2 * INET An implementation of the TCP/IP protocol suite for the LINUX
3 * operating system. INET is implemented using the BSD Socket
4 * interface as the means of communication with the user level.
6 * ROUTE - implementation of the IP router.
9 * Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
10 * Alan Cox, <gw4pts@gw4pts.ampr.org>
11 * Linus Torvalds, <Linus.Torvalds@helsinki.fi>
12 * Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
15 * Alan Cox : Verify area fixes.
16 * Alan Cox : cli() protects routing changes
17 * Rui Oliveira : ICMP routing table updates
18 * (rco@di.uminho.pt) Routing table insertion and update
19 * Linus Torvalds : Rewrote bits to be sensible
20 * Alan Cox : Added BSD route gw semantics
21 * Alan Cox : Super /proc >4K
22 * Alan Cox : MTU in route table
23 * Alan Cox : MSS actually. Also added the window
25 * Sam Lantinga : Fixed route matching in rt_del()
26 * Alan Cox : Routing cache support.
27 * Alan Cox : Removed compatibility cruft.
28 * Alan Cox : RTF_REJECT support.
29 * Alan Cox : TCP irtt support.
30 * Jonathan Naylor : Added Metric support.
31 * Miquel van Smoorenburg : BSD API fixes.
32 * Miquel van Smoorenburg : Metrics.
33 * Alan Cox : Use __u32 properly
34 * Alan Cox : Aligned routing errors more closely with BSD
35 * our system is still very different.
36 * Alan Cox : Faster /proc handling
37 * Alexey Kuznetsov : Massive rework to support tree based routing,
38 * routing caches and better behaviour.
40 * Olaf Erb : irtt wasn't being copied right.
41 * Bjorn Ekwall : Kerneld route support.
42 * Alan Cox : Multicast fixed (I hope)
43 * Pavel Krauz : Limited broadcast fixed
44 * Mike McLagan : Routing by source
45 * Alexey Kuznetsov : End of old history. Split to fib.c and
46 * route.c and rewritten from scratch.
47 * Andi Kleen : Load-limit warning messages.
48 * Vitaly E. Lavrov : Transparent proxy revived after year coma.
49 * Vitaly E. Lavrov : Race condition in ip_route_input_slow.
50 * Tobias Ringstrom : Uninitialized res.type in ip_route_output_slow.
51 * Vladimir V. Ivanov : IP rule info (flowid) is really useful.
52 * Marc Boucher : routing by fwmark
53 * Robert Olsson : Added rt_cache statistics
54 * Arnaldo C. Melo : Convert proc stuff to seq_file
55 * Eric Dumazet : hashed spinlocks and rt_check_expire() fixes.
56 * Ilia Sotnikov : Ignore TOS on PMTUD and Redirect
57 * Ilia Sotnikov : Removed TOS from hash calculations
59 * This program is free software; you can redistribute it and/or
60 * modify it under the terms of the GNU General Public License
61 * as published by the Free Software Foundation; either version
62 * 2 of the License, or (at your option) any later version.
65 #include <linux/module.h>
66 #include <asm/uaccess.h>
67 #include <asm/system.h>
68 #include <linux/bitops.h>
69 #include <linux/types.h>
70 #include <linux/kernel.h>
72 #include <linux/bootmem.h>
73 #include <linux/string.h>
74 #include <linux/socket.h>
75 #include <linux/sockios.h>
76 #include <linux/errno.h>
78 #include <linux/inet.h>
79 #include <linux/netdevice.h>
80 #include <linux/proc_fs.h>
81 #include <linux/init.h>
82 #include <linux/workqueue.h>
83 #include <linux/skbuff.h>
84 #include <linux/inetdevice.h>
85 #include <linux/igmp.h>
86 #include <linux/pkt_sched.h>
87 #include <linux/mroute.h>
88 #include <linux/netfilter_ipv4.h>
89 #include <linux/random.h>
90 #include <linux/jhash.h>
91 #include <linux/rcupdate.h>
92 #include <linux/times.h>
93 #include <linux/slab.h>
95 #include <net/net_namespace.h>
96 #include <net/protocol.h>
98 #include <net/route.h>
99 #include <net/inetpeer.h>
100 #include <net/sock.h>
101 #include <net/ip_fib.h>
104 #include <net/icmp.h>
105 #include <net/xfrm.h>
106 #include <net/netevent.h>
107 #include <net/rtnetlink.h>
109 #include <linux/sysctl.h>
112 #define RT_FL_TOS(oldflp) \
113 ((u32)(oldflp->fl4_tos & (IPTOS_RT_MASK | RTO_ONLINK)))
115 #define IP_MAX_MTU 0xFFF0
117 #define RT_GC_TIMEOUT (300*HZ)
119 static int ip_rt_max_size;
120 static int ip_rt_gc_timeout __read_mostly = RT_GC_TIMEOUT;
121 static int ip_rt_gc_interval __read_mostly = 60 * HZ;
122 static int ip_rt_gc_min_interval __read_mostly = HZ / 2;
123 static int ip_rt_redirect_number __read_mostly = 9;
124 static int ip_rt_redirect_load __read_mostly = HZ / 50;
125 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
126 static int ip_rt_error_cost __read_mostly = HZ;
127 static int ip_rt_error_burst __read_mostly = 5 * HZ;
128 static int ip_rt_gc_elasticity __read_mostly = 8;
129 static int ip_rt_mtu_expires __read_mostly = 10 * 60 * HZ;
130 static int ip_rt_min_pmtu __read_mostly = 512 + 20 + 20;
131 static int ip_rt_min_advmss __read_mostly = 256;
132 static int rt_chain_length_max __read_mostly = 20;
134 static struct delayed_work expires_work;
135 static unsigned long expires_ljiffies;
138 * Interface to generic destination cache.
141 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
142 static unsigned int ipv4_default_advmss(const struct dst_entry *dst);
143 static unsigned int ipv4_default_mtu(const struct dst_entry *dst);
144 static void ipv4_dst_destroy(struct dst_entry *dst);
145 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
146 static void ipv4_link_failure(struct sk_buff *skb);
147 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu);
148 static int rt_garbage_collect(struct dst_ops *ops);
150 static void ipv4_dst_ifdown(struct dst_entry *dst, struct net_device *dev,
155 static struct dst_ops ipv4_dst_ops = {
157 .protocol = cpu_to_be16(ETH_P_IP),
158 .gc = rt_garbage_collect,
159 .check = ipv4_dst_check,
160 .default_advmss = ipv4_default_advmss,
161 .default_mtu = ipv4_default_mtu,
162 .destroy = ipv4_dst_destroy,
163 .ifdown = ipv4_dst_ifdown,
164 .negative_advice = ipv4_negative_advice,
165 .link_failure = ipv4_link_failure,
166 .update_pmtu = ip_rt_update_pmtu,
167 .local_out = __ip_local_out,
170 #define ECN_OR_COST(class) TC_PRIO_##class
172 const __u8 ip_tos2prio[16] = {
176 ECN_OR_COST(BESTEFFORT),
182 ECN_OR_COST(INTERACTIVE),
184 ECN_OR_COST(INTERACTIVE),
185 TC_PRIO_INTERACTIVE_BULK,
186 ECN_OR_COST(INTERACTIVE_BULK),
187 TC_PRIO_INTERACTIVE_BULK,
188 ECN_OR_COST(INTERACTIVE_BULK)
196 /* The locking scheme is rather straight forward:
198 * 1) Read-Copy Update protects the buckets of the central route hash.
199 * 2) Only writers remove entries, and they hold the lock
200 * as they look at rtable reference counts.
201 * 3) Only readers acquire references to rtable entries,
202 * they do so with atomic increments and with the
206 struct rt_hash_bucket {
207 struct rtable __rcu *chain;
210 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_SPINLOCK) || \
211 defined(CONFIG_PROVE_LOCKING)
213 * Instead of using one spinlock for each rt_hash_bucket, we use a table of spinlocks
214 * The size of this table is a power of two and depends on the number of CPUS.
215 * (on lockdep we have a quite big spinlock_t, so keep the size down there)
217 #ifdef CONFIG_LOCKDEP
218 # define RT_HASH_LOCK_SZ 256
221 # define RT_HASH_LOCK_SZ 4096
223 # define RT_HASH_LOCK_SZ 2048
225 # define RT_HASH_LOCK_SZ 1024
227 # define RT_HASH_LOCK_SZ 512
229 # define RT_HASH_LOCK_SZ 256
233 static spinlock_t *rt_hash_locks;
234 # define rt_hash_lock_addr(slot) &rt_hash_locks[(slot) & (RT_HASH_LOCK_SZ - 1)]
236 static __init void rt_hash_lock_init(void)
240 rt_hash_locks = kmalloc(sizeof(spinlock_t) * RT_HASH_LOCK_SZ,
243 panic("IP: failed to allocate rt_hash_locks\n");
245 for (i = 0; i < RT_HASH_LOCK_SZ; i++)
246 spin_lock_init(&rt_hash_locks[i]);
249 # define rt_hash_lock_addr(slot) NULL
251 static inline void rt_hash_lock_init(void)
256 static struct rt_hash_bucket *rt_hash_table __read_mostly;
257 static unsigned rt_hash_mask __read_mostly;
258 static unsigned int rt_hash_log __read_mostly;
260 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
261 #define RT_CACHE_STAT_INC(field) __this_cpu_inc(rt_cache_stat.field)
263 static inline unsigned int rt_hash(__be32 daddr, __be32 saddr, int idx,
266 return jhash_3words((__force u32)daddr, (__force u32)saddr,
271 static inline int rt_genid(struct net *net)
273 return atomic_read(&net->ipv4.rt_genid);
276 #ifdef CONFIG_PROC_FS
277 struct rt_cache_iter_state {
278 struct seq_net_private p;
283 static struct rtable *rt_cache_get_first(struct seq_file *seq)
285 struct rt_cache_iter_state *st = seq->private;
286 struct rtable *r = NULL;
288 for (st->bucket = rt_hash_mask; st->bucket >= 0; --st->bucket) {
289 if (!rcu_dereference_raw(rt_hash_table[st->bucket].chain))
292 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
294 if (dev_net(r->dst.dev) == seq_file_net(seq) &&
295 r->rt_genid == st->genid)
297 r = rcu_dereference_bh(r->dst.rt_next);
299 rcu_read_unlock_bh();
304 static struct rtable *__rt_cache_get_next(struct seq_file *seq,
307 struct rt_cache_iter_state *st = seq->private;
309 r = rcu_dereference_bh(r->dst.rt_next);
311 rcu_read_unlock_bh();
313 if (--st->bucket < 0)
315 } while (!rcu_dereference_raw(rt_hash_table[st->bucket].chain));
317 r = rcu_dereference_bh(rt_hash_table[st->bucket].chain);
322 static struct rtable *rt_cache_get_next(struct seq_file *seq,
325 struct rt_cache_iter_state *st = seq->private;
326 while ((r = __rt_cache_get_next(seq, r)) != NULL) {
