2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Alan Cox, <gw4pts@gw4pts.ampr.org>
11 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alan Cox : Verify area fixes.
16 * Alan Cox : cli() protects routing changes
17 * Rui Oliveira : ICMP routing table updates
18 * (rco@di.uminho.pt) Routing table insertion and update
19 * Linus Torvalds : Rewrote bits to be sensible
20 * Alan Cox : Added BSD route gw semantics
21 * Alan Cox : Super /proc >4K
22 * Alan Cox : MTU in route table
23 * Alan Cox : MSS actually. Also added the window
25 * Sam Lantinga : Fixed route matching in rt_del()
26 * Alan Cox : Routing cache support.
27 * Alan Cox : Removed compatibility cruft.
28 * Alan Cox : RTF_REJECT support.
29 * Alan Cox : TCP irtt support.
30 * Jonathan Naylor : Added Metric support.
31 * Miquel van Smoorenburg : BSD API fixes.
32 * Miquel van Smoorenburg : Metrics.
33 * Alan Cox : Use __u32 properly
34 * Alan Cox : Aligned routing errors more closely with BSD
35 * our system is still very different.
36 * Alan Cox : Faster /proc handling
37 * Alexey Kuznetsov : Massive rework to support tree based routing,
38 * routing caches and better behaviour.
40 * Olaf Erb : irtt wasn't being copied right.
41 * Bjorn Ekwall : Kerneld route support.
42 * Alan Cox : Multicast fixed (I hope)
43 * Pavel Krauz : Limited broadcast fixed
44 * Mike McLagan : Routing by source
45 * Alexey Kuznetsov : End of old history. Split to fib.c and
46 * route.c and rewritten from scratch.
47 * Andi Kleen : Load-limit warning messages.
48 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
49 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
50 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
51 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
52 * Marc Boucher : routing by fwmark
53 * Robert Olsson : Added rt_cache statistics
54 * Arnaldo C. Melo : Convert proc stuff to seq_file
55 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
56 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
57 * Ilia Sotnikov : Removed TOS from hash calculations
59 * This program is free software; you can redistribute it and/or
60 * modify it under the terms of the GNU General Public License
61 * as published by the Free Software Foundation; either version
62 * 2 of the License, or (at your option) any later version.
65 #include <linux/module.h>
66 #include <asm/uaccess.h>
67 #include <asm/system.h>
68 #include <linux/bitops.h>
69 #include <linux/types.h>
70 #include <linux/kernel.h>
72 #include <linux/bootmem.h>
73 #include <linux/string.h>
74 #include <linux/socket.h>
75 #include <linux/sockios.h>
76 #include <linux/errno.h>
78 #include <linux/inet.h>
79 #include <linux/netdevice.h>
80 #include <linux/proc_fs.h>
81 #include <linux/init.h>
82 #include <linux/workqueue.h>
83 #include <linux/skbuff.h>
84 #include <linux/inetdevice.h>
85 #include <linux/igmp.h>
86 #include <linux/pkt_sched.h>
87 #include <linux/mroute.h>
88 #include <linux/netfilter_ipv4.h>
89 #include <linux/random.h>
90 #include <linux/jhash.h>
91 #include <linux/rcupdate.h>
92 #include <linux/times.h>
94 #include <net/net_namespace.h>
95 #include <net/protocol.h>
97 #include <net/route.h>
98 #include <net/inetpeer.h>
100 #include <net/ip_fib.h>
103 #include <net/icmp.h>
104 #include <net/xfrm.h>
105 #include <net/netevent.h>
106 #include <net/rtnetlink.h>
108 #include <linux/sysctl.h>
111 #define RT_FL_TOS(oldflp) \
112 ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
114 #define IP_MAX_MTU 0xFFF0
116 #define RT_GC_TIMEOUT (300*HZ)
118 static int ip_rt_max_size;
119 static int ip_rt_gc_timeout __read_mostly = RT_GC_TIMEOUT;
120 static int ip_rt_gc_interval __read_mostly = 60 * HZ;
121 static int ip_rt_gc_min_interval __read_mostly = HZ / 2;
122 static int ip_rt_redirect_number __read_mostly = 9;
123 static int ip_rt_redirect_load __read_mostly = HZ / 50;
124 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
125 static int ip_rt_error_cost __read_mostly = HZ;
126 static int ip_rt_error_burst __read_mostly = 5 * HZ;
127 static int ip_rt_gc_elasticity __read_mostly = 8;
128 static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
129 static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
130 static int ip_rt_min_advmss __read_mostly = 256;
131 static int ip_rt_secret_interval __read_mostly = 10 * 60 * HZ;
132 static int rt_chain_length_max __read_mostly = 20;
134 static void rt_worker_func(struct work_struct *work);
135 static DECLARE_DELAYED_WORK(expires_work, rt_worker_func);
138 * Interface to generic destination cache.
141 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
142 static void ipv4_dst_destroy(struct dst_entry *dst);
143 static void ipv4_dst_ifdown(struct dst_entry *dst,
144 struct net_device *dev, int how);
145 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
146 static void ipv4_link_failure(struct sk_buff *skb);
147 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
148 static int rt_garbage_collect(struct dst_ops *ops);
149 static void rt_emergency_hash_rebuild(struct net *net);
152 static struct dst_ops ipv4_dst_ops = {
154 .protocol = cpu_to_be16(ETH_P_IP),
155 .gc = rt_garbage_collect,
156 .check = ipv4_dst_check,
157 .destroy = ipv4_dst_destroy,
158 .ifdown = ipv4_dst_ifdown,
159 .negative_advice = ipv4_negative_advice,
160 .link_failure = ipv4_link_failure,
161 .update_pmtu = ip_rt_update_pmtu,
162 .local_out = __ip_local_out,
163 .entries = ATOMIC_INIT(0),
166 #define ECN_OR_COST(class) TC_PRIO_##class
168 const __u8 ip_tos2prio[16] = {
172 ECN_OR_COST(BESTEFFORT),
178 ECN_OR_COST(INTERACTIVE),
180 ECN_OR_COST(INTERACTIVE),
181 TC_PRIO_INTERACTIVE_BULK,
182 ECN_OR_COST(INTERACTIVE_BULK),
183 TC_PRIO_INTERACTIVE_BULK,
184 ECN_OR_COST(INTERACTIVE_BULK)
192 /* The locking scheme is rather straight forward:
194 * 1) Read-Copy Update protects the buckets of the central route hash.
195 * 2) Only writers remove entries, and they hold the lock
196 * as they look at rtable reference counts.
197 * 3) Only readers acquire references to rtable entries,
198 * they do so with atomic increments and with the
202 struct rt_hash_bucket {
203 struct rtable *chain;
206 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
207 defined(CONFIG_PROVE_LOCKING)
209 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
210 * The size of this table is a power of two and depends on the number of CPUS.
211 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
213 #ifdef CONFIG_LOCKDEP
214 # define RT_HASH_LOCK_SZ 256
217 # define RT_HASH_LOCK_SZ 4096
219 # define RT_HASH_LOCK_SZ 2048
221 # define RT_HASH_LOCK_SZ 1024
223 # define RT_HASH_LOCK_SZ 512
225 # define RT_HASH_LOCK_SZ 256
229 static spinlock_t *rt_hash_locks;
230 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
232 static __init void rt_hash_lock_init(void)
236 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ,
239 panic("IP: failed to allocate rt_hash_locks\n");
241 for (i = 0; i < RT_HASH_LOCK_SZ; i++)
242 spin_lock_init(&rt_hash_locks[i]);
245 # define rt_hash_lock_addr(slot) NULL
247 static inline void rt_hash_lock_init(void)
252 static struct rt_hash_bucket *rt_hash_table __read_mostly;
253 static unsigned rt_hash_mask __read_mostly;
254 static unsigned int rt_hash_log __read_mostly;
256 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
257 #define RT_CACHE_STAT_INC(field) \
258 (__raw_get_cpu_var(rt_cache_stat).field++)
260 static inline unsigned int rt_hash(__be32 daddr, __be32 saddr, int idx,
263 return jhash_3words((__force u32)(__be32)(daddr),
264 (__force u32)(__be32)(saddr),
269 static inline int rt_genid(struct net *net)
271 return atomic_read(&net->ipv4.rt_genid);
274 #ifdef CONFIG_PROC_FS
275 struct rt_cache_iter_state {
276 struct seq_net_private p;
281 static struct rtable *rt_cache_get_first(struct seq_file *seq)
283 struct rt_cache_iter_state *st = seq->private;
284 struct rtable *r = NULL;
286 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
287 if (!rt_hash_table[st->bucket].chain)
290 r = rcu_dereference(rt_hash_table[st->bucket].chain);
292 if (dev_net(r->u.dst.dev) == seq_file_net(seq) &&
293 r->rt_genid == st->genid)
295 r = rcu_dereference(r->u.dst.rt_next);
297 rcu_read_unlock_bh();
302 static struct rtable *__rt_cache_get_next(struct seq_file *seq,
305 struct rt_cache_iter_state *st = seq->private;
307 r = r->u.dst.rt_next;
309 rcu_read_unlock_bh();
311 if (--st->bucket < 0)
313 } while (!rt_hash_table[st->bucket].chain);
315 r = rt_hash_table[st->bucket].chain;
317 return rcu_dereference(r);
320 static struct rtable *rt_cache_get_next(struct seq_file *seq,
323 struct rt_cache_iter_state *st = seq->private;
324 while ((r = __rt_cache_get_next(seq, r)) != NULL) {
325 if (dev_net(r->u.dst.dev) != seq_file_net(seq))
327 if (r->rt_genid == st->genid)
333 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
335 struct rtable *r = rt_cache_get_first(seq);
338 while (pos && (r = rt_cache_get_next(seq, r)))
340 return pos ? NULL : r;
343 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
345 struct rt_cache_iter_state *st = seq->private;
347 return rt_cache_get_idx(seq, *pos - 1);
348 st->genid = rt_genid(seq_file_net(seq));
349 return SEQ_START_TOKEN;
352 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
356 if (v == SEQ_START_TOKEN)
357 r = rt_cache_get_first(seq);
359 r = rt_cache_get_next(seq, v);
364 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
366 if (v && v != SEQ_START_TOKEN)
367 rcu_read_unlock_bh();
370 static int rt_cache_seq_show(struct seq_file *seq, void *v)
372 if (v == SEQ_START_TOKEN)
373 seq_printf(seq, "%-127s\n",
374 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
375 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
378 struct rtable *r = v;
381 seq_printf(seq, "%s\t%08lX\t%08lX\t%8X\t%d\t%u\t%d\t"
382 "%08lX\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X%n",
383 r->u.dst.dev ? r->u.dst.dev->name : "*",
384 (unsigned long)r->rt_dst, (unsigned long)r->rt_gateway,
385 r->rt_flags, atomic_read(&r->u.dst.__refcnt),
386 r->u.dst.__use, 0, (unsigned long)r->rt_src,
387 (dst_metric(&r->u.dst, RTAX_ADVMSS) ?
