ipv4: Enforce max MTU metric at route insertion time.
[linux-3.10.git] / net / ipv4 / route.c
1 /*
2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
3  *              operating system.  INET is implemented using the  BSD Socket
4  *              interface as the means of communication with the user level.
5  *
6  *              ROUTE - implementation of the IP router.
7  *
8  * Authors:     Ross Biro
9  *              Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10  *              Alan Cox, <gw4pts@gw4pts.ampr.org>
11  *              Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12  *              Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
13  *
14  * Fixes:
15  *              Alan Cox        :       Verify area fixes.
16  *              Alan Cox        :       cli() protects routing changes
17  *              Rui Oliveira    :       ICMP routing table updates
18  *              (rco@di.uminho.pt)      Routing table insertion and update
19  *              Linus Torvalds  :       Rewrote bits to be sensible
20  *              Alan Cox        :       Added BSD route gw semantics
21  *              Alan Cox        :       Super /proc >4K
22  *              Alan Cox        :       MTU in route table
23  *              Alan Cox        :       MSS actually. Also added the window
24  *                                      clamper.
25  *              Sam Lantinga    :       Fixed route matching in rt_del()
26  *              Alan Cox        :       Routing cache support.
27  *              Alan Cox        :       Removed compatibility cruft.
28  *              Alan Cox        :       RTF_REJECT support.
29  *              Alan Cox        :       TCP irtt support.
30  *              Jonathan Naylor :       Added Metric support.
31  *      Miquel van Smoorenburg  :       BSD API fixes.
32  *      Miquel van Smoorenburg  :       Metrics.
33  *              Alan Cox        :       Use __u32 properly
34  *              Alan Cox        :       Aligned routing errors more closely with BSD
35  *                                      our system is still very different.
36  *              Alan Cox        :       Faster /proc handling
37  *      Alexey Kuznetsov        :       Massive rework to support tree based routing,
38  *                                      routing caches and better behaviour.
39  *
40  *              Olaf Erb        :       irtt wasn't being copied right.
41  *              Bjorn Ekwall    :       Kerneld route support.
42  *              Alan Cox        :       Multicast fixed (I hope)
43  *              Pavel Krauz     :       Limited broadcast fixed
44  *              Mike McLagan    :       Routing by source
45  *      Alexey Kuznetsov        :       End of old history. Split to fib.c and
46  *                                      route.c and rewritten from scratch.
47  *              Andi Kleen      :       Load-limit warning messages.
48  *      Vitaly E. Lavrov        :       Transparent proxy revived after year coma.
49  *      Vitaly E. Lavrov        :       Race condition in ip_route_input_slow.
50  *      Tobias Ringstrom        :       Uninitialized res.type in ip_route_output_slow.
51  *      Vladimir V. Ivanov      :       IP rule info (flowid) is really useful.
52  *              Marc Boucher    :       routing by fwmark
53  *      Robert Olsson           :       Added rt_cache statistics
54  *      Arnaldo C. Melo         :       Convert proc stuff to seq_file
55  *      Eric Dumazet            :       hashed spinlocks and rt_check_expire() fixes.
56  *      Ilia Sotnikov           :       Ignore TOS on PMTUD and Redirect
57  *      Ilia Sotnikov           :       Removed TOS from hash calculations
58  *
59  *              This program is free software; you can redistribute it and/or
60  *              modify it under the terms of the GNU General Public License
61  *              as published by the Free Software Foundation; either version
62  *              2 of the License, or (at your option) any later version.
63  */
64
65 #define pr_fmt(fmt) "IPv4: " fmt
66
67 #include <linux/module.h>
68 #include <asm/uaccess.h>
69 #include <linux/bitops.h>
70 #include <linux/types.h>
71 #include <linux/kernel.h>
72 #include <linux/mm.h>
73 #include <linux/bootmem.h>
74 #include <linux/string.h>
75 #include <linux/socket.h>
76 #include <linux/sockios.h>
77 #include <linux/errno.h>
78 #include <linux/in.h>
79 #include <linux/inet.h>
80 #include <linux/netdevice.h>
81 #include <linux/proc_fs.h>
82 #include <linux/init.h>
83 #include <linux/workqueue.h>
84 #include <linux/skbuff.h>
85 #include <linux/inetdevice.h>
86 #include <linux/igmp.h>
87 #include <linux/pkt_sched.h>
88 #include <linux/mroute.h>
89 #include <linux/netfilter_ipv4.h>
90 #include <linux/random.h>
91 #include <linux/jhash.h>
92 #include <linux/rcupdate.h>
93 #include <linux/times.h>
94 #include <linux/slab.h>
95 #include <linux/prefetch.h>
96 #include <net/dst.h>
97 #include <net/net_namespace.h>
98 #include <net/protocol.h>
99 #include <net/ip.h>
100 #include <net/route.h>
101 #include <net/inetpeer.h>
102 #include <net/sock.h>
103 #include <net/ip_fib.h>
104 #include <net/arp.h>
105 #include <net/tcp.h>
106 #include <net/icmp.h>
107 #include <net/xfrm.h>
108 #include <net/netevent.h>
109 #include <net/rtnetlink.h>
110 #ifdef CONFIG_SYSCTL
111 #include <linux/sysctl.h>
112 #include <linux/kmemleak.h>
113 #endif
114 #include <net/secure_seq.h>
115
116 #define RT_FL_TOS(oldflp4) \
117         ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK))
118
119 #define IP_MAX_MTU      0xFFF0
120
121 #define RT_GC_TIMEOUT (300*HZ)
122
123 static int ip_rt_max_size;
124 static int ip_rt_gc_timeout __read_mostly       = RT_GC_TIMEOUT;
125 static int ip_rt_gc_interval __read_mostly  = 60 * HZ;
126 static int ip_rt_gc_min_interval __read_mostly  = HZ / 2;
127 static int ip_rt_redirect_number __read_mostly  = 9;
128 static int ip_rt_redirect_load __read_mostly    = HZ / 50;
129 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
130 static int ip_rt_error_cost __read_mostly       = HZ;
131 static int ip_rt_error_burst __read_mostly      = 5 * HZ;
132 static int ip_rt_gc_elasticity __read_mostly    = 8;
133 static int ip_rt_mtu_expires __read_mostly      = 10 * 60 * HZ;
134 static int ip_rt_min_pmtu __read_mostly         = 512 + 20 + 20;
135 static int ip_rt_min_advmss __read_mostly       = 256;
136 static int rt_chain_length_max __read_mostly    = 20;
137
138 static struct delayed_work expires_work;
139 static unsigned long expires_ljiffies;
140
141 /*
142  *      Interface to generic destination cache.
143  */
144
145 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
146 static unsigned int      ipv4_default_advmss(const struct dst_entry *dst);
147 static unsigned int      ipv4_mtu(const struct dst_entry *dst);
148 static void              ipv4_dst_destroy(struct dst_entry *dst);
149 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
150 static void              ipv4_link_failure(struct sk_buff *skb);
151 static void              ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
152 static int rt_garbage_collect(struct dst_ops *ops);
153
154 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
155                             int how)
156 {
157 }
158
159 static u32 *ipv4_cow_metrics(struct dst_entry *dst, unsigned long old)
160 {
161         struct rtable *rt = (struct rtable *) dst;
162         struct inet_peer *peer;
163         u32 *p = NULL;
164
165         peer = rt_get_peer_create(rt, rt->rt_dst);
166         if (peer) {
167                 u32 *old_p = __DST_METRICS_PTR(old);
168                 unsigned long prev, new;
169
170                 p = peer->metrics;
171                 if (inet_metrics_new(peer))
172                         memcpy(p, old_p, sizeof(u32) * RTAX_MAX);
173
174                 new = (unsigned long) p;
175                 prev = cmpxchg(&dst->_metrics, old, new);
176
177                 if (prev != old) {
178                         p = __DST_METRICS_PTR(prev);
179                         if (prev & DST_METRICS_READ_ONLY)
180                                 p = NULL;
181                 } else {
182                         if (rt->fi) {
183                                 fib_info_put(rt->fi);
184                                 rt->fi = NULL;
185                         }
186                 }
187         }
188         return p;
189 }
190
191 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
192                                            struct sk_buff *skb,
193                                            const void *daddr);
194
195 static struct dst_ops ipv4_dst_ops = {
196         .family =               AF_INET,
197         .protocol =             cpu_to_be16(ETH_P_IP),
198         .gc =                   rt_garbage_collect,
199         .check =                ipv4_dst_check,
200         .default_advmss =       ipv4_default_advmss,
201         .mtu =                  ipv4_mtu,
202         .cow_metrics =          ipv4_cow_metrics,
203         .destroy =              ipv4_dst_destroy,
204         .ifdown =               ipv4_dst_ifdown,
205         .negative_advice =      ipv4_negative_advice,
206         .link_failure =         ipv4_link_failure,
207         .update_pmtu =          ip_rt_update_pmtu,
208         .local_out =            __ip_local_out,
209         .neigh_lookup =         ipv4_neigh_lookup,
210 };
211
212 #define ECN_OR_COST(class)      TC_PRIO_##class
213
214 const __u8 ip_tos2prio[16] = {
215         TC_PRIO_BESTEFFORT,
216         ECN_OR_COST(BESTEFFORT),
217         TC_PRIO_BESTEFFORT,
218         ECN_OR_COST(BESTEFFORT),
219         TC_PRIO_BULK,
220         ECN_OR_COST(BULK),
221         TC_PRIO_BULK,
222         ECN_OR_COST(BULK),
223         TC_PRIO_INTERACTIVE,
224         ECN_OR_COST(INTERACTIVE),
225         TC_PRIO_INTERACTIVE,
226         ECN_OR_COST(INTERACTIVE),
227         TC_PRIO_INTERACTIVE_BULK,
228         ECN_OR_COST(INTERACTIVE_BULK),
229         TC_PRIO_INTERACTIVE_BULK,
230         ECN_OR_COST(INTERACTIVE_BULK)
231 };
232 EXPORT_SYMBOL(ip_tos2prio);
233
234 /*
235  * Route cache.
236  */
237
238 /* The locking scheme is rather straight forward:
239  *
240  * 1) Read-Copy Update protects the buckets of the central route hash.
241  * 2) Only writers remove entries, and they hold the lock
242  *    as they look at rtable reference counts.
243  * 3) Only readers acquire references to rtable entries,
244  *    they do so with atomic increments and with the
245  *    lock held.
246  */
247
248 struct rt_hash_bucket {
249         struct rtable __rcu     *chain;
250 };
251
252 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
253         defined(CONFIG_PROVE_LOCKING)
254 /*
255  * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
256  * The size of this table is a power of two and depends on the number of CPUS.