327 if (dev_net(r->dst.dev) != seq_file_net(seq))
329 if (r->rt_genid == st->genid)
335 static struct rtable *rt_cache_get_idx(struct seq_file *seq, loff_t pos)
337 struct rtable *r = rt_cache_get_first(seq);
340 while (pos && (r = rt_cache_get_next(seq, r)))
342 return pos ? NULL : r;
345 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
347 struct rt_cache_iter_state *st = seq->private;
349 return rt_cache_get_idx(seq, *pos - 1);
350 st->genid = rt_genid(seq_file_net(seq));
351 return SEQ_START_TOKEN;
354 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
358 if (v == SEQ_START_TOKEN)
359 r = rt_cache_get_first(seq);
361 r = rt_cache_get_next(seq, v);
366 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
368 if (v && v != SEQ_START_TOKEN)
369 rcu_read_unlock_bh();
372 static int rt_cache_seq_show(struct seq_file *seq, void *v)
374 if (v == SEQ_START_TOKEN)
375 seq_printf(seq, "%-127s\n",
376 "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
377 "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
380 struct rtable *r = v;
383 seq_printf(seq, "%s\t%08X\t%08X\t%8X\t%d\t%u\t%d\t"
384 "%08X\t%d\t%u\t%u\t%02X\t%d\t%1d\t%08X%n",
385 r->dst.dev ? r->dst.dev->name : "*",
386 (__force u32)r->rt_dst,
387 (__force u32)r->rt_gateway,
388 r->rt_flags, atomic_read(&r->dst.__refcnt),
389 r->dst.__use, 0, (__force u32)r->rt_src,
390 dst_metric_advmss(&r->dst) + 40,
391 dst_metric(&r->dst, RTAX_WINDOW),
392 (int)((dst_metric(&r->dst, RTAX_RTT) >> 3) +
393 dst_metric(&r->dst, RTAX_RTTVAR)),
395 r->dst.hh ? atomic_read(&r->dst.hh->hh_refcnt) : -1,
396 r->dst.hh ? (r->dst.hh->hh_output ==
398 r->rt_spec_dst, &len);
400 seq_printf(seq, "%*s\n", 127 - len, "");
405 static const struct seq_operations rt_cache_seq_ops = {
406 .start = rt_cache_seq_start,
407 .next = rt_cache_seq_next,
408 .stop = rt_cache_seq_stop,
409 .show = rt_cache_seq_show,
412 static int rt_cache_seq_open(struct inode *inode, struct file *file)
414 return seq_open_net(inode, file, &rt_cache_seq_ops,
415 sizeof(struct rt_cache_iter_state));
418 static const struct file_operations rt_cache_seq_fops = {
419 .owner = THIS_MODULE,
420 .open = rt_cache_seq_open,
423 .release = seq_release_net,
427 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
432 return SEQ_START_TOKEN;
434 for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
435 if (!cpu_possible(cpu))
438 return &per_cpu(rt_cache_stat, cpu);
443 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
447 for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
448 if (!cpu_possible(cpu))
451 return &per_cpu(rt_cache_stat, cpu);
457 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
462 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
464 struct rt_cache_stat *st = v;
466 if (v == SEQ_START_TOKEN) {
467 seq_printf(seq, "entries in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src out_hit out_slow_tot out_slow_mc gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
471 seq_printf(seq,"%08x %08x %08x %08x %08x %08x %08x %08x "
472 " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
473 dst_entries_get_slow(&ipv4_dst_ops),
496 static const struct seq_operations rt_cpu_seq_ops = {
497 .start = rt_cpu_seq_start,
498 .next = rt_cpu_seq_next,
499 .stop = rt_cpu_seq_stop,
500 .show = rt_cpu_seq_show,
504 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
506 return seq_open(file, &rt_cpu_seq_ops);
509 static const struct file_operations rt_cpu_seq_fops = {
510 .owner = THIS_MODULE,
511 .open = rt_cpu_seq_open,
514 .release = seq_release,
517 #ifdef CONFIG_NET_CLS_ROUTE
518 static int rt_acct_proc_show(struct seq_file *m, void *v)
520 struct ip_rt_acct *dst, *src;
523 dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
527 for_each_possible_cpu(i) {
528 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
529 for (j = 0; j < 256; j++) {
530 dst[j].o_bytes += src[j].o_bytes;
531 dst[j].o_packets += src[j].o_packets;
532 dst[j].i_bytes += src[j].i_bytes;
533 dst[j].i_packets += src[j].i_packets;
537 seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
542 static int rt_acct_proc_open(struct inode *inode, struct file *file)
544 return single_open(file, rt_acct_proc_show, NULL);
547 static const struct file_operations rt_acct_proc_fops = {
548 .owner = THIS_MODULE,
549 .open = rt_acct_proc_open,
552 .release = single_release,
556 static int __net_init ip_rt_do_proc_init(struct net *net)
558 struct proc_dir_entry *pde;
560 pde = proc_net_fops_create(net, "rt_cache", S_IRUGO,
565 pde = proc_create("rt_cache", S_IRUGO,
566 net->proc_net_stat, &rt_cpu_seq_fops);
570 #ifdef CONFIG_NET_CLS_ROUTE
571 pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
577 #ifdef CONFIG_NET_CLS_ROUTE
579 remove_proc_entry("rt_cache", net->proc_net_stat);
582 remove_proc_entry("rt_cache", net->proc_net);
587 static void __net_exit ip_rt_do_proc_exit(struct net *net)
589 remove_proc_entry("rt_cache", net->proc_net_stat);
590 remove_proc_entry("rt_cache", net->proc_net);
591 #ifdef CONFIG_NET_CLS_ROUTE
592 remove_proc_entry("rt_acct", net->proc_net);
596 static struct pernet_operations ip_rt_proc_ops __net_initdata = {
597 .init = ip_rt_do_proc_init,
598 .exit = ip_rt_do_proc_exit,
601 static int __init ip_rt_proc_init(void)
603 return register_pernet_subsys(&ip_rt_proc_ops);
607 static inline int ip_rt_proc_init(void)
611 #endif /* CONFIG_PROC_FS */
613 static inline void rt_free(struct rtable *rt)
615 call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
618 static inline void rt_drop(struct rtable *rt)
621 call_rcu_bh(&rt->dst.rcu_head, dst_rcu_free);
624 static inline int rt_fast_clean(struct rtable *rth)
626 /* Kill broadcast/multicast entries very aggresively, if they
627 collide in hash table with more useful entries */
628 return (rth->rt_flags & (RTCF_BROADCAST | RTCF_MULTICAST)) &&
629 rt_is_input_route(rth) && rth->dst.rt_next;
632 static inline int rt_valuable(struct rtable *rth)
634 return (rth->rt_flags & (RTCF_REDIRECTED | RTCF_NOTIFY)) ||
638 static int rt_may_expire(struct rtable *rth, unsigned long tmo1, unsigned long tmo2)
643 if (atomic_read(&rth->dst.__refcnt))
647 if (rth->dst.expires &&
648 time_after_eq(jiffies, rth->dst.expires))
651 age = jiffies - rth->dst.lastuse;
653 if ((age <= tmo1 && !rt_fast_clean(rth)) ||
654 (age <= tmo2 && rt_valuable(rth)))
660 /* Bits of score are:
662 * 30: not quite useless
663 * 29..0: usage counter
665 static inline u32 rt_score(struct rtable *rt)
667 u32 score = jiffies - rt->dst.lastuse;
669 score = ~score & ~(3<<30);
674 if (rt_is_output_route(rt) ||
675 !(rt->rt_flags & (RTCF_BROADCAST|RTCF_MULTICAST|RTCF_LOCAL)))
681 static inline bool rt_caching(const struct net *net)
683 return net->ipv4.current_rt_cache_rebuild_count <=
684 net->ipv4.sysctl_rt_cache_rebuild_count;
687 static inline bool compare_hash_inputs(const struct flowi *fl1,
688 const struct flowi *fl2)
690 return ((((__force u32)fl1->fl4_dst ^ (__force u32)fl2->fl4_dst) |
691 ((__force u32)fl1->fl4_src ^ (__force u32)fl2->fl4_src) |
692 (fl1->iif ^ fl2->iif)) == 0);
695 static inline int compare_keys(struct flowi *fl1, struct flowi *fl2)
697 return (((__force u32)fl1->fl4_dst ^ (__force u32)fl2->fl4_dst) |
698 ((__force u32)fl1->fl4_src ^ (__force u32)fl2->fl4_src) |
699 (fl1->mark ^ fl2->mark) |
700 (*(u16 *)&fl1->fl4_tos ^ *(u16 *)&fl2->fl4_tos) |
701 (fl1->oif ^ fl2->oif) |
702 (fl1->iif ^ fl2->iif)) == 0;
705 static inline int compare_netns(struct rtable *rt1, struct rtable *rt2)
707 return net_eq(dev_net(rt1->dst.dev), dev_net(rt2->dst.dev));
710 static inline int rt_is_expired(struct rtable *rth)
712 return rth->rt_genid != rt_genid(dev_net(rth->dst.dev));
716 * Perform a full scan of hash table and free all entries.
717 * Can be called by a softirq or a process.
718 * In the later case, we want to be reschedule if necessary
720 static void rt_do_flush(struct net *net, int process_context)
723 struct rtable *rth, *next;
725 for (i = 0; i <= rt_hash_mask; i++) {
726 struct rtable __rcu **pprev;
729 if (process_context && need_resched())
731 rth = rcu_dereference_raw(rt_hash_table[i].chain);
735 spin_lock_bh(rt_hash_lock_addr(i));
738 pprev = &rt_hash_table[i].chain;
739 rth = rcu_dereference_protected(*pprev,
740 lockdep_is_held(rt_hash_lock_addr(i)));
743 next = rcu_dereference_protected(rth->dst.rt_next,
744 lockdep_is_held(rt_hash_lock_addr(i)));
747 net_eq(dev_net(rth->dst.dev), net)) {
748 rcu_assign_pointer(*pprev, next);
749 rcu_assign_pointer(rth->dst.rt_next, list);
752 pprev = &rth->dst.rt_next;
757 spin_unlock_bh(rt_hash_lock_addr(i));
759 for (; list; list = next) {
760 next = rcu_dereference_protected(list->dst.rt_next, 1);
767 * While freeing expired entries, we compute average chain length
768 * and standard deviation, using fixed-point arithmetic.
769 * This to have an estimation of rt_chain_length_max
770 * rt_chain_length_max = max(elasticity, AVG + 4*SD)
771 * We use 3 bits for frational part, and 29 (or 61) for magnitude.
775 #define ONE (1UL << FRACT_BITS)
778 * Given a hash chain and an item in this hash chain,
779 * find if a previous entry has the same hash_inputs
780 * (but differs on tos, mark or oif)
781 * Returns 0 if an alias is found.
782 * Returns ONE if rth has no alias before itself.
