2019-05-27 06:55:01 +00:00
|
|
|
/* SPDX-License-Identifier: GPL-2.0-or-later */
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
|
* INET An implementation of the TCP/IP protocol suite for the LINUX
|
|
|
|
|
* operating system. INET is implemented using the BSD Socket
|
|
|
|
|
* interface as the means of communication with the user level.
|
|
|
|
|
*
|
|
|
|
|
* Definitions for the IP module.
|
|
|
|
|
*
|
|
|
|
|
* Version: @(#)ip.h 1.0.2 05/07/93
|
|
|
|
|
*
|
2005-05-05 23:16:16 +00:00
|
|
|
* Authors: Ross Biro
|
2005-04-16 22:20:36 +00:00
|
|
|
* Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
|
|
|
|
|
* Alan Cox, <gw4pts@gw4pts.ampr.org>
|
|
|
|
|
*
|
|
|
|
|
* Changes:
|
|
|
|
|
* Mike McLagan : Routing by source
|
|
|
|
|
*/
|
|
|
|
|
#ifndef _IP_H
|
|
|
|
|
#define _IP_H
|
|
|
|
|
|
|
|
|
|
#include <linux/types.h>
|
|
|
|
|
#include <linux/ip.h>
|
|
|
|
|
#include <linux/in.h>
|
2007-03-12 23:09:15 +00:00
|
|
|
#include <linux/skbuff.h>
|
2017-12-01 20:52:30 +00:00
|
|
|
#include <linux/jhash.h>
|
2020-07-23 06:08:57 +00:00
|
|
|
#include <linux/sockptr.h>
|
2021-10-25 16:48:24 +00:00
|
|
|
#include <linux/static_key.h>
|
2005-12-27 04:43:12 +00:00
|
|
|
|
|
|
|
|
#include <net/inet_sock.h>
|
2013-09-24 13:43:09 +00:00
|
|
|
#include <net/route.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <net/snmp.h>
|
2008-10-01 14:44:42 +00:00
|
|
|
#include <net/flow.h>
|
2015-05-12 12:56:07 +00:00
|
|
|
#include <net/flow_dissector.h>
|
2017-12-01 20:52:30 +00:00
|
|
|
#include <net/netns/hash.h>
|
2021-06-25 16:21:39 +00:00
|
|
|
#include <net/lwtunnel.h>
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2017-04-12 04:34:03 +00:00
|
|
|
#define IPV4_MAX_PMTU 65535U /* RFC 2675, Section 5.1 */
|
2017-12-11 15:17:39 +00:00
|
|
|
#define IPV4_MIN_MTU 68 /* RFC 791 */
|
2017-04-12 04:34:03 +00:00
|
|
|
|
2019-03-20 16:18:59 +00:00
|
|
|
extern unsigned int sysctl_fib_sync_mem;
|
|
|
|
|
extern unsigned int sysctl_fib_sync_mem_min;
|
|
|
|
|
extern unsigned int sysctl_fib_sync_mem_max;
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
struct sock;
|
|
|
|
|
|
2009-11-03 03:26:03 +00:00
|
|
|
struct inet_skb_parm {
|
2016-05-10 18:19:51 +00:00
|
|
|
int iif;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_options opt; /* Compiled IP options */
|
2016-10-17 03:02:52 +00:00
|
|
|
u16 flags;
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2015-01-23 11:01:26 +00:00
|
|
|
#define IPSKB_FORWARDED BIT(0)
|
|
|
|
|
#define IPSKB_XFRM_TUNNEL_SIZE BIT(1)
|
|
|
|
|
#define IPSKB_XFRM_TRANSFORMED BIT(2)
|
|
|
|
|
#define IPSKB_FRAG_COMPLETE BIT(3)
|
|
|
|
|
#define IPSKB_REROUTED BIT(4)
|
|
|
|
|
#define IPSKB_DOREDIRECT BIT(5)
|
2015-05-22 14:32:51 +00:00
|
|
|
#define IPSKB_FRAG_PMTU BIT(6)
|
2016-11-02 20:36:17 +00:00
|
|
|
#define IPSKB_L3SLAVE BIT(7)
|
2022-05-13 20:34:02 +00:00
|
|
|
#define IPSKB_NOPOLICY BIT(8)
|
2023-08-31 08:03:30 +00:00
|
|
|
#define IPSKB_MULTIPATH BIT(9)
|
2012-08-26 17:13:55 +00:00
|
|
|
|
|
|
|
|
u16 frag_max_size;
|
2005-04-16 22:20:36 +00:00
|
|
|
};
|
|
|
|
|
|
2016-10-17 03:02:52 +00:00
|
|
|
static inline bool ipv4_l3mdev_skb(u16 flags)
|
|
|
|
|
{
|
|
|
|
|
return !!(flags & IPSKB_L3SLAVE);
|
|
|
|
|
}
|
|
|
|
|
|
2007-03-12 23:09:15 +00:00
|
|
|
static inline unsigned int ip_hdrlen(const struct sk_buff *skb)
|
|
|
|
|
{
|
2007-04-21 05:47:35 +00:00
|
|
|
return ip_hdr(skb)->ihl * 4;
|
2007-03-12 23:09:15 +00:00
|
|
|
}
|
|
|
|
|
|
2009-11-03 03:26:03 +00:00
|
|
|
struct ipcm_cookie {
|
2016-04-03 03:08:10 +00:00
|
|
|
struct sockcm_cookie sockc;
|
2006-09-28 01:28:28 +00:00
|
|
|
__be32 addr;
|
2005-04-16 22:20:36 +00:00
|
|
|
int oif;
|
2011-04-21 09:45:37 +00:00
|
|
|
struct ip_options_rcu *opt;
|
2023-05-22 12:08:20 +00:00
|
|
|
__u8 protocol;
|
2013-09-24 13:43:08 +00:00
|
|
|
__u8 ttl;
|
|
|
|
|
__s16 tos;
|
|
|
|
|
char priority;
|
udp: generate gso with UDP_SEGMENT
Support generic segmentation offload for udp datagrams. Callers can
concatenate and send at once the payload of multiple datagrams with
the same destination.
To set segment size, the caller sets socket option UDP_SEGMENT to the
length of each discrete payload. This value must be smaller than or
equal to the relevant MTU.
A follow-up patch adds cmsg UDP_SEGMENT to specify segment size on a
per send call basis.
Total byte length may then exceed MTU. If not an exact multiple of
segment size, the last segment will be shorter.
The implementation adds a gso_size field to the udp socket, ip(v6)
cmsg cookie and inet_cork structure to be able to set the value at
setsockopt or cmsg time and to work with both lockless and corked
paths.
Initial benchmark numbers show UDP GSO about as expensive as TCP GSO.
tcp tso
3197 MB/s 54232 msg/s 54232 calls/s
6,457,754,262 cycles
tcp gso
1765 MB/s 29939 msg/s 29939 calls/s
11,203,021,806 cycles
tcp without tso/gso *
739 MB/s 12548 msg/s 12548 calls/s
11,205,483,630 cycles
udp
876 MB/s 14873 msg/s 624666 calls/s
11,205,777,429 cycles
udp gso
2139 MB/s 36282 msg/s 36282 calls/s
11,204,374,561 cycles
[*] after reverting commit 0a6b2a1dc2a2
("tcp: switch to GSO being always on")
Measured total system cycles ('-a') for one core while pinning both
the network receive path and benchmark process to that core:
perf stat -a -C 12 -e cycles \
./udpgso_bench_tx -C 12 -4 -D "$DST" -l 4
Note the reduction in calls/s with GSO. Bytes per syscall drops
increases from 1470 to 61818.
