2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Alan Cox, <gw4pts@gw4pts.ampr.org>
11 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alan Cox : Verify area fixes.
16 * Alan Cox : cli() protects routing changes
17 * Rui Oliveira : ICMP routing table updates
18 * (rco@di.uminho.pt) Routing table insertion and update
19 * Linus Torvalds : Rewrote bits to be sensible
20 * Alan Cox : Added BSD route gw semantics
21 * Alan Cox : Super /proc >4K
22 * Alan Cox : MTU in route table
23 * Alan Cox : MSS actually. Also added the window
25 * Sam Lantinga : Fixed route matching in rt_del()
26 * Alan Cox : Routing cache support.
27 * Alan Cox : Removed compatibility cruft.
28 * Alan Cox : RTF_REJECT support.
29 * Alan Cox : TCP irtt support.
30 * Jonathan Naylor : Added Metric support.
31 * Miquel van Smoorenburg : BSD API fixes.
32 * Miquel van Smoorenburg : Metrics.
33 * Alan Cox : Use __u32 properly
34 * Alan Cox : Aligned routing errors more closely with BSD
35 * our system is still very different.
36 * Alan Cox : Faster /proc handling
37 * Alexey Kuznetsov : Massive rework to support tree based routing,
38 * routing caches and better behaviour.
40 * Olaf Erb : irtt wasn't being copied right.
41 * Bjorn Ekwall : Kerneld route support.
42 * Alan Cox : Multicast fixed (I hope)
43 * Pavel Krauz : Limited broadcast fixed
44 * Mike McLagan : Routing by source
45 * Alexey Kuznetsov : End of old history. Split to fib.c and
46 * route.c and rewritten from scratch.
47 * Andi Kleen : Load-limit warning messages.
48 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
49 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
50 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
51 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
52 * Marc Boucher : routing by fwmark
53 * Robert Olsson : Added rt_cache statistics
54 * Arnaldo C. Melo : Convert proc stuff to seq_file
55 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
56 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
57 * Ilia Sotnikov : Removed TOS from hash calculations
59 * This program is free software; you can redistribute it and/or
60 * modify it under the terms of the GNU General Public License
61 * as published by the Free Software Foundation; either version
62 * 2 of the License, or (at your option) any later version.
65 #define pr_fmt(fmt) "IPv4: " fmt
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <linux/bitops.h>
70 #include <linux/types.h>
71 #include <linux/kernel.h>
73 #include <linux/string.h>
74 #include <linux/socket.h>
75 #include <linux/sockios.h>
76 #include <linux/errno.h>
78 #include <linux/inet.h>
79 #include <linux/netdevice.h>
80 #include <linux/proc_fs.h>
81 #include <linux/init.h>
82 #include <linux/skbuff.h>
83 #include <linux/inetdevice.h>
84 #include <linux/igmp.h>
85 #include <linux/pkt_sched.h>
86 #include <linux/mroute.h>
87 #include <linux/netfilter_ipv4.h>
88 #include <linux/random.h>
89 #include <linux/rcupdate.h>
90 #include <linux/times.h>
91 #include <linux/slab.h>
93 #include <net/net_namespace.h>
94 #include <net/protocol.h>
96 #include <net/route.h>
97 #include <net/inetpeer.h>
99 #include <net/ip_fib.h>
102 #include <net/icmp.h>
103 #include <net/xfrm.h>
104 #include <net/netevent.h>
105 #include <net/rtnetlink.h>
107 #include <linux/sysctl.h>
108 #include <linux/kmemleak.h>
110 #include <net/secure_seq.h>
112 #define RT_FL_TOS(oldflp4) \
113 ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK))
115 #define IP_MAX_MTU 0xFFF0
117 #define RT_GC_TIMEOUT (300*HZ)
119 static int ip_rt_max_size;
120 static int ip_rt_gc_timeout __read_mostly = RT_GC_TIMEOUT;
121 static int ip_rt_gc_interval __read_mostly = 60 * HZ;
122 static int ip_rt_gc_min_interval __read_mostly = HZ / 2;
123 static int ip_rt_redirect_number __read_mostly = 9;
124 static int ip_rt_redirect_load __read_mostly = HZ / 50;
125 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
126 static int ip_rt_error_cost __read_mostly = HZ;
127 static int ip_rt_error_burst __read_mostly = 5 * HZ;
128 static int ip_rt_gc_elasticity __read_mostly = 8;
129 static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
130 static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
131 static int ip_rt_min_advmss __read_mostly = 256;
134 * Interface to generic destination cache.
137 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
138 static unsigned int ipv4_default_advmss(const struct dst_entry *dst);
139 static unsigned int ipv4_mtu(const struct dst_entry *dst);
140 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
141 static void ipv4_link_failure(struct sk_buff *skb);
142 static void ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
143 struct sk_buff *skb, u32 mtu);
144 static void ip_do_redirect(struct dst_entry *dst, struct sock *sk,
145 struct sk_buff *skb);
146 static void ipv4_dst_destroy(struct dst_entry *dst);
148 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
153 static u32 *ipv4_cow_metrics(struct dst_entry *dst, unsigned long old)
159 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
163 static struct dst_ops ipv4_dst_ops = {
165 .protocol = cpu_to_be16(ETH_P_IP),
166 .check = ipv4_dst_check,
167 .default_advmss = ipv4_default_advmss,
169 .cow_metrics = ipv4_cow_metrics,
170 .destroy = ipv4_dst_destroy,
171 .ifdown = ipv4_dst_ifdown,
172 .negative_advice = ipv4_negative_advice,
173 .link_failure = ipv4_link_failure,
174 .update_pmtu = ip_rt_update_pmtu,
175 .redirect = ip_do_redirect,
176 .local_out = __ip_local_out,
177 .neigh_lookup = ipv4_neigh_lookup,
180 #define ECN_OR_COST(class) TC_PRIO_##class
182 const __u8 ip_tos2prio[16] = {
184 ECN_OR_COST(BESTEFFORT),
186 ECN_OR_COST(BESTEFFORT),
192 ECN_OR_COST(INTERACTIVE),
194 ECN_OR_COST(INTERACTIVE),
195 TC_PRIO_INTERACTIVE_BULK,
196 ECN_OR_COST(INTERACTIVE_BULK),
197 TC_PRIO_INTERACTIVE_BULK,
198 ECN_OR_COST(INTERACTIVE_BULK)
200 EXPORT_SYMBOL(ip_tos2prio);
202 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
203 #define RT_CACHE_STAT_INC(field) __this_cpu_inc(rt_cache_stat.field)
205 static inline int rt_genid(struct net *net)
207 return atomic_read(&net->ipv4.rt_genid);
210 #ifdef CONFIG_PROC_FS
211 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
215 return SEQ_START_TOKEN;
218 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
224 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
228 static int rt_cache_seq_show(struct seq_file *seq, void *v)
230 if (v == SEQ_START_TOKEN)
231 seq_printf(seq, "%-127s\n",
232 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
233 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
238 static const struct seq_operations rt_cache_seq_ops = {
239 .start = rt_cache_seq_start,
240 .next = rt_cache_seq_next,
241 .stop = rt_cache_seq_stop,
242 .show = rt_cache_seq_show,
245 static int rt_cache_seq_open(struct inode *inode, struct file *file)
247 return seq_open(file, &rt_cache_seq_ops);
250 static const struct file_operations rt_cache_seq_fops = {
251 .owner = THIS_MODULE,
252 .open = rt_cache_seq_open,
255 .release = seq_release,
259 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
264 return SEQ_START_TOKEN;
266 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
267 if (!cpu_possible(cpu))
270 return &per_cpu(rt_cache_stat, cpu);
275 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