257  * (on lockdep we have a quite big spinlock_t, so keep the size down there)
258  */
259 #ifdef CONFIG_LOCKDEP
260 # define RT_HASH_LOCK_SZ        256
261 #else
262 # if NR_CPUS >= 32
263 #  define RT_HASH_LOCK_SZ       4096
264 # elif NR_CPUS >= 16
265 #  define RT_HASH_LOCK_SZ       2048
266 # elif NR_CPUS >= 8
267 #  define RT_HASH_LOCK_SZ       1024
268 # elif NR_CPUS >= 4
269 #  define RT_HASH_LOCK_SZ       512
270 # else
271 #  define RT_HASH_LOCK_SZ       256
272 # endif
273 #endif
274
275 static spinlock_t       *rt_hash_locks;
276 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
277
278 static __init void rt_hash_lock_init(void)
279 {
280         int i;
281
282         rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ,
283                         GFP_KERNEL);
284         if (!rt_hash_locks)
285                 panic("IP: failed to allocate rt_hash_locks\n");
286
287         for (i = 0; i < RT_HASH_LOCK_SZ; i++)
288                 spin_lock_init(&rt_hash_locks[i]);
289 }
290 #else
291 # define rt_hash_lock_addr(slot) NULL
292
293 static inline void rt_hash_lock_init(void)
294 {
295 }
296 #endif
297
298 static struct rt_hash_bucket    *rt_hash_table __read_mostly;
299 static unsigned int             rt_hash_mask __read_mostly;
300 static unsigned int             rt_hash_log  __read_mostly;
301
302 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
303 #define RT_CACHE_STAT_INC(field) __this_cpu_inc(rt_cache_stat.field)
304
305 static inline unsigned int rt_hash(__be32 daddr, __be32 saddr, int idx,
306                                    int genid)
307 {
308         return jhash_3words((__force u32)daddr, (__force u32)saddr,
309                             idx, genid)
310                 & rt_hash_mask;
311 }
312
313 static inline int rt_genid(struct net *net)
314 {
315         return atomic_read(&net->ipv4.rt_genid);
316 }
317
318 #ifdef CONFIG_PROC_FS
319 struct rt_cache_iter_state {
320         struct seq_net_private p;
321         int bucket;
322         int genid;
323 };
324
325 static struct rtable *rt_cache_get_first(struct seq_file *seq)
326 {
327         struct rt_cache_iter_state *st = seq->private;
328         struct rtable *r = NULL;
329
330         for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
331                 if (!rcu_access_pointer(rt_hash_table[st->bucket].chain))
332                         continue;
333                 rcu_read_lock_bh();
334                 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
335                 while (r) {
336                         if (dev_net(r->dst.dev) == seq_file_net(seq) &&
337                             r->rt_genid == st->genid)
338                                 return r;
339                         r = rcu_dereference_bh(r->dst.rt_next);
340                 }
341                 rcu_read_unlock_bh();
342         }
343         return r;
344 }
345
346 static struct rtable *__rt_cache_get_next(struct seq_file *seq,
347                                           struct rtable *r)
348 {
349         struct rt_cache_iter_state *st = seq->private;
350
351         r = rcu_dereference_bh(r->dst.rt_next);
352         while (!r) {
353                 rcu_read_unlock_bh();
354                 do {
355                         if (--st->bucket < 0)
356                                 return NULL;
357                 } while (!rcu_access_pointer(rt_hash_table[st->bucket].chain));
358                 rcu_read_lock_bh();
359                 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
360         }
361         return r;
362 }
363
364 static struct rtable *rt_cache_get_next(struct seq_file *seq,
365                                         struct rtable *r)
366 {
367         struct rt_cache_iter_state *st = seq->private;
368         while ((r = __rt_cache_get_next(seq, r)) != NULL) {
369                 if (dev_net(r->dst.dev) != seq_file_net(seq))
370                         continue;
371                 if (r->rt_genid == st->genid)
372                         break;
373         }
374         return r;
375 }
376
377 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
378 {
379         struct rtable *r = rt_cache_get_first(seq);
380
381         if (r)
382                 while (pos && (r = rt_cache_get_next(seq, r)))
383                         --pos;
384         return pos ? NULL : r;
385 }
386
387 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
388 {
389         struct rt_cache_iter_state *st = seq->private;
390         if (*pos)
391                 return rt_cache_get_idx(seq, *pos - 1);
392         st->genid = rt_genid(seq_file_net(seq));
393         return SEQ_START_TOKEN;
394 }
395
396 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
397 {
398         struct rtable *r;
399
400         if (v == SEQ_START_TOKEN)
401                 r = rt_cache_get_first(seq);
402         else
403                 r = rt_cache_get_next(seq, v);
404         ++*pos;
405         return r;
406 }
407
408 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
409 {
410         if (v && v != SEQ_START_TOKEN)
411                 rcu_read_unlock_bh();
412 }
413
414 static int rt_cache_seq_show(struct seq_file *seq, void *v)
415 {
416         if (v == SEQ_START_TOKEN)
417                 seq_printf(seq, "%-127s\n",
418                            "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
419                            "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
420                            "HHUptod\tSpecDst");
421         else {
422                 struct rtable *r = v;
423                 int len;
424
425                 seq_printf(seq, "%s\t%08X\t%08X\t%8X\t%d\t%u\t%d\t"
426                            "%08X\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X%n",
427                            r->dst.dev ? r->dst.dev->name : "*",
428                            (__force u32)r->rt_dst,
429                            (__force u32)r->rt_gateway,
430                            r->rt_flags, atomic_read(&r->dst.__refcnt),
431                            r->dst.__use, 0, (__force u32)r->rt_src,
432                            dst_metric_advmss(&r->dst) + 40,
433                            dst_metric(&r->dst, RTAX_WINDOW), 0,
434                            r->rt_key_tos,
435                            -1, 0, 0, &len);
436
437                 seq_printf(seq, "%*s\n", 127 - len, "");
438         }
439         return 0;
440 }
441
442 static const struct seq_operations rt_cache_seq_ops = {
443         .start  = rt_cache_seq_start,
444         .next   = rt_cache_seq_next,
445         .stop   = rt_cache_seq_stop,
446         .show   = rt_cache_seq_show,
447 };
448
449 static int rt_cache_seq_open(struct inode *inode, struct file *file)
450 {
451         return seq_open_net(inode, file, &rt_cache_seq_ops,
452                         sizeof(struct rt_cache_iter_state));
453 }
454
455 static const struct file_operations rt_cache_seq_fops = {
456         .owner   = THIS_MODULE,
457         .open    = rt_cache_seq_open,
458         .read    = seq_read,
459         .llseek  = seq_lseek,
460         .release = seq_release_net,
461 };
462
463
464 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
465 {
466         int cpu;
467
468         if (*pos == 0)
469                 return SEQ_START_TOKEN;
470
471         for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
472                 if (!cpu_possible(cpu))
473                         continue;
474                 *pos = cpu+1;
475                 return &per_cpu(rt_cache_stat, cpu);
476         }
477         return NULL;
478 }
479
480 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
481 {
482         int cpu;
483
484         for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
485                 if (!cpu_possible(cpu))
486                         continue;
487                 *pos = cpu+1;
488                 return &per_cpu(rt_cache_stat, cpu);
489         }
490         return NULL;
491
492 }
493
494 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
495 {
496
497 }
498
499 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
500 {
501         struct rt_cache_stat *st = v;
502
503         if (v == SEQ_START_TOKEN) {
504                 seq_printf(seq, "entries  in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src  out_hit out_slow_tot out_slow_mc  gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
505                 return 0;
506         }
507
508         seq_printf(seq,"%08x  %08x %08x %08x %08x %08x %08x %08x "
509                    " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
510                    dst_entries_get_slow(&ipv4_dst_ops),
511                    st->in_hit,
512                    st->in_slow_tot,
513                    st->in_slow_mc,
514                    st->in_no_route,
515                    st->in_brd,
516                    st->in_martian_dst,
517                    st->in_martian_src,
518
519                    st->out_hit,
520                    st->out_slow_tot,
521                    st->out_slow_mc,
522
523                    st->gc_total,
524                    st->gc_ignored,
525                    st->gc_goal_miss,
526                    st->gc_dst_overflow,
527                    st->in_hlist_search,
528                    st->out_hlist_search
529                 );
530         return 0;
531 }
532
533 static const struct seq_operations rt_cpu_seq_ops = {
534         .start  = rt_cpu_seq_start,
535         .next   = rt_cpu_seq_next,
536         .stop   = rt_cpu_seq_stop,
537         .show   = rt_cpu_seq_show,
538 };
539
540
541 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
542 {
543         return seq_open(file, &rt_cpu_seq_ops);
544 }
545
546 static const struct file_operations rt_cpu_seq_fops = {
547         .owner   = THIS_MODULE,
548         .open    = rt_cpu_seq_open,
549         .read    = seq_read,
550         .llseek  = seq_lseek,
551         .release = seq_release,
552 };
553
554 #ifdef CONFIG_IP_ROUTE_CLASSID
555 static int rt_acct_proc_show(struct seq_file *m, void *v)
556 {
557         struct ip_rt_acct *dst, *src;
558         unsigned int i, j;
559
560         dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
561         if (!dst)
562                 return -ENOMEM;
563
564         for_each_possible_cpu(i) {
565                 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
566                 for (j = 0; j < 256; j++) {
567                         dst[j].o_bytes   += src[j].o_bytes;
568                         dst[j].o_packets += src[j].o_packets;
569                         dst[j].i_bytes   += src[j].i_bytes;
570                         dst[j].i_packets += src[j].i_packets;
571                 }
572         }
573
574         seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
575         kfree(dst);
576         return 0;
577 }
578
579 static int rt_acct_proc_open(struct inode *inode, struct file *file)
580 {
581         return single_open(file, rt_acct_proc_show, NULL);
582 }
583
584 static const struct file_operations rt_acct_proc_fops = {
585         .owner          = THIS_MODULE,
586         .open           = rt_acct_proc_open,
587         .read           = seq_read,
588         .llseek         = seq_lseek,
589         .release        = single_release,
590 };
591 #endif
592
593 static int __net_init ip_rt_do_proc_init(struct net *net)
594 {
595         struct proc_dir_entry *pde;
596
597         pde = proc_net_fops_create(net, "rt_cache", S_IRUGO,
598                         &rt_cache_seq_fops);
599         if (!pde)
600                 goto err1;
601
602         pde = proc_create("rt_cache", S_IRUGO,
603                           net->proc_net_stat, &rt_cpu_seq_fops);
604         if (!pde)
605                 goto err2;
606
607 #ifdef CONFIG_IP_ROUTE_CLASSID
608         pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
609         if (!pde)
610                 goto err3;
611 #endif
612         return 0;
613
614 #ifdef CONFIG_IP_ROUTE_CLASSID
615 err3:
616         remove_proc_entry("rt_cache", net->proc_net_stat);
617 #endif
618 err2:
619         remove_proc_entry("rt_cache", net->proc_net);
620 err1:
621         return -ENOMEM;
622 }
623
624 static void __net_exit ip_rt_do_proc_exit(struct net *net)
625 {
626         remove_proc_entry("rt_cache", net->proc_net_stat);
627         remove_proc_entry("rt_cache", net->proc_net);
628 #ifdef CONFIG_IP_ROUTE_CLASSID
629         remove_proc_entry("rt_acct", net->proc_net);
630 #endif
631 }
632
633 static struct pernet_operations ip_rt_proc_ops __net_initdata =  {
634         .init = ip_rt_do_proc_init,
635         .exit = ip_rt_do_proc_exit,
636 };
637
638 static int __init ip_rt_proc_init(void)
639 {
640         return register_pernet_subsys(&ip_rt_proc_ops);
641 }
642
643 #else
644 static inline int ip_rt_proc_init(void)
645 {
646         return 0;
647 }
648 #endif /* CONFIG_PROC_FS */
649
650 static inline void rt_free(struct rtable *rt)
651 {
652         call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
653 }
654
655 static inline void rt_drop(struct rtable *rt)
656 {
657         ip_rt_put(rt);
658         call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
659 }
660
661 static inline int rt_fast_clean(struct rtable *rth)
662 {
663         /* Kill broadcast/multicast entries very aggresively, if they
664            collide in hash table with more useful entries */
665         return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
666                 rt_is_input_route(rth) && rth->dst.rt_next;
667 }
668
669 static inline int rt_valuable(struct rtable *rth)
670 {
671         return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
672                 rth->dst.expires;
673 }
674
675 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
676 {
677         unsigned long age;
678         int ret = 0;
679
680         if (atomic_read(&rth->dst.__refcnt))
681                 goto out;
682
683         age = jiffies - rth->dst.lastuse;
684         if ((age <= tmo1 && !rt_fast_clean(rth)) ||
685             (age <= tmo2 && rt_valuable(rth)))
686                 goto out;
687         ret = 1;
688 out:    return ret;
689 }
690
691 /* Bits of score are:
692  * 31: very valuable
693  * 30: not quite useless
694  * 29..0: usage counter
695  */
696 static inline u32 rt_score(struct rtable *rt)
697 {
698         u32 score = jiffies - rt->dst.lastuse;
699
700         score = ~score & ~(3<<30);
701
702         if (rt_valuable(rt))
703                 score |= (1<<31);
704
705         if (rt_is_output_route(rt) ||
706             !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
707                 score |= (1<<30);
708
709         return score;
710 }
711
712 static inline bool rt_caching(const struct net *net)
713 {
714         return net->ipv4.current_rt_cache_rebuild_count <=
715                 net->ipv4.sysctl_rt_cache_rebuild_count;
716 }
717
718 static inline bool compare_hash_inputs(const struct rtable *rt1,
719                                        const struct rtable *rt2)
720 {
721         return ((((__force u32)rt1->rt_key_dst ^ (__force u32)rt2->rt_key_dst) |
722                 ((__force u32)rt1->rt_key_src ^ (__force u32)rt2->rt_key_src) |
723                 (rt1->rt_route_iif ^ rt2->rt_route_iif)) == 0);
724 }
725
726 static inline int compare_keys(struct rtable *rt1, struct rtable *rt2)
727 {
728         return (((__force u32)rt1->rt_key_dst ^ (__force u32)rt2->rt_key_dst) |
729                 ((__force u32)rt1->rt_key_src ^ (__force u32)rt2->rt_key_src) |
730                 (rt1->rt_mark ^ rt2->rt_mark) |
731                 (rt1->rt_key_tos ^ rt2->rt_key_tos) |
732                 (rt1->rt_route_iif ^ rt2->rt_route_iif) |
733                 (rt1->rt_oif ^ rt2->rt_oif)) == 0;
734 }
735
736 static inline int compare_netns(struct rtable *rt1, struct rtable *rt2)
737 {
738         return net_eq(dev_net(rt1->dst.dev), dev_net(rt2->dst.dev));
739 }
740
741 static inline int rt_is_expired(struct rtable *rth)
742 {
743         return rth->rt_genid != rt_genid(dev_net(rth->dst.dev));
744 }
745
746 /*
747  * Perform a full scan of hash table and free all entries.
748  * Can be called by a softirq or a process.
749  * In the later case, we want to be reschedule if necessary
750  */
751 static void rt_do_flush(struct net *net, int process_context)
752 {
753         unsigned int i;
754         struct rtable *rth, *next;
755
756         for (i = 0; i <= rt_hash_mask; i++) {
757                 struct rtable __rcu **pprev;
758                 struct rtable *list;
759
760                 if (process_context && need_resched())
761                         cond_resched();
762                 rth = rcu_access_pointer(rt_hash_table[i].chain);
763                 if (!rth)
764                         continue;
765
766                 spin_lock_bh(rt_hash_lock_addr(i));
767
768                 list = NULL;
769                 pprev = &rt_hash_table[i].chain;
770                 rth = rcu_dereference_protected(*pprev,
771                         lockdep_is_held(rt_hash_lock_addr(i)));
772
773                 while (rth) {
774                         next = rcu_dereference_protected(rth->dst.rt_next,
775                                 lockdep_is_held(rt_hash_lock_addr(i)));
776
777                         if (!net ||
778                             net_eq(dev_net(rth->dst.dev), net)) {
779                                 rcu_assign_pointer(*pprev, next);
780                                 rcu_assign_pointer(rth->dst.rt_next, list);
781                                 list = rth;
782                         } else {
783                                 pprev = &rth->dst.rt_next;
784                         }
785                         rth = next;
786                 }
787
788                 spin_unlock_bh(rt_hash_lock_addr(i));
789
790                 for (; list; list = next) {
791                         next = rcu_dereference_protected(list->dst.rt_next, 1);
792                         rt_free(list);
793                 }
794         }
795 }
796
797 /*
798  * While freeing expired entries, we compute average chain length
799  * and standard deviation, using fixed-point arithmetic.
800  * This to have an estimation of rt_chain_length_max
801  *  rt_chain_length_max = max(elasticity, AVG + 4*SD)
802  * We use 3 bits for frational part, and 29 (or 61) for magnitude.
803  */
804
805 #define FRACT_BITS 3
806 #define ONE (1UL << FRACT_BITS)
807
808 /*
809  * Given a hash chain and an item in this hash chain,
810  * find if a previous entry has the same hash_inputs
811  * (but differs on tos, mark or oif)
812  * Returns 0 if an alias is found.
813  * Returns ONE if rth has no alias before itself.