784 static int has_noalias(const struct rtable *head, const struct rtable *rth)
786 const struct rtable *aux = head;
789 if (compare_hash_inputs(&aux->fl, &rth->fl))
791 aux = rcu_dereference_protected(aux->dst.rt_next, 1);
796 static void rt_check_expire(void)
798 static unsigned int rover;
799 unsigned int i = rover, goal;
801 struct rtable __rcu **rthp;
802 unsigned long samples = 0;
803 unsigned long sum = 0, sum2 = 0;
807 delta = jiffies - expires_ljiffies;
808 expires_ljiffies = jiffies;
809 mult = ((u64)delta) << rt_hash_log;
810 if (ip_rt_gc_timeout > 1)
811 do_div(mult, ip_rt_gc_timeout);
812 goal = (unsigned int)mult;
813 if (goal > rt_hash_mask)
814 goal = rt_hash_mask + 1;
815 for (; goal > 0; goal--) {
816 unsigned long tmo = ip_rt_gc_timeout;
817 unsigned long length;
819 i = (i + 1) & rt_hash_mask;
820 rthp = &rt_hash_table[i].chain;
827 if (rcu_dereference_raw(*rthp) == NULL)
830 spin_lock_bh(rt_hash_lock_addr(i));
831 while ((rth = rcu_dereference_protected(*rthp,
832 lockdep_is_held(rt_hash_lock_addr(i)))) != NULL) {
833 prefetch(rth->dst.rt_next);
834 if (rt_is_expired(rth)) {
835 *rthp = rth->dst.rt_next;
839 if (rth->dst.expires) {
840 /* Entry is expired even if it is in use */
841 if (time_before_eq(jiffies, rth->dst.expires)) {
844 rthp = &rth->dst.rt_next;
846 * We only count entries on
847 * a chain with equal hash inputs once
848 * so that entries for different QOS
849 * levels, and other non-hash input
850 * attributes don't unfairly skew
851 * the length computation
853 length += has_noalias(rt_hash_table[i].chain, rth);
856 } else if (!rt_may_expire(rth, tmo, ip_rt_gc_timeout))
859 /* Cleanup aged off entries. */
860 *rthp = rth->dst.rt_next;
863 spin_unlock_bh(rt_hash_lock_addr(i));
865 sum2 += length*length;
868 unsigned long avg = sum / samples;
869 unsigned long sd = int_sqrt(sum2 / samples - avg*avg);
870 rt_chain_length_max = max_t(unsigned long,
872 (avg + 4*sd) >> FRACT_BITS);
878 * rt_worker_func() is run in process context.
879 * we call rt_check_expire() to scan part of the hash table
881 static void rt_worker_func(struct work_struct *work)
884 schedule_delayed_work(&expires_work, ip_rt_gc_interval);
888 * Pertubation of rt_genid by a small quantity [1..256]
889 * Using 8 bits of shuffling ensure we can call rt_cache_invalidate()
890 * many times (2^24) without giving recent rt_genid.
891 * Jenkins hash is strong enough that litle changes of rt_genid are OK.
893 static void rt_cache_invalidate(struct net *net)
895 unsigned char shuffle;
897 get_random_bytes(&shuffle, sizeof(shuffle));
898 atomic_add(shuffle + 1U, &net->ipv4.rt_genid);
902 * delay < 0 : invalidate cache (fast : entries will be deleted later)
903 * delay >= 0 : invalidate & flush cache (can be long)
905 void rt_cache_flush(struct net *net, int delay)
907 rt_cache_invalidate(net);
909 rt_do_flush(net, !in_softirq());
912 /* Flush previous cache invalidated entries from the cache */
913 void rt_cache_flush_batch(struct net *net)
915 rt_do_flush(net, !in_softirq());
918 static void rt_emergency_hash_rebuild(struct net *net)
921 printk(KERN_WARNING "Route hash chain too long!\n");
922 rt_cache_invalidate(net);
926 Short description of GC goals.
928 We want to build algorithm, which will keep routing cache
929 at some equilibrium point, when number of aged off entries
930 is kept approximately equal to newly generated ones.
932 Current expiration strength is variable "expire".
933 We try to adjust it dynamically, so that if networking
934 is idle expires is large enough to keep enough of warm entries,
935 and when load increases it reduces to limit cache size.
938 static int rt_garbage_collect(struct dst_ops *ops)
940 static unsigned long expire = RT_GC_TIMEOUT;
941 static unsigned long last_gc;
943 static int equilibrium;
945 struct rtable __rcu **rthp;
946 unsigned long now = jiffies;
948 int entries = dst_entries_get_fast(&ipv4_dst_ops);
951 * Garbage collection is pretty expensive,
952 * do not make it too frequently.
955 RT_CACHE_STAT_INC(gc_total);
957 if (now - last_gc < ip_rt_gc_min_interval &&
958 entries < ip_rt_max_size) {
959 RT_CACHE_STAT_INC(gc_ignored);
963 entries = dst_entries_get_slow(&ipv4_dst_ops);
964 /* Calculate number of entries, which we want to expire now. */
965 goal = entries - (ip_rt_gc_elasticity << rt_hash_log);
967 if (equilibrium < ipv4_dst_ops.gc_thresh)
968 equilibrium = ipv4_dst_ops.gc_thresh;
969 goal = entries - equilibrium;
971 equilibrium += min_t(unsigned int, goal >> 1, rt_hash_mask + 1);
972 goal = entries - equilibrium;
975 /* We are in dangerous area. Try to reduce cache really
978 goal = max_t(unsigned int, goal >> 1, rt_hash_mask + 1);
979 equilibrium = entries - goal;
982 if (now - last_gc >= ip_rt_gc_min_interval)
993 for (i = rt_hash_mask, k = rover; i >= 0; i--) {
994 unsigned long tmo = expire;
996 k = (k + 1) & rt_hash_mask;
997 rthp = &rt_hash_table[k].chain;
998 spin_lock_bh(rt_hash_lock_addr(k));
999 while ((rth = rcu_dereference_protected(*rthp,
1000 lockdep_is_held(rt_hash_lock_addr(k)))) != NULL) {
1001 if (!rt_is_expired(rth) &&
1002 !rt_may_expire(rth, tmo, expire)) {
1004 rthp = &rth->dst.rt_next;
1007 *rthp = rth->dst.rt_next;
1011 spin_unlock_bh(rt_hash_lock_addr(k));
1020 /* Goal is not achieved. We stop process if:
1022 - if expire reduced to zero. Otherwise, expire is halfed.
1023 - if table is not full.
1024 - if we are called from interrupt.
1025 - jiffies check is just fallback/debug loop breaker.
1026 We will not spin here for long time in any case.
1029 RT_CACHE_STAT_INC(gc_goal_miss);
1035 #if RT_CACHE_DEBUG >= 2
1036 printk(KERN_DEBUG "expire>> %u %d %d %d\n", expire,
1037 dst_entries_get_fast(&ipv4_dst_ops), goal, i);
1040 if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1042 } while (!in_softirq() && time_before_eq(jiffies, now));
1044 if (dst_entries_get_fast(&ipv4_dst_ops) < ip_rt_max_size)
1046 if (dst_entries_get_slow(&ipv4_dst_ops) < ip_rt_max_size)
1048 if (net_ratelimit())
1049 printk(KERN_WARNING "dst cache overflow\n");
1050 RT_CACHE_STAT_INC(gc_dst_overflow);
1054 expire += ip_rt_gc_min_interval;
1055 if (expire > ip_rt_gc_timeout ||
1056 dst_entries_get_fast(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh ||
1057 dst_entries_get_slow(&ipv4_dst_ops) < ipv4_dst_ops.gc_thresh)
1058 expire = ip_rt_gc_timeout;
1059 #if RT_CACHE_DEBUG >= 2
1060 printk(KERN_DEBUG "expire++ %u %d %d %d\n", expire,
1061 dst_entries_get_fast(&ipv4_dst_ops), goal, rover);
1067 * Returns number of entries in a hash chain that have different hash_inputs
1069 static int slow_chain_length(const struct rtable *head)
1072 const struct rtable *rth = head;
1075 length += has_noalias(head, rth);
1076 rth = rcu_dereference_protected(rth->dst.rt_next, 1);
1078 return length >> FRACT_BITS;
1081 static int rt_intern_hash(unsigned hash, struct rtable *rt,
1082 struct rtable **rp, struct sk_buff *skb, int ifindex)
1084 struct rtable *rth, *cand;
1085 struct rtable __rcu **rthp, **candp;
1089 int attempts = !in_softirq();
1093 min_score = ~(u32)0;
1098 if (!rt_caching(dev_net(rt->dst.dev))) {
1100 * If we're not caching, just tell the caller we
1101 * were successful and don't touch the route. The
1102 * caller hold the sole reference to the cache entry, and
1103 * it will be released when the caller is done with it.
1104 * If we drop it here, the callers have no way to resolve routes
1105 * when we're not caching. Instead, just point *rp at rt, so
1106 * the caller gets a single use out of the route
1107 * Note that we do rt_free on this new route entry, so that
1108 * once its refcount hits zero, we are still able to reap it
1110 * Note: To avoid expensive rcu stuff for this uncached dst,
1111 * we set DST_NOCACHE so that dst_release() can free dst without
1112 * waiting a grace period.
1115 rt->dst.flags |= DST_NOCACHE;
1116 if (rt->rt_type == RTN_UNICAST || rt_is_output_route(rt)) {
1117 int err = arp_bind_neighbour(&rt->dst);
1119 if (net_ratelimit())
1121 "Neighbour table failure & not caching routes.\n");
1130 rthp = &rt_hash_table[hash].chain;
1132 spin_lock_bh(rt_hash_lock_addr(hash));
1133 while ((rth = rcu_dereference_protected(*rthp,
1134 lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1135 if (rt_is_expired(rth)) {
1136 *rthp = rth->dst.rt_next;
1140 if (compare_keys(&rth->fl, &rt->fl) && compare_netns(rth, rt)) {
1142 *rthp = rth->dst.rt_next;
1144 * Since lookup is lockfree, the deletion
1145 * must be visible to another weakly ordered CPU before
1146 * the insertion at the start of the hash chain.
1148 rcu_assign_pointer(rth->dst.rt_next,
1149 rt_hash_table[hash].chain);
1151 * Since lookup is lockfree, the update writes
1152 * must be ordered for consistency on SMP.
1154 rcu_assign_pointer(rt_hash_table[hash].chain, rth);
1156 dst_use(&rth->dst, now);
1157 spin_unlock_bh(rt_hash_lock_addr(hash));
1163 skb_dst_set(skb, &rth->dst);
1167 if (!atomic_read(&rth->dst.__refcnt)) {
1168 u32 score = rt_score(rth);
1170 if (score <= min_score) {
1179 rthp = &rth->dst.rt_next;
1183 /* ip_rt_gc_elasticity used to be average length of chain
1184 * length, when exceeded gc becomes really aggressive.
1186 * The second limit is less certain. At the moment it allows
1187 * only 2 entries per bucket. We will see.
1189 if (chain_length > ip_rt_gc_elasticity) {
1190 *candp = cand->dst.rt_next;
1194 if (chain_length > rt_chain_length_max &&
1195 slow_chain_length(rt_hash_table[hash].chain) > rt_chain_length_max) {
1196 struct net *net = dev_net(rt->dst.dev);
1197 int num = ++net->ipv4.current_rt_cache_rebuild_count;
1198 if (!rt_caching(net)) {
1199 printk(KERN_WARNING "%s: %d rebuilds is over limit, route caching disabled\n",
1200 rt->dst.dev->name, num);
1202 rt_emergency_hash_rebuild(net);
1203 spin_unlock_bh(rt_hash_lock_addr(hash));
1205 hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1206 ifindex, rt_genid(net));
1211 /* Try to bind route to arp only if it is output
1212 route or unicast forwarding path.
1214 if (rt->rt_type == RTN_UNICAST || rt_is_output_route(rt)) {
1215 int err = arp_bind_neighbour(&rt->dst);
1217 spin_unlock_bh(rt_hash_lock_addr(hash));
1219 if (err != -ENOBUFS) {
1224 /* Neighbour tables are full and nothing
1225 can be released. Try to shrink route cache,
1226 it is most likely it holds some neighbour records.