279 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
280 if (!cpu_possible(cpu))
283 return &per_cpu(rt_cache_stat, cpu);
289 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
294 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
296 struct rt_cache_stat *st = v;
298 if (v == SEQ_START_TOKEN) {
299 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
303 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
304 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
305 dst_entries_get_slow(&ipv4_dst_ops),
328 static const struct seq_operations rt_cpu_seq_ops = {
329 .start = rt_cpu_seq_start,
330 .next = rt_cpu_seq_next,
331 .stop = rt_cpu_seq_stop,
332 .show = rt_cpu_seq_show,
336 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
338 return seq_open(file, &rt_cpu_seq_ops);
341 static const struct file_operations rt_cpu_seq_fops = {
342 .owner = THIS_MODULE,
343 .open = rt_cpu_seq_open,
346 .release = seq_release,
349 #ifdef CONFIG_IP_ROUTE_CLASSID
350 static int rt_acct_proc_show(struct seq_file *m, void *v)
352 struct ip_rt_acct *dst, *src;
355 dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
359 for_each_possible_cpu(i) {
360 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
361 for (j = 0; j < 256; j++) {
362 dst[j].o_bytes += src[j].o_bytes;
363 dst[j].o_packets += src[j].o_packets;
364 dst[j].i_bytes += src[j].i_bytes;
365 dst[j].i_packets += src[j].i_packets;
369 seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
374 static int rt_acct_proc_open(struct inode *inode, struct file *file)
376 return single_open(file, rt_acct_proc_show, NULL);
379 static const struct file_operations rt_acct_proc_fops = {
380 .owner = THIS_MODULE,
381 .open = rt_acct_proc_open,
384 .release = single_release,
388 static int __net_init ip_rt_do_proc_init(struct net *net)
390 struct proc_dir_entry *pde;
392 pde = proc_net_fops_create(net, "rt_cache", S_IRUGO,
397 pde = proc_create("rt_cache", S_IRUGO,
398 net->proc_net_stat, &rt_cpu_seq_fops);
402 #ifdef CONFIG_IP_ROUTE_CLASSID
403 pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
409 #ifdef CONFIG_IP_ROUTE_CLASSID
411 remove_proc_entry("rt_cache", net->proc_net_stat);
414 remove_proc_entry("rt_cache", net->proc_net);
419 static void __net_exit ip_rt_do_proc_exit(struct net *net)
421 remove_proc_entry("rt_cache", net->proc_net_stat);
422 remove_proc_entry("rt_cache", net->proc_net);
423 #ifdef CONFIG_IP_ROUTE_CLASSID
424 remove_proc_entry("rt_acct", net->proc_net);
428 static struct pernet_operations ip_rt_proc_ops __net_initdata = {
429 .init = ip_rt_do_proc_init,
430 .exit = ip_rt_do_proc_exit,
433 static int __init ip_rt_proc_init(void)
435 return register_pernet_subsys(&ip_rt_proc_ops);
439 static inline int ip_rt_proc_init(void)
443 #endif /* CONFIG_PROC_FS */
445 static inline bool rt_is_expired(const struct rtable *rth)
447 return rth->rt_genid != rt_genid(dev_net(rth->dst.dev));
450 void rt_cache_flush(struct net *net)
452 atomic_inc(&net->ipv4.rt_genid);
455 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
459 struct net_device *dev = dst->dev;
460 const __be32 *pkey = daddr;
461 const struct rtable *rt;
464 rt = (const struct rtable *) dst;
466 pkey = (const __be32 *) &rt->rt_gateway;
468 pkey = &ip_hdr(skb)->daddr;
470 n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
473 return neigh_create(&arp_tbl, pkey, dev);
477 * Peer allocation may fail only in serious out-of-memory conditions. However
478 * we still can generate some output.
479 * Random ID selection looks a bit dangerous because we have no chances to
480 * select ID being unique in a reasonable period of time.
481 * But broken packet identifier may be better than no packet at all.
483 static void ip_select_fb_ident(struct iphdr *iph)
485 static DEFINE_SPINLOCK(ip_fb_id_lock);
486 static u32 ip_fallback_id;
489 spin_lock_bh(&ip_fb_id_lock);
490 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
491 iph->id = htons(salt & 0xFFFF);
492 ip_fallback_id = salt;
493 spin_unlock_bh(&ip_fb_id_lock);
496 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
498 struct net *net = dev_net(dst->dev);
499 struct inet_peer *peer;
501 peer = inet_getpeer_v4(net->ipv4.peers, iph->daddr, 1);
503 iph->id = htons(inet_getid(peer, more));
508 ip_select_fb_ident(iph);
510 EXPORT_SYMBOL(__ip_select_ident);
512 static void __build_flow_key(struct flowi4 *fl4, const struct sock *sk,
513 const struct iphdr *iph,
515 u8 prot, u32 mark, int flow_flags)
518 const struct inet_sock *inet = inet_sk(sk);
520 oif = sk->sk_bound_dev_if;
522 tos = RT_CONN_FLAGS(sk);
523 prot = inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol;
525 flowi4_init_output(fl4, oif, mark, tos,
526 RT_SCOPE_UNIVERSE, prot,
528 iph->daddr, iph->saddr, 0, 0);
531 static void build_skb_flow_key(struct flowi4 *fl4, const struct sk_buff *skb,
532 const struct sock *sk)
534 const struct iphdr *iph = ip_hdr(skb);
535 int oif = skb->dev->ifindex;
536 u8 tos = RT_TOS(iph->tos);
537 u8 prot = iph->protocol;
538 u32 mark = skb->mark;
540 __build_flow_key(fl4, sk, iph, oif, tos, prot, mark, 0);
543 static void build_sk_flow_key(struct flowi4 *fl4, const struct sock *sk)
545 const struct inet_sock *inet = inet_sk(sk);
546 const struct ip_options_rcu *inet_opt;
547 __be32 daddr = inet->inet_daddr;
550 inet_opt = rcu_dereference(inet->inet_opt);
551 if (inet_opt && inet_opt->opt.srr)
552 daddr = inet_opt->opt.faddr;
553 flowi4_init_output(fl4, sk->sk_bound_dev_if, sk->sk_mark,
554 RT_CONN_FLAGS(sk), RT_SCOPE_UNIVERSE,
555 inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
556 inet_sk_flowi_flags(sk),
557 daddr, inet->inet_saddr, 0, 0);
561 static void ip_rt_build_flow_key(struct flowi4 *fl4, const struct sock *sk,
562 const struct sk_buff *skb)
565 build_skb_flow_key(fl4, skb, sk);
567 build_sk_flow_key(fl4, sk);
570 static inline void rt_free(struct rtable *rt)
572 call_rcu(&rt->dst.rcu_head, dst_rcu_free);
575 static DEFINE_SPINLOCK(fnhe_lock);
577 static struct fib_nh_exception *fnhe_oldest(struct fnhe_hash_bucket *hash)
579 struct fib_nh_exception *fnhe, *oldest;
582 oldest = rcu_dereference(hash->chain);
583 for (fnhe = rcu_dereference(oldest->fnhe_next); fnhe;
584 fnhe = rcu_dereference(fnhe->fnhe_next)) {
585 if (time_before(fnhe->fnhe_stamp, oldest->fnhe_stamp))
588 orig = rcu_dereference(oldest->fnhe_rth);
590 RCU_INIT_POINTER(oldest->fnhe_rth, NULL);
596 static inline u32 fnhe_hashfun(__be32 daddr)
600 hval = (__force u32) daddr;
601 hval ^= (hval >> 11) ^ (hval >> 22);
603 return hval & (FNHE_HASH_SIZE - 1);
606 static void update_or_create_fnhe(struct fib_nh *nh, __be32 daddr, __be32 gw,
607 u32 pmtu, unsigned long expires)
609 struct fnhe_hash_bucket *hash;
610 struct fib_nh_exception *fnhe;
612 u32 hval = fnhe_hashfun(daddr);
614 spin_lock_bh(&fnhe_lock);
616 hash = nh->nh_exceptions;
618 hash = kzalloc(FNHE_HASH_SIZE * sizeof(*hash), GFP_ATOMIC);
621 nh->nh_exceptions = hash;
627 for (fnhe = rcu_dereference(hash->chain); fnhe;
628 fnhe = rcu_dereference(fnhe->fnhe_next)) {
629 if (fnhe->fnhe_daddr == daddr)
638 fnhe->fnhe_pmtu = pmtu;
639 fnhe->fnhe_expires = expires;
642 if (depth > FNHE_RECLAIM_DEPTH)
643 fnhe = fnhe_oldest(hash);
645 fnhe = kzalloc(sizeof(*fnhe), GFP_ATOMIC);
649 fnhe->fnhe_next = hash->chain;
650 rcu_assign_pointer(hash->chain, fnhe);
652 fnhe->fnhe_daddr = daddr;
654 fnhe->fnhe_pmtu = pmtu;
655 fnhe->fnhe_expires = expires;