814  */
815 static int has_noalias(const struct rtable *head, const struct rtable *rth)
816 {
817         const struct rtable *aux = head;
818
819         while (aux != rth) {
820                 if (compare_hash_inputs(aux, rth))
821                         return 0;
822                 aux = rcu_dereference_protected(aux->dst.rt_next, 1);
823         }
824         return ONE;
825 }
826
827 static void rt_check_expire(void)
828 {
829         static unsigned int rover;
830         unsigned int i = rover, goal;
831         struct rtable *rth;
832         struct rtable __rcu **rthp;
833         unsigned long samples = 0;
834         unsigned long sum = 0, sum2 = 0;
835         unsigned long delta;
836         u64 mult;
837
838         delta = jiffies - expires_ljiffies;
839         expires_ljiffies = jiffies;
840         mult = ((u64)delta) << rt_hash_log;
841         if (ip_rt_gc_timeout > 1)
842                 do_div(mult, ip_rt_gc_timeout);
843         goal = (unsigned int)mult;
844         if (goal > rt_hash_mask)
845                 goal = rt_hash_mask + 1;
846         for (; goal > 0; goal--) {
847                 unsigned long tmo = ip_rt_gc_timeout;
848                 unsigned long length;
849
850                 i = (i + 1) & rt_hash_mask;
851                 rthp = &rt_hash_table[i].chain;
852
853                 if (need_resched())
854                         cond_resched();
855
856                 samples++;
857
858                 if (rcu_dereference_raw(*rthp) == NULL)
859                         continue;
860                 length = 0;
861                 spin_lock_bh(rt_hash_lock_addr(i));
862                 while ((rth = rcu_dereference_protected(*rthp,
863                                         lockdep_is_held(rt_hash_lock_addr(i)))) != NULL) {
864                         prefetch(rth->dst.rt_next);
865                         if (rt_is_expired(rth) ||
866                             rt_may_expire(rth, tmo, ip_rt_gc_timeout)) {
867                                 *rthp = rth->dst.rt_next;
868                                 rt_free(rth);
869                                 continue;
870                         }
871
872                         /* We only count entries on a chain with equal
873                          * hash inputs once so that entries for
874                          * different QOS levels, and other non-hash
875                          * input attributes don't unfairly skew the
876                          * length computation
877                          */
878                         tmo >>= 1;
879                         rthp = &rth->dst.rt_next;
880                         length += has_noalias(rt_hash_table[i].chain, rth);
881                 }
882                 spin_unlock_bh(rt_hash_lock_addr(i));
883                 sum += length;
884                 sum2 += length*length;
885         }
886         if (samples) {
887                 unsigned long avg = sum / samples;
888                 unsigned long sd = int_sqrt(sum2 / samples - avg*avg);
889                 rt_chain_length_max = max_t(unsigned long,
890                                         ip_rt_gc_elasticity,
891                                         (avg + 4*sd) >> FRACT_BITS);
892         }
893         rover = i;
894 }
895
896 /*
897  * rt_worker_func() is run in process context.
898  * we call rt_check_expire() to scan part of the hash table
899  */
900 static void rt_worker_func(struct work_struct *work)
901 {
902         rt_check_expire();
903         schedule_delayed_work(&expires_work, ip_rt_gc_interval);
904 }
905
906 /*
907  * Perturbation of rt_genid by a small quantity [1..256]
908  * Using 8 bits of shuffling ensure we can call rt_cache_invalidate()
909  * many times (2^24) without giving recent rt_genid.
910  * Jenkins hash is strong enough that litle changes of rt_genid are OK.
911  */
912 static void rt_cache_invalidate(struct net *net)
913 {
914         unsigned char shuffle;
915
916         get_random_bytes(&shuffle, sizeof(shuffle));
917         atomic_add(shuffle + 1U, &net->ipv4.rt_genid);
918         inetpeer_invalidate_family(AF_INET);
919 }
920
921 /*
922  * delay < 0  : invalidate cache (fast : entries will be deleted later)
923  * delay >= 0 : invalidate & flush cache (can be long)
924  */
925 void rt_cache_flush(struct net *net, int delay)
926 {
927         rt_cache_invalidate(net);
928         if (delay >= 0)
929                 rt_do_flush(net, !in_softirq());
930 }
931
932 /* Flush previous cache invalidated entries from the cache */
933 void rt_cache_flush_batch(struct net *net)
934 {
935         rt_do_flush(net, !in_softirq());
936 }
937
938 static void rt_emergency_hash_rebuild(struct net *net)
939 {
940         net_warn_ratelimited("Route hash chain too long!\n");
941         rt_cache_invalidate(net);
942 }
943
944 /*
945    Short description of GC goals.
946
947    We want to build algorithm, which will keep routing cache
948    at some equilibrium point, when number of aged off entries
949    is kept approximately equal to newly generated ones.
950
951    Current expiration strength is variable "expire".
952    We try to adjust it dynamically, so that if networking
953    is idle expires is large enough to keep enough of warm entries,
954    and when load increases it reduces to limit cache size.
955  */
956
957 static int rt_garbage_collect(struct dst_ops *ops)
958 {
959         static unsigned long expire = RT_GC_TIMEOUT;
960         static unsigned long last_gc;
961         static int rover;
962         static int equilibrium;
963         struct rtable *rth;
964         struct rtable __rcu **rthp;
965         unsigned long now = jiffies;
966         int goal;
967         int entries = dst_entries_get_fast(&ipv4_dst_ops);
968
969         /*
970          * Garbage collection is pretty expensive,
971          * do not make it too frequently.
972          */
973
974         RT_CACHE_STAT_INC(gc_total);
975
976         if (now - last_gc < ip_rt_gc_min_interval &&
977             entries < ip_rt_max_size) {
978                 RT_CACHE_STAT_INC(gc_ignored);
979                 goto out;
980         }
981
982         entries = dst_entries_get_slow(&ipv4_dst_ops);
983         /* Calculate number of entries, which we want to expire now. */
984         goal = entries - (ip_rt_gc_elasticity << rt_hash_log);
985         if (goal <= 0) {
986                 if (equilibrium < ipv4_dst_ops.gc_thresh)
987                         equilibrium = ipv4_dst_ops.gc_thresh;
988                 goal = entries - equilibrium;
989                 if (goal > 0) {
990                         equilibrium += min_t(unsigned int, goal >> 1, rt_hash_mask + 1);
991                         goal = entries - equilibrium;
992                 }
993         } else {
994                 /* We are in dangerous area. Try to reduce cache really
995                  * aggressively.
996                  */
997                 goal = max_t(unsigned int, goal >> 1, rt_hash_mask + 1);
998                 equilibrium = entries - goal;
999         }
1000
1001         if (now - last_gc >= ip_rt_gc_min_interval)
1002                 last_gc = now;
1003
1004         if (goal <= 0) {
1005                 equilibrium += goal;
1006                 goto work_done;
1007         }
1008
1009         do {
1010                 int i, k;
1011
1012                 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
1013                         unsigned long tmo = expire;
1014
1015                         k = (k + 1) & rt_hash_mask;
1016                         rthp = &rt_hash_table[k].chain;
1017                         spin_lock_bh(rt_hash_lock_addr(k));
1018                         while ((rth = rcu_dereference_protected(*rthp,
1019                                         lockdep_is_held(rt_hash_lock_addr(k)))) != NULL) {
1020                                 if (!rt_is_expired(rth) &&
1021                                         !rt_may_expire(rth, tmo, expire)) {
1022                                         tmo >>= 1;
1023                                         rthp = &rth->dst.rt_next;
1024                                         continue;
1025                                 }
1026                                 *rthp = rth->dst.rt_next;
1027                                 rt_free(rth);
1028                                 goal--;
1029                         }
1030                         spin_unlock_bh(rt_hash_lock_addr(k));
1031                         if (goal <= 0)
1032                                 break;
1033                 }
1034                 rover = k;
1035
1036                 if (goal <= 0)
1037                         goto work_done;
1038
1039                 /* Goal is not achieved. We stop process if:
1040
1041                    - if expire reduced to zero. Otherwise, expire is halfed.
1042                    - if table is not full.
1043                    - if we are called from interrupt.
1044                    - jiffies check is just fallback/debug loop breaker.
1045                      We will not spin here for long time in any case.
1046                  */
1047
1048                 RT_CACHE_STAT_INC(gc_goal_miss);
1049
1050                 if (expire == 0)
1051                         break;
1052
1053                 expire >>= 1;
1054
1055                 if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1056                         goto out;
1057         } while (!in_softirq() && time_before_eq(jiffies, now));
1058
1059         if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1060                 goto out;
1061         if (dst_entries_get_slow(&ipv4_dst_ops) < ip_rt_max_size)
1062                 goto out;
1063         net_warn_ratelimited("dst cache overflow\n");
1064         RT_CACHE_STAT_INC(gc_dst_overflow);
1065         return 1;
1066
1067 work_done:
1068         expire += ip_rt_gc_min_interval;
1069         if (expire > ip_rt_gc_timeout ||
1070             dst_entries_get_fast(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh ||
1071             dst_entries_get_slow(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh)
1072                 expire = ip_rt_gc_timeout;
1073 out:    return 0;
1074 }
1075
1076 /*
1077  * Returns number of entries in a hash chain that have different hash_inputs
1078  */
1079 static int slow_chain_length(const struct rtable *head)
1080 {
1081         int length = 0;
1082         const struct rtable *rth = head;
1083
1084         while (rth) {
1085                 length += has_noalias(head, rth);
1086                 rth = rcu_dereference_protected(rth->dst.rt_next, 1);
1087         }
1088         return length >> FRACT_BITS;
1089 }
1090
1091 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
1092                                            struct sk_buff *skb,
1093                                            const void *daddr)
1094 {
1095         struct net_device *dev = dst->dev;
1096         const __be32 *pkey = daddr;
1097         const struct rtable *rt;
1098         struct neighbour *n;
1099
1100         rt = (const struct rtable *) dst;
1101         if (rt->rt_gateway)
1102                 pkey = (const __be32 *) &rt->rt_gateway;
1103         else if (skb)
1104                 pkey = &ip_hdr(skb)->daddr;
1105
1106         n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
1107         if (n)
1108                 return n;
1109         return neigh_create(&arp_tbl, pkey, dev);
1110 }
1111
1112 static struct rtable *rt_intern_hash(unsigned int hash, struct rtable *rt,
1113                                      struct sk_buff *skb, int ifindex)
1114 {
1115         struct rtable   *rth, *cand;
1116         struct rtable __rcu **rthp, **candp;
1117         unsigned long   now;
1118         u32             min_score;
1119         int             chain_length;
1120
1121 restart:
1122         chain_length = 0;
1123         min_score = ~(u32)0;
1124         cand = NULL;
1125         candp = NULL;
1126         now = jiffies;
1127
1128         if (!rt_caching(dev_net(rt->dst.dev)) || (rt->dst.flags & DST_NOCACHE)) {
1129                 /*
1130                  * If we're not caching, just tell the caller we
1131                  * were successful and don't touch the route.  The
1132                  * caller hold the sole reference to the cache entry, and
1133                  * it will be released when the caller is done with it.
1134                  * If we drop it here, the callers have no way to resolve routes
1135                  * when we're not caching.  Instead, just point *rp at rt, so
1136                  * the caller gets a single use out of the route
1137                  * Note that we do rt_free on this new route entry, so that
1138                  * once its refcount hits zero, we are still able to reap it
1139                  * (Thanks Alexey)
1140                  * Note: To avoid expensive rcu stuff for this uncached dst,
1141                  * we set DST_NOCACHE so that dst_release() can free dst without
1142                  * waiting a grace period.
1143                  */
1144
1145                 rt->dst.flags |= DST_NOCACHE;
1146                 goto skip_hashing;
1147         }
1148
1149         rthp = &rt_hash_table[hash].chain;
1150
1151         spin_lock_bh(rt_hash_lock_addr(hash));
1152         while ((rth = rcu_dereference_protected(*rthp,
1153                         lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1154                 if (rt_is_expired(rth)) {
1155                         *rthp = rth->dst.rt_next;
1156                         rt_free(rth);
1157                         continue;
1158                 }
1159                 if (compare_keys(rth, rt) && compare_netns(rth, rt)) {
1160                         /* Put it first */
1161                         *rthp = rth->dst.rt_next;
1162                         /*
1163                          * Since lookup is lockfree, the deletion
1164                          * must be visible to another weakly ordered CPU before
1165                          * the insertion at the start of the hash chain.
1166                          */
1167                         rcu_assign_pointer(rth->dst.rt_next,
1168                                            rt_hash_table[hash].chain);
1169                         /*
1170                          * Since lookup is lockfree, the update writes
1171                          * must be ordered for consistency on SMP.
1172                          */
1173                         rcu_assign_pointer(rt_hash_table[hash].chain, rth);
1174
1175                         dst_use(&rth->dst, now);
1176                         spin_unlock_bh(rt_hash_lock_addr(hash));
1177
1178                         rt_drop(rt);
1179                         if (skb)
1180                                 skb_dst_set(skb, &rth->dst);
1181                         return rth;
1182                 }
1183
1184                 if (!atomic_read(&rth->dst.__refcnt)) {
1185                         u32 score = rt_score(rth);
1186
1187                         if (score <= min_score) {
1188                                 cand = rth;
1189                                 candp = rthp;
1190                                 min_score = score;
1191                         }
1192                 }
1193
1194                 chain_length++;
1195
1196                 rthp = &rth->dst.rt_next;
1197         }
1198
1199         if (cand) {
1200                 /* ip_rt_gc_elasticity used to be average length of chain
1201                  * length, when exceeded gc becomes really aggressive.
1202                  *
1203                  * The second limit is less certain. At the moment it allows
1204                  * only 2 entries per bucket. We will see.
1205                  */
1206                 if (chain_length > ip_rt_gc_elasticity) {
1207                         *candp = cand->dst.rt_next;
1208                         rt_free(cand);
1209                 }
1210         } else {
1211                 if (chain_length > rt_chain_length_max &&
1212                     slow_chain_length(rt_hash_table[hash].chain) > rt_chain_length_max) {
1213                         struct net *net = dev_net(rt->dst.dev);
1214                         int num = ++net->ipv4.current_rt_cache_rebuild_count;
1215                         if (!rt_caching(net)) {
1216                                 pr_warn("%s: %d rebuilds is over limit, route caching disabled\n",
1217                                         rt->dst.dev->name, num);
1218                         }
1219                         rt_emergency_hash_rebuild(net);
1220                         spin_unlock_bh(rt_hash_lock_addr(hash));
1221
1222                         hash = rt_hash(rt->rt_key_dst, rt->rt_key_src,
1223                                         ifindex, rt_genid(net));
1224                         goto restart;
1225                 }
1226         }
1227
1228         rt->dst.rt_next = rt_hash_table[hash].chain;
1229
1230         /*
1231          * Since lookup is lockfree, we must make sure
1232          * previous writes to rt are committed to memory
1233          * before making rt visible to other CPUS.
1234          */
1235         rcu_assign_pointer(rt_hash_table[hash].chain, rt);
1236
1237         spin_unlock_bh(rt_hash_lock_addr(hash));
1238
1239 skip_hashing:
1240         if (skb)
1241                 skb_dst_set(skb, &rt->dst);
1242         return rt;
1243 }
1244
1245 void rt_bind_peer(struct rtable *rt, __be32 daddr, int create)
1246 {
1247         struct inet_peer_base *base;
1248         struct inet_peer *peer;
1249
1250         base = inetpeer_base_ptr(rt->_peer);
1251         if (!base)
1252                 return;
1253
1254         peer = inet_getpeer_v4(base, daddr, create);
1255         if (peer) {
1256                 if (!rt_set_peer(rt, peer))
1257                         inet_putpeer(peer);
1258         }
1259 }
1260
1261 /*
1262  * Peer allocation may fail only in serious out-of-memory conditions.  However
1263  * we still can generate some output.
