAT_INC(in_martian_src);
1614 #ifdef CONFIG_IP_ROUTE_VERBOSE
1615 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1617 * RFC1812 recommendation, if source is martian,
1618 * the only hint is MAC header.
1620 pr_warn("martian source %pI4 from %pI4, on dev %s\n",
1621 &daddr, &saddr, dev->name);
1622 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1623 print_hex_dump(KERN_WARNING, "ll header: ",
1624 DUMP_PREFIX_OFFSET, 16, 1,
1625 skb_mac_header(skb),
1626 dev->hard_header_len, true);
1632 static void ip_del_fnhe(struct fib_nh *nh, __be32 daddr)
1634 struct fnhe_hash_bucket *hash;
1635 struct fib_nh_exception *fnhe, __rcu **fnhe_p;
1636 u32 hval = fnhe_hashfun(daddr);
1638 spin_lock_bh(&fnhe_lock);
1640 hash = rcu_dereference_protected(nh->nh_exceptions,
1641 lockdep_is_held(&fnhe_lock));
1644 fnhe_p = &hash->chain;
1645 fnhe = rcu_dereference_protected(*fnhe_p, lockdep_is_held(&fnhe_lock));
1647 if (fnhe->fnhe_daddr == daddr) {
1648 rcu_assign_pointer(*fnhe_p, rcu_dereference_protected(
1649 fnhe->fnhe_next, lockdep_is_held(&fnhe_lock)));
1650 /* set fnhe_daddr to 0 to ensure it won't bind with
1651 * new dsts in rt_bind_exception().
1653 fnhe->fnhe_daddr = 0;
1654 fnhe_flush_routes(fnhe);
1655 kfree_rcu(fnhe, rcu);
1658 fnhe_p = &fnhe->fnhe_next;
1659 fnhe = rcu_dereference_protected(fnhe->fnhe_next,
1660 lockdep_is_held(&fnhe_lock));
1663 spin_unlock_bh(&fnhe_lock);
1666 /* called in rcu_read_lock() section */
1667 static int __mkroute_input(struct sk_buff *skb,
1668 const struct fib_result *res,
1669 struct in_device *in_dev,
1670 __be32 daddr, __be32 saddr, u32 tos)
1672 struct fib_nh_exception *fnhe;
1675 struct in_device *out_dev;
1679 /* get a working reference to the output device */
1680 out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1682 net_crit_ratelimited("Bug in ip_route_input_slow(). Please report.\n");
1686 err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res),
1687 in_dev->dev, in_dev, &itag);
1689 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1695 do_cache = res->fi && !itag;
1696 if (out_dev == in_dev && err && IN_DEV_TX_REDIRECTS(out_dev) &&
1697 skb->protocol == htons(ETH_P_IP) &&
1698 (IN_DEV_SHARED_MEDIA(out_dev) ||
1699 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1700 IPCB(skb)->flags |= IPSKB_DOREDIRECT;
1702 if (skb->protocol != htons(ETH_P_IP)) {
1703 /* Not IP (i.e. ARP). Do not create route, if it is
1704 * invalid for proxy arp. DNAT routes are always valid.
1706 * Proxy arp feature have been extended to allow, ARP
1707 * replies back to the same interface, to support
1708 * Private VLAN switch technologies. See arp.c.
1710 if (out_dev == in_dev &&
1711 IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
1717 fnhe = find_exception(&FIB_RES_NH(*res), daddr);
1720 rth = rcu_dereference(fnhe->fnhe_rth_input);
1721 if (rth && rth->dst.expires &&
1722 time_after(jiffies, rth->dst.expires)) {
1723 ip_del_fnhe(&FIB_RES_NH(*res), daddr);
1730 rth = rcu_dereference(FIB_RES_NH(*res).nh_rth_input);
1733 if (rt_cache_valid(rth)) {
1734 skb_dst_set_noref(skb, &rth->dst);
1739 rth = rt_dst_alloc(out_dev->dev, 0, res->type,
1740 IN_DEV_CONF_GET(in_dev, NOPOLICY),
1741 IN_DEV_CONF_GET(out_dev, NOXFRM), do_cache);
1747 rth->rt_is_input = 1;
1749 rth->rt_table_id = res->table->tb_id;
1750 RT_CACHE_STAT_INC(in_slow_tot);
1752 rth->dst.input = ip_forward;
1754 rt_set_nexthop(rth, daddr, res, fnhe, res->fi, res->type, itag);
1755 if (lwtunnel_output_redirect(rth->dst.lwtstate)) {
1756 rth->dst.lwtstate->orig_output = rth->dst.output;
1757 rth->dst.output = lwtunnel_output;
1759 if (lwtunnel_input_redirect(rth->dst.lwtstate)) {
1760 rth->dst.lwtstate->orig_input = rth->dst.input;
1761 rth->dst.input = lwtunnel_input;
1763 skb_dst_set(skb, &rth->dst);
1770 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1772 /* To make ICMP packets follow the right flow, the multipath hash is
1773 * calculated from the inner IP addresses in reverse order.