1228 if (attempts-- > 0) {
1229 int saved_elasticity = ip_rt_gc_elasticity;
1230 int saved_int = ip_rt_gc_min_interval;
1231 ip_rt_gc_elasticity = 1;
1232 ip_rt_gc_min_interval = 0;
1233 rt_garbage_collect(&ipv4_dst_ops);
1234 ip_rt_gc_min_interval = saved_int;
1235 ip_rt_gc_elasticity = saved_elasticity;
1239 if (net_ratelimit())
1240 printk(KERN_WARNING "ipv4: Neighbour table overflow.\n");
1246 rt->dst.rt_next = rt_hash_table[hash].chain;
1248 #if RT_CACHE_DEBUG >= 2
1249 if (rt->dst.rt_next) {
1251 printk(KERN_DEBUG "rt_cache @%02x: %pI4",
1253 for (trt = rt->dst.rt_next; trt; trt = trt->dst.rt_next)
1254 printk(" . %pI4", &trt->rt_dst);
1259 * Since lookup is lockfree, we must make sure
1260 * previous writes to rt are comitted to memory
1261 * before making rt visible to other CPUS.
1263 rcu_assign_pointer(rt_hash_table[hash].chain, rt);
1265 spin_unlock_bh(rt_hash_lock_addr(hash));
1271 skb_dst_set(skb, &rt->dst);
1275 void rt_bind_peer(struct rtable *rt, int create)
1277 struct inet_peer *peer;
1279 peer = inet_getpeer_v4(rt->rt_dst, create);
1281 if (peer && cmpxchg(&rt->peer, NULL, peer) != NULL)
1286 * Peer allocation may fail only in serious out-of-memory conditions. However
1287 * we still can generate some output.
1288 * Random ID selection looks a bit dangerous because we have no chances to
1289 * select ID being unique in a reasonable period of time.
1290 * But broken packet identifier may be better than no packet at all.
1292 static void ip_select_fb_ident(struct iphdr *iph)
1294 static DEFINE_SPINLOCK(ip_fb_id_lock);
1295 static u32 ip_fallback_id;
1298 spin_lock_bh(&ip_fb_id_lock);
1299 salt = secure_ip_id((__force __be32)ip_fallback_id ^ iph->daddr);
1300 iph->id = htons(salt & 0xFFFF);
1301 ip_fallback_id = salt;
1302 spin_unlock_bh(&ip_fb_id_lock);
1305 void __ip_select_ident(struct iphdr *iph, struct dst_entry *dst, int more)
1307 struct rtable *rt = (struct rtable *) dst;
1310 if (rt->peer == NULL)
1311 rt_bind_peer(rt, 1);
1313 /* If peer is attached to destination, it is never detached,
1314 so that we need not to grab a lock to dereference it.
1317 iph->id = htons(inet_getid(rt->peer, more));
1321 printk(KERN_DEBUG "rt_bind_peer(0) @%p\n",
1322 __builtin_return_address(0));
1324 ip_select_fb_ident(iph);
1326 EXPORT_SYMBOL(__ip_select_ident);
1328 static void rt_del(unsigned hash, struct rtable *rt)
1330 struct rtable __rcu **rthp;
1333 rthp = &rt_hash_table[hash].chain;
1334 spin_lock_bh(rt_hash_lock_addr(hash));
1336 while ((aux = rcu_dereference_protected(*rthp,
1337 lockdep_is_held(rt_hash_lock_addr(hash)))) != NULL) {
1338 if (aux == rt || rt_is_expired(aux)) {
1339 *rthp = aux->dst.rt_next;
1343 rthp = &aux->dst.rt_next;
1345 spin_unlock_bh(rt_hash_lock_addr(hash));
1348 /* called in rcu_read_lock() section */
1349 void ip_rt_redirect(__be32 old_gw, __be32 daddr, __be32 new_gw,
1350 __be32 saddr, struct net_device *dev)
1353 struct in_device *in_dev = __in_dev_get_rcu(dev);
1355 struct rtable __rcu **rthp;
1356 __be32 skeys[2] = { saddr, 0 };
1357 int ikeys[2] = { dev->ifindex, 0 };
1358 struct netevent_redirect netevent;
1365 if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
1366 ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
1367 ipv4_is_zeronet(new_gw))
1368 goto reject_redirect;
1370 if (!rt_caching(net))
1371 goto reject_redirect;
1373 if (!IN_DEV_SHARED_MEDIA(in_dev)) {
1374 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
1375 goto reject_redirect;
1376 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
1377 goto reject_redirect;
1379 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
1380 goto reject_redirect;
1383 for (i = 0; i < 2; i++) {
1384 for (k = 0; k < 2; k++) {
1385 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k],
1388 rthp = &rt_hash_table[hash].chain;
1390 while ((rth = rcu_dereference(*rthp)) != NULL) {
1393 if (rth->fl.fl4_dst != daddr ||
1394 rth->fl.fl4_src != skeys[i] ||
1395 rth->fl.oif != ikeys[k] ||
1396 rt_is_input_route(rth) ||
1397 rt_is_expired(rth) ||
1398 !net_eq(dev_net(rth->dst.dev), net)) {
1399 rthp = &rth->dst.rt_next;
1403 if (rth->rt_dst != daddr ||
1404 rth->rt_src != saddr ||
1406 rth->rt_gateway != old_gw ||
1407 rth->dst.dev != dev)
1410 dst_hold(&rth->dst);
1412 rt = dst_alloc(&ipv4_dst_ops);
1418 /* Copy all the information. */
1421 atomic_set(&rt->dst.__refcnt, 1);
1422 rt->dst.child = NULL;
1424 dev_hold(rt->dst.dev);
1425 rt->dst.obsolete = -1;
1426 rt->dst.lastuse = jiffies;
1427 rt->dst.path = &rt->dst;
1428 rt->dst.neighbour = NULL;
1431 rt->dst.xfrm = NULL;
1433 rt->rt_genid = rt_genid(net);
1434 rt->rt_flags |= RTCF_REDIRECTED;
1436 /* Gateway is different ... */
1437 rt->rt_gateway = new_gw;
1439 /* Redirect received -> path was valid */
1440 dst_confirm(&rth->dst);
1443 atomic_inc(&rt->peer->refcnt);
1445 if (arp_bind_neighbour(&rt->dst) ||
1446 !(rt->dst.neighbour->nud_state &
1448 if (rt->dst.neighbour)
1449 neigh_event_send(rt->dst.neighbour, NULL);
1455 netevent.old = &rth->dst;
1456 netevent.new = &rt->dst;
1457 call_netevent_notifiers(NETEVENT_REDIRECT,
1461 if (!rt_intern_hash(hash, rt, &rt, NULL, rt->fl.oif))
1472 #ifdef CONFIG_IP_ROUTE_VERBOSE
1473 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
1474 printk(KERN_INFO "Redirect from %pI4 on %s about %pI4 ignored.\n"
1475 " Advised path = %pI4 -> %pI4\n",
1476 &old_gw, dev->name, &new_gw,
1482 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
1484 struct rtable *rt = (struct rtable *)dst;
1485 struct dst_entry *ret = dst;
1488 if (dst->obsolete > 0) {
1491 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
1493 time_after_eq(jiffies, rt->dst.expires))) {
1494 unsigned hash = rt_hash(rt->fl.fl4_dst, rt->fl.fl4_src,
1496 rt_genid(dev_net(dst->dev)));
1497 #if RT_CACHE_DEBUG >= 1
1498 printk(KERN_DEBUG "ipv4_negative_advice: redirect to %pI4/%02x dropped\n",
1499 &rt->rt_dst, rt->fl.fl4_tos);
1510 * 1. The first ip_rt_redirect_number redirects are sent
1511 * with exponential backoff, then we stop sending them at all,
1512 * assuming that the host ignores our redirects.
1513 * 2. If we did not see packets requiring redirects
1514 * during ip_rt_redirect_silence, we assume that the host
1515 * forgot redirected route and start to send redirects again.
1517 * This algorithm is much cheaper and more intelligent than dumb load limiting
1520 * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
1521 * and "frag. need" (breaks PMTU discovery) in icmp.c.
1524 void ip_rt_send_redirect(struct sk_buff *skb)
1526 struct rtable *rt = skb_rtable(skb);
1527 struct in_device *in_dev;
1531 in_dev = __in_dev_get_rcu(rt->dst.dev);
1532 if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
1536 log_martians = IN_DEV_LOG_MARTIANS(in_dev);
1539 /* No redirected packets during ip_rt_redirect_silence;
1540 * reset the algorithm.
1542 if (time_after(jiffies, rt->dst.rate_last + ip_rt_redirect_silence))
1543 rt->dst.rate_tokens = 0;
1545 /* Too many ignored redirects; do not send anything
1546 * set dst.rate_last to the last seen redirected packet.
1548 if (rt->dst.rate_tokens >= ip_rt_redirect_number) {
1549 rt->dst.rate_last = jiffies;
1553 /* Check for load limit; set rate_last to the latest sent
1556 if (rt->dst.rate_tokens == 0 ||
1558 (rt->dst.rate_last +
1559 (ip_rt_redirect_load << rt->dst.rate_tokens)))) {
1560 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, rt->rt_gateway);
1561 rt->dst.rate_last = jiffies;
1562 ++rt->dst.rate_tokens;
1563 #ifdef CONFIG_IP_ROUTE_VERBOSE
1565 rt->dst.rate_tokens == ip_rt_redirect_number &&
1567 printk(KERN_WARNING "host %pI4/if%d ignores redirects for %pI4 to %pI4.\n",
1568 &rt->rt_src, rt->rt_iif,
1569 &rt->rt_dst, &rt->rt_gateway);
1574 static int ip_error(struct sk_buff *skb)
1576 struct rtable *rt = skb_rtable(skb);
1580 switch (rt->dst.error) {
1585 code = ICMP_HOST_UNREACH;
1588 code = ICMP_NET_UNREACH;
1589 IP_INC_STATS_BH(dev_net(rt->dst.dev),
1590 IPSTATS_MIB_INNOROUTES);
1593 code = ICMP_PKT_FILTERED;
1598 rt->dst.rate_tokens += now - rt->dst.rate_last;
1599 if (rt->dst.rate_tokens > ip_rt_error_burst)
1600 rt->dst.rate_tokens = ip_rt_error_burst;
1601 rt->dst.rate_last = now;
1602 if (rt->dst.rate_tokens >= ip_rt_error_cost) {
1603 rt->dst.rate_tokens -= ip_rt_error_cost;
1604 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
1607 out: kfree_skb(skb);
1612 * The last two values are not from the RFC but
1613 * are needed for AMPRnet AX.25 paths.