1264  * Random ID selection looks a bit dangerous because we have no chances to
1265  * select ID being unique in a reasonable period of time.
1266  * But broken packet identifier may be better than no packet at all.
1267  */
1268 static void ip_select_fb_ident(struct iphdr *iph)
1269 {
1270         static DEFINE_SPINLOCK(ip_fb_id_lock);
1271         static u32 ip_fallback_id;
1272         u32 salt;
1273
1274         spin_lock_bh(&ip_fb_id_lock);
1275         salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
1276         iph->id = htons(salt & 0xFFFF);
1277         ip_fallback_id = salt;
1278         spin_unlock_bh(&ip_fb_id_lock);
1279 }
1280
1281 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
1282 {
1283         struct net *net = dev_net(dst->dev);
1284         struct inet_peer *peer;
1285
1286         peer = inet_getpeer_v4(net->ipv4.peers, iph->daddr, 1);
1287         if (peer) {
1288                 iph->id = htons(inet_getid(peer, more));
1289                 inet_putpeer(peer);
1290                 return;
1291         }
1292
1293         ip_select_fb_ident(iph);
1294 }
1295 EXPORT_SYMBOL(__ip_select_ident);
1296
1297 static void rt_del(unsigned int hash, struct rtable *rt)
1298 {
1299         struct rtable __rcu **rthp;
1300         struct rtable *aux;
1301
1302         rthp = &rt_hash_table[hash].chain;
1303         spin_lock_bh(rt_hash_lock_addr(hash));
1304         ip_rt_put(rt);
1305         while ((aux = rcu_dereference_protected(*rthp,
1306                         lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1307                 if (aux == rt || rt_is_expired(aux)) {
1308                         *rthp = aux->dst.rt_next;
1309                         rt_free(aux);
1310                         continue;
1311                 }
1312                 rthp = &aux->dst.rt_next;
1313         }
1314         spin_unlock_bh(rt_hash_lock_addr(hash));
1315 }
1316
1317 /* called in rcu_read_lock() section */
1318 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1319                     __be32 saddr, struct net_device *dev)
1320 {
1321         int s, i;
1322         struct in_device *in_dev = __in_dev_get_rcu(dev);
1323         __be32 skeys[2] = { saddr, 0 };
1324         int    ikeys[2] = { dev->ifindex, 0 };
1325         struct net *net;
1326
1327         if (!in_dev)
1328                 return;
1329
1330         net = dev_net(dev);
1331         if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
1332             ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
1333             ipv4_is_zeronet(new_gw))
1334                 goto reject_redirect;
1335
1336         if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1337                 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1338                         goto reject_redirect;
1339                 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1340                         goto reject_redirect;
1341         } else {
1342                 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
1343                         goto reject_redirect;
1344         }
1345
1346         for (s = 0; s < 2; s++) {
1347                 for (i = 0; i < 2; i++) {
1348                         unsigned int hash;
1349                         struct rtable __rcu **rthp;
1350                         struct rtable *rt;
1351
1352                         hash = rt_hash(daddr, skeys[s], ikeys[i], rt_genid(net));
1353
1354                         rthp = &rt_hash_table[hash].chain;
1355
1356                         while ((rt = rcu_dereference(*rthp)) != NULL) {
1357                                 struct neighbour *n;
1358
1359                                 rthp = &rt->dst.rt_next;
1360
1361                                 if (rt->rt_key_dst != daddr ||
1362                                     rt->rt_key_src != skeys[s] ||
1363                                     rt->rt_oif != ikeys[i] ||
1364                                     rt_is_input_route(rt) ||
1365                                     rt_is_expired(rt) ||
1366                                     !net_eq(dev_net(rt->dst.dev), net) ||
1367                                     rt->dst.error ||
1368                                     rt->dst.dev != dev ||
1369                                     rt->rt_gateway != old_gw)
1370                                         continue;
1371
1372                                 n = ipv4_neigh_lookup(&rt->dst, NULL, &new_gw);
1373                                 if (n) {
1374                                         if (!(n->nud_state & NUD_VALID)) {
1375                                                 neigh_event_send(n, NULL);
1376                                         } else {
1377                                                 rt->rt_gateway = new_gw;
1378                                                 rt->rt_flags |= RTCF_REDIRECTED;
1379                                                 call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, n);
1380                                         }
1381                                         neigh_release(n);
1382                                 }
1383                         }
1384                 }
1385         }
1386         return;
1387
1388 reject_redirect:
1389 #ifdef CONFIG_IP_ROUTE_VERBOSE
1390         if (IN_DEV_LOG_MARTIANS(in_dev))
1391                 net_info_ratelimited("Redirect from %pI4 on %s about %pI4 ignored\n"
1392                                      "  Advised path = %pI4 -> %pI4\n",
1393                                      &old_gw, dev->name, &new_gw,
1394                                      &saddr, &daddr);
1395 #endif
1396         ;
1397 }
1398
1399 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1400 {
1401         struct rtable *rt = (struct rtable *)dst;
1402         struct dst_entry *ret = dst;
1403
1404         if (rt) {
1405                 if (dst->obsolete > 0) {
1406                         ip_rt_put(rt);
1407                         ret = NULL;
1408                 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1409                            rt->dst.expires) {
1410                         unsigned int hash = rt_hash(rt->rt_key_dst, rt->rt_key_src,
1411                                                 rt->rt_oif,
1412                                                 rt_genid(dev_net(dst->dev)));
1413                         rt_del(hash, rt);
1414                         ret = NULL;
1415                 }
1416         }
1417         return ret;
1418 }
1419
1420 /*
1421  * Algorithm:
1422  *      1. The first ip_rt_redirect_number redirects are sent
1423  *         with exponential backoff, then we stop sending them at all,
1424  *         assuming that the host ignores our redirects.
1425  *      2. If we did not see packets requiring redirects
1426  *         during ip_rt_redirect_silence, we assume that the host
1427  *         forgot redirected route and start to send redirects again.
1428  *
1429  * This algorithm is much cheaper and more intelligent than dumb load limiting
1430  * in icmp.c.
1431  *
1432  * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1433  * and "frag. need" (breaks PMTU discovery) in icmp.c.
1434  */
1435
1436 void ip_rt_send_redirect(struct sk_buff *skb)
1437 {
1438         struct rtable *rt = skb_rtable(skb);
1439         struct in_device *in_dev;
1440         struct inet_peer *peer;
1441         struct net *net;
1442         int log_martians;
1443
1444         rcu_read_lock();
1445         in_dev = __in_dev_get_rcu(rt->dst.dev);
1446         if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
1447                 rcu_read_unlock();
1448                 return;
1449         }
1450         log_martians = IN_DEV_LOG_MARTIANS(in_dev);
1451         rcu_read_unlock();
1452
1453         net = dev_net(rt->dst.dev);
1454         peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
1455         if (!peer) {
1456                 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1457                 return;
1458         }
1459
1460         /* No redirected packets during ip_rt_redirect_silence;
1461          * reset the algorithm.
1462          */
1463         if (time_after(jiffies, peer->rate_last + ip_rt_redirect_silence))
1464                 peer->rate_tokens = 0;
1465
1466         /* Too many ignored redirects; do not send anything
1467          * set dst.rate_last to the last seen redirected packet.
1468          */
1469         if (peer->rate_tokens >= ip_rt_redirect_number) {
1470                 peer->rate_last = jiffies;
1471                 goto out_put_peer;
1472         }
1473
1474         /* Check for load limit; set rate_last to the latest sent
1475          * redirect.
1476          */
1477         if (peer->rate_tokens == 0 ||
1478             time_after(jiffies,
1479                        (peer->rate_last +
1480                         (ip_rt_redirect_load << peer->rate_tokens)))) {
1481                 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1482                 peer->rate_last = jiffies;
1483                 ++peer->rate_tokens;
1484 #ifdef CONFIG_IP_ROUTE_VERBOSE
1485                 if (log_martians &&
1486                     peer->rate_tokens == ip_rt_redirect_number)
1487                         net_warn_ratelimited("host %pI4/if%d ignores redirects for %pI4 to %pI4\n",
1488                                              &ip_hdr(skb)->saddr, rt->rt_iif,
1489                                              &rt->rt_dst, &rt->rt_gateway);
1490 #endif
1491         }
1492 out_put_peer:
1493         inet_putpeer(peer);
1494 }
1495
1496 static int ip_error(struct sk_buff *skb)
1497 {
1498         struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
1499         struct rtable *rt = skb_rtable(skb);
1500         struct inet_peer *peer;
1501         unsigned long now;
1502         struct net *net;
1503         bool send;
1504         int code;
1505
1506         net = dev_net(rt->dst.dev);
1507         if (!IN_DEV_FORWARD(in_dev)) {
1508                 switch (rt->dst.error) {
1509                 case EHOSTUNREACH:
1510                         IP_INC_STATS_BH(net, IPSTATS_MIB_INADDRERRORS);
1511                         break;
1512
1513                 case ENETUNREACH:
1514                         IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
1515                         break;
1516                 }
1517                 goto out;
1518         }
1519
1520         switch (rt->dst.error) {
1521         case EINVAL:
1522         default:
1523                 goto out;
1524         case EHOSTUNREACH:
1525                 code = ICMP_HOST_UNREACH;
1526                 break;
1527         case ENETUNREACH:
1528                 code = ICMP_NET_UNREACH;
1529                 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
1530                 break;
1531         case EACCES:
1532                 code = ICMP_PKT_FILTERED;
1533                 break;
1534         }
1535
1536         peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
1537
1538         send = true;
1539         if (peer) {
1540                 now = jiffies;
1541                 peer->rate_tokens += now - peer->rate_last;
1542                 if (peer->rate_tokens > ip_rt_error_burst)
1543                         peer->rate_tokens = ip_rt_error_burst;
1544                 peer->rate_last = now;
1545                 if (peer->rate_tokens >= ip_rt_error_cost)
1546                         peer->rate_tokens -= ip_rt_error_cost;
1547                 else
1548                         send = false;
1549                 inet_putpeer(peer);
1550         }
1551         if (send)
1552                 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1553
1554 out:    kfree_skb(skb);
1555         return 0;
1556 }
1557
1558 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1559 {
1560         struct rtable *rt = (struct rtable *) dst;
1561
1562         dst_confirm(dst);
1563
1564         if (mtu < ip_rt_min_pmtu)
1565                 mtu = ip_rt_min_pmtu;
1566
1567         rt->rt_pmtu = mtu;
1568         dst_set_expires(&rt->dst, ip_rt_mtu_expires);
1569 }
1570
1571 void ipv4_update_pmtu(struct sk_buff *skb, struct net *net, u32 mtu,
1572                       int oif, u32 mark, u8 protocol, int flow_flags)
1573 {
1574         const struct iphdr *iph = (const struct iphdr *)skb->data;
1575         struct flowi4 fl4;
1576         struct rtable *rt;
1577
1578         flowi4_init_output(&fl4, oif, mark, RT_TOS(iph->tos), RT_SCOPE_UNIVERSE,
1579                            protocol, flow_flags,
1580                            iph->daddr, iph->saddr, 0, 0);
1581         rt = __ip_route_output_key(net, &fl4);
1582         if (!IS_ERR(rt)) {
1583                 ip_rt_update_pmtu(&rt->dst, mtu);
1584                 ip_rt_put(rt);
1585         }
1586 }
1587 EXPORT_SYMBOL_GPL(ipv4_update_pmtu);
1588
1589 void ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1590 {
1591         const struct inet_sock *inet = inet_sk(sk);
1592
1593         return ipv4_update_pmtu(skb, sock_net(sk), mtu,
1594                                 sk->sk_bound_dev_if, sk->sk_mark,
1595                                 inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
1596                                 inet_sk_flowi_flags(sk));
1597 }
1598 EXPORT_SYMBOL_GPL(ipv4_sk_update_pmtu);
1599
1600 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1601 {
1602         struct rtable *rt = (struct rtable *) dst;
1603
1604         if (rt_is_expired(rt))
1605                 return NULL;
1606         return dst;
1607 }
1608
1609 static void ipv4_dst_destroy(struct dst_entry *dst)
1610 {
1611         struct rtable *rt = (struct rtable *) dst;
1612
1613         if (rt->fi) {
1614                 fib_info_put(rt->fi);
1615                 rt->fi = NULL;
1616         }
1617         if (rt_has_peer(rt)) {
1618                 struct inet_peer *peer = rt_peer_ptr(rt);
1619                 inet_putpeer(peer);
1620         }
1621 }
1622
1623
1624 static void ipv4_link_failure(struct sk_buff *skb)
1625 {
1626         struct rtable *rt;
1627
1628         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1629
1630         rt = skb_rtable(skb);
1631         if (rt)
1632                 dst_set_expires(&rt->dst, 0);
1633 }
1634
1635 static int ip_rt_bug(struct sk_buff *skb)
1636 {
1637         pr_debug("%s: %pI4 -> %pI4, %s\n",
1638                  __func__, &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1639                  skb->dev ? skb->dev->name : "?");
1640         kfree_skb(skb);
1641         WARN_ON(1);
1642         return 0;
1643 }
1644
1645 /*
1646    We do not cache source address of outgoing interface,
1647    because it is used only by IP RR, TS and SRR options,
1648    so that it out of fast path.
1649
1650    BTW remember: "addr" is allowed to be not aligned
1651    in IP options!