Signed-off-by: Willem de Bruijn <willemb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2018-04-26 17:42:17 +00:00
|
|
|
__u16 gso_size;
|
2005-04-16 22:20:36 +00:00
|
|
|
};
|
|
|
|
|
|
2018-07-06 14:12:54 +00:00
|
|
|
static inline void ipcm_init(struct ipcm_cookie *ipcm)
|
|
|
|
|
{
|
|
|
|
|
*ipcm = (struct ipcm_cookie) { .tos = -1 };
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline void ipcm_init_sk(struct ipcm_cookie *ipcm,
|
|
|
|
|
const struct inet_sock *inet)
|
|
|
|
|
{
|
|
|
|
|
ipcm_init(ipcm);
|
|
|
|
|
|
2023-07-28 15:03:15 +00:00
|
|
|
ipcm->sockc.mark = READ_ONCE(inet->sk.sk_mark);
|
2023-08-31 13:52:11 +00:00
|
|
|
ipcm->sockc.tsflags = READ_ONCE(inet->sk.sk_tsflags);
|
2022-05-13 18:55:41 +00:00
|
|
|
ipcm->oif = READ_ONCE(inet->sk.sk_bound_dev_if);
|
2018-07-06 14:12:54 +00:00
|
|
|
ipcm->addr = inet->inet_saddr;
|
2023-05-22 12:08:20 +00:00
|
|
|
ipcm->protocol = inet->inet_num;
|
2018-07-06 14:12:54 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
#define IPCB(skb) ((struct inet_skb_parm*)((skb)->cb))
|
2014-01-20 02:43:08 +00:00
|
|
|
#define PKTINFO_SKB_CB(skb) ((struct in_pktinfo *)((skb)->cb))
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2017-08-07 15:44:16 +00:00
|
|
|
/* return enslaved device index if relevant */
|
2020-11-09 23:13:48 +00:00
|
|
|
static inline int inet_sdif(const struct sk_buff *skb)
|
2017-08-07 15:44:16 +00:00
|
|
|
{
|
|
|
|
|
#if IS_ENABLED(CONFIG_NET_L3_MASTER_DEV)
|
|
|
|
|
if (skb && ipv4_l3mdev_skb(IPCB(skb)->flags))
|
|
|
|
|
return IPCB(skb)->iif;
|
|
|
|
|
#endif
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-22 09:45:32 +00:00
|
|
|
/* Special input handler for packets caught by router alert option.
|
|
|
|
|
They are selected only by protocol field, and then processed likely
|
|
|
|
|
local ones; but only if someone wants them! Otherwise, router
|
|
|
|
|
not running rsvpd will kill RSVP.
|
|
|
|
|
|
|
|
|
|
It is user level problem, what it will make with them.
|
|
|
|
|
I have no idea, how it will masquearde or NAT them (it is joke, joke :-)),
|
|
|
|
|
but receiver should be enough clever f.e. to forward mtrace requests,
|
|
|
|
|
sent to multicast group to reach destination designated router.
|
|
|
|
|
*/
|
|
|
|
|
|
2009-11-03 03:26:03 +00:00
|
|
|
struct ip_ra_chain {
|
2010-10-25 03:32:44 +00:00
|
|
|
struct ip_ra_chain __rcu *next;
|
2005-04-16 22:20:36 +00:00
|
|
|
struct sock *sk;
|
2010-06-09 16:21:07 +00:00
|
|
|
union {
|
|
|
|
|
void (*destructor)(struct sock *);
|
|
|
|
|
struct sock *saved_sk;
|
|
|
|
|
};
|
2010-06-07 03:12:08 +00:00
|
|
|
struct rcu_head rcu;
|
2005-04-16 22:20:36 +00:00
|
|
|
};
|
|
|
|
|
|
|
|
|
|
/* IP flags. */
|
|
|
|
|
#define IP_CE 0x8000 /* Flag: "Congestion" */
|
|
|
|
|
#define IP_DF 0x4000 /* Flag: "Don't Fragment" */
|
|
|
|
|
#define IP_MF 0x2000 /* Flag: "More Fragments" */
|
|
|
|
|
#define IP_OFFSET 0x1FFF /* "Fragment Offset" part */
|
|
|
|
|
|
|
|
|
|
#define IP_FRAG_TIME (30 * HZ) /* fragment lifetime */
|
|
|
|
|
|
2005-12-27 04:43:12 +00:00
|
|
|
struct msghdr;
|
|
|
|
|
struct net_device;
|
|
|
|
|
struct packet_type;
|
|
|
|
|
struct rtable;
|
|
|
|
|
struct sockaddr;
|
|
|
|
|
|
2014-01-11 00:09:45 +00:00
|
|
|
int igmp_mc_init(void);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Functions provided by ip.c
|
|
|
|
|
*/
|
|
|
|
|
|
2015-09-25 14:39:16 +00:00
|
|
|
int ip_build_and_send_pkt(struct sk_buff *skb, const struct sock *sk,
|
2013-09-21 17:22:42 +00:00
|
|
|
__be32 saddr, __be32 daddr,
|
2020-09-10 00:50:47 +00:00
|
|
|
struct ip_options_rcu *opt, u8 tos);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_rcv(struct sk_buff *skb, struct net_device *dev, struct packet_type *pt,
|
|
|
|
|
struct net_device *orig_dev);
|
2018-07-02 15:14:12 +00:00
|
|
|
void ip_list_rcv(struct list_head *head, struct packet_type *pt,
|
|
|
|
|
struct net_device *orig_dev);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_local_deliver(struct sk_buff *skb);
|
2018-11-07 11:38:31 +00:00
|
|
|
void ip_protocol_deliver_rcu(struct net *net, struct sk_buff *skb, int proto);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_mr_input(struct sk_buff *skb);
|
2015-10-07 21:48:47 +00:00
|
|
|
int ip_output(struct net *net, struct sock *sk, struct sk_buff *skb);
|
|
|
|
|
int ip_mc_output(struct net *net, struct sock *sk, struct sk_buff *skb);
|
2015-06-13 02:55:31 +00:00
|
|
|
int ip_do_fragment(struct net *net, struct sock *sk, struct sk_buff *skb,
|
|
|
|
|
int (*output)(struct net *, struct sock *, struct sk_buff *));
|
2019-05-29 11:25:31 +00:00
|
|
|
|
|
|
|
|
struct ip_fraglist_iter {
|
|
|
|
|
struct sk_buff *frag;
|
|
|
|
|
struct iphdr *iph;
|
|
|
|
|
int offset;
|
|
|
|
|
unsigned int hlen;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void ip_fraglist_init(struct sk_buff *skb, struct iphdr *iph,
|
|
|
|
|
unsigned int hlen, struct ip_fraglist_iter *iter);
|
|
|
|
|
void ip_fraglist_prepare(struct sk_buff *skb, struct ip_fraglist_iter *iter);
|
|
|
|
|
|
|
|
|
|
static inline struct sk_buff *ip_fraglist_next(struct ip_fraglist_iter *iter)
|
|
|
|
|
{
|
|
|
|
|
struct sk_buff *skb = iter->frag;
|
|
|
|
|
|
|
|
|
|
iter->frag = skb->next;
|
|
|
|
|
skb_mark_not_on_list(skb);
|
|
|
|
|
|
|
|
|
|
return skb;
|
|
|
|
|
}
|
|
|
|
|
|
2019-05-29 11:25:33 +00:00
|
|
|
struct ip_frag_state {
|
2019-10-19 16:26:37 +00:00
|
|
|
bool DF;
|
2019-05-29 11:25:33 +00:00
|
|
|
unsigned int hlen;
|
|
|
|
|
unsigned int ll_rs;
|
|
|
|
|
unsigned int mtu;
|
|
|
|
|
unsigned int left;
|
|
|
|
|
int offset;
|
|
|
|
|
int ptr;
|
|
|
|
|
__be16 not_last_frag;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
void ip_frag_init(struct sk_buff *skb, unsigned int hlen, unsigned int ll_rs,
|
2019-10-19 16:26:37 +00:00
|
|
|
unsigned int mtu, bool DF, struct ip_frag_state *state);
|
2019-05-29 11:25:33 +00:00
|
|
|
struct sk_buff *ip_frag_next(struct sk_buff *skb,
|
|
|
|
|
struct ip_frag_state *state);
|
|
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_send_check(struct iphdr *ip);
|
2015-10-07 21:48:45 +00:00
|
|
|
int __ip_local_out(struct net *net, struct sock *sk, struct sk_buff *skb);
|
2015-10-07 21:48:46 +00:00
|
|
|
int ip_local_out(struct net *net, struct sock *sk, struct sk_buff *skb);
|
2014-04-15 17:47:15 +00:00
|
|
|
|
2018-07-02 10:21:11 +00:00
|
|
|
int __ip_queue_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl,
|
|
|
|
|
__u8 tos);
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_init(void);
|
|
|
|
|
int ip_append_data(struct sock *sk, struct flowi4 *fl4,
|
|
|
|
|
int getfrag(void *from, char *to, int offset, int len,
|
|
|
|
|
int odd, struct sk_buff *skb),
|
|
|
|
|
void *from, int len, int protolen,
|
|
|
|
|
struct ipcm_cookie *ipc,
|
|
|
|
|
struct rtable **rt,
|
|
|
|
|
unsigned int flags);
|
|
|
|
|
int ip_generic_getfrag(void *from, char *to, int offset, int len, int odd,
|
|
|
|
|
struct sk_buff *skb);
|
|
|
|
|
struct sk_buff *__ip_make_skb(struct sock *sk, struct flowi4 *fl4,
|
|
|
|
|
struct sk_buff_head *queue,
|
|
|
|
|
struct inet_cork *cork);
|
|
|
|
|
int ip_send_skb(struct net *net, struct sk_buff *skb);
|
|
|
|
|
int ip_push_pending_frames(struct sock *sk, struct flowi4 *fl4);
|
|
|
|
|
void ip_flush_pending_frames(struct sock *sk);
|
|
|
|
|
struct sk_buff *ip_make_skb(struct sock *sk, struct flowi4 *fl4,
|
|
|
|
|
int getfrag(void *from, char *to, int offset,
|
|
|
|
|
int len, int odd, struct sk_buff *skb),
|
|
|
|
|
void *from, int length, int transhdrlen,
|
|
|
|
|
struct ipcm_cookie *ipc, struct rtable **rtp,
|
2018-04-26 17:42:15 +00:00
|
|
|
struct inet_cork *cork, unsigned int flags);
|
2011-03-01 02:36:47 +00:00
|
|
|
|
2020-06-19 19:12:34 +00:00
|
|
|
int ip_queue_xmit(struct sock *sk, struct sk_buff *skb, struct flowi *fl);
|
2018-07-02 10:21:11 +00:00
|
|
|
|
2011-05-09 00:12:19 +00:00
|
|
|
static inline struct sk_buff *ip_finish_skb(struct sock *sk, struct flowi4 *fl4)
|
2011-03-01 02:36:47 +00:00
|
|
|
{
|
2011-05-09 00:12:19 +00:00
|
|
|
return __ip_make_skb(sk, fl4, &sk->sk_write_queue, &inet_sk(sk)->cork.base);
|
2011-03-01 02:36:47 +00:00
|
|
|
}
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2023-05-22 14:37:57 +00:00
|
|
|
/* Get the route scope that should be used when sending a packet. */
|
|
|
|
|
static inline u8 ip_sendmsg_scope(const struct inet_sock *inet,
|
|
|
|
|
const struct ipcm_cookie *ipc,
|
|
|
|
|
const struct msghdr *msg)
|
|
|
|
|
{
|
|
|
|
|
if (sock_flag(&inet->sk, SOCK_LOCALROUTE) ||
|
|
|
|
|
msg->msg_flags & MSG_DONTROUTE ||
|
|
|
|
|
(ipc->opt && ipc->opt->opt.is_strictroute))
|
|
|
|
|
return RT_SCOPE_LINK;
|
|
|
|
|
|
|
|
|
|
return RT_SCOPE_UNIVERSE;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-24 13:43:09 +00:00
|
|
|
static inline __u8 get_rttos(struct ipcm_cookie* ipc, struct inet_sock *inet)
|
|
|
|
|
{
|
2023-09-22 03:42:16 +00:00
|
|
|
return (ipc->tos != -1) ? RT_TOS(ipc->tos) : RT_TOS(READ_ONCE(inet->tos));
|
2013-09-24 13:43:09 +00:00
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* datagram.c */
|
2015-07-14 06:10:22 +00:00
|
|
|
int __ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip4_datagram_connect(struct sock *sk, struct sockaddr *uaddr, int addr_len);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip4_datagram_release_cb(struct sock *sk);
|
2013-01-21 02:00:03 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
struct ip_reply_arg {
|
2018-02-27 23:48:21 +00:00
|
|
|
struct kvec iov[1];
|
2008-10-01 14:41:00 +00:00
|
|
|
int flags;
|
2006-11-15 05:26:08 +00:00
|
|
|
__wsum csum;
|
2005-04-16 22:20:36 +00:00
|
|
|
int csumoffset; /* u16 offset of csum in iov[0].iov_base */
|
2018-02-27 23:48:21 +00:00
|
|
|
/* -1 if not needed */
|
2007-06-05 04:32:46 +00:00
|
|
|
int bound_dev_if;
|
2011-10-24 07:06:21 +00:00
|
|
|
u8 tos;
|
2016-11-03 17:23:43 +00:00
|
|
|
kuid_t uid;
|
2018-02-27 23:48:21 +00:00
|
|
|
};
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2008-10-01 14:41:00 +00:00
|
|
|
#define IP_REPLY_ARG_NOSRCCHECK 1
|
|
|
|
|
|
2008-10-01 14:44:42 +00:00
|
|
|
static inline __u8 ip_reply_arg_flowi_flags(const struct ip_reply_arg *arg)
|
|
|
|
|
{
|
|
|
|
|
return (arg->flags & IP_REPLY_ARG_NOSRCCHECK) ? FLOWI_FLAG_ANYSRC : 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-01-30 05:35:05 +00:00
|
|
|
void ip_send_unicast_reply(struct sock *sk, struct sk_buff *skb,
|
2014-09-27 16:50:55 +00:00
|
|
|
const struct ip_options *sopt,
|
|
|
|
|
__be32 daddr, __be32 saddr,
|
|
|
|
|
const struct ip_reply_arg *arg,
|
2023-05-23 16:14:52 +00:00
|
|
|
unsigned int len, u64 transmit_time, u32 txhash);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2010-06-30 20:31:19 +00:00
|
|
|