658 fnhe->fnhe_stamp = jiffies;
661 spin_unlock_bh(&fnhe_lock);
665 static void __ip_do_redirect(struct rtable *rt, struct sk_buff *skb, struct flowi4 *fl4,
668 __be32 new_gw = icmp_hdr(skb)->un.gateway;
669 __be32 old_gw = ip_hdr(skb)->saddr;
670 struct net_device *dev = skb->dev;
671 struct in_device *in_dev;
672 struct fib_result res;
676 switch (icmp_hdr(skb)->code & 7) {
678 case ICMP_REDIR_NETTOS:
679 case ICMP_REDIR_HOST:
680 case ICMP_REDIR_HOSTTOS:
687 if (rt->rt_gateway != old_gw)
690 in_dev = __in_dev_get_rcu(dev);
695 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
696 ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
697 ipv4_is_zeronet(new_gw))
698 goto reject_redirect;
700 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
701 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
702 goto reject_redirect;
703 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
704 goto reject_redirect;
706 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
707 goto reject_redirect;
710 n = ipv4_neigh_lookup(&rt->dst, NULL, &new_gw);
712 if (!(n->nud_state & NUD_VALID)) {
713 neigh_event_send(n, NULL);
715 if (fib_lookup(net, fl4, &res) == 0) {
716 struct fib_nh *nh = &FIB_RES_NH(res);
718 update_or_create_fnhe(nh, fl4->daddr, new_gw,
722 rt->dst.obsolete = DST_OBSOLETE_KILL;
723 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, n);
730 #ifdef CONFIG_IP_ROUTE_VERBOSE
731 if (IN_DEV_LOG_MARTIANS(in_dev)) {
732 const struct iphdr *iph = (const struct iphdr *) skb->data;
733 __be32 daddr = iph->daddr;
734 __be32 saddr = iph->saddr;
736 net_info_ratelimited("Redirect from %pI4 on %s about %pI4 ignored\n"
737 " Advised path = %pI4 -> %pI4\n",
738 &old_gw, dev->name, &new_gw,
745 static void ip_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
750 rt = (struct rtable *) dst;
752 ip_rt_build_flow_key(&fl4, sk, skb);
753 __ip_do_redirect(rt, skb, &fl4, true);
756 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
758 struct rtable *rt = (struct rtable *)dst;
759 struct dst_entry *ret = dst;
762 if (dst->obsolete > 0) {
765 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
776 * 1. The first ip_rt_redirect_number redirects are sent
777 * with exponential backoff, then we stop sending them at all,
778 * assuming that the host ignores our redirects.
779 * 2. If we did not see packets requiring redirects
780 * during ip_rt_redirect_silence, we assume that the host
781 * forgot redirected route and start to send redirects again.
783 * This algorithm is much cheaper and more intelligent than dumb load limiting
786 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
787 * and "frag. need" (breaks PMTU discovery) in icmp.c.
790 void ip_rt_send_redirect(struct sk_buff *skb)
792 struct rtable *rt = skb_rtable(skb);
793 struct in_device *in_dev;
794 struct inet_peer *peer;
799 in_dev = __in_dev_get_rcu(rt->dst.dev);
800 if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
804 log_martians = IN_DEV_LOG_MARTIANS(in_dev);
807 net = dev_net(rt->dst.dev);
808 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
810 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
814 /* No redirected packets during ip_rt_redirect_silence;
815 * reset the algorithm.
817 if (time_after(jiffies, peer->rate_last + ip_rt_redirect_silence))
818 peer->rate_tokens = 0;
820 /* Too many ignored redirects; do not send anything
821 * set dst.rate_last to the last seen redirected packet.
823 if (peer->rate_tokens >= ip_rt_redirect_number) {
824 peer->rate_last = jiffies;
828 /* Check for load limit; set rate_last to the latest sent
831 if (peer->rate_tokens == 0 ||
834 (ip_rt_redirect_load << peer->rate_tokens)))) {
835 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
836 peer->rate_last = jiffies;
838 #ifdef CONFIG_IP_ROUTE_VERBOSE
840 peer->rate_tokens == ip_rt_redirect_number)
841 net_warn_ratelimited("host %pI4/if%d ignores redirects for %pI4 to %pI4\n",
842 &ip_hdr(skb)->saddr, inet_iif(skb),
843 &ip_hdr(skb)->daddr, &rt->rt_gateway);
850 static int ip_error(struct sk_buff *skb)
852 struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
853 struct rtable *rt = skb_rtable(skb);
854 struct inet_peer *peer;
860 net = dev_net(rt->dst.dev);
861 if (!IN_DEV_FORWARD(in_dev)) {
862 switch (rt->dst.error) {
864 IP_INC_STATS_BH(net, IPSTATS_MIB_INADDRERRORS);
868 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
874 switch (rt->dst.error) {
879 code = ICMP_HOST_UNREACH;
882 code = ICMP_NET_UNREACH;
883 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
886 code = ICMP_PKT_FILTERED;
890 peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
895 peer->rate_tokens += now - peer->rate_last;
896 if (peer->rate_tokens > ip_rt_error_burst)
897 peer->rate_tokens = ip_rt_error_burst;
898 peer->rate_last = now;
899 if (peer->rate_tokens >= ip_rt_error_cost)
900 peer->rate_tokens -= ip_rt_error_cost;
906 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
912 static u32 __ip_rt_update_pmtu(struct rtable *rt, struct flowi4 *fl4, u32 mtu)
914 struct fib_result res;
916 if (mtu < ip_rt_min_pmtu)
917 mtu = ip_rt_min_pmtu;
920 if (fib_lookup(dev_net(rt->dst.dev), fl4, &res) == 0) {
921 struct fib_nh *nh = &FIB_RES_NH(res);
923 update_or_create_fnhe(nh, fl4->daddr, 0, mtu,
924 jiffies + ip_rt_mtu_expires);
930 static void ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
931 struct sk_buff *skb, u32 mtu)
933 struct rtable *rt = (struct rtable *) dst;
936 ip_rt_build_flow_key(&fl4, sk, skb);
937 mtu = __ip_rt_update_pmtu(rt, &fl4, mtu);
940 dst->obsolete = DST_OBSOLETE_KILL;
943 rt->dst.expires = max(1UL, jiffies + ip_rt_mtu_expires);
947 void ipv4_update_pmtu(struct sk_buff *skb, struct net *net, u32 mtu,
948 int oif, u32 mark, u8 protocol, int flow_flags)
950 const struct iphdr *iph = (const struct iphdr *) skb->data;
954 __build_flow_key(&fl4, NULL, iph, oif,
955 RT_TOS(iph->tos), protocol, mark, flow_flags);
956 rt = __ip_route_output_key(net, &fl4);
958 __ip_rt_update_pmtu(rt, &fl4, mtu);
962 EXPORT_SYMBOL_GPL(ipv4_update_pmtu);
964 void ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
966 const struct iphdr *iph = (const struct iphdr *) skb->data;
970 __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
971 rt = __ip_route_output_key(sock_net(sk), &fl4);
973 __ip_rt_update_pmtu(rt, &fl4, mtu);
977 EXPORT_SYMBOL_GPL(ipv4_sk_update_pmtu);
979 void ipv4_redirect(struct sk_buff *skb, struct net *net,
980 int oif, u32 mark, u8 protocol, int flow_flags)
982 const struct iphdr *iph = (const struct iphdr *) skb->data;
986 __build_flow_key(&fl4, NULL, iph, oif,
987 RT_TOS(iph->tos), protocol, mark, flow_flags);
988 rt = __ip_route_output_key(net, &fl4);
990 __ip_do_redirect(rt, skb, &fl4, false);
994 EXPORT_SYMBOL_GPL(ipv4_redirect);
996 void ipv4_sk_redirect(struct sk_buff *skb, struct sock *sk)
998 const struct iphdr *iph = (const struct iphdr *) skb->data;
1002 __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1003 rt = __ip_route_output_key(sock_net(sk), &fl4);
1005 __ip_do_redirect(rt, skb, &fl4, false);
1009 EXPORT_SYMBOL_GPL(ipv4_sk_redirect);
1011 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1013 struct rtable *rt = (struct rtable *) dst;
1015 /* All IPV4 dsts are created with ->obsolete set to the value
1016 * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1017 * into this function always.
