LXR linux/include/net/inet

   1/*
   2 * INET         An implementation of the TCP/IP protocol suite for the LINUX
   3 *              operating system.  INET is implemented using the BSD Socket
   4 *              interface as the means of communication with the user level.
   5 *
   6 * Authors:     Lotsa people, from code originally in tcp
   7 *
   8 *      This program is free software; you can redistribute it and/or
   9 *      modify it under the terms of the GNU General Public License
  10 *      as published by the Free Software Foundation; either version
  11 *      2 of the License, or (at your option) any later version.
  12 */
  13
  14#ifndef _INET_HASHTABLES_H
  15#define _INET_HASHTABLES_H
  16
  17
  18#include <linux/interrupt.h>
  19#include <linux/ip.h>
  20#include <linux/ipv6.h>
  21#include <linux/list.h>
  22#include <linux/slab.h>
  23#include <linux/socket.h>
  24#include <linux/spinlock.h>
  25#include <linux/types.h>
  26#include <linux/wait.h>
  27
  28#include <net/inet_connection_sock.h>
  29#include <net/inet_sock.h>
  30#include <net/sock.h>
  31#include <net/route.h>
  32#include <net/tcp_states.h>
  33#include <net/netns/hash.h>
  34
  35#include <linux/atomic.h>
  36#include <asm/byteorder.h>
  37
  38/* This is for all connections with a full identity, no wildcards.
  39 * The 'e' prefix stands for Establish, but we really put all sockets
  40 * but LISTEN ones.
  41 */
  42struct inet_ehash_bucket {
  43        struct hlist_nulls_head chain;
  44};
  45
  46/* There are a few simple rules, which allow for local port reuse by
  47 * an application.  In essence:
  48 *
  49 *      1) Sockets bound to different interfaces may share a local port.
  50 *         Failing that, goto test 2.
  51 *      2) If all sockets have sk->sk_reuse set, and none of them are in
  52 *         TCP_LISTEN state, the port may be shared.
  53 *         Failing that, goto test 3.
  54 *      3) If all sockets are bound to a specific inet_sk(sk)->rcv_saddr local
  55 *         address, and none of them are the same, the port may be
  56 *         shared.
  57 *         Failing this, the port cannot be shared.
  58 *
  59 * The interesting point, is test #2.  This is what an FTP server does
  60 * all day.  To optimize this case we use a specific flag bit defined
  61 * below.  As we add sockets to a bind bucket list, we perform a
  62 * check of: (newsk->sk_reuse && (newsk->sk_state != TCP_LISTEN))
  63 * As long as all sockets added to a bind bucket pass this test,
  64 * the flag bit will be set.
  65 * The resulting situation is that tcp_v[46]_verify_bind() can just check
  66 * for this flag bit, if it is set and the socket trying to bind has
  67 * sk->sk_reuse set, we don't even have to walk the owners list at all,
  68 * we return that it is ok to bind this socket to the requested local port.
  69 *
  70 * Sounds like a lot of work, but it is worth it.  In a more naive
  71 * implementation (ie. current FreeBSD etc.) the entire list of ports
  72 * must be walked for each data port opened by an ftp server.  Needless
  73 * to say, this does not scale at all.  With a couple thousand FTP
  74 * users logged onto your box, isn't it nice to know that new data
  75 * ports are created in O(1) time?  I thought so. ;-)   -DaveM
  76 */
  77struct inet_bind_bucket {
  78        possible_net_t          ib_net;
  79        unsigned short          port;
  80        signed char             fastreuse;
  81        signed char             fastreuseport;
  82        kuid_t                  fastuid;
  83        int                     num_owners;
  84        struct hlist_node       node;
  85        struct hlist_head       owners;
  86};
  87
  88static inline struct net *ib_net(struct inet_bind_bucket *ib)
  89{
  90        return read_pnet(&ib->ib_net);
  91}
  92
  93#define inet_bind_bucket_for_each(tb, head) \
  94        hlist_for_each_entry(tb, head, node)
  95
  96struct inet_bind_hashbucket {
  97        spinlock_t              lock;
  98        struct hlist_head       chain;
  99};
 100
 101/*
 102 * Sockets can be hashed in established or listening table
 103 * We must use different 'nulls' end-of-chain value for listening
 104 * hash table, or we might find a socket that was closed and
 105 * reallocated/inserted into established hash table
 106 */
 107#define LISTENING_NULLS_BASE (1U << 29)
 108struct inet_listen_hashbucket {
 109        spinlock_t              lock;
 110        struct hlist_nulls_head head;
 111};
 112
 113/* This is for listening sockets, thus all sockets which possess wildcards. */
 114#define INET_LHTABLE_SIZE       32      /* Yes, really, this is all you need. */
 115
 116struct inet_hashinfo {
 117        /* This is for sockets with full identity only.  Sockets here will
 118         * always be without wildcards and will have the following invariant:
 119         *
 120         *          TCP_ESTABLISHED <= sk->sk_state < TCP_CLOSE
 121         *
 122         */
 123        struct inet_ehash_bucket        *ehash;
 124        spinlock_t                      *ehash_locks;
 125        unsigned int                    ehash_mask;
 126        unsigned int                    ehash_locks_mask;
 127
 128        /* Ok, let's try this, I give up, we do need a local binding
 129         * TCP hash as well as the others for fast bind/connect.