388 (int)dst_metric(&r->u.dst, RTAX_ADVMSS) + 40 : 0),
389 dst_metric(&r->u.dst, RTAX_WINDOW),
390 (int)((dst_metric(&r->u.dst, RTAX_RTT) >> 3) +
391 dst_metric(&r->u.dst, RTAX_RTTVAR)),
393 r->u.dst.hh ? atomic_read(&r->u.dst.hh->hh_refcnt) : -1,
394 r->u.dst.hh ? (r->u.dst.hh->hh_output ==
396 r->rt_spec_dst, &len);
398 seq_printf(seq, "%*s\n", 127 - len, "");
403 static const struct seq_operations rt_cache_seq_ops = {
404 .start = rt_cache_seq_start,
405 .next = rt_cache_seq_next,
406 .stop = rt_cache_seq_stop,
407 .show = rt_cache_seq_show,
410 static int rt_cache_seq_open(struct inode *inode, struct file *file)
412 return seq_open_net(inode, file, &rt_cache_seq_ops,
413 sizeof(struct rt_cache_iter_state));
416 static const struct file_operations rt_cache_seq_fops = {
417 .owner = THIS_MODULE,
418 .open = rt_cache_seq_open,
421 .release = seq_release_net,
425 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
430 return SEQ_START_TOKEN;
432 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
433 if (!cpu_possible(cpu))
436 return &per_cpu(rt_cache_stat, cpu);
441 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
445 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
446 if (!cpu_possible(cpu))
449 return &per_cpu(rt_cache_stat, cpu);
455 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
460 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
462 struct rt_cache_stat *st = v;
464 if (v == SEQ_START_TOKEN) {
465 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
469 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
470 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
471 atomic_read(&ipv4_dst_ops.entries),
494 static const struct seq_operations rt_cpu_seq_ops = {
495 .start = rt_cpu_seq_start,
496 .next = rt_cpu_seq_next,
497 .stop = rt_cpu_seq_stop,
498 .show = rt_cpu_seq_show,
502 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
504 return seq_open(file, &rt_cpu_seq_ops);
507 static const struct file_operations rt_cpu_seq_fops = {
508 .owner = THIS_MODULE,
509 .open = rt_cpu_seq_open,
512 .release = seq_release,
515 #ifdef CONFIG_NET_CLS_ROUTE
516 static int ip_rt_acct_read(char *buffer, char **start, off_t offset,
517 int length, int *eof, void *data)
521 if ((offset & 3) || (length & 3))
524 if (offset >= sizeof(struct ip_rt_acct) * 256) {
529 if (offset + length >= sizeof(struct ip_rt_acct) * 256) {
530 length = sizeof(struct ip_rt_acct) * 256 - offset;
534 offset /= sizeof(u32);
537 u32 *dst = (u32 *) buffer;
540 memset(dst, 0, length);
542 for_each_possible_cpu(i) {
546 src = ((u32 *) per_cpu_ptr(ip_rt_acct, i)) + offset;
547 for (j = 0; j < length/4; j++)
555 static int __net_init ip_rt_do_proc_init(struct net *net)
557 struct proc_dir_entry *pde;
559 pde = proc_net_fops_create(net, "rt_cache", S_IRUGO,
564 pde = proc_create("rt_cache", S_IRUGO,
565 net->proc_net_stat, &rt_cpu_seq_fops);
569 #ifdef CONFIG_NET_CLS_ROUTE
570 pde = create_proc_read_entry("rt_acct", 0, net->proc_net,
571 ip_rt_acct_read, NULL);
577 #ifdef CONFIG_NET_CLS_ROUTE
579 remove_proc_entry("rt_cache", net->proc_net_stat);
582 remove_proc_entry("rt_cache", net->proc_net);
587 static void __net_exit ip_rt_do_proc_exit(struct net *net)
589 remove_proc_entry("rt_cache", net->proc_net_stat);
590 remove_proc_entry("rt_cache", net->proc_net);
591 remove_proc_entry("rt_acct", net->proc_net);
594 static struct pernet_operations ip_rt_proc_ops __net_initdata = {
595 .init = ip_rt_do_proc_init,
596 .exit = ip_rt_do_proc_exit,
599 static int __init ip_rt_proc_init(void)
601 return register_pernet_subsys(&ip_rt_proc_ops);
605 static inline int ip_rt_proc_init(void)
609 #endif /* CONFIG_PROC_FS */
611 static inline void rt_free(struct rtable *rt)
613 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
616 static inline void rt_drop(struct rtable *rt)
619 call_rcu_bh(&rt->u.dst.rcu_head, dst_rcu_free);
622 static inline int rt_fast_clean(struct rtable *rth)
624 /* Kill broadcast/multicast entries very aggresively, if they
625 collide in hash table with more useful entries */
626 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
627 rth->fl.iif && rth->u.dst.rt_next;
630 static inline int rt_valuable(struct rtable *rth)
632 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
636 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
641 if (atomic_read(&rth->u.dst.__refcnt))
645 if (rth->u.dst.expires &&
646 time_after_eq(jiffies, rth->u.dst.expires))
649 age = jiffies - rth->u.dst.lastuse;
651 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
652 (age <= tmo2 && rt_valuable(rth)))
658 /* Bits of score are:
660 * 30: not quite useless
661 * 29..0: usage counter
663 static inline u32 rt_score(struct rtable *rt)
665 u32 score = jiffies - rt->u.dst.lastuse;
667 score = ~score & ~(3<<30);
673 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
679 static inline bool rt_caching(const struct net *net)
681 return net->ipv4.current_rt_cache_rebuild_count <=
682 net->ipv4.sysctl_rt_cache_rebuild_count;
685 static inline bool compare_hash_inputs(const struct flowi *fl1,
686 const struct flowi *fl2)
688 return (__force u32)(((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) |
689 (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr) |
690 (fl1->iif ^ fl2->iif)) == 0);
693 static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
695 return ((__force u32)((fl1->nl_u.ip4_u.daddr ^ fl2->nl_u.ip4_u.daddr) |
696 (fl1->nl_u.ip4_u.saddr ^ fl2->nl_u.ip4_u.saddr)) |
697 (fl1->mark ^ fl2->mark) |
698 (*(u16 *)&fl1->nl_u.ip4_u.tos ^
699 *(u16 *)&fl2->nl_u.ip4_u.tos) |
700 (fl1->oif ^ fl2->oif) |
701 (fl1->iif ^ fl2->iif)) == 0;
704 static inline int compare_netns(struct rtable *rt1, struct rtable *rt2)
706 return dev_net(rt1->u.dst.dev) == dev_net(rt2->u.dst.dev);
709 static inline int rt_is_expired(struct rtable *rth)
711 return rth->rt_genid != rt_genid(dev_net(rth->u.dst.dev));
715 * Perform a full scan of hash table and free all entries.
716 * Can be called by a softirq or a process.
717 * In the later case, we want to be reschedule if necessary
719 static void rt_do_flush(int process_context)
722 struct rtable *rth, *next;
723 struct rtable * tail;
725 for (i = 0; i <= rt_hash_mask; i++) {
726 if (process_context && need_resched())
728 rth = rt_hash_table[i].chain;
732 spin_lock_bh(rt_hash_lock_addr(i));
735 struct rtable ** prev, * p;
737 rth = rt_hash_table[i].chain;
739 /* defer releasing the head of the list after spin_unlock */
740 for (tail = rth; tail; tail = tail->u.dst.rt_next)
741 if (!rt_is_expired(tail))
744 rt_hash_table[i].chain = tail;
746 /* call rt_free on entries after the tail requiring flush */
747 prev = &rt_hash_table[i].chain;
748 for (p = *prev; p; p = next) {
749 next = p->u.dst.rt_next;
750 if (!rt_is_expired(p)) {
751 prev = &p->u.dst.rt_next;
759 rth = rt_hash_table[i].chain;
760 rt_hash_table[i].chain = NULL;
763 spin_unlock_bh(rt_hash_lock_addr(i));
765 for (; rth != tail; rth = next) {
766 next = rth->u.dst.rt_next;
773 * While freeing expired entries, we compute average chain length
774 * and standard deviation, using fixed-point arithmetic.
775 * This to have an estimation of rt_chain_length_max
776 * rt_chain_length_max = max(elasticity, AVG + 4*SD)
777 * We use 3 bits for frational part, and 29 (or 61) for magnitude.
781 #define ONE (1UL << FRACT_BITS)
783 static void rt_check_expire(void)
785 static unsigned int rover;
786 unsigned int i = rover, goal;
787 struct rtable *rth, *aux, **rthp;
788 unsigned long samples = 0;
789 unsigned long sum = 0, sum2 = 0;
792 mult = ((u64)ip_rt_gc_interval) << rt_hash_log;
793 if (ip_rt_gc_timeout > 1)
794 do_div(mult, ip_rt_gc_timeout);
795 goal = (unsigned int)mult;
796 if (goal > rt_hash_mask)
797 goal = rt_hash_mask + 1;
798 for (; goal > 0; goal--) {
799 unsigned long tmo = ip_rt_gc_timeout;
800 unsigned long length;
802 i = (i + 1) & rt_hash_mask;
803 rthp = &rt_hash_table[i].chain;
813 spin_lock_bh(rt_hash_lock_addr(i));
814 while ((rth = *rthp) != NULL) {
815 prefetch(rth->u.dst.rt_next);
816 if (rt_is_expired(rth)) {
817 *rthp = rth->u.dst.rt_next;
821 if (rth->u.dst.expires) {
822 /* Entry is expired even if it is in use */
823 if (time_before_eq(jiffies, rth->u.dst.expires)) {
826 rthp = &rth->u.dst.rt_next;
828 * We only count entries on
829 * a chain with equal hash inputs once
830 * so that entries for different QOS
831 * levels, and other non-hash input
832 * attributes don't unfairly skew
833 * the length computation
835 for (aux = rt_hash_table[i].chain;;) {
840 if (compare_hash_inputs(&aux->fl, &rth->fl))
842 aux = aux->u.dst.rt_next;
846 } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout))
849 /* Cleanup aged off entries. */
850 *rthp = rth->u.dst.rt_next;
853 spin_unlock_bh(rt_hash_lock_addr(i));
855 sum2 += length*length;
858 unsigned long avg = sum / samples;
859 unsigned long sd = int_sqrt(sum2 / samples - avg*avg);
860 rt_chain_length_max = max_t(unsigned long,
862 (avg + 4*sd) >> FRACT_BITS);
868 * rt_worker_func() is run in process context.
869 * we call rt_check_expire() to scan part of the hash table
871 static void rt_worker_func(struct work_struct *work)
874 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
878 * Pertubation of rt_genid by a small quantity [1..256]
879 * Using 8 bits of shuffling ensure we can call rt_cache_invalidate()
880 * many times (2^24) without giving recent rt_genid.
881 * Jenkins hash is strong enough that litle changes of rt_genid are OK.
