Version:  2.0.40 2.2.26 2.4.37 3.3 3.4 3.5 3.6 3.7 3.8 3.9 3.10 3.11 3.12 3.13 3.14 3.15 3.16 3.17 3.18 3.19

Linux/net/ipv4/route.c

  1 /*
  2  * INET         An implementation of the TCP/IP protocol suite for the LINUX
  3  *              operating system.  INET is implemented using the  BSD Socket
  4  *              interface as the means of communication with the user level.
  5  *
  6  *              ROUTE - implementation of the IP router.
  7  *
  8  * Authors:     Ross Biro
  9  *              Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
 10  *              Alan Cox, <gw4pts@gw4pts.ampr.org>
 11  *              Linus Torvalds, <Linus.Torvalds@helsinki.fi>
 12  *              Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
 13  *
 14  * Fixes:
 15  *              Alan Cox        :       Verify area fixes.
 16  *              Alan Cox        :       cli() protects routing changes
 17  *              Rui Oliveira    :       ICMP routing table updates
 18  *              (rco@di.uminho.pt)      Routing table insertion and update
 19  *              Linus Torvalds  :       Rewrote bits to be sensible
 20  *              Alan Cox        :       Added BSD route gw semantics
 21  *              Alan Cox        :       Super /proc >4K
 22  *              Alan Cox        :       MTU in route table
 23  *              Alan Cox        :       MSS actually. Also added the window
 24  *                                      clamper.
 25  *              Sam Lantinga    :       Fixed route matching in rt_del()
 26  *              Alan Cox        :       Routing cache support.
 27  *              Alan Cox        :       Removed compatibility cruft.
 28  *              Alan Cox        :       RTF_REJECT support.
 29  *              Alan Cox        :       TCP irtt support.
 30  *              Jonathan Naylor :       Added Metric support.
 31  *      Miquel van Smoorenburg  :       BSD API fixes.
 32  *      Miquel van Smoorenburg  :       Metrics.
 33  *              Alan Cox        :       Use __u32 properly
 34  *              Alan Cox        :       Aligned routing errors more closely with BSD
 35  *                                      our system is still very different.
 36  *              Alan Cox        :       Faster /proc handling
 37  *      Alexey Kuznetsov        :       Massive rework to support tree based routing,
 38  *                                      routing caches and better behaviour.
 39  *
 40  *              Olaf Erb        :       irtt wasn't being copied right.
 41  *              Bjorn Ekwall    :       Kerneld route support.
 42  *              Alan Cox        :       Multicast fixed (I hope)
 43  *              Pavel Krauz     :       Limited broadcast fixed
 44  *              Mike McLagan    :       Routing by source
 45  *      Alexey Kuznetsov        :       End of old history. Split to fib.c and
 46  *                                      route.c and rewritten from scratch.
 47  *              Andi Kleen      :       Load-limit warning messages.
 48  *      Vitaly E. Lavrov        :       Transparent proxy revived after year coma.
 49  *      Vitaly E. Lavrov        :       Race condition in ip_route_input_slow.
 50  *      Tobias Ringstrom        :       Uninitialized res.type in ip_route_output_slow.
 51  *      Vladimir V. Ivanov      :       IP rule info (flowid) is really useful.
 52  *              Marc Boucher    :       routing by fwmark
 53  *      Robert Olsson           :       Added rt_cache statistics
 54  *      Arnaldo C. Melo         :       Convert proc stuff to seq_file
 55  *      Eric Dumazet            :       hashed spinlocks and rt_check_expire() fixes.
 56  *      Ilia Sotnikov           :       Ignore TOS on PMTUD and Redirect
 57  *      Ilia Sotnikov           :       Removed TOS from hash calculations
 58  *
 59  *              This program is free software; you can redistribute it and/or
 60  *              modify it under the terms of the GNU General Public License
 61  *              as published by the Free Software Foundation; either version
 62  *              2 of the License, or (at your option) any later version.
 63  */
 64 
 65 #define pr_fmt(fmt) "IPv4: " fmt
 66 
 67 #include <linux/module.h>
 68 #include <asm/uaccess.h>
 69 #include <linux/bitops.h>
 70 #include <linux/types.h>
 71 #include <linux/kernel.h>
 72 #include <linux/mm.h>
 73 #include <linux/string.h>
 74 #include <linux/socket.h>
 75 #include <linux/sockios.h>
 76 #include <linux/errno.h>
 77 #include <linux/in.h>
 78 #include <linux/inet.h>
 79 #include <linux/netdevice.h>
 80 #include <linux/proc_fs.h>
 81 #include <linux/init.h>
 82 #include <linux/skbuff.h>
 83 #include <linux/inetdevice.h>
 84 #include <linux/igmp.h>
 85 #include <linux/pkt_sched.h>
 86 #include <linux/mroute.h>
 87 #include <linux/netfilter_ipv4.h>
 88 #include <linux/random.h>
 89 #include <linux/rcupdate.h>
 90 #include <linux/times.h>
 91 #include <linux/slab.h>
 92 #include <linux/jhash.h>
 93 #include <net/dst.h>
 94 #include <net/net_namespace.h>
 95 #include <net/protocol.h>
 96 #include <net/ip.h>
 97 #include <net/route.h>
 98 #include <net/inetpeer.h>
 99 #include <net/sock.h>
100 #include <net/ip_fib.h>
101 #include <net/arp.h>
102 #include <net/tcp.h>
103 #include <net/icmp.h>
104 #include <net/xfrm.h>
105 #include <net/netevent.h>
106 #include <net/rtnetlink.h>
107 #ifdef CONFIG_SYSCTL
108 #include <linux/sysctl.h>
109 #include <linux/kmemleak.h>
110 #endif
111 #include <net/secure_seq.h>
112 
113 #define RT_FL_TOS(oldflp4) \
114         ((oldflp4)->flowi4_tos & (IPTOS_RT_MASK | RTO_ONLINK))
115 
116 #define RT_GC_TIMEOUT (300*HZ)
117 
118 static int ip_rt_max_size;
119 static int ip_rt_redirect_number __read_mostly  = 9;
120 static int ip_rt_redirect_load __read_mostly    = HZ / 50;
121 static int ip_rt_redirect_silence __read_mostly = ((HZ / 50) << (9 + 1));
122 static int ip_rt_error_cost __read_mostly       = HZ;
123 static int ip_rt_error_burst __read_mostly      = 5 * HZ;
124 static int ip_rt_mtu_expires __read_mostly      = 10 * 60 * HZ;
125 static int ip_rt_min_pmtu __read_mostly         = 512 + 20 + 20;
126 static int ip_rt_min_advmss __read_mostly       = 256;
127 
128 /*
129  *      Interface to generic destination cache.
130  */
131 
132 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie);
133 static unsigned int      ipv4_default_advmss(const struct dst_entry *dst);
134 static unsigned int      ipv4_mtu(const struct dst_entry *dst);
135 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst);
136 static void              ipv4_link_failure(struct sk_buff *skb);
137 static void              ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
138                                            struct sk_buff *skb, u32 mtu);
139 static void              ip_do_redirect(struct dst_entry *dst, struct sock *sk,
140                                         struct sk_buff *skb);
141 static void             ipv4_dst_destroy(struct dst_entry *dst);
142 
143 static u32 *ipv4_cow_metrics(struct dst_entry *dst, unsigned long old)
144 {
145         WARN_ON(1);
146         return NULL;
147 }
148 
149 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
150                                            struct sk_buff *skb,
151                                            const void *daddr);
152 
153 static struct dst_ops ipv4_dst_ops = {
154         .family =               AF_INET,
155         .protocol =             cpu_to_be16(ETH_P_IP),
156         .check =                ipv4_dst_check,
157         .default_advmss =       ipv4_default_advmss,
158         .mtu =                  ipv4_mtu,
159         .cow_metrics =          ipv4_cow_metrics,
160         .destroy =              ipv4_dst_destroy,
161         .negative_advice =      ipv4_negative_advice,
162         .link_failure =         ipv4_link_failure,
163         .update_pmtu =          ip_rt_update_pmtu,
164         .redirect =             ip_do_redirect,
165         .local_out =            __ip_local_out,
166         .neigh_lookup =         ipv4_neigh_lookup,
167 };
168 
169 #define ECN_OR_COST(class)      TC_PRIO_##class
170 
171 const __u8 ip_tos2prio[16] = {
172         TC_PRIO_BESTEFFORT,
173         ECN_OR_COST(BESTEFFORT),
174         TC_PRIO_BESTEFFORT,
175         ECN_OR_COST(BESTEFFORT),
176         TC_PRIO_BULK,
177         ECN_OR_COST(BULK),
178         TC_PRIO_BULK,
179         ECN_OR_COST(BULK),
180         TC_PRIO_INTERACTIVE,
181         ECN_OR_COST(INTERACTIVE),
182         TC_PRIO_INTERACTIVE,
183         ECN_OR_COST(INTERACTIVE),
184         TC_PRIO_INTERACTIVE_BULK,
185         ECN_OR_COST(INTERACTIVE_BULK),
186         TC_PRIO_INTERACTIVE_BULK,
187         ECN_OR_COST(INTERACTIVE_BULK)
188 };
189 EXPORT_SYMBOL(ip_tos2prio);
190 
191 static DEFINE_PER_CPU(struct rt_cache_stat, rt_cache_stat);
192 #define RT_CACHE_STAT_INC(field) raw_cpu_inc(rt_cache_stat.field)
193 
194 #ifdef CONFIG_PROC_FS
195 static void *rt_cache_seq_start(struct seq_file *seq, loff_t *pos)
196 {
197         if (*pos)
198                 return NULL;
199         return SEQ_START_TOKEN;
200 }
201 
202 static void *rt_cache_seq_next(struct seq_file *seq, void *v, loff_t *pos)
203 {
204         ++*pos;
205         return NULL;
206 }
207 
208 static void rt_cache_seq_stop(struct seq_file *seq, void *v)
209 {
210 }
211 
212 static int rt_cache_seq_show(struct seq_file *seq, void *v)
213 {
214         if (v == SEQ_START_TOKEN)
215                 seq_printf(seq, "%-127s\n",
216                            "Iface\tDestination\tGateway \tFlags\t\tRefCnt\tUse\t"
217                            "Metric\tSource\t\tMTU\tWindow\tIRTT\tTOS\tHHRef\t"
218                            "HHUptod\tSpecDst");
219         return 0;
220 }
221 
222 static const struct seq_operations rt_cache_seq_ops = {
223         .start  = rt_cache_seq_start,
224         .next   = rt_cache_seq_next,
225         .stop   = rt_cache_seq_stop,
226         .show   = rt_cache_seq_show,
227 };
228 
229 static int rt_cache_seq_open(struct inode *inode, struct file *file)
230 {
231         return seq_open(file, &rt_cache_seq_ops);
232 }
233 
234 static const struct file_operations rt_cache_seq_fops = {
235         .owner   = THIS_MODULE,
236         .open    = rt_cache_seq_open,
237         .read    = seq_read,
238         .llseek  = seq_lseek,
239         .release = seq_release,
240 };
241 
242 
243 static void *rt_cpu_seq_start(struct seq_file *seq, loff_t *pos)
244 {
245         int cpu;
246 
247         if (*pos == 0)
248                 return SEQ_START_TOKEN;
249 
250         for (cpu = *pos-1; cpu < nr_cpu_ids; ++cpu) {
251                 if (!cpu_possible(cpu))
252                         continue;
253                 *pos = cpu+1;
254                 return &per_cpu(rt_cache_stat, cpu);
255         }
256         return NULL;
257 }
258 
259 static void *rt_cpu_seq_next(struct seq_file *seq, void *v, loff_t *pos)
260 {
261         int cpu;
262 
263         for (cpu = *pos; cpu < nr_cpu_ids; ++cpu) {
264                 if (!cpu_possible(cpu))
265                         continue;
266                 *pos = cpu+1;
267                 return &per_cpu(rt_cache_stat, cpu);
268         }
269         return NULL;
270 
271 }
272 
273 static void rt_cpu_seq_stop(struct seq_file *seq, void *v)
274 {
275 
276 }
277 
278 static int rt_cpu_seq_show(struct seq_file *seq, void *v)
279 {
280         struct rt_cache_stat *st = v;
281 
282         if (v == SEQ_START_TOKEN) {
283                 seq_printf(seq, "entries  in_hit in_slow_tot in_slow_mc in_no_route in_brd in_martian_dst in_martian_src  out_hit out_slow_tot out_slow_mc  gc_total gc_ignored gc_goal_miss gc_dst_overflow in_hlist_search out_hlist_search\n");
284                 return 0;
285         }
286 
287         seq_printf(seq,"%08x  %08x %08x %08x %08x %08x %08x %08x "
288                    " %08x %08x %08x %08x %08x %08x %08x %08x %08x \n",
289                    dst_entries_get_slow(&ipv4_dst_ops),
290                    0, /* st->in_hit */
291                    st->in_slow_tot,
292                    st->in_slow_mc,
293                    st->in_no_route,
294                    st->in_brd,
295                    st->in_martian_dst,
296                    st->in_martian_src,
297 
298                    0, /* st->out_hit */
299                    st->out_slow_tot,
300                    st->out_slow_mc,
301 
302                    0, /* st->gc_total */
303                    0, /* st->gc_ignored */
304                    0, /* st->gc_goal_miss */
305                    0, /* st->gc_dst_overflow */
306                    0, /* st->in_hlist_search */
307                    0  /* st->out_hlist_search */
308                 );
309         return 0;
310 }
311 
312 static const struct seq_operations rt_cpu_seq_ops = {
313         .start  = rt_cpu_seq_start,