1775 static int ip_multipath_icmp_hash(struct sk_buff *skb)
1777 const struct iphdr *outer_iph = ip_hdr(skb);
1778 struct icmphdr _icmph;
1779 const struct icmphdr *icmph;
1780 struct iphdr _inner_iph;
1781 const struct iphdr *inner_iph;
1783 if (unlikely((outer_iph->frag_off & htons(IP_OFFSET)) != 0))
1786 icmph = skb_header_pointer(skb, outer_iph->ihl * 4, sizeof(_icmph),
1791 if (icmph->type != ICMP_DEST_UNREACH &&
1792 icmph->type != ICMP_REDIRECT &&
1793 icmph->type != ICMP_TIME_EXCEEDED &&
1794 icmph->type != ICMP_PARAMETERPROB) {
1798 inner_iph = skb_header_pointer(skb,
1799 outer_iph->ihl * 4 + sizeof(_icmph),
1800 sizeof(_inner_iph), &_inner_iph);
1804 return fib_multipath_hash(inner_iph->daddr, inner_iph->saddr);
1807 return fib_multipath_hash(outer_iph->saddr, outer_iph->daddr);
1810 #endif /* CONFIG_IP_ROUTE_MULTIPATH */
1812 static int ip_mkroute_input(struct sk_buff *skb,
1813 struct fib_result *res,
1814 const struct flowi4 *fl4,
1815 struct in_device *in_dev,
1816 __be32 daddr, __be32 saddr, u32 tos)
1818 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1819 if (res->fi && res->fi->fib_nhs > 1) {
1822 if (unlikely(ip_hdr(skb)->protocol == IPPROTO_ICMP))
1823 h = ip_multipath_icmp_hash(skb);
1825 h = fib_multipath_hash(saddr, daddr);
1826 fib_select_multipath(res, h);
1830 /* create a routing cache entry */
1831 return __mkroute_input(skb, res, in_dev, daddr, saddr, tos);
1835 * NOTE. We drop all the packets that has local source
1836 * addresses, because every properly looped back packet
1837 * must have correct destination already attached by output routine.
1839 * Such approach solves two big problems:
1840 * 1. Not simplex devices are handled properly.
1841 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1842 * called with rcu_read_lock()
1845 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1846 u8 tos, struct net_device *dev)
1848 struct fib_result res;
1849 struct in_device *in_dev = __in_dev_get_rcu(dev);
1850 struct ip_tunnel_info *tun_info;
1852 unsigned int flags = 0;
1856 struct net *net = dev_net(dev);
1859 /* IP on this device is disabled. */
1864 /* Check for the most weird martians, which can be not detected
1868 tun_info = skb_tunnel_info(skb);
1869 if (tun_info && !(tun_info->mode & IP_TUNNEL_INFO_TX))
1870 fl4.flowi4_tun_key.tun_id = tun_info->key.tun_id;
1872 fl4.flowi4_tun_key.tun_id = 0;
1875 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
1876 goto martian_source;
1880 if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
1883 /* Accept zero addresses only to limited broadcast;
1884 * I even do not know to fix it or not. Waiting for complains :-)
1886 if (ipv4_is_zeronet(saddr))
1887 goto martian_source;
1889 if (ipv4_is_zeronet(daddr))
1890 goto martian_destination;
1892 /* Following code try to avoid calling IN_DEV_NET_ROUTE_LOCALNET(),
1893 * and call it once if daddr or/and saddr are loopback addresses
1895 if (ipv4_is_loopback(daddr)) {
1896 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1897 goto martian_destination;
1898 } else if (ipv4_is_loopback(saddr)) {
1899 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1900 goto martian_source;
1904 * Now we are ready to route packet.