 130         */
 131        struct inet_bind_hashbucket     *bhash;
 132
 133        unsigned int                    bhash_size;
 134        /* 4 bytes hole on 64 bit */
 135
 136        struct kmem_cache               *bind_bucket_cachep;
 137
 138        /* All the above members are written once at bootup and
 139         * never written again _or_ are predominantly read-access.
 140         *
 141         * Now align to a new cache line as all the following members
 142         * might be often dirty.
 143         */
 144        /* All sockets in TCP_LISTEN state will be in here.  This is the only
 145         * table where wildcard'd TCP sockets can exist.  Hash function here
 146         * is just local port number.
 147         */
 148        struct inet_listen_hashbucket   listening_hash[INET_LHTABLE_SIZE]
 149                                        ____cacheline_aligned_in_smp;
 150};
 151
 152static inline struct inet_ehash_bucket *inet_ehash_bucket(
 153        struct inet_hashinfo *hashinfo,
 154        unsigned int hash)
 155{
 156        return &hashinfo->ehash[hash & hashinfo->ehash_mask];
 157}
 158
 159static inline spinlock_t *inet_ehash_lockp(
 160        struct inet_hashinfo *hashinfo,
 161        unsigned int hash)
 162{
 163        return &hashinfo->ehash_locks[hash & hashinfo->ehash_locks_mask];
 164}
 165
 166int inet_ehash_locks_alloc(struct inet_hashinfo *hashinfo);
 167
 168static inline void inet_ehash_locks_free(struct inet_hashinfo *hashinfo)
 169{
 170        kvfree(hashinfo->ehash_locks);
 171        hashinfo->ehash_locks = NULL;
 172}
 173
 174struct inet_bind_bucket *
 175inet_bind_bucket_create(struct kmem_cache *cachep, struct net *net,
 176                        struct inet_bind_hashbucket *head,
 177                        const unsigned short snum);
 178void inet_bind_bucket_destroy(struct kmem_cache *cachep,
 179                              struct inet_bind_bucket *tb);
 180
 181static inline u32 inet_bhashfn(const struct net *net, const __u16 lport,
 182                               const u32 bhash_size)
 183{
 184        return (lport + net_hash_mix(net)) & (bhash_size - 1);
 185}
 186
 187void inet_bind_hash(struct sock *sk, struct inet_bind_bucket *tb,
 188                    const unsigned short snum);
 189
 190/* These can have wildcards, don't try too hard. */
 191static inline u32 inet_lhashfn(const struct net *net, const unsigned short num)
 192{
 193        return (num + net_hash_mix(net)) & (INET_LHTABLE_SIZE - 1);
 194}
 195
 196static inline int inet_sk_listen_hashfn(const struct sock *sk)
 197{
 198        return inet_lhashfn(sock_net(sk), inet_sk(sk)->inet_num);
 199}
 200
 201/* Caller must disable local BH processing. */
 202int __inet_inherit_port(const struct sock *sk, struct sock *child);
 203
 204void inet_put_port(struct sock *sk);
 205
 206void inet_hashinfo_init(struct inet_hashinfo *h);
 207
 208bool inet_ehash_insert(struct sock *sk, struct sock *osk);
 209bool inet_ehash_nolisten(struct sock *sk, struct sock *osk);
 210int __inet_hash(struct sock *sk, struct sock *osk,
 211                int (*saddr_same)(const struct sock *sk1,
 212                                  const struct sock *sk2,
 213                                  bool match_wildcard));
 214int inet_hash(struct sock *sk);
 215void inet_unhash(struct sock *sk);
 216
 217struct sock *__inet_lookup_listener(struct net *net,
 218                                    struct inet_hashinfo *hashinfo,
 219                                    struct sk_buff *skb, int doff,
 220                                    const __be32 saddr, const __be16 sport,
 221                                    const __be32 daddr,
 222                                    const unsigned short hnum,
 223                                    const int dif);
 224
 225static inline struct sock *inet_lookup_listener(struct net *net,
 226                struct inet_hashinfo *hashinfo,
 227                struct sk_buff *skb, int doff,
 228                __be32 saddr, __be16 sport,
 229                __be32 daddr, __be16 dport, int dif)
 230{
 231        return __inet_lookup_listener(net, hashinfo, skb, doff, saddr, sport,
 232                                      daddr, ntohs(dport), dif);
 233}
 234
 235/* Socket demux engine toys. */
 236/* What happens here is ugly; there's a pair of adjacent fields in
 237   struct inet_sock; __be16 dport followed by __u16 num.  We want to
 238   search by pair, so we combine the keys into a single 32bit value
 239   and compare with 32bit value read from &...->dport.  Let's at least
 240   make sure that it's not mixed with anything else...
 241   On 64bit targets we combine comparisons with pair of adjacent __be32
 242   fields in the same way.
 243*/
 244#ifdef __BIG_ENDIAN
 245#define INET_COMBINED_PORTS(__sport, __dport) \
 246        ((__force __portpair)(((__force __u32)(__be16)(__sport) << 16) | (__u32)(__dport)))
 247#else /* __LITTLE_ENDIAN */
 248#define INET_COMBINED_PORTS(__sport, __dport) \
 249        ((__force __portpair)(((__u32)(__dport) << 16) | (__force __u32)(__be16)(__sport)))
 250#endif
 251
 252#if (BITS_PER_LONG == 64)
 253#ifdef __BIG_ENDIAN
 254#define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
 255        const __addrpair __name = (__force __addrpair) ( \
 256                                   (((__force __u64)(__be32)(__saddr)) << 32) | \
 257                                   ((__force __u64)(__be32)(__daddr)))
 258#else /* __LITTLE_ENDIAN */
 259#define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
 260        const __addrpair __name = (__force __addrpair) ( \
 261                                   (((__force __u64)(__be32)(__daddr)) << 32) | \
 262                                   ((__force __u64)(__be32)(__saddr)))
 263#endif /* __BIG_ENDIAN */
 264#define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif)     \
 265        (((__sk)->sk_portpair == (__ports))                     &&      \
 266         ((__sk)->sk_addrpair == (__cookie))                    &&      \
 267         (!(__sk)->sk_bound_dev_if      ||                              \
 268           ((__sk)->sk_bound_dev_if == (__dif)))                &&      \
 269         net_eq(sock_net(__sk), (__net)))
 270#else /* 32-bit arch */
 271#define INET_ADDR_COOKIE(__name, __saddr, __daddr) \
 272        const int __name __deprecated __attribute__((unused))
 273
 274#define INET_MATCH(__sk, __net, __cookie, __saddr, __daddr, __ports, __dif) \
 275        (((__sk)->sk_portpair == (__ports))             &&              \
 276         ((__sk)->sk_daddr      == (__saddr))           &&              \
 277         ((__sk)->sk_rcv_saddr  == (__daddr))           &&              \
 278         (!(__sk)->sk_bound_dev_if      ||                              \
 279           ((__sk)->sk_bound_dev_if == (__dif)))        &&              \
 280         net_eq(sock_net(__sk), (__net)))
 281#endif /* 64-bit arch */
 282
 283/*
 284 * Sockets in TCP_CLOSE state are _always_ taken out of the hash, so we need
 285 * not check it for lookups anymore, thanks Alexey. -DaveM
 286 *
 287 * Local BH must be disabled here.
 288 */
 289struct sock *__inet_lookup_established(struct net *net,
 290                                       struct inet_hashinfo *hashinfo,
 291                                       const __be32 saddr, const __be16 sport,
 292                                       const __be32 daddr, const u16 hnum,
 293                                       const int dif);
 294
 295static inline struct sock *
 296        inet_lookup_established(struct net *net, struct inet_hashinfo *hashinfo,
 297                                const __be32 saddr, const __be16 sport,
 298                                const __be32 daddr, const __be16 dport,
 299                                const int dif)
 300{
 301        return __inet_lookup_established(net, hashinfo, saddr, sport, daddr,
 302                                         ntohs(dport), dif);
 303}
 304
 305static inline struct sock *__inet_lookup(struct net *net,
 306                                         struct inet_hashinfo *hashinfo,
 307                                         struct sk_buff *skb, int doff,
 308                                         const __be32 saddr, const __be16 sport,
 309                                         const __be32 daddr, const __be16 dport,
 310                                         const int dif)
 311{
 312        u16 hnum = ntohs(dport);
 313        struct sock *sk = __inet_lookup_established(net, hashinfo,
 314                                saddr, sport, daddr, hnum, dif);
 315
 316        return sk ? : __inet_lookup_listener(net, hashinfo, skb, doff, saddr,
 317                                             sport, daddr, hnum, dif);
 318}
 319
 320static inline struct sock *inet_lookup(struct net *net,
 321                                       struct inet_hashinfo *hashinfo,
 322                                       struct sk_buff *skb, int doff,
 323                                       const __be32 saddr, const __be16 sport,
 324                                       const __be32 daddr, const __be16 dport,
 325                                       const int dif)
 326{
 327        struct sock *sk;
 328
 329        local_bh_disable();
 330        sk = __inet_lookup(net, hashinfo, skb, doff, saddr, sport, daddr,
 331                           dport, dif);
 332        local_bh_enable();
 333
 334        return sk;
 335}
 336
 337static inline struct sock *__inet_lookup_skb(struct inet_hashinfo *hashinfo,
 338                                             struct sk_buff *skb,
 339                                             int doff,
 340                                             const __be16 sport,
 341                                             const __be16 dport)
 342{
 343        struct sock *sk = skb_steal_sock(skb);
 344        const struct iphdr *iph = ip_hdr(skb);
 345
 346        if (sk)
 347                return sk;
 348        else
 349                return __inet_lookup(dev_net(skb_dst(skb)->dev), hashinfo, skb,
 350                                     doff, iph->saddr, sport,
 351                                     iph->daddr, dport, inet_iif(skb));
 352}
 353
 354u32 sk_ehashfn(const struct sock *sk);
 355u32 inet6_ehashfn(const struct net *net,
 356                  const struct in6_addr *laddr, const u16 lport,
 357                  const struct in6_addr *faddr, const __be16 fport);
 358
 359static inline void sk_daddr_set(struct sock *sk, __be32 addr)
 360{
 361        sk->sk_daddr = addr; /* alias of inet_daddr */
 362#if IS_ENABLED(CONFIG_IPV6)
 363        ipv6_addr_set_v4mapped(addr, &sk->sk_v6_daddr);
 364#endif
 365}
 366
 367static inline void sk_rcv_saddr_set(struct sock *sk, __be32 addr)
 368{
 369        sk->sk_rcv_saddr = addr; /* alias of inet_rcv_saddr */
 370#if IS_ENABLED(CONFIG_IPV6)
 371        ipv6_addr_set_v4mapped(addr, &sk->sk_v6_rcv_saddr);
 372#endif
 373}
 374
 375int __inet_hash_connect(struct inet_timewait_death_row *death_row,
 376                        struct sock *sk, u32 port_offset,
 377                        int (*check_established)(struct inet_timewait_death_row *,
 378                                                 struct sock *, __u16,
 379                                                 struct inet_timewait_sock **));
 380
 381int inet_hash_connect(struct inet_timewait_death_row *death_row,
 382                      struct sock *sk);
 383#endif /* _INET_HASHTABLES_H */
 384