Orange Pi5 kernel

Deprecated Linux kernel 5.10.110 for OrangePi 5/5B/5+ boards

3 Commits   0 Branches   0 Tags
Index
Trunk
Branches
Tags
Trunk
Branches
Tags
Home page
Home page
orangepi/linux-orangepi-5.10.y.git/trunk/net/ipv4/ip_fragment.c 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   1) // SPDX-License-Identifier: GPL-2.0
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   2) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   3)  * INET		An implementation of the TCP/IP protocol suite for the LINUX
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   4)  *		operating system.  INET is implemented using the  BSD Socket
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   5)  *		interface as the means of communication with the user level.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   6)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   7)  *		The IP fragmentation functionality.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   8)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300   9)  * Authors:	Fred N. van Kempen <waltje@uWalt.NL.Mugnet.ORG>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  10)  *		Alan Cox <alan@lxorguk.ukuu.org.uk>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  11)  *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  12)  * Fixes:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  13)  *		Alan Cox	:	Split from ip.c , see ip_input.c for history.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  14)  *		David S. Miller :	Begin massive cleanup...
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  15)  *		Andi Kleen	:	Add sysctls.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  16)  *		xxxx		:	Overlapfrag bug.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  17)  *		Ultima          :       ip_expire() kernel panic.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  18)  *		Bill Hawes	:	Frag accounting and evictor fixes.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  19)  *		John McDonald	:	0 length frag bug.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  20)  *		Alexey Kuznetsov:	SMP races, threading, cleanup.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  21)  *		Patrick McHardy :	LRU queue of frag heads for evictor.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  22)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  23) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  24) #define pr_fmt(fmt) "IPv4: " fmt
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  25) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  26) #include <linux/compiler.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  27) #include <linux/module.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  28) #include <linux/types.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  29) #include <linux/mm.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  30) #include <linux/jiffies.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  31) #include <linux/skbuff.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  32) #include <linux/list.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  33) #include <linux/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  34) #include <linux/icmp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  35) #include <linux/netdevice.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  36) #include <linux/jhash.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  37) #include <linux/random.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  38) #include <linux/slab.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  39) #include <net/route.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  40) #include <net/dst.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  41) #include <net/sock.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  42) #include <net/ip.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  43) #include <net/icmp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  44) #include <net/checksum.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  45) #include <net/inetpeer.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  46) #include <net/inet_frag.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  47) #include <linux/tcp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  48) #include <linux/udp.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  49) #include <linux/inet.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  50) #include <linux/netfilter_ipv4.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  51) #include <net/inet_ecn.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  52) #include <net/l3mdev.h>
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  53) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  54) /* NOTE. Logic of IP defragmentation is parallel to corresponding IPv6
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  55)  * code now. If you change something here, _PLEASE_ update ipv6/reassembly.c
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  56)  * as well. Or notify me, at least. --ANK
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  57)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  58) static const char ip_frag_cache_name[] = "ip4-frags";
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  59) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  60) /* Describe an entry in the "incomplete datagrams" queue. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  61) struct ipq {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  62) 	struct inet_frag_queue q;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  63) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  64) 	u8		ecn; /* RFC3168 support */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  65) 	u16		max_df_size; /* largest frag with DF set seen */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  66) 	int             iif;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  67) 	unsigned int    rid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  68) 	struct inet_peer *peer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  69) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  70) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  71) static u8 ip4_frag_ecn(u8 tos)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  72) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  73) 	return 1 << (tos & INET_ECN_MASK);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  74) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  75) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  76) static struct inet_frags ip4_frags;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  77) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  78) static int ip_frag_reasm(struct ipq *qp, struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  79) 			 struct sk_buff *prev_tail, struct net_device *dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  80) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  81) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  82) static void ip4_frag_init(struct inet_frag_queue *q, const void *a)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  83) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  84) 	struct ipq *qp = container_of(q, struct ipq, q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  85) 	struct net *net = q->fqdir->net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  86) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  87) 	const struct frag_v4_compare_key *key = a;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  88) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  89) 	q->key.v4 = *key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  90) 	qp->ecn = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  91) 	qp->peer = q->fqdir->max_dist ?