883 static void rt_cache_invalidate(struct net *net)
885 unsigned char shuffle;
887 get_random_bytes(&shuffle, sizeof(shuffle));
888 atomic_add(shuffle + 1U, &net->ipv4.rt_genid);
892 * delay < 0 : invalidate cache (fast : entries will be deleted later)
893 * delay >= 0 : invalidate & flush cache (can be long)
895 void rt_cache_flush(struct net *net, int delay)
897 rt_cache_invalidate(net);
899 rt_do_flush(!in_softirq());
903 * We change rt_genid and let gc do the cleanup
905 static void rt_secret_rebuild(unsigned long __net)
907 struct net *net = (struct net *)__net;
908 rt_cache_invalidate(net);
909 mod_timer(&net->ipv4.rt_secret_timer, jiffies + ip_rt_secret_interval);
912 static void rt_secret_rebuild_oneshot(struct net *net)
914 del_timer_sync(&net->ipv4.rt_secret_timer);
915 rt_cache_invalidate(net);
916 if (ip_rt_secret_interval) {
917 net->ipv4.rt_secret_timer.expires += ip_rt_secret_interval;
918 add_timer(&net->ipv4.rt_secret_timer);
922 static void rt_emergency_hash_rebuild(struct net *net)
924 if (net_ratelimit()) {
925 printk(KERN_WARNING "Route hash chain too long!\n");
926 printk(KERN_WARNING "Adjust your secret_interval!\n");
929 rt_secret_rebuild_oneshot(net);
933 Short description of GC goals.
935 We want to build algorithm, which will keep routing cache
936 at some equilibrium point, when number of aged off entries
937 is kept approximately equal to newly generated ones.
939 Current expiration strength is variable "expire".
940 We try to adjust it dynamically, so that if networking
941 is idle expires is large enough to keep enough of warm entries,
942 and when load increases it reduces to limit cache size.
945 static int rt_garbage_collect(struct dst_ops *ops)
947 static unsigned long expire = RT_GC_TIMEOUT;
948 static unsigned long last_gc;
950 static int equilibrium;
951 struct rtable *rth, **rthp;
952 unsigned long now = jiffies;
956 * Garbage collection is pretty expensive,
957 * do not make it too frequently.
960 RT_CACHE_STAT_INC(gc_total);
962 if (now - last_gc < ip_rt_gc_min_interval &&
963 atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size) {
964 RT_CACHE_STAT_INC(gc_ignored);
968 /* Calculate number of entries, which we want to expire now. */
969 goal = atomic_read(&ipv4_dst_ops.entries) -
970 (ip_rt_gc_elasticity << rt_hash_log);
972 if (equilibrium < ipv4_dst_ops.gc_thresh)
973 equilibrium = ipv4_dst_ops.gc_thresh;
974 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
976 equilibrium += min_t(unsigned int, goal >> 1, rt_hash_mask + 1);
977 goal = atomic_read(&ipv4_dst_ops.entries) - equilibrium;
980 /* We are in dangerous area. Try to reduce cache really
983 goal = max_t(unsigned int, goal >> 1, rt_hash_mask + 1);
984 equilibrium = atomic_read(&ipv4_dst_ops.entries) - goal;
987 if (now - last_gc >= ip_rt_gc_min_interval)
998 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
999 unsigned long tmo = expire;
1001 k = (k + 1) & rt_hash_mask;
1002 rthp = &rt_hash_table[k].chain;
1003 spin_lock_bh(rt_hash_lock_addr(k));
1004 while ((rth = *rthp) != NULL) {
1005 if (!rt_is_expired(rth) &&
1006 !rt_may_expire(rth, tmo, expire)) {
1008 rthp = &rth->u.dst.rt_next;
1011 *rthp = rth->u.dst.rt_next;
1015 spin_unlock_bh(rt_hash_lock_addr(k));
1024 /* Goal is not achieved. We stop process if:
1026 - if expire reduced to zero. Otherwise, expire is halfed.
1027 - if table is not full.
1028 - if we are called from interrupt.
1029 - jiffies check is just fallback/debug loop breaker.
1030 We will not spin here for long time in any case.
1033 RT_CACHE_STAT_INC(gc_goal_miss);
1039 #if RT_CACHE_DEBUG >= 2
1040 printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire,
1041 atomic_read(&ipv4_dst_ops.entries), goal, i);
1044 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
1046 } while (!in_softirq() && time_before_eq(jiffies, now));
1048 if (atomic_read(&ipv4_dst_ops.entries) < ip_rt_max_size)
1050 if (net_ratelimit())
1051 printk(KERN_WARNING "dst cache overflow\n");
1052 RT_CACHE_STAT_INC(gc_dst_overflow);
1056 expire += ip_rt_gc_min_interval;
1057 if (expire > ip_rt_gc_timeout ||
1058 atomic_read(&ipv4_dst_ops.entries) < ipv4_dst_ops.gc_thresh)
1059 expire = ip_rt_gc_timeout;
1060 #if RT_CACHE_DEBUG >= 2
1061 printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire,
1062 atomic_read(&ipv4_dst_ops.entries), goal, rover);
1067 static int rt_intern_hash(unsigned hash, struct rtable *rt, struct rtable **rp)
1069 struct rtable *rth, **rthp;
1071 struct rtable *cand, **candp;
1074 int attempts = !in_softirq();
1078 min_score = ~(u32)0;
1083 if (!rt_caching(dev_net(rt->u.dst.dev))) {
1088 rthp = &rt_hash_table[hash].chain;
1090 spin_lock_bh(rt_hash_lock_addr(hash));
1091 while ((rth = *rthp) != NULL) {
1092 if (rt_is_expired(rth)) {
1093 *rthp = rth->u.dst.rt_next;
1097 if (compare_keys(&rth->fl, &rt->fl) && compare_netns(rth, rt)) {
1099 *rthp = rth->u.dst.rt_next;
1101 * Since lookup is lockfree, the deletion
1102 * must be visible to another weakly ordered CPU before
1103 * the insertion at the start of the hash chain.
1105 rcu_assign_pointer(rth->u.dst.rt_next,
1106 rt_hash_table[hash].chain);
1108 * Since lookup is lockfree, the update writes
1109 * must be ordered for consistency on SMP.
1111 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
1113 dst_use(&rth->u.dst, now);
1114 spin_unlock_bh(rt_hash_lock_addr(hash));
1121 if (!atomic_read(&rth->u.dst.__refcnt)) {
1122 u32 score = rt_score(rth);
1124 if (score <= min_score) {
1133 rthp = &rth->u.dst.rt_next;
1137 /* ip_rt_gc_elasticity used to be average length of chain
1138 * length, when exceeded gc becomes really aggressive.
1140 * The second limit is less certain. At the moment it allows
1141 * only 2 entries per bucket. We will see.
1143 if (chain_length > ip_rt_gc_elasticity) {
1144 *candp = cand->u.dst.rt_next;
1148 if (chain_length > rt_chain_length_max) {
1149 struct net *net = dev_net(rt->u.dst.dev);
1150 int num = ++net->ipv4.current_rt_cache_rebuild_count;
1151 if (!rt_caching(dev_net(rt->u.dst.dev))) {
1152 printk(KERN_WARNING "%s: %d rebuilds is over limit, route caching disabled\n",
1153 rt->u.dst.dev->name, num);
1155 rt_emergency_hash_rebuild(dev_net(rt->u.dst.dev));
1159 /* Try to bind route to arp only if it is output
1160 route or unicast forwarding path.
1162 if (rt->rt_type == RTN_UNICAST || rt->fl.iif == 0) {
1163 int err = arp_bind_neighbour(&rt->u.dst);
1165 spin_unlock_bh(rt_hash_lock_addr(hash));
1167 if (err != -ENOBUFS) {
1172 /* Neighbour tables are full and nothing
1173 can be released. Try to shrink route cache,
1174 it is most likely it holds some neighbour records.
1176 if (attempts-- > 0) {
1177 int saved_elasticity = ip_rt_gc_elasticity;
1178 int saved_int = ip_rt_gc_min_interval;
1179 ip_rt_gc_elasticity = 1;
1180 ip_rt_gc_min_interval = 0;
1181 rt_garbage_collect(&ipv4_dst_ops);
1182 ip_rt_gc_min_interval = saved_int;
1183 ip_rt_gc_elasticity = saved_elasticity;
1187 if (net_ratelimit())
1188 printk(KERN_WARNING "Neighbour table overflow.\n");
1194 rt->u.dst.rt_next = rt_hash_table[hash].chain;
1196 #if RT_CACHE_DEBUG >= 2
1197 if (rt->u.dst.rt_next) {
1199 printk(KERN_DEBUG "rt_cache @%02x: %pI4", hash, &rt->rt_dst);
1200 for (trt = rt->u.dst.rt_next; trt; trt = trt->u.dst.rt_next)
1201 printk(" . %pI4", &trt->rt_dst);
1206 * Since lookup is lockfree, we must make sure
1207 * previous writes to rt are comitted to memory
1208 * before making rt visible to other CPUS.
1210 rcu_assign_pointer(rt_hash_table[hash].chain, rt);
1212 spin_unlock_bh(rt_hash_lock_addr(hash));
1217 void rt_bind_peer(struct rtable *rt, int create)
1219 static DEFINE_SPINLOCK(rt_peer_lock);
1220 struct inet_peer *peer;
1222 peer = inet_getpeer(rt->rt_dst, create);
1224 spin_lock_bh(&rt_peer_lock);
1225 if (rt->peer == NULL) {
1229 spin_unlock_bh(&rt_peer_lock);
1235 * Peer allocation may fail only in serious out-of-memory conditions. However
1236 * we still can generate some output.
1237 * Random ID selection looks a bit dangerous because we have no chances to
1238 * select ID being unique in a reasonable period of time.
1239 * But broken packet identifier may be better than no packet at all.
1241 static void ip_select_fb_ident(struct iphdr *iph)
1243 static DEFINE_SPINLOCK(ip_fb_id_lock);
1244 static u32 ip_fallback_id;
1247 spin_lock_bh(&ip_fb_id_lock);
1248 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
1249 iph->id = htons(salt & 0xFFFF);
1250 ip_fallback_id = salt;
1251 spin_unlock_bh(&ip_fb_id_lock);
1254 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
1256 struct rtable *rt = (struct rtable *) dst;
1259 if (rt->peer == NULL)
1260 rt_bind_peer(rt, 1);
1262 /* If peer is attached to destination, it is never detached,
1263 so that we need not to grab a lock to dereference it.