314         .next   = rt_cpu_seq_next,
315         .stop   = rt_cpu_seq_stop,
316         .show   = rt_cpu_seq_show,
317 };
318 
319 
320 static int rt_cpu_seq_open(struct inode *inode, struct file *file)
321 {
322         return seq_open(file, &rt_cpu_seq_ops);
323 }
324 
325 static const struct file_operations rt_cpu_seq_fops = {
326         .owner   = THIS_MODULE,
327         .open    = rt_cpu_seq_open,
328         .read    = seq_read,
329         .llseek  = seq_lseek,
330         .release = seq_release,
331 };
332 
333 #ifdef CONFIG_IP_ROUTE_CLASSID
334 static int rt_acct_proc_show(struct seq_file *m, void *v)
335 {
336         struct ip_rt_acct *dst, *src;
337         unsigned int i, j;
338 
339         dst = kcalloc(256, sizeof(struct ip_rt_acct), GFP_KERNEL);
340         if (!dst)
341                 return -ENOMEM;
342 
343         for_each_possible_cpu(i) {
344                 src = (struct ip_rt_acct *)per_cpu_ptr(ip_rt_acct, i);
345                 for (j = 0; j < 256; j++) {
346                         dst[j].o_bytes   += src[j].o_bytes;
347                         dst[j].o_packets += src[j].o_packets;
348                         dst[j].i_bytes   += src[j].i_bytes;
349                         dst[j].i_packets += src[j].i_packets;
350                 }
351         }
352 
353         seq_write(m, dst, 256 * sizeof(struct ip_rt_acct));
354         kfree(dst);
355         return 0;
356 }
357 
358 static int rt_acct_proc_open(struct inode *inode, struct file *file)
359 {
360         return single_open(file, rt_acct_proc_show, NULL);
361 }
362 
363 static const struct file_operations rt_acct_proc_fops = {
364         .owner          = THIS_MODULE,
365         .open           = rt_acct_proc_open,
366         .read           = seq_read,
367         .llseek         = seq_lseek,
368         .release        = single_release,
369 };
370 #endif
371 
372 static int __net_init ip_rt_do_proc_init(struct net *net)
373 {
374         struct proc_dir_entry *pde;
375 
376         pde = proc_create("rt_cache", S_IRUGO, net->proc_net,
377                           &rt_cache_seq_fops);
378         if (!pde)
379                 goto err1;
380 
381         pde = proc_create("rt_cache", S_IRUGO,
382                           net->proc_net_stat, &rt_cpu_seq_fops);
383         if (!pde)
384                 goto err2;
385 
386 #ifdef CONFIG_IP_ROUTE_CLASSID
387         pde = proc_create("rt_acct", 0, net->proc_net, &rt_acct_proc_fops);
388         if (!pde)
389                 goto err3;
390 #endif
391         return 0;
392 
393 #ifdef CONFIG_IP_ROUTE_CLASSID
394 err3:
395         remove_proc_entry("rt_cache", net->proc_net_stat);
396 #endif
397 err2:
398         remove_proc_entry("rt_cache", net->proc_net);
399 err1:
400         return -ENOMEM;
401 }
402 
403 static void __net_exit ip_rt_do_proc_exit(struct net *net)
404 {
405         remove_proc_entry("rt_cache", net->proc_net_stat);
406         remove_proc_entry("rt_cache", net->proc_net);
407 #ifdef CONFIG_IP_ROUTE_CLASSID
408         remove_proc_entry("rt_acct", net->proc_net);
409 #endif
410 }
411 
412 static struct pernet_operations ip_rt_proc_ops __net_initdata =  {
413         .init = ip_rt_do_proc_init,
414         .exit = ip_rt_do_proc_exit,
415 };
416 
417 static int __init ip_rt_proc_init(void)
418 {
419         return register_pernet_subsys(&ip_rt_proc_ops);
420 }
421 
422 #else
423 static inline int ip_rt_proc_init(void)
424 {
425         return 0;
426 }
427 #endif /* CONFIG_PROC_FS */
428 
429 static inline bool rt_is_expired(const struct rtable *rth)
430 {
431         return rth->rt_genid != rt_genid_ipv4(dev_net(rth->dst.dev));
432 }
433 
434 void rt_cache_flush(struct net *net)
435 {
436         rt_genid_bump_ipv4(net);
437 }
438 
439 static struct neighbour *ipv4_neigh_lookup(const struct dst_entry *dst,
440                                            struct sk_buff *skb,
441                                            const void *daddr)
442 {
443         struct net_device *dev = dst->dev;
444         const __be32 *pkey = daddr;
445         const struct rtable *rt;
446         struct neighbour *n;
447 
448         rt = (const struct rtable *) dst;
449         if (rt->rt_gateway)
450                 pkey = (const __be32 *) &rt->rt_gateway;
451         else if (skb)
452                 pkey = &ip_hdr(skb)->daddr;
453 
454         n = __ipv4_neigh_lookup(dev, *(__force u32 *)pkey);
455         if (n)
456                 return n;
457         return neigh_create(&arp_tbl, pkey, dev);
458 }
459 
460 #define IP_IDENTS_SZ 2048u
461 struct ip_ident_bucket {
462         atomic_t        id;
463         u32             stamp32;
464 };
465 
466 static struct ip_ident_bucket *ip_idents __read_mostly;
467 
468 /* In order to protect privacy, we add a perturbation to identifiers
469  * if one generator is seldom used. This makes hard for an attacker
470  * to infer how many packets were sent between two points in time.
471  */
472 u32 ip_idents_reserve(u32 hash, int segs)
473 {
474         struct ip_ident_bucket *bucket = ip_idents + hash % IP_IDENTS_SZ;
475         u32 old = ACCESS_ONCE(bucket->stamp32);
476         u32 now = (u32)jiffies;
477         u32 delta = 0;
478 
479         if (old != now && cmpxchg(&bucket->stamp32, old, now) == old)
480                 delta = prandom_u32_max(now - old);
481 
482         return atomic_add_return(segs + delta, &bucket->id) - segs;
483 }
484 EXPORT_SYMBOL(ip_idents_reserve);
485 
486 void __ip_select_ident(struct iphdr *iph, int segs)
487 {
488         static u32 ip_idents_hashrnd __read_mostly;
489         u32 hash, id;
490 
491         net_get_random_once(&ip_idents_hashrnd, sizeof(ip_idents_hashrnd));
492 
493         hash = jhash_3words((__force u32)iph->daddr,
494                             (__force u32)iph->saddr,
495                             iph->protocol,
496                             ip_idents_hashrnd);
497         id = ip_idents_reserve(hash, segs);
498         iph->id = htons(id);
499 }
500 EXPORT_SYMBOL(__ip_select_ident);
501 
502 static void __build_flow_key(struct flowi4 *fl4, const struct sock *sk,
503                              const struct iphdr *iph,
504                              int oif, u8 tos,
505                              u8 prot, u32 mark, int flow_flags)
506 {
507         if (sk) {
508                 const struct inet_sock *inet = inet_sk(sk);
509 
510                 oif = sk->sk_bound_dev_if;
511                 mark = sk->sk_mark;
512                 tos = RT_CONN_FLAGS(sk);
513                 prot = inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol;
514         }
515         flowi4_init_output(fl4, oif, mark, tos,
516                            RT_SCOPE_UNIVERSE, prot,
517                            flow_flags,
518                            iph->daddr, iph->saddr, 0, 0);
519 }
520 
521 static void build_skb_flow_key(struct flowi4 *fl4, const struct sk_buff *skb,
522                                const struct sock *sk)
523 {
524         const struct iphdr *iph = ip_hdr(skb);
525         int oif = skb->dev->ifindex;
526         u8 tos = RT_TOS(iph->tos);
527         u8 prot = iph->protocol;
528         u32 mark = skb->mark;
529 
530         __build_flow_key(fl4, sk, iph, oif, tos, prot, mark, 0);
531 }
532 
533 static void build_sk_flow_key(struct flowi4 *fl4, const struct sock *sk)
534 {
535         const struct inet_sock *inet = inet_sk(sk);
536         const struct ip_options_rcu *inet_opt;
537         __be32 daddr = inet->inet_daddr;
538 
539         rcu_read_lock();
540         inet_opt = rcu_dereference(inet->inet_opt);
541         if (inet_opt && inet_opt->opt.srr)
542                 daddr = inet_opt->opt.faddr;
543         flowi4_init_output(fl4, sk->sk_bound_dev_if, sk->sk_mark,
544                            RT_CONN_FLAGS(sk), RT_SCOPE_UNIVERSE,
545                            inet->hdrincl ? IPPROTO_RAW : sk->sk_protocol,
546                            inet_sk_flowi_flags(sk),
547                            daddr, inet->inet_saddr, 0, 0);
548         rcu_read_unlock();
549 }
550 
551 static void ip_rt_build_flow_key(struct flowi4 *fl4, const struct sock *sk,
552                                  const struct sk_buff *skb)
553 {
554         if (skb)
555                 build_skb_flow_key(fl4, skb, sk);
556         else
557                 build_sk_flow_key(fl4, sk);
558 }
559 
560 static inline void rt_free(struct rtable *rt)
561 {
562         call_rcu(&rt->dst.rcu_head, dst_rcu_free);
563 }
564 
565 static DEFINE_SPINLOCK(fnhe_lock);
566 
567 static void fnhe_flush_routes(struct fib_nh_exception *fnhe)
568 {
569         struct rtable *rt;
570 
571         rt = rcu_dereference(fnhe->fnhe_rth_input);
572         if (rt) {
573                 RCU_INIT_POINTER(fnhe->fnhe_rth_input, NULL);
574                 rt_free(rt);
575         }
576         rt = rcu_dereference(fnhe->fnhe_rth_output);
577         if (rt) {
578                 RCU_INIT_POINTER(fnhe->fnhe_rth_output, NULL);
579                 rt_free(rt);
580         }
581 }
582 
583 static struct fib_nh_exception *fnhe_oldest(struct fnhe_hash_bucket *hash)
584 {
585         struct fib_nh_exception *fnhe, *oldest;
586 
587         oldest = rcu_dereference(hash->chain);
588         for (fnhe = rcu_dereference(oldest->fnhe_next); fnhe;
589              fnhe = rcu_dereference(fnhe->fnhe_next)) {
590                 if (time_before(fnhe->fnhe_stamp, oldest->fnhe_stamp))
591                         oldest = fnhe;
592         }
593         fnhe_flush_routes(oldest);
594         return oldest;
595 }
596 
597 static inline u32 fnhe_hashfun(__be32 daddr)
598 {
599         static u32 fnhe_hashrnd __read_mostly;
600         u32 hval;
601 
602         net_get_random_once(&fnhe_hashrnd, sizeof(fnhe_hashrnd));
603         hval = jhash_1word((__force u32) daddr, fnhe_hashrnd);
604         return hash_32(hval, FNHE_HASH_SHIFT);
605 }
606 
607 static void fill_route_from_fnhe(struct rtable *rt, struct fib_nh_exception *fnhe)
608 {
609         rt->rt_pmtu = fnhe->fnhe_pmtu;
610         rt->dst.expires = fnhe->fnhe_expires;
611 
612         if (fnhe->fnhe_gw) {
613                 rt->rt_flags |= RTCF_REDIRECTED;
614                 rt->rt_gateway = fnhe->fnhe_gw;
615                 rt->rt_uses_gateway = 1;
616         }
617 }
618 
619 static void update_or_create_fnhe(struct fib_nh *nh, __be32 daddr, __be32 gw,
620                                   u32 pmtu, unsigned long expires)
621 {
622         struct fnhe_hash_bucket *hash;
623         struct fib_nh_exception *fnhe;
624         struct rtable *rt;
625         unsigned int i;
626         int depth;
627         u32 hval = fnhe_hashfun(daddr);
628 
629         spin_lock_bh(&fnhe_lock);
630 
631         hash = rcu_dereference(nh->nh_exceptions);
632         if (!hash) {
633                 hash = kzalloc(FNHE_HASH_SIZE * sizeof(*hash), GFP_ATOMIC);
634                 if (!hash)
635                         goto out_unlock;
636                 rcu_assign_pointer(nh->nh_exceptions, hash);
637         }
638 
639         hash += hval;
640 
641         depth = 0;
642         for (fnhe = rcu_dereference(hash->chain); fnhe;
643              fnhe = rcu_dereference(fnhe->fnhe_next)) {
644                 if (fnhe->fnhe_daddr == daddr)
645                         break;
646                 depth++;
647         }
648 
649         if (fnhe) {
650                 if (gw)
651                         fnhe->fnhe_gw = gw;
652                 if (pmtu) {
653                         fnhe->fnhe_pmtu = pmtu;
654                         fnhe->fnhe_expires = max(1UL, expires);
655                 }
656                 /* Update all cached dsts too */
657                 rt = rcu_dereference(fnhe->fnhe_rth_input);
658                 if (rt)
659                         fill_route_from_fnhe(rt, fnhe);
660                 rt = rcu_dereference(fnhe->fnhe_rth_output);
661                 if (rt)
662                         fill_route_from_fnhe(rt, fnhe);
663         } else {
664                 if (depth > FNHE_RECLAIM_DEPTH)
665                         fnhe = fnhe_oldest(hash);
666                 else {
667                         fnhe = kzalloc(sizeof(*fnhe), GFP_ATOMIC);
668                         if (!fnhe)
669                                 goto out_unlock;
670 
671                         fnhe->fnhe_next = hash->chain;
672                         rcu_assign_pointer(hash->chain, fnhe);
673                 }
674                 fnhe->fnhe_genid = fnhe_genid(dev_net(nh->nh_dev));
675                 fnhe->fnhe_daddr = daddr;
676                 fnhe->fnhe_gw = gw;
677                 fnhe->fnhe_pmtu = pmtu;
678                 fnhe->fnhe_expires = expires;
679 
680                 /* Exception created; mark the cached routes for the nexthop
681                  * stale, so anyone caching it rechecks if this exception
682                  * applies to them.