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  92) 		inet_getpeer_v4(net->ipv4.peers, key->saddr, key->vif, 1) :
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  93) 		NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  94) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  95) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  96) static void ip4_frag_free(struct inet_frag_queue *q)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  97) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  98) 	struct ipq *qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300  99) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 100) 	qp = container_of(q, struct ipq, q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 101) 	if (qp->peer)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 102) 		inet_putpeer(qp->peer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 103) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 104) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 105) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 106) /* Destruction primitives. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 107) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 108) static void ipq_put(struct ipq *ipq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 109) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 110) 	inet_frag_put(&ipq->q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 111) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 112) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 113) /* Kill ipq entry. It is not destroyed immediately,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 114)  * because caller (and someone more) holds reference count.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 115)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 116) static void ipq_kill(struct ipq *ipq)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 117) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 118) 	inet_frag_kill(&ipq->q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 119) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 120) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 121) static bool frag_expire_skip_icmp(u32 user)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 122) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 123) 	return user == IP_DEFRAG_AF_PACKET ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 124) 	       ip_defrag_user_in_between(user, IP_DEFRAG_CONNTRACK_IN,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 125) 					 __IP_DEFRAG_CONNTRACK_IN_END) ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 126) 	       ip_defrag_user_in_between(user, IP_DEFRAG_CONNTRACK_BRIDGE_IN,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 127) 					 __IP_DEFRAG_CONNTRACK_BRIDGE_IN);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 128) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 129) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 130) /*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 131)  * Oops, a fragment queue timed out.  Kill it and send an ICMP reply.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 132)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 133) static void ip_expire(struct timer_list *t)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 134) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 135) 	struct inet_frag_queue *frag = from_timer(frag, t, timer);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 136) 	const struct iphdr *iph;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 137) 	struct sk_buff *head = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 138) 	struct net *net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 139) 	struct ipq *qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 140) 	int err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 141) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 142) 	qp = container_of(frag, struct ipq, q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 143) 	net = qp->q.fqdir->net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 144) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 145) 	rcu_read_lock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 146) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 147) 	/* Paired with WRITE_ONCE() in fqdir_pre_exit(). */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 148) 	if (READ_ONCE(qp->q.fqdir->dead))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 149) 		goto out_rcu_unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 150) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 151) 	spin_lock(&qp->q.lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 152) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 153) 	if (qp->q.flags & INET_FRAG_COMPLETE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 154) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 155) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 156) 	ipq_kill(qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 157) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMFAILS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 158) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMTIMEOUT);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 159) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 160) 	if (!(qp->q.flags & INET_FRAG_FIRST_IN))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 161) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 162) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 163) 	/* sk_buff::dev and sk_buff::rbnode are unionized. So we
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 164) 	 * pull the head out of the tree in order to be able to
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 165) 	 * deal with head->dev.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 166) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 167) 	head = inet_frag_pull_head(&qp->q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 168) 	if (!head)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 169) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 170) 	head->dev = dev_get_by_index_rcu(net, qp->iif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 171) 	if (!head->dev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 172) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 173) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 174) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 175) 	/* skb has no dst, perform route lookup again */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 176) 	iph = ip_hdr(head);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 177) 	err = ip_route_input_noref(head, iph->daddr, iph->saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 178) 					   iph->tos, head->dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 179) 	if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 180) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 181) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 182) 	/* Only an end host needs to send an ICMP