1652  */
1653
1654 void ip_rt_get_source(u8 *addr, struct sk_buff *skb, struct rtable *rt)
1655 {
1656         __be32 src;
1657
1658         if (rt_is_output_route(rt))
1659                 src = ip_hdr(skb)->saddr;
1660         else {
1661                 struct fib_result res;
1662                 struct flowi4 fl4;
1663                 struct iphdr *iph;
1664
1665                 iph = ip_hdr(skb);
1666
1667                 memset(&fl4, 0, sizeof(fl4));
1668                 fl4.daddr = iph->daddr;
1669                 fl4.saddr = iph->saddr;
1670                 fl4.flowi4_tos = RT_TOS(iph->tos);
1671                 fl4.flowi4_oif = rt->dst.dev->ifindex;
1672                 fl4.flowi4_iif = skb->dev->ifindex;
1673                 fl4.flowi4_mark = skb->mark;
1674
1675                 rcu_read_lock();
1676                 if (fib_lookup(dev_net(rt->dst.dev), &fl4, &res) == 0)
1677                         src = FIB_RES_PREFSRC(dev_net(rt->dst.dev), res);
1678                 else
1679                         src = inet_select_addr(rt->dst.dev, rt->rt_gateway,
1680                                         RT_SCOPE_UNIVERSE);
1681                 rcu_read_unlock();
1682         }
1683         memcpy(addr, &src, 4);
1684 }
1685
1686 #ifdef CONFIG_IP_ROUTE_CLASSID
1687 static void set_class_tag(struct rtable *rt, u32 tag)
1688 {
1689         if (!(rt->dst.tclassid & 0xFFFF))
1690                 rt->dst.tclassid |= tag & 0xFFFF;
1691         if (!(rt->dst.tclassid & 0xFFFF0000))
1692                 rt->dst.tclassid |= tag & 0xFFFF0000;
1693 }
1694 #endif
1695
1696 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1697 {
1698         unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1699
1700         if (advmss == 0) {
1701                 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1702                                ip_rt_min_advmss);
1703                 if (advmss > 65535 - 40)
1704                         advmss = 65535 - 40;
1705         }
1706         return advmss;
1707 }
1708
1709 static unsigned int ipv4_mtu(const struct dst_entry *dst)
1710 {
1711         const struct rtable *rt = (const struct rtable *) dst;
1712         unsigned int mtu = rt->rt_pmtu;
1713
1714         if (mtu && time_after_eq(jiffies, rt->dst.expires))
1715                 mtu = 0;
1716
1717         if (!mtu)
1718                 mtu = dst_metric_raw(dst, RTAX_MTU);
1719
1720         if (mtu && rt_is_output_route(rt))
1721                 return mtu;
1722
1723         mtu = dst->dev->mtu;
1724
1725         if (unlikely(dst_metric_locked(dst, RTAX_MTU))) {
1726
1727                 if (rt->rt_gateway != rt->rt_dst && mtu > 576)
1728                         mtu = 576;
1729         }
1730
1731         if (mtu > IP_MAX_MTU)
1732                 mtu = IP_MAX_MTU;
1733
1734         return mtu;
1735 }
1736
1737 static void rt_init_metrics(struct rtable *rt, const struct flowi4 *fl4,
1738                             struct fib_info *fi)
1739 {
1740         struct inet_peer_base *base;
1741         struct inet_peer *peer;
1742
1743         base = inetpeer_base_ptr(rt->_peer);
1744         BUG_ON(!base);
1745
1746         peer = inet_getpeer_v4(base, rt->rt_dst, 0);
1747         if (peer) {
1748                 __rt_set_peer(rt, peer);
1749                 if (inet_metrics_new(peer))
1750                         memcpy(peer->metrics, fi->fib_metrics,
1751                                sizeof(u32) * RTAX_MAX);
1752                 dst_init_metrics(&rt->dst, peer->metrics, false);
1753         } else {
1754                 if (fi->fib_metrics != (u32 *) dst_default_metrics) {
1755                         rt->fi = fi;
1756                         atomic_inc(&fi->fib_clntref);
1757                 }
1758                 dst_init_metrics(&rt->dst, fi->fib_metrics, true);
1759         }
1760 }
1761
1762 static void rt_set_nexthop(struct rtable *rt, const struct flowi4 *fl4,
1763                            const struct fib_result *res,
1764                            struct fib_info *fi, u16 type, u32 itag)
1765 {
1766         if (fi) {
1767                 if (FIB_RES_GW(*res) &&
1768                     FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1769                         rt->rt_gateway = FIB_RES_GW(*res);
1770                 rt_init_metrics(rt, fl4, fi);
1771 #ifdef CONFIG_IP_ROUTE_CLASSID
1772                 rt->dst.tclassid = FIB_RES_NH(*res).nh_tclassid;
1773 #endif
1774         }
1775
1776 #ifdef CONFIG_IP_ROUTE_CLASSID
1777 #ifdef CONFIG_IP_MULTIPLE_TABLES
1778         set_class_tag(rt, fib_rules_tclass(res));
1779 #endif
1780         set_class_tag(rt, itag);
1781 #endif
1782 }
1783
1784 static struct rtable *rt_dst_alloc(struct net_device *dev,
1785                                    bool nopolicy, bool noxfrm)
1786 {
1787         return dst_alloc(&ipv4_dst_ops, dev, 1, -1,
1788                          DST_HOST |
1789                          (nopolicy ? DST_NOPOLICY : 0) |
1790                          (noxfrm ? DST_NOXFRM : 0));
1791 }
1792
1793 /* called in rcu_read_lock() section */
1794 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1795                                 u8 tos, struct net_device *dev, int our)
1796 {
1797         unsigned int hash;
1798         struct rtable *rth;
1799         struct in_device *in_dev = __in_dev_get_rcu(dev);
1800         u32 itag = 0;
1801         int err;
1802
1803         /* Primary sanity checks. */
1804
1805         if (in_dev == NULL)
1806                 return -EINVAL;
1807
1808         if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1809             skb->protocol != htons(ETH_P_IP))
1810                 goto e_inval;
1811
1812         if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1813                 if (ipv4_is_loopback(saddr))
1814                         goto e_inval;
1815
1816         if (ipv4_is_zeronet(saddr)) {
1817                 if (!ipv4_is_local_multicast(daddr))
1818                         goto e_inval;
1819         } else {
1820                 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1821                                           in_dev, &itag);
1822                 if (err < 0)
1823                         goto e_err;
1824         }
1825         rth = rt_dst_alloc(dev_net(dev)->loopback_dev,
1826                            IN_DEV_CONF_GET(in_dev, NOPOLICY), false);
1827         if (!rth)
1828                 goto e_nobufs;
1829
1830 #ifdef CONFIG_IP_ROUTE_CLASSID
1831         rth->dst.tclassid = itag;
1832 #endif
1833         rth->dst.output = ip_rt_bug;
1834
1835         rth->rt_key_dst = daddr;
1836         rth->rt_key_src = saddr;
1837         rth->rt_genid   = rt_genid(dev_net(dev));
1838         rth->rt_flags   = RTCF_MULTICAST;
1839         rth->rt_type    = RTN_MULTICAST;
1840         rth->rt_key_tos = tos;
1841         rth->rt_dst     = daddr;
1842         rth->rt_src     = saddr;
1843         rth->rt_route_iif = dev->ifindex;
1844         rth->rt_iif     = dev->ifindex;
1845         rth->rt_oif     = 0;
1846         rth->rt_mark    = skb->mark;
1847         rth->rt_pmtu    = 0;
1848         rth->rt_gateway = daddr;
1849         rt_init_peer(rth, dev_net(dev)->ipv4.peers);
1850         rth->fi = NULL;
1851         if (our) {
1852                 rth->dst.input= ip_local_deliver;
1853                 rth->rt_flags |= RTCF_LOCAL;
1854         }
1855
1856 #ifdef CONFIG_IP_MROUTE
1857         if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1858                 rth->dst.input = ip_mr_input;
1859 #endif
1860         RT_CACHE_STAT_INC(in_slow_mc);
1861
1862         hash = rt_hash(daddr, saddr, dev->ifindex, rt_genid(dev_net(dev)));
1863         rth = rt_intern_hash(hash, rth, skb, dev->ifindex);
1864         return IS_ERR(rth) ? PTR_ERR(rth) : 0;
1865
1866 e_nobufs:
1867         return -ENOBUFS;
1868 e_inval:
1869         return -EINVAL;
1870 e_err:
1871         return err;
1872 }
1873
1874
1875 static void ip_handle_martian_source(struct net_device *dev,
1876                                      struct in_device *in_dev,
1877                                      struct sk_buff *skb,
1878                                      __be32 daddr,
1879                                      __be32 saddr)
1880 {
1881         RT_CACHE_STAT_INC(in_martian_src);
1882 #ifdef CONFIG_IP_ROUTE_VERBOSE
1883         if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1884                 /*
1885                  *      RFC1812 recommendation, if source is martian,
1886                  *      the only hint is MAC header.
1887                  */
1888                 pr_warn("martian source %pI4 from %pI4, on dev %s\n",
1889                         &daddr, &saddr, dev->name);
1890                 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1891                         print_hex_dump(KERN_WARNING, "ll header: ",
1892                                        DUMP_PREFIX_OFFSET, 16, 1,
1893                                        skb_mac_header(skb),
1894                                        dev->hard_header_len, true);
1895                 }
1896         }
1897 #endif
1898 }
1899
1900 /* called in rcu_read_lock() section */
1901 static int __mkroute_input(struct sk_buff *skb,
1902                            const struct fib_result *res,
1903                            struct in_device *in_dev,
1904                            __be32 daddr, __be32 saddr, u32 tos,
1905                            struct rtable **result)
1906 {
1907         struct rtable *rth;
1908         int err;
1909         struct in_device *out_dev;
1910         unsigned int flags = 0;
1911         u32 itag;
1912
1913         /* get a working reference to the output device */
1914         out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1915         if (out_dev == NULL) {
1916                 net_crit_ratelimited("Bug in ip_route_input_slow(). Please report.\n");
1917                 return -EINVAL;
1918         }
1919
1920
1921         err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res),
1922                                   in_dev->dev, in_dev, &itag);
1923         if (err < 0) {
1924                 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1925                                          saddr);
1926
1927                 goto cleanup;
1928         }
1929
1930         if (err)
1931                 flags |= RTCF_DIRECTSRC;
1932
1933         if (out_dev == in_dev && err &&
1934             (IN_DEV_SHARED_MEDIA(out_dev) ||
1935              inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1936                 flags |= RTCF_DOREDIRECT;
1937
1938         if (skb->protocol != htons(ETH_P_IP)) {
1939                 /* Not IP (i.e. ARP). Do not create route, if it is
1940                  * invalid for proxy arp. DNAT routes are always valid.
1941                  *
1942                  * Proxy arp feature have been extended to allow, ARP
1943                  * replies back to the same interface, to support
1944                  * Private VLAN switch technologies. See arp.c.
1945                  */
1946                 if (out_dev == in_dev &&
1947                     IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
1948                         err = -EINVAL;
1949                         goto cleanup;
1950                 }
1951         }
1952
1953         rth = rt_dst_alloc(out_dev->dev,
1954                            IN_DEV_CONF_GET(in_dev, NOPOLICY),
1955                            IN_DEV_CONF_GET(out_dev, NOXFRM));
1956         if (!rth) {
1957                 err = -ENOBUFS;
1958                 goto cleanup;
1959         }
1960
1961         rth->rt_key_dst = daddr;
1962         rth->rt_key_src = saddr;
1963         rth->rt_genid = rt_genid(dev_net(rth->dst.dev));
1964         rth->rt_flags = flags;
1965         rth->rt_type = res->type;
1966         rth->rt_key_tos = tos;
1967         rth->rt_dst     = daddr;
1968         rth->rt_src     = saddr;
1969         rth->rt_route_iif = in_dev->dev->ifindex;
1970         rth->rt_iif     = in_dev->dev->ifindex;
1971         rth->rt_oif     = 0;
1972         rth->rt_mark    = skb->mark;
1973         rth->rt_pmtu    = 0;
1974         rth->rt_gateway = daddr;
1975         rt_init_peer(rth, &res->table->tb_peers);
1976         rth->fi = NULL;
1977
1978         rth->dst.input = ip_forward;
1979         rth->dst.output = ip_output;
1980
1981         rt_set_nexthop(rth, NULL, res, res->fi, res->type, itag);
1982
1983         *result = rth;
1984         err = 0;
1985  cleanup:
1986         return err;
1987 }
1988
1989 static int ip_mkroute_input(struct sk_buff *skb,
1990                             struct fib_result *res,
1991                             const struct flowi4 *fl4,
1992                             struct in_device *in_dev,
1993                             __be32 daddr, __be32 saddr, u32 tos)
1994 {
1995         struct rtable *rth = NULL;
1996         int err;
1997         unsigned int hash;
1998
1999 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2000         if (res->fi && res->fi->fib_nhs > 1)
2001                 fib_select_multipath(res);
2002 #endif
2003
2004         /* create a routing cache entry */
2005         err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
2006         if (err)
2007                 return err;
2008
2009         /* put it into the cache */
2010         hash = rt_hash(daddr, saddr, fl4->flowi4_iif,
2011                        rt_genid(dev_net(rth->dst.dev)));
2012         rth = rt_intern_hash(hash, rth, skb, fl4->flowi4_iif);
2013         if (IS_ERR(rth))
2014                 return PTR_ERR(rth);
2015         return 0;
2016 }
2017
2018 /*
2019  *      NOTE. We drop all the packets that has local source
2020  *      addresses, because every properly looped back packet
2021  *      must have correct destination already attached by output routine.
2022  *
2023  *      Such approach solves two big problems:
2024  *      1. Not simplex devices are handled properly.
2025  *      2. IP spoofing attempts are filtered with 100% of guarantee.
2026  *      called with rcu_read_lock()
2027  */
2028
2029 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2030                                u8 tos, struct net_device *dev)
2031 {
2032         struct fib_result res;
2033         struct in_device *in_dev = __in_dev_get_rcu(dev);
2034         struct flowi4   fl4;
2035         unsigned int    flags = 0;
2036         u32             itag = 0;
2037         struct rtable   *rth;
2038         unsigned int    hash;
2039         int             err = -EINVAL;
2040         struct net    *net = dev_net(dev);
2041
2042         /* IP on this device is disabled. */
2043
2044         if (!in_dev)
2045                 goto out;
2046
2047         /* Check for the most weird martians, which can be not detected
2048            by fib_lookup.
2049          */
2050
2051         if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
2052                 goto martian_source;
2053
2054         if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
2055                 goto brd_input;
2056
2057         /* Accept zero addresses only to limited broadcast;
2058          * I even do not know to fix it or not. Waiting for complains :-)
2059          */
2060         if (ipv4_is_zeronet(saddr))
2061                 goto martian_source;
2062
2063         if (ipv4_is_zeronet(daddr))
2064                 goto martian_destination;
2065
2066         if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev))) {
2067                 if (ipv4_is_loopback(daddr))
2068                         goto martian_destination;
2069
2070                 if (ipv4_is_loopback(saddr))
2071                         goto martian_source;
2072         }
2073
2074         /*
2075          *      Now we are ready to route packet.