1907 fl4.flowi4_iif = dev->ifindex;
1908 fl4.flowi4_mark = skb->mark;
1909 fl4.flowi4_tos = tos;
1910 fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
1911 fl4.flowi4_flags = 0;
1914 err = fib_lookup(net, &fl4, &res, 0);
1916 if (!IN_DEV_FORWARD(in_dev))
1917 err = -EHOSTUNREACH;
1921 if (res.type == RTN_BROADCAST)
1924 if (res.type == RTN_LOCAL) {
1925 err = fib_validate_source(skb, saddr, daddr, tos,
1926 0, dev, in_dev, &itag);
1928 goto martian_source;
1932 if (!IN_DEV_FORWARD(in_dev)) {
1933 err = -EHOSTUNREACH;
1936 if (res.type != RTN_UNICAST)
1937 goto martian_destination;
1939 err = ip_mkroute_input(skb, &res, &fl4, in_dev, daddr, saddr, tos);
1943 if (skb->protocol != htons(ETH_P_IP))
1946 if (!ipv4_is_zeronet(saddr)) {
1947 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1950 goto martian_source;
1952 flags |= RTCF_BROADCAST;
1953 res.type = RTN_BROADCAST;
1954 RT_CACHE_STAT_INC(in_brd);
1960 rth = rcu_dereference(FIB_RES_NH(res).nh_rth_input);
1961 if (rt_cache_valid(rth)) {
1962 skb_dst_set_noref(skb, &rth->dst);
1970 rth = rt_dst_alloc(l3mdev_master_dev_rcu(dev) ? : net->loopback_dev,
1971 flags | RTCF_LOCAL, res.type,
1972 IN_DEV_CONF_GET(in_dev, NOPOLICY), false, do_cache);
1976 rth->dst.output= ip_rt_bug;
1977 #ifdef CONFIG_IP_ROUTE_CLASSID
1978 rth->dst.tclassid = itag;
1980 rth->rt_is_input = 1;
1982 rth->rt_table_id = res.table->tb_id;
1984 RT_CACHE_STAT_INC(in_slow_tot);
1985 if (res.type == RTN_UNREACHABLE) {
1986 rth->dst.input= ip_error;
1987 rth->dst.error= -err;
1988 rth->rt_flags &= ~RTCF_LOCAL;
1991 if (unlikely(!rt_cache_route(&FIB_RES_NH(res), rth))) {
1992 rth->dst.flags |= DST_NOCACHE;
1993 rt_add_uncached_list(rth);
1996 skb_dst_set(skb, &rth->dst);
2001 RT_CACHE_STAT_INC(in_no_route);
2002 res.type = RTN_UNREACHABLE;
2008 * Do not cache martian addresses: they should be logged (RFC1812)
2010 martian_destination:
2011 RT_CACHE_STAT_INC(in_martian_dst);
2012 #ifdef CONFIG_IP_ROUTE_VERBOSE
2013 if (IN_DEV_LOG_MARTIANS(in_dev))
2014 net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n",
2015 &daddr, &saddr, dev->name);
2027 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
2031 int ip_route_input_noref(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2032 u8 tos, struct net_device *dev)
2036 tos &= IPTOS_RT_MASK;
2039 /* Multicast recognition logic is moved from route cache to here.
2040 The problem was that too many Ethernet cards have broken/missing
2041 hardware multicast filters :-( As result the host on multicasting
2042 network acquires a lot of useless route cache entries, sort of
2043 SDR messages from all the world. Now we try to get rid of them.
2044 Really, provided software IP multicast filter is organized
2045 reasonably (at least, hashed), it does not result in a slowdown
2046 comparing with route cache reject entries.
2047 Note, that multicast routers are not affected, because
2048 route cache entry is created eventually.
2050 if (ipv4_is_multicast(daddr)) {
2051 struct in_device *in_dev = __in_dev_get_rcu(dev);
2054 int our = ip_check_mc_rcu(in_dev, daddr, saddr,
2055 ip_hdr(skb)->protocol);
2057 #ifdef CONFIG_IP_MROUTE
2059 (!ipv4_is_local_multicast(daddr) &&
2060 IN_DEV_MFORWARD(in_dev))
2063 int res = ip_route_input_mc(skb, daddr, saddr,
2072 res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
2076 EXPORT_SYMBOL(ip_route_input_noref);
2078 /* called with rcu_read_lock() */
2079 static struct rtable *__mkroute_output(const struct fib_result *res,
2080 const struct flowi4 *fl4, int orig_oif,
2081 struct net_device *dev_out,
2084 struct fib_info *fi = res->fi;
2085 struct fib_nh_exception *fnhe;
2086 struct in_device *in_dev;
2087 u16 type = res->type;
2091 in_dev = __in_dev_get_rcu(dev_out);
2093 return ERR_PTR(-EINVAL);
2095 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
2096 if (ipv4_is_loopback(fl4->saddr) &&
2097 !(dev_out->flags & IFF_LOOPBACK) &&
2098 !netif_is_l3_master(dev_out))
2099 return ERR_PTR(-EINVAL);
2101 if (ipv4_is_lbcast(fl4->daddr))
2102 type = RTN_BROADCAST;
2103 else if (ipv4_is_multicast(fl4->daddr))
2104 type = RTN_MULTICAST;
2105 else if (ipv4_is_zeronet(fl4->daddr))
2106 return ERR_PTR(-EINVAL);
2108 if (dev_out->flags & IFF_LOOPBACK)
2109 flags |= RTCF_LOCAL;
2112 if (type == RTN_BROADCAST) {
2113 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2115 } else if (type == RTN_MULTICAST) {
2116 flags |= RTCF_MULTICAST | RTCF_LOCAL;
2117 if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
2119 flags &= ~RTCF_LOCAL;
2122 /* If multicast route do not exist use
2123 * default one, but do not gateway in this case.