683                  */
684                 rt = rcu_dereference(nh->nh_rth_input);
685                 if (rt)
686                         rt->dst.obsolete = DST_OBSOLETE_KILL;
687 
688                 for_each_possible_cpu(i) {
689                         struct rtable __rcu **prt;
690                         prt = per_cpu_ptr(nh->nh_pcpu_rth_output, i);
691                         rt = rcu_dereference(*prt);
692                         if (rt)
693                                 rt->dst.obsolete = DST_OBSOLETE_KILL;
694                 }
695         }
696 
697         fnhe->fnhe_stamp = jiffies;
698 
699 out_unlock:
700         spin_unlock_bh(&fnhe_lock);
701 }
702 
703 static void __ip_do_redirect(struct rtable *rt, struct sk_buff *skb, struct flowi4 *fl4,
704                              bool kill_route)
705 {
706         __be32 new_gw = icmp_hdr(skb)->un.gateway;
707         __be32 old_gw = ip_hdr(skb)->saddr;
708         struct net_device *dev = skb->dev;
709         struct in_device *in_dev;
710         struct fib_result res;
711         struct neighbour *n;
712         struct net *net;
713 
714         switch (icmp_hdr(skb)->code & 7) {
715         case ICMP_REDIR_NET:
716         case ICMP_REDIR_NETTOS:
717         case ICMP_REDIR_HOST:
718         case ICMP_REDIR_HOSTTOS:
719                 break;
720 
721         default:
722                 return;
723         }
724 
725         if (rt->rt_gateway != old_gw)
726                 return;
727 
728         in_dev = __in_dev_get_rcu(dev);
729         if (!in_dev)
730                 return;
731 
732         net = dev_net(dev);
733         if (new_gw == old_gw || !IN_DEV_RX_REDIRECTS(in_dev) ||
734             ipv4_is_multicast(new_gw) || ipv4_is_lbcast(new_gw) ||
735             ipv4_is_zeronet(new_gw))
736                 goto reject_redirect;
737 
738         if (!IN_DEV_SHARED_MEDIA(in_dev)) {
739                 if (!inet_addr_onlink(in_dev, new_gw, old_gw))
740                         goto reject_redirect;
741                 if (IN_DEV_SEC_REDIRECTS(in_dev) && ip_fib_check_default(new_gw, dev))
742                         goto reject_redirect;
743         } else {
744                 if (inet_addr_type(net, new_gw) != RTN_UNICAST)
745                         goto reject_redirect;
746         }
747 
748         n = ipv4_neigh_lookup(&rt->dst, NULL, &new_gw);
749         if (!IS_ERR(n)) {
750                 if (!(n->nud_state & NUD_VALID)) {
751                         neigh_event_send(n, NULL);
752                 } else {
753                         if (fib_lookup(net, fl4, &res) == 0) {
754                                 struct fib_nh *nh = &FIB_RES_NH(res);
755 
756                                 update_or_create_fnhe(nh, fl4->daddr, new_gw,
757                                                       0, 0);
758                         }
759                         if (kill_route)
760                                 rt->dst.obsolete = DST_OBSOLETE_KILL;
761                         call_netevent_notifiers(NETEVENT_NEIGH_UPDATE, n);
762                 }
763                 neigh_release(n);
764         }
765         return;
766 
767 reject_redirect:
768 #ifdef CONFIG_IP_ROUTE_VERBOSE
769         if (IN_DEV_LOG_MARTIANS(in_dev)) {
770                 const struct iphdr *iph = (const struct iphdr *) skb->data;
771                 __be32 daddr = iph->daddr;
772                 __be32 saddr = iph->saddr;
773 
774                 net_info_ratelimited("Redirect from %pI4 on %s about %pI4 ignored\n"
775                                      "  Advised path = %pI4 -> %pI4\n",
776                                      &old_gw, dev->name, &new_gw,
777                                      &saddr, &daddr);
778         }
779 #endif
780         ;
781 }
782 
783 static void ip_do_redirect(struct dst_entry *dst, struct sock *sk, struct sk_buff *skb)
784 {
785         struct rtable *rt;
786         struct flowi4 fl4;
787         const struct iphdr *iph = (const struct iphdr *) skb->data;
788         int oif = skb->dev->ifindex;
789         u8 tos = RT_TOS(iph->tos);
790         u8 prot = iph->protocol;
791         u32 mark = skb->mark;
792 
793         rt = (struct rtable *) dst;
794 
795         __build_flow_key(&fl4, sk, iph, oif, tos, prot, mark, 0);
796         __ip_do_redirect(rt, skb, &fl4, true);
797 }
798 
799 static struct dst_entry *ipv4_negative_advice(struct dst_entry *dst)
800 {
801         struct rtable *rt = (struct rtable *)dst;
802         struct dst_entry *ret = dst;
803 
804         if (rt) {
805                 if (dst->obsolete > 0) {
806                         ip_rt_put(rt);
807                         ret = NULL;
808                 } else if ((rt->rt_flags & RTCF_REDIRECTED) ||
809                            rt->dst.expires) {
810                         ip_rt_put(rt);
811                         ret = NULL;
812                 }
813         }
814         return ret;
815 }
816 
817 /*
818  * Algorithm:
819  *      1. The first ip_rt_redirect_number redirects are sent
820  *         with exponential backoff, then we stop sending them at all,
821  *         assuming that the host ignores our redirects.
822  *      2. If we did not see packets requiring redirects
823  *         during ip_rt_redirect_silence, we assume that the host
824  *         forgot redirected route and start to send redirects again.
825  *
826  * This algorithm is much cheaper and more intelligent than dumb load limiting
827  * in icmp.c.
828  *
829  * NOTE. Do not forget to inhibit load limiting for redirects (redundant)
830  * and "frag. need" (breaks PMTU discovery) in icmp.c.
831  */
832 
833 void ip_rt_send_redirect(struct sk_buff *skb)
834 {
835         struct rtable *rt = skb_rtable(skb);
836         struct in_device *in_dev;
837         struct inet_peer *peer;
838         struct net *net;
839         int log_martians;
840 
841         rcu_read_lock();
842         in_dev = __in_dev_get_rcu(rt->dst.dev);
843         if (!in_dev || !IN_DEV_TX_REDIRECTS(in_dev)) {
844                 rcu_read_unlock();
845                 return;
846         }
847         log_martians = IN_DEV_LOG_MARTIANS(in_dev);
848         rcu_read_unlock();
849 
850         net = dev_net(rt->dst.dev);
851         peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
852         if (!peer) {
853                 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST,
854                           rt_nexthop(rt, ip_hdr(skb)->daddr));
855                 return;
856         }
857 
858         /* No redirected packets during ip_rt_redirect_silence;
859          * reset the algorithm.
860          */
861         if (time_after(jiffies, peer->rate_last + ip_rt_redirect_silence))
862                 peer->rate_tokens = 0;
863 
864         /* Too many ignored redirects; do not send anything
865          * set dst.rate_last to the last seen redirected packet.
866          */
867         if (peer->rate_tokens >= ip_rt_redirect_number) {
868                 peer->rate_last = jiffies;
869                 goto out_put_peer;
870         }
871 
872         /* Check for load limit; set rate_last to the latest sent
873          * redirect.
874          */
875         if (peer->rate_tokens == 0 ||
876             time_after(jiffies,
877                        (peer->rate_last +
878                         (ip_rt_redirect_load << peer->rate_tokens)))) {
879                 __be32 gw = rt_nexthop(rt, ip_hdr(skb)->daddr);
880 
881                 icmp_send(skb, ICMP_REDIRECT, ICMP_REDIR_HOST, gw);
882                 peer->rate_last = jiffies;
883                 ++peer->rate_tokens;
884 #ifdef CONFIG_IP_ROUTE_VERBOSE
885                 if (log_martians &&
886                     peer->rate_tokens == ip_rt_redirect_number)
887                         net_warn_ratelimited("host %pI4/if%d ignores redirects for %pI4 to %pI4\n",
888                                              &ip_hdr(skb)->saddr, inet_iif(skb),
889                                              &ip_hdr(skb)->daddr, &gw);
890 #endif
891         }
892 out_put_peer:
893         inet_putpeer(peer);
894 }
895 
896 static int ip_error(struct sk_buff *skb)
897 {
898         struct in_device *in_dev = __in_dev_get_rcu(skb->dev);
899         struct rtable *rt = skb_rtable(skb);
900         struct inet_peer *peer;
901         unsigned long now;
902         struct net *net;
903         bool send;
904         int code;
905 
906         net = dev_net(rt->dst.dev);
907         if (!IN_DEV_FORWARD(in_dev)) {
908                 switch (rt->dst.error) {
909                 case EHOSTUNREACH:
910                         IP_INC_STATS_BH(net, IPSTATS_MIB_INADDRERRORS);
911                         break;
912 
913                 case ENETUNREACH:
914                         IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
915                         break;
916                 }
917                 goto out;
918         }
919 
920         switch (rt->dst.error) {
921         case EINVAL:
922         default:
923                 goto out;
924         case EHOSTUNREACH:
925                 code = ICMP_HOST_UNREACH;
926                 break;
927         case ENETUNREACH:
928                 code = ICMP_NET_UNREACH;
929                 IP_INC_STATS_BH(net, IPSTATS_MIB_INNOROUTES);
930                 break;
931         case EACCES:
932                 code = ICMP_PKT_FILTERED;
933                 break;
934         }
935 
936         peer = inet_getpeer_v4(net->ipv4.peers, ip_hdr(skb)->saddr, 1);
937 
938         send = true;
939         if (peer) {
940                 now = jiffies;
941                 peer->rate_tokens += now - peer->rate_last;
942                 if (peer->rate_tokens > ip_rt_error_burst)
943                         peer->rate_tokens = ip_rt_error_burst;
944                 peer->rate_last = now;
945                 if (peer->rate_tokens >= ip_rt_error_cost)
946                         peer->rate_tokens -= ip_rt_error_cost;
947                 else
948                         send = false;
949                 inet_putpeer(peer);
950         }
951         if (send)
952                 icmp_send(skb, ICMP_DEST_UNREACH, code, 0);
953 
954 out:    kfree_skb(skb);
955         return 0;
956 }
957 
958 static void __ip_rt_update_pmtu(struct rtable *rt, struct flowi4 *fl4, u32 mtu)
959 {
960         struct dst_entry *dst = &rt->dst;
961         struct fib_result res;
962 
963         if (dst_metric_locked(dst, RTAX_MTU))
964                 return;
965 
966         if (dst->dev->mtu < mtu)
967                 return;
968 
969         if (rt->rt_pmtu && rt->rt_pmtu < mtu)
970                 return;
971 
972         if (mtu < ip_rt_min_pmtu)
973                 mtu = ip_rt_min_pmtu;
974 
975         if (rt->rt_pmtu == mtu &&
976             time_before(jiffies, dst->expires - ip_rt_mtu_expires / 2))
977                 return;
978 
979         rcu_read_lock();
980         if (fib_lookup(dev_net(dst->dev), fl4, &res) == 0) {
981                 struct fib_nh *nh = &FIB_RES_NH(res);
982 
983                 update_or_create_fnhe(nh, fl4->daddr, 0, mtu,
984                                       jiffies + ip_rt_mtu_expires);
985         }
986         rcu_read_unlock();
987 }
988 
989 static void ip_rt_update_pmtu(struct dst_entry *dst, struct sock *sk,
990                               struct sk_buff *skb, u32 mtu)
991 {
992         struct rtable *rt = (struct rtable *) dst;
993         struct flowi4 fl4;
994 
995         ip_rt_build_flow_key(&fl4, sk, skb);
996         __ip_rt_update_pmtu(rt, &fl4, mtu);
997 }
998 
999 void ipv4_update_pmtu(struct sk_buff *skb, struct net *net, u32 mtu,
1000                       int oif, u32 mark, u8 protocol, int flow_flags)
1001 {
1002         const struct iphdr *iph = (const struct iphdr *) skb->data;
1003         struct flowi4 fl4;
1004         struct rtable *rt;
1005 
1006         if (!mark)
1007                 mark = IP4_REPLY_MARK(net, skb->mark);
1008 
1009         __build_flow_key(&fl4, NULL, iph, oif,
1010                          RT_TOS(iph->tos), protocol, mark, flow_flags);
1011         rt = __ip_route_output_key(net, &fl4);
1012         if (!IS_ERR(rt)) {
1013                 __ip_rt_update_pmtu(rt, &fl4, mtu);
1014                 ip_rt_put(rt);
1015         }
1016 }
1017 EXPORT_SYMBOL_GPL(ipv4_update_pmtu);
1018 
1019 static void __ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1020 {
1021         const struct iphdr *iph = (const struct iphdr *) skb->data;
1022         struct flowi4 fl4;
1023         struct rtable *rt;
1024 
1025         __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1026 
1027         if (!fl4.flowi4_mark)
1028                 fl4.flowi4_mark = IP4_REPLY_MARK(sock_net(sk), skb->mark);
1029 
1030         rt = __ip_route_output_key(sock_net(sk), &fl4);
1031         if (!IS_ERR(rt)) {
1032                 __ip_rt_update_pmtu(rt, &fl4, mtu);
1033                 ip_rt_put(rt);
1034         }
1035 }
1036 
1037 void ipv4_sk_update_pmtu(struct sk_buff *skb, struct sock *sk, u32 mtu)
1038 {
1039         const struct iphdr *iph = (const struct iphdr *) skb->data;
1040         struct flowi4 fl4;
1041         struct rtable *rt;
1042         struct dst_entry *odst = NULL;
1043         bool new = false;
1044 
1045         bh_lock_sock(sk);
1046 
1047         if (!ip_sk_accept_pmtu(sk))
1048                 goto out;
1049 
1050         odst = sk_dst_get(sk);
1051 
1052         if (sock_owned_by_user(sk) || !odst) {
1053                 __ipv4_sk_update_pmtu(skb, sk, mtu);
1054                 goto out;
1055         }
1056 
1057         __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1058 
1059         rt = (struct rtable *)odst;
1060         if (odst->obsolete && odst->ops->check(odst, 0) == NULL) {
1061                 rt = ip_route_output_flow(sock_net(sk), &fl4, sk);
1062                 if (IS_ERR(rt))
1063                         goto out;
1064 
1065                 new = true;
1066         }
1067 
1068         __ip_rt_update_pmtu((struct rtable *) rt->dst.path, &fl4, mtu);
1069 
1070         if (!dst_check(&rt->dst, 0)) {
1071                 if (new)
1072                         dst_release(&rt->dst);
1073 
1074                 rt = ip_route_output_flow(sock_net(sk), &fl4, sk);
1075                 if (IS_ERR(rt))
1076                         goto out;
1077 
1078                 new = true;
1079         }
1080 
1081         if (new)
1082                 sk_dst_set(sk, &rt->dst);
1083 
1084 out:
1085         bh_unlock_sock(sk);
1086         dst_release(odst);
1087 }
1088 EXPORT_SYMBOL_GPL(ipv4_sk_update_pmtu);
1089 
1090 void ipv4_redirect(struct sk_buff *skb, struct net *net,
1091                    int oif, u32 mark, u8 protocol, int flow_flags)
1092 {
1093         const struct iphdr *iph = (const struct iphdr *) skb->data;
1094         struct flowi4 fl4;
1095         struct rtable *rt;
1096 
1097         __build_flow_key(&fl4, NULL, iph, oif,
1098                          RT_TOS(iph->tos), protocol, mark, flow_flags);
1099         rt = __ip_route_output_key(net, &fl4);
1100         if (!IS_ERR(rt)) {
1101                 __ip_do_redirect(rt, skb, &fl4, false);
1102                 ip_rt_put(rt);
1103         }
1104 }
1105 EXPORT_SYMBOL_GPL(ipv4_redirect);
1106 
1107 void ipv4_sk_redirect(struct sk_buff *skb, struct sock *sk)
1108 {
1109         const struct iphdr *iph = (const struct iphdr *) skb->data;
1110         struct flowi4 fl4;
1111         struct rtable *rt;
1112 
1113         __build_flow_key(&fl4, sk, iph, 0, 0, 0, 0, 0);
1114         rt = __ip_route_output_key(sock_net(sk), &fl4);
1115         if (!IS_ERR(rt)) {
1116                 __ip_do_redirect(rt, skb, &fl4, false);
1117                 ip_rt_put(rt);
1118         }
1119 }
1120 EXPORT_SYMBOL_GPL(ipv4_sk_redirect);
1121 
1122 static struct dst_entry *ipv4_dst_check(struct dst_entry *dst, u32 cookie)
1123 {
1124         struct rtable *rt = (struct rtable *) dst;
1125 
1126         /* All IPV4 dsts are created with ->obsolete set to the value
1127          * DST_OBSOLETE_FORCE_CHK which forces validation calls down
1128          * into this function always.