2076          */
2077         fl4.flowi4_oif = 0;
2078         fl4.flowi4_iif = dev->ifindex;
2079         fl4.flowi4_mark = skb->mark;
2080         fl4.flowi4_tos = tos;
2081         fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
2082         fl4.daddr = daddr;
2083         fl4.saddr = saddr;
2084         err = fib_lookup(net, &fl4, &res);
2085         if (err != 0)
2086                 goto no_route;
2087
2088         RT_CACHE_STAT_INC(in_slow_tot);
2089
2090         if (res.type == RTN_BROADCAST)
2091                 goto brd_input;
2092
2093         if (res.type == RTN_LOCAL) {
2094                 err = fib_validate_source(skb, saddr, daddr, tos,
2095                                           net->loopback_dev->ifindex,
2096                                           dev, in_dev, &itag);
2097                 if (err < 0)
2098                         goto martian_source_keep_err;
2099                 if (err)
2100                         flags |= RTCF_DIRECTSRC;
2101                 goto local_input;
2102         }
2103
2104         if (!IN_DEV_FORWARD(in_dev))
2105                 goto no_route;
2106         if (res.type != RTN_UNICAST)
2107                 goto martian_destination;
2108
2109         err = ip_mkroute_input(skb, &res, &fl4, in_dev, daddr, saddr, tos);
2110 out:    return err;
2111
2112 brd_input:
2113         if (skb->protocol != htons(ETH_P_IP))
2114                 goto e_inval;
2115
2116         if (!ipv4_is_zeronet(saddr)) {
2117                 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
2118                                           in_dev, &itag);
2119                 if (err < 0)
2120                         goto martian_source_keep_err;
2121                 if (err)
2122                         flags |= RTCF_DIRECTSRC;
2123         }
2124         flags |= RTCF_BROADCAST;
2125         res.type = RTN_BROADCAST;
2126         RT_CACHE_STAT_INC(in_brd);
2127
2128 local_input:
2129         rth = rt_dst_alloc(net->loopback_dev,
2130                            IN_DEV_CONF_GET(in_dev, NOPOLICY), false);
2131         if (!rth)
2132                 goto e_nobufs;
2133
2134         rth->dst.input= ip_local_deliver;
2135         rth->dst.output= ip_rt_bug;
2136 #ifdef CONFIG_IP_ROUTE_CLASSID
2137         rth->dst.tclassid = itag;
2138 #endif
2139
2140         rth->rt_key_dst = daddr;
2141         rth->rt_key_src = saddr;
2142         rth->rt_genid = rt_genid(net);
2143         rth->rt_flags   = flags|RTCF_LOCAL;
2144         rth->rt_type    = res.type;
2145         rth->rt_key_tos = tos;
2146         rth->rt_dst     = daddr;
2147         rth->rt_src     = saddr;
2148         rth->rt_route_iif = dev->ifindex;
2149         rth->rt_iif     = dev->ifindex;
2150         rth->rt_oif     = 0;
2151         rth->rt_mark    = skb->mark;
2152         rth->rt_pmtu    = 0;
2153         rth->rt_gateway = daddr;
2154         rt_init_peer(rth, net->ipv4.peers);
2155         rth->fi = NULL;
2156         if (res.type == RTN_UNREACHABLE) {
2157                 rth->dst.input= ip_error;
2158                 rth->dst.error= -err;
2159                 rth->rt_flags   &= ~RTCF_LOCAL;
2160         }
2161         hash = rt_hash(daddr, saddr, fl4.flowi4_iif, rt_genid(net));
2162         rth = rt_intern_hash(hash, rth, skb, fl4.flowi4_iif);
2163         err = 0;
2164         if (IS_ERR(rth))
2165                 err = PTR_ERR(rth);
2166         goto out;
2167
2168 no_route:
2169         RT_CACHE_STAT_INC(in_no_route);
2170         res.type = RTN_UNREACHABLE;
2171         if (err == -ESRCH)
2172                 err = -ENETUNREACH;
2173         goto local_input;
2174
2175         /*
2176          *      Do not cache martian addresses: they should be logged (RFC1812)
2177          */
2178 martian_destination:
2179         RT_CACHE_STAT_INC(in_martian_dst);
2180 #ifdef CONFIG_IP_ROUTE_VERBOSE
2181         if (IN_DEV_LOG_MARTIANS(in_dev))
2182                 net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n",
2183                                      &daddr, &saddr, dev->name);
2184 #endif
2185
2186 e_inval:
2187         err = -EINVAL;
2188         goto out;
2189
2190 e_nobufs:
2191         err = -ENOBUFS;
2192         goto out;
2193
2194 martian_source:
2195         err = -EINVAL;
2196 martian_source_keep_err:
2197         ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
2198         goto out;
2199 }
2200
2201 int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2202                            u8 tos, struct net_device *dev, bool noref)
2203 {
2204         struct rtable   *rth;
2205         unsigned int    hash;
2206         int iif = dev->ifindex;
2207         struct net *net;
2208         int res;
2209
2210         net = dev_net(dev);
2211
2212         rcu_read_lock();
2213
2214         if (!rt_caching(net))
2215                 goto skip_cache;
2216
2217         tos &= IPTOS_RT_MASK;
2218         hash = rt_hash(daddr, saddr, iif, rt_genid(net));
2219
2220         for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2221              rth = rcu_dereference(rth->dst.rt_next)) {
2222                 if ((((__force u32)rth->rt_key_dst ^ (__force u32)daddr) |
2223                      ((__force u32)rth->rt_key_src ^ (__force u32)saddr) |
2224                      (rth->rt_route_iif ^ iif) |
2225                      (rth->rt_key_tos ^ tos)) == 0 &&
2226                     rth->rt_mark == skb->mark &&
2227                     net_eq(dev_net(rth->dst.dev), net) &&
2228                     !rt_is_expired(rth)) {
2229                         if (noref) {
2230                                 dst_use_noref(&rth->dst, jiffies);
2231                                 skb_dst_set_noref(skb, &rth->dst);
2232                         } else {
2233                                 dst_use(&rth->dst, jiffies);
2234                                 skb_dst_set(skb, &rth->dst);
2235                         }
2236                         RT_CACHE_STAT_INC(in_hit);
2237                         rcu_read_unlock();
2238                         return 0;
2239                 }
2240                 RT_CACHE_STAT_INC(in_hlist_search);
2241         }
2242
2243 skip_cache:
2244         /* Multicast recognition logic is moved from route cache to here.
2245            The problem was that too many Ethernet cards have broken/missing
2246            hardware multicast filters :-( As result the host on multicasting
2247            network acquires a lot of useless route cache entries, sort of
2248            SDR messages from all the world. Now we try to get rid of them.
2249            Really, provided software IP multicast filter is organized
2250            reasonably (at least, hashed), it does not result in a slowdown
2251            comparing with route cache reject entries.
2252            Note, that multicast routers are not affected, because
2253            route cache entry is created eventually.
2254          */
2255         if (ipv4_is_multicast(daddr)) {
2256                 struct in_device *in_dev = __in_dev_get_rcu(dev);
2257
2258                 if (in_dev) {
2259                         int our = ip_check_mc_rcu(in_dev, daddr, saddr,
2260                                                   ip_hdr(skb)->protocol);
2261                         if (our
2262 #ifdef CONFIG_IP_MROUTE
2263                                 ||
2264                             (!ipv4_is_local_multicast(daddr) &&
2265                              IN_DEV_MFORWARD(in_dev))
2266 #endif
2267                            ) {
2268                                 int res = ip_route_input_mc(skb, daddr, saddr,
2269                                                             tos, dev, our);
2270                                 rcu_read_unlock();
2271                                 return res;
2272                         }
2273                 }
2274                 rcu_read_unlock();
2275                 return -EINVAL;
2276         }
2277         res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
2278         rcu_read_unlock();
2279         return res;
2280 }
2281 EXPORT_SYMBOL(ip_route_input_common);
2282
2283 /* called with rcu_read_lock() */
2284 static struct rtable *__mkroute_output(const struct fib_result *res,
2285                                        const struct flowi4 *fl4,
2286                                        __be32 orig_daddr, __be32 orig_saddr,
2287                                        int orig_oif, __u8 orig_rtos,
2288                                        struct net_device *dev_out,
2289                                        unsigned int flags)
2290 {
2291         struct fib_info *fi = res->fi;
2292         struct in_device *in_dev;
2293         u16 type = res->type;
2294         struct rtable *rth;
2295
2296         in_dev = __in_dev_get_rcu(dev_out);
2297         if (!in_dev)
2298                 return ERR_PTR(-EINVAL);
2299
2300         if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
2301                 if (ipv4_is_loopback(fl4->saddr) && !(dev_out->flags & IFF_LOOPBACK))
2302                         return ERR_PTR(-EINVAL);
2303
2304         if (ipv4_is_lbcast(fl4->daddr))
2305                 type = RTN_BROADCAST;
2306         else if (ipv4_is_multicast(fl4->daddr))
2307                 type = RTN_MULTICAST;
2308         else if (ipv4_is_zeronet(fl4->daddr))
2309                 return ERR_PTR(-EINVAL);
2310
2311         if (dev_out->flags & IFF_LOOPBACK)
2312                 flags |= RTCF_LOCAL;
2313
2314         if (type == RTN_BROADCAST) {
2315                 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2316                 fi = NULL;
2317         } else if (type == RTN_MULTICAST) {
2318                 flags |= RTCF_MULTICAST | RTCF_LOCAL;
2319                 if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
2320                                      fl4->flowi4_proto))
2321                         flags &= ~RTCF_LOCAL;
2322                 /* If multicast route do not exist use
2323                  * default one, but do not gateway in this case.
2324                  * Yes, it is hack.
2325                  */
2326                 if (fi && res->prefixlen < 4)
2327                         fi = NULL;
2328         }
2329
2330         rth = rt_dst_alloc(dev_out,
2331                            IN_DEV_CONF_GET(in_dev, NOPOLICY),
2332                            IN_DEV_CONF_GET(in_dev, NOXFRM));
2333         if (!rth)
2334                 return ERR_PTR(-ENOBUFS);
2335
2336         rth->dst.output = ip_output;
2337
2338         rth->rt_key_dst = orig_daddr;
2339         rth->rt_key_src = orig_saddr;
2340         rth->rt_genid = rt_genid(dev_net(dev_out));
2341         rth->rt_flags   = flags;
2342         rth->rt_type    = type;
2343         rth->rt_key_tos = orig_rtos;
2344         rth->rt_dst     = fl4->daddr;
2345         rth->rt_src     = fl4->saddr;
2346         rth->rt_route_iif = 0;
2347         rth->rt_iif     = orig_oif ? : dev_out->ifindex;
2348         rth->rt_oif     = orig_oif;
2349         rth->rt_mark    = fl4->flowi4_mark;
2350         rth->rt_pmtu    = 0;
2351         rth->rt_gateway = fl4->daddr;
2352         rt_init_peer(rth, (res->table ?
2353                            &res->table->tb_peers :
2354                            dev_net(dev_out)->ipv4.peers));
2355         rth->fi = NULL;
2356
2357         RT_CACHE_STAT_INC(out_slow_tot);
2358
2359         if (flags & RTCF_LOCAL)
2360                 rth->dst.input = ip_local_deliver;
2361         if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2362                 if (flags & RTCF_LOCAL &&
2363                     !(dev_out->flags & IFF_LOOPBACK)) {
2364                         rth->dst.output = ip_mc_output;
2365                         RT_CACHE_STAT_INC(out_slow_mc);
2366                 }
2367 #ifdef CONFIG_IP_MROUTE
2368                 if (type == RTN_MULTICAST) {
2369                         if (IN_DEV_MFORWARD(in_dev) &&
2370                             !ipv4_is_local_multicast(fl4->daddr)) {
2371                                 rth->dst.input = ip_mr_input;
2372                                 rth->dst.output = ip_mc_output;
2373                         }
2374                 }
2375 #endif
2376         }
2377
2378         rt_set_nexthop(rth, fl4, res, fi, type, 0);
2379
2380         if (fl4->flowi4_flags & FLOWI_FLAG_RT_NOCACHE)
2381                 rth->dst.flags |= DST_NOCACHE;
2382
2383         return rth;
2384 }
2385
2386 /*
2387  * Major route resolver routine.
2388  * called with rcu_read_lock();
2389  */
2390
2391 static struct rtable *ip_route_output_slow(struct net *net, struct flowi4 *fl4)
2392 {
2393         struct net_device *dev_out = NULL;
2394         __u8 tos = RT_FL_TOS(fl4);
2395         unsigned int flags = 0;
2396         struct fib_result res;
2397         struct rtable *rth;
2398         __be32 orig_daddr;
2399         __be32 orig_saddr;
2400         int orig_oif;
2401
2402         res.fi          = NULL;
2403         res.table       = NULL;
2404 #ifdef CONFIG_IP_MULTIPLE_TABLES
2405         res.r           = NULL;
2406 #endif
2407
2408         orig_daddr = fl4->daddr;
2409         orig_saddr = fl4->saddr;
2410         orig_oif = fl4->flowi4_oif;
2411
2412         fl4->flowi4_iif = net->loopback_dev->ifindex;
2413         fl4->flowi4_tos = tos & IPTOS_RT_MASK;
2414         fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
2415                          RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
2416
2417         rcu_read_lock();
2418         if (fl4->saddr) {
2419                 rth = ERR_PTR(-EINVAL);
2420                 if (ipv4_is_multicast(fl4->saddr) ||
2421                     ipv4_is_lbcast(fl4->saddr) ||
2422                     ipv4_is_zeronet(fl4->saddr))
2423                         goto out;
2424
2425                 /* I removed check for oif == dev_out->oif here.
2426                    It was wrong for two reasons:
2427                    1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2428                       is assigned to multiple interfaces.
2429                    2. Moreover, we are allowed to send packets with saddr
2430                       of another iface. --ANK
2431                  */
2432
2433                 if (fl4->flowi4_oif == 0 &&
2434                     (ipv4_is_multicast(fl4->daddr) ||
2435                      ipv4_is_lbcast(fl4->daddr))) {
2436                         /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2437                         dev_out = __ip_dev_find(net, fl4->saddr, false);
2438                         if (dev_out == NULL)
2439                                 goto out;
2440
2441                         /* Special hack: user can direct multicasts
2442                            and limited broadcast via necessary interface
2443                            without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2444                            This hack is not just for fun, it allows
2445                            vic,vat and friends to work.
2446                            They bind socket to loopback, set ttl to zero
2447                            and expect that it will work.
2448                            From the viewpoint of routing cache they are broken,
2449                            because we are not allowed to build multicast path
2450                            with loopback source addr (look, routing cache
2451                            cannot know, that ttl is zero, so that packet
2452                            will not leave this host and route is valid).