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 183) 	 * "Fragment Reassembly Timeout" message, per RFC792.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 184) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 185) 	if (frag_expire_skip_icmp(qp->q.key.v4.user) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 186) 	    (skb_rtable(head)->rt_type != RTN_LOCAL))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 187) 		goto out;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 188) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 189) 	spin_unlock(&qp->q.lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 190) 	icmp_send(head, ICMP_TIME_EXCEEDED, ICMP_EXC_FRAGTIME, 0);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 191) 	goto out_rcu_unlock;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 192) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 193) out:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 194) 	spin_unlock(&qp->q.lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 195) out_rcu_unlock:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 196) 	rcu_read_unlock();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 197) 	kfree_skb(head);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 198) 	ipq_put(qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 199) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 200) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 201) /* Find the correct entry in the "incomplete datagrams" queue for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 202)  * this IP datagram, and create new one, if nothing is found.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 203)  */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 204) static struct ipq *ip_find(struct net *net, struct iphdr *iph,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 205) 			   u32 user, int vif)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 206) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 207) 	struct frag_v4_compare_key key = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 208) 		.saddr = iph->saddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 209) 		.daddr = iph->daddr,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 210) 		.user = user,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 211) 		.vif = vif,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 212) 		.id = iph->id,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 213) 		.protocol = iph->protocol,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 214) 	};
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 215) 	struct inet_frag_queue *q;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 216) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 217) 	q = inet_frag_find(net->ipv4.fqdir, &key);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 218) 	if (!q)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 219) 		return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 220) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 221) 	return container_of(q, struct ipq, q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 222) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 223) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 224) /* Is the fragment too far ahead to be part of ipq? */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 225) static int ip_frag_too_far(struct ipq *qp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 226) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 227) 	struct inet_peer *peer = qp->peer;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 228) 	unsigned int max = qp->q.fqdir->max_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 229) 	unsigned int start, end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 230) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 231) 	int rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 232) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 233) 	if (!peer || !max)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 234) 		return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 235) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 236) 	start = qp->rid;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 237) 	end = atomic_inc_return(&peer->rid);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 238) 	qp->rid = end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 239) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 240) 	rc = qp->q.fragments_tail && (end - start) > max;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 241) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 242) 	if (rc)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 243) 		__IP_INC_STATS(qp->q.fqdir->net, IPSTATS_MIB_REASMFAILS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 244) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 245) 	return rc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 246) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 247) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 248) static int ip_frag_reinit(struct ipq *qp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 249) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 250) 	unsigned int sum_truesize = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 251) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 252) 	if (!mod_timer(&qp->q.timer, jiffies + qp->q.fqdir->timeout)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 253) 		refcount_inc(&qp->q.refcnt);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 254) 		return -ETIMEDOUT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 255) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 256) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 257) 	sum_truesize = inet_frag_rbtree_purge(&qp->q.rb_fragments);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 258) 	sub_frag_mem_limit(qp->q.fqdir, sum_truesize);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 259) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 260) 	qp->q.flags = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 261) 	qp->q.len = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 262) 	qp->q.meat = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 263) 	qp->q.rb_fragments = RB_ROOT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 264) 	qp->q.fragments_tail = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 265) 	qp->q.last_run_head = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 266) 	qp->iif = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 267) 	qp->ecn = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 268) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 269) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 270) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 271) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 272) /* Add new segment to existing queue. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 273) static int ip_frag_queue(struct ipq *qp, struct sk_buff *skb)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 274) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 275) 	struct net *net = qp->q.fqdir->net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 276) 	int ihl, end, flags, offset;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 277) 	struct sk_buff *prev_tail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 278) 	struct net_device *dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 279) 	unsigned int fragsize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 280) 	int err = -ENOENT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 281) 	u8 ecn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 282) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 283) 	if (qp->q.flags & INET_FRAG_COMPLETE)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 284) 		goto err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 285) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 286) 	if (!(IPCB(skb)->flags & IPSKB_FRAG_COMPLETE) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 287) 	    unlikely(ip_frag_too_far(qp)) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 288) 	    unlikely(err = ip_frag_reinit(qp))) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 289) 		ipq_kill(qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 290) 		goto err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 291) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 292) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 293) 	ecn = ip4_frag_ecn(ip_hdr(skb)->tos);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 294) 	offset = ntohs(ip_hdr(skb)->frag_off);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 295) 	flags = offset & ~IP_OFFSET;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 296) 	offset &= IP_OFFSET;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 297) 	offset <<= 3;		/* offset is in 8-byte chunks */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 298) 	ihl = ip_hdrlen(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 299) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 300) 	/* Determine the position of this fragment. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 301) 	end = offset + skb->len - skb_network_offset(skb) - ihl;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 302) 	err = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 303) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 304) 	/* Is this the final fragment? */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 305) 	if ((flags & IP_MF) == 0) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 306) 		/* If we already have some bits beyond end