1129          *
1130          * When a PMTU/redirect information update invalidates a route,
1131          * this is indicated by setting obsolete to DST_OBSOLETE_KILL or
1132          * DST_OBSOLETE_DEAD by dst_free().
1133          */
1134         if (dst->obsolete != DST_OBSOLETE_FORCE_CHK || rt_is_expired(rt))
1135                 return NULL;
1136         return dst;
1137 }
1138 
1139 static void ipv4_link_failure(struct sk_buff *skb)
1140 {
1141         struct rtable *rt;
1142 
1143         icmp_send(skb, ICMP_DEST_UNREACH, ICMP_HOST_UNREACH, 0);
1144 
1145         rt = skb_rtable(skb);
1146         if (rt)
1147                 dst_set_expires(&rt->dst, 0);
1148 }
1149 
1150 static int ip_rt_bug(struct sock *sk, struct sk_buff *skb)
1151 {
1152         pr_debug("%s: %pI4 -> %pI4, %s\n",
1153                  __func__, &ip_hdr(skb)->saddr, &ip_hdr(skb)->daddr,
1154                  skb->dev ? skb->dev->name : "?");
1155         kfree_skb(skb);
1156         WARN_ON(1);
1157         return 0;
1158 }
1159 
1160 /*
1161    We do not cache source address of outgoing interface,
1162    because it is used only by IP RR, TS and SRR options,
1163    so that it out of fast path.
1164 
1165    BTW remember: "addr" is allowed to be not aligned
1166    in IP options!
1167  */
1168 
1169 void ip_rt_get_source(u8 *addr, struct sk_buff *skb, struct rtable *rt)
1170 {
1171         __be32 src;
1172 
1173         if (rt_is_output_route(rt))
1174                 src = ip_hdr(skb)->saddr;
1175         else {
1176                 struct fib_result res;
1177                 struct flowi4 fl4;
1178                 struct iphdr *iph;
1179 
1180                 iph = ip_hdr(skb);
1181 
1182                 memset(&fl4, 0, sizeof(fl4));
1183                 fl4.daddr = iph->daddr;
1184                 fl4.saddr = iph->saddr;
1185                 fl4.flowi4_tos = RT_TOS(iph->tos);
1186                 fl4.flowi4_oif = rt->dst.dev->ifindex;
1187                 fl4.flowi4_iif = skb->dev->ifindex;
1188                 fl4.flowi4_mark = skb->mark;
1189 
1190                 rcu_read_lock();
1191                 if (fib_lookup(dev_net(rt->dst.dev), &fl4, &res) == 0)
1192                         src = FIB_RES_PREFSRC(dev_net(rt->dst.dev), res);
1193                 else
1194                         src = inet_select_addr(rt->dst.dev,
1195                                                rt_nexthop(rt, iph->daddr),
1196                                                RT_SCOPE_UNIVERSE);
1197                 rcu_read_unlock();
1198         }
1199         memcpy(addr, &src, 4);
1200 }
1201 
1202 #ifdef CONFIG_IP_ROUTE_CLASSID
1203 static void set_class_tag(struct rtable *rt, u32 tag)
1204 {
1205         if (!(rt->dst.tclassid & 0xFFFF))
1206                 rt->dst.tclassid |= tag & 0xFFFF;
1207         if (!(rt->dst.tclassid & 0xFFFF0000))
1208                 rt->dst.tclassid |= tag & 0xFFFF0000;
1209 }
1210 #endif
1211 
1212 static unsigned int ipv4_default_advmss(const struct dst_entry *dst)
1213 {
1214         unsigned int advmss = dst_metric_raw(dst, RTAX_ADVMSS);
1215 
1216         if (advmss == 0) {
1217                 advmss = max_t(unsigned int, dst->dev->mtu - 40,
1218                                ip_rt_min_advmss);
1219                 if (advmss > 65535 - 40)
1220                         advmss = 65535 - 40;
1221         }
1222         return advmss;
1223 }
1224 
1225 static unsigned int ipv4_mtu(const struct dst_entry *dst)
1226 {
1227         const struct rtable *rt = (const struct rtable *) dst;
1228         unsigned int mtu = rt->rt_pmtu;
1229 
1230         if (!mtu || time_after_eq(jiffies, rt->dst.expires))
1231                 mtu = dst_metric_raw(dst, RTAX_MTU);
1232 
1233         if (mtu)
1234                 return mtu;
1235 
1236         mtu = dst->dev->mtu;
1237 
1238         if (unlikely(dst_metric_locked(dst, RTAX_MTU))) {
1239                 if (rt->rt_uses_gateway && mtu > 576)
1240                         mtu = 576;
1241         }
1242 
1243         return min_t(unsigned int, mtu, IP_MAX_MTU);
1244 }
1245 
1246 static struct fib_nh_exception *find_exception(struct fib_nh *nh, __be32 daddr)
1247 {
1248         struct fnhe_hash_bucket *hash = rcu_dereference(nh->nh_exceptions);
1249         struct fib_nh_exception *fnhe;
1250         u32 hval;
1251 
1252         if (!hash)
1253                 return NULL;
1254 
1255         hval = fnhe_hashfun(daddr);
1256 
1257         for (fnhe = rcu_dereference(hash[hval].chain); fnhe;
1258              fnhe = rcu_dereference(fnhe->fnhe_next)) {
1259                 if (fnhe->fnhe_daddr == daddr)
1260                         return fnhe;
1261         }
1262         return NULL;
1263 }
1264 
1265 static bool rt_bind_exception(struct rtable *rt, struct fib_nh_exception *fnhe,
1266                               __be32 daddr)
1267 {
1268         bool ret = false;
1269 
1270         spin_lock_bh(&fnhe_lock);
1271 
1272         if (daddr == fnhe->fnhe_daddr) {
1273                 struct rtable __rcu **porig;
1274                 struct rtable *orig;
1275                 int genid = fnhe_genid(dev_net(rt->dst.dev));
1276 
1277                 if (rt_is_input_route(rt))
1278                         porig = &fnhe->fnhe_rth_input;
1279                 else
1280                         porig = &fnhe->fnhe_rth_output;
1281                 orig = rcu_dereference(*porig);
1282 
1283                 if (fnhe->fnhe_genid != genid) {
1284                         fnhe->fnhe_genid = genid;
1285                         fnhe->fnhe_gw = 0;
1286                         fnhe->fnhe_pmtu = 0;
1287                         fnhe->fnhe_expires = 0;
1288                         fnhe_flush_routes(fnhe);
1289                         orig = NULL;
1290                 }
1291                 fill_route_from_fnhe(rt, fnhe);
1292                 if (!rt->rt_gateway)
1293                         rt->rt_gateway = daddr;
1294 
1295                 if (!(rt->dst.flags & DST_NOCACHE)) {
1296                         rcu_assign_pointer(*porig, rt);
1297                         if (orig)
1298                                 rt_free(orig);
1299                         ret = true;
1300                 }
1301 
1302                 fnhe->fnhe_stamp = jiffies;
1303         }
1304         spin_unlock_bh(&fnhe_lock);
1305 
1306         return ret;
1307 }
1308 
1309 static bool rt_cache_route(struct fib_nh *nh, struct rtable *rt)
1310 {
1311         struct rtable *orig, *prev, **p;
1312         bool ret = true;
1313 
1314         if (rt_is_input_route(rt)) {
1315                 p = (struct rtable **)&nh->nh_rth_input;
1316         } else {
1317                 p = (struct rtable **)raw_cpu_ptr(nh->nh_pcpu_rth_output);
1318         }
1319         orig = *p;
1320 
1321         prev = cmpxchg(p, orig, rt);
1322         if (prev == orig) {
1323                 if (orig)
1324                         rt_free(orig);
1325         } else
1326                 ret = false;
1327 
1328         return ret;
1329 }
1330 
1331 static DEFINE_SPINLOCK(rt_uncached_lock);
1332 static LIST_HEAD(rt_uncached_list);
1333 
1334 static void rt_add_uncached_list(struct rtable *rt)
1335 {
1336         spin_lock_bh(&rt_uncached_lock);
1337         list_add_tail(&rt->rt_uncached, &rt_uncached_list);
1338         spin_unlock_bh(&rt_uncached_lock);
1339 }
1340 
1341 static void ipv4_dst_destroy(struct dst_entry *dst)
1342 {
1343         struct rtable *rt = (struct rtable *) dst;
1344 
1345         if (!list_empty(&rt->rt_uncached)) {
1346                 spin_lock_bh(&rt_uncached_lock);
1347                 list_del(&rt->rt_uncached);
1348                 spin_unlock_bh(&rt_uncached_lock);
1349         }
1350 }
1351 
1352 void rt_flush_dev(struct net_device *dev)
1353 {
1354         if (!list_empty(&rt_uncached_list)) {
1355                 struct net *net = dev_net(dev);
1356                 struct rtable *rt;
1357 
1358                 spin_lock_bh(&rt_uncached_lock);
1359                 list_for_each_entry(rt, &rt_uncached_list, rt_uncached) {
1360                         if (rt->dst.dev != dev)
1361                                 continue;
1362                         rt->dst.dev = net->loopback_dev;
1363                         dev_hold(rt->dst.dev);
1364                         dev_put(dev);
1365                 }
1366                 spin_unlock_bh(&rt_uncached_lock);
1367         }
1368 }
1369 
1370 static bool rt_cache_valid(const struct rtable *rt)
1371 {
1372         return  rt &&
1373                 rt->dst.obsolete == DST_OBSOLETE_FORCE_CHK &&
1374                 !rt_is_expired(rt);
1375 }
1376 
1377 static void rt_set_nexthop(struct rtable *rt, __be32 daddr,
1378                            const struct fib_result *res,
1379                            struct fib_nh_exception *fnhe,
1380                            struct fib_info *fi, u16 type, u32 itag)
1381 {
1382         bool cached = false;
1383 
1384         if (fi) {
1385                 struct fib_nh *nh = &FIB_RES_NH(*res);
1386 
1387                 if (nh->nh_gw && nh->nh_scope == RT_SCOPE_LINK) {
1388                         rt->rt_gateway = nh->nh_gw;
1389                         rt->rt_uses_gateway = 1;
1390                 }
1391                 dst_init_metrics(&rt->dst, fi->fib_metrics, true);
1392 #ifdef CONFIG_IP_ROUTE_CLASSID
1393                 rt->dst.tclassid = nh->nh_tclassid;
1394 #endif
1395                 if (unlikely(fnhe))
1396                         cached = rt_bind_exception(rt, fnhe, daddr);
1397                 else if (!(rt->dst.flags & DST_NOCACHE))
1398                         cached = rt_cache_route(nh, rt);
1399                 if (unlikely(!cached)) {
1400                         /* Routes we intend to cache in nexthop exception or
1401                          * FIB nexthop have the DST_NOCACHE bit clear.
1402                          * However, if we are unsuccessful at storing this
1403                          * route into the cache we really need to set it.