#define IP_INC_STATS(net, field) SNMP_INC_STATS64((net)->mib.ip_statistics, field)
|
2016-04-27 23:44:43 +00:00
|
|
|
#define __IP_INC_STATS(net, field) __SNMP_INC_STATS64((net)->mib.ip_statistics, field)
|
2010-06-30 20:31:19 +00:00
|
|
|
#define IP_ADD_STATS(net, field, val) SNMP_ADD_STATS64((net)->mib.ip_statistics, field, val)
|
2016-04-27 23:44:43 +00:00
|
|
|
#define __IP_ADD_STATS(net, field, val) __SNMP_ADD_STATS64((net)->mib.ip_statistics, field, val)
|
2010-06-30 20:31:19 +00:00
|
|
|
#define IP_UPD_PO_STATS(net, field, val) SNMP_UPD_PO_STATS64((net)->mib.ip_statistics, field, val)
|
2016-04-27 23:44:43 +00:00
|
|
|
#define __IP_UPD_PO_STATS(net, field, val) __SNMP_UPD_PO_STATS64((net)->mib.ip_statistics, field, val)
|
2008-07-18 11:03:08 +00:00
|
|
|
#define NET_INC_STATS(net, field) SNMP_INC_STATS((net)->mib.net_statistics, field)
|
2016-04-27 23:44:43 +00:00
|
|
|
#define __NET_INC_STATS(net, field) __SNMP_INC_STATS((net)->mib.net_statistics, field)
|
2014-03-06 20:03:17 +00:00
|
|
|
#define NET_ADD_STATS(net, field, adnd) SNMP_ADD_STATS((net)->mib.net_statistics, field, adnd)
|
2016-04-27 23:44:43 +00:00
|
|
|
#define __NET_ADD_STATS(net, field, adnd) __SNMP_ADD_STATS((net)->mib.net_statistics, field, adnd)
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2021-09-30 01:03:32 +00:00
|
|
|
static inline u64 snmp_get_cpu_field(void __percpu *mib, int cpu, int offt)
|
|
|
|
|
{
|
|
|
|
|
return *(((unsigned long *)per_cpu_ptr(mib, cpu)) + offt);
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-05 22:55:55 +00:00
|
|
|
unsigned long snmp_fold_field(void __percpu *mib, int offt);
|
2010-06-30 20:31:19 +00:00
|
|
|
#if BITS_PER_LONG==32
|
2015-08-30 05:59:41 +00:00
|
|
|
u64 snmp_get_cpu_field64(void __percpu *mib, int cpu, int offct,
|
|
|
|
|
size_t syncp_offset);
|
2014-05-05 22:55:55 +00:00
|
|
|
u64 snmp_fold_field64(void __percpu *mib, int offt, size_t sync_off);
|
2010-06-30 20:31:19 +00:00
|
|
|
#else
|
2015-08-30 05:59:41 +00:00
|
|
|
static inline u64 snmp_get_cpu_field64(void __percpu *mib, int cpu, int offct,
|
|
|
|
|
size_t syncp_offset)
|
|
|
|
|
{
|
|
|
|
|
return snmp_get_cpu_field(mib, cpu, offct);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-05 22:55:55 +00:00
|
|
|
static inline u64 snmp_fold_field64(void __percpu *mib, int offt, size_t syncp_off)
|
2010-06-30 20:31:19 +00:00
|
|
|
{
|
|
|
|
|
return snmp_fold_field(mib, offt);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2007-04-20 22:57:15 +00:00
|
|
|
|
2016-09-30 03:28:58 +00:00
|
|
|
#define snmp_get_cpu_field64_batch(buff64, stats_list, mib_statistic, offset) \
|
|
|
|
|
{ \
|
|
|
|
|
int i, c; \
|
|
|
|
|
for_each_possible_cpu(c) { \
|
|
|
|
|
for (i = 0; stats_list[i].name; i++) \
|
|
|
|
|
buff64[i] += snmp_get_cpu_field64( \
|
|
|
|
|
mib_statistic, \
|
|
|
|
|
c, stats_list[i].entry, \
|
|
|
|
|
offset); \
|
|
|
|
|
} \
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#define snmp_get_cpu_field_batch(buff, stats_list, mib_statistic) \
|
|
|
|
|
{ \
|
|
|
|
|
int i, c; \
|
|
|
|
|
for_each_possible_cpu(c) { \
|
|
|
|
|
for (i = 0; stats_list[i].name; i++) \
|
|
|
|
|
buff[i] += snmp_get_cpu_field( \
|
|
|
|
|
mib_statistic, \
|
|
|
|
|
c, stats_list[i].entry); \
|
|
|
|
|
} \
|
|
|
|
|
}
|
|
|
|
|
|
2023-12-06 13:44:20 +00:00
|
|
|
static inline void inet_get_local_port_range(const struct net *net, int *low, int *high)
|
|
|
|
|
{
|
|
|
|
|
u32 range = READ_ONCE(net->ipv4.ip_local_ports.range);
|
|
|
|
|
|
|
|
|
|
*low = range & 0xffff;
|
|
|
|
|
*high = range >> 16;
|
|
|
|
|
}
|
2023-12-14 19:29:38 +00:00
|
|
|
bool inet_sk_get_local_port_range(const struct sock *sk, int *low, int *high);
|
2007-10-11 00:30:46 +00:00
|
|
|
|
2014-05-15 17:43:14 +00:00
|
|
|
#ifdef CONFIG_SYSCTL
|
2019-11-26 22:44:16 +00:00
|
|
|
static inline bool inet_is_local_reserved_port(struct net *net, unsigned short port)
|
2010-05-05 00:27:06 +00:00
|
|
|
{
|
2014-05-12 23:04:53 +00:00
|
|
|
if (!net->ipv4.sysctl_local_reserved_ports)
|
2019-11-22 21:50:52 +00:00
|
|
|
return false;
|
2014-05-12 23:04:53 +00:00
|
|
|
return test_bit(port, net->ipv4.sysctl_local_reserved_ports);
|
2010-05-05 00:27:06 +00:00
|
|
|
}
|
2014-07-25 22:25:08 +00:00
|
|
|
|
|
|
|
|
static inline bool sysctl_dev_name_is_allowed(const char *name)
|
|
|
|
|
{
|
|
|
|
|
return strcmp(name, "default") != 0 && strcmp(name, "all") != 0;
|
|
|
|
|
}
|
|
|
|
|
|
2019-11-25 23:37:04 +00:00
|
|
|
static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
|
2017-01-21 01:49:11 +00:00
|
|
|
{
|
2022-07-18 17:26:42 +00:00
|
|
|
return port < READ_ONCE(net->ipv4.sysctl_ip_prot_sock);
|
2017-01-21 01:49:11 +00:00
|
|
|
}
|
|
|
|
|
|
2014-05-12 23:04:53 +00:00
|
|
|
#else
|
2019-11-26 22:44:16 +00:00
|
|
|
static inline bool inet_is_local_reserved_port(struct net *net, unsigned short port)
|
2014-05-12 23:04:53 +00:00
|
|
|
{
|
2019-11-22 21:50:52 +00:00
|
|
|
return false;
|
2014-05-12 23:04:53 +00:00
|
|
|
}
|
2017-01-21 01:49:11 +00:00
|
|
|
|
2019-11-25 23:37:04 +00:00
|
|
|
static inline bool inet_port_requires_bind_service(struct net *net, unsigned short port)
|
2017-01-21 01:49:11 +00:00
|
|
|
{
|
2019-11-25 23:37:04 +00:00
|
|
|
return port < PROT_SOCK;
|
2017-01-21 01:49:11 +00:00
|
|
|
}
|
2014-05-12 23:04:53 +00:00
|
|
|
#endif
|
2010-05-05 00:27:06 +00:00
|
|
|
|
2016-02-27 08:32:15 +00:00
|
|
|
__be32 inet_current_timestamp(void);
|
|
|
|
|
|
2005-08-16 05:18:02 +00:00
|
|
|
/* From inetpeer.c */
|
|
|
|
|
extern int inet_peer_threshold;
|
|
|
|
|
extern int inet_peer_minttl;
|
|
|
|
|
extern int inet_peer_maxttl;
|
|
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ipfrag_init(void);
|
2005-08-16 05:18:02 +00:00
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_static_sysctl_init(void);
|
2008-07-15 20:00:59 +00:00
|
|
|
|
2014-05-13 17:17:33 +00:00
|
|
|
#define IP4_REPLY_MARK(net, mark) \
|
2022-07-13 20:51:57 +00:00
|
|
|
(READ_ONCE((net)->ipv4.sysctl_fwmark_reflect) ? (mark) : 0)
|
2014-05-13 17:17:33 +00:00
|
|
|
|
2011-06-24 04:28:52 +00:00
|
|
|
static inline bool ip_is_fragment(const struct iphdr *iph)
|
|
|
|
|
{
|
|
|
|
|
return (iph->frag_off & htons(IP_MF | IP_OFFSET)) != 0;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
#ifdef CONFIG_INET
|
2005-12-27 04:43:12 +00:00
|
|
|
#include <net/dst.h>
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/* The function in 2.2 was invalid, producing wrong result for
|
|
|
|
|
* check=0xFEFF. It was noticed by Arthur Skawina _year_ ago. --ANK(000625) */
|
|
|
|
|
static inline
|
|
|
|
|
int ip_decrease_ttl(struct iphdr *iph)
|
|
|
|
|
{
|
2006-11-15 05:42:26 +00:00
|
|
|
u32 check = (__force u32)iph->check;
|
|
|
|
|
check += (__force u32)htons(0x0100);
|
|
|
|
|
iph->check = (__force __sum16)(check + (check>=0xFFFF));
|
2005-04-16 22:20:36 +00:00
|
|
|
return --iph->ttl;
|
|
|
|
|
}
|
|
|
|
|
|
2018-03-14 09:21:14 +00:00
|
|
|
static inline int ip_mtu_locked(const struct dst_entry *dst)
|
|
|
|
|
{
|
2024-04-29 13:30:09 +00:00
|
|
|
const struct rtable *rt = dst_rtable(dst);
|
2018-03-14 09:21:14 +00:00
|
|
|
|
|
|
|
|
return rt->rt_mtu_locked || dst_metric_locked(dst, RTAX_MTU);
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
static inline
|
2015-09-25 14:39:14 +00:00
|
|
|
int ip_dont_fragment(const struct sock *sk, const struct dst_entry *dst)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2015-09-25 14:39:14 +00:00
|
|
|
u8 pmtudisc = READ_ONCE(inet_sk(sk)->pmtudisc);
|
|
|
|
|
|
|
|
|
|
return pmtudisc == IP_PMTUDISC_DO ||
|
|
|
|
|
(pmtudisc == IP_PMTUDISC_WANT &&
|
2018-03-14 09:21:14 +00:00
|
|
|
!ip_mtu_locked(dst));
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-09 09:01:15 +00:00
|
|
|
static inline bool ip_sk_accept_pmtu(const struct sock *sk)
|
|
|
|
|
{
|
2023-09-22 03:42:15 +00:00
|
|
|
u8 pmtudisc = READ_ONCE(inet_sk(sk)->pmtudisc);
|
|
|
|
|
|
|
|
|
|
return pmtudisc != IP_PMTUDISC_INTERFACE &&
|
|
|
|
|
pmtudisc != IP_PMTUDISC_OMIT;
|
2014-01-09 09:01:15 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static inline bool ip_sk_use_pmtu(const struct sock *sk)
|
|
|
|
|
{
|
2023-09-22 03:42:15 +00:00
|
|
|
return READ_ONCE(inet_sk(sk)->pmtudisc) < IP_PMTUDISC_PROBE;
|
2014-01-09 09:01:15 +00:00
|
|
|
}
|
|
|
|
|
|
2014-05-04 23:39:18 +00:00
|
|
|
static inline bool ip_sk_ignore_df(const struct sock *sk)
|
2014-02-26 00:20:42 +00:00
|
|
|
{
|
2023-09-22 03:42:15 +00:00
|
|
|
u8 pmtudisc = READ_ONCE(inet_sk(sk)->pmtudisc);
|
|
|
|
|
|
|
|
|
|
return pmtudisc < IP_PMTUDISC_DO || pmtudisc == IP_PMTUDISC_OMIT;
|
2014-02-26 00:20:42 +00:00
|
|
|
}
|
|
|
|
|
|
2014-01-09 09:01:15 +00:00
|
|
|
static inline unsigned int ip_dst_mtu_maybe_forward(const struct dst_entry *dst,
|
|
|
|
|
bool forwarding)
|
|
|
|
|
{
|
2024-04-29 13:30:09 +00:00
|
|
|
const struct rtable *rt = dst_rtable(dst);
|
2014-01-09 09:01:15 +00:00
|
|
|
struct net *net = dev_net(dst->dev);
|
2020-09-23 20:18:15 +00:00
|
|
|
unsigned int mtu;
|
2014-01-09 09:01:15 +00:00
|
|
|
|
2022-07-13 20:51:53 +00:00
|
|
|
if (READ_ONCE(net->ipv4.sysctl_ip_fwd_use_pmtu) ||
|
2018-03-14 09:21:14 +00:00
|
|
|
ip_mtu_locked(dst) ||
|
2021-07-20 20:06:28 +00:00
|
|
|
!forwarding) {
|
|
|
|
|
mtu = rt->rt_pmtu;
|
|
|
|
|
if (mtu && time_before(jiffies, rt->dst.expires))
|
|
|
|
|
goto out;
|
|
|
|
|
}
|
2014-01-09 09:01:15 +00:00
|
|
|
|
2020-09-23 20:18:15 +00:00
|
|
|
/* 'forwarding = true' case should always honour route mtu */
|
|
|
|
|
mtu = dst_metric_raw(dst, RTAX_MTU);
|
2021-07-20 20:06:28 +00:00
|
|
|
if (mtu)
|
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
|
|
mtu = READ_ONCE(dst->dev->mtu);
|
|
|
|
|
|
|
|
|
|
if (unlikely(ip_mtu_locked(dst))) {
|
|
|
|
|
if (rt->rt_uses_gateway && mtu > 576)
|
|
|
|
|
mtu = 576;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
out:
|
|
|
|
|
mtu = min_t(unsigned int, mtu, IP_MAX_MTU);
|
2020-09-23 20:18:15 +00:00
|
|
|
|
2021-06-25 16:21:39 +00:00
|
|
|
return mtu - lwtunnel_headroom(dst->lwtstate, mtu);
|
2014-01-09 09:01:15 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-29 18:47:03 +00:00
|
|
|
static inline unsigned int ip_skb_dst_mtu(struct sock *sk,
|
|
|
|
|
const struct sk_buff *skb)
|
2014-01-09 09:01:15 +00:00
|
|
|
{
|
2021-06-25 16:21:39 +00:00
|
|
|
unsigned int mtu;
|
|
|
|
|
|
2015-10-05 04:08:08 +00:00
|
|
|
if (!sk || !sk_fullsock(sk) || ip_sk_use_pmtu(sk)) {
|
2014-01-09 09:01:15 +00:00
|
|
|
bool forwarding = IPCB(skb)->flags & IPSKB_FORWARDED;
|
2015-10-05 04:08:08 +00:00
|
|
|
|
2014-01-09 09:01:15 +00:00
|
|
|
return ip_dst_mtu_maybe_forward(skb_dst(skb), forwarding);
|
|
|
|
|
}
|
2015-10-05 04:08:08 +00:00
|
|
|
|
2021-06-25 16:21:39 +00:00
|
|
|
mtu = min(READ_ONCE(skb_dst(skb)->dev->mtu), IP_MAX_MTU);
|
|
|
|
|