1266 iph->id = htons(inet_getid(rt->peer, more));
1270 printk(KERN_DEBUG "rt_bind_peer(0) @%p\n",
1271 __builtin_return_address(0));
1273 ip_select_fb_ident(iph);
1276 static void rt_del(unsigned hash, struct rtable *rt)
1278 struct rtable **rthp, *aux;
1280 rthp = &rt_hash_table[hash].chain;
1281 spin_lock_bh(rt_hash_lock_addr(hash));
1283 while ((aux = *rthp) != NULL) {
1284 if (aux == rt || rt_is_expired(aux)) {
1285 *rthp = aux->u.dst.rt_next;
1289 rthp = &aux->u.dst.rt_next;
1291 spin_unlock_bh(rt_hash_lock_addr(hash));
1294 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1295 __be32 saddr, struct net_device *dev)
1298 struct in_device *in_dev = in_dev_get(dev);
1299 struct rtable *rth, **rthp;
1300 __be32 skeys[2] = { saddr, 0 };
1301 int ikeys[2] = { dev->ifindex, 0 };
1302 struct netevent_redirect netevent;
1309 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev)
1310 || ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw)
1311 || ipv4_is_zeronet(new_gw))
1312 goto reject_redirect;
1314 if (!rt_caching(net))
1315 goto reject_redirect;
1317 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1318 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1319 goto reject_redirect;
1320 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1321 goto reject_redirect;
1323 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
1324 goto reject_redirect;
1327 for (i = 0; i < 2; i++) {
1328 for (k = 0; k < 2; k++) {
1329 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k],
1332 rthp=&rt_hash_table[hash].chain;
1335 while ((rth = rcu_dereference(*rthp)) != NULL) {
1338 if (rth->fl.fl4_dst != daddr ||
1339 rth->fl.fl4_src != skeys[i] ||
1340 rth->fl.oif != ikeys[k] ||
1342 rt_is_expired(rth) ||
1343 !net_eq(dev_net(rth->u.dst.dev), net)) {
1344 rthp = &rth->u.dst.rt_next;
1348 if (rth->rt_dst != daddr ||
1349 rth->rt_src != saddr ||
1351 rth->rt_gateway != old_gw ||
1352 rth->u.dst.dev != dev)
1355 dst_hold(&rth->u.dst);
1358 rt = dst_alloc(&ipv4_dst_ops);
1365 /* Copy all the information. */
1367 rt->u.dst.__use = 1;
1368 atomic_set(&rt->u.dst.__refcnt, 1);
1369 rt->u.dst.child = NULL;
1371 dev_hold(rt->u.dst.dev);
1373 in_dev_hold(rt->idev);
1374 rt->u.dst.obsolete = 0;
1375 rt->u.dst.lastuse = jiffies;
1376 rt->u.dst.path = &rt->u.dst;
1377 rt->u.dst.neighbour = NULL;
1378 rt->u.dst.hh = NULL;
1380 rt->u.dst.xfrm = NULL;
1382 rt->rt_genid = rt_genid(net);
1383 rt->rt_flags |= RTCF_REDIRECTED;
1385 /* Gateway is different ... */
1386 rt->rt_gateway = new_gw;
1388 /* Redirect received -> path was valid */
1389 dst_confirm(&rth->u.dst);
1392 atomic_inc(&rt->peer->refcnt);
1394 if (arp_bind_neighbour(&rt->u.dst) ||
1395 !(rt->u.dst.neighbour->nud_state &
1397 if (rt->u.dst.neighbour)
1398 neigh_event_send(rt->u.dst.neighbour, NULL);
1404 netevent.old = &rth->u.dst;
1405 netevent.new = &rt->u.dst;
1406 call_netevent_notifiers(NETEVENT_REDIRECT,
1410 if (!rt_intern_hash(hash, rt, &rt))
1423 #ifdef CONFIG_IP_ROUTE_VERBOSE
1424 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1425 printk(KERN_INFO "Redirect from %pI4 on %s about %pI4 ignored.\n"
1426 " Advised path = %pI4 -> %pI4\n",
1427 &old_gw, dev->name, &new_gw,
1433 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1435 struct rtable *rt = (struct rtable *)dst;
1436 struct dst_entry *ret = dst;
1439 if (dst->obsolete) {
1442 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1443 rt->u.dst.expires) {
1444 unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1446 rt_genid(dev_net(dst->dev)));
1447 #if RT_CACHE_DEBUG >= 1
1448 printk(KERN_DEBUG "ipv4_negative_advice: redirect to %pI4/%02x dropped\n",
1449 &rt->rt_dst, rt->fl.fl4_tos);
1460 * 1. The first ip_rt_redirect_number redirects are sent
1461 * with exponential backoff, then we stop sending them at all,
1462 * assuming that the host ignores our redirects.
1463 * 2. If we did not see packets requiring redirects
1464 * during ip_rt_redirect_silence, we assume that the host
1465 * forgot redirected route and start to send redirects again.
1467 * This algorithm is much cheaper and more intelligent than dumb load limiting
1470 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1471 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1474 void ip_rt_send_redirect(struct sk_buff *skb)
1476 struct rtable *rt = skb->rtable;
1477 struct in_device *in_dev = in_dev_get(rt->u.dst.dev);
1482 if (!IN_DEV_TX_REDIRECTS(in_dev))
1485 /* No redirected packets during ip_rt_redirect_silence;
1486 * reset the algorithm.
1488 if (time_after(jiffies, rt->u.dst.rate_last + ip_rt_redirect_silence))
1489 rt->u.dst.rate_tokens = 0;
1491 /* Too many ignored redirects; do not send anything
1492 * set u.dst.rate_last to the last seen redirected packet.
1494 if (rt->u.dst.rate_tokens >= ip_rt_redirect_number) {
1495 rt->u.dst.rate_last = jiffies;
1499 /* Check for load limit; set rate_last to the latest sent
1502 if (rt->u.dst.rate_tokens == 0 ||
1504 (rt->u.dst.rate_last +
1505 (ip_rt_redirect_load << rt->u.dst.rate_tokens)))) {
1506 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1507 rt->u.dst.rate_last = jiffies;
1508 ++rt->u.dst.rate_tokens;
1509 #ifdef CONFIG_IP_ROUTE_VERBOSE
1510 if (IN_DEV_LOG_MARTIANS(in_dev) &&
1511 rt->u.dst.rate_tokens == ip_rt_redirect_number &&
1513 printk(KERN_WARNING "host %pI4/if%d ignores redirects for %pI4 to %pI4.\n",
1514 &rt->rt_src, rt->rt_iif,
1515 &rt->rt_dst, &rt->rt_gateway);
1522 static int ip_error(struct sk_buff *skb)
1524 struct rtable *rt = skb->rtable;
1528 switch (rt->u.dst.error) {
1533 code = ICMP_HOST_UNREACH;
1536 code = ICMP_NET_UNREACH;
1537 IP_INC_STATS_BH(dev_net(rt->u.dst.dev),
1538 IPSTATS_MIB_INNOROUTES);
1541 code = ICMP_PKT_FILTERED;
1546 rt->u.dst.rate_tokens += now - rt->u.dst.rate_last;
1547 if (rt->u.dst.rate_tokens > ip_rt_error_burst)
1548 rt->u.dst.rate_tokens = ip_rt_error_burst;
1549 rt->u.dst.rate_last = now;
1550 if (rt->u.dst.rate_tokens >= ip_rt_error_cost) {
1551 rt->u.dst.rate_tokens -= ip_rt_error_cost;
1552 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1555 out: kfree_skb(skb);
1560 * The last two values are not from the RFC but
1561 * are needed for AMPRnet AX.25 paths.
1564 static const unsigned short mtu_plateau[] =
1565 {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 };
1567 static inline unsigned short guess_mtu(unsigned short old_mtu)
1571 for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++)
1572 if (old_mtu > mtu_plateau[i])
1573 return mtu_plateau[i];
1577 unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
1578 unsigned short new_mtu,
1579 struct net_device *dev)
1582 unsigned short old_mtu = ntohs(iph->tot_len);
1584 int ikeys[2] = { dev->ifindex, 0 };
1585 __be32 skeys[2] = { iph->saddr, 0, };
1586 __be32 daddr = iph->daddr;
1587 unsigned short est_mtu = 0;
1589 if (ipv4_config.no_pmtu_disc)
1592 for (k = 0; k < 2; k++) {
1593 for (i = 0; i < 2; i++) {
1594 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k],
1598 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1599 rth = rcu_dereference(rth->u.dst.rt_next)) {
1600 unsigned short mtu = new_mtu;
1602 if (rth->fl.fl4_dst != daddr ||
1603 rth->fl.fl4_src != skeys[i] ||
1604 rth->rt_dst != daddr ||
1605 rth->rt_src != iph->saddr ||
1606 rth->fl.oif != ikeys[k] ||
1608 dst_metric_locked(&rth->u.dst, RTAX_MTU) ||
1609 !net_eq(dev_net(rth->u.dst.dev), net) ||
1613 if (new_mtu < 68 || new_mtu >= old_mtu) {
1615 /* BSD 4.2 compatibility hack :-( */
1617 old_mtu >= dst_mtu(&rth->u.dst) &&
1618 old_mtu >= 68 + (iph->ihl << 2))
1619 old_mtu -= iph->ihl << 2;
1621 mtu = guess_mtu(old_mtu);
1623 if (mtu <= dst_mtu(&rth->u.dst)) {
1624 if (mtu < dst_mtu(&rth->u.dst)) {
1625 dst_confirm(&rth->u.dst);
1626 if (mtu < ip_rt_min_pmtu) {
1627 mtu = ip_rt_min_pmtu;
1628 rth->u.dst.metrics[RTAX_LOCK-1] |=
1631 rth->u.dst.metrics[RTAX_MTU-1] = mtu;
1632 dst_set_expires(&rth->u.dst,
1641 return est_mtu ? : new_mtu;
1644 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1646 if (dst_mtu(dst) > mtu && mtu >= 68 &&
1647 !(dst_metric_locked(dst, RTAX_MTU))) {
1648 if (mtu < ip_rt_min_pmtu) {
1649 mtu = ip_rt_min_pmtu;
1650 dst->metrics[RTAX_LOCK-1] |= (1 << RTAX_MTU);
1652 dst->metrics[RTAX_MTU-1] = mtu;
1653 dst_set_expires(dst, ip_rt_mtu_expires);
1654 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
1658 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1663 static void ipv4_dst_destroy(struct dst_entry *dst)
1665 struct rtable *rt = (struct rtable *) dst;
1666 struct inet_peer *peer = rt->peer;
1667 struct in_device *idev = rt->idev;
1680 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
1683 struct rtable *rt = (struct rtable *) dst;
1684 struct in_device *idev = rt->idev;
1685 if (dev != dev_net(dev)->loopback_dev && idev && idev->dev == dev) {
1686 struct in_device *loopback_idev =
1687 in_dev_get(dev_net(dev)->loopback_dev);
1688 if (loopback_idev) {
1689 rt->idev = loopback_idev;
1695 static void ipv4_link_failure(struct sk_buff *skb)
1699 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1703 dst_set_expires(&rt->u.dst, 0);
1706 static int ip_rt_bug(struct sk_buff *skb)
1708 printk(KERN_DEBUG "ip_rt_bug: %pI4 -> %pI4, %s\n",
1709 &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1710 skb->dev ? skb->dev->name : "?");
1716 We do not cache source address of outgoing interface,
1717 because it is used only by IP RR, TS and SRR options,
1718 so that it out of fast path.