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 307) 		 * or have different end, the segment is corrupted.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 308) 		 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 309) 		if (end < qp->q.len ||
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 310) 		    ((qp->q.flags & INET_FRAG_LAST_IN) && end != qp->q.len))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 311) 			goto discard_qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 312) 		qp->q.flags |= INET_FRAG_LAST_IN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 313) 		qp->q.len = end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 314) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 315) 		if (end&7) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 316) 			end &= ~7;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 317) 			if (skb->ip_summed != CHECKSUM_UNNECESSARY)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 318) 				skb->ip_summed = CHECKSUM_NONE;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 319) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 320) 		if (end > qp->q.len) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 321) 			/* Some bits beyond end -> corruption. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 322) 			if (qp->q.flags & INET_FRAG_LAST_IN)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 323) 				goto discard_qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 324) 			qp->q.len = end;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 325) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 326) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 327) 	if (end == offset)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 328) 		goto discard_qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 329) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 330) 	err = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 331) 	if (!pskb_pull(skb, skb_network_offset(skb) + ihl))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 332) 		goto discard_qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 333) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 334) 	err = pskb_trim_rcsum(skb, end - offset);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 335) 	if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 336) 		goto discard_qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 337) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 338) 	/* Note : skb->rbnode and skb->dev share the same location. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 339) 	dev = skb->dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 340) 	/* Makes sure compiler wont do silly aliasing games */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 341) 	barrier();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 342) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 343) 	prev_tail = qp->q.fragments_tail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 344) 	err = inet_frag_queue_insert(&qp->q, skb, offset, end);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 345) 	if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 346) 		goto insert_error;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 347) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 348) 	if (dev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 349) 		qp->iif = dev->ifindex;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 350) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 351) 	qp->q.stamp = skb->tstamp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 352) 	qp->q.meat += skb->len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 353) 	qp->ecn |= ecn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 354) 	add_frag_mem_limit(qp->q.fqdir, skb->truesize);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 355) 	if (offset == 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 356) 		qp->q.flags |= INET_FRAG_FIRST_IN;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 357) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 358) 	fragsize = skb->len + ihl;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 359) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 360) 	if (fragsize > qp->q.max_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 361) 		qp->q.max_size = fragsize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 362) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 363) 	if (ip_hdr(skb)->frag_off & htons(IP_DF) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 364) 	    fragsize > qp->max_df_size)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 365) 		qp->max_df_size = fragsize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 366) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 367) 	if (qp->q.flags == (INET_FRAG_FIRST_IN | INET_FRAG_LAST_IN) &&
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 368) 	    qp->q.meat == qp->q.len) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 369) 		unsigned long orefdst = skb->_skb_refdst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 370) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 371) 		skb->_skb_refdst = 0UL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 372) 		err = ip_frag_reasm(qp, skb, prev_tail, dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 373) 		skb->_skb_refdst = orefdst;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 374) 		if (err)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 375) 			inet_frag_kill(&qp->q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 376) 		return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 377) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 378) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 379) 	skb_dst_drop(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 380) 	return -EINPROGRESS;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 381) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 382) insert_error:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 383) 	if (err == IPFRAG_DUP) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 384) 		kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 385) 		return -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 386) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 387) 	err = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 388) 	__IP_INC_STATS(net, IPSTATS_MIB_REASM_OVERLAPS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 389) discard_qp:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 390) 	inet_frag_kill(&qp->q);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 391) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMFAILS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 392) err:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 393) 	kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 394) 	return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 395) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 396) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 397) static bool ip_frag_coalesce_ok(const struct ipq *qp)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 398) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 399) 	return qp->q.key.v4.user == IP_DEFRAG_LOCAL_DELIVER;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 400) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 401) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 402) /* Build a new IP datagram from all its fragments. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 403) static int ip_frag_reasm(struct ipq *qp, struct sk_buff *skb,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 404) 			 struct sk_buff *prev_tail, struct net_device *dev)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 405) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 406) 	struct net *net = qp->q.fqdir->net;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 407) 	struct iphdr *iph;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 408) 	void *reasm_data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 409) 	int len, err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 410) 	u8 ecn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 411) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 412) 	ipq_kill(qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 413) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 414) 	ecn = ip_frag_ecn_table[qp->ecn];