return mtu - lwtunnel_headroom(skb_dst(skb)->lwtstate, mtu);
|
2014-01-09 09:01:15 +00:00
|
|
|
}
|
|
|
|
|
|
2018-10-05 03:07:51 +00:00
|
|
|
struct dst_metrics *ip_fib_metrics_init(struct net *net, struct nlattr *fc_mx,
|
2018-11-06 20:51:15 +00:00
|
|
|
int fc_mx_len,
|
|
|
|
|
struct netlink_ext_ack *extack);
|
2018-10-05 03:07:52 +00:00
|
|
|
static inline void ip_fib_metrics_put(struct dst_metrics *fib_metrics)
|
|
|
|
|
{
|
|
|
|
|
if (fib_metrics != &dst_default_metrics &&
|
|
|
|
|
refcount_dec_and_test(&fib_metrics->refcnt))
|
|
|
|
|
kfree(fib_metrics);
|
|
|
|
|
}
|
2018-04-18 00:33:07 +00:00
|
|
|
|
2018-10-05 03:07:53 +00:00
|
|
|
/* ipv4 and ipv6 both use refcounted metrics if it is not the default */
|
|
|
|
|
static inline
|
|
|
|
|
void ip_dst_init_metrics(struct dst_entry *dst, struct dst_metrics *fib_metrics)
|
|
|
|
|
{
|
|
|
|
|
dst_init_metrics(dst, fib_metrics->metrics, true);
|
|
|
|
|
|
|
|
|
|
if (fib_metrics != &dst_default_metrics) {
|
|
|
|
|
dst->_metrics |= DST_METRICS_REFCOUNTED;
|
|
|
|
|
refcount_inc(&fib_metrics->refcnt);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-10-05 03:07:54 +00:00
|
|
|
static inline
|
|
|
|
|
void ip_dst_metrics_put(struct dst_entry *dst)
|
|
|
|
|
{
|
|
|
|
|
struct dst_metrics *p = (struct dst_metrics *)DST_METRICS_PTR(dst);
|
|
|
|
|
|
|
|
|
|
if (p != &dst_default_metrics && refcount_dec_and_test(&p->refcnt))
|
|
|
|
|
kfree(p);
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-25 16:07:44 +00:00
|
|
|
void __ip_select_ident(struct net *net, struct iphdr *iph, int segs);
|
inetpeer: get rid of ip_id_count
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-06-02 12:26:03 +00:00
|
|
|
|
2015-03-25 16:07:44 +00:00
|
|
|
static inline void ip_select_ident_segs(struct net *net, struct sk_buff *skb,
|
|
|
|
|
struct sock *sk, int segs)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2013-09-18 22:29:53 +00:00
|
|
|
struct iphdr *iph = ip_hdr(skb);
|
|
|
|
|
|
2022-01-27 01:10:22 +00:00
|
|
|
/* We had many attacks based on IPID, use the private
|
|
|
|
|
* generator as much as we can.
|
|
|
|
|
*/
|
|
|
|
|
if (sk && inet_sk(sk)->inet_daddr) {
|
2023-08-19 03:17:07 +00:00
|
|
|
int val;
|
|
|
|
|
|
|
|
|
|
/* avoid atomic operations for TCP,
|
|
|
|
|
* as we hold socket lock at this point.
|
|
|
|
|
*/
|
|
|
|
|
if (sk_is_tcp(sk)) {
|
|
|
|
|
sock_owned_by_me(sk);
|
|
|
|
|
val = atomic_read(&inet_sk(sk)->inet_id);
|
|
|
|
|
atomic_set(&inet_sk(sk)->inet_id, val + segs);
|
|
|
|
|
} else {
|
|
|
|
|
val = atomic_add_return(segs, &inet_sk(sk)->inet_id);
|
|
|
|
|
}
|
|
|
|
|
iph->id = htons(val);
|
2022-01-27 01:10:22 +00:00
|
|
|
return;
|
|
|
|
|
}
|
2014-05-04 23:39:18 +00:00
|
|
|
if ((iph->frag_off & htons(IP_DF)) && !skb->ignore_df) {
|
2022-01-27 01:10:22 +00:00
|
|
|
iph->id = 0;
|
inetpeer: get rid of ip_id_count
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-06-02 12:26:03 +00:00
|
|
|
} else {
|
2022-01-27 01:10:22 +00:00
|
|
|
/* Unfortunately we need the big hammer to get a suitable IPID */
|
2015-03-25 16:07:44 +00:00
|
|
|
__ip_select_ident(net, iph, segs);
|
inetpeer: get rid of ip_id_count
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-06-02 12:26:03 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-25 16:07:44 +00:00
|
|
|
static inline void ip_select_ident(struct net *net, struct sk_buff *skb,
|
|
|
|
|
struct sock *sk)
|
inetpeer: get rid of ip_id_count
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-06-02 12:26:03 +00:00
|
|
|
{
|
2015-03-25 16:07:44 +00:00
|
|
|
ip_select_ident_segs(net, skb, sk, 1);
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
|
2014-05-02 23:29:38 +00:00
|
|
|
static inline __wsum inet_compute_pseudo(struct sk_buff *skb, int proto)
|
|
|
|
|
{
|
|
|
|
|
return csum_tcpudp_nofold(ip_hdr(skb)->saddr, ip_hdr(skb)->daddr,
|
|
|
|
|
skb->len, proto, 0);
|
|
|
|
|
}
|
|
|
|
|
|
2015-06-04 16:16:40 +00:00
|
|
|
/* copy IPv4 saddr & daddr to flow_keys, possibly using 64bit load/store
|
|
|
|
|
* Equivalent to : flow->v4addrs.src = iph->saddr;
|
|
|
|
|
* flow->v4addrs.dst = iph->daddr;
|
|
|
|
|
*/
|
|
|
|
|
static inline void iph_to_flow_copy_v4addrs(struct flow_keys *flow,
|
|
|
|
|
const struct iphdr *iph)
|
|
|
|
|
{
|
|
|
|
|
BUILD_BUG_ON(offsetof(typeof(flow->addrs), v4addrs.dst) !=
|
|
|
|
|
offsetof(typeof(flow->addrs), v4addrs.src) +
|
|
|
|
|
sizeof(flow->addrs.v4addrs.src));
|
2022-11-15 14:24:00 +00:00
|
|
|
memcpy(&flow->addrs.v4addrs, &iph->addrs, sizeof(flow->addrs.v4addrs));
|
2015-06-04 16:16:40 +00:00
|
|
|
flow->control.addr_type = FLOW_DISSECTOR_KEY_IPV4_ADDRS;
|
|
|
|
|
}
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
|
* Map a multicast IP onto multicast MAC for type ethernet.
|
|
|
|
|
*/
|
|
|
|
|
|
2006-11-15 04:51:49 +00:00
|
|
|
static inline void ip_eth_mc_map(__be32 naddr, char *buf)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-11-15 04:51:49 +00:00
|
|
|
__u32 addr=ntohl(naddr);
|
2005-04-16 22:20:36 +00:00
|
|
|
buf[0]=0x01;
|
|
|
|
|
buf[1]=0x00;
|
|
|
|
|
buf[2]=0x5e;
|
|
|
|
|
buf[5]=addr&0xFF;
|
|
|
|
|
addr>>=8;
|
|
|
|
|
buf[4]=addr&0xFF;
|
|
|
|
|
addr>>=8;
|
|
|
|
|
buf[3]=addr&0x7F;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Map a multicast IP onto multicast MAC for type IP-over-InfiniBand.
|
|
|
|
|
* Leave P_Key as 0 to be filled in by driver.