1404                          */
1405                         rt->dst.flags |= DST_NOCACHE;
1406                         if (!rt->rt_gateway)
1407                                 rt->rt_gateway = daddr;
1408                         rt_add_uncached_list(rt);
1409                 }
1410         } else
1411                 rt_add_uncached_list(rt);
1412 
1413 #ifdef CONFIG_IP_ROUTE_CLASSID
1414 #ifdef CONFIG_IP_MULTIPLE_TABLES
1415         set_class_tag(rt, res->tclassid);
1416 #endif
1417         set_class_tag(rt, itag);
1418 #endif
1419 }
1420 
1421 static struct rtable *rt_dst_alloc(struct net_device *dev,
1422                                    bool nopolicy, bool noxfrm, bool will_cache)
1423 {
1424         return dst_alloc(&ipv4_dst_ops, dev, 1, DST_OBSOLETE_FORCE_CHK,
1425                          (will_cache ? 0 : (DST_HOST | DST_NOCACHE)) |
1426                          (nopolicy ? DST_NOPOLICY : 0) |
1427                          (noxfrm ? DST_NOXFRM : 0));
1428 }
1429 
1430 /* called in rcu_read_lock() section */
1431 static int ip_route_input_mc(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1432                                 u8 tos, struct net_device *dev, int our)
1433 {
1434         struct rtable *rth;
1435         struct in_device *in_dev = __in_dev_get_rcu(dev);
1436         u32 itag = 0;
1437         int err;
1438 
1439         /* Primary sanity checks. */
1440 
1441         if (in_dev == NULL)
1442                 return -EINVAL;
1443 
1444         if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr) ||
1445             skb->protocol != htons(ETH_P_IP))
1446                 goto e_inval;
1447 
1448         if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1449                 if (ipv4_is_loopback(saddr))
1450                         goto e_inval;
1451 
1452         if (ipv4_is_zeronet(saddr)) {
1453                 if (!ipv4_is_local_multicast(daddr))
1454                         goto e_inval;
1455         } else {
1456                 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1457                                           in_dev, &itag);
1458                 if (err < 0)
1459                         goto e_err;
1460         }
1461         rth = rt_dst_alloc(dev_net(dev)->loopback_dev,
1462                            IN_DEV_CONF_GET(in_dev, NOPOLICY), false, false);
1463         if (!rth)
1464                 goto e_nobufs;
1465 
1466 #ifdef CONFIG_IP_ROUTE_CLASSID
1467         rth->dst.tclassid = itag;
1468 #endif
1469         rth->dst.output = ip_rt_bug;
1470 
1471         rth->rt_genid   = rt_genid_ipv4(dev_net(dev));
1472         rth->rt_flags   = RTCF_MULTICAST;
1473         rth->rt_type    = RTN_MULTICAST;
1474         rth->rt_is_input= 1;
1475         rth->rt_iif     = 0;
1476         rth->rt_pmtu    = 0;
1477         rth->rt_gateway = 0;
1478         rth->rt_uses_gateway = 0;
1479         INIT_LIST_HEAD(&rth->rt_uncached);
1480         if (our) {
1481                 rth->dst.input= ip_local_deliver;
1482                 rth->rt_flags |= RTCF_LOCAL;
1483         }
1484 
1485 #ifdef CONFIG_IP_MROUTE
1486         if (!ipv4_is_local_multicast(daddr) && IN_DEV_MFORWARD(in_dev))
1487                 rth->dst.input = ip_mr_input;
1488 #endif
1489         RT_CACHE_STAT_INC(in_slow_mc);
1490 
1491         skb_dst_set(skb, &rth->dst);
1492         return 0;
1493 
1494 e_nobufs:
1495         return -ENOBUFS;
1496 e_inval:
1497         return -EINVAL;
1498 e_err:
1499         return err;
1500 }
1501 
1502 
1503 static void ip_handle_martian_source(struct net_device *dev,
1504                                      struct in_device *in_dev,
1505                                      struct sk_buff *skb,
1506                                      __be32 daddr,
1507                                      __be32 saddr)
1508 {
1509         RT_CACHE_STAT_INC(in_martian_src);
1510 #ifdef CONFIG_IP_ROUTE_VERBOSE
1511         if (IN_DEV_LOG_MARTIANS(in_dev) && net_ratelimit()) {
1512                 /*
1513                  *      RFC1812 recommendation, if source is martian,
1514                  *      the only hint is MAC header.
1515                  */
1516                 pr_warn("martian source %pI4 from %pI4, on dev %s\n",
1517                         &daddr, &saddr, dev->name);
1518                 if (dev->hard_header_len && skb_mac_header_was_set(skb)) {
1519                         print_hex_dump(KERN_WARNING, "ll header: ",
1520                                        DUMP_PREFIX_OFFSET, 16, 1,
1521                                        skb_mac_header(skb),
1522                                        dev->hard_header_len, true);
1523                 }
1524         }
1525 #endif
1526 }
1527 
1528 /* called in rcu_read_lock() section */
1529 static int __mkroute_input(struct sk_buff *skb,
1530                            const struct fib_result *res,
1531                            struct in_device *in_dev,
1532                            __be32 daddr, __be32 saddr, u32 tos)
1533 {
1534         struct fib_nh_exception *fnhe;
1535         struct rtable *rth;
1536         int err;
1537         struct in_device *out_dev;
1538         unsigned int flags = 0;
1539         bool do_cache;
1540         u32 itag = 0;
1541 
1542         /* get a working reference to the output device */
1543         out_dev = __in_dev_get_rcu(FIB_RES_DEV(*res));
1544         if (out_dev == NULL) {
1545                 net_crit_ratelimited("Bug in ip_route_input_slow(). Please report.\n");
1546                 return -EINVAL;
1547         }
1548 
1549         err = fib_validate_source(skb, saddr, daddr, tos, FIB_RES_OIF(*res),
1550                                   in_dev->dev, in_dev, &itag);
1551         if (err < 0) {
1552                 ip_handle_martian_source(in_dev->dev, in_dev, skb, daddr,
1553                                          saddr);
1554 
1555                 goto cleanup;
1556         }
1557 
1558         do_cache = res->fi && !itag;
1559         if (out_dev == in_dev && err && IN_DEV_TX_REDIRECTS(out_dev) &&
1560             skb->protocol == htons(ETH_P_IP) &&
1561             (IN_DEV_SHARED_MEDIA(out_dev) ||
1562              inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res))))
1563                 IPCB(skb)->flags |= IPSKB_DOREDIRECT;
1564 
1565         if (skb->protocol != htons(ETH_P_IP)) {
1566                 /* Not IP (i.e. ARP). Do not create route, if it is
1567                  * invalid for proxy arp. DNAT routes are always valid.
1568                  *
1569                  * Proxy arp feature have been extended to allow, ARP
1570                  * replies back to the same interface, to support
1571                  * Private VLAN switch technologies. See arp.c.
1572                  */
1573                 if (out_dev == in_dev &&
1574                     IN_DEV_PROXY_ARP_PVLAN(in_dev) == 0) {
1575                         err = -EINVAL;
1576                         goto cleanup;
1577                 }
1578         }
1579 
1580         fnhe = find_exception(&FIB_RES_NH(*res), daddr);
1581         if (do_cache) {
1582                 if (fnhe != NULL)
1583                         rth = rcu_dereference(fnhe->fnhe_rth_input);
1584                 else
1585                         rth = rcu_dereference(FIB_RES_NH(*res).nh_rth_input);
1586 
1587                 if (rt_cache_valid(rth)) {
1588                         skb_dst_set_noref(skb, &rth->dst);
1589                         goto out;
1590                 }
1591         }
1592 
1593         rth = rt_dst_alloc(out_dev->dev,
1594                            IN_DEV_CONF_GET(in_dev, NOPOLICY),
1595                            IN_DEV_CONF_GET(out_dev, NOXFRM), do_cache);
1596         if (!rth) {
1597                 err = -ENOBUFS;
1598                 goto cleanup;
1599         }
1600 
1601         rth->rt_genid = rt_genid_ipv4(dev_net(rth->dst.dev));
1602         rth->rt_flags = flags;
1603         rth->rt_type = res->type;
1604         rth->rt_is_input = 1;
1605         rth->rt_iif     = 0;
1606         rth->rt_pmtu    = 0;
1607         rth->rt_gateway = 0;
1608         rth->rt_uses_gateway = 0;
1609         INIT_LIST_HEAD(&rth->rt_uncached);
1610         RT_CACHE_STAT_INC(in_slow_tot);
1611 
1612         rth->dst.input = ip_forward;
1613         rth->dst.output = ip_output;
1614 
1615         rt_set_nexthop(rth, daddr, res, fnhe, res->fi, res->type, itag);
1616         skb_dst_set(skb, &rth->dst);
1617 out:
1618         err = 0;
1619  cleanup:
1620         return err;
1621 }
1622 
1623 static int ip_mkroute_input(struct sk_buff *skb,
1624                             struct fib_result *res,
1625                             const struct flowi4 *fl4,
1626                             struct in_device *in_dev,
1627                             __be32 daddr, __be32 saddr, u32 tos)
1628 {
1629 #ifdef CONFIG_IP_ROUTE_MULTIPATH
1630         if (res->fi && res->fi->fib_nhs > 1)
1631                 fib_select_multipath(res);
1632 #endif
1633 
1634         /* create a routing cache entry */
1635         return __mkroute_input(skb, res, in_dev, daddr, saddr, tos);
1636 }
1637 
1638 /*
1639  *      NOTE. We drop all the packets that has local source
1640  *      addresses, because every properly looped back packet
1641  *      must have correct destination already attached by output routine.
1642  *
1643  *      Such approach solves two big problems:
1644  *      1. Not simplex devices are handled properly.
1645  *      2. IP spoofing attempts are filtered with 100% of guarantee.
1646  *      called with rcu_read_lock()
1647  */
1648 
1649 static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1650                                u8 tos, struct net_device *dev)
1651 {
1652         struct fib_result res;
1653         struct in_device *in_dev = __in_dev_get_rcu(dev);
1654         struct flowi4   fl4;
1655         unsigned int    flags = 0;
1656         u32             itag = 0;
1657         struct rtable   *rth;
1658         int             err = -EINVAL;
1659         struct net    *net = dev_net(dev);
1660         bool do_cache;
1661 
1662         /* IP on this device is disabled. */
1663 
1664         if (!in_dev)
1665                 goto out;
1666 
1667         /* Check for the most weird martians, which can be not detected
1668            by fib_lookup.
1669          */
1670 
1671         if (ipv4_is_multicast(saddr) || ipv4_is_lbcast(saddr))
1672                 goto martian_source;
1673 
1674         res.fi = NULL;
1675         if (ipv4_is_lbcast(daddr) || (saddr == 0 && daddr == 0))
1676                 goto brd_input;
1677 
1678         /* Accept zero addresses only to limited broadcast;
1679          * I even do not know to fix it or not. Waiting for complains :-)
1680          */
1681         if (ipv4_is_zeronet(saddr))
1682                 goto martian_source;
1683 
1684         if (ipv4_is_zeronet(daddr))
1685                 goto martian_destination;
1686 
1687         /* Following code try to avoid calling IN_DEV_NET_ROUTE_LOCALNET(),
1688          * and call it once if daddr or/and saddr are loopback addresses
1689          */
1690         if (ipv4_is_loopback(daddr)) {
1691                 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1692                         goto martian_destination;
1693         } else if (ipv4_is_loopback(saddr)) {
1694                 if (!IN_DEV_NET_ROUTE_LOCALNET(in_dev, net))
1695                         goto martian_source;
1696         }
1697 
1698         /*
1699          *      Now we are ready to route packet.