1720 BTW remember: "addr" is allowed to be not aligned
1724 void ip_rt_get_source(u8 *addr, struct rtable *rt)
1727 struct fib_result res;
1729 if (rt->fl.iif == 0)
1731 else if (fib_lookup(dev_net(rt->u.dst.dev), &rt->fl, &res) == 0) {
1732 src = FIB_RES_PREFSRC(res);
1735 src = inet_select_addr(rt->u.dst.dev, rt->rt_gateway,
1737 memcpy(addr, &src, 4);
1740 #ifdef CONFIG_NET_CLS_ROUTE
1741 static void set_class_tag(struct rtable *rt, u32 tag)
1743 if (!(rt->u.dst.tclassid & 0xFFFF))
1744 rt->u.dst.tclassid |= tag & 0xFFFF;
1745 if (!(rt->u.dst.tclassid & 0xFFFF0000))
1746 rt->u.dst.tclassid |= tag & 0xFFFF0000;
1750 static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag)
1752 struct fib_info *fi = res->fi;
1755 if (FIB_RES_GW(*res) &&
1756 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1757 rt->rt_gateway = FIB_RES_GW(*res);
1758 memcpy(rt->u.dst.metrics, fi->fib_metrics,
1759 sizeof(rt->u.dst.metrics));
1760 if (fi->fib_mtu == 0) {
1761 rt->u.dst.metrics[RTAX_MTU-1] = rt->u.dst.dev->mtu;
1762 if (dst_metric_locked(&rt->u.dst, RTAX_MTU) &&
1763 rt->rt_gateway != rt->rt_dst &&
1764 rt->u.dst.dev->mtu > 576)
1765 rt->u.dst.metrics[RTAX_MTU-1] = 576;
1767 #ifdef CONFIG_NET_CLS_ROUTE
1768 rt->u.dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1771 rt->u.dst.metrics[RTAX_MTU-1]= rt->u.dst.dev->mtu;
1773 if (dst_metric(&rt->u.dst, RTAX_HOPLIMIT) == 0)
1774 rt->u.dst.metrics[RTAX_HOPLIMIT-1] = sysctl_ip_default_ttl;
1775 if (dst_mtu(&rt->u.dst) > IP_MAX_MTU)
1776 rt->u.dst.metrics[RTAX_MTU-1] = IP_MAX_MTU;
1777 if (dst_metric(&rt->u.dst, RTAX_ADVMSS) == 0)
1778 rt->u.dst.metrics[RTAX_ADVMSS-1] = max_t(unsigned int, rt->u.dst.dev->mtu - 40,
1780 if (dst_metric(&rt->u.dst, RTAX_ADVMSS) > 65535 - 40)
1781 rt->u.dst.metrics[RTAX_ADVMSS-1] = 65535 - 40;
1783 #ifdef CONFIG_NET_CLS_ROUTE
1784 #ifdef CONFIG_IP_MULTIPLE_TABLES
1785 set_class_tag(rt, fib_rules_tclass(res));
1787 set_class_tag(rt, itag);
1789 rt->rt_type = res->type;
1792 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1793 u8 tos, struct net_device *dev, int our)
1798 struct in_device *in_dev = in_dev_get(dev);
1801 /* Primary sanity checks. */
1806 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1807 ipv4_is_loopback(saddr) || skb->protocol != htons(ETH_P_IP))
1810 if (ipv4_is_zeronet(saddr)) {
1811 if (!ipv4_is_local_multicast(daddr))
1813 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1814 } else if (fib_validate_source(saddr, 0, tos, 0,
1815 dev, &spec_dst, &itag) < 0)
1818 rth = dst_alloc(&ipv4_dst_ops);
1822 rth->u.dst.output= ip_rt_bug;
1824 atomic_set(&rth->u.dst.__refcnt, 1);
1825 rth->u.dst.flags= DST_HOST;
1826 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1827 rth->u.dst.flags |= DST_NOPOLICY;
1828 rth->fl.fl4_dst = daddr;
1829 rth->rt_dst = daddr;
1830 rth->fl.fl4_tos = tos;
1831 rth->fl.mark = skb->mark;
1832 rth->fl.fl4_src = saddr;
1833 rth->rt_src = saddr;
1834 #ifdef CONFIG_NET_CLS_ROUTE
1835 rth->u.dst.tclassid = itag;
1838 rth->fl.iif = dev->ifindex;
1839 rth->u.dst.dev = init_net.loopback_dev;
1840 dev_hold(rth->u.dst.dev);
1841 rth->idev = in_dev_get(rth->u.dst.dev);
1843 rth->rt_gateway = daddr;
1844 rth->rt_spec_dst= spec_dst;
1845 rth->rt_genid = rt_genid(dev_net(dev));
1846 rth->rt_flags = RTCF_MULTICAST;
1847 rth->rt_type = RTN_MULTICAST;
1849 rth->u.dst.input= ip_local_deliver;
1850 rth->rt_flags |= RTCF_LOCAL;
1853 #ifdef CONFIG_IP_MROUTE
1854 if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1855 rth->u.dst.input = ip_mr_input;
1857 RT_CACHE_STAT_INC(in_slow_mc);
1860 hash = rt_hash(daddr, saddr, dev->ifindex, rt_genid(dev_net(dev)));
1861 return rt_intern_hash(hash, rth, &skb->rtable);
1873 static void ip_handle_martian_source(struct net_device *dev,
1874 struct in_device *in_dev,
1875 struct sk_buff *skb,
1879 RT_CACHE_STAT_INC(in_martian_src);
1880 #ifdef CONFIG_IP_ROUTE_VERBOSE
1881 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1883 * RFC1812 recommendation, if source is martian,
1884 * the only hint is MAC header.
1886 printk(KERN_WARNING "martian source %pI4 from %pI4, on dev %s\n",
1887 &daddr, &saddr, dev->name);
1888 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1890 const unsigned char *p = skb_mac_header(skb);
1891 printk(KERN_WARNING "ll header: ");
1892 for (i = 0; i < dev->hard_header_len; i++, p++) {
1894 if (i < (dev->hard_header_len - 1))
1903 static int __mkroute_input(struct sk_buff *skb,
1904 struct fib_result *res,
1905 struct in_device *in_dev,
1906 __be32 daddr, __be32 saddr, u32 tos,
1907 struct rtable **result)
1912 struct in_device *out_dev;
1917 /* get a working reference to the output device */
1918 out_dev = in_dev_get(FIB_RES_DEV(*res));
1919 if (out_dev == NULL) {
1920 if (net_ratelimit())
1921 printk(KERN_CRIT "Bug in ip_route_input" \
1922 "_slow(). Please, report\n");
1927 err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
1928 in_dev->dev, &spec_dst, &itag);
1930 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1938 flags |= RTCF_DIRECTSRC;
1940 if (out_dev == in_dev && err &&
1941 (IN_DEV_SHARED_MEDIA(out_dev) ||
1942 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1943 flags |= RTCF_DOREDIRECT;
1945 if (skb->protocol != htons(ETH_P_IP)) {
1946 /* Not IP (i.e. ARP). Do not create route, if it is
1947 * invalid for proxy arp. DNAT routes are always valid.
1949 if (out_dev == in_dev) {
1956 rth = dst_alloc(&ipv4_dst_ops);
1962 atomic_set(&rth->u.dst.__refcnt, 1);
1963 rth->u.dst.flags= DST_HOST;
1964 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1965 rth->u.dst.flags |= DST_NOPOLICY;
1966 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
1967 rth->u.dst.flags |= DST_NOXFRM;
1968 rth->fl.fl4_dst = daddr;
1969 rth->rt_dst = daddr;
1970 rth->fl.fl4_tos = tos;
1971 rth->fl.mark = skb->mark;
1972 rth->fl.fl4_src = saddr;
1973 rth->rt_src = saddr;
1974 rth->rt_gateway = daddr;
1976 rth->fl.iif = in_dev->dev->ifindex;
1977 rth->u.dst.dev = (out_dev)->dev;
1978 dev_hold(rth->u.dst.dev);
1979 rth->idev = in_dev_get(rth->u.dst.dev);
1981 rth->rt_spec_dst= spec_dst;
1983 rth->u.dst.input = ip_forward;
1984 rth->u.dst.output = ip_output;
1985 rth->rt_genid = rt_genid(dev_net(rth->u.dst.dev));
1987 rt_set_nexthop(rth, res, itag);
1989 rth->rt_flags = flags;
1994 /* release the working reference to the output device */
1995 in_dev_put(out_dev);
1999 static int ip_mkroute_input(struct sk_buff *skb,
2000 struct fib_result *res,
2001 const struct flowi *fl,
2002 struct in_device *in_dev,
2003 __be32 daddr, __be32 saddr, u32 tos)
2005 struct rtable* rth = NULL;
2009 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2010 if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
2011 fib_select_multipath(fl, res);
2014 /* create a routing cache entry */
2015 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
2019 /* put it into the cache */
2020 hash = rt_hash(daddr, saddr, fl->iif,
2021 rt_genid(dev_net(rth->u.dst.dev)));
2022 return rt_intern_hash(hash, rth, &skb->rtable);
2026 * NOTE. We drop all the packets that has local source
2027 * addresses, because every properly looped back packet
2028 * must have correct destination already attached by output routine.
2030 * Such approach solves two big problems:
2031 * 1. Not simplex devices are handled properly.
2032 * 2. IP spoofing attempts are filtered with 100% of guarantee.
2035 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2036 u8 tos, struct net_device *dev)
2038 struct fib_result res;
2039 struct in_device *in_dev = in_dev_get(dev);
2040 struct flowi fl = { .nl_u = { .ip4_u =
2044 .scope = RT_SCOPE_UNIVERSE,
2047 .iif = dev->ifindex };
2050 struct rtable * rth;
2055 struct net * net = dev_net(dev);
2057 /* IP on this device is disabled. */
2062 /* Check for the most weird martians, which can be not detected
2066 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
2067 ipv4_is_loopback(saddr))
2068 goto martian_source;
2070 if (daddr == htonl(0xFFFFFFFF) || (saddr == 0 && daddr == 0))
2073 /* Accept zero addresses only to limited broadcast;
2074 * I even do not know to fix it or not. Waiting for complains :-)
2076 if (ipv4_is_zeronet(saddr))
2077 goto martian_source;
2079 if (ipv4_is_lbcast(daddr) || ipv4_is_zeronet(daddr) ||
2080 ipv4_is_loopback(daddr))
2081 goto martian_destination;
2084 * Now we are ready to route packet.