|
|
|
|
|
*/
|
|
|
|
|
|
2007-12-10 20:38:41 +00:00
|
|
|
static inline void ip_ib_mc_map(__be32 naddr, const unsigned char *broadcast, char *buf)
|
2005-04-16 22:20:36 +00:00
|
|
|
{
|
2006-11-15 04:51:49 +00:00
|
|
|
__u32 addr;
|
2007-12-10 20:38:41 +00:00
|
|
|
unsigned char scope = broadcast[5] & 0xF;
|
|
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
buf[0] = 0; /* Reserved */
|
|
|
|
|
buf[1] = 0xff; /* Multicast QPN */
|
|
|
|
|
buf[2] = 0xff;
|
|
|
|
|
buf[3] = 0xff;
|
2006-11-15 04:51:49 +00:00
|
|
|
addr = ntohl(naddr);
|
2005-04-16 22:20:36 +00:00
|
|
|
buf[4] = 0xff;
|
2007-12-10 20:38:41 +00:00
|
|
|
buf[5] = 0x10 | scope; /* scope from broadcast address */
|
2005-04-16 22:20:36 +00:00
|
|
|
buf[6] = 0x40; /* IPv4 signature */
|
|
|
|
|
buf[7] = 0x1b;
|
2007-12-10 20:38:41 +00:00
|
|
|
buf[8] = broadcast[8]; /* P_Key */
|
|
|
|
|
buf[9] = broadcast[9];
|
2005-04-16 22:20:36 +00:00
|
|
|
buf[10] = 0;
|
|
|
|
|
buf[11] = 0;
|
|
|
|
|
buf[12] = 0;
|
|
|
|
|
buf[13] = 0;
|
|
|
|
|
buf[14] = 0;
|
|
|
|
|
buf[15] = 0;
|
|
|
|
|
buf[19] = addr & 0xff;
|
|
|
|
|
addr >>= 8;
|
|
|
|
|
buf[18] = addr & 0xff;
|
|
|
|
|
addr >>= 8;
|
|
|
|
|
buf[17] = addr & 0xff;
|
|
|
|
|
addr >>= 8;
|
|
|
|
|
buf[16] = addr & 0x0f;
|
|
|
|
|
}
|
|
|
|
|
|
2011-03-28 22:40:53 +00:00
|
|
|
static inline void ip_ipgre_mc_map(__be32 naddr, const unsigned char *broadcast, char *buf)
|
|
|
|
|
{
|
|
|
|
|
if ((broadcast[0] | broadcast[1] | broadcast[2] | broadcast[3]) != 0)
|
|
|
|
|
memcpy(buf, broadcast, 4);
|
|
|
|
|
else
|
|
|
|
|
memcpy(buf, &naddr, sizeof(naddr));
|
|
|
|
|
}
|
|
|
|
|
|
2011-12-10 09:48:31 +00:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
2005-04-16 22:20:36 +00:00
|
|
|
#include <linux/ipv6.h>
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
static __inline__ void inet_reset_saddr(struct sock *sk)
|
|
|
|
|
{
|
2009-10-15 06:30:45 +00:00
|
|
|
inet_sk(sk)->inet_rcv_saddr = inet_sk(sk)->inet_saddr = 0;
|
2011-12-10 09:48:31 +00:00
|
|
|
#if IS_ENABLED(CONFIG_IPV6)
|
2005-04-16 22:20:36 +00:00
|
|
|
if (sk->sk_family == PF_INET6) {
|
|
|
|
|
struct ipv6_pinfo *np = inet6_sk(sk);
|
|
|
|
|
|
|
|
|
|
memset(&np->saddr, 0, sizeof(np->saddr));
|
ipv6: make lookups simpler and faster
TCP listener refactoring, part 4 :
To speed up inet lookups, we moved IPv4 addresses from inet to struct
sock_common
Now is time to do the same for IPv6, because it permits us to have fast
lookups for all kind of sockets, including upcoming SYN_RECV.
Getting IPv6 addresses in TCP lookups currently requires two extra cache
lines, plus a dereference (and memory stall).
inet6_sk(sk) does the dereference of inet_sk(__sk)->pinet6
This patch is way bigger than its IPv4 counter part, because for IPv4,
we could add aliases (inet_daddr, inet_rcv_saddr), while on IPv6,
it's not doable easily.
inet6_sk(sk)->daddr becomes sk->sk_v6_daddr
inet6_sk(sk)->rcv_saddr becomes sk->sk_v6_rcv_saddr
And timewait socket also have tw->tw_v6_daddr & tw->tw_v6_rcv_saddr
at the same offset.
We get rid of INET6_TW_MATCH() as INET6_MATCH() is now the generic
macro.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-10-03 22:42:29 +00:00
|
|
|
memset(&sk->sk_v6_rcv_saddr, 0, sizeof(sk->sk_v6_rcv_saddr));
|
2005-04-16 22:20:36 +00:00
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#endif
|
|
|
|
|
|
2015-08-27 23:06:59 +00:00
|
|
|
static inline unsigned int ipv4_addr_hash(__be32 ip)
|
|
|
|
|
{
|
|
|
|
|
return (__force unsigned int) ip;
|
|
|
|
|
}
|
|
|
|
|
|
2017-12-01 20:52:30 +00:00
|
|
|
static inline u32 ipv4_portaddr_hash(const struct net *net,
|
|
|
|
|
__be32 saddr,
|
|
|
|
|
unsigned int port)
|
|
|
|
|
{
|
|
|
|
|
return jhash_1word((__force u32)saddr, net_hash_mix(net)) ^ port;
|
|
|
|
|
}
|
|
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
bool ip_call_ra_chain(struct sk_buff *skb);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
2008-01-02 05:13:09 +00:00
|
|
|
* Functions provided by ip_fragment.c
|
2005-04-16 22:20:36 +00:00
|
|
|
*/
|
|
|
|
|
|
2009-11-03 03:26:03 +00:00
|
|
|
enum ip_defrag_users {
|
2005-04-16 22:20:36 +00:00
|
|
|
IP_DEFRAG_LOCAL_DELIVER,
|
|
|
|
|
IP_DEFRAG_CALL_RA_CHAIN,
|
|
|
|
|
IP_DEFRAG_CONNTRACK_IN,
|
2010-05-24 21:33:03 +00:00
|
|
|
__IP_DEFRAG_CONNTRACK_IN_END = IP_DEFRAG_CONNTRACK_IN + USHRT_MAX,
|
2005-04-16 22:20:36 +00:00
|
|
|
IP_DEFRAG_CONNTRACK_OUT,
|
2010-05-24 21:33:03 +00:00
|
|
|
__IP_DEFRAG_CONNTRACK_OUT_END = IP_DEFRAG_CONNTRACK_OUT + USHRT_MAX,
|
2009-12-15 15:59:59 +00:00
|
|
|
IP_DEFRAG_CONNTRACK_BRIDGE_IN,
|
2010-05-24 21:33:03 +00:00
|
|
|
__IP_DEFRAG_CONNTRACK_BRIDGE_IN = IP_DEFRAG_CONNTRACK_BRIDGE_IN + USHRT_MAX,
|
2005-04-16 22:20:36 +00:00
|
|
|
IP_DEFRAG_VS_IN,
|
|
|
|
|
IP_DEFRAG_VS_OUT,
|
2011-07-05 08:05:48 +00:00
|
|
|
IP_DEFRAG_VS_FWD,
|
|
|
|
|
IP_DEFRAG_AF_PACKET,
|
2011-10-06 10:28:31 +00:00
|
|
|
IP_DEFRAG_MACVLAN,
|
2005-04-16 22:20:36 +00:00
|
|
|
};
|
|
|
|
|
|
2015-05-15 21:15:35 +00:00
|
|
|
/* Return true if the value of 'user' is between 'lower_bond'
|
|
|
|
|
* and 'upper_bond' inclusively.