1700          */
1701         fl4.flowi4_oif = 0;
1702         fl4.flowi4_iif = dev->ifindex;
1703         fl4.flowi4_mark = skb->mark;
1704         fl4.flowi4_tos = tos;
1705         fl4.flowi4_scope = RT_SCOPE_UNIVERSE;
1706         fl4.daddr = daddr;
1707         fl4.saddr = saddr;
1708         err = fib_lookup(net, &fl4, &res);
1709         if (err != 0) {
1710                 if (!IN_DEV_FORWARD(in_dev))
1711                         err = -EHOSTUNREACH;
1712                 goto no_route;
1713         }
1714 
1715         if (res.type == RTN_BROADCAST)
1716                 goto brd_input;
1717 
1718         if (res.type == RTN_LOCAL) {
1719                 err = fib_validate_source(skb, saddr, daddr, tos,
1720                                           0, dev, in_dev, &itag);
1721                 if (err < 0)
1722                         goto martian_source_keep_err;
1723                 goto local_input;
1724         }
1725 
1726         if (!IN_DEV_FORWARD(in_dev)) {
1727                 err = -EHOSTUNREACH;
1728                 goto no_route;
1729         }
1730         if (res.type != RTN_UNICAST)
1731                 goto martian_destination;
1732 
1733         err = ip_mkroute_input(skb, &res, &fl4, in_dev, daddr, saddr, tos);
1734 out:    return err;
1735 
1736 brd_input:
1737         if (skb->protocol != htons(ETH_P_IP))
1738                 goto e_inval;
1739 
1740         if (!ipv4_is_zeronet(saddr)) {
1741                 err = fib_validate_source(skb, saddr, 0, tos, 0, dev,
1742                                           in_dev, &itag);
1743                 if (err < 0)
1744                         goto martian_source_keep_err;
1745         }
1746         flags |= RTCF_BROADCAST;
1747         res.type = RTN_BROADCAST;
1748         RT_CACHE_STAT_INC(in_brd);
1749 
1750 local_input:
1751         do_cache = false;
1752         if (res.fi) {
1753                 if (!itag) {
1754                         rth = rcu_dereference(FIB_RES_NH(res).nh_rth_input);
1755                         if (rt_cache_valid(rth)) {
1756                                 skb_dst_set_noref(skb, &rth->dst);
1757                                 err = 0;
1758                                 goto out;
1759                         }
1760                         do_cache = true;
1761                 }
1762         }
1763 
1764         rth = rt_dst_alloc(net->loopback_dev,
1765                            IN_DEV_CONF_GET(in_dev, NOPOLICY), false, do_cache);
1766         if (!rth)
1767                 goto e_nobufs;
1768 
1769         rth->dst.input= ip_local_deliver;
1770         rth->dst.output= ip_rt_bug;
1771 #ifdef CONFIG_IP_ROUTE_CLASSID
1772         rth->dst.tclassid = itag;
1773 #endif
1774 
1775         rth->rt_genid = rt_genid_ipv4(net);
1776         rth->rt_flags   = flags|RTCF_LOCAL;
1777         rth->rt_type    = res.type;
1778         rth->rt_is_input = 1;
1779         rth->rt_iif     = 0;
1780         rth->rt_pmtu    = 0;
1781         rth->rt_gateway = 0;
1782         rth->rt_uses_gateway = 0;
1783         INIT_LIST_HEAD(&rth->rt_uncached);
1784         RT_CACHE_STAT_INC(in_slow_tot);
1785         if (res.type == RTN_UNREACHABLE) {
1786                 rth->dst.input= ip_error;
1787                 rth->dst.error= -err;
1788                 rth->rt_flags   &= ~RTCF_LOCAL;
1789         }
1790         if (do_cache) {
1791                 if (unlikely(!rt_cache_route(&FIB_RES_NH(res), rth))) {
1792                         rth->dst.flags |= DST_NOCACHE;
1793                         rt_add_uncached_list(rth);
1794                 }
1795         }
1796         skb_dst_set(skb, &rth->dst);
1797         err = 0;
1798         goto out;
1799 
1800 no_route:
1801         RT_CACHE_STAT_INC(in_no_route);
1802         res.type = RTN_UNREACHABLE;
1803         res.fi = NULL;
1804         goto local_input;
1805 
1806         /*
1807          *      Do not cache martian addresses: they should be logged (RFC1812)
1808          */
1809 martian_destination:
1810         RT_CACHE_STAT_INC(in_martian_dst);
1811 #ifdef CONFIG_IP_ROUTE_VERBOSE
1812         if (IN_DEV_LOG_MARTIANS(in_dev))
1813                 net_warn_ratelimited("martian destination %pI4 from %pI4, dev %s\n",
1814                                      &daddr, &saddr, dev->name);
1815 #endif
1816 
1817 e_inval:
1818         err = -EINVAL;
1819         goto out;
1820 
1821 e_nobufs:
1822         err = -ENOBUFS;
1823         goto out;
1824 
1825 martian_source:
1826         err = -EINVAL;
1827 martian_source_keep_err:
1828         ip_handle_martian_source(dev, in_dev, skb, daddr, saddr);
1829         goto out;
1830 }
1831 
1832 int ip_route_input_noref(struct sk_buff *skb, __be32 daddr, __be32 saddr,
1833                          u8 tos, struct net_device *dev)
1834 {
1835         int res;
1836 
1837         rcu_read_lock();
1838 
1839         /* Multicast recognition logic is moved from route cache to here.
1840            The problem was that too many Ethernet cards have broken/missing
1841            hardware multicast filters :-( As result the host on multicasting
1842            network acquires a lot of useless route cache entries, sort of
1843            SDR messages from all the world. Now we try to get rid of them.
1844            Really, provided software IP multicast filter is organized
1845            reasonably (at least, hashed), it does not result in a slowdown
1846            comparing with route cache reject entries.
1847            Note, that multicast routers are not affected, because
1848            route cache entry is created eventually.
1849          */
1850         if (ipv4_is_multicast(daddr)) {
1851                 struct in_device *in_dev = __in_dev_get_rcu(dev);
1852 
1853                 if (in_dev) {
1854                         int our = ip_check_mc_rcu(in_dev, daddr, saddr,
1855                                                   ip_hdr(skb)->protocol);
1856                         if (our
1857 #ifdef CONFIG_IP_MROUTE
1858                                 ||
1859                             (!ipv4_is_local_multicast(daddr) &&
1860                              IN_DEV_MFORWARD(in_dev))
1861 #endif
1862                            ) {
1863                                 int res = ip_route_input_mc(skb, daddr, saddr,
1864                                                             tos, dev, our);
1865                                 rcu_read_unlock();
1866                                 return res;
1867                         }
1868                 }
1869                 rcu_read_unlock();
1870                 return -EINVAL;
1871         }
1872         res = ip_route_input_slow(skb, daddr, saddr, tos, dev);
1873         rcu_read_unlock();
1874         return res;
1875 }
1876 EXPORT_SYMBOL(ip_route_input_noref);
1877 
1878 /* called with rcu_read_lock() */
1879 static struct rtable *__mkroute_output(const struct fib_result *res,
1880                                        const struct flowi4 *fl4, int orig_oif,
1881                                        struct net_device *dev_out,
1882                                        unsigned int flags)
1883 {
1884         struct fib_info *fi = res->fi;
1885         struct fib_nh_exception *fnhe;
1886         struct in_device *in_dev;
1887         u16 type = res->type;
1888         struct rtable *rth;
1889         bool do_cache;
1890 
1891         in_dev = __in_dev_get_rcu(dev_out);
1892         if (!in_dev)
1893                 return ERR_PTR(-EINVAL);
1894 
1895         if (likely(!IN_DEV_ROUTE_LOCALNET(in_dev)))
1896                 if (ipv4_is_loopback(fl4->saddr) && !(dev_out->flags & IFF_LOOPBACK))
1897                         return ERR_PTR(-EINVAL);
1898 
1899         if (ipv4_is_lbcast(fl4->daddr))
1900                 type = RTN_BROADCAST;
1901         else if (ipv4_is_multicast(fl4->daddr))
1902                 type = RTN_MULTICAST;
1903         else if (ipv4_is_zeronet(fl4->daddr))
1904                 return ERR_PTR(-EINVAL);
1905 
1906         if (dev_out->flags & IFF_LOOPBACK)
1907                 flags |= RTCF_LOCAL;
1908 
1909         do_cache = true;
1910         if (type == RTN_BROADCAST) {
1911                 flags |= RTCF_BROADCAST | RTCF_LOCAL;
1912                 fi = NULL;
1913         } else if (type == RTN_MULTICAST) {
1914                 flags |= RTCF_MULTICAST | RTCF_LOCAL;
1915                 if (!ip_check_mc_rcu(in_dev, fl4->daddr, fl4->saddr,
1916                                      fl4->flowi4_proto))
1917                         flags &= ~RTCF_LOCAL;
1918                 else
1919                         do_cache = false;
1920                 /* If multicast route do not exist use
1921                  * default one, but do not gateway in this case.
1922                  * Yes, it is hack.
1923                  */
1924                 if (fi && res->prefixlen < 4)
1925                         fi = NULL;
1926         }
1927 
1928         fnhe = NULL;
1929         do_cache &= fi != NULL;
1930         if (do_cache) {
1931                 struct rtable __rcu **prth;
1932                 struct fib_nh *nh = &FIB_RES_NH(*res);
1933 
1934                 fnhe = find_exception(nh, fl4->daddr);
1935                 if (fnhe)
1936                         prth = &fnhe->fnhe_rth_output;
1937                 else {
1938                         if (unlikely(fl4->flowi4_flags &
1939                                      FLOWI_FLAG_KNOWN_NH &&
1940                                      !(nh->nh_gw &&
1941                                        nh->nh_scope == RT_SCOPE_LINK))) {
1942                                 do_cache = false;
1943                                 goto add;
1944                         }
1945                         prth = raw_cpu_ptr(nh->nh_pcpu_rth_output);
1946                 }
1947                 rth = rcu_dereference(*prth);
1948                 if (rt_cache_valid(rth)) {
1949                         dst_hold(&rth->dst);
1950                         return rth;
1951                 }
1952         }
1953 
1954 add:
1955         rth = rt_dst_alloc(dev_out,
1956                            IN_DEV_CONF_GET(in_dev, NOPOLICY),
1957                            IN_DEV_CONF_GET(in_dev, NOXFRM),
1958                            do_cache);
1959         if (!rth)
1960                 return ERR_PTR(-ENOBUFS);
1961 
1962         rth->dst.output = ip_output;
1963 
1964         rth->rt_genid = rt_genid_ipv4(dev_net(dev_out));
1965         rth->rt_flags   = flags;
1966         rth->rt_type    = type;
1967         rth->rt_is_input = 0;
1968         rth->rt_iif     = orig_oif ? : 0;
1969         rth->rt_pmtu    = 0;
1970         rth->rt_gateway = 0;
1971         rth->rt_uses_gateway = 0;
1972         INIT_LIST_HEAD(&rth->rt_uncached);
1973 
1974         RT_CACHE_STAT_INC(out_slow_tot);
1975 
1976         if (flags & RTCF_LOCAL)
1977                 rth->dst.input = ip_local_deliver;
1978         if (flags & (RTCF_BROADCAST | RTCF_MULTICAST)) {
1979                 if (flags & RTCF_LOCAL &&
1980                     !(dev_out->flags & IFF_LOOPBACK)) {
1981                         rth->dst.output = ip_mc_output;
1982                         RT_CACHE_STAT_INC(out_slow_mc);
1983                 }
1984 #ifdef CONFIG_IP_MROUTE
1985                 if (type == RTN_MULTICAST) {
1986                         if (IN_DEV_MFORWARD(in_dev) &&
1987                             !ipv4_is_local_multicast(fl4->daddr)) {
1988                                 rth->dst.input = ip_mr_input;
1989                                 rth->dst.output = ip_mc_output;
1990                         }
1991                 }
1992 #endif
1993         }
1994 
1995         rt_set_nexthop(rth, fl4->daddr, res, fnhe, fi, type, 0);
1996 
1997         return rth;
1998 }
1999 
2000 /*
2001  * Major route resolver routine.
2002  */
2003 
2004 struct rtable *__ip_route_output_key(struct net *net, struct flowi4 *fl4)
2005 {
2006         struct net_device *dev_out = NULL;
2007         __u8 tos = RT_FL_TOS(fl4);
2008         unsigned int flags = 0;
2009         struct fib_result res;
2010         struct rtable *rth;
2011         int orig_oif;
2012 
2013         res.tclassid    = 0;
2014         res.fi          = NULL;
2015         res.table       = NULL;
2016 
2017         orig_oif = fl4->flowi4_oif;
2018 
2019         fl4->flowi4_iif = LOOPBACK_IFINDEX;
2020         fl4->flowi4_tos = tos & IPTOS_RT_MASK;
2021         fl4->flowi4_scope = ((tos & RTO_ONLINK) ?
2022                          RT_SCOPE_LINK : RT_SCOPE_UNIVERSE);
2023 
2024         rcu_read_lock();
2025         if (fl4->saddr) {
2026                 rth = ERR_PTR(-EINVAL);
2027                 if (ipv4_is_multicast(fl4->saddr) ||
2028                     ipv4_is_lbcast(fl4->saddr) ||
2029                     ipv4_is_zeronet(fl4->saddr))
2030                         goto out;
2031 
2032                 /* I removed check for oif == dev_out->oif here.
2033                    It was wrong for two reasons:
2034                    1. ip_dev_find(net, saddr) can return wrong iface, if saddr
2035                       is assigned to multiple interfaces.
2036                    2. Moreover, we are allowed to send packets with saddr
2037                       of another iface. --ANK
2038                  */
2039 
2040                 if (fl4->flowi4_oif == 0 &&
2041                     (ipv4_is_multicast(fl4->daddr) ||
2042                      ipv4_is_lbcast(fl4->daddr))) {
2043                         /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2044                         dev_out = __ip_dev_find(net, fl4->saddr, false);
2045                         if (dev_out == NULL)
2046                                 goto out;
2047 
2048                         /* Special hack: user can direct multicasts
2049                            and limited broadcast via necessary interface
2050                            without fiddling with IP_MULTICAST_IF or IP_PKTINFO.
2051                            This hack is not just for fun, it allows
2052                            vic,vat and friends to work.
2053                            They bind socket to loopback, set ttl to zero
2054                            and expect that it will work.
2055                            From the viewpoint of routing cache they are broken,
2056                            because we are not allowed to build multicast path
2057                            with loopback source addr (look, routing cache
2058                            cannot know, that ttl is zero, so that packet
2059                            will not leave this host and route is valid).
2060                            Luckily, this hack is good workaround.
2061                          */
2062 
2063                         fl4->flowi4_oif = dev_out->ifindex;
2064                         goto make_route;
2065                 }
2066 
2067                 if (!(fl4->flowi4_flags & FLOWI_FLAG_ANYSRC)) {
2068                         /* It is equivalent to inet_addr_type(saddr) == RTN_LOCAL */
2069                         if (!__ip_dev_find(net, fl4->saddr, false))
2070                                 goto out;
2071                 }
2072         }
2073 
2074 
2075         if (fl4->flowi4_oif) {
2076                 dev_out = dev_get_by_index_rcu(net, fl4->flowi4_oif);
2077                 rth = ERR_PTR(-ENODEV);
2078                 if (dev_out == NULL)
2079                         goto out;
2080 
2081                 /* RACE: Check return value of inet_select_addr instead. */
2082                 if (!(dev_out->flags & IFF_UP) || !__in_dev_get_rcu(dev_out)) {
2083                         rth = ERR_PTR(-ENETUNREACH);
2084                         goto out;
2085                 }
2086                 if (ipv4_is_local_multicast(fl4->daddr) ||
2087                     ipv4_is_lbcast(fl4->daddr)) {
2088                         if (!fl4->saddr)
2089                                 fl4->saddr = inet_select_addr(dev_out, 0,
2090                                                               RT_SCOPE_LINK);
2091                         goto make_route;
2092                 }
2093                 if (!fl4->saddr) {
2094                         if (ipv4_is_multicast(fl4->daddr))
2095                                 fl4->saddr = inet_select_addr(dev_out, 0,
2096                                                               fl4->flowi4_scope);
2097                         else if (!fl4->daddr)
2098                                 fl4->saddr = inet_select_addr(dev_out, 0,
2099                                                               RT_SCOPE_HOST);
2100                 }
2101         }
2102 
2103         if (!fl4->daddr) {
2104                 fl4->daddr = fl4->saddr;
2105                 if (!fl4->daddr)
2106                         fl4->daddr = fl4->saddr = htonl(INADDR_LOOPBACK);
2107                 dev_out = net->loopback_dev;
2108                 fl4->flowi4_oif = LOOPBACK_IFINDEX;
2109                 res.type = RTN_LOCAL;
2110                 flags |= RTCF_LOCAL;
2111                 goto make_route;
2112         }
2113 
2114         if (fib_lookup(net, fl4, &res)) {
2115                 res.fi = NULL;
2116                 res.table = NULL;
2117                 if (fl4->flowi4_oif) {
2118                         /* Apparently, routing tables are wrong. Assume,
2119                            that the destination is on link.