1019 * When a PMTU/redirect information update invalidates a
1020 * route, this is indicated by setting obsolete to
1021 * DST_OBSOLETE_KILL.
1023 if (dst->obsolete == DST_OBSOLETE_KILL || rt_is_expired(rt))
1028 static void ipv4_link_failure(struct sk_buff *skb)
1032 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1034 rt = skb_rtable(skb);
1036 dst_set_expires(&rt->dst, 0);
1039 static int ip_rt_bug(struct sk_buff *skb)
1041 pr_debug("%s: %pI4 -> %pI4, %s\n",
1042 __func__, &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1043 skb->dev ? skb->dev->name : "?");
1050 We do not cache source address of outgoing interface,
1051 because it is used only by IP RR, TS and SRR options,
1052 so that it out of fast path.
1054 BTW remember: "addr" is allowed to be not aligned
1058 void ip_rt_get_source(u8 *addr, struct sk_buff *skb, struct rtable *rt)
1062 if (rt_is_output_route(rt))
1063 src = ip_hdr(skb)->saddr;
1065 struct fib_result res;
1071 memset(&fl4, 0, sizeof(fl4));
1072 fl4.daddr = iph->daddr;
1073 fl4.saddr = iph->saddr;
1074 fl4.flowi4_tos = RT_TOS(iph->tos);
1075 fl4.flowi4_oif = rt->dst.dev->ifindex;
1076 fl4.flowi4_iif = skb->dev->ifindex;
1077 fl4.flowi4_mark = skb->mark;
1080 if (fib_lookup(dev_net(rt->dst.dev), &fl4, &res) == 0)
1081 src = FIB_RES_PREFSRC(dev_net(rt->dst.dev), res);
1083 src = inet_select_addr(rt->dst.dev,
1084 rt_nexthop(rt, iph->daddr),
1088 memcpy(addr, &src, 4);
1091 #ifdef CONFIG_IP_ROUTE_CLASSID
1092 static void set_class_tag(struct rtable *rt, u32 tag)
1094 if (!(rt->dst.tclassid & 0xFFFF))
1095 rt->dst.tclassid |= tag & 0xFFFF;
1096 if (!(rt->dst.tclassid & 0xFFFF0000))
1097 rt->dst.tclassid |= tag & 0xFFFF0000;
1101 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1103 unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1106 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1108 if (advmss > 65535 - 40)
1109 advmss = 65535 - 40;
1114 static unsigned int ipv4_mtu(const struct dst_entry *dst)
1116 const struct rtable *rt = (const struct rtable *) dst;
1117 unsigned int mtu = rt->rt_pmtu;
1119 if (!mtu || time_after_eq(jiffies, rt->dst.expires))
1120 mtu = dst_metric_raw(dst, RTAX_MTU);
1122 if (mtu && rt_is_output_route(rt))
1125 mtu = dst->dev->mtu;
1127 if (unlikely(dst_metric_locked(dst, RTAX_MTU))) {
1128 if (rt->rt_gateway && mtu > 576)
1132 if (mtu > IP_MAX_MTU)
1138 static struct fib_nh_exception *find_exception(struct fib_nh *nh, __be32 daddr)
1140 struct fnhe_hash_bucket *hash = nh->nh_exceptions;
1141 struct fib_nh_exception *fnhe;
1147 hval = fnhe_hashfun(daddr);
1149 for (fnhe = rcu_dereference(hash[hval].chain); fnhe;
1150 fnhe = rcu_dereference(fnhe->fnhe_next)) {
1151 if (fnhe->fnhe_daddr == daddr)
1157 static bool rt_bind_exception(struct rtable *rt, struct fib_nh_exception *fnhe,
1162 spin_lock_bh(&fnhe_lock);
1164 if (daddr == fnhe->fnhe_daddr) {
1165 struct rtable *orig;
1167 if (fnhe->fnhe_pmtu) {
1168 unsigned long expires = fnhe->fnhe_expires;
1169 unsigned long diff = expires - jiffies;
1171 if (time_before(jiffies, expires)) {
1172 rt->rt_pmtu = fnhe->fnhe_pmtu;
1173 dst_set_expires(&rt->dst, diff);
1176 if (fnhe->fnhe_gw) {
1177 rt->rt_flags |= RTCF_REDIRECTED;
1178 rt->rt_gateway = fnhe->fnhe_gw;
1181 orig = rcu_dereference(fnhe->fnhe_rth);
1182 rcu_assign_pointer(fnhe->fnhe_rth, rt);
1186 fnhe->fnhe_stamp = jiffies;
1189 /* Routes we intend to cache in nexthop exception have
1190 * the DST_NOCACHE bit clear. However, if we are
1191 * unsuccessful at storing this route into the cache
1192 * we really need to set it.
1194 rt->dst.flags |= DST_NOCACHE;
1196 spin_unlock_bh(&fnhe_lock);
1201 static bool rt_cache_route(struct fib_nh *nh, struct rtable *rt)
1203 struct rtable *orig, *prev, **p;
1206 if (rt_is_input_route(rt)) {
1207 p = (struct rtable **)&nh->nh_rth_input;
1209 if (!nh->nh_pcpu_rth_output)
1211 p = (struct rtable **)__this_cpu_ptr(nh->nh_pcpu_rth_output);
1215 prev = cmpxchg(p, orig, rt);
1220 /* Routes we intend to cache in the FIB nexthop have
1221 * the DST_NOCACHE bit clear. However, if we are
1222 * unsuccessful at storing this route into the cache
1223 * we really need to set it.