2126 if (fi && res->prefixlen < 4)
2128 } else if ((type == RTN_LOCAL) && (orig_oif != 0) &&
2129 (orig_oif != dev_out->ifindex)) {
2130 /* For local routes that require a particular output interface
2131 * we do not want to cache the result. Caching the result
2132 * causes incorrect behaviour when there are multiple source
2133 * addresses on the interface, the end result being that if the
2134 * intended recipient is waiting on that interface for the
2135 * packet he won't receive it because it will be delivered on
2136 * the loopback interface and the IP_PKTINFO ipi_ifindex will
2137 * be set to the loopback interface as well.
2143 do_cache &= fi != NULL;
2145 struct rtable __rcu **prth;
2146 struct fib_nh *nh = &FIB_RES_NH(*res);
2148 fnhe = find_exception(nh, fl4->daddr);
2150 prth = &fnhe->fnhe_rth_output;
2151 rth = rcu_dereference(*prth);
2152 if (rth && rth->dst.expires &&
2153 time_after(jiffies, rth->dst.expires)) {
2154 ip_del_fnhe(nh, fl4->daddr);
2161 if (unlikely(fl4->flowi4_flags &
2162 FLOWI_FLAG_KNOWN_NH &&
2164 nh->nh_scope == RT_SCOPE_LINK))) {
2168 prth = raw_cpu_ptr(nh->nh_pcpu_rth_output);
2169 rth = rcu_dereference(*prth);
2172 if (rt_cache_valid(rth)) {
2173 dst_hold(&rth->dst);
2179 rth = rt_dst_alloc(dev_out, flags, type,
2180 IN_DEV_CONF_GET(in_dev, NOPOLICY),
2181 IN_DEV_CONF_GET(in_dev, NOXFRM),
2184 return ERR_PTR(-ENOBUFS);
2186 rth->rt_iif = orig_oif ? : 0;
2188 rth->rt_table_id = res->table->tb_id;
2190 RT_CACHE_STAT_INC(out_slow_tot);
2192 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2193 if (flags & RTCF_LOCAL &&
2194 !(dev_out->flags & IFF_LOOPBACK)) {
2195 rth->dst.output = ip_mc_output;
2196 RT_CACHE_STAT_INC(out_slow_mc);
2198 #ifdef CONFIG_IP_MROUTE
2199 if (type == RTN_MULTICAST) {
2200 if (IN_DEV_MFORWARD(in_dev) &&
2201 !ipv4_is_local_multicast(fl4->daddr)) {
2202 rth->dst.input = ip_mr_input;
2203 rth->dst.output = ip_mc_output;
2209 rt_set_nexthop(rth, fl4->daddr, res, fnhe, fi, type, 0);
2210 if (lwtunnel_output_redirect(rth->dst.lwtstate))
2211 rth->dst.output = lwtunnel_output;
2217 * Major route resolver routine.
2220 struct rtable *__ip_route_output_key_hash(struct net *net, struct flowi4 *fl4,
2223 struct net_device *dev_out = NULL;
2224 __u8 tos = RT_FL_TOS(fl4);
2225 unsigned int flags = 0;
2226 struct fib_result res;
2235 orig_oif = fl4->flowi4_oif;
2237 fl4->flowi4_iif = LOOPBACK_IFINDEX;
2238 fl4->flowi4_tos = tos & IPTOS_RT_MASK;
2239 fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
2240 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
2244 if (ipv4_is_multicast(fl4->saddr) ||
2245 ipv4_is_lbcast(fl4->saddr) ||
2246 ipv4_is_zeronet(fl4->saddr)) {
2247 rth = ERR_PTR(-EINVAL);
2251 rth = ERR_PTR(-ENETUNREACH);
2253 /* I removed check for oif == dev_out->oif here.
2254 It was wrong for two reasons:
2255 1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2256 is assigned to multiple interfaces.
2257 2. Moreover, we are allowed to send packets with saddr
2258 of another iface. --ANK
2261 if (fl4->flowi4_oif == 0 &&
2262 (ipv4_is_multicast(fl4->daddr) ||
2263 ipv4_is_lbcast(fl4->daddr))) {
2264 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2265 dev_out = __ip_dev_find(net, fl4->saddr, false);
2269 /* Special hack: user can direct multicasts
2270 and limited broadcast via necessary interface
2271 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2272 This hack is not just for fun, it allows
2273 vic,vat and friends to work.
2274 They bind socket to loopback, set ttl to zero
2275 and expect that it will work.
2276 From the viewpoint of routing cache they are broken,
2277 because we are not allowed to build multicast path
2278 with loopback source addr (look, routing cache
2279 cannot know, that ttl is zero, so that packet
2280 will not leave this host and route is valid).
2281 Luckily, this hack is good workaround.
2284 fl4->flowi4_oif = dev_out->ifindex;
2288 if (!(fl4->flowi4_flags & FLOWI_FLAG_ANYSRC)) {
2289 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2290 if (!__ip_dev_find(net, fl4->saddr, false))
2296 if (fl4->flowi4_oif) {
2297 dev_out = dev_get_by_index_rcu(net, fl4->flowi4_oif);
2298 rth = ERR_PTR(-ENODEV);
2302 /* RACE: Check return value of inet_select_addr instead. */
2303 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
2304 rth = ERR_PTR(-ENETUNREACH);
2307 if (ipv4_is_local_multicast(fl4->daddr) ||
2308 ipv4_is_lbcast(fl4->daddr) ||
2309 fl4->flowi4_proto == IPPROTO_IGMP) {
2311 fl4->saddr = inet_select_addr(dev_out, 0,
2316 if (ipv4_is_multicast(fl4->daddr))
2317 fl4->saddr = inet_select_addr(dev_out, 0,
2319 else if (!fl4->daddr)
2320 fl4->saddr = inet_select_addr(dev_out, 0,
2326 fl4->daddr = fl4->saddr;
2328 fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
2329 dev_out = net->loopback_dev;
2330 fl4->flowi4_oif = LOOPBACK_IFINDEX;
2331 res.type = RTN_LOCAL;
2332 flags |= RTCF_LOCAL;
2336 err = fib_lookup(net, fl4, &res, 0);
2340 if (fl4->flowi4_oif &&
2341 !netif_index_is_l3_master(net, fl4->flowi4_oif)) {
2342 /* Apparently, routing tables are wrong. Assume,
2343 that the destination is on link.
2346 Because we are allowed to send to iface
2347 even if it has NO routes and NO assigned
2348 addresses. When oif is specified, routing
2349 tables are looked up with only one purpose:
2350 to catch if destination is gatewayed, rather than
2351 direct. Moreover, if MSG_DONTROUTE is set,
2352 we send packet, ignoring both routing tables
2353 and ifaddr state. --ANK
2356 We could make it even if oif is unknown,
2357 likely IPv6, but we do not.
2360 if (fl4->saddr == 0)
2361 fl4->saddr = inet_select_addr(dev_out, 0,
2363 res.type = RTN_UNICAST;
2370 if (res.type == RTN_LOCAL) {
2372 if (res.fi->fib_prefsrc)
2373 fl4->saddr = res.fi->fib_prefsrc;
2375 fl4->saddr = fl4->daddr;
2378 /* L3 master device is the loopback for that domain */
2379 dev_out = l3mdev_master_dev_rcu(dev_out) ? : net->loopback_dev;
2380 fl4->flowi4_oif = dev_out->ifindex;
2381 flags |= RTCF_LOCAL;
2385 fib_select_path(net, &res, fl4, mp_hash);
2387 dev_out = FIB_RES_DEV(res);
2388 fl4->flowi4_oif = dev_out->ifindex;
2392 rth = __mkroute_output(&res, fl4, orig_oif, dev_out, flags);
2398 EXPORT_SYMBOL_GPL(__ip_route_output_key_hash);
2400 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2405 static unsigned int ipv4_blackhole_mtu(const struct dst_entry *dst)
2407 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
2409 return mtu ? : dst->dev->mtu;
2412 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
2413 struct sk_buff *skb, u32 mtu)
2417 static void ipv4_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
2418 struct sk_buff *skb)
2422 static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2428 static struct dst_ops ipv4_dst_blackhole_ops = {
2430 .check = ipv4_blackhole_dst_check,
2431 .mtu = ipv4_blackhole_mtu,
2432 .default_advmss = ipv4_default_advmss,
2433 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2434 .redirect = ipv4_rt_blackhole_redirect,
2435 .cow_metrics = ipv4_rt_blackhole_cow_metrics,
2436 .neigh_lookup = ipv4_neigh_lookup,
2439 struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2441 struct rtable *ort = (struct rtable *) dst_orig;
2444 rt = dst_alloc(&ipv4_dst_blackhole_ops, NULL, 1, DST_OBSOLETE_NONE, 0);
2446 struct dst_entry *new = &rt->dst;
2449 new->input = dst_discard;
2450 new->output = dst_discard_out;
2452 new->dev = ort->dst.dev;
2456 rt->rt_is_input = ort->rt_is_input;
2457 rt->rt_iif = ort->rt_iif;
2458 rt->rt_pmtu = ort->rt_pmtu;
2459 rt->rt_mtu_locked = ort->rt_mtu_locked;
2461 rt->rt_genid = rt_genid_ipv4(net);
2462 rt->rt_flags = ort->rt_flags;
2463 rt->rt_type = ort->rt_type;
2464 rt->rt_gateway = ort->rt_gateway;
2465 rt->rt_uses_gateway = ort->rt_uses_gateway;
2467 INIT_LIST_HEAD(&rt->rt_uncached);
2471 dst_release(dst_orig);
2473 return rt ? &rt->dst : ERR_PTR(-ENOMEM);
2476 struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2477 const struct sock *sk)
2479 struct rtable *rt = __ip_route_output_key(net, flp4);
2484 if (flp4->flowi4_proto)
2485 rt = (struct rtable *)xfrm_lookup_route(net, &rt->dst,
2486 flowi4_to_flowi(flp4),
2491 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2493 static int rt_fill_info(struct net *net, __be32 dst, __be32 src, u32 table_id,
2494 struct flowi4 *fl4, struct sk_buff *skb, u32 portid,
2495 u32 seq, int event, int nowait, unsigned int flags)
2497 struct rtable *rt = skb_rtable(skb);
2499 struct nlmsghdr *nlh;
2500 unsigned long expires = 0;
2502 u32 metrics[RTAX_MAX];
2504 nlh = nlmsg_put(skb, portid, seq, event, sizeof(*r), flags);
2508 r = nlmsg_data(nlh);
2509 r->rtm_family = AF_INET;
2510 r->rtm_dst_len = 32;
2512 r->rtm_tos = fl4->flowi4_tos;
2513 r->rtm_table = table_id < 256 ? table_id : RT_TABLE_COMPAT;
2514 if (nla_put_u32(skb, RTA_TABLE, table_id))
2515 goto nla_put_failure;
2516 r->rtm_type = rt->rt_type;
2517 r->rtm_scope = RT_SCOPE_UNIVERSE;
2518 r->rtm_protocol = RTPROT_UNSPEC;
2519 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2520 if (rt->rt_flags & RTCF_NOTIFY)
2521 r->rtm_flags |= RTM_F_NOTIFY;
2522 if (IPCB(skb)->flags & IPSKB_DOREDIRECT)
2523 r->rtm_flags |= RTCF_DOREDIRECT;
2525 if (nla_put_in_addr(skb, RTA_DST, dst))
2526 goto nla_put_failure;
2528 r->rtm_src_len = 32;
2529 if (nla_put_in_addr(skb, RTA_SRC, src))
2530 goto nla_put_failure;
2533 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2534 goto nla_put_failure;
2535 #ifdef CONFIG_IP_ROUTE_CLASSID
2536 if (rt->dst.tclassid &&
2537 nla_put_u32(skb, RTA_FLOW, rt->dst.tclassid))
2538 goto nla_put_failure;
2540 if (!rt_is_input_route(rt) &&
2541 fl4->saddr != src) {
2542 if (nla_put_in_addr(skb, RTA_PREFSRC, fl4->saddr))
2543 goto nla_put_failure;
2545 if (rt->rt_uses_gateway &&
2546 nla_put_in_addr(skb, RTA_GATEWAY, rt->rt_gateway))
2547 goto nla_put_failure;
2549 expires = rt->dst.expires;
2551 unsigned long now = jiffies;
2553 if (time_before(now, expires))
2559 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
2560 if (rt->rt_pmtu && expires)
2561 metrics[RTAX_MTU - 1] = rt->rt_pmtu;
2562 if (rt->rt_mtu_locked && expires)
2563 metrics[RTAX_LOCK - 1] |= BIT(RTAX_MTU);
2564 if (rtnetlink_put_metrics(skb, metrics) < 0)
2565 goto nla_put_failure;
2567 if (fl4->flowi4_mark &&
2568 nla_put_u32(skb, RTA_MARK, fl4->flowi4_mark))
2569 goto nla_put_failure;
2571 error = rt->dst.error;
2573 if (rt_is_input_route(rt)) {
2574 #ifdef CONFIG_IP_MROUTE
2575 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2576 IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2577 int err = ipmr_get_route(net, skb,
2578 fl4->saddr, fl4->daddr,
2585 goto nla_put_failure;
2587 if (err == -EMSGSIZE)
2588 goto nla_put_failure;
2594 if (nla_put_u32(skb, RTA_IIF, skb->dev->ifindex))
2595 goto nla_put_failure;
2598 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, error) < 0)
2599 goto nla_put_failure;
2601 nlmsg_end(skb, nlh);
2605 nlmsg_cancel(skb, nlh);
2609 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh)
2611 struct net *net = sock_net(in_skb->sk);
2613 struct nlattr *tb[RTA_MAX+1];
2614 struct rtable *rt = NULL;
2621 struct sk_buff *skb;
2622 u32 table_id = RT_TABLE_MAIN;
2624 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2628 rtm = nlmsg_data(nlh);
2630 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2636 /* Reserve room for dummy headers, this skb can pass
2637 through good chunk of routing engine.