2453                            Luckily, this hack is good workaround.
2454                          */
2455
2456                         fl4->flowi4_oif = dev_out->ifindex;
2457                         goto make_route;
2458                 }
2459
2460                 if (!(fl4->flowi4_flags & FLOWI_FLAG_ANYSRC)) {
2461                         /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2462                         if (!__ip_dev_find(net, fl4->saddr, false))
2463                                 goto out;
2464                 }
2465         }
2466
2467
2468         if (fl4->flowi4_oif) {
2469                 dev_out = dev_get_by_index_rcu(net, fl4->flowi4_oif);
2470                 rth = ERR_PTR(-ENODEV);
2471                 if (dev_out == NULL)
2472                         goto out;
2473
2474                 /* RACE: Check return value of inet_select_addr instead. */
2475                 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
2476                         rth = ERR_PTR(-ENETUNREACH);
2477                         goto out;
2478                 }
2479                 if (ipv4_is_local_multicast(fl4->daddr) ||
2480                     ipv4_is_lbcast(fl4->daddr)) {
2481                         if (!fl4->saddr)
2482                                 fl4->saddr = inet_select_addr(dev_out, 0,
2483                                                               RT_SCOPE_LINK);
2484                         goto make_route;
2485                 }
2486                 if (fl4->saddr) {
2487                         if (ipv4_is_multicast(fl4->daddr))
2488                                 fl4->saddr = inet_select_addr(dev_out, 0,
2489                                                               fl4->flowi4_scope);
2490                         else if (!fl4->daddr)
2491                                 fl4->saddr = inet_select_addr(dev_out, 0,
2492                                                               RT_SCOPE_HOST);
2493                 }
2494         }
2495
2496         if (!fl4->daddr) {
2497                 fl4->daddr = fl4->saddr;
2498                 if (!fl4->daddr)
2499                         fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
2500                 dev_out = net->loopback_dev;
2501                 fl4->flowi4_oif = net->loopback_dev->ifindex;
2502                 res.type = RTN_LOCAL;
2503                 flags |= RTCF_LOCAL;
2504                 goto make_route;
2505         }
2506
2507         if (fib_lookup(net, fl4, &res)) {
2508                 res.fi = NULL;
2509                 res.table = NULL;
2510                 if (fl4->flowi4_oif) {
2511                         /* Apparently, routing tables are wrong. Assume,
2512                            that the destination is on link.
2513
2514                            WHY? DW.
2515                            Because we are allowed to send to iface
2516                            even if it has NO routes and NO assigned
2517                            addresses. When oif is specified, routing
2518                            tables are looked up with only one purpose:
2519                            to catch if destination is gatewayed, rather than
2520                            direct. Moreover, if MSG_DONTROUTE is set,
2521                            we send packet, ignoring both routing tables
2522                            and ifaddr state. --ANK
2523
2524
2525                            We could make it even if oif is unknown,
2526                            likely IPv6, but we do not.
2527                          */
2528
2529                         if (fl4->saddr == 0)
2530                                 fl4->saddr = inet_select_addr(dev_out, 0,
2531                                                               RT_SCOPE_LINK);
2532                         res.type = RTN_UNICAST;
2533                         goto make_route;
2534                 }
2535                 rth = ERR_PTR(-ENETUNREACH);
2536                 goto out;
2537         }
2538
2539         if (res.type == RTN_LOCAL) {
2540                 if (!fl4->saddr) {
2541                         if (res.fi->fib_prefsrc)
2542                                 fl4->saddr = res.fi->fib_prefsrc;
2543                         else
2544                                 fl4->saddr = fl4->daddr;
2545                 }
2546                 dev_out = net->loopback_dev;
2547                 fl4->flowi4_oif = dev_out->ifindex;
2548                 res.fi = NULL;
2549                 flags |= RTCF_LOCAL;
2550                 goto make_route;
2551         }
2552
2553 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2554         if (res.fi->fib_nhs > 1 && fl4->flowi4_oif == 0)
2555                 fib_select_multipath(&res);
2556         else
2557 #endif
2558         if (!res.prefixlen &&
2559             res.table->tb_num_default > 1 &&
2560             res.type == RTN_UNICAST && !fl4->flowi4_oif)
2561                 fib_select_default(&res);
2562
2563         if (!fl4->saddr)
2564                 fl4->saddr = FIB_RES_PREFSRC(net, res);
2565
2566         dev_out = FIB_RES_DEV(res);
2567         fl4->flowi4_oif = dev_out->ifindex;
2568
2569
2570 make_route:
2571         rth = __mkroute_output(&res, fl4, orig_daddr, orig_saddr, orig_oif,
2572                                tos, dev_out, flags);
2573         if (!IS_ERR(rth)) {
2574                 unsigned int hash;
2575
2576                 hash = rt_hash(orig_daddr, orig_saddr, orig_oif,
2577                                rt_genid(dev_net(dev_out)));
2578                 rth = rt_intern_hash(hash, rth, NULL, orig_oif);
2579         }
2580
2581 out:
2582         rcu_read_unlock();
2583         return rth;
2584 }
2585
2586 struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *flp4)
2587 {
2588         struct rtable *rth;
2589         unsigned int hash;
2590
2591         if (!rt_caching(net))
2592                 goto slow_output;
2593
2594         hash = rt_hash(flp4->daddr, flp4->saddr, flp4->flowi4_oif, rt_genid(net));
2595
2596         rcu_read_lock_bh();
2597         for (rth = rcu_dereference_bh(rt_hash_table[hash].chain); rth;
2598                 rth = rcu_dereference_bh(rth->dst.rt_next)) {
2599                 if (rth->rt_key_dst == flp4->daddr &&
2600                     rth->rt_key_src == flp4->saddr &&
2601                     rt_is_output_route(rth) &&
2602                     rth->rt_oif == flp4->flowi4_oif &&
2603                     rth->rt_mark == flp4->flowi4_mark &&
2604                     !((rth->rt_key_tos ^ flp4->flowi4_tos) &
2605                             (IPTOS_RT_MASK | RTO_ONLINK)) &&
2606                     net_eq(dev_net(rth->dst.dev), net) &&
2607                     !rt_is_expired(rth)) {
2608                         dst_use(&rth->dst, jiffies);
2609                         RT_CACHE_STAT_INC(out_hit);
2610                         rcu_read_unlock_bh();
2611                         if (!flp4->saddr)
2612                                 flp4->saddr = rth->rt_src;
2613                         if (!flp4->daddr)
2614                                 flp4->daddr = rth->rt_dst;
2615                         return rth;
2616                 }
2617                 RT_CACHE_STAT_INC(out_hlist_search);
2618         }
2619         rcu_read_unlock_bh();
2620
2621 slow_output:
2622         return ip_route_output_slow(net, flp4);
2623 }
2624 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2625
2626 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2627 {
2628         return NULL;
2629 }
2630
2631 static unsigned int ipv4_blackhole_mtu(const struct dst_entry *dst)
2632 {
2633         unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
2634
2635         return mtu ? : dst->dev->mtu;
2636 }
2637
2638 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2639 {
2640 }
2641
2642 static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2643                                           unsigned long old)
2644 {
2645         return NULL;
2646 }
2647
2648 static struct dst_ops ipv4_dst_blackhole_ops = {
2649         .family                 =       AF_INET,
2650         .protocol               =       cpu_to_be16(ETH_P_IP),
2651         .destroy                =       ipv4_dst_destroy,
2652         .check                  =       ipv4_blackhole_dst_check,
2653         .mtu                    =       ipv4_blackhole_mtu,
2654         .default_advmss         =       ipv4_default_advmss,
2655         .update_pmtu            =       ipv4_rt_blackhole_update_pmtu,
2656         .cow_metrics            =       ipv4_rt_blackhole_cow_metrics,
2657         .neigh_lookup           =       ipv4_neigh_lookup,
2658 };
2659
2660 struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2661 {
2662         struct rtable *rt = dst_alloc(&ipv4_dst_blackhole_ops, NULL, 1, 0, 0);
2663         struct rtable *ort = (struct rtable *) dst_orig;
2664
2665         if (rt) {
2666                 struct dst_entry *new = &rt->dst;
2667
2668                 new->__use = 1;
2669                 new->input = dst_discard;
2670                 new->output = dst_discard;
2671                 dst_copy_metrics(new, &ort->dst);
2672
2673                 new->dev = ort->dst.dev;
2674                 if (new->dev)
2675                         dev_hold(new->dev);
2676
2677                 rt->rt_key_dst = ort->rt_key_dst;
2678                 rt->rt_key_src = ort->rt_key_src;
2679                 rt->rt_key_tos = ort->rt_key_tos;
2680                 rt->rt_route_iif = ort->rt_route_iif;
2681                 rt->rt_iif = ort->rt_iif;
2682                 rt->rt_oif = ort->rt_oif;
2683                 rt->rt_mark = ort->rt_mark;
2684                 rt->rt_pmtu = ort->rt_pmtu;
2685
2686                 rt->rt_genid = rt_genid(net);
2687                 rt->rt_flags = ort->rt_flags;
2688                 rt->rt_type = ort->rt_type;
2689                 rt->rt_dst = ort->rt_dst;
2690                 rt->rt_src = ort->rt_src;
2691                 rt->rt_gateway = ort->rt_gateway;
2692                 rt_transfer_peer(rt, ort);
2693                 rt->fi = ort->fi;
2694                 if (rt->fi)
2695                         atomic_inc(&rt->fi->fib_clntref);
2696
2697                 dst_free(new);
2698         }
2699
2700         dst_release(dst_orig);
2701
2702         return rt ? &rt->dst : ERR_PTR(-ENOMEM);
2703 }
2704
2705 struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2706                                     struct sock *sk)
2707 {
2708         struct rtable *rt = __ip_route_output_key(net, flp4);
2709
2710         if (IS_ERR(rt))
2711                 return rt;
2712
2713         if (flp4->flowi4_proto)
2714                 rt = (struct rtable *) xfrm_lookup(net, &rt->dst,
2715                                                    flowi4_to_flowi(flp4),
2716                                                    sk, 0);
2717
2718         return rt;
2719 }
2720 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2721
2722 static int rt_fill_info(struct net *net,
2723                         struct sk_buff *skb, u32 pid, u32 seq, int event,
2724                         int nowait, unsigned int flags)
2725 {
2726         struct rtable *rt = skb_rtable(skb);
2727         struct rtmsg *r;
2728         struct nlmsghdr *nlh;
2729         unsigned long expires = 0;
2730         u32 id = 0, error;
2731
2732         nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2733         if (nlh == NULL)
2734                 return -EMSGSIZE;
2735
2736         r = nlmsg_data(nlh);
2737         r->rtm_family    = AF_INET;
2738         r->rtm_dst_len  = 32;
2739         r->rtm_src_len  = 0;
2740         r->rtm_tos      = rt->rt_key_tos;
2741         r->rtm_table    = RT_TABLE_MAIN;
2742         if (nla_put_u32(skb, RTA_TABLE, RT_TABLE_MAIN))
2743                 goto nla_put_failure;
2744         r->rtm_type     = rt->rt_type;
2745         r->rtm_scope    = RT_SCOPE_UNIVERSE;
2746         r->rtm_protocol = RTPROT_UNSPEC;
2747         r->rtm_flags    = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2748         if (rt->rt_flags & RTCF_NOTIFY)
2749                 r->rtm_flags |= RTM_F_NOTIFY;
2750
2751         if (nla_put_be32(skb, RTA_DST, rt->rt_dst))
2752                 goto nla_put_failure;
2753         if (rt->rt_key_src) {
2754                 r->rtm_src_len = 32;
2755                 if (nla_put_be32(skb, RTA_SRC, rt->rt_key_src))
2756                         goto nla_put_failure;
2757         }
2758         if (rt->dst.dev &&
2759             nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2760                 goto nla_put_failure;
2761 #ifdef CONFIG_IP_ROUTE_CLASSID
2762         if (rt->dst.tclassid &&
2763             nla_put_u32(skb, RTA_FLOW, rt->dst.tclassid))
2764                 goto nla_put_failure;
2765 #endif
2766         if (!rt_is_input_route(rt) &&
2767             rt->rt_src != rt->rt_key_src) {
2768                 if (nla_put_be32(skb, RTA_PREFSRC, rt->rt_src))
2769                         goto nla_put_failure;
2770         }
2771         if (rt->rt_dst != rt->rt_gateway &&
2772             nla_put_be32(skb, RTA_GATEWAY, rt->rt_gateway))
2773                 goto nla_put_failure;
2774
2775         if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2776                 goto nla_put_failure;
2777
2778         if (rt->rt_mark &&
2779             nla_put_be32(skb, RTA_MARK, rt->rt_mark))
2780                 goto nla_put_failure;
2781
2782         error = rt->dst.error;
2783         if (rt_has_peer(rt)) {
2784                 const struct inet_peer *peer = rt_peer_ptr(rt);
2785                 inet_peer_refcheck(peer);
2786                 id = atomic_read(&peer->ip_id_count) & 0xffff;
2787         }
2788         expires = rt->dst.expires;
2789         if (expires) {
2790                 if (time_before(jiffies, expires))
2791                         expires -= jiffies;
2792                 else
2793                         expires = 0;
2794         }
2795
2796         if (rt_is_input_route(rt)) {
2797 #ifdef CONFIG_IP_MROUTE
2798                 __be32 dst = rt->rt_dst;
2799
2800                 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2801                     IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2802                         int err = ipmr_get_route(net, skb,
2803                                                  rt->rt_src, rt->rt_dst,
2804                                                  r, nowait);
2805                         if (err <= 0) {
2806                                 if (!nowait) {
2807                                         if (err == 0)
2808                                                 return 0;
2809                                         goto nla_put_failure;
2810                                 } else {
2811                                         if (err == -EMSGSIZE)
2812                                                 goto nla_put_failure;
2813                                         error = err;
2814                                 }
2815                         }
2816                 } else
2817 #endif
2818                         if (nla_put_u32(skb, RTA_IIF, rt->rt_iif))
2819                                 goto nla_put_failure;
2820         }
2821
2822         if (rtnl_put_cacheinfo(skb, &rt->dst, id, expires, error) < 0)
2823                 goto nla_put_failure;
2824
2825         return nlmsg_end(skb, nlh);
2826
2827 nla_put_failure:
2828         nlmsg_cancel(skb, nlh);
2829         return -EMSGSIZE;
2830 }
2831
2832 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh, void *arg)
2833 {
2834         struct net *net = sock_net(in_skb->sk);
2835         struct rtmsg *rtm;
2836         struct nlattr *tb[RTA_MAX+1];
2837         struct rtable *rt = NULL;
2838         __be32 dst = 0;
2839         __be32 src = 0;
2840         u32 iif;
2841         int err;
2842         int mark;
2843         struct sk_buff *skb;
2844
2845         err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2846         if (err < 0)
2847                 goto errout;
2848
2849         rtm = nlmsg_data(nlh);
2850
2851         skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2852         if (skb == NULL) {
2853                 err = -ENOBUFS;
2854                 goto errout;
2855         }
2856
2857         /* Reserve room for dummy headers, this skb can pass
2858            through good chunk of routing engine.