1226 rt->dst.flags |= DST_NOCACHE;
1233 static DEFINE_SPINLOCK(rt_uncached_lock);
1234 static LIST_HEAD(rt_uncached_list);
1236 static void rt_add_uncached_list(struct rtable *rt)
1238 spin_lock_bh(&rt_uncached_lock);
1239 list_add_tail(&rt->rt_uncached, &rt_uncached_list);
1240 spin_unlock_bh(&rt_uncached_lock);
1243 static void ipv4_dst_destroy(struct dst_entry *dst)
1245 struct rtable *rt = (struct rtable *) dst;
1247 if (!list_empty(&rt->rt_uncached)) {
1248 spin_lock_bh(&rt_uncached_lock);
1249 list_del(&rt->rt_uncached);
1250 spin_unlock_bh(&rt_uncached_lock);
1254 void rt_flush_dev(struct net_device *dev)
1256 if (!list_empty(&rt_uncached_list)) {
1257 struct net *net = dev_net(dev);
1260 spin_lock_bh(&rt_uncached_lock);
1261 list_for_each_entry(rt, &rt_uncached_list, rt_uncached) {
1262 if (rt->dst.dev != dev)
1264 rt->dst.dev = net->loopback_dev;
1265 dev_hold(rt->dst.dev);
1268 spin_unlock_bh(&rt_uncached_lock);
1272 static bool rt_cache_valid(const struct rtable *rt)
1275 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1279 static void rt_set_nexthop(struct rtable *rt, __be32 daddr,
1280 const struct fib_result *res,
1281 struct fib_nh_exception *fnhe,
1282 struct fib_info *fi, u16 type, u32 itag)
1284 bool cached = false;
1287 struct fib_nh *nh = &FIB_RES_NH(*res);
1289 if (nh->nh_gw && nh->nh_scope == RT_SCOPE_LINK)
1290 rt->rt_gateway = nh->nh_gw;
1291 dst_init_metrics(&rt->dst, fi->fib_metrics, true);
1292 #ifdef CONFIG_IP_ROUTE_CLASSID
1293 rt->dst.tclassid = nh->nh_tclassid;
1296 cached = rt_bind_exception(rt, fnhe, daddr);
1297 else if (!(rt->dst.flags & DST_NOCACHE))
1298 cached = rt_cache_route(nh, rt);
1300 if (unlikely(!cached))
1301 rt_add_uncached_list(rt);
1303 #ifdef CONFIG_IP_ROUTE_CLASSID
1304 #ifdef CONFIG_IP_MULTIPLE_TABLES
1305 set_class_tag(rt, res->tclassid);
1307 set_class_tag(rt, itag);
1311 static struct rtable *rt_dst_alloc(struct net_device *dev,
1312 bool nopolicy, bool noxfrm, bool will_cache)
1314 return dst_alloc(&ipv4_dst_ops, dev, 1, DST_OBSOLETE_FORCE_CHK,
1315 (will_cache ? 0 : (DST_HOST | DST_NOCACHE)) |
1316 (nopolicy ? DST_NOPOLICY : 0) |
1317 (noxfrm ? DST_NOXFRM : 0));
1320 /* called in rcu_read_lock() section */
1321 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1322 u8 tos, struct net_device *dev, int our)
1325 struct in_device *in_dev = __in_dev_get_rcu(dev);
1329 /* Primary sanity checks. */
1334 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1335 skb->protocol != htons(ETH_P_IP))
1338 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1339 if (ipv4_is_loopback(saddr))
1342 if (ipv4_is_zeronet(saddr)) {
1343 if (!ipv4_is_local_multicast(daddr))
1346 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1351 rth = rt_dst_alloc(dev_net(dev)->loopback_dev,
1352 IN_DEV_CONF_GET(in_dev, NOPOLICY), false, false);
1356 #ifdef CONFIG_IP_ROUTE_CLASSID
1357 rth->dst.tclassid = itag;
1359 rth->dst.output = ip_rt_bug;
1361 rth->rt_genid = rt_genid(dev_net(dev));
1362 rth->rt_flags = RTCF_MULTICAST;
1363 rth->rt_type = RTN_MULTICAST;
1364 rth->rt_is_input= 1;
1367 rth->rt_gateway = 0;
1368 INIT_LIST_HEAD(&rth->rt_uncached);
1370 rth->dst.input= ip_local_deliver;
1371 rth->rt_flags |= RTCF_LOCAL;
1374 #ifdef CONFIG_IP_MROUTE
1375 if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1376 rth->dst.input = ip_mr_input;
1378 RT_CACHE_STAT_INC(in_slow_mc);
1380 skb_dst_set(skb, &rth->dst);
1392 static void ip_handle_martian_source(struct net_device *dev,
1393 struct in_device *in_dev,
1394 struct sk_buff *skb,
1398 RT_CACHE_STAT_INC(in_martian_src);
1399 #ifdef CONFIG_IP_ROUTE_VERBOSE
1400 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1402 * RFC1812 recommendation, if source is martian,
1403 * the only hint is MAC header.
1405 pr_warn("martian source %pI4 from %pI4, on dev %s\n",
1406 &daddr, &saddr, dev->name);
1407 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1408 print_hex_dump(KERN_WARNING, "ll header: ",
1409 DUMP_PREFIX_OFFSET, 16, 1,
1410 skb_mac_header(skb),
1411 dev->hard_header_len, true);
1417 /* called in rcu_read_lock() section */
1418 static int __mkroute_input(struct sk_buff *skb,
1419 const struct fib_result *res,
1420 struct in_device *in_dev,
1421 __be32 daddr, __be32 saddr, u32 tos)
1425 struct in_device *out_dev;
1426 unsigned int flags = 0;
1430 /* get a working reference to the output device */
1431 out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1432 if (out_dev == NULL) {
1433 net_crit_ratelimited("Bug in ip_route_input_slow(). Please report.\n");
1438 err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res),
1439 in_dev->dev, in_dev, &itag);
1441 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1447 if (out_dev == in_dev && err &&
1448 (IN_DEV_SHARED_MEDIA(out_dev) ||
1449 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1450 flags |= RTCF_DOREDIRECT;
1452 if (skb->protocol != htons(ETH_P_IP)) {
1453 /* Not IP (i.e. ARP). Do not create route, if it is
1454 * invalid for proxy arp. DNAT routes are always valid.
1456 * Proxy arp feature have been extended to allow, ARP
1457 * replies back to the same interface, to support
1458 * Private VLAN switch technologies. See arp.c.
1460 if (out_dev == in_dev &&
1461 IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
1470 rth = rcu_dereference(FIB_RES_NH(*res).nh_rth_input);
1471 if (rt_cache_valid(rth)) {
1472 skb_dst_set_noref(skb, &rth->dst);
1479 rth = rt_dst_alloc(out_dev->dev,
1480 IN_DEV_CONF_GET(in_dev, NOPOLICY),
1481 IN_DEV_CONF_GET(out_dev, NOXFRM), do_cache);
1487 rth->rt_genid = rt_genid(dev_net(rth->dst.dev));
1488 rth->rt_flags = flags;
1489 rth->rt_type = res->type;
1490 rth->rt_is_input = 1;
1493 rth->rt_gateway = 0;
1494 INIT_LIST_HEAD(&rth->rt_uncached);
1496 rth->dst.input = ip_forward;
1497 rth->dst.output = ip_output;
1499 rt_set_nexthop(rth, daddr, res, NULL, res->fi, res->type, itag);
1500 skb_dst_set(skb, &rth->dst);
1507 static int ip_mkroute_input(struct sk_buff *skb,
1508 struct fib_result *res,
1509 const struct flowi4 *fl4,
1510 struct in_device *in_dev,
1511 __be32 daddr, __be32 saddr, u32 tos)
1513 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1514 if (res->fi && res->fi->fib_nhs > 1)
1515 fib_select_multipath(res);
1518 /* create a routing cache entry */
1519 return __mkroute_input(skb, res, in_dev, daddr, saddr, tos);
1523 * NOTE. We drop all the packets that has local source
1524 * addresses, because every properly looped back packet
1525 * must have correct destination already attached by output routine.
1527 * Such approach solves two big problems:
1528 * 1. Not simplex devices are handled properly.
1529 * 2. IP spoofing attempts are filtered with 100% of guarantee.
1530 * called with rcu_read_lock()
1533 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1534 u8 tos, struct net_device *dev)
1536 struct fib_result res;
1537 struct in_device *in_dev = __in_dev_get_rcu(dev);
1539 unsigned int flags = 0;
1543 struct net *net = dev_net(dev);
1546 /* IP on this device is disabled. */
1551 /* Check for the most weird martians, which can be not detected
1555 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
1556 goto martian_source;
1559 if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
1562 /* Accept zero addresses only to limited broadcast;
1563 * I even do not know to fix it or not. Waiting for complains :-)
1565 if (ipv4_is_zeronet(saddr))
1566 goto martian_source;
1568 if (ipv4_is_zeronet(daddr))
1569 goto martian_destination;
1571 /* Following code try to avoid calling IN_DEV_NET_ROUTE_LOCALNET(),
1572 * and call it once if daddr or/and saddr are loopback addresses
1574 if (ipv4_is_loopback(daddr)) {
1575 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1576 goto martian_destination;
1577 } else if (ipv4_is_loopback(saddr)) {
1578 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1579 goto martian_source;
1583 * Now we are ready to route packet.