1616 static const unsigned short mtu_plateau[] =
1617 {32000, 17914, 8166, 4352, 2002, 1492, 576, 296, 216, 128 };
1619 static inline unsigned short guess_mtu(unsigned short old_mtu)
1623 for (i = 0; i < ARRAY_SIZE(mtu_plateau); i++)
1624 if (old_mtu > mtu_plateau[i])
1625 return mtu_plateau[i];
1629 unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph,
1630 unsigned short new_mtu,
1631 struct net_device *dev)
1634 unsigned short old_mtu = ntohs(iph->tot_len);
1636 int ikeys[2] = { dev->ifindex, 0 };
1637 __be32 skeys[2] = { iph->saddr, 0, };
1638 __be32 daddr = iph->daddr;
1639 unsigned short est_mtu = 0;
1641 for (k = 0; k < 2; k++) {
1642 for (i = 0; i < 2; i++) {
1643 unsigned hash = rt_hash(daddr, skeys[i], ikeys[k],
1647 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
1648 rth = rcu_dereference(rth->dst.rt_next)) {
1649 unsigned short mtu = new_mtu;
1651 if (rth->fl.fl4_dst != daddr ||
1652 rth->fl.fl4_src != skeys[i] ||
1653 rth->rt_dst != daddr ||
1654 rth->rt_src != iph->saddr ||
1655 rth->fl.oif != ikeys[k] ||
1656 rt_is_input_route(rth) ||
1657 dst_metric_locked(&rth->dst, RTAX_MTU) ||
1658 !net_eq(dev_net(rth->dst.dev), net) ||
1662 if (new_mtu < 68 || new_mtu >= old_mtu) {
1664 /* BSD 4.2 compatibility hack :-( */
1666 old_mtu >= dst_mtu(&rth->dst) &&
1667 old_mtu >= 68 + (iph->ihl << 2))
1668 old_mtu -= iph->ihl << 2;
1670 mtu = guess_mtu(old_mtu);
1672 if (mtu <= dst_mtu(&rth->dst)) {
1673 if (mtu < dst_mtu(&rth->dst)) {
1674 dst_confirm(&rth->dst);
1675 if (mtu < ip_rt_min_pmtu) {
1676 u32 lock = dst_metric(&rth->dst,
1678 mtu = ip_rt_min_pmtu;
1679 lock |= (1 << RTAX_MTU);
1680 dst_metric_set(&rth->dst, RTAX_LOCK,
1683 dst_metric_set(&rth->dst, RTAX_MTU, mtu);
1684 dst_set_expires(&rth->dst,
1693 return est_mtu ? : new_mtu;
1696 static void ip_rt_update_pmtu(struct dst_entry *dst, u32 mtu)
1698 if (dst_mtu(dst) > mtu && mtu >= 68 &&
1699 !(dst_metric_locked(dst, RTAX_MTU))) {
1700 if (mtu < ip_rt_min_pmtu) {
1701 u32 lock = dst_metric(dst, RTAX_LOCK);
1702 mtu = ip_rt_min_pmtu;
1703 dst_metric_set(dst, RTAX_LOCK, lock | (1 << RTAX_MTU));
1705 dst_metric_set(dst, RTAX_MTU, mtu);
1706 dst_set_expires(dst, ip_rt_mtu_expires);
1707 call_netevent_notifiers(NETEVENT_PMTU_UPDATE, dst);
1711 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1713 if (rt_is_expired((struct rtable *)dst))
1718 static void ipv4_dst_destroy(struct dst_entry *dst)
1720 struct rtable *rt = (struct rtable *) dst;
1721 struct inet_peer *peer = rt->peer;
1730 static void ipv4_link_failure(struct sk_buff *skb)
1734 icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1736 rt = skb_rtable(skb);
1738 dst_set_expires(&rt->dst, 0);
1741 static int ip_rt_bug(struct sk_buff *skb)
1743 printk(KERN_DEBUG "ip_rt_bug: %pI4 -> %pI4, %s\n",
1744 &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1745 skb->dev ? skb->dev->name : "?");
1751 We do not cache source address of outgoing interface,
1752 because it is used only by IP RR, TS and SRR options,
1753 so that it out of fast path.
1755 BTW remember: "addr" is allowed to be not aligned
1759 void ip_rt_get_source(u8 *addr, struct rtable *rt)
1762 struct fib_result res;
1764 if (rt_is_output_route(rt))
1768 if (fib_lookup(dev_net(rt->dst.dev), &rt->fl, &res) == 0)
1769 src = FIB_RES_PREFSRC(res);
1771 src = inet_select_addr(rt->dst.dev, rt->rt_gateway,
1775 memcpy(addr, &src, 4);
1778 #ifdef CONFIG_NET_CLS_ROUTE
1779 static void set_class_tag(struct rtable *rt, u32 tag)
1781 if (!(rt->dst.tclassid & 0xFFFF))
1782 rt->dst.tclassid |= tag & 0xFFFF;
1783 if (!(rt->dst.tclassid & 0xFFFF0000))
1784 rt->dst.tclassid |= tag & 0xFFFF0000;
1788 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1790 unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1793 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1795 if (advmss > 65535 - 40)
1796 advmss = 65535 - 40;
1801 static unsigned int ipv4_default_mtu(const struct dst_entry *dst)
1803 unsigned int mtu = dst->dev->mtu;
1805 if (unlikely(dst_metric_locked(dst, RTAX_MTU))) {
1806 const struct rtable *rt = (const struct rtable *) dst;
1808 if (rt->rt_gateway != rt->rt_dst && mtu > 576)
1812 if (mtu > IP_MAX_MTU)
1818 static void rt_set_nexthop(struct rtable *rt, struct fib_result *res, u32 itag)
1820 struct dst_entry *dst = &rt->dst;
1821 struct fib_info *fi = res->fi;
1824 if (FIB_RES_GW(*res) &&
1825 FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
1826 rt->rt_gateway = FIB_RES_GW(*res);
1827 dst_import_metrics(dst, fi->fib_metrics);
1828 #ifdef CONFIG_NET_CLS_ROUTE
1829 dst->tclassid = FIB_RES_NH(*res).nh_tclassid;
1833 if (dst_mtu(dst) > IP_MAX_MTU)
1834 dst_metric_set(dst, RTAX_MTU, IP_MAX_MTU);
1835 if (dst_metric_raw(dst, RTAX_ADVMSS) > 65535 - 40)
1836 dst_metric_set(dst, RTAX_ADVMSS, 65535 - 40);
1838 #ifdef CONFIG_NET_CLS_ROUTE
1839 #ifdef CONFIG_IP_MULTIPLE_TABLES
1840 set_class_tag(rt, fib_rules_tclass(res));
1842 set_class_tag(rt, itag);
1844 rt->rt_type = res->type;
1847 /* called in rcu_read_lock() section */
1848 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1849 u8 tos, struct net_device *dev, int our)
1854 struct in_device *in_dev = __in_dev_get_rcu(dev);
1858 /* Primary sanity checks. */
1863 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1864 ipv4_is_loopback(saddr) || skb->protocol != htons(ETH_P_IP))
1867 if (ipv4_is_zeronet(saddr)) {
1868 if (!ipv4_is_local_multicast(daddr))
1870 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
1872 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
1877 rth = dst_alloc(&ipv4_dst_ops);
1881 rth->dst.output = ip_rt_bug;
1882 rth->dst.obsolete = -1;
1884 atomic_set(&rth->dst.__refcnt, 1);
1885 rth->dst.flags= DST_HOST;
1886 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
1887 rth->dst.flags |= DST_NOPOLICY;
1888 rth->fl.fl4_dst = daddr;
1889 rth->rt_dst = daddr;
1890 rth->fl.fl4_tos = tos;
1891 rth->fl.mark = skb->mark;
1892 rth->fl.fl4_src = saddr;
1893 rth->rt_src = saddr;
1894 #ifdef CONFIG_NET_CLS_ROUTE
1895 rth->dst.tclassid = itag;
1898 rth->fl.iif = dev->ifindex;
1899 rth->dst.dev = init_net.loopback_dev;
1900 dev_hold(rth->dst.dev);
1902 rth->rt_gateway = daddr;
1903 rth->rt_spec_dst= spec_dst;
1904 rth->rt_genid = rt_genid(dev_net(dev));
1905 rth->rt_flags = RTCF_MULTICAST;
1906 rth->rt_type = RTN_MULTICAST;
1908 rth->dst.input= ip_local_deliver;
1909 rth->rt_flags |= RTCF_LOCAL;
1912 #ifdef CONFIG_IP_MROUTE
1913 if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1914 rth->dst.input = ip_mr_input;
1916 RT_CACHE_STAT_INC(in_slow_mc);
1918 hash = rt_hash(daddr, saddr, dev->ifindex, rt_genid(dev_net(dev)));
1919 return rt_intern_hash(hash, rth, NULL, skb, dev->ifindex);
1930 static void ip_handle_martian_source(struct net_device *dev,
1931 struct in_device *in_dev,
1932 struct sk_buff *skb,
1936 RT_CACHE_STAT_INC(in_martian_src);
1937 #ifdef CONFIG_IP_ROUTE_VERBOSE
1938 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1940 * RFC1812 recommendation, if source is martian,
1941 * the only hint is MAC header.
1943 printk(KERN_WARNING "martian source %pI4 from %pI4, on dev %s\n",
1944 &daddr, &saddr, dev->name);
1945 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1947 const unsigned char *p = skb_mac_header(skb);
1948 printk(KERN_WARNING "ll header: ");
1949 for (i = 0; i < dev->hard_header_len; i++, p++) {
1951 if (i < (dev->hard_header_len - 1))
1960 /* called in rcu_read_lock() section */
1961 static int __mkroute_input(struct sk_buff *skb,
1962 struct fib_result *res,
1963 struct in_device *in_dev,
1964 __be32 daddr, __be32 saddr, u32 tos,
1965 struct rtable **result)
1969 struct in_device *out_dev;
1970 unsigned int flags = 0;
1974 /* get a working reference to the output device */
1975 out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1976 if (out_dev == NULL) {
1977 if (net_ratelimit())
1978 printk(KERN_CRIT "Bug in ip_route_input" \
1979 "_slow(). Please, report\n");
1984 err = fib_validate_source(saddr, daddr, tos, FIB_RES_OIF(*res),
1985 in_dev->dev, &spec_dst, &itag, skb->mark);
1987 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1994 flags |= RTCF_DIRECTSRC;
1996 if (out_dev == in_dev && err &&
1997 (IN_DEV_SHARED_MEDIA(out_dev) ||
1998 inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1999 flags |= RTCF_DOREDIRECT;
2001 if (skb->protocol != htons(ETH_P_IP)) {
2002 /* Not IP (i.e. ARP). Do not create route, if it is
2003 * invalid for proxy arp. DNAT routes are always valid.
2005 * Proxy arp feature have been extended to allow, ARP
2006 * replies back to the same interface, to support
2007 * Private VLAN switch technologies. See arp.c.
2009 if (out_dev == in_dev &&
2010 IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
2017 rth = dst_alloc(&ipv4_dst_ops);
2023 atomic_set(&rth->dst.__refcnt, 1);
2024 rth->dst.flags= DST_HOST;
2025 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2026 rth->dst.flags |= DST_NOPOLICY;
2027 if (IN_DEV_CONF_GET(out_dev, NOXFRM))
2028 rth->dst.flags |= DST_NOXFRM;
2029 rth->fl.fl4_dst = daddr;
2030 rth->rt_dst = daddr;
2031 rth->fl.fl4_tos = tos;
2032 rth->fl.mark = skb->mark;
2033 rth->fl.fl4_src = saddr;
2034 rth->rt_src = saddr;
2035 rth->rt_gateway = daddr;
2037 rth->fl.iif = in_dev->dev->ifindex;
2038 rth->dst.dev = (out_dev)->dev;
2039 dev_hold(rth->dst.dev);
2041 rth->rt_spec_dst= spec_dst;
2043 rth->dst.obsolete = -1;
2044 rth->dst.input = ip_forward;
2045 rth->dst.output = ip_output;
2046 rth->rt_genid = rt_genid(dev_net(rth->dst.dev));
2048 rt_set_nexthop(rth, res, itag);
2050 rth->rt_flags = flags;
2058 static int ip_mkroute_input(struct sk_buff *skb,
2059 struct fib_result *res,
2060 const struct flowi *fl,
2061 struct in_device *in_dev,
2062 __be32 daddr, __be32 saddr, u32 tos)
2064 struct rtable* rth = NULL;
2068 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2069 if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0)
2070 fib_select_multipath(fl, res);
2073 /* create a routing cache entry */
2074 err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth);
2078 /* put it into the cache */
2079 hash = rt_hash(daddr, saddr, fl->iif,
2080 rt_genid(dev_net(rth->dst.dev)));
2081 return rt_intern_hash(hash, rth, NULL, skb, fl->iif);
2085 * NOTE. We drop all the packets that has local source
2086 * addresses, because every properly looped back packet
2087 * must have correct destination already attached by output routine.
2089 * Such approach solves two big problems:
2090 * 1. Not simplex devices are handled properly.
2091 * 2. IP spoofing attempts are filtered with 100% of guarantee.
2092 * called with rcu_read_lock()
2095 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2096 u8 tos, struct net_device *dev)
2098 struct fib_result res;
2099 struct in_device *in_dev = __in_dev_get_rcu(dev);
2100 struct flowi fl = { .fl4_dst = daddr,
2103 .fl4_scope = RT_SCOPE_UNIVERSE,
2105 .iif = dev->ifindex };
2108 struct rtable * rth;
2112 struct net * net = dev_net(dev);
2114 /* IP on this device is disabled. */
2119 /* Check for the most weird martians, which can be not detected
2123 if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
2124 ipv4_is_loopback(saddr))
2125 goto martian_source;
2127 if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
2130 /* Accept zero addresses only to limited broadcast;
2131 * I even do not know to fix it or not. Waiting for complains :-)
2133 if (ipv4_is_zeronet(saddr))
2134 goto martian_source;
2136 if (ipv4_is_zeronet(daddr) || ipv4_is_loopback(daddr))
2137 goto martian_destination;
2140 * Now we are ready to route packet.
2142 err = fib_lookup(net, &fl, &res);
2144 if (!IN_DEV_FORWARD(in_dev))
2149 RT_CACHE_STAT_INC(in_slow_tot);
2151 if (res.type == RTN_BROADCAST)
2154 if (res.type == RTN_LOCAL) {
2155 err = fib_validate_source(saddr, daddr, tos,
2156 net->loopback_dev->ifindex,
2157 dev, &spec_dst, &itag, skb->mark);
2159 goto martian_source_keep_err;
2161 flags |= RTCF_DIRECTSRC;
2166 if (!IN_DEV_FORWARD(in_dev))
2168 if (res.type != RTN_UNICAST)
2169 goto martian_destination;
2171 err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos);
2175 if (skb->protocol != htons(ETH_P_IP))
2178 if (ipv4_is_zeronet(saddr))
2179 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK);
2181 err = fib_validate_source(saddr, 0, tos, 0, dev, &spec_dst,
2184 goto martian_source_keep_err;
2186 flags |= RTCF_DIRECTSRC;
2188 flags |= RTCF_BROADCAST;
2189 res.type = RTN_BROADCAST;
2190 RT_CACHE_STAT_INC(in_brd);
2193 rth = dst_alloc(&ipv4_dst_ops);
2197 rth->dst.output= ip_rt_bug;
2198 rth->dst.obsolete = -1;
2199 rth->rt_genid = rt_genid(net);
2201 atomic_set(&rth->dst.__refcnt, 1);
2202 rth->dst.flags= DST_HOST;
2203 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2204 rth->dst.flags |= DST_NOPOLICY;
2205 rth->fl.fl4_dst = daddr;
2206 rth->rt_dst = daddr;
2207 rth->fl.fl4_tos = tos;
2208 rth->fl.mark = skb->mark;
2209 rth->fl.fl4_src = saddr;
2210 rth->rt_src = saddr;
2211 #ifdef CONFIG_NET_CLS_ROUTE
2212 rth->dst.tclassid = itag;
2215 rth->fl.iif = dev->ifindex;
2216 rth->dst.dev = net->loopback_dev;
2217 dev_hold(rth->dst.dev);
2218 rth->rt_gateway = daddr;
2219 rth->rt_spec_dst= spec_dst;
2220 rth->dst.input= ip_local_deliver;
2221 rth->rt_flags = flags|RTCF_LOCAL;
2222 if (res.type == RTN_UNREACHABLE) {
2223 rth->dst.input= ip_error;
2224 rth->dst.error= -err;
2225 rth->rt_flags &= ~RTCF_LOCAL;
2227 rth->rt_type = res.type;
2228 hash = rt_hash(daddr, saddr, fl.iif, rt_genid(net));
2229 err = rt_intern_hash(hash, rth, NULL, skb, fl.iif);
2233 RT_CACHE_STAT_INC(in_no_route);
2234 spec_dst = inet_select_addr(dev, 0, RT_SCOPE_UNIVERSE);
2235 res.type = RTN_UNREACHABLE;
2241 * Do not cache martian addresses: they should be logged (RFC1812)
2243 martian_destination:
2244 RT_CACHE_STAT_INC(in_martian_dst);
2245 #ifdef CONFIG_IP_ROUTE_VERBOSE
2246 if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit())
2247 printk(KERN_WARNING "martian destination %pI4 from %pI4, dev %s\n",
2248 &daddr, &saddr, dev->name);
2252 err = -EHOSTUNREACH;
2265 martian_source_keep_err:
2266 ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
2270 int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr,
2271 u8 tos, struct net_device *dev, bool noref)
2273 struct rtable * rth;
2275 int iif = dev->ifindex;
2283 if (!rt_caching(net))
2286 tos &= IPTOS_RT_MASK;
2287 hash = rt_hash(daddr, saddr, iif, rt_genid(net));
2289 for (rth = rcu_dereference(rt_hash_table[hash].chain); rth;
2290 rth = rcu_dereference(rth->dst.rt_next)) {
2291 if ((((__force u32)rth->fl.fl4_dst ^ (__force u32)daddr) |
2292 ((__force u32)rth->fl.fl4_src ^ (__force u32)saddr) |
2293 (rth->fl.iif ^ iif) |
2295 (rth->fl.fl4_tos ^ tos)) == 0 &&
2296 rth->fl.mark == skb->mark &&
2297 net_eq(dev_net(rth->dst.dev), net) &&
2298 !rt_is_expired(rth)) {
2300 dst_use_noref(&rth->dst, jiffies);
2301 skb_dst_set_noref(skb, &rth->dst);
2303 dst_use(&rth->dst, jiffies);
2304 skb_dst_set(skb, &rth->dst);
2306 RT_CACHE_STAT_INC(in_hit);
2310 RT_CACHE_STAT_INC(in_hlist_search);
2314 /* Multicast recognition logic is moved from route cache to here.
2315 The problem was that too many Ethernet cards have broken/missing
2316 hardware multicast filters :-( As result the host on multicasting
2317 network acquires a lot of useless route cache entries, sort of
2318 SDR messages from all the world. Now we try to get rid of them.
2319 Really, provided software IP multicast filter is organized
2320 reasonably (at least, hashed), it does not result in a slowdown
2321 comparing with route cache reject entries.
2322 Note, that multicast routers are not affected, because
2323 route cache entry is created eventually.
2325 if (ipv4_is_multicast(daddr)) {
2326 struct in_device *in_dev = __in_dev_get_rcu(dev);
2329 int our = ip_check_mc(in_dev, daddr, saddr,
2330 ip_hdr(skb)->protocol);
2332 #ifdef CONFIG_IP_MROUTE
2334 (!ipv4_is_local_multicast(daddr) &&
2335 IN_DEV_MFORWARD(in_dev))
2338 int res = ip_route_input_mc(skb, daddr, saddr,
2347 res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
2351 EXPORT_SYMBOL(ip_route_input_common);
2353 /* called with rcu_read_lock() */
2354 static int __mkroute_output(struct rtable **result,
2355 struct fib_result *res,
2356 const struct flowi *fl,
2357 const struct flowi *oldflp,
2358 struct net_device *dev_out,
2362 struct in_device *in_dev;
2363 u32 tos = RT_FL_TOS(oldflp);
2365 if (ipv4_is_loopback(fl->fl4_src) && !(dev_out->flags & IFF_LOOPBACK))
2368 if (ipv4_is_lbcast(fl->fl4_dst))
2369 res->type = RTN_BROADCAST;
2370 else if (ipv4_is_multicast(fl->fl4_dst))
2371 res->type = RTN_MULTICAST;
2372 else if (ipv4_is_zeronet(fl->fl4_dst))
2375 if (dev_out->flags & IFF_LOOPBACK)
2376 flags |= RTCF_LOCAL;
2378 in_dev = __in_dev_get_rcu(dev_out);
2382 if (res->type == RTN_BROADCAST) {
2383 flags |= RTCF_BROADCAST | RTCF_LOCAL;
2385 } else if (res->type == RTN_MULTICAST) {
2386 flags |= RTCF_MULTICAST | RTCF_LOCAL;
2387 if (!ip_check_mc(in_dev, oldflp->fl4_dst, oldflp->fl4_src,
2389 flags &= ~RTCF_LOCAL;
2390 /* If multicast route do not exist use
2391 * default one, but do not gateway in this case.
2394 if (res->fi && res->prefixlen < 4)
2399 rth = dst_alloc(&ipv4_dst_ops);
2403 atomic_set(&rth->dst.__refcnt, 1);
2404 rth->dst.flags= DST_HOST;
2405 if (IN_DEV_CONF_GET(in_dev, NOXFRM))
2406 rth->dst.flags |= DST_NOXFRM;
2407 if (IN_DEV_CONF_GET(in_dev, NOPOLICY))
2408 rth->dst.flags |= DST_NOPOLICY;
2410 rth->fl.fl4_dst = oldflp->fl4_dst;
2411 rth->fl.fl4_tos = tos;
2412 rth->fl.fl4_src = oldflp->fl4_src;
2413 rth->fl.oif = oldflp->oif;
2414 rth->fl.mark = oldflp->mark;
2415 rth->rt_dst = fl->fl4_dst;
2416 rth->rt_src = fl->fl4_src;
2417 rth->rt_iif = oldflp->oif ? : dev_out->ifindex;
2418 /* get references to the devices that are to be hold by the routing
2420 rth->dst.dev = dev_out;
2422 rth->rt_gateway = fl->fl4_dst;
2423 rth->rt_spec_dst= fl->fl4_src;
2425 rth->dst.output=ip_output;
2426 rth->dst.obsolete = -1;
2427 rth->rt_genid = rt_genid(dev_net(dev_out));
2429 RT_CACHE_STAT_INC(out_slow_tot);
2431 if (flags & RTCF_LOCAL) {
2432 rth->dst.input = ip_local_deliver;
2433 rth->rt_spec_dst = fl->fl4_dst;
2435 if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
2436 rth->rt_spec_dst = fl->fl4_src;
2437 if (flags & RTCF_LOCAL &&
2438 !(dev_out->flags & IFF_LOOPBACK)) {
2439 rth->dst.output = ip_mc_output;
2440 RT_CACHE_STAT_INC(out_slow_mc);
2442 #ifdef CONFIG_IP_MROUTE
2443 if (res->type == RTN_MULTICAST) {
2444 if (IN_DEV_MFORWARD(in_dev) &&
2445 !ipv4_is_local_multicast(oldflp->fl4_dst)) {
2446 rth->dst.input = ip_mr_input;
2447 rth->dst.output = ip_mc_output;
2453 rt_set_nexthop(rth, res, 0);
2455 rth->rt_flags = flags;
2460 /* called with rcu_read_lock() */
2461 static int ip_mkroute_output(struct rtable **rp,
2462 struct fib_result *res,
2463 const struct flowi *fl,
2464 const struct flowi *oldflp,
2465 struct net_device *dev_out,
2468 struct rtable *rth = NULL;
2469 int err = __mkroute_output(&rth, res, fl, oldflp, dev_out, flags);
2472 hash = rt_hash(oldflp->fl4_dst, oldflp->fl4_src, oldflp->oif,
2473 rt_genid(dev_net(dev_out)));
2474 err = rt_intern_hash(hash, rth, rp, NULL, oldflp->oif);
2481 * Major route resolver routine.