2859          */
2860         skb_reset_mac_header(skb);
2861         skb_reset_network_header(skb);
2862
2863         /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2864         ip_hdr(skb)->protocol = IPPROTO_ICMP;
2865         skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2866
2867         src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2868         dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2869         iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2870         mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2871
2872         if (iif) {
2873                 struct net_device *dev;
2874
2875                 dev = __dev_get_by_index(net, iif);
2876                 if (dev == NULL) {
2877                         err = -ENODEV;
2878                         goto errout_free;
2879                 }
2880
2881                 skb->protocol   = htons(ETH_P_IP);
2882                 skb->dev        = dev;
2883                 skb->mark       = mark;
2884                 local_bh_disable();
2885                 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2886                 local_bh_enable();
2887
2888                 rt = skb_rtable(skb);
2889                 if (err == 0 && rt->dst.error)
2890                         err = -rt->dst.error;
2891         } else {
2892                 struct flowi4 fl4 = {
2893                         .daddr = dst,
2894                         .saddr = src,
2895                         .flowi4_tos = rtm->rtm_tos,
2896                         .flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2897                         .flowi4_mark = mark,
2898                 };
2899                 rt = ip_route_output_key(net, &fl4);
2900
2901                 err = 0;
2902                 if (IS_ERR(rt))
2903                         err = PTR_ERR(rt);
2904         }
2905
2906         if (err)
2907                 goto errout_free;
2908
2909         skb_dst_set(skb, &rt->dst);
2910         if (rtm->rtm_flags & RTM_F_NOTIFY)
2911                 rt->rt_flags |= RTCF_NOTIFY;
2912
2913         err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2914                            RTM_NEWROUTE, 0, 0);
2915         if (err <= 0)
2916                 goto errout_free;
2917
2918         err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2919 errout:
2920         return err;
2921
2922 errout_free:
2923         kfree_skb(skb);
2924         goto errout;
2925 }
2926
2927 int ip_rt_dump(struct sk_buff *skb,  struct netlink_callback *cb)
2928 {
2929         struct rtable *rt;
2930         int h, s_h;
2931         int idx, s_idx;
2932         struct net *net;
2933
2934         net = sock_net(skb->sk);
2935
2936         s_h = cb->args[0];
2937         if (s_h < 0)
2938                 s_h = 0;
2939         s_idx = idx = cb->args[1];
2940         for (h = s_h; h <= rt_hash_mask; h++, s_idx = 0) {
2941                 if (!rt_hash_table[h].chain)
2942                         continue;
2943                 rcu_read_lock_bh();
2944                 for (rt = rcu_dereference_bh(rt_hash_table[h].chain), idx = 0; rt;
2945                      rt = rcu_dereference_bh(rt->dst.rt_next), idx++) {
2946                         if (!net_eq(dev_net(rt->dst.dev), net) || idx < s_idx)
2947                                 continue;
2948                         if (rt_is_expired(rt))
2949                                 continue;
2950                         skb_dst_set_noref(skb, &rt->dst);
2951                         if (rt_fill_info(net, skb, NETLINK_CB(cb->skb).pid,
2952                                          cb->nlh->nlmsg_seq, RTM_NEWROUTE,
2953                                          1, NLM_F_MULTI) <= 0) {
2954                                 skb_dst_drop(skb);
2955                                 rcu_read_unlock_bh();
2956                                 goto done;
2957                         }
2958                         skb_dst_drop(skb);
2959                 }
2960                 rcu_read_unlock_bh();
2961         }
2962
2963 done:
2964         cb->args[0] = h;
2965         cb->args[1] = idx;
2966         return skb->len;
2967 }
2968
2969 void ip_rt_multicast_event(struct in_device *in_dev)
2970 {
2971         rt_cache_flush(dev_net(in_dev->dev), 0);
2972 }
2973
2974 #ifdef CONFIG_SYSCTL
2975 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
2976                                         void __user *buffer,
2977                                         size_t *lenp, loff_t *ppos)
2978 {
2979         if (write) {
2980                 int flush_delay;
2981                 ctl_table ctl;
2982                 struct net *net;
2983
2984                 memcpy(&ctl, __ctl, sizeof(ctl));
2985                 ctl.data = &flush_delay;
2986                 proc_dointvec(&ctl, write, buffer, lenp, ppos);
2987
2988                 net = (struct net *)__ctl->extra1;
2989                 rt_cache_flush(net, flush_delay);
2990                 return 0;
2991         }
2992
2993         return -EINVAL;
2994 }
2995
2996 static ctl_table ipv4_route_table[] = {
2997         {
2998                 .procname       = "gc_thresh",
2999                 .data           = &ipv4_dst_ops.gc_thresh,
3000                 .maxlen         = sizeof(int),
3001                 .mode           = 0644,
3002                 .proc_handler   = proc_dointvec,
3003         },
3004         {
3005                 .procname       = "max_size",
3006                 .data           = &ip_rt_max_size,
3007                 .maxlen         = sizeof(int),
3008                 .mode           = 0644,
3009                 .proc_handler   = proc_dointvec,
3010         },
3011         {
3012                 /*  Deprecated. Use gc_min_interval_ms */
3013
3014                 .procname       = "gc_min_interval",
3015                 .data           = &ip_rt_gc_min_interval,
3016                 .maxlen         = sizeof(int),
3017                 .mode           = 0644,
3018                 .proc_handler   = proc_dointvec_jiffies,
3019         },
3020         {
3021                 .procname       = "gc_min_interval_ms",
3022                 .data           = &ip_rt_gc_min_interval,
3023                 .maxlen         = sizeof(int),
3024                 .mode           = 0644,
3025                 .proc_handler   = proc_dointvec_ms_jiffies,
3026         },
3027         {
3028                 .procname       = "gc_timeout",
3029                 .data           = &ip_rt_gc_timeout,
3030                 .maxlen         = sizeof(int),
3031                 .mode           = 0644,
3032                 .proc_handler   = proc_dointvec_jiffies,
3033         },
3034         {
3035                 .procname       = "gc_interval",
3036                 .data           = &ip_rt_gc_interval,
3037                 .maxlen         = sizeof(int),
3038                 .mode           = 0644,
3039                 .proc_handler   = proc_dointvec_jiffies,
3040         },
3041         {
3042                 .procname       = "redirect_load",
3043                 .data           = &ip_rt_redirect_load,
3044                 .maxlen         = sizeof(int),
3045                 .mode           = 0644,
3046                 .proc_handler   = proc_dointvec,
3047         },
3048         {
3049                 .procname       = "redirect_number",
3050                 .data           = &ip_rt_redirect_number,
3051                 .maxlen         = sizeof(int),
3052                 .mode           = 0644,
3053                 .proc_handler   = proc_dointvec,
3054         },
3055         {
3056                 .procname       = "redirect_silence",
3057                 .data           = &ip_rt_redirect_silence,
3058                 .maxlen         = sizeof(int),
3059                 .mode           = 0644,
3060                 .proc_handler   = proc_dointvec,
3061         },
3062         {
3063                 .procname       = "error_cost",
3064                 .data           = &ip_rt_error_cost,
3065                 .maxlen         = sizeof(int),
3066                 .mode           = 0644,
3067                 .proc_handler   = proc_dointvec,
3068         },
3069         {
3070                 .procname       = "error_burst",
3071                 .data           = &ip_rt_error_burst,
3072                 .maxlen         = sizeof(int),
3073                 .mode           = 0644,
3074                 .proc_handler   = proc_dointvec,
3075         },
3076         {
3077                 .procname       = "gc_elasticity",
3078                 .data           = &ip_rt_gc_elasticity,
3079                 .maxlen         = sizeof(int),
3080                 .mode           = 0644,
3081                 .proc_handler   = proc_dointvec,
3082         },
3083         {
3084                 .procname       = "mtu_expires",
3085                 .data           = &ip_rt_mtu_expires,
3086                 .maxlen         = sizeof(int),
3087                 .mode           = 0644,
3088                 .proc_handler   = proc_dointvec_jiffies,
3089         },
3090         {
3091                 .procname       = "min_pmtu",
3092                 .data           = &ip_rt_min_pmtu,
3093                 .maxlen         = sizeof(int),
3094                 .mode           = 0644,
3095                 .proc_handler   = proc_dointvec,
3096         },
3097         {
3098                 .procname       = "min_adv_mss",
3099                 .data           = &ip_rt_min_advmss,
3100                 .maxlen         = sizeof(int),
3101                 .mode           = 0644,
3102                 .proc_handler   = proc_dointvec,
3103         },
3104         { }
3105 };
3106
3107 static struct ctl_table ipv4_route_flush_table[] = {
3108         {
3109                 .procname       = "flush",
3110                 .maxlen         = sizeof(int),
3111                 .mode           = 0200,
3112                 .proc_handler   = ipv4_sysctl_rtcache_flush,
3113         },
3114         { },
3115 };
3116
3117 static __net_init int sysctl_route_net_init(struct net *net)
3118 {
3119         struct ctl_table *tbl;
3120
3121         tbl = ipv4_route_flush_table;
3122         if (!net_eq(net, &init_net)) {
3123                 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
3124                 if (tbl == NULL)
3125                         goto err_dup;
3126         }
3127         tbl[0].extra1 = net;
3128
3129         net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
3130         if (net->ipv4.route_hdr == NULL)
3131                 goto err_reg;
3132         return 0;
3133
3134 err_reg:
3135         if (tbl != ipv4_route_flush_table)
3136                 kfree(tbl);
3137 err_dup:
3138         return -ENOMEM;
3139 }
3140
3141 static __net_exit void sysctl_route_net_exit(struct net *net)
3142 {
3143         struct ctl_table *tbl;
3144
3145         tbl = net->ipv4.route_hdr->ctl_table_arg;
3146         unregister_net_sysctl_table(net->ipv4.route_hdr);
3147         BUG_ON(tbl == ipv4_route_flush_table);
3148         kfree(tbl);
3149 }
3150
3151 static __net_initdata struct pernet_operations sysctl_route_ops = {
3152         .init = sysctl_route_net_init,
3153         .exit = sysctl_route_net_exit,
3154 };
3155 #endif
3156
3157 static __net_init int rt_genid_init(struct net *net)
3158 {
3159         get_random_bytes(&net->ipv4.rt_genid,
3160                          sizeof(net->ipv4.rt_genid));
3161         get_random_bytes(&net->ipv4.dev_addr_genid,
3162                          sizeof(net->ipv4.dev_addr_genid));
3163         return 0;
3164 }
3165
3166 static __net_initdata struct pernet_operations rt_genid_ops = {
3167         .init = rt_genid_init,
3168 };
3169
3170 static int __net_init ipv4_inetpeer_init(struct net *net)
3171 {
3172         struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
3173
3174         if (!bp)
3175                 return -ENOMEM;
3176         inet_peer_base_init(bp);
3177         net->ipv4.peers = bp;
3178         return 0;
3179 }
3180
3181 static void __net_exit ipv4_inetpeer_exit(struct net *net)
3182 {
3183         struct inet_peer_base *bp = net->ipv4.peers;
3184
3185         net->ipv4.peers = NULL;
3186         inetpeer_invalidate_tree(bp);
3187         kfree(bp);
3188 }
3189
3190 static __net_initdata struct pernet_operations ipv4_inetpeer_ops = {
3191         .init   =       ipv4_inetpeer_init,
3192         .exit   =       ipv4_inetpeer_exit,
3193 };
3194
3195 #ifdef CONFIG_IP_ROUTE_CLASSID
3196 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
3197 #endif /* CONFIG_IP_ROUTE_CLASSID */
3198
3199 static __initdata unsigned long rhash_entries;
3200 static int __init set_rhash_entries(char *str)
3201 {
3202         ssize_t ret;
3203
3204         if (!str)
3205                 return 0;
3206
3207         ret = kstrtoul(str, 0, &rhash_entries);
3208         if (ret)
3209                 return 0;
3210
3211         return 1;
3212 }
3213 __setup("rhash_entries=", set_rhash_entries);
3214
3215 int __init ip_rt_init(void)
3216 {
3217         int rc = 0;
3218
3219 #ifdef CONFIG_IP_ROUTE_CLASSID
3220         ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
3221         if (!ip_rt_acct)
3222                 panic("IP: failed to allocate ip_rt_acct\n");
3223 #endif
3224
3225         ipv4_dst_ops.kmem_cachep =
3226                 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
3227                                   SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
3228
3229         ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
3230
3231         if (dst_entries_init(&ipv4_dst_ops) < 0)
3232                 panic("IP: failed to allocate ipv4_dst_ops counter\n");
3233
3234         if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
3235                 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
3236
3237         rt_hash_table = (struct rt_hash_bucket *)
3238                 alloc_large_system_hash("IP route cache",
3239                                         sizeof(struct rt_hash_bucket),
3240                                         rhash_entries,
3241                                         (totalram_pages >= 128 * 1024) ?
3242                                         15 : 17,
3243                                         0,
3244                                         &rt_hash_log,
3245                                         &rt_hash_mask,
3246                                         0,
3247                                         rhash_entries ? 0 : 512 * 1024);
3248         memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
3249         rt_hash_lock_init();
3250
3251         ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
3252         ip_rt_max_size = (rt_hash_mask + 1) * 16;
3253
3254         devinet_init();
3255         ip_fib_init();
3256
3257         INIT_DELAYED_WORK_DEFERRABLE(&expires_work, rt_worker_func);
3258         expires_ljiffies = jiffies;
3259         schedule_delayed_work(&expires_work,
3260                 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3261
3262         if (ip_rt_proc_init())
3263                 pr_err("Unable to create route proc files\n");
3264 #ifdef CONFIG_XFRM
3265         xfrm_init();
3266         xfrm4_init(ip_rt_max_size);
3267 #endif
3268         rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL, NULL);
3269
3270 #ifdef CONFIG_SYSCTL
3271         register_pernet_subsys(&sysctl_route_ops);
3272 #endif
3273         register_pernet_subsys(&rt_genid_ops);
3274         register_pernet_subsys(&ipv4_inetpeer_ops);
3275         return rc;
3276 }
3277
3278 #ifdef CONFIG_SYSCTL
3279 /*
3280  * We really need to sanitize the damn ipv4 init order, then all
3281  * this nonsense will go away.
3282  */
3283 void __init ip_static_sysctl_init(void)
3284 {
3285         register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);
3286 }
3287 #endif