1586 fl4.flowi4_iif = dev->ifindex;
1587 fl4.flowi4_mark = skb->mark;
1588 fl4.flowi4_tos = tos;
1589 fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
1592 err = fib_lookup(net, &fl4, &res);
1596 RT_CACHE_STAT_INC(in_slow_tot);
1598 if (res.type == RTN_BROADCAST)
1601 if (res.type == RTN_LOCAL) {
1602 err = fib_validate_source(skb, saddr, daddr, tos,
1604 dev, in_dev, &itag);
1606 goto martian_source_keep_err;
1610 if (!IN_DEV_FORWARD(in_dev))
1612 if (res.type != RTN_UNICAST)
1613 goto martian_destination;
1615 err = ip_mkroute_input(skb, &res, &fl4, in_dev, daddr, saddr, tos);
1619 if (skb->protocol != htons(ETH_P_IP))
1622 if (!ipv4_is_zeronet(saddr)) {
1623 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1626 goto martian_source_keep_err;
1628 flags |= RTCF_BROADCAST;
1629 res.type = RTN_BROADCAST;
1630 RT_CACHE_STAT_INC(in_brd);
1636 rth = rcu_dereference(FIB_RES_NH(res).nh_rth_input);
1637 if (rt_cache_valid(rth)) {
1638 skb_dst_set_noref(skb, &rth->dst);
1646 rth = rt_dst_alloc(net->loopback_dev,
1647 IN_DEV_CONF_GET(in_dev, NOPOLICY), false, do_cache);
1651 rth->dst.input= ip_local_deliver;
1652 rth->dst.output= ip_rt_bug;
1653 #ifdef CONFIG_IP_ROUTE_CLASSID
1654 rth->dst.tclassid = itag;
1657 rth->rt_genid = rt_genid(net);
1658 rth->rt_flags = flags|RTCF_LOCAL;
1659 rth->rt_type = res.type;
1660 rth->rt_is_input = 1;
1663 rth->rt_gateway = 0;
1664 INIT_LIST_HEAD(&rth->rt_uncached);
1665 if (res.type == RTN_UNREACHABLE) {
1666 rth->dst.input= ip_error;
1667 rth->dst.error= -err;
1668 rth->rt_flags &= ~RTCF_LOCAL;
1671 rt_cache_route(&FIB_RES_NH(res), rth);
1672 skb_dst_set(skb, &rth->dst);
1677 RT_CACHE_STAT_INC(in_no_route);
1678 res.type = RTN_UNREACHABLE;
1684 * Do not cache martian addresses: they should be logged (RFC1812)
1686 martian_destination:
1687 RT_CACHE_STAT_INC(in_martian_dst);
1688 #ifdef CONFIG_IP_ROUTE_VERBOSE
1689 if (IN_DEV_LOG_MARTIANS(in_dev))
1690 net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n",
1691 &daddr, &saddr, dev->name);
1704 martian_source_keep_err:
1705 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
1709 int ip_route_input_noref(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1710 u8 tos, struct net_device *dev)
1716 /* Multicast recognition logic is moved from route cache to here.
1717 The problem was that too many Ethernet cards have broken/missing
1718 hardware multicast filters :-( As result the host on multicasting
1719 network acquires a lot of useless route cache entries, sort of
1720 SDR messages from all the world. Now we try to get rid of them.
1721 Really, provided software IP multicast filter is organized
1722 reasonably (at least, hashed), it does not result in a slowdown
1723 comparing with route cache reject entries.
1724 Note, that multicast routers are not affected, because
1725 route cache entry is created eventually.
1727 if (ipv4_is_multicast(daddr)) {
1728 struct in_device *in_dev = __in_dev_get_rcu(dev);
1731 int our = ip_check_mc_rcu(in_dev, daddr, saddr,
1732 ip_hdr(skb)->protocol);
1734 #ifdef CONFIG_IP_MROUTE
1736 (!ipv4_is_local_multicast(daddr) &&
1737 IN_DEV_MFORWARD(in_dev))
1740 int res = ip_route_input_mc(skb, daddr, saddr,
1749 res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
1753 EXPORT_SYMBOL(ip_route_input_noref);
1755 /* called with rcu_read_lock() */
1756 static struct rtable *__mkroute_output(const struct fib_result *res,
1757 const struct flowi4 *fl4, int orig_oif,
1758 struct net_device *dev_out,
1761 struct fib_info *fi = res->fi;
1762 struct fib_nh_exception *fnhe;
1763 struct in_device *in_dev;
1764 u16 type = res->type;
1767 in_dev = __in_dev_get_rcu(dev_out);
1769 return ERR_PTR(-EINVAL);
1771 if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1772 if (ipv4_is_loopback(fl4->saddr) && !(dev_out->flags & IFF_LOOPBACK))
1773 return ERR_PTR(-EINVAL);
1775 if (ipv4_is_lbcast(fl4->daddr))
1776 type = RTN_BROADCAST;
1777 else if (ipv4_is_multicast(fl4->daddr))
1778 type = RTN_MULTICAST;
1779 else if (ipv4_is_zeronet(fl4->daddr))
1780 return ERR_PTR(-EINVAL);
1782 if (dev_out->flags & IFF_LOOPBACK)
1783 flags |= RTCF_LOCAL;
1785 if (type == RTN_BROADCAST) {
1786 flags |= RTCF_BROADCAST | RTCF_LOCAL;
1788 } else if (type == RTN_MULTICAST) {
1789 flags |= RTCF_MULTICAST | RTCF_LOCAL;
1790 if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
1792 flags &= ~RTCF_LOCAL;
1793 /* If multicast route do not exist use
1794 * default one, but do not gateway in this case.
1797 if (fi && res->prefixlen < 4)
1803 struct rtable __rcu **prth;
1805 fnhe = find_exception(&FIB_RES_NH(*res), fl4->daddr);
1807 prth = &fnhe->fnhe_rth;
1809 prth = __this_cpu_ptr(FIB_RES_NH(*res).nh_pcpu_rth_output);
1810 rth = rcu_dereference(*prth);
1811 if (rt_cache_valid(rth)) {
1812 dst_hold(&rth->dst);
1816 rth = rt_dst_alloc(dev_out,
1817 IN_DEV_CONF_GET(in_dev, NOPOLICY),
1818 IN_DEV_CONF_GET(in_dev, NOXFRM),
1821 return ERR_PTR(-ENOBUFS);
1823 rth->dst.output = ip_output;
1825 rth->rt_genid = rt_genid(dev_net(dev_out));
1826 rth->rt_flags = flags;
1827 rth->rt_type = type;
1828 rth->rt_is_input = 0;
1829 rth->rt_iif = orig_oif ? : 0;
1831 rth->rt_gateway = 0;
1832 INIT_LIST_HEAD(&rth->rt_uncached);
1834 RT_CACHE_STAT_INC(out_slow_tot);
1836 if (flags & RTCF_LOCAL)
1837 rth->dst.input = ip_local_deliver;
1838 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
1839 if (flags & RTCF_LOCAL &&
1840 !(dev_out->flags & IFF_LOOPBACK)) {
1841 rth->dst.output = ip_mc_output;
1842 RT_CACHE_STAT_INC(out_slow_mc);
1844 #ifdef CONFIG_IP_MROUTE
1845 if (type == RTN_MULTICAST) {
1846 if (IN_DEV_MFORWARD(in_dev) &&
1847 !ipv4_is_local_multicast(fl4->daddr)) {
1848 rth->dst.input = ip_mr_input;
1849 rth->dst.output = ip_mc_output;
1855 rt_set_nexthop(rth, fl4->daddr, res, fnhe, fi, type, 0);
1861 * Major route resolver routine.
1864 struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *fl4)
1866 struct net_device *dev_out = NULL;
1867 __u8 tos = RT_FL_TOS(fl4);
1868 unsigned int flags = 0;
1869 struct fib_result res;
1877 orig_oif = fl4->flowi4_oif;
1879 fl4->flowi4_iif = LOOPBACK_IFINDEX;
1880 fl4->flowi4_tos = tos & IPTOS_RT_MASK;
1881 fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
1882 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
1886 rth = ERR_PTR(-EINVAL);
1887 if (ipv4_is_multicast(fl4->saddr) ||
1888 ipv4_is_lbcast(fl4->saddr) ||
1889 ipv4_is_zeronet(fl4->saddr))
1892 /* I removed check for oif == dev_out->oif here.
1893 It was wrong for two reasons:
1894 1. ip_dev_find(net, saddr) can return wrong iface, if saddr
1895 is assigned to multiple interfaces.
1896 2. Moreover, we are allowed to send packets with saddr
1897 of another iface. --ANK
1900 if (fl4->flowi4_oif == 0 &&
1901 (ipv4_is_multicast(fl4->daddr) ||
1902 ipv4_is_lbcast(fl4->daddr))) {
1903 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
1904 dev_out = __ip_dev_find(net, fl4->saddr, false);
1905 if (dev_out == NULL)
1908 /* Special hack: user can direct multicasts
1909 and limited broadcast via necessary interface
1910 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
1911 This hack is not just for fun, it allows
1912 vic,vat and friends to work.
1913 They bind socket to loopback, set ttl to zero
1914 and expect that it will work.
1915 From the viewpoint of routing cache they are broken,
1916 because we are not allowed to build multicast path
1917 with loopback source addr (look, routing cache
1918 cannot know, that ttl is zero, so that packet
1919 will not leave this host and route is valid).