|
|
|
|
|
*/
|
|
|
|
|
static inline bool ip_defrag_user_in_between(u32 user,
|
|
|
|
|
enum ip_defrag_users lower_bond,
|
|
|
|
|
enum ip_defrag_users upper_bond)
|
|
|
|
|
{
|
|
|
|
|
return user >= lower_bond && user <= upper_bond;
|
|
|
|
|
}
|
|
|
|
|
|
2015-10-09 18:44:54 +00:00
|
|
|
int ip_defrag(struct net *net, struct sk_buff *skb, u32 user);
|
2011-10-06 10:28:31 +00:00
|
|
|
#ifdef CONFIG_INET
|
2015-10-09 18:44:54 +00:00
|
|
|
struct sk_buff *ip_check_defrag(struct net *net, struct sk_buff *skb, u32 user);
|
2011-10-06 10:28:31 +00:00
|
|
|
#else
|
2015-10-09 18:44:54 +00:00
|
|
|
static inline struct sk_buff *ip_check_defrag(struct net *net, struct sk_buff *skb, u32 user)
|
2011-10-06 10:28:31 +00:00
|
|
|
{
|
|
|
|
|
return skb;
|
|
|
|
|
}
|
|
|
|
|
#endif
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Functions provided by ip_forward.c
|
|
|
|
|
*/
|
2018-02-27 23:48:21 +00:00
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_forward(struct sk_buff *skb);
|
2018-02-27 23:48:21 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
/*
|
|
|
|
|
* Functions provided by ip_options.c
|
|
|
|
|
*/
|
2018-02-27 23:48:21 +00:00
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_options_build(struct sk_buff *skb, struct ip_options *opt,
|
2022-01-28 16:06:54 +00:00
|
|
|
__be32 daddr, struct rtable *rt);
|
2014-09-27 16:50:55 +00:00
|
|
|
|
2017-08-03 16:07:06 +00:00
|
|
|
int __ip_options_echo(struct net *net, struct ip_options *dopt,
|
|
|
|
|
struct sk_buff *skb, const struct ip_options *sopt);
|
|
|
|
|
static inline int ip_options_echo(struct net *net, struct ip_options *dopt,
|
|
|
|
|
struct sk_buff *skb)
|
2014-09-27 16:50:55 +00:00
|
|
|
{
|
2017-08-03 16:07:06 +00:00
|
|
|
return __ip_options_echo(net, dopt, skb, &IPCB(skb)->opt);
|
2014-09-27 16:50:55 +00:00
|
|
|
}
|
|
|
|
|
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_options_fragment(struct sk_buff *skb);
|
2019-02-25 16:27:15 +00:00
|
|
|
int __ip_options_compile(struct net *net, struct ip_options *opt,
|
|
|
|
|
struct sk_buff *skb, __be32 *info);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_options_compile(struct net *net, struct ip_options *opt,
|
|
|
|
|
struct sk_buff *skb);
|
|
|
|
|
int ip_options_get(struct net *net, struct ip_options_rcu **optp,
|
2020-07-23 06:08:57 +00:00
|
|
|
sockptr_t data, int optlen);
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_options_undo(struct ip_options *opt);
|
|
|
|
|
void ip_forward_options(struct sk_buff *skb);
|
2019-04-01 13:17:32 +00:00
|
|
|
int ip_options_rcv_srr(struct sk_buff *skb, struct net_device *dev);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Functions provided by ip_sockglue.c
|
|
|
|
|
*/
|
|
|
|
|
|
2024-01-25 14:18:47 +00:00
|
|
|
void ipv4_pktinfo_prepare(const struct sock *sk, struct sk_buff *skb, bool drop_dst);
|
2016-11-04 10:28:58 +00:00
|
|
|
void ip_cmsg_recv_offset(struct msghdr *msg, struct sock *sk,
|
|
|
|
|
struct sk_buff *skb, int tlen, int offset);
|
2016-04-03 03:08:10 +00:00
|
|
|
int ip_cmsg_send(struct sock *sk, struct msghdr *msg,
|
2014-02-18 20:38:08 +00:00
|
|
|
struct ipcm_cookie *ipc, bool allow_ipv6);
|
2021-10-25 16:48:24 +00:00
|
|
|
DECLARE_STATIC_KEY_FALSE(ip4_min_ttl);
|
2022-08-17 06:18:26 +00:00
|
|
|
int do_ip_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
|
|
|
|
|
unsigned int optlen);
|
2020-07-23 06:09:07 +00:00
|
|
|
int ip_setsockopt(struct sock *sk, int level, int optname, sockptr_t optval,
|
2013-09-21 17:22:42 +00:00
|
|
|
unsigned int optlen);
|
2022-09-02 00:29:25 +00:00
|
|
|
int do_ip_getsockopt(struct sock *sk, int level, int optname,
|
|
|
|
|
sockptr_t optval, sockptr_t optlen);
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_getsockopt(struct sock *sk, int level, int optname, char __user *optval,
|
|
|
|
|
int __user *optlen);
|
|
|
|
|
int ip_ra_control(struct sock *sk, unsigned char on,
|
|
|
|
|
void (*destructor)(struct sock *));
|
|
|
|
|
|
2013-11-22 23:46:12 +00:00
|
|
|
int ip_recv_error(struct sock *sk, struct msghdr *msg, int len, int *addr_len);
|
2013-09-21 17:22:42 +00:00
|
|
|
void ip_icmp_error(struct sock *sk, struct sk_buff *skb, int err, __be16 port,
|
|
|
|
|
u32 info, u8 *payload);
|
|
|
|
|
void ip_local_error(struct sock *sk, int err, __be32 daddr, __be16 dport,
|
|
|
|
|
u32 info);
|
2005-04-16 22:20:36 +00:00
|
|
|
|
2015-01-05 21:56:16 +00:00
|
|
|
static inline void ip_cmsg_recv(struct msghdr *msg, struct sk_buff *skb)
|
|
|
|
|
{
|
2016-11-04 10:28:58 +00:00
|
|
|
ip_cmsg_recv_offset(msg, skb->sk, skb, 0, 0);
|
2015-01-05 21:56:16 +00:00
|
|
|
}
|
|
|
|
|
|
2014-09-19 14:38:40 +00:00
|
|
|
bool icmp_global_allow(void);
|
|
|
|
|
extern int sysctl_icmp_msgs_per_sec;
|
|
|
|
|
extern int sysctl_icmp_msgs_burst;
|
|
|
|
|
|
2005-08-16 05:18:02 +00:00
|
|
|
#ifdef CONFIG_PROC_FS
|
2013-09-21 17:22:42 +00:00
|
|
|
int ip_misc_proc_init(void);
|
2005-08-16 05:18:02 +00:00
|
|
|
#endif
|
|
|
|
|
|
2019-02-27 08:15:29 +00:00
|
|
|
int rtm_getroute_parse_ip_proto(struct nlattr *attr, u8 *ip_proto, u8 family,
|
2018-05-22 21:03:27 +00:00
|
|
|
struct netlink_ext_ack *extack);
|
|
|
|
|
|
2019-12-06 04:43:46 +00:00
|
|
|
static inline bool inetdev_valid_mtu(unsigned int mtu)
|
|
|
|
|
{
|
|
|
|
|
return likely(mtu >= IPV4_MIN_MTU);
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-28 05:12:27 +00:00
|
|
|
void ip_sock_set_freebind(struct sock *sk);
|
2020-05-28 05:12:29 +00:00
|
|
|
int ip_sock_set_mtu_discover(struct sock *sk, int val);
|
2020-05-28 05:12:30 +00:00
|
|
|
void ip_sock_set_pktinfo(struct sock *sk);
|
2020-05-28 05:12:28 +00:00
|
|
|
void ip_sock_set_recverr(struct sock *sk);
|
2020-05-28 05:12:26 +00:00
|
|
|
void ip_sock_set_tos(struct sock *sk, int val);
|
2023-10-18 09:00:13 +00:00
|
|
|
void __ip_sock_set_tos(struct sock *sk, int val);
|
2020-05-28 05:12:26 +00:00
|
|
|
|
2005-04-16 22:20:36 +00:00
|
|
|
#endif /* _IP_H */
|