2482 * called with rcu_read_lock();
2485 static int ip_route_output_slow(struct net *net, struct rtable **rp,
2486 const struct flowi *oldflp)
2488 u32 tos = RT_FL_TOS(oldflp);
2489 struct flowi fl = { .fl4_dst = oldflp->fl4_dst,
2490 .fl4_src = oldflp->fl4_src,
2491 .fl4_tos = tos & IPTOS_RT_MASK,
2492 .fl4_scope = ((tos & RTO_ONLINK) ?
2493 RT_SCOPE_LINK : RT_SCOPE_UNIVERSE),
2494 .mark = oldflp->mark,
2495 .iif = net->loopback_dev->ifindex,
2496 .oif = oldflp->oif };
2497 struct fib_result res;
2498 unsigned int flags = 0;
2499 struct net_device *dev_out = NULL;
2504 #ifdef CONFIG_IP_MULTIPLE_TABLES
2508 if (oldflp->fl4_src) {
2510 if (ipv4_is_multicast(oldflp->fl4_src) ||
2511 ipv4_is_lbcast(oldflp->fl4_src) ||
2512 ipv4_is_zeronet(oldflp->fl4_src))
2515 /* I removed check for oif == dev_out->oif here.
2516 It was wrong for two reasons:
2517 1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2518 is assigned to multiple interfaces.
2519 2. Moreover, we are allowed to send packets with saddr
2520 of another iface. --ANK
2523 if (oldflp->oif == 0 &&
2524 (ipv4_is_multicast(oldflp->fl4_dst) ||
2525 ipv4_is_lbcast(oldflp->fl4_dst))) {
2526 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2527 dev_out = __ip_dev_find(net, oldflp->fl4_src, false);
2528 if (dev_out == NULL)
2531 /* Special hack: user can direct multicasts
2532 and limited broadcast via necessary interface
2533 without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2534 This hack is not just for fun, it allows
2535 vic,vat and friends to work.
2536 They bind socket to loopback, set ttl to zero
2537 and expect that it will work.
2538 From the viewpoint of routing cache they are broken,
2539 because we are not allowed to build multicast path
2540 with loopback source addr (look, routing cache
2541 cannot know, that ttl is zero, so that packet
2542 will not leave this host and route is valid).
2543 Luckily, this hack is good workaround.
2546 fl.oif = dev_out->ifindex;
2550 if (!(oldflp->flags & FLOWI_FLAG_ANYSRC)) {
2551 /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2552 if (!__ip_dev_find(net, oldflp->fl4_src, false))
2559 dev_out = dev_get_by_index_rcu(net, oldflp->oif);
2561 if (dev_out == NULL)
2564 /* RACE: Check return value of inet_select_addr instead. */
2565 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
2569 if (ipv4_is_local_multicast(oldflp->fl4_dst) ||
2570 ipv4_is_lbcast(oldflp->fl4_dst)) {
2572 fl.fl4_src = inet_select_addr(dev_out, 0,
2577 if (ipv4_is_multicast(oldflp->fl4_dst))
2578 fl.fl4_src = inet_select_addr(dev_out, 0,
2580 else if (!oldflp->fl4_dst)
2581 fl.fl4_src = inet_select_addr(dev_out, 0,
2587 fl.fl4_dst = fl.fl4_src;
2589 fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK);
2590 dev_out = net->loopback_dev;
2591 fl.oif = net->loopback_dev->ifindex;
2592 res.type = RTN_LOCAL;
2593 flags |= RTCF_LOCAL;
2597 if (fib_lookup(net, &fl, &res)) {
2600 /* Apparently, routing tables are wrong. Assume,
2601 that the destination is on link.
2604 Because we are allowed to send to iface
2605 even if it has NO routes and NO assigned
2606 addresses. When oif is specified, routing
2607 tables are looked up with only one purpose:
2608 to catch if destination is gatewayed, rather than
2609 direct. Moreover, if MSG_DONTROUTE is set,
2610 we send packet, ignoring both routing tables
2611 and ifaddr state. --ANK
2614 We could make it even if oif is unknown,
2615 likely IPv6, but we do not.
2618 if (fl.fl4_src == 0)
2619 fl.fl4_src = inet_select_addr(dev_out, 0,
2621 res.type = RTN_UNICAST;
2628 if (res.type == RTN_LOCAL) {
2630 if (res.fi->fib_prefsrc)
2631 fl.fl4_src = res.fi->fib_prefsrc;
2633 fl.fl4_src = fl.fl4_dst;
2635 dev_out = net->loopback_dev;
2636 fl.oif = dev_out->ifindex;
2638 flags |= RTCF_LOCAL;
2642 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2643 if (res.fi->fib_nhs > 1 && fl.oif == 0)
2644 fib_select_multipath(&fl, &res);
2647 if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif)
2648 fib_select_default(net, &fl, &res);
2651 fl.fl4_src = FIB_RES_PREFSRC(res);
2653 dev_out = FIB_RES_DEV(res);
2654 fl.oif = dev_out->ifindex;
2658 err = ip_mkroute_output(rp, &res, &fl, oldflp, dev_out, flags);
2663 int __ip_route_output_key(struct net *net, struct rtable **rp,
2664 const struct flowi *flp)
2670 if (!rt_caching(net))
2673 hash = rt_hash(flp->fl4_dst, flp->fl4_src, flp->oif, rt_genid(net));
2676 for (rth = rcu_dereference_bh(rt_hash_table[hash].chain); rth;
2677 rth = rcu_dereference_bh(rth->dst.rt_next)) {
2678 if (rth->fl.fl4_dst == flp->fl4_dst &&
2679 rth->fl.fl4_src == flp->fl4_src &&
2680 rt_is_output_route(rth) &&
2681 rth->fl.oif == flp->oif &&
2682 rth->fl.mark == flp->mark &&
2683 !((rth->fl.fl4_tos ^ flp->fl4_tos) &
2684 (IPTOS_RT_MASK | RTO_ONLINK)) &&
2685 net_eq(dev_net(rth->dst.dev), net) &&
2686 !rt_is_expired(rth)) {
2687 dst_use(&rth->dst, jiffies);
2688 RT_CACHE_STAT_INC(out_hit);
2689 rcu_read_unlock_bh();
2693 RT_CACHE_STAT_INC(out_hlist_search);
2695 rcu_read_unlock_bh();
2699 res = ip_route_output_slow(net, rp, flp);
2703 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2705 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2710 static unsigned int ipv4_blackhole_default_mtu(const struct dst_entry *dst)
2715 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, u32 mtu)
2719 static struct dst_ops ipv4_dst_blackhole_ops = {
2721 .protocol = cpu_to_be16(ETH_P_IP),
2722 .destroy = ipv4_dst_destroy,
2723 .check = ipv4_blackhole_dst_check,
2724 .default_mtu = ipv4_blackhole_default_mtu,
2725 .default_advmss = ipv4_default_advmss,
2726 .update_pmtu = ipv4_rt_blackhole_update_pmtu,
2730 static int ipv4_dst_blackhole(struct net *net, struct rtable **rp, struct flowi *flp)
2732 struct rtable *ort = *rp;
2733 struct rtable *rt = (struct rtable *)
2734 dst_alloc(&ipv4_dst_blackhole_ops);
2737 struct dst_entry *new = &rt->dst;
2739 atomic_set(&new->__refcnt, 1);
2741 new->input = dst_discard;
2742 new->output = dst_discard;
2743 dst_copy_metrics(new, &ort->dst);
2745 new->dev = ort->dst.dev;
2751 rt->rt_genid = rt_genid(net);
2752 rt->rt_flags = ort->rt_flags;
2753 rt->rt_type = ort->rt_type;
2754 rt->rt_dst = ort->rt_dst;
2755 rt->rt_src = ort->rt_src;
2756 rt->rt_iif = ort->rt_iif;
2757 rt->rt_gateway = ort->rt_gateway;
2758 rt->rt_spec_dst = ort->rt_spec_dst;
2759 rt->peer = ort->peer;
2761 atomic_inc(&rt->peer->refcnt);
2766 dst_release(&(*rp)->dst);
2768 return rt ? 0 : -ENOMEM;
2771 int ip_route_output_flow(struct net *net, struct rtable **rp, struct flowi *flp,
2772 struct sock *sk, int flags)
2776 if ((err = __ip_route_output_key(net, rp, flp)) != 0)
2781 flp->fl4_src = (*rp)->rt_src;
2783 flp->fl4_dst = (*rp)->rt_dst;
2784 err = __xfrm_lookup(net, (struct dst_entry **)rp, flp, sk,
2785 flags ? XFRM_LOOKUP_WAIT : 0);
2786 if (err == -EREMOTE)
2787 err = ipv4_dst_blackhole(net, rp, flp);
2794 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2796 int ip_route_output_key(struct net *net, struct rtable **rp, struct flowi *flp)
2798 return ip_route_output_flow(net, rp, flp, NULL, 0);
2800 EXPORT_SYMBOL(ip_route_output_key);
2802 static int rt_fill_info(struct net *net,
2803 struct sk_buff *skb, u32 pid, u32 seq, int event,
2804 int nowait, unsigned int flags)
2806 struct rtable *rt = skb_rtable(skb);
2808 struct nlmsghdr *nlh;
2810 u32 id = 0, ts = 0, tsage = 0, error;
2812 nlh = nlmsg_put(skb, pid, seq, event, sizeof(*r), flags);
2816 r = nlmsg_data(nlh);
2817 r->rtm_family = AF_INET;
2818 r->rtm_dst_len = 32;
2820 r->rtm_tos = rt->fl.fl4_tos;
2821 r->rtm_table = RT_TABLE_MAIN;
2822 NLA_PUT_U32(skb, RTA_TABLE, RT_TABLE_MAIN);
2823 r->rtm_type = rt->rt_type;
2824 r->rtm_scope = RT_SCOPE_UNIVERSE;
2825 r->rtm_protocol = RTPROT_UNSPEC;
2826 r->rtm_flags = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2827 if (rt->rt_flags & RTCF_NOTIFY)
2828 r->rtm_flags |= RTM_F_NOTIFY;
2830 NLA_PUT_BE32(skb, RTA_DST, rt->rt_dst);
2832 if (rt->fl.fl4_src) {
2833 r->rtm_src_len = 32;
2834 NLA_PUT_BE32(skb, RTA_SRC, rt->fl.fl4_src);
2837 NLA_PUT_U32(skb, RTA_OIF, rt->dst.dev->ifindex);
2838 #ifdef CONFIG_NET_CLS_ROUTE
2839 if (rt->dst.tclassid)
2840 NLA_PUT_U32(skb, RTA_FLOW, rt->dst.tclassid);
2842 if (rt_is_input_route(rt))
2843 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_spec_dst);
2844 else if (rt->rt_src != rt->fl.fl4_src)
2845 NLA_PUT_BE32(skb, RTA_PREFSRC, rt->rt_src);
2847 if (rt->rt_dst != rt->rt_gateway)
2848 NLA_PUT_BE32(skb, RTA_GATEWAY, rt->rt_gateway);
2850 if (rtnetlink_put_metrics(skb, dst_metrics_ptr(&rt->dst)) < 0)
2851 goto nla_put_failure;
2854 NLA_PUT_BE32(skb, RTA_MARK, rt->fl.mark);
2856 error = rt->dst.error;
2857 expires = rt->dst.expires ? rt->dst.expires - jiffies : 0;
2859 inet_peer_refcheck(rt->peer);
2860 id = atomic_read(&rt->peer->ip_id_count) & 0xffff;
2861 if (rt->peer->tcp_ts_stamp) {
2862 ts = rt->peer->tcp_ts;
2863 tsage = get_seconds() - rt->peer->tcp_ts_stamp;
2867 if (rt_is_input_route(rt)) {
2868 #ifdef CONFIG_IP_MROUTE
2869 __be32 dst = rt->rt_dst;
2871 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2872 IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2873 int err = ipmr_get_route(net, skb, r, nowait);
2878 goto nla_put_failure;
2880 if (err == -EMSGSIZE)
2881 goto nla_put_failure;
2887 NLA_PUT_U32(skb, RTA_IIF, rt->fl.iif);
2890 if (rtnl_put_cacheinfo(skb, &rt->dst, id, ts, tsage,
2891 expires, error) < 0)
2892 goto nla_put_failure;
2894 return nlmsg_end(skb, nlh);
2897 nlmsg_cancel(skb, nlh);
2901 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr* nlh, void *arg)
2903 struct net *net = sock_net(in_skb->sk);
2905 struct nlattr *tb[RTA_MAX+1];
2906 struct rtable *rt = NULL;
2912 struct sk_buff *skb;
2914 err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2918 rtm = nlmsg_data(nlh);
2920 skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2926 /* Reserve room for dummy headers, this skb can pass
2927 through good chunk of routing engine.