2120 
2121                            WHY? DW.
2122                            Because we are allowed to send to iface
2123                            even if it has NO routes and NO assigned
2124                            addresses. When oif is specified, routing
2125                            tables are looked up with only one purpose:
2126                            to catch if destination is gatewayed, rather than
2127                            direct. Moreover, if MSG_DONTROUTE is set,
2128                            we send packet, ignoring both routing tables
2129                            and ifaddr state. --ANK
2130 
2131 
2132                            We could make it even if oif is unknown,
2133                            likely IPv6, but we do not.
2134                          */
2135 
2136                         if (fl4->saddr == 0)
2137                                 fl4->saddr = inet_select_addr(dev_out, 0,
2138                                                               RT_SCOPE_LINK);
2139                         res.type = RTN_UNICAST;
2140                         goto make_route;
2141                 }
2142                 rth = ERR_PTR(-ENETUNREACH);
2143                 goto out;
2144         }
2145 
2146         if (res.type == RTN_LOCAL) {
2147                 if (!fl4->saddr) {
2148                         if (res.fi->fib_prefsrc)
2149                                 fl4->saddr = res.fi->fib_prefsrc;
2150                         else
2151                                 fl4->saddr = fl4->daddr;
2152                 }
2153                 dev_out = net->loopback_dev;
2154                 fl4->flowi4_oif = dev_out->ifindex;
2155                 flags |= RTCF_LOCAL;
2156                 goto make_route;
2157         }
2158 
2159 #ifdef CONFIG_IP_ROUTE_MULTIPATH
2160         if (res.fi->fib_nhs > 1 && fl4->flowi4_oif == 0)
2161                 fib_select_multipath(&res);
2162         else
2163 #endif
2164         if (!res.prefixlen &&
2165             res.table->tb_num_default > 1 &&
2166             res.type == RTN_UNICAST && !fl4->flowi4_oif)
2167                 fib_select_default(&res);
2168 
2169         if (!fl4->saddr)
2170                 fl4->saddr = FIB_RES_PREFSRC(net, res);
2171 
2172         dev_out = FIB_RES_DEV(res);
2173         fl4->flowi4_oif = dev_out->ifindex;
2174 
2175 
2176 make_route:
2177         rth = __mkroute_output(&res, fl4, orig_oif, dev_out, flags);
2178 
2179 out:
2180         rcu_read_unlock();
2181         return rth;
2182 }
2183 EXPORT_SYMBOL_GPL(__ip_route_output_key);
2184 
2185 static struct dst_entry *ipv4_blackhole_dst_check(struct dst_entry *dst, u32 cookie)
2186 {
2187         return NULL;
2188 }
2189 
2190 static unsigned int ipv4_blackhole_mtu(const struct dst_entry *dst)
2191 {
2192         unsigned int mtu = dst_metric_raw(dst, RTAX_MTU);
2193 
2194         return mtu ? : dst->dev->mtu;
2195 }
2196 
2197 static void ipv4_rt_blackhole_update_pmtu(struct dst_entry *dst, struct sock *sk,
2198                                           struct sk_buff *skb, u32 mtu)
2199 {
2200 }
2201 
2202 static void ipv4_rt_blackhole_redirect(struct dst_entry *dst, struct sock *sk,
2203                                        struct sk_buff *skb)
2204 {
2205 }
2206 
2207 static u32 *ipv4_rt_blackhole_cow_metrics(struct dst_entry *dst,
2208                                           unsigned long old)
2209 {
2210         return NULL;
2211 }
2212 
2213 static struct dst_ops ipv4_dst_blackhole_ops = {
2214         .family                 =       AF_INET,
2215         .protocol               =       cpu_to_be16(ETH_P_IP),
2216         .check                  =       ipv4_blackhole_dst_check,
2217         .mtu                    =       ipv4_blackhole_mtu,
2218         .default_advmss         =       ipv4_default_advmss,
2219         .update_pmtu            =       ipv4_rt_blackhole_update_pmtu,
2220         .redirect               =       ipv4_rt_blackhole_redirect,
2221         .cow_metrics            =       ipv4_rt_blackhole_cow_metrics,
2222         .neigh_lookup           =       ipv4_neigh_lookup,
2223 };
2224 
2225 struct dst_entry *ipv4_blackhole_route(struct net *net, struct dst_entry *dst_orig)
2226 {
2227         struct rtable *ort = (struct rtable *) dst_orig;
2228         struct rtable *rt;
2229 
2230         rt = dst_alloc(&ipv4_dst_blackhole_ops, NULL, 1, DST_OBSOLETE_NONE, 0);
2231         if (rt) {
2232                 struct dst_entry *new = &rt->dst;
2233 
2234                 new->__use = 1;
2235                 new->input = dst_discard;
2236                 new->output = dst_discard_sk;
2237 
2238                 new->dev = ort->dst.dev;
2239                 if (new->dev)
2240                         dev_hold(new->dev);
2241 
2242                 rt->rt_is_input = ort->rt_is_input;
2243                 rt->rt_iif = ort->rt_iif;
2244                 rt->rt_pmtu = ort->rt_pmtu;
2245 
2246                 rt->rt_genid = rt_genid_ipv4(net);
2247                 rt->rt_flags = ort->rt_flags;
2248                 rt->rt_type = ort->rt_type;
2249                 rt->rt_gateway = ort->rt_gateway;
2250                 rt->rt_uses_gateway = ort->rt_uses_gateway;
2251 
2252                 INIT_LIST_HEAD(&rt->rt_uncached);
2253 
2254                 dst_free(new);
2255         }
2256 
2257         dst_release(dst_orig);
2258 
2259         return rt ? &rt->dst : ERR_PTR(-ENOMEM);
2260 }
2261 
2262 struct rtable *ip_route_output_flow(struct net *net, struct flowi4 *flp4,
2263                                     struct sock *sk)
2264 {
2265         struct rtable *rt = __ip_route_output_key(net, flp4);
2266 
2267         if (IS_ERR(rt))
2268                 return rt;
2269 
2270         if (flp4->flowi4_proto)
2271                 rt = (struct rtable *)xfrm_lookup_route(net, &rt->dst,
2272                                                         flowi4_to_flowi(flp4),
2273                                                         sk, 0);
2274 
2275         return rt;
2276 }
2277 EXPORT_SYMBOL_GPL(ip_route_output_flow);
2278 
2279 static int rt_fill_info(struct net *net,  __be32 dst, __be32 src,
2280                         struct flowi4 *fl4, struct sk_buff *skb, u32 portid,
2281                         u32 seq, int event, int nowait, unsigned int flags)
2282 {
2283         struct rtable *rt = skb_rtable(skb);
2284         struct rtmsg *r;
2285         struct nlmsghdr *nlh;
2286         unsigned long expires = 0;
2287         u32 error;
2288         u32 metrics[RTAX_MAX];
2289 
2290         nlh = nlmsg_put(skb, portid, seq, event, sizeof(*r), flags);
2291         if (nlh == NULL)
2292                 return -EMSGSIZE;
2293 
2294         r = nlmsg_data(nlh);
2295         r->rtm_family    = AF_INET;
2296         r->rtm_dst_len  = 32;
2297         r->rtm_src_len  = 0;
2298         r->rtm_tos      = fl4->flowi4_tos;
2299         r->rtm_table    = RT_TABLE_MAIN;
2300         if (nla_put_u32(skb, RTA_TABLE, RT_TABLE_MAIN))
2301                 goto nla_put_failure;
2302         r->rtm_type     = rt->rt_type;
2303         r->rtm_scope    = RT_SCOPE_UNIVERSE;
2304         r->rtm_protocol = RTPROT_UNSPEC;
2305         r->rtm_flags    = (rt->rt_flags & ~0xFFFF) | RTM_F_CLONED;
2306         if (rt->rt_flags & RTCF_NOTIFY)
2307                 r->rtm_flags |= RTM_F_NOTIFY;
2308         if (IPCB(skb)->flags & IPSKB_DOREDIRECT)
2309                 r->rtm_flags |= RTCF_DOREDIRECT;
2310 
2311         if (nla_put_be32(skb, RTA_DST, dst))
2312                 goto nla_put_failure;
2313         if (src) {
2314                 r->rtm_src_len = 32;
2315                 if (nla_put_be32(skb, RTA_SRC, src))
2316                         goto nla_put_failure;
2317         }
2318         if (rt->dst.dev &&
2319             nla_put_u32(skb, RTA_OIF, rt->dst.dev->ifindex))
2320                 goto nla_put_failure;
2321 #ifdef CONFIG_IP_ROUTE_CLASSID
2322         if (rt->dst.tclassid &&
2323             nla_put_u32(skb, RTA_FLOW, rt->dst.tclassid))
2324                 goto nla_put_failure;
2325 #endif
2326         if (!rt_is_input_route(rt) &&
2327             fl4->saddr != src) {
2328                 if (nla_put_be32(skb, RTA_PREFSRC, fl4->saddr))
2329                         goto nla_put_failure;
2330         }
2331         if (rt->rt_uses_gateway &&
2332             nla_put_be32(skb, RTA_GATEWAY, rt->rt_gateway))
2333                 goto nla_put_failure;
2334 
2335         expires = rt->dst.expires;
2336         if (expires) {
2337                 unsigned long now = jiffies;
2338 
2339                 if (time_before(now, expires))
2340                         expires -= now;
2341                 else
2342                         expires = 0;
2343         }
2344 
2345         memcpy(metrics, dst_metrics_ptr(&rt->dst), sizeof(metrics));
2346         if (rt->rt_pmtu && expires)
2347                 metrics[RTAX_MTU - 1] = rt->rt_pmtu;
2348         if (rtnetlink_put_metrics(skb, metrics) < 0)
2349                 goto nla_put_failure;
2350 
2351         if (fl4->flowi4_mark &&
2352             nla_put_u32(skb, RTA_MARK, fl4->flowi4_mark))
2353                 goto nla_put_failure;
2354 
2355         error = rt->dst.error;
2356 
2357         if (rt_is_input_route(rt)) {
2358 #ifdef CONFIG_IP_MROUTE
2359                 if (ipv4_is_multicast(dst) && !ipv4_is_local_multicast(dst) &&
2360                     IPV4_DEVCONF_ALL(net, MC_FORWARDING)) {
2361                         int err = ipmr_get_route(net, skb,
2362                                                  fl4->saddr, fl4->daddr,
2363                                                  r, nowait);
2364                         if (err <= 0) {
2365                                 if (!nowait) {
2366                                         if (err == 0)
2367                                                 return 0;
2368                                         goto nla_put_failure;
2369                                 } else {
2370                                         if (err == -EMSGSIZE)
2371                                                 goto nla_put_failure;
2372                                         error = err;
2373                                 }
2374                         }
2375                 } else
2376 #endif
2377                         if (nla_put_u32(skb, RTA_IIF, skb->dev->ifindex))
2378                                 goto nla_put_failure;
2379         }
2380 
2381         if (rtnl_put_cacheinfo(skb, &rt->dst, 0, expires, error) < 0)
2382                 goto nla_put_failure;
2383 
2384         return nlmsg_end(skb, nlh);
2385 
2386 nla_put_failure:
2387         nlmsg_cancel(skb, nlh);
2388         return -EMSGSIZE;
2389 }
2390 
2391 static int inet_rtm_getroute(struct sk_buff *in_skb, struct nlmsghdr *nlh)
2392 {
2393         struct net *net = sock_net(in_skb->sk);
2394         struct rtmsg *rtm;
2395         struct nlattr *tb[RTA_MAX+1];
2396         struct rtable *rt = NULL;
2397         struct flowi4 fl4;
2398         __be32 dst = 0;
2399         __be32 src = 0;
2400         u32 iif;
2401         int err;
2402         int mark;
2403         struct sk_buff *skb;
2404 
2405         err = nlmsg_parse(nlh, sizeof(*rtm), tb, RTA_MAX, rtm_ipv4_policy);
2406         if (err < 0)
2407                 goto errout;
2408 
2409         rtm = nlmsg_data(nlh);
2410 
2411         skb = alloc_skb(NLMSG_GOODSIZE, GFP_KERNEL);
2412         if (skb == NULL) {
2413                 err = -ENOBUFS;
2414                 goto errout;
2415         }
2416 
2417         /* Reserve room for dummy headers, this skb can pass
2418            through good chunk of routing engine.