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 415) 	if (unlikely(ecn == 0xff)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 416) 		err = -EINVAL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 417) 		goto out_fail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 418) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 419) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 420) 	/* Make the one we just received the head. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 421) 	reasm_data = inet_frag_reasm_prepare(&qp->q, skb, prev_tail);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 422) 	if (!reasm_data)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 423) 		goto out_nomem;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 424) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 425) 	len = ip_hdrlen(skb) + qp->q.len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 426) 	err = -E2BIG;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 427) 	if (len > 65535)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 428) 		goto out_oversize;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 429) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 430) 	inet_frag_reasm_finish(&qp->q, skb, reasm_data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 431) 			       ip_frag_coalesce_ok(qp));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 432) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 433) 	skb->dev = dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 434) 	IPCB(skb)->frag_max_size = max(qp->max_df_size, qp->q.max_size);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 435) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 436) 	iph = ip_hdr(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 437) 	iph->tot_len = htons(len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 438) 	iph->tos |= ecn;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 439) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 440) 	/* When we set IP_DF on a refragmented skb we must also force a
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 441) 	 * call to ip_fragment to avoid forwarding a DF-skb of size s while
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 442) 	 * original sender only sent fragments of size f (where f < s).
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 443) 	 *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 444) 	 * We only set DF/IPSKB_FRAG_PMTU if such DF fragment was the largest
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 445) 	 * frag seen to avoid sending tiny DF-fragments in case skb was built
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 446) 	 * from one very small df-fragment and one large non-df frag.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 447) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 448) 	if (qp->max_df_size == qp->q.max_size) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 449) 		IPCB(skb)->flags |= IPSKB_FRAG_PMTU;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 450) 		iph->frag_off = htons(IP_DF);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 451) 	} else {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 452) 		iph->frag_off = 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 453) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 454) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 455) 	ip_send_check(iph);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 456) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 457) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMOKS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 458) 	qp->q.rb_fragments = RB_ROOT;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 459) 	qp->q.fragments_tail = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 460) 	qp->q.last_run_head = NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 461) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 462) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 463) out_nomem:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 464) 	net_dbg_ratelimited("queue_glue: no memory for gluing queue %p\n", qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 465) 	err = -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 466) 	goto out_fail;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 467) out_oversize:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 468) 	net_info_ratelimited("Oversized IP packet from %pI4\n", &qp->q.key.v4.saddr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 469) out_fail:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 470) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMFAILS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 471) 	return err;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 472) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 473) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 474) /* Process an incoming IP datagram fragment. */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 475) int ip_defrag(struct net *net, struct sk_buff *skb, u32 user)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 476) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 477) 	struct net_device *dev = skb->dev ? : skb_dst(skb)->dev;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 478) 	int vif = l3mdev_master_ifindex_rcu(dev);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 479) 	struct ipq *qp;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 480) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 481) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMREQDS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 482) 	skb_orphan(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 483) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 484) 	/* Lookup (or create) queue header */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 485) 	qp = ip_find(net, ip_hdr(skb), user, vif);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 486) 	if (qp) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 487) 		int ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 488) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 489) 		spin_lock(&qp->q.lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 490) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 491) 		ret = ip_frag_queue(qp, skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 492) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 493) 		spin_unlock(&qp->q.lock);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 494) 		ipq_put(qp);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 495) 		return ret;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 496) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 497) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 498) 	__IP_INC_STATS(net, IPSTATS_MIB_REASMFAILS);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 499) 	kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 500) 	return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 501) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 502) EXPORT_SYMBOL(ip_defrag);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 503) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 504) struct sk_buff *ip_check_defrag(struct net *net, struct sk_buff *skb, u32 user)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 505) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 506) 	struct iphdr iph;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 507) 	int netoff;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 508) 	u32 len;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 509) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 510) 	if (skb->protocol != htons(ETH_P_IP))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 511) 		return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 512) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 513) 	netoff = skb_network_offset(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 514) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 515) 	if (skb_copy_bits(skb, netoff, &iph, sizeof(iph)) < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 516) 		return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 517) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 518) 	if (iph.ihl < 5 || iph.version != 4)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 519) 		return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 520) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 521) 	len = ntohs(iph.tot_len);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 522) 	if (skb->len < netoff + len || len < (iph.ihl * 4))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 523) 		return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 524) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 525) 	if (ip_is_fragment(&iph)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 526) 		skb = skb_share_check(skb, GFP_ATOMIC);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 527) 		if (skb) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 528) 			if (!pskb_may_pull(skb, netoff + iph.ihl * 4)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 529) 				kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 530) 				return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 531) 			}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 532) 			if (pskb_trim_rcsum(skb, netoff + len)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 533) 				kfree_skb(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 534) 				return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 535) 			}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 536) 			memset(IPCB(skb), 0, sizeof(struct inet_skb_parm));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 537) 			if (ip_defrag(net, skb, user))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 538) 				return NULL;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 539) 			skb_clear_hash(skb);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 540) 		}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 541) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 542) 	return skb;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 543) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 544) EXPORT_SYMBOL(ip_check_defrag);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 545) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 546) #ifdef CONFIG_SYSCTL
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 547) static int dist_min;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 548) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 549) static struct ctl_table ip4_frags_ns_ctl_table[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 550) 	{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 551) 		.procname	= "ipfrag_high_thresh",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 552) 		.maxlen		= sizeof(unsigned long),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 553) 		.mode		= 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 554) 		.proc_handler	= proc_doulongvec_minmax,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 555) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 556) 	{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 557) 		.procname	= "ipfrag_low_thresh",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 558) 		.maxlen		= sizeof(unsigned long),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 559) 		.mode		= 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 560) 		.proc_handler	= proc_doulongvec_minmax,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 561) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 562) 	{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 563) 		.procname	= "ipfrag_time",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 564) 		.maxlen		= sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 565) 		.mode		= 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 566) 		.proc_handler	= proc_dointvec_jiffies,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 567) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 568) 	{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 569) 		.procname	= "ipfrag_max_dist",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 570) 		.maxlen		= sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 571) 		.mode		= 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 572) 		.proc_handler	= proc_dointvec_minmax,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 573) 		.extra1		= &dist_min,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 574) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 575) 	{ }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 576) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 577) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 578) /* secret interval has been deprecated */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 579) static int ip4_frags_secret_interval_unused;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 580) static struct ctl_table ip4_frags_ctl_table[] = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 581) 	{
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 582) 		.procname	= "ipfrag_secret_interval",
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 583) 		.data		= &ip4_frags_secret_interval_unused,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 584) 		.maxlen		= sizeof(int),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 585) 		.mode		= 0644,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 586) 		.proc_handler	= proc_dointvec_jiffies,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 587) 	},
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 588) 	{ }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 589) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 590) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 591) static int __net_init ip4_frags_ns_ctl_register(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 592) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 593) 	struct ctl_table *table;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 594) 	struct ctl_table_header *hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 595) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 596) 	table = ip4_frags_ns_ctl_table;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 597) 	if (!net_eq(net, &init_net)) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 598) 		table = kmemdup(table, sizeof(ip4_frags_ns_ctl_table), GFP_KERNEL);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 599) 		if (!table)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 600) 			goto err_alloc;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 601) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 602) 	}
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 603) 	table[0].data	= &net->ipv4.fqdir->high_thresh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 604) 	table[0].extra1	= &net->ipv4.fqdir->low_thresh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 605) 	table[1].data	= &net->ipv4.fqdir->low_thresh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 606) 	table[1].extra2	= &net->ipv4.fqdir->high_thresh;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 607) 	table[2].data	= &net->ipv4.fqdir->timeout;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 608) 	table[3].data	= &net->ipv4.fqdir->max_dist;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 609) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 610) 	hdr = register_net_sysctl(net, "net/ipv4", table);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 611) 	if (!hdr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 612) 		goto err_reg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 613) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 614) 	net->ipv4.frags_hdr = hdr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 615) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 616) