Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 1 | /* |
| 2 | * INETPEER - A storage for permanent information about peers |
| 3 | * |
| 4 | * This source is covered by the GNU GPL, the same as all kernel sources. |
| 5 | * |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 6 | * Authors: Andrey V. Savochkin <saw@msu.ru> |
| 7 | */ |
| 8 | |
| 9 | #include <linux/module.h> |
| 10 | #include <linux/types.h> |
| 11 | #include <linux/slab.h> |
| 12 | #include <linux/interrupt.h> |
| 13 | #include <linux/spinlock.h> |
| 14 | #include <linux/random.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 15 | #include <linux/timer.h> |
| 16 | #include <linux/time.h> |
| 17 | #include <linux/kernel.h> |
| 18 | #include <linux/mm.h> |
| 19 | #include <linux/net.h> |
Arnaldo Carvalho de Melo | 2038073 | 2005-08-16 02:18:02 -0300 | [diff] [blame] | 20 | #include <net/ip.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 21 | #include <net/inetpeer.h> |
David S. Miller | 6e5714e | 2011-08-03 20:50:44 -0700 | [diff] [blame] | 22 | #include <net/secure_seq.h> |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 23 | |
| 24 | /* |
| 25 | * Theory of operations. |
| 26 | * We keep one entry for each peer IP address. The nodes contains long-living |
| 27 | * information about the peer which doesn't depend on routes. |
| 28 | * At this moment this information consists only of ID field for the next |
| 29 | * outgoing IP packet. This field is incremented with each packet as encoded |
| 30 | * in inet_getid() function (include/net/inetpeer.h). |
| 31 | * At the moment of writing this notes identifier of IP packets is generated |
| 32 | * to be unpredictable using this code only for packets subjected |
| 33 | * (actually or potentially) to defragmentation. I.e. DF packets less than |
| 34 | * PMTU in size uses a constant ID and do not use this code (see |
| 35 | * ip_select_ident() in include/net/ip.h). |
| 36 | * |
| 37 | * Route cache entries hold references to our nodes. |
| 38 | * New cache entries get references via lookup by destination IP address in |
| 39 | * the avl tree. The reference is grabbed only when it's needed i.e. only |
| 40 | * when we try to output IP packet which needs an unpredictable ID (see |
| 41 | * __ip_select_ident() in net/ipv4/route.c). |
| 42 | * Nodes are removed only when reference counter goes to 0. |
| 43 | * When it's happened the node may be removed when a sufficient amount of |
| 44 | * time has been passed since its last use. The less-recently-used entry can |
| 45 | * also be removed if the pool is overloaded i.e. if the total amount of |
| 46 | * entries is greater-or-equal than the threshold. |
| 47 | * |
| 48 | * Node pool is organised as an AVL tree. |
| 49 | * Such an implementation has been chosen not just for fun. It's a way to |
| 50 | * prevent easy and efficient DoS attacks by creating hash collisions. A huge |
| 51 | * amount of long living nodes in a single hash slot would significantly delay |
| 52 | * lookups performed with disabled BHs. |
| 53 | * |
| 54 | * Serialisation issues. |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 55 | * 1. Nodes may appear in the tree only with the pool lock held. |
| 56 | * 2. Nodes may disappear from the tree only with the pool lock held |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 57 | * AND reference count being 0. |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 58 | * 3. Global variable peer_total is modified under the pool lock. |
| 59 | * 4. struct inet_peer fields modification: |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 60 | * avl_left, avl_right, avl_parent, avl_height: pool lock |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 61 | * refcnt: atomically against modifications on other CPU; |
| 62 | * usually under some other lock to prevent node disappearing |
David S. Miller | 582a72d | 2010-11-30 11:53:55 -0800 | [diff] [blame] | 63 | * daddr: unchangeable |
Eric Dumazet | 317fe0e | 2010-06-16 04:52:13 +0000 | [diff] [blame] | 64 | * ip_id_count: atomic value (no lock needed) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 65 | */ |
| 66 | |
Christoph Lameter | e18b890 | 2006-12-06 20:33:20 -0800 | [diff] [blame] | 67 | static struct kmem_cache *peer_cachep __read_mostly; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 68 | |
| 69 | #define node_height(x) x->avl_height |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 70 | |
| 71 | #define peer_avl_empty ((struct inet_peer *)&peer_fake_node) |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 72 | #define peer_avl_empty_rcu ((struct inet_peer __rcu __force *)&peer_fake_node) |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 73 | static const struct inet_peer peer_fake_node = { |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 74 | .avl_left = peer_avl_empty_rcu, |
| 75 | .avl_right = peer_avl_empty_rcu, |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 76 | .avl_height = 0 |
| 77 | }; |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 78 | |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 79 | struct inet_peer_base { |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 80 | struct inet_peer __rcu *root; |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 81 | seqlock_t lock; |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 82 | int total; |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 83 | }; |
| 84 | |
| 85 | static struct inet_peer_base v4_peers = { |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 86 | .root = peer_avl_empty_rcu, |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 87 | .lock = __SEQLOCK_UNLOCKED(v4_peers.lock), |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 88 | .total = 0, |
| 89 | }; |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 90 | |
| 91 | static struct inet_peer_base v6_peers = { |
| 92 | .root = peer_avl_empty_rcu, |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 93 | .lock = __SEQLOCK_UNLOCKED(v6_peers.lock), |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 94 | .total = 0, |
| 95 | }; |
| 96 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 97 | #define PEER_MAXDEPTH 40 /* sufficient for about 2^27 nodes */ |
| 98 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 99 | /* Exported for sysctl_net_ipv4. */ |
Eric Dumazet | 243bbca | 2007-03-06 20:23:10 -0800 | [diff] [blame] | 100 | int inet_peer_threshold __read_mostly = 65536 + 128; /* start to throw entries more |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 101 | * aggressively at this stage */ |
Eric Dumazet | 243bbca | 2007-03-06 20:23:10 -0800 | [diff] [blame] | 102 | int inet_peer_minttl __read_mostly = 120 * HZ; /* TTL under high load: 120 sec */ |
| 103 | int inet_peer_maxttl __read_mostly = 10 * 60 * HZ; /* usual time to live: 10 min */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 104 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 105 | |
| 106 | /* Called from ip_output.c:ip_init */ |
| 107 | void __init inet_initpeers(void) |
| 108 | { |
| 109 | struct sysinfo si; |
| 110 | |
| 111 | /* Use the straight interface to information about memory. */ |
| 112 | si_meminfo(&si); |
| 113 | /* The values below were suggested by Alexey Kuznetsov |
| 114 | * <kuznet@ms2.inr.ac.ru>. I don't have any opinion about the values |
| 115 | * myself. --SAW |
| 116 | */ |
| 117 | if (si.totalram <= (32768*1024)/PAGE_SIZE) |
| 118 | inet_peer_threshold >>= 1; /* max pool size about 1MB on IA32 */ |
| 119 | if (si.totalram <= (16384*1024)/PAGE_SIZE) |
| 120 | inet_peer_threshold >>= 1; /* about 512KB */ |
| 121 | if (si.totalram <= (8192*1024)/PAGE_SIZE) |
| 122 | inet_peer_threshold >>= 2; /* about 128KB */ |
| 123 | |
| 124 | peer_cachep = kmem_cache_create("inet_peer_cache", |
| 125 | sizeof(struct inet_peer), |
Eric Dumazet | 317fe0e | 2010-06-16 04:52:13 +0000 | [diff] [blame] | 126 | 0, SLAB_HWCACHE_ALIGN | SLAB_PANIC, |
Paul Mundt | 20c2df8 | 2007-07-20 10:11:58 +0900 | [diff] [blame] | 127 | NULL); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 128 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 129 | } |
| 130 | |
David S. Miller | 8790ca1 | 2010-12-01 17:28:18 -0800 | [diff] [blame] | 131 | static int addr_compare(const struct inetpeer_addr *a, |
| 132 | const struct inetpeer_addr *b) |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 133 | { |
| 134 | int i, n = (a->family == AF_INET ? 1 : 4); |
| 135 | |
| 136 | for (i = 0; i < n; i++) { |
David S. Miller | 7a71ed8 | 2011-02-09 14:30:26 -0800 | [diff] [blame] | 137 | if (a->addr.a6[i] == b->addr.a6[i]) |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 138 | continue; |
David S. Miller | 7a71ed8 | 2011-02-09 14:30:26 -0800 | [diff] [blame] | 139 | if (a->addr.a6[i] < b->addr.a6[i]) |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 140 | return -1; |
| 141 | return 1; |
| 142 | } |
| 143 | |
| 144 | return 0; |
| 145 | } |
| 146 | |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 147 | #define rcu_deref_locked(X, BASE) \ |
| 148 | rcu_dereference_protected(X, lockdep_is_held(&(BASE)->lock.lock)) |
| 149 | |
Eric Dumazet | 243bbca | 2007-03-06 20:23:10 -0800 | [diff] [blame] | 150 | /* |
| 151 | * Called with local BH disabled and the pool lock held. |
Eric Dumazet | 243bbca | 2007-03-06 20:23:10 -0800 | [diff] [blame] | 152 | */ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 153 | #define lookup(_daddr, _stack, _base) \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 154 | ({ \ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 155 | struct inet_peer *u; \ |
| 156 | struct inet_peer __rcu **v; \ |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 157 | \ |
| 158 | stackptr = _stack; \ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 159 | *stackptr++ = &_base->root; \ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 160 | for (u = rcu_deref_locked(_base->root, _base); \ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 161 | u != peer_avl_empty; ) { \ |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 162 | int cmp = addr_compare(_daddr, &u->daddr); \ |
| 163 | if (cmp == 0) \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 164 | break; \ |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 165 | if (cmp == -1) \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 166 | v = &u->avl_left; \ |
| 167 | else \ |
| 168 | v = &u->avl_right; \ |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 169 | *stackptr++ = v; \ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 170 | u = rcu_deref_locked(*v, _base); \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 171 | } \ |
| 172 | u; \ |
| 173 | }) |
| 174 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 175 | /* |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 176 | * Called with rcu_read_lock() |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 177 | * Because we hold no lock against a writer, its quite possible we fall |
| 178 | * in an endless loop. |
| 179 | * But every pointer we follow is guaranteed to be valid thanks to RCU. |
| 180 | * We exit from this function if number of links exceeds PEER_MAXDEPTH |
| 181 | */ |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 182 | static struct inet_peer *lookup_rcu(const struct inetpeer_addr *daddr, |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 183 | struct inet_peer_base *base) |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 184 | { |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 185 | struct inet_peer *u = rcu_dereference(base->root); |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 186 | int count = 0; |
| 187 | |
| 188 | while (u != peer_avl_empty) { |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 189 | int cmp = addr_compare(daddr, &u->daddr); |
| 190 | if (cmp == 0) { |
Eric Dumazet | 5f2f892 | 2010-06-15 21:47:39 -0700 | [diff] [blame] | 191 | /* Before taking a reference, check if this entry was |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 192 | * deleted (refcnt=-1) |
Eric Dumazet | 5f2f892 | 2010-06-15 21:47:39 -0700 | [diff] [blame] | 193 | */ |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 194 | if (!atomic_add_unless(&u->refcnt, 1, -1)) |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 195 | u = NULL; |
| 196 | return u; |
| 197 | } |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 198 | if (cmp == -1) |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 199 | u = rcu_dereference(u->avl_left); |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 200 | else |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 201 | u = rcu_dereference(u->avl_right); |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 202 | if (unlikely(++count == PEER_MAXDEPTH)) |
| 203 | break; |
| 204 | } |
| 205 | return NULL; |
| 206 | } |
| 207 | |
| 208 | /* Called with local BH disabled and the pool lock held. */ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 209 | #define lookup_rightempty(start, base) \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 210 | ({ \ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 211 | struct inet_peer *u; \ |
| 212 | struct inet_peer __rcu **v; \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 213 | *stackptr++ = &start->avl_left; \ |
| 214 | v = &start->avl_left; \ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 215 | for (u = rcu_deref_locked(*v, base); \ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 216 | u->avl_right != peer_avl_empty_rcu; ) { \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 217 | v = &u->avl_right; \ |
| 218 | *stackptr++ = v; \ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 219 | u = rcu_deref_locked(*v, base); \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 220 | } \ |
| 221 | u; \ |
| 222 | }) |
| 223 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 224 | /* Called with local BH disabled and the pool lock held. |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 225 | * Variable names are the proof of operation correctness. |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 226 | * Look into mm/map_avl.c for more detail description of the ideas. |
| 227 | */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 228 | static void peer_avl_rebalance(struct inet_peer __rcu **stack[], |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 229 | struct inet_peer __rcu ***stackend, |
| 230 | struct inet_peer_base *base) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 231 | { |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 232 | struct inet_peer __rcu **nodep; |
| 233 | struct inet_peer *node, *l, *r; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 234 | int lh, rh; |
| 235 | |
| 236 | while (stackend > stack) { |
| 237 | nodep = *--stackend; |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 238 | node = rcu_deref_locked(*nodep, base); |
| 239 | l = rcu_deref_locked(node->avl_left, base); |
| 240 | r = rcu_deref_locked(node->avl_right, base); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 241 | lh = node_height(l); |
| 242 | rh = node_height(r); |
| 243 | if (lh > rh + 1) { /* l: RH+2 */ |
| 244 | struct inet_peer *ll, *lr, *lrl, *lrr; |
| 245 | int lrh; |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 246 | ll = rcu_deref_locked(l->avl_left, base); |
| 247 | lr = rcu_deref_locked(l->avl_right, base); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 248 | lrh = node_height(lr); |
| 249 | if (lrh <= node_height(ll)) { /* ll: RH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 250 | RCU_INIT_POINTER(node->avl_left, lr); /* lr: RH or RH+1 */ |
| 251 | RCU_INIT_POINTER(node->avl_right, r); /* r: RH */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 252 | node->avl_height = lrh + 1; /* RH+1 or RH+2 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 253 | RCU_INIT_POINTER(l->avl_left, ll); /* ll: RH+1 */ |
| 254 | RCU_INIT_POINTER(l->avl_right, node); /* node: RH+1 or RH+2 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 255 | l->avl_height = node->avl_height + 1; |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 256 | RCU_INIT_POINTER(*nodep, l); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 257 | } else { /* ll: RH, lr: RH+1 */ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 258 | lrl = rcu_deref_locked(lr->avl_left, base);/* lrl: RH or RH-1 */ |
| 259 | lrr = rcu_deref_locked(lr->avl_right, base);/* lrr: RH or RH-1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 260 | RCU_INIT_POINTER(node->avl_left, lrr); /* lrr: RH or RH-1 */ |
| 261 | RCU_INIT_POINTER(node->avl_right, r); /* r: RH */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 262 | node->avl_height = rh + 1; /* node: RH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 263 | RCU_INIT_POINTER(l->avl_left, ll); /* ll: RH */ |
| 264 | RCU_INIT_POINTER(l->avl_right, lrl); /* lrl: RH or RH-1 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 265 | l->avl_height = rh + 1; /* l: RH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 266 | RCU_INIT_POINTER(lr->avl_left, l); /* l: RH+1 */ |
| 267 | RCU_INIT_POINTER(lr->avl_right, node); /* node: RH+1 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 268 | lr->avl_height = rh + 2; |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 269 | RCU_INIT_POINTER(*nodep, lr); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 270 | } |
| 271 | } else if (rh > lh + 1) { /* r: LH+2 */ |
| 272 | struct inet_peer *rr, *rl, *rlr, *rll; |
| 273 | int rlh; |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 274 | rr = rcu_deref_locked(r->avl_right, base); |
| 275 | rl = rcu_deref_locked(r->avl_left, base); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 276 | rlh = node_height(rl); |
| 277 | if (rlh <= node_height(rr)) { /* rr: LH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 278 | RCU_INIT_POINTER(node->avl_right, rl); /* rl: LH or LH+1 */ |
| 279 | RCU_INIT_POINTER(node->avl_left, l); /* l: LH */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 280 | node->avl_height = rlh + 1; /* LH+1 or LH+2 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 281 | RCU_INIT_POINTER(r->avl_right, rr); /* rr: LH+1 */ |
| 282 | RCU_INIT_POINTER(r->avl_left, node); /* node: LH+1 or LH+2 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 283 | r->avl_height = node->avl_height + 1; |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 284 | RCU_INIT_POINTER(*nodep, r); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 285 | } else { /* rr: RH, rl: RH+1 */ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 286 | rlr = rcu_deref_locked(rl->avl_right, base);/* rlr: LH or LH-1 */ |
| 287 | rll = rcu_deref_locked(rl->avl_left, base);/* rll: LH or LH-1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 288 | RCU_INIT_POINTER(node->avl_right, rll); /* rll: LH or LH-1 */ |
| 289 | RCU_INIT_POINTER(node->avl_left, l); /* l: LH */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 290 | node->avl_height = lh + 1; /* node: LH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 291 | RCU_INIT_POINTER(r->avl_right, rr); /* rr: LH */ |
| 292 | RCU_INIT_POINTER(r->avl_left, rlr); /* rlr: LH or LH-1 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 293 | r->avl_height = lh + 1; /* r: LH+1 */ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 294 | RCU_INIT_POINTER(rl->avl_right, r); /* r: LH+1 */ |
| 295 | RCU_INIT_POINTER(rl->avl_left, node); /* node: LH+1 */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 296 | rl->avl_height = lh + 2; |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 297 | RCU_INIT_POINTER(*nodep, rl); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 298 | } |
| 299 | } else { |
| 300 | node->avl_height = (lh > rh ? lh : rh) + 1; |
| 301 | } |
| 302 | } |
| 303 | } |
| 304 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 305 | /* Called with local BH disabled and the pool lock held. */ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 306 | #define link_to_pool(n, base) \ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 307 | do { \ |
| 308 | n->avl_height = 1; \ |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 309 | n->avl_left = peer_avl_empty_rcu; \ |
| 310 | n->avl_right = peer_avl_empty_rcu; \ |
| 311 | /* lockless readers can catch us now */ \ |
| 312 | rcu_assign_pointer(**--stackptr, n); \ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 313 | peer_avl_rebalance(stack, stackptr, base); \ |
Eric Dumazet | d6cc1d6 | 2010-06-14 19:35:21 +0000 | [diff] [blame] | 314 | } while (0) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 315 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 316 | static void inetpeer_free_rcu(struct rcu_head *head) |
| 317 | { |
| 318 | kmem_cache_free(peer_cachep, container_of(head, struct inet_peer, rcu)); |
| 319 | } |
| 320 | |
Eric Dumazet | 66944e1 | 2011-04-11 22:39:40 +0000 | [diff] [blame] | 321 | static void unlink_from_pool(struct inet_peer *p, struct inet_peer_base *base, |
| 322 | struct inet_peer __rcu **stack[PEER_MAXDEPTH]) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 323 | { |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 324 | struct inet_peer __rcu ***stackptr, ***delp; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 325 | |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 326 | if (lookup(&p->daddr, stack, base) != p) |
| 327 | BUG(); |
| 328 | delp = stackptr - 1; /* *delp[0] == p */ |
| 329 | if (p->avl_left == peer_avl_empty_rcu) { |
| 330 | *delp[0] = p->avl_right; |
| 331 | --stackptr; |
| 332 | } else { |
| 333 | /* look for a node to insert instead of p */ |
| 334 | struct inet_peer *t; |
| 335 | t = lookup_rightempty(p, base); |
| 336 | BUG_ON(rcu_deref_locked(*stackptr[-1], base) != t); |
| 337 | **--stackptr = t->avl_left; |
| 338 | /* t is removed, t->daddr > x->daddr for any |
| 339 | * x in p->avl_left subtree. |
| 340 | * Put t in the old place of p. */ |
| 341 | RCU_INIT_POINTER(*delp[0], t); |
| 342 | t->avl_left = p->avl_left; |
| 343 | t->avl_right = p->avl_right; |
| 344 | t->avl_height = p->avl_height; |
| 345 | BUG_ON(delp[1] != &p->avl_left); |
| 346 | delp[1] = &t->avl_left; /* was &p->avl_left */ |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 347 | } |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 348 | peer_avl_rebalance(stack, stackptr, base); |
| 349 | base->total--; |
| 350 | call_rcu(&p->rcu, inetpeer_free_rcu); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 351 | } |
| 352 | |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 353 | static struct inet_peer_base *family_to_base(int family) |
| 354 | { |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 355 | return family == AF_INET ? &v4_peers : &v6_peers; |
David S. Miller | 021e929 | 2010-11-30 12:12:23 -0800 | [diff] [blame] | 356 | } |
| 357 | |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 358 | /* perform garbage collect on all items stacked during a lookup */ |
| 359 | static int inet_peer_gc(struct inet_peer_base *base, |
| 360 | struct inet_peer __rcu **stack[PEER_MAXDEPTH], |
| 361 | struct inet_peer __rcu ***stackptr) |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 362 | { |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 363 | struct inet_peer *p, *gchead = NULL; |
| 364 | __u32 delta, ttl; |
| 365 | int cnt = 0; |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 366 | |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 367 | if (base->total >= inet_peer_threshold) |
| 368 | ttl = 0; /* be aggressive */ |
| 369 | else |
| 370 | ttl = inet_peer_maxttl |
| 371 | - (inet_peer_maxttl - inet_peer_minttl) / HZ * |
| 372 | base->total / inet_peer_threshold * HZ; |
| 373 | stackptr--; /* last stack slot is peer_avl_empty */ |
| 374 | while (stackptr > stack) { |
| 375 | stackptr--; |
| 376 | p = rcu_deref_locked(**stackptr, base); |
Eric Dumazet | 6d1a3e0 | 2011-07-11 02:49:52 +0000 | [diff] [blame] | 377 | if (atomic_read(&p->refcnt) == 0) { |
| 378 | smp_rmb(); |
| 379 | delta = (__u32)jiffies - p->dtime; |
| 380 | if (delta >= ttl && |
| 381 | atomic_cmpxchg(&p->refcnt, 0, -1) == 0) { |
| 382 | p->gc_next = gchead; |
| 383 | gchead = p; |
| 384 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 385 | } |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 386 | } |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 387 | while ((p = gchead) != NULL) { |
| 388 | gchead = p->gc_next; |
| 389 | cnt++; |
| 390 | unlink_from_pool(p, base, stack); |
| 391 | } |
| 392 | return cnt; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 393 | } |
| 394 | |
Eric Dumazet | 87c48fa | 2011-07-21 21:25:58 -0700 | [diff] [blame] | 395 | struct inet_peer *inet_getpeer(const struct inetpeer_addr *daddr, int create) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 396 | { |
Eric Dumazet | b914c4e | 2010-10-25 23:55:38 +0000 | [diff] [blame] | 397 | struct inet_peer __rcu **stack[PEER_MAXDEPTH], ***stackptr; |
David S. Miller | 3408404 | 2011-01-24 14:37:46 -0800 | [diff] [blame] | 398 | struct inet_peer_base *base = family_to_base(daddr->family); |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 399 | struct inet_peer *p; |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 400 | unsigned int sequence; |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 401 | int invalidated, gccnt = 0; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 402 | |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 403 | /* Attempt a lockless lookup first. |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 404 | * Because of a concurrent writer, we might not find an existing entry. |
| 405 | */ |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 406 | rcu_read_lock(); |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 407 | sequence = read_seqbegin(&base->lock); |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 408 | p = lookup_rcu(daddr, base); |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 409 | invalidated = read_seqretry(&base->lock, sequence); |
David S. Miller | 7b46ac4 | 2011-03-08 14:59:28 -0800 | [diff] [blame] | 410 | rcu_read_unlock(); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 411 | |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 412 | if (p) |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 413 | return p; |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 414 | |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 415 | /* If no writer did a change during our lookup, we can return early. */ |
| 416 | if (!create && !invalidated) |
| 417 | return NULL; |
| 418 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 419 | /* retry an exact lookup, taking the lock before. |
| 420 | * At least, nodes should be hot in our cache. |
| 421 | */ |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 422 | write_seqlock_bh(&base->lock); |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 423 | relookup: |
David S. Miller | 0266304 | 2010-11-30 12:08:53 -0800 | [diff] [blame] | 424 | p = lookup(daddr, stack, base); |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 425 | if (p != peer_avl_empty) { |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 426 | atomic_inc(&p->refcnt); |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 427 | write_sequnlock_bh(&base->lock); |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 428 | return p; |
| 429 | } |
| 430 | if (!gccnt) { |
| 431 | gccnt = inet_peer_gc(base, stack, stackptr); |
| 432 | if (gccnt && create) |
| 433 | goto relookup; |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 434 | } |
| 435 | p = create ? kmem_cache_alloc(peer_cachep, GFP_ATOMIC) : NULL; |
| 436 | if (p) { |
David S. Miller | b534ecf | 2010-11-30 11:54:19 -0800 | [diff] [blame] | 437 | p->daddr = *daddr; |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 438 | atomic_set(&p->refcnt, 1); |
| 439 | atomic_set(&p->rid, 0); |
Eric Dumazet | 87c48fa | 2011-07-21 21:25:58 -0700 | [diff] [blame] | 440 | atomic_set(&p->ip_id_count, |
| 441 | (daddr->family == AF_INET) ? |
| 442 | secure_ip_id(daddr->addr.a4) : |
| 443 | secure_ipv6_id(daddr->addr.a6)); |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 444 | p->tcp_ts_stamp = 0; |
David S. Miller | 144001b | 2011-01-27 13:52:16 -0800 | [diff] [blame] | 445 | p->metrics[RTAX_LOCK-1] = INETPEER_METRICS_NEW; |
David S. Miller | 92d8682 | 2011-02-04 15:55:25 -0800 | [diff] [blame] | 446 | p->rate_tokens = 0; |
| 447 | p->rate_last = 0; |
David S. Miller | ddd4aa4 | 2011-02-09 15:36:47 -0800 | [diff] [blame] | 448 | p->pmtu_expires = 0; |
Hiroaki SHIMODA | 46af318 | 2011-03-09 20:09:58 +0000 | [diff] [blame] | 449 | p->pmtu_orig = 0; |
David S. Miller | ddd4aa4 | 2011-02-09 15:36:47 -0800 | [diff] [blame] | 450 | memset(&p->redirect_learned, 0, sizeof(p->redirect_learned)); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 451 | |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 452 | |
| 453 | /* Link the node. */ |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 454 | link_to_pool(p, base); |
| 455 | base->total++; |
Eric Dumazet | aa1039e | 2010-06-15 08:23:14 +0000 | [diff] [blame] | 456 | } |
Eric Dumazet | 65e8354 | 2011-03-04 14:33:59 -0800 | [diff] [blame] | 457 | write_sequnlock_bh(&base->lock); |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 458 | |
Linus Torvalds | 1da177e | 2005-04-16 15:20:36 -0700 | [diff] [blame] | 459 | return p; |
| 460 | } |
David S. Miller | b341936 | 2010-11-30 12:27:11 -0800 | [diff] [blame] | 461 | EXPORT_SYMBOL_GPL(inet_getpeer); |
David S. Miller | 98158f5 | 2010-11-30 11:41:59 -0800 | [diff] [blame] | 462 | |
Eric Dumazet | 4663afe | 2006-10-12 21:21:06 -0700 | [diff] [blame] | 463 | void inet_putpeer(struct inet_peer *p) |
| 464 | { |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 465 | p->dtime = (__u32)jiffies; |
Eric Dumazet | 6d1a3e0 | 2011-07-11 02:49:52 +0000 | [diff] [blame] | 466 | smp_mb__before_atomic_dec(); |
Eric Dumazet | 4b9d9be | 2011-06-08 13:35:34 +0000 | [diff] [blame] | 467 | atomic_dec(&p->refcnt); |
Eric Dumazet | 4663afe | 2006-10-12 21:21:06 -0700 | [diff] [blame] | 468 | } |
David S. Miller | b341936 | 2010-11-30 12:27:11 -0800 | [diff] [blame] | 469 | EXPORT_SYMBOL_GPL(inet_putpeer); |
David S. Miller | 92d8682 | 2011-02-04 15:55:25 -0800 | [diff] [blame] | 470 | |
| 471 | /* |
| 472 | * Check transmit rate limitation for given message. |
| 473 | * The rate information is held in the inet_peer entries now. |
| 474 | * This function is generic and could be used for other purposes |
| 475 | * too. It uses a Token bucket filter as suggested by Alexey Kuznetsov. |
| 476 | * |
| 477 | * Note that the same inet_peer fields are modified by functions in |
| 478 | * route.c too, but these work for packet destinations while xrlim_allow |
| 479 | * works for icmp destinations. This means the rate limiting information |
| 480 | * for one "ip object" is shared - and these ICMPs are twice limited: |
| 481 | * by source and by destination. |
| 482 | * |
| 483 | * RFC 1812: 4.3.2.8 SHOULD be able to limit error message rate |
| 484 | * SHOULD allow setting of rate limits |
| 485 | * |
| 486 | * Shared between ICMPv4 and ICMPv6. |
| 487 | */ |
| 488 | #define XRLIM_BURST_FACTOR 6 |
| 489 | bool inet_peer_xrlim_allow(struct inet_peer *peer, int timeout) |
| 490 | { |
| 491 | unsigned long now, token; |
| 492 | bool rc = false; |
| 493 | |
| 494 | if (!peer) |
| 495 | return true; |
| 496 | |
| 497 | token = peer->rate_tokens; |
| 498 | now = jiffies; |
| 499 | token += now - peer->rate_last; |
| 500 | peer->rate_last = now; |
| 501 | if (token > XRLIM_BURST_FACTOR * timeout) |
| 502 | token = XRLIM_BURST_FACTOR * timeout; |
| 503 | if (token >= timeout) { |
| 504 | token -= timeout; |
| 505 | rc = true; |
| 506 | } |
| 507 | peer->rate_tokens = token; |
| 508 | return rc; |
| 509 | } |
| 510 | EXPORT_SYMBOL(inet_peer_xrlim_allow); |