2929 skb_reset_mac_header(skb);
2930 skb_reset_network_header(skb);
2932 /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2933 ip_hdr(skb)->protocol = IPPROTO_ICMP;
2934 skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2936 src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2937 dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2938 iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2939 mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2942 struct net_device *dev;
2944 dev = __dev_get_by_index(net, iif);
2950 skb->protocol = htons(ETH_P_IP);
2954 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2957 rt = skb_rtable(skb);
2958 if (err == 0 && rt->dst.error)
2959 err = -rt->dst.error;
2964 .fl4_tos = rtm->rtm_tos,
2965 .oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0,
2968 err = ip_route_output_key(net, &rt, &fl);
2974 skb_dst_set(skb, &rt->dst);
2975 if (rtm->rtm_flags & RTM_F_NOTIFY)
2976 rt->rt_flags |= RTCF_NOTIFY;
2978 err = rt_fill_info(net, skb, NETLINK_CB(in_skb).pid, nlh->nlmsg_seq,
2979 RTM_NEWROUTE, 0, 0);
2983 err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).pid);
2992 int ip_rt_dump(struct sk_buff *skb, struct netlink_callback *cb)
2999 net = sock_net(skb->sk);
3004 s_idx = idx = cb->args[1];
3005 for (h = s_h; h <= rt_hash_mask; h++, s_idx = 0) {
3006 if (!rt_hash_table[h].chain)
3009 for (rt = rcu_dereference_bh(rt_hash_table[h].chain), idx = 0; rt;
3010 rt = rcu_dereference_bh(rt->dst.rt_next), idx++) {
3011 if (!net_eq(dev_net(rt->dst.dev), net) || idx < s_idx)
3013 if (rt_is_expired(rt))
3015 skb_dst_set_noref(skb, &rt->dst);
3016 if (rt_fill_info(net, skb, NETLINK_CB(cb->skb).pid,
3017 cb->nlh->nlmsg_seq, RTM_NEWROUTE,
3018 1, NLM_F_MULTI) <= 0) {
3020 rcu_read_unlock_bh();
3025 rcu_read_unlock_bh();
3034 void ip_rt_multicast_event(struct in_device *in_dev)
3036 rt_cache_flush(dev_net(in_dev->dev), 0);
3039 #ifdef CONFIG_SYSCTL
3040 static int ipv4_sysctl_rtcache_flush(ctl_table *__ctl, int write,
3041 void __user *buffer,
3042 size_t *lenp, loff_t *ppos)
3049 memcpy(&ctl, __ctl, sizeof(ctl));
3050 ctl.data = &flush_delay;
3051 proc_dointvec(&ctl, write, buffer, lenp, ppos);
3053 net = (struct net *)__ctl->extra1;
3054 rt_cache_flush(net, flush_delay);
3061 static ctl_table ipv4_route_table[] = {
3063 .procname = "gc_thresh",
3064 .data = &ipv4_dst_ops.gc_thresh,
3065 .maxlen = sizeof(int),
3067 .proc_handler = proc_dointvec,
3070 .procname = "max_size",
3071 .data = &ip_rt_max_size,
3072 .maxlen = sizeof(int),
3074 .proc_handler = proc_dointvec,
3077 /* Deprecated. Use gc_min_interval_ms */
3079 .procname = "gc_min_interval",
3080 .data = &ip_rt_gc_min_interval,
3081 .maxlen = sizeof(int),
3083 .proc_handler = proc_dointvec_jiffies,
3086 .procname = "gc_min_interval_ms",
3087 .data = &ip_rt_gc_min_interval,
3088 .maxlen = sizeof(int),
3090 .proc_handler = proc_dointvec_ms_jiffies,
3093 .procname = "gc_timeout",
3094 .data = &ip_rt_gc_timeout,
3095 .maxlen = sizeof(int),
3097 .proc_handler = proc_dointvec_jiffies,
3100 .procname = "gc_interval",
3101 .data = &ip_rt_gc_interval,
3102 .maxlen = sizeof(int),
3104 .proc_handler = proc_dointvec_jiffies,
3107 .procname = "redirect_load",
3108 .data = &ip_rt_redirect_load,
3109 .maxlen = sizeof(int),
3111 .proc_handler = proc_dointvec,
3114 .procname = "redirect_number",
3115 .data = &ip_rt_redirect_number,
3116 .maxlen = sizeof(int),
3118 .proc_handler = proc_dointvec,
3121 .procname = "redirect_silence",
3122 .data = &ip_rt_redirect_silence,
3123 .maxlen = sizeof(int),
3125 .proc_handler = proc_dointvec,
3128 .procname = "error_cost",
3129 .data = &ip_rt_error_cost,
3130 .maxlen = sizeof(int),
3132 .proc_handler = proc_dointvec,
3135 .procname = "error_burst",
3136 .data = &ip_rt_error_burst,
3137 .maxlen = sizeof(int),
3139 .proc_handler = proc_dointvec,
3142 .procname = "gc_elasticity",
3143 .data = &ip_rt_gc_elasticity,
3144 .maxlen = sizeof(int),
3146 .proc_handler = proc_dointvec,
3149 .procname = "mtu_expires",
3150 .data = &ip_rt_mtu_expires,
3151 .maxlen = sizeof(int),
3153 .proc_handler = proc_dointvec_jiffies,
3156 .procname = "min_pmtu",
3157 .data = &ip_rt_min_pmtu,
3158 .maxlen = sizeof(int),
3160 .proc_handler = proc_dointvec,
3163 .procname = "min_adv_mss",
3164 .data = &ip_rt_min_advmss,
3165 .maxlen = sizeof(int),
3167 .proc_handler = proc_dointvec,
3172 static struct ctl_table empty[1];
3174 static struct ctl_table ipv4_skeleton[] =
3176 { .procname = "route",
3177 .mode = 0555, .child = ipv4_route_table},
3178 { .procname = "neigh",
3179 .mode = 0555, .child = empty},
3183 static __net_initdata struct ctl_path ipv4_path[] = {
3184 { .procname = "net", },
3185 { .procname = "ipv4", },
3189 static struct ctl_table ipv4_route_flush_table[] = {
3191 .procname = "flush",
3192 .maxlen = sizeof(int),
3194 .proc_handler = ipv4_sysctl_rtcache_flush,
3199 static __net_initdata struct ctl_path ipv4_route_path[] = {
3200 { .procname = "net", },
3201 { .procname = "ipv4", },
3202 { .procname = "route", },
3206 static __net_init int sysctl_route_net_init(struct net *net)
3208 struct ctl_table *tbl;
3210 tbl = ipv4_route_flush_table;
3211 if (!net_eq(net, &init_net)) {
3212 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
3216 tbl[0].extra1 = net;
3218 net->ipv4.route_hdr =
3219 register_net_sysctl_table(net, ipv4_route_path, tbl);
3220 if (net->ipv4.route_hdr == NULL)
3225 if (tbl != ipv4_route_flush_table)
3231 static __net_exit void sysctl_route_net_exit(struct net *net)
3233 struct ctl_table *tbl;
3235 tbl = net->ipv4.route_hdr->ctl_table_arg;
3236 unregister_net_sysctl_table(net->ipv4.route_hdr);
3237 BUG_ON(tbl == ipv4_route_flush_table);
3241 static __net_initdata struct pernet_operations sysctl_route_ops = {
3242 .init = sysctl_route_net_init,
3243 .exit = sysctl_route_net_exit,
3247 static __net_init int rt_genid_init(struct net *net)
3249 get_random_bytes(&net->ipv4.rt_genid,
3250 sizeof(net->ipv4.rt_genid));
3254 static __net_initdata struct pernet_operations rt_genid_ops = {
3255 .init = rt_genid_init,
3259 #ifdef CONFIG_NET_CLS_ROUTE
3260 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
3261 #endif /* CONFIG_NET_CLS_ROUTE */
3263 static __initdata unsigned long rhash_entries;
3264 static int __init set_rhash_entries(char *str)
3268 rhash_entries = simple_strtoul(str, &str, 0);
3271 __setup("rhash_entries=", set_rhash_entries);
3273 int __init ip_rt_init(void)
3277 #ifdef CONFIG_NET_CLS_ROUTE
3278 ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
3280 panic("IP: failed to allocate ip_rt_acct\n");
3283 ipv4_dst_ops.kmem_cachep =
3284 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
3285 SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
3287 ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
3289 if (dst_entries_init(&ipv4_dst_ops) < 0)
3290 panic("IP: failed to allocate ipv4_dst_ops counter\n");
3292 if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
3293 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
3295 rt_hash_table = (struct rt_hash_bucket *)
3296 alloc_large_system_hash("IP route cache",
3297 sizeof(struct rt_hash_bucket),
3299 (totalram_pages >= 128 * 1024) ?
3304 rhash_entries ? 0 : 512 * 1024);
3305 memset(rt_hash_table, 0, (rt_hash_mask + 1) * sizeof(struct rt_hash_bucket));
3306 rt_hash_lock_init();
3308 ipv4_dst_ops.gc_thresh = (rt_hash_mask + 1);
3309 ip_rt_max_size = (rt_hash_mask + 1) * 16;
3314 /* All the timers, started at system startup tend
3315 to synchronize. Perturb it a bit.
3317 INIT_DELAYED_WORK_DEFERRABLE(&expires_work, rt_worker_func);
3318 expires_ljiffies = jiffies;
3319 schedule_delayed_work(&expires_work,
3320 net_random() % ip_rt_gc_interval + ip_rt_gc_interval);
3322 if (ip_rt_proc_init())
3323 printk(KERN_ERR "Unable to create route proc files\n");
3326 xfrm4_init(ip_rt_max_size);
3328 rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL);
3330 #ifdef CONFIG_SYSCTL
3331 register_pernet_subsys(&sysctl_route_ops);
3333 register_pernet_subsys(&rt_genid_ops);
3337 #ifdef CONFIG_SYSCTL
3339 * We really need to sanitize the damn ipv4 init order, then all
3340 * this nonsense will go away.
3342 void __init ip_static_sysctl_init(void)
3344 register_sysctl_paths(ipv4_path, ipv4_skeleton);
git.openpandora.org / pandora-kernel.git / blob