1920 Luckily, this hack is good workaround.
1923 fl4->flowi4_oif = dev_out->ifindex;
1927 if (!(fl4->flowi4_flags & FLOWI_FLAG_ANYSRC)) {
1928 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
1929 if (!__ip_dev_find(net, fl4->saddr, false))
1935 if (fl4->flowi4_oif) {
1936 dev_out = dev_get_by_index_rcu(net, fl4->flowi4_oif);
1937 rth = ERR_PTR(-ENODEV);
1938 if (dev_out == NULL)
1941 /* RACE: Check return value of inet_select_addr instead. */
1942 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
1943 rth = ERR_PTR(-ENETUNREACH);
1946 if (ipv4_is_local_multicast(fl4->daddr) ||
1947 ipv4_is_lbcast(fl4->daddr)) {
1949 fl4->saddr = inet_select_addr(dev_out, 0,
1954 if (ipv4_is_multicast(fl4->daddr))
1955 fl4->saddr = inet_select_addr(dev_out, 0,
1957 else if (!fl4->daddr)
1958 fl4->saddr = inet_select_addr(dev_out, 0,
1964 fl4->daddr = fl4->saddr;
1966 fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
1967 dev_out = net->loopback_dev;
1968 fl4->flowi4_oif = LOOPBACK_IFINDEX;
1969 res.type = RTN_LOCAL;
1970 flags |= RTCF_LOCAL;
1974 if (fib_lookup(net, fl4, &res)) {
1977 if (fl4->flowi4_oif) {
1978 /* Apparently, routing tables are wrong. Assume,
1979 that the destination is on link.
1982 Because we are allowed to send to iface
1983 even if it has NO routes and NO assigned
1984 addresses. When oif is specified, routing
1985 tables are looked up with only one purpose:
1986 to catch if destination is gatewayed, rather than
1987 direct. Moreover, if MSG_DONTROUTE is set,
1988 we send packet, ignoring both routing tables
1989 and ifaddr state. --ANK
1992 We could make it even if oif is unknown,
1993 likely IPv6, but we do not.
1996 if (fl4->saddr == 0)
1997 fl4->saddr = inet_select_addr(dev_out, 0,
1999 res.type = RTN_UNICAST;
2002 rth = ERR_PTR(-ENETUNREACH);
2006 if (res.type == RTN_LOCAL) {
2008 if (res.fi->fib_prefsrc)
2009 fl4->saddr = res.fi->fib_prefsrc;
2011 fl4->saddr = fl4->daddr;
2013 dev_out = net->loopback_dev;
2014 fl4->flowi4_oif = dev_out->ifindex;
2015 flags |= RTCF_LOCAL;
2019 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2020 if (res.fi->fib_nhs > 1 && fl4->flowi4_oif == 0)
2021 fib_select_multipath(&res);
2024 if (!res.prefixlen &&
2025 res.table->tb_num_default > 1 &&
2026 res.type == RTN_UNICAST && !fl4->flowi4_oif)
2027 fib_select_default(&res);
2030 fl4->saddr = FIB_RES_PREFSRC(net, res);
2032 dev_out = FIB_RES_DEV(res);
2033 fl4->flowi4_oif = dev_out->ifindex;
2037 rth = __mkroute_output(&res, fl4, orig_oif, dev_out, flags);
2043 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2045 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2050 static unsigned int ipv4_blackhole_mtu(const struct dst_entry *dst)
2052 unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
2054 return mtu ? : dst->dev->mtu;
2057 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
2058 struct sk_buff *skb, u32 mtu)
2062 static void ipv4_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
2063 struct sk_buff *skb)
2067 static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2073 static struct dst_ops ipv4_dst_blackhole_ops = {
2075 .protocol = cpu_to_be16(ETH_P_IP),
2076 .check = ipv4_blackhole_dst_check,
2077 .mtu = ipv4_blackhole_mtu,
2078 .default_advmss = ipv4_default_advmss,
2079 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2080 .redirect = ipv4_rt_blackhole_redirect,
2081 .cow_metrics = ipv4_rt_blackhole_cow_metrics,
2082 .neigh_lookup = ipv4_neigh_lookup,
2085 struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2087 struct rtable *ort = (struct rtable *) dst_orig;
2090 rt = dst_alloc(&ipv4_dst_blackhole_ops, NULL, 1, DST_OBSOLETE_NONE, 0);
2092 struct dst_entry *new = &rt->dst;
2095 new->input = dst_discard;
2096 new->output = dst_discard;
2098 new->dev = ort->dst.dev;
2102 rt->rt_is_input = ort->rt_is_input;
2103 rt->rt_iif = ort->rt_iif;
2104 rt->rt_pmtu = ort->rt_pmtu;
2106 rt->rt_genid = rt_genid(net);
2107 rt->rt_flags = ort->rt_flags;
2108 rt->rt_type = ort->rt_type;
2109 rt->rt_gateway = ort->rt_gateway;
2111 INIT_LIST_HEAD(&rt->rt_uncached);
2116 dst_release(dst_orig);
2118 return rt ? &rt->dst : ERR_PTR(-ENOMEM);
2121 struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2124 struct rtable *rt = __ip_route_output_key(net, flp4);
2129 if (flp4->flowi4_proto)
2130 rt = (struct rtable *) xfrm_lookup(net, &rt->dst,
2131 flowi4_to_flowi(flp4),
2136 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2138 static int rt_fill_info(struct net *net, __be32 dst, __be32 src,
2139 struct flowi4 *fl4, struct sk_buff *skb, u32 pid,
2140 u32 seq, int event, int nowait, unsigned int flags)
2142 struct rtable *rt = skb_rtable(skb);
2144 struct nlmsghdr *nlh;
2145 unsigned long expires = 0;
2147 u32 metrics[RTAX_MAX];
2149 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2153 r = nlmsg_data(nlh);
2154 r->rtm_family = AF_INET;
2155 r->rtm_dst_len = 32;
2157 r->rtm_tos = fl4->flowi4_tos;
2158 r->rtm_table = RT_TABLE_MAIN;
2159 if (nla_put_u32(skb, RTA_TABLE, RT_TABLE_MAIN))
2160 goto nla_put_failure;
2161 r->rtm_type = rt->rt_type;
2162 r->rtm_scope = RT_SCOPE_UNIVERSE;
2163 r->rtm_protocol = RTPROT_UNSPEC;
2164 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2165 if (rt->rt_flags & RTCF_NOTIFY)
2166 r->rtm_flags |= RTM_F_NOTIFY;
2168 if (nla_put_be32(skb, RTA_DST, dst))
2169 goto nla_put_failure;
2171 r->rtm_src_len = 32;
2172 if (nla_put_be32(skb, RTA_SRC, src))
2173 goto nla_put_failure;
2176 nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2177 goto nla_put_failure;
2178 #ifdef CONFIG_IP_ROUTE_CLASSID
2179 if (rt->dst.tclassid &&
2180 nla_put_u32(skb, RTA_FLOW, rt->dst.tclassid))
2181 goto nla_put_failure;
2183 if (!rt_is_input_route(rt) &&
2184 fl4->saddr != src) {
2185 if (nla_put_be32(skb, RTA_PREFSRC, fl4->saddr))
2186 goto nla_put_failure;
2188 if (rt->rt_gateway &&
2189 nla_put_be32(skb, RTA_GATEWAY, rt->rt_gateway))
2190 goto nla_put_failure;
2192 memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
2194 metrics[RTAX_MTU - 1] = rt->rt_pmtu;
2195 if (rtnetlink_put_metrics(skb, metrics) < 0)
2196 goto nla_put_failure;
2198 if (fl4->flowi4_mark &&
2199 nla_put_be32(skb, RTA_MARK, fl4->flowi4_mark))
2200 goto nla_put_failure;
2202 error = rt->dst.error;
2203 expires = rt->dst.expires;
2205 if (time_before(jiffies, expires))
2211 if (rt_is_input_route(rt)) {
2212 if (nla_put_u32(skb, RTA_IIF, rt->rt_iif))
2213 goto nla_put_failure;
2216 if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, error) < 0)
2217 goto nla_put_failure;
2219 return nlmsg_end(skb, nlh);
2222 nlmsg_cancel(skb, nlh);
2226 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void *arg)
2228 struct net *net = sock_net(in_skb->sk);
2230 struct nlattr *tb[RTA_MAX+1];
2231 struct rtable *rt = NULL;
2238 struct sk_buff *skb;
2240 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2244 rtm = nlmsg_data(nlh);
2246 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2252 /* Reserve room for dummy headers, this skb can pass
2253 through good chunk of routing engine.