2086 if ((err = fib_lookup(net, &fl, &res)) != 0) {
2087 if (!IN_DEV_FORWARD(in_dev))
2093 RT_CACHE_STAT_INC(in_slow_tot);
2095 if (res.type == RTN_BROADCAST)
2098 if (res.type == RTN_LOCAL) {
2100 result = fib_validate_source(saddr, daddr, tos,
2101 net->loopback_dev->ifindex,
2102 dev, &spec_dst, &itag);
2104 goto martian_source;
2106 flags |= RTCF_DIRECTSRC;
2111 if (!IN_DEV_FORWARD(in_dev))
2113 if (res.type != RTN_UNICAST)
2114 goto martian_destination;
2116 err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
2124 if (skb->protocol != htons(ETH_P_IP))
2127 if (ipv4_is_zeronet(saddr))
2128 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
2130 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
2133 goto martian_source;
2135 flags |= RTCF_DIRECTSRC;
2137 flags |= RTCF_BROADCAST;
2138 res.type = RTN_BROADCAST;
2139 RT_CACHE_STAT_INC(in_brd);
2142 rth = dst_alloc(&ipv4_dst_ops);
2146 rth->u.dst.output= ip_rt_bug;
2147 rth->rt_genid = rt_genid(net);
2149 atomic_set(&rth->u.dst.__refcnt, 1);
2150 rth->u.dst.flags= DST_HOST;
2151 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2152 rth->u.dst.flags |= DST_NOPOLICY;
2153 rth->fl.fl4_dst = daddr;
2154 rth->rt_dst = daddr;
2155 rth->fl.fl4_tos = tos;
2156 rth->fl.mark = skb->mark;
2157 rth->fl.fl4_src = saddr;
2158 rth->rt_src = saddr;
2159 #ifdef CONFIG_NET_CLS_ROUTE
2160 rth->u.dst.tclassid = itag;
2163 rth->fl.iif = dev->ifindex;
2164 rth->u.dst.dev = net->loopback_dev;
2165 dev_hold(rth->u.dst.dev);
2166 rth->idev = in_dev_get(rth->u.dst.dev);
2167 rth->rt_gateway = daddr;
2168 rth->rt_spec_dst= spec_dst;
2169 rth->u.dst.input= ip_local_deliver;
2170 rth->rt_flags = flags|RTCF_LOCAL;
2171 if (res.type == RTN_UNREACHABLE) {
2172 rth->u.dst.input= ip_error;
2173 rth->u.dst.error= -err;
2174 rth->rt_flags &= ~RTCF_LOCAL;
2176 rth->rt_type = res.type;
2177 hash = rt_hash(daddr, saddr, fl.iif, rt_genid(net));
2178 err = rt_intern_hash(hash, rth, &skb->rtable);
2182 RT_CACHE_STAT_INC(in_no_route);
2183 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
2184 res.type = RTN_UNREACHABLE;
2190 * Do not cache martian addresses: they should be logged (RFC1812)
2192 martian_destination:
2193 RT_CACHE_STAT_INC(in_martian_dst);
2194 #ifdef CONFIG_IP_ROUTE_VERBOSE
2195 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
2196 printk(KERN_WARNING "martian destination %pI4 from %pI4, dev %s\n",
2197 &daddr, &saddr, dev->name);
2201 err = -EHOSTUNREACH;
2213 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
2217 int ip_route_input(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2218 u8 tos, struct net_device *dev)
2220 struct rtable * rth;
2222 int iif = dev->ifindex;
2227 if (!rt_caching(net))
2230 tos &= IPTOS_RT_MASK;
2231 hash = rt_hash(daddr, saddr, iif, rt_genid(net));
2234 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2235 rth = rcu_dereference(rth->u.dst.rt_next)) {
2236 if (((rth->fl.fl4_dst ^ daddr) |
2237 (rth->fl.fl4_src ^ saddr) |
2238 (rth->fl.iif ^ iif) |
2240 (rth->fl.fl4_tos ^ tos)) == 0 &&
2241 rth->fl.mark == skb->mark &&
2242 net_eq(dev_net(rth->u.dst.dev), net) &&
2243 !rt_is_expired(rth)) {
2244 dst_use(&rth->u.dst, jiffies);
2245 RT_CACHE_STAT_INC(in_hit);
2250 RT_CACHE_STAT_INC(in_hlist_search);
2255 /* Multicast recognition logic is moved from route cache to here.
2256 The problem was that too many Ethernet cards have broken/missing
2257 hardware multicast filters :-( As result the host on multicasting
2258 network acquires a lot of useless route cache entries, sort of
2259 SDR messages from all the world. Now we try to get rid of them.
2260 Really, provided software IP multicast filter is organized
2261 reasonably (at least, hashed), it does not result in a slowdown
2262 comparing with route cache reject entries.
2263 Note, that multicast routers are not affected, because
2264 route cache entry is created eventually.
2266 if (ipv4_is_multicast(daddr)) {
2267 struct in_device *in_dev;
2270 if ((in_dev = __in_dev_get_rcu(dev)) != NULL) {
2271 int our = ip_check_mc(in_dev, daddr, saddr,
2272 ip_hdr(skb)->protocol);
2274 #ifdef CONFIG_IP_MROUTE
2275 || (!ipv4_is_local_multicast(daddr) &&
2276 IN_DEV_MFORWARD(in_dev))
2280 return ip_route_input_mc(skb, daddr, saddr,
2287 return ip_route_input_slow(skb, daddr, saddr, tos, dev);
2290 static int __mkroute_output(struct rtable **result,
2291 struct fib_result *res,
2292 const struct flowi *fl,
2293 const struct flowi *oldflp,
2294 struct net_device *dev_out,
2298 struct in_device *in_dev;
2299 u32 tos = RT_FL_TOS(oldflp);
2302 if (ipv4_is_loopback(fl->fl4_src) && !(dev_out->flags&IFF_LOOPBACK))
2305 if (fl->fl4_dst == htonl(0xFFFFFFFF))
2306 res->type = RTN_BROADCAST;
2307 else if (ipv4_is_multicast(fl->fl4_dst))
2308 res->type = RTN_MULTICAST;
2309 else if (ipv4_is_lbcast(fl->fl4_dst) || ipv4_is_zeronet(fl->fl4_dst))
2312 if (dev_out->flags & IFF_LOOPBACK)
2313 flags |= RTCF_LOCAL;
2315 /* get work reference to inet device */
2316 in_dev = in_dev_get(dev_out);
2320 if (res->type == RTN_BROADCAST) {
2321 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2323 fib_info_put(res->fi);
2326 } else if (res->type == RTN_MULTICAST) {
2327 flags |= RTCF_MULTICAST|RTCF_LOCAL;
2328 if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src,
2330 flags &= ~RTCF_LOCAL;
2331 /* If multicast route do not exist use
2332 default one, but do not gateway in this case.
2335 if (res->fi && res->prefixlen < 4) {
2336 fib_info_put(res->fi);
2342 rth = dst_alloc(&ipv4_dst_ops);
2348 atomic_set(&rth->u.dst.__refcnt, 1);
2349 rth->u.dst.flags= DST_HOST;
2350 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2351 rth->u.dst.flags |= DST_NOXFRM;
2352 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2353 rth->u.dst.flags |= DST_NOPOLICY;
2355 rth->fl.fl4_dst = oldflp->fl4_dst;
2356 rth->fl.fl4_tos = tos;
2357 rth->fl.fl4_src = oldflp->fl4_src;
2358 rth->fl.oif = oldflp->oif;
2359 rth->fl.mark = oldflp->mark;
2360 rth->rt_dst = fl->fl4_dst;
2361 rth->rt_src = fl->fl4_src;
2362 rth->rt_iif = oldflp->oif ? : dev_out->ifindex;
2363 /* get references to the devices that are to be hold by the routing
2365 rth->u.dst.dev = dev_out;
2367 rth->idev = in_dev_get(dev_out);
2368 rth->rt_gateway = fl->fl4_dst;
2369 rth->rt_spec_dst= fl->fl4_src;
2371 rth->u.dst.output=ip_output;
2372 rth->rt_genid = rt_genid(dev_net(dev_out));
2374 RT_CACHE_STAT_INC(out_slow_tot);
2376 if (flags & RTCF_LOCAL) {
2377 rth->u.dst.input = ip_local_deliver;
2378 rth->rt_spec_dst = fl->fl4_dst;
2380 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2381 rth->rt_spec_dst = fl->fl4_src;
2382 if (flags & RTCF_LOCAL &&
2383 !(dev_out->flags & IFF_LOOPBACK)) {
2384 rth->u.dst.output = ip_mc_output;
2385 RT_CACHE_STAT_INC(out_slow_mc);
2387 #ifdef CONFIG_IP_MROUTE
2388 if (res->type == RTN_MULTICAST) {
2389 if (IN_DEV_MFORWARD(in_dev) &&
2390 !ipv4_is_local_multicast(oldflp->fl4_dst)) {
2391 rth->u.dst.input = ip_mr_input;
2392 rth->u.dst.output = ip_mc_output;
2398 rt_set_nexthop(rth, res, 0);
2400 rth->rt_flags = flags;
2404 /* release work reference to inet device */
2410 static int ip_mkroute_output(struct rtable **rp,
2411 struct fib_result *res,
2412 const struct flowi *fl,
2413 const struct flowi *oldflp,
2414 struct net_device *dev_out,
2417 struct rtable *rth = NULL;
2418 int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags);
2421 hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif,
2422 rt_genid(dev_net(dev_out)));
2423 err = rt_intern_hash(hash, rth, rp);
2430 * Major route resolver routine.
2433 static int ip_route_output_slow(struct net *net, struct rtable **rp,
2434 const struct flowi *oldflp)
2436 u32 tos = RT_FL_TOS(oldflp);
2437 struct flowi fl = { .nl_u = { .ip4_u =
2438 { .daddr = oldflp->fl4_dst,
2439 .saddr = oldflp->fl4_src,
2440 .tos = tos & IPTOS_RT_MASK,
2441 .scope = ((tos & RTO_ONLINK) ?
2445 .mark = oldflp->mark,
2446 .iif = net->loopback_dev->ifindex,
2447 .oif = oldflp->oif };
2448 struct fib_result res;
2450 struct net_device *dev_out = NULL;
2456 #ifdef CONFIG_IP_MULTIPLE_TABLES
2460 if (oldflp->fl4_src) {
2462 if (ipv4_is_multicast(oldflp->fl4_src) ||
2463 ipv4_is_lbcast(oldflp->fl4_src) ||
2464 ipv4_is_zeronet(oldflp->fl4_src))
2467 /* I removed check for oif == dev_out->oif here.
2468 It was wrong for two reasons:
2469 1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2470 is assigned to multiple interfaces.
2471 2. Moreover, we are allowed to send packets with saddr
2472 of another iface. --ANK
2475 if (oldflp->oif == 0
2476 && (ipv4_is_multicast(oldflp->fl4_dst) ||
2477 oldflp->fl4_dst == htonl(0xFFFFFFFF))) {
2478 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2479 dev_out = ip_dev_find(net, oldflp->fl4_src);
2480 if (dev_out == NULL)
2483 /* Special hack: user can direct multicasts
2484 and limited broadcast via necessary interface
2485 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2486 This hack is not just for fun, it allows
2487 vic,vat and friends to work.
2488 They bind socket to loopback, set ttl to zero
2489 and expect that it will work.
2490 From the viewpoint of routing cache they are broken,
2491 because we are not allowed to build multicast path
2492 with loopback source addr (look, routing cache
2493 cannot know, that ttl is zero, so that packet
2494 will not leave this host and route is valid).
2495 Luckily, this hack is good workaround.
2498 fl.oif = dev_out->ifindex;
2502 if (!(oldflp->flags & FLOWI_FLAG_ANYSRC)) {
2503 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2504 dev_out = ip_dev_find(net, oldflp->fl4_src);
2505 if (dev_out == NULL)
2514 dev_out = dev_get_by_index(net, oldflp->oif);
2516 if (dev_out == NULL)
2519 /* RACE: Check return value of inet_select_addr instead. */
2520 if (__in_dev_get_rtnl(dev_out) == NULL) {
2522 goto out; /* Wrong error code */
2525 if (ipv4_is_local_multicast(oldflp->fl4_dst) ||
2526 oldflp->fl4_dst == htonl(0xFFFFFFFF)) {
2528 fl.fl4_src = inet_select_addr(dev_out, 0,
2533 if (ipv4_is_multicast(oldflp->fl4_dst))
2534 fl.fl4_src = inet_select_addr(dev_out, 0,
2536 else if (!oldflp->fl4_dst)
2537 fl.fl4_src = inet_select_addr(dev_out, 0,
2543 fl.fl4_dst = fl.fl4_src;
2545 fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK);
2548 dev_out = net->loopback_dev;
2550 fl.oif = net->loopback_dev->ifindex;
2551 res.type = RTN_LOCAL;
2552 flags |= RTCF_LOCAL;
2556 if (fib_lookup(net, &fl, &res)) {
2559 /* Apparently, routing tables are wrong. Assume,
2560 that the destination is on link.
2563 Because we are allowed to send to iface
2564 even if it has NO routes and NO assigned
2565 addresses. When oif is specified, routing
2566 tables are looked up with only one purpose:
2567 to catch if destination is gatewayed, rather than
2568 direct. Moreover, if MSG_DONTROUTE is set,
2569 we send packet, ignoring both routing tables
2570 and ifaddr state. --ANK
2573 We could make it even if oif is unknown,
2574 likely IPv6, but we do not.
2577 if (fl.fl4_src == 0)
2578 fl.fl4_src = inet_select_addr(dev_out, 0,
2580 res.type = RTN_UNICAST;
2590 if (res.type == RTN_LOCAL) {
2592 fl.fl4_src = fl.fl4_dst;
2595 dev_out = net->loopback_dev;
2597 fl.oif = dev_out->ifindex;
2599 fib_info_put(res.fi);
2601 flags |= RTCF_LOCAL;
2605 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2606 if (res.fi->fib_nhs > 1 && fl.oif == 0)
2607 fib_select_multipath(&fl, &res);
2610 if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
2611 fib_select_default(net, &fl, &res);
2614 fl.fl4_src = FIB_RES_PREFSRC(res);
2618 dev_out = FIB_RES_DEV(res);
2620 fl.oif = dev_out->ifindex;
2624 err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags);
2634 int __ip_route_output_key(struct net *net, struct rtable **rp,
2635 const struct flowi *flp)
2640 if (!rt_caching(net))
2643 hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif, rt_genid(net));
2646 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2647 rth = rcu_dereference(rth->u.dst.rt_next)) {
2648 if (rth->fl.fl4_dst == flp->fl4_dst &&
2649 rth->fl.fl4_src == flp->fl4_src &&
2651 rth->fl.oif == flp->oif &&
2652 rth->fl.mark == flp->mark &&
2653 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
2654 (IPTOS_RT_MASK | RTO_ONLINK)) &&
2655 net_eq(dev_net(rth->u.dst.dev), net) &&
2656 !rt_is_expired(rth)) {
2657 dst_use(&rth->u.dst, jiffies);
2658 RT_CACHE_STAT_INC(out_hit);
2659 rcu_read_unlock_bh();
2663 RT_CACHE_STAT_INC(out_hlist_search);
2665 rcu_read_unlock_bh();
2668 return ip_route_output_slow(net, rp, flp);
2671 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2673 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2677 static struct dst_ops ipv4_dst_blackhole_ops = {
2679 .protocol = cpu_to_be16(ETH_P_IP),
2680 .destroy = ipv4_dst_destroy,
2681 .check = ipv4_dst_check,
2682 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2683 .entries = ATOMIC_INIT(0),
2687 static int ipv4_dst_blackhole(struct net *net, struct rtable **rp, struct flowi *flp)
2689 struct rtable *ort = *rp;
2690 struct rtable *rt = (struct rtable *)
2691 dst_alloc(&ipv4_dst_blackhole_ops);
2694 struct dst_entry *new = &rt->u.dst;
2696 atomic_set(&new->__refcnt, 1);
2698 new->input = dst_discard;
2699 new->output = dst_discard;
2700 memcpy(new->metrics, ort->u.dst.metrics, RTAX_MAX*sizeof(u32));
2702 new->dev = ort->u.dst.dev;
2708 rt->idev = ort->idev;
2710 in_dev_hold(rt->idev);
2711 rt->rt_genid = rt_genid(net);
2712 rt->rt_flags = ort->rt_flags;
2713 rt->rt_type = ort->rt_type;
2714 rt->rt_dst = ort->rt_dst;
2715 rt->rt_src = ort->rt_src;
2716 rt->rt_iif = ort->rt_iif;
2717 rt->rt_gateway = ort->rt_gateway;
2718 rt->rt_spec_dst = ort->rt_spec_dst;
2719 rt->peer = ort->peer;
2721 atomic_inc(&rt->peer->refcnt);
2726 dst_release(&(*rp)->u.dst);
2728 return (rt ? 0 : -ENOMEM);
2731 int ip_route_output_flow(struct net *net, struct rtable **rp, struct flowi *flp,
2732 struct sock *sk, int flags)
2736 if ((err = __ip_route_output_key(net, rp, flp)) != 0)
2741 flp->fl4_src = (*rp)->rt_src;
2743 flp->fl4_dst = (*rp)->rt_dst;
2744 err = __xfrm_lookup(net, (struct dst_entry **)rp, flp, sk,
2745 flags ? XFRM_LOOKUP_WAIT : 0);
2746 if (err == -EREMOTE)
2747 err = ipv4_dst_blackhole(net, rp, flp);
2755 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2757 int ip_route_output_key(struct net *net, struct rtable **rp, struct flowi *flp)
2759 return ip_route_output_flow(net, rp, flp, NULL, 0);
2762 static int rt_fill_info(struct net *net,
2763 struct sk_buff *skb, u32 pid, u32 seq, int event,
2764 int nowait, unsigned int flags)
2766 struct rtable *rt = skb->rtable;
2768 struct nlmsghdr *nlh;
2770 u32 id = 0, ts = 0, tsage = 0, error;
2772 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2776 r = nlmsg_data(nlh);
2777 r->rtm_family = AF_INET;
2778 r->rtm_dst_len = 32;
2780 r->rtm_tos = rt->fl.fl4_tos;
2781 r->rtm_table = RT_TABLE_MAIN;
2782 NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN);
2783 r->rtm_type = rt->rt_type;
2784 r->rtm_scope = RT_SCOPE_UNIVERSE;
2785 r->rtm_protocol = RTPROT_UNSPEC;
2786 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2787 if (rt->rt_flags & RTCF_NOTIFY)
2788 r->rtm_flags |= RTM_F_NOTIFY;
2790 NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst);
2792 if (rt->fl.fl4_src) {
2793 r->rtm_src_len = 32;
2794 NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src);
2797 NLA_PUT_U32(skb, RTA_OIF, rt->u.dst.dev->ifindex);
2798 #ifdef CONFIG_NET_CLS_ROUTE
2799 if (rt->u.dst.tclassid)
2800 NLA_PUT_U32(skb, RTA_FLOW, rt->u.dst.tclassid);
2803 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst);
2804 else if (rt->rt_src != rt->fl.fl4_src)
2805 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src);
2807 if (rt->rt_dst != rt->rt_gateway)
2808 NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway);
2810 if (rtnetlink_put_metrics(skb, rt->u.dst.metrics) < 0)
2811 goto nla_put_failure;
2813 error = rt->u.dst.error;
2814 expires = rt->u.dst.expires ? rt->u.dst.expires - jiffies : 0;
2816 id = rt->peer->ip_id_count;
2817 if (rt->peer->tcp_ts_stamp) {
2818 ts = rt->peer->tcp_ts;
2819 tsage = get_seconds() - rt->peer->tcp_ts_stamp;
2824 #ifdef CONFIG_IP_MROUTE
2825 __be32 dst = rt->rt_dst;
2827 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2828 IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2829 int err = ipmr_get_route(net, skb, r, nowait);
2834 goto nla_put_failure;
2836 if (err == -EMSGSIZE)
2837 goto nla_put_failure;
2843 NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif);
2846 if (rtnl_put_cacheinfo(skb, &rt->u.dst, id, ts, tsage,
2847 expires, error) < 0)
2848 goto nla_put_failure;
2850 return nlmsg_end(skb, nlh);
2853 nlmsg_cancel(skb, nlh);
2857 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2859 struct net *net = sock_net(in_skb->sk);
2861 struct nlattr *tb[RTA_MAX+1];
2862 struct rtable *rt = NULL;
2867 struct sk_buff *skb;
2869 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2873 rtm = nlmsg_data(nlh);
2875 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2881 /* Reserve room for dummy headers, this skb can pass
2882 through good chunk of routing engine.