2639 skb_reset_mac_header(skb);
2640 skb_reset_network_header(skb);
2642 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2643 ip_hdr(skb)->protocol = IPPROTO_UDP;
2644 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2646 src = tb[RTA_SRC] ? nla_get_in_addr(tb[RTA_SRC]) : 0;
2647 dst = tb[RTA_DST] ? nla_get_in_addr(tb[RTA_DST]) : 0;
2648 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2649 mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2651 memset(&fl4, 0, sizeof(fl4));
2654 fl4.flowi4_tos = rtm->rtm_tos;
2655 fl4.flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0;
2656 fl4.flowi4_mark = mark;
2659 struct net_device *dev;
2661 dev = __dev_get_by_index(net, iif);
2667 skb->protocol = htons(ETH_P_IP);
2671 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2674 rt = skb_rtable(skb);
2675 if (err == 0 && rt->dst.error)
2676 err = -rt->dst.error;
2678 rt = ip_route_output_key(net, &fl4);
2688 skb_dst_set(skb, &rt->dst);
2689 if (rtm->rtm_flags & RTM_F_NOTIFY)
2690 rt->rt_flags |= RTCF_NOTIFY;
2692 if (rtm->rtm_flags & RTM_F_LOOKUP_TABLE)
2693 table_id = rt->rt_table_id;
2695 err = rt_fill_info(net, dst, src, table_id, &fl4, skb,
2696 NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
2697 RTM_NEWROUTE, 0, 0);
2701 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2710 void ip_rt_multicast_event(struct in_device *in_dev)
2712 rt_cache_flush(dev_net(in_dev->dev));
2715 #ifdef CONFIG_SYSCTL
2716 static int ip_rt_gc_interval __read_mostly = 60 * HZ;
2717 static int ip_rt_gc_min_interval __read_mostly = HZ / 2;
2718 static int ip_rt_gc_elasticity __read_mostly = 8;
2719 static int ip_min_valid_pmtu __read_mostly = IPV4_MIN_MTU;
2721 static int ipv4_sysctl_rtcache_flush(struct ctl_table *__ctl, int write,
2722 void __user *buffer,
2723 size_t *lenp, loff_t *ppos)
2725 struct net *net = (struct net *)__ctl->extra1;
2728 rt_cache_flush(net);
2729 fnhe_genid_bump(net);
2736 static struct ctl_table ipv4_route_table[] = {
2738 .procname = "gc_thresh",
2739 .data = &ipv4_dst_ops.gc_thresh,
2740 .maxlen = sizeof(int),
2742 .proc_handler = proc_dointvec,
2745 .procname = "max_size",
2746 .data = &ip_rt_max_size,
2747 .maxlen = sizeof(int),
2749 .proc_handler = proc_dointvec,
2752 /* Deprecated. Use gc_min_interval_ms */
2754 .procname = "gc_min_interval",
2755 .data = &ip_rt_gc_min_interval,
2756 .maxlen = sizeof(int),
2758 .proc_handler = proc_dointvec_jiffies,
2761 .procname = "gc_min_interval_ms",
2762 .data = &ip_rt_gc_min_interval,
2763 .maxlen = sizeof(int),
2765 .proc_handler = proc_dointvec_ms_jiffies,
2768 .procname = "gc_timeout",
2769 .data = &ip_rt_gc_timeout,
2770 .maxlen = sizeof(int),
2772 .proc_handler = proc_dointvec_jiffies,
2775 .procname = "gc_interval",
2776 .data = &ip_rt_gc_interval,
2777 .maxlen = sizeof(int),
2779 .proc_handler = proc_dointvec_jiffies,
2782 .procname = "redirect_load",
2783 .data = &ip_rt_redirect_load,
2784 .maxlen = sizeof(int),
2786 .proc_handler = proc_dointvec,
2789 .procname = "redirect_number",
2790 .data = &ip_rt_redirect_number,
2791 .maxlen = sizeof(int),
2793 .proc_handler = proc_dointvec,
2796 .procname = "redirect_silence",
2797 .data = &ip_rt_redirect_silence,
2798 .maxlen = sizeof(int),
2800 .proc_handler = proc_dointvec,
2803 .procname = "error_cost",
2804 .data = &ip_rt_error_cost,
2805 .maxlen = sizeof(int),
2807 .proc_handler = proc_dointvec,
2810 .procname = "error_burst",
2811 .data = &ip_rt_error_burst,
2812 .maxlen = sizeof(int),
2814 .proc_handler = proc_dointvec,
2817 .procname = "gc_elasticity",
2818 .data = &ip_rt_gc_elasticity,
2819 .maxlen = sizeof(int),
2821 .proc_handler = proc_dointvec,
2824 .procname = "mtu_expires",
2825 .data = &ip_rt_mtu_expires,
2826 .maxlen = sizeof(int),
2828 .proc_handler = proc_dointvec_jiffies,
2831 .procname = "min_pmtu",
2832 .data = &ip_rt_min_pmtu,
2833 .maxlen = sizeof(int),
2835 .proc_handler = proc_dointvec_minmax,
2836 .extra1 = &ip_min_valid_pmtu,
2839 .procname = "min_adv_mss",