2419          */
2420         skb_reset_mac_header(skb);
2421         skb_reset_network_header(skb);
2422 
2423         /* Bugfix: need to give ip_route_input enough of an IP header to not gag. */
2424         ip_hdr(skb)->protocol = IPPROTO_ICMP;
2425         skb_reserve(skb, MAX_HEADER + sizeof(struct iphdr));
2426 
2427         src = tb[RTA_SRC] ? nla_get_be32(tb[RTA_SRC]) : 0;
2428         dst = tb[RTA_DST] ? nla_get_be32(tb[RTA_DST]) : 0;
2429         iif = tb[RTA_IIF] ? nla_get_u32(tb[RTA_IIF]) : 0;
2430         mark = tb[RTA_MARK] ? nla_get_u32(tb[RTA_MARK]) : 0;
2431 
2432         memset(&fl4, 0, sizeof(fl4));
2433         fl4.daddr = dst;
2434         fl4.saddr = src;
2435         fl4.flowi4_tos = rtm->rtm_tos;
2436         fl4.flowi4_oif = tb[RTA_OIF] ? nla_get_u32(tb[RTA_OIF]) : 0;
2437         fl4.flowi4_mark = mark;
2438 
2439         if (iif) {
2440                 struct net_device *dev;
2441 
2442                 dev = __dev_get_by_index(net, iif);
2443                 if (dev == NULL) {
2444                         err = -ENODEV;
2445                         goto errout_free;
2446                 }
2447 
2448                 skb->protocol   = htons(ETH_P_IP);
2449                 skb->dev        = dev;
2450                 skb->mark       = mark;
2451                 local_bh_disable();
2452                 err = ip_route_input(skb, dst, src, rtm->rtm_tos, dev);
2453                 local_bh_enable();
2454 
2455                 rt = skb_rtable(skb);
2456                 if (err == 0 && rt->dst.error)
2457                         err = -rt->dst.error;
2458         } else {
2459                 rt = ip_route_output_key(net, &fl4);
2460 
2461                 err = 0;
2462                 if (IS_ERR(rt))
2463                         err = PTR_ERR(rt);
2464         }
2465 
2466         if (err)
2467                 goto errout_free;
2468 
2469         skb_dst_set(skb, &rt->dst);
2470         if (rtm->rtm_flags & RTM_F_NOTIFY)
2471                 rt->rt_flags |= RTCF_NOTIFY;
2472 
2473         err = rt_fill_info(net, dst, src, &fl4, skb,
2474                            NETLINK_CB(in_skb).portid, nlh->nlmsg_seq,
2475                            RTM_NEWROUTE, 0, 0);
2476         if (err <= 0)
2477                 goto errout_free;
2478 
2479         err = rtnl_unicast(skb, net, NETLINK_CB(in_skb).portid);
2480 errout:
2481         return err;
2482 
2483 errout_free:
2484         kfree_skb(skb);
2485         goto errout;
2486 }
2487 
2488 void ip_rt_multicast_event(struct in_device *in_dev)
2489 {
2490         rt_cache_flush(dev_net(in_dev->dev));
2491 }
2492 
2493 #ifdef CONFIG_SYSCTL
2494 static int ip_rt_gc_timeout __read_mostly       = RT_GC_TIMEOUT;
2495 static int ip_rt_gc_interval __read_mostly  = 60 * HZ;
2496 static int ip_rt_gc_min_interval __read_mostly  = HZ / 2;
2497 static int ip_rt_gc_elasticity __read_mostly    = 8;
2498 
2499 static int ipv4_sysctl_rtcache_flush(struct ctl_table *__ctl, int write,
2500                                         void __user *buffer,
2501                                         size_t *lenp, loff_t *ppos)
2502 {
2503         struct net *net = (struct net *)__ctl->extra1;
2504 
2505         if (write) {
2506                 rt_cache_flush(net);
2507                 fnhe_genid_bump(net);
2508                 return 0;
2509         }
2510 
2511         return -EINVAL;
2512 }
2513 
2514 static struct ctl_table ipv4_route_table[] = {
2515         {
2516                 .procname       = "gc_thresh",
2517                 .data           = &ipv4_dst_ops.gc_thresh,
2518                 .maxlen         = sizeof(int),
2519                 .mode           = 0644,
2520                 .proc_handler   = proc_dointvec,
2521         },
2522         {
2523                 .procname       = "max_size",
2524                 .data           = &ip_rt_max_size,
2525                 .maxlen         = sizeof(int),
2526                 .mode           = 0644,
2527                 .proc_handler   = proc_dointvec,
2528         },
2529         {
2530                 /*  Deprecated. Use gc_min_interval_ms */
2531 
2532                 .procname       = "gc_min_interval",
2533                 .data           = &ip_rt_gc_min_interval,
2534                 .maxlen         = sizeof(int),
2535                 .mode           = 0644,
2536                 .proc_handler   = proc_dointvec_jiffies,
2537         },
2538         {
2539                 .procname       = "gc_min_interval_ms",
2540                 .data           = &ip_rt_gc_min_interval,
2541                 .maxlen         = sizeof(int),
2542                 .mode           = 0644,
2543                 .proc_handler   = proc_dointvec_ms_jiffies,
2544         },
2545         {
2546                 .procname       = "gc_timeout",
2547                 .data           = &ip_rt_gc_timeout,
2548                 .maxlen         = sizeof(int),
2549                 .mode           = 0644,
2550                 .proc_handler   = proc_dointvec_jiffies,
2551         },
2552         {
2553                 .procname       = "gc_interval",
2554                 .data           = &ip_rt_gc_interval,
2555                 .maxlen         = sizeof(int),
2556                 .mode           = 0644,
2557                 .proc_handler   = proc_dointvec_jiffies,
2558         },
2559         {
2560                 .procname       = "redirect_load",
2561                 .data           = &ip_rt_redirect_load,
2562                 .maxlen         = sizeof(int),
2563                 .mode           = 0644,
2564                 .proc_handler   = proc_dointvec,
2565         },
2566         {
2567                 .procname       = "redirect_number",
2568                 .data           = &ip_rt_redirect_number,
2569                 .maxlen         = sizeof(int),
2570                 .mode           = 0644,
2571                 .proc_handler   = proc_dointvec,
2572         },
2573         {
2574                 .procname       = "redirect_silence",
2575                 .data           = &ip_rt_redirect_silence,
2576                 .maxlen         = sizeof(int),
2577                 .mode           = 0644,
2578                 .proc_handler   = proc_dointvec,
2579         },
2580         {
2581                 .procname       = "error_cost",
2582                 .data           = &ip_rt_error_cost,
2583                 .maxlen         = sizeof(int),
2584                 .mode           = 0644,
2585                 .proc_handler   = proc_dointvec,
2586         },
2587         {
2588                 .procname       = "error_burst",
2589                 .data           = &ip_rt_error_burst,
2590                 .maxlen         = sizeof(int),
2591                 .mode           = 0644,
2592                 .proc_handler   = proc_dointvec,
2593         },
2594         {
2595                 .procname       = "gc_elasticity",
2596                 .data           = &ip_rt_gc_elasticity,
2597                 .maxlen         = sizeof(int),
2598                 .mode           = 0644,
2599                 .proc_handler   = proc_dointvec,
2600         },
2601         {
2602                 .procname       = "mtu_expires",
2603                 .data           = &ip_rt_mtu_expires,
2604                 .maxlen         = sizeof(int),
2605                 .mode           = 0644,
2606                 .proc_handler   = proc_dointvec_jiffies,
2607         },
2608         {
2609                 .procname       = "min_pmtu",
2610                 .data           = &ip_rt_min_pmtu,
2611                 .maxlen         = sizeof(int),
2612                 .mode           = 0644,
2613                 .proc_handler   = proc_dointvec,
2614         },
2615         {
2616                 .procname       = "min_adv_mss",
2617                 .data           = &ip_rt_min_advmss,
2618                 .maxlen         = sizeof(int),
2619                 .mode           = 0644,
2620                 .proc_handler   = proc_dointvec,
2621         },
2622         { }
2623 };
2624 
2625 static struct ctl_table ipv4_route_flush_table[] = {
2626         {
2627                 .procname       = "flush",
2628                 .maxlen         = sizeof(int),
2629                 .mode           = 0200,
2630                 .proc_handler   = ipv4_sysctl_rtcache_flush,
2631         },
2632         { },
2633 };
2634 
2635 static __net_init int sysctl_route_net_init(struct net *net)
2636 {
2637         struct ctl_table *tbl;
2638 
2639         tbl = ipv4_route_flush_table;
2640         if (!net_eq(net, &init_net)) {
2641                 tbl = kmemdup(tbl, sizeof(ipv4_route_flush_table), GFP_KERNEL);
2642                 if (tbl == NULL)
2643                         goto err_dup;
2644 
2645                 /* Don't export sysctls to unprivileged users */
2646                 if (net->user_ns != &init_user_ns)
2647                         tbl[0].procname = NULL;
2648         }
2649         tbl[0].extra1 = net;
2650 
2651         net->ipv4.route_hdr = register_net_sysctl(net, "net/ipv4/route", tbl);
2652         if (net->ipv4.route_hdr == NULL)
2653                 goto err_reg;
2654         return 0;
2655 
2656 err_reg:
2657         if (tbl != ipv4_route_flush_table)
2658                 kfree(tbl);
2659 err_dup:
2660         return -ENOMEM;
2661 }
2662 
2663 static __net_exit void sysctl_route_net_exit(struct net *net)
2664 {
2665         struct ctl_table *tbl;
2666 
2667         tbl = net->ipv4.route_hdr->ctl_table_arg;
2668         unregister_net_sysctl_table(net->ipv4.route_hdr);
2669         BUG_ON(tbl == ipv4_route_flush_table);
2670         kfree(tbl);
2671 }
2672 
2673 static __net_initdata struct pernet_operations sysctl_route_ops = {
2674         .init = sysctl_route_net_init,
2675         .exit = sysctl_route_net_exit,
2676 };
2677 #endif
2678 
2679 static __net_init int rt_genid_init(struct net *net)
2680 {
2681         atomic_set(&net->ipv4.rt_genid, 0);
2682         atomic_set(&net->fnhe_genid, 0);
2683         get_random_bytes(&net->ipv4.dev_addr_genid,
2684                          sizeof(net->ipv4.dev_addr_genid));
2685         return 0;
2686 }
2687 
2688 static __net_initdata struct pernet_operations rt_genid_ops = {
2689         .init = rt_genid_init,
2690 };
2691 
2692 static int __net_init ipv4_inetpeer_init(struct net *net)
2693 {
2694         struct inet_peer_base *bp = kmalloc(sizeof(*bp), GFP_KERNEL);
2695 
2696         if (!bp)
2697                 return -ENOMEM;
2698         inet_peer_base_init(bp);
2699         net->ipv4.peers = bp;
2700         return 0;
2701 }
2702 
2703 static void __net_exit ipv4_inetpeer_exit(struct net *net)
2704 {
2705         struct inet_peer_base *bp = net->ipv4.peers;
2706 
2707         net->ipv4.peers = NULL;
2708         inetpeer_invalidate_tree(bp);
2709         kfree(bp);
2710 }
2711 
2712 static __net_initdata struct pernet_operations ipv4_inetpeer_ops = {
2713         .init   =       ipv4_inetpeer_init,
2714         .exit   =       ipv4_inetpeer_exit,
2715 };
2716 
2717 #ifdef CONFIG_IP_ROUTE_CLASSID
2718 struct ip_rt_acct __percpu *ip_rt_acct __read_mostly;
2719 #endif /* CONFIG_IP_ROUTE_CLASSID */
2720 
2721 int __init ip_rt_init(void)
2722 {
2723         int rc = 0;
2724 
2725         ip_idents = kmalloc(IP_IDENTS_SZ * sizeof(*ip_idents), GFP_KERNEL);
2726         if (!ip_idents)
2727                 panic("IP: failed to allocate ip_idents\n");
2728 
2729         prandom_bytes(ip_idents, IP_IDENTS_SZ * sizeof(*ip_idents));
2730 
2731 #ifdef CONFIG_IP_ROUTE_CLASSID
2732         ip_rt_acct = __alloc_percpu(256 * sizeof(struct ip_rt_acct), __alignof__(struct ip_rt_acct));
2733         if (!ip_rt_acct)
2734                 panic("IP: failed to allocate ip_rt_acct\n");
2735 #endif
2736 
2737         ipv4_dst_ops.kmem_cachep =
2738                 kmem_cache_create("ip_dst_cache", sizeof(struct rtable), 0,
2739                                   SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
2740 
2741         ipv4_dst_blackhole_ops.kmem_cachep = ipv4_dst_ops.kmem_cachep;
2742 
2743         if (dst_entries_init(&ipv4_dst_ops) < 0)
2744                 panic("IP: failed to allocate ipv4_dst_ops counter\n");
2745 
2746         if (dst_entries_init(&ipv4_dst_blackhole_ops) < 0)
2747                 panic("IP: failed to allocate ipv4_dst_blackhole_ops counter\n");
2748 
2749         ipv4_dst_ops.gc_thresh = ~0;
2750         ip_rt_max_size = INT_MAX;
2751 
2752         devinet_init();
2753         ip_fib_init();
2754 
2755         if (ip_rt_proc_init())
2756                 pr_err("Unable to create route proc files\n");
2757 #ifdef CONFIG_XFRM
2758         xfrm_init();
2759         xfrm4_init();
2760 #endif
2761         rtnl_register(PF_INET, RTM_GETROUTE, inet_rtm_getroute, NULL, NULL);
2762 
2763 #ifdef CONFIG_SYSCTL
2764         register_pernet_subsys(&sysctl_route_ops);
2765 #endif
2766         register_pernet_subsys(&rt_genid_ops);
2767         register_pernet_subsys(&ipv4_inetpeer_ops);
2768         return rc;
2769 }
2770 
2771 #ifdef CONFIG_SYSCTL
2772 /*
2773  * We really need to sanitize the damn ipv4 init order, then all
2774  * this nonsense will go away.
2775  */
2776 void __init ip_static_sysctl_init(void)
2777 {
2778         register_net_sysctl(&init_net, "net/ipv4/route", ipv4_route_table);
2779 }
2780 #endif
2781 

This page was automatically generated by LXR 0.3.1 (source).  •  Linux is a registered trademark of Linus Torvalds  •  Contact us