2255 skb_reset_mac_header(skb);
2256 skb_reset_network_header(skb);
2258 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2259 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2260 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2262 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2263 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2264 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2265 mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2267 memset(&fl4, 0, sizeof(fl4));
2270 fl4.flowi4_tos = rtm->rtm_tos;
2271 fl4.flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0;
2272 fl4.flowi4_mark = mark;
2275 struct net_device *dev;
2277 dev = __dev_get_by_index(net, iif);
2283 skb->protocol = htons(ETH_P_IP);
2287 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2290 rt = skb_rtable(skb);
2291 if (err == 0 && rt->dst.error)
2292 err = -rt->dst.error;
2294 rt = ip_route_output_key(net, &fl4);
2304 skb_dst_set(skb, &rt->dst);
2305 if (rtm->rtm_flags & RTM_F_NOTIFY)
2306 rt->rt_flags |= RTCF_NOTIFY;
2308 err = rt_fill_info(net, dst, src, &fl4, skb,
2309 NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2310 RTM_NEWROUTE, 0, 0);
2314 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2323 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2328 void ip_rt_multicast_event(struct in_device *in_dev)
2330 rt_cache_flush(dev_net(in_dev->dev));
2333 #ifdef CONFIG_SYSCTL
2334 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
2335 void __user *buffer,
2336 size_t *lenp, loff_t *ppos)
2339 rt_cache_flush((struct net *)__ctl->extra1);
2346 static ctl_table ipv4_route_table[] = {
2348 .procname = "gc_thresh",
2349 .data = &ipv4_dst_ops.gc_thresh,
2350 .maxlen = sizeof(int),
2352 .proc_handler = proc_dointvec,
2355 .procname = "max_size",
2356 .data = &ip_rt_max_size,
2357 .maxlen = sizeof(int),
2359 .proc_handler = proc_dointvec,
2362 /* Deprecated. Use gc_min_interval_ms */
2364 .procname = "gc_min_interval",
2365 .data = &ip_rt_gc_min_interval,
2366 .maxlen = sizeof(int),
2368 .proc_handler = proc_dointvec_jiffies,
2371 .procname = "gc_min_interval_ms",
2372 .data = &ip_rt_gc_min_interval,
2373 .maxlen = sizeof(int),
2375 .proc_handler = proc_dointvec_ms_jiffies,
2378 .procname = "gc_timeout",
2379 .data = &ip_rt_gc_timeout,
2380 .maxlen = sizeof(int),
2382 .proc_handler = proc_dointvec_jiffies,
2385 .procname = "gc_interval",
2386 .data = &ip_rt_gc_interval,
2387 .maxlen = sizeof(int),
2389 .proc_handler = proc_dointvec_jiffies,
2392 .procname = "redirect_load",
2393 .data = &ip_rt_redirect_load,
2394 .maxlen = sizeof(int),
2396 .proc_handler = proc_dointvec,
2399 .procname = "redirect_number",
2400 .data = &ip_rt_redirect_number,
2401 .maxlen = sizeof(int),
2403 .proc_handler = proc_dointvec,
2406 .procname = "redirect_silence",
2407 .data = &ip_rt_redirect_silence,
2408 .maxlen = sizeof(int),
2410 .proc_handler = proc_dointvec,
2413 .procname = "error_cost",
2414 .data = &ip_rt_error_cost,
2415 .maxlen = sizeof(int),
2417 .proc_handler = proc_dointvec,
2420 .procname = "error_burst",
2421 .data = &ip_rt_error_burst,
2422 .maxlen = sizeof(int),
2424 .proc_handler = proc_dointvec,
2427 .procname = "gc_elasticity",
2428 .data = &ip_rt_gc_elasticity,
2429 .maxlen = sizeof(int),
2431 .proc_handler = proc_dointvec,
2434 .procname = "mtu_expires",
2435 .data = &ip_rt_mtu_expires,
2436 .maxlen = sizeof(int),
2438 .proc_handler = proc_dointvec_jiffies,
2441 .procname = "min_pmtu",
2442 .data = &ip_rt_min_pmtu,
2443 .maxlen = sizeof(int),
2445 .proc_handler = proc_dointvec,
2448 .procname = "min_adv_mss",
2449 .data = &ip_rt_min_advmss,
2450 .maxlen = sizeof(int),
2452 .proc_handler = proc_dointvec,
2457 static struct ctl_table ipv4_route_flush_table[] = {
2459 .procname = "flush",
2460 .maxlen = sizeof(int),
2462 .proc_handler = ipv4_sysctl_rtcache_flush,
2467 static __net_init int sysctl_route_net_init(struct net *net)
2469 struct ctl_table *tbl;
2471 tbl = ipv4_route_flush_table;
2472 if (!net_eq(net, &init_net)) {
2473 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
2477 tbl[0].extra1 = net;
2479 net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
2480 if (net->ipv4.route_hdr == NULL)
2485 if (tbl != ipv4_route_flush_table)
2491 static __net_exit void sysctl_route_net_exit(struct net *net)
2493 struct ctl_table *tbl;
2495 tbl = net->ipv4.route_hdr->ctl_table_arg;
2496 unregister_net_sysctl_table(net->ipv4.route_hdr);
2497 BUG_ON(tbl == ipv4_route_flush_table);
2501 static __net_initdata struct pernet_operations sysctl_route_ops = {
2502 .init = sysctl_route_net_init,
2503 .exit = sysctl_route_net_exit,
2507 static __net_init int rt_genid_init(struct net *net)
2509 atomic_set(&net->ipv4.rt_genid, 0);
2510 get_random_bytes(&net->ipv4.dev_addr_genid,
2511 sizeof(net->ipv4.dev_addr_genid));
2515 static __net_initdata struct pernet_operations rt_genid_ops = {
2516 .init = rt_genid_init,
2519 static int __net_init ipv4_inetpeer_init(struct net *net)
2521 struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
2525 inet_peer_base_init(bp);
2526 net->ipv4.peers = bp;
2530 static void __net_exit ipv4_inetpeer_exit(struct net *net)
2532 struct inet_peer_base *bp = net->ipv4.peers;
2534 net->ipv4.peers = NULL;
2535 inetpeer_invalidate_tree(bp);
2539 static __net_initdata struct pernet_operations ipv4_inetpeer_ops = {
2540 .init = ipv4_inetpeer_init,
2541 .exit = ipv4_inetpeer_exit,
2544 #ifdef CONFIG_IP_ROUTE_CLASSID
2545 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
2546 #endif /* CONFIG_IP_ROUTE_CLASSID */
2548 int __init ip_rt_init(void)
2552 #ifdef CONFIG_IP_ROUTE_CLASSID
2553 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
2555 panic("IP: failed to allocate ip_rt_acct\n");
2558 ipv4_dst_ops.kmem_cachep =
2559 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2560 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2562 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2564 if (dst_entries_init(&ipv4_dst_ops) < 0)
2565 panic("IP: failed to allocate ipv4_dst_ops counter\n");
2567 if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
2568 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
2570 ipv4_dst_ops.gc_thresh = ~0;
2571 ip_rt_max_size = INT_MAX;
2576 if (ip_rt_proc_init())
2577 pr_err("Unable to create route proc files\n");
2580 xfrm4_init(ip_rt_max_size);
2582 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL, NULL);
2584 #ifdef CONFIG_SYSCTL
2585 register_pernet_subsys(&sysctl_route_ops);
2587 register_pernet_subsys(&rt_genid_ops);
2588 register_pernet_subsys(&ipv4_inetpeer_ops);
2592 #ifdef CONFIG_SYSCTL
2594 * We really need to sanitize the damn ipv4 init order, then all
2595 * this nonsense will go away.
2597 void __init ip_static_sysctl_init(void)
2599 register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);
projects / linux-block.git / blob