2840 .data = &ip_rt_min_advmss,
2841 .maxlen = sizeof(int),
2843 .proc_handler = proc_dointvec,
2848 static struct ctl_table ipv4_route_flush_table[] = {
2850 .procname = "flush",
2851 .maxlen = sizeof(int),
2853 .proc_handler = ipv4_sysctl_rtcache_flush,
2858 static __net_init int sysctl_route_net_init(struct net *net)
2860 struct ctl_table *tbl;
2862 tbl = ipv4_route_flush_table;
2863 if (!net_eq(net, &init_net)) {
2864 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
2868 /* Don't export sysctls to unprivileged users */
2869 if (net->user_ns != &init_user_ns)
2870 tbl[0].procname = NULL;
2872 tbl[0].extra1 = net;
2874 net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
2875 if (!net->ipv4.route_hdr)
2880 if (tbl != ipv4_route_flush_table)
2886 static __net_exit void sysctl_route_net_exit(struct net *net)
2888 struct ctl_table *tbl;
2890 tbl = net->ipv4.route_hdr->ctl_table_arg;
2891 unregister_net_sysctl_table(net->ipv4.route_hdr);
2892 BUG_ON(tbl == ipv4_route_flush_table);
2896 static __net_initdata struct pernet_operations sysctl_route_ops = {
2897 .init = sysctl_route_net_init,
2898 .exit = sysctl_route_net_exit,
2902 static __net_init int rt_genid_init(struct net *net)
2904 atomic_set(&net->ipv4.rt_genid, 0);
2905 atomic_set(&net->fnhe_genid, 0);
2906 get_random_bytes(&net->ipv4.dev_addr_genid,
2907 sizeof(net->ipv4.dev_addr_genid));
2911 static __net_initdata struct pernet_operations rt_genid_ops = {
2912 .init = rt_genid_init,
2915 static int __net_init ipv4_inetpeer_init(struct net *net)
2917 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
2921 inet_peer_base_init(bp);
2922 net->ipv4.peers = bp;
2926 static void __net_exit ipv4_inetpeer_exit(struct net *net)
2928 struct inet_peer_base *bp = net->ipv4.peers;
2930 net->ipv4.peers = NULL;
2931 inetpeer_invalidate_tree(bp);
2935 static __net_initdata struct pernet_operations ipv4_inetpeer_ops = {
2936 .init = ipv4_inetpeer_init,
2937 .exit = ipv4_inetpeer_exit,
2940 #ifdef CONFIG_IP_ROUTE_CLASSID
2941 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
2942 #endif /* CONFIG_IP_ROUTE_CLASSID */
2944 int __init ip_rt_init(void)
2950 /* For modern hosts, this will use 2 MB of memory */
2951 idents_hash = alloc_large_system_hash("IP idents",
2952 sizeof(*ip_idents) + sizeof(*ip_tstamps),
2954 16, /* one bucket per 64 KB */
2961 ip_idents = idents_hash;
2963 prandom_bytes(ip_idents, (ip_idents_mask + 1) * sizeof(*ip_idents));
2965 ip_tstamps = idents_hash + (ip_idents_mask + 1) * sizeof(*ip_idents);
2966 memset(ip_tstamps, 0, (ip_idents_mask + 1) * sizeof(*ip_tstamps));
2968 for_each_possible_cpu(cpu) {
2969 struct uncached_list *ul = &per_cpu(rt_uncached_list, cpu);
2971 INIT_LIST_HEAD(&ul->head);
2972 spin_lock_init(&ul->lock);
2974 #ifdef CONFIG_IP_ROUTE_CLASSID
2975 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
2977 panic("IP: failed to allocate ip_rt_acct\n");
2980 ipv4_dst_ops.kmem_cachep =
2981 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2982 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2984 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2986 if (dst_entries_init(&ipv4_dst_ops) < 0)
2987 panic("IP: failed to allocate ipv4_dst_ops counter\n");
2989 if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
2990 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
2992 ipv4_dst_ops.gc_thresh = ~0;
2993 ip_rt_max_size = INT_MAX;
2998 if (ip_rt_proc_init())
2999 pr_err("Unable to create route proc files\n");
3004 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL, NULL);
3006 #ifdef CONFIG_SYSCTL
3007 register_pernet_subsys(&sysctl_route_ops);
3009 register_pernet_subsys(&rt_genid_ops);
3010 register_pernet_subsys(&ipv4_inetpeer_ops);
3014 #ifdef CONFIG_SYSCTL
3016 * We really need to sanitize the damn ipv4 init order, then all
3017 * this nonsense will go away.
3019 void __init ip_static_sysctl_init(void)
3021 register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);