2884 skb_reset_mac_header(skb);
2885 skb_reset_network_header(skb);
2887 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2888 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2889 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2891 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2892 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2893 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2896 struct net_device *dev;
2898 dev = __dev_get_by_index(net, iif);
2904 skb->protocol = htons(ETH_P_IP);
2907 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2911 if (err == 0 && rt->u.dst.error)
2912 err = -rt->u.dst.error;
2919 .tos = rtm->rtm_tos,
2922 .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2924 err = ip_route_output_key(net, &rt, &fl);
2931 if (rtm->rtm_flags & RTM_F_NOTIFY)
2932 rt->rt_flags |= RTCF_NOTIFY;
2934 err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2935 RTM_NEWROUTE, 0, 0);
2939 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2948 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2955 net = sock_net(skb->sk);
2960 s_idx = idx = cb->args[1];
2961 for (h = s_h; h <= rt_hash_mask; h++, s_idx = 0) {
2962 if (!rt_hash_table[h].chain)
2965 for (rt = rcu_dereference(rt_hash_table[h].chain), idx = 0; rt;
2966 rt = rcu_dereference(rt->u.dst.rt_next), idx++) {
2967 if (!net_eq(dev_net(rt->u.dst.dev), net) || idx < s_idx)
2969 if (rt_is_expired(rt))
2971 skb->dst = dst_clone(&rt->u.dst);
2972 if (rt_fill_info(net, skb, NETLINK_CB(cb->skb).pid,
2973 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2974 1, NLM_F_MULTI) <= 0) {
2975 dst_release(xchg(&skb->dst, NULL));
2976 rcu_read_unlock_bh();
2979 dst_release(xchg(&skb->dst, NULL));
2981 rcu_read_unlock_bh();
2990 void ip_rt_multicast_event(struct in_device *in_dev)
2992 rt_cache_flush(dev_net(in_dev->dev), 0);
2995 #ifdef CONFIG_SYSCTL
2996 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
2997 struct file *filp, void __user *buffer,
2998 size_t *lenp, loff_t *ppos)
3005 memcpy(&ctl, __ctl, sizeof(ctl));
3006 ctl.data = &flush_delay;
3007 proc_dointvec(&ctl, write, filp, buffer, lenp, ppos);
3009 net = (struct net *)__ctl->extra1;
3010 rt_cache_flush(net, flush_delay);
3017 static int ipv4_sysctl_rtcache_flush_strategy(ctl_table *table,
3018 void __user *oldval,
3019 size_t __user *oldlenp,
3020 void __user *newval,
3025 if (newlen != sizeof(int))
3027 if (get_user(delay, (int __user *)newval))
3029 net = (struct net *)table->extra1;
3030 rt_cache_flush(net, delay);
3034 static void rt_secret_reschedule(int old)
3037 int new = ip_rt_secret_interval;
3038 int diff = new - old;
3045 int deleted = del_timer_sync(&net->ipv4.rt_secret_timer);
3051 long time = net->ipv4.rt_secret_timer.expires - jiffies;
3053 if (time <= 0 || (time += diff) <= 0)
3056 net->ipv4.rt_secret_timer.expires = time;
3058 net->ipv4.rt_secret_timer.expires = new;
3060 net->ipv4.rt_secret_timer.expires += jiffies;
3061 add_timer(&net->ipv4.rt_secret_timer);
3066 static int ipv4_sysctl_rt_secret_interval(ctl_table *ctl, int write,
3068 void __user *buffer, size_t *lenp,
3071 int old = ip_rt_secret_interval;
3072 int ret = proc_dointvec_jiffies(ctl, write, filp, buffer, lenp, ppos);
3074 rt_secret_reschedule(old);
3079 static int ipv4_sysctl_rt_secret_interval_strategy(ctl_table *table,
3080 void __user *oldval,
3081 size_t __user *oldlenp,
3082 void __user *newval,
3085 int old = ip_rt_secret_interval;
3086 int ret = sysctl_jiffies(table, oldval, oldlenp, newval, newlen);
3088 rt_secret_reschedule(old);
3093 static ctl_table ipv4_route_table[] = {
3095 .ctl_name = NET_IPV4_ROUTE_GC_THRESH,
3096 .procname = "gc_thresh",
3097 .data = &ipv4_dst_ops.gc_thresh,
3098 .maxlen = sizeof(int),
3100 .proc_handler = proc_dointvec,
3103 .ctl_name = NET_IPV4_ROUTE_MAX_SIZE,
3104 .procname = "max_size",
3105 .data = &ip_rt_max_size,
3106 .maxlen = sizeof(int),
3108 .proc_handler = proc_dointvec,
3111 /* Deprecated. Use gc_min_interval_ms */
3113 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL,
3114 .procname = "gc_min_interval",
3115 .data = &ip_rt_gc_min_interval,
3116 .maxlen = sizeof(int),
3118 .proc_handler = proc_dointvec_jiffies,
3119 .strategy = sysctl_jiffies,
3122 .ctl_name = NET_IPV4_ROUTE_GC_MIN_INTERVAL_MS,
3123 .procname = "gc_min_interval_ms",
3124 .data = &ip_rt_gc_min_interval,
3125 .maxlen = sizeof(int),
3127 .proc_handler = proc_dointvec_ms_jiffies,
3128 .strategy = sysctl_ms_jiffies,
3131 .ctl_name = NET_IPV4_ROUTE_GC_TIMEOUT,
3132 .procname = "gc_timeout",
3133 .data = &ip_rt_gc_timeout,
3134 .maxlen = sizeof(int),
3136 .proc_handler = proc_dointvec_jiffies,
3137 .strategy = sysctl_jiffies,
3140 .ctl_name = NET_IPV4_ROUTE_GC_INTERVAL,
3141 .procname = "gc_interval",
3142 .data = &ip_rt_gc_interval,
3143 .maxlen = sizeof(int),
3145 .proc_handler = proc_dointvec_jiffies,
3146 .strategy = sysctl_jiffies,
3149 .ctl_name = NET_IPV4_ROUTE_REDIRECT_LOAD,
3150 .procname = "redirect_load",
3151 .data = &ip_rt_redirect_load,
3152 .maxlen = sizeof(int),
3154 .proc_handler = proc_dointvec,
3157 .ctl_name = NET_IPV4_ROUTE_REDIRECT_NUMBER,
3158 .procname = "redirect_number",
3159 .data = &ip_rt_redirect_number,
3160 .maxlen = sizeof(int),
3162 .proc_handler = proc_dointvec,
3165 .ctl_name = NET_IPV4_ROUTE_REDIRECT_SILENCE,
3166 .procname = "redirect_silence",
3167 .data = &ip_rt_redirect_silence,
3168 .maxlen = sizeof(int),
3170 .proc_handler = proc_dointvec,
3173 .ctl_name = NET_IPV4_ROUTE_ERROR_COST,
3174 .procname = "error_cost",
3175 .data = &ip_rt_error_cost,
3176 .maxlen = sizeof(int),
3178 .proc_handler = proc_dointvec,
3181 .ctl_name = NET_IPV4_ROUTE_ERROR_BURST,
3182 .procname = "error_burst",
3183 .data = &ip_rt_error_burst,
3184 .maxlen = sizeof(int),
3186 .proc_handler = proc_dointvec,
3189 .ctl_name = NET_IPV4_ROUTE_GC_ELASTICITY,
3190 .procname = "gc_elasticity",
3191 .data = &ip_rt_gc_elasticity,
3192 .maxlen = sizeof(int),
3194 .proc_handler = proc_dointvec,
3197 .ctl_name = NET_IPV4_ROUTE_MTU_EXPIRES,
3198 .procname = "mtu_expires",
3199 .data = &ip_rt_mtu_expires,
3200 .maxlen = sizeof(int),
3202 .proc_handler = proc_dointvec_jiffies,
3203 .strategy = sysctl_jiffies,
3206 .ctl_name = NET_IPV4_ROUTE_MIN_PMTU,
3207 .procname = "min_pmtu",
3208 .data = &ip_rt_min_pmtu,
3209 .maxlen = sizeof(int),
3211 .proc_handler = proc_dointvec,
3214 .ctl_name = NET_IPV4_ROUTE_MIN_ADVMSS,
3215 .procname = "min_adv_mss",
3216 .data = &ip_rt_min_advmss,
3217 .maxlen = sizeof(int),
3219 .proc_handler = proc_dointvec,
3222 .ctl_name = NET_IPV4_ROUTE_SECRET_INTERVAL,
3223 .procname = "secret_interval",
3224 .data = &ip_rt_secret_interval,
3225 .maxlen = sizeof(int),
3227 .proc_handler = ipv4_sysctl_rt_secret_interval,
3228 .strategy = ipv4_sysctl_rt_secret_interval_strategy,
3233 static struct ctl_table empty[1];
3235 static struct ctl_table ipv4_skeleton[] =
3237 { .procname = "route", .ctl_name = NET_IPV4_ROUTE,
3238 .mode = 0555, .child = ipv4_route_table},
3239 { .procname = "neigh", .ctl_name = NET_IPV4_NEIGH,
3240 .mode = 0555, .child = empty},
3244 static __net_initdata struct ctl_path ipv4_path[] = {
3245 { .procname = "net", .ctl_name = CTL_NET, },
3246 { .procname = "ipv4", .ctl_name = NET_IPV4, },
3250 static struct ctl_table ipv4_route_flush_table[] = {
3252 .ctl_name = NET_IPV4_ROUTE_FLUSH,
3253 .procname = "flush",
3254 .maxlen = sizeof(int),
3256 .proc_handler = ipv4_sysctl_rtcache_flush,
3257 .strategy = ipv4_sysctl_rtcache_flush_strategy,
3262 static __net_initdata struct ctl_path ipv4_route_path[] = {
3263 { .procname = "net", .ctl_name = CTL_NET, },
3264 { .procname = "ipv4", .ctl_name = NET_IPV4, },
3265 { .procname = "route", .ctl_name = NET_IPV4_ROUTE, },
3269 static __net_init int sysctl_route_net_init(struct net *net)
3271 struct ctl_table *tbl;
3273 tbl = ipv4_route_flush_table;
3274 if (net != &init_net) {
3275 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
3279 tbl[0].extra1 = net;
3281 net->ipv4.route_hdr =
3282 register_net_sysctl_table(net, ipv4_route_path, tbl);
3283 if (net->ipv4.route_hdr == NULL)
3288 if (tbl != ipv4_route_flush_table)
3294 static __net_exit void sysctl_route_net_exit(struct net *net)
3296 struct ctl_table *tbl;
3298 tbl = net->ipv4.route_hdr->ctl_table_arg;
3299 unregister_net_sysctl_table(net->ipv4.route_hdr);
3300 BUG_ON(tbl == ipv4_route_flush_table);
3304 static __net_initdata struct pernet_operations sysctl_route_ops = {
3305 .init = sysctl_route_net_init,
3306 .exit = sysctl_route_net_exit,
3311 static __net_init int rt_secret_timer_init(struct net *net)
3313 atomic_set(&net->ipv4.rt_genid,
3314 (int) ((num_physpages ^ (num_physpages>>8)) ^
3315 (jiffies ^ (jiffies >> 7))));
3317 net->ipv4.rt_secret_timer.function = rt_secret_rebuild;
3318 net->ipv4.rt_secret_timer.data = (unsigned long)net;
3319 init_timer_deferrable(&net->ipv4.rt_secret_timer);
3321 if (ip_rt_secret_interval) {
3322 net->ipv4.rt_secret_timer.expires =
3323 jiffies + net_random() % ip_rt_secret_interval +
3324 ip_rt_secret_interval;
3325 add_timer(&net->ipv4.rt_secret_timer);
3330 static __net_exit void rt_secret_timer_exit(struct net *net)
3332 del_timer_sync(&net->ipv4.rt_secret_timer);
3335 static __net_initdata struct pernet_operations rt_secret_timer_ops = {
3336 .init = rt_secret_timer_init,
3337 .exit = rt_secret_timer_exit,
3341 #ifdef CONFIG_NET_CLS_ROUTE
3342 struct ip_rt_acct *ip_rt_acct __read_mostly;
3343 #endif /* CONFIG_NET_CLS_ROUTE */
3345 static __initdata unsigned long rhash_entries;
3346 static int __init set_rhash_entries(char *str)
3350 rhash_entries = simple_strtoul(str, &str, 0);
3353 __setup("rhash_entries=", set_rhash_entries);
3355 int __init ip_rt_init(void)
3359 #ifdef CONFIG_NET_CLS_ROUTE
3360 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
3362 panic("IP: failed to allocate ip_rt_acct\n");
3365 ipv4_dst_ops.kmem_cachep =
3366 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
3367 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
3369 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
3371 rt_hash_table = (struct rt_hash_bucket *)
3372 alloc_large_system_hash("IP route cache",
3373 sizeof(struct rt_hash_bucket),
3375 (num_physpages >= 128 * 1024) ?
3380 rhash_entries ? 0 : 512 * 1024);
3381 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
3382 rt_hash_lock_init();
3384 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
3385 ip_rt_max_size = (rt_hash_mask + 1) * 16;
3390 /* All the timers, started at system startup tend
3391 to synchronize. Perturb it a bit.
3393 schedule_delayed_work(&expires_work,
3394 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3396 if (register_pernet_subsys(&rt_secret_timer_ops))
3397 printk(KERN_ERR "Unable to setup rt_secret_timer\n");
3399 if (ip_rt_proc_init())
3400 printk(KERN_ERR "Unable to create route proc files\n");
3405 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3407 #ifdef CONFIG_SYSCTL
3408 register_pernet_subsys(&sysctl_route_ops);
3413 #ifdef CONFIG_SYSCTL
3415 * We really need to sanitize the damn ipv4 init order, then all
3416 * this nonsense will go away.
3418 void __init ip_static_sysctl_init(void)
3420 register_sysctl_paths(ipv4_path, ipv4_skeleton);
3424 EXPORT_SYMBOL(__ip_select_ident);
3425 EXPORT_SYMBOL(ip_route_input);
3426 EXPORT_SYMBOL(ip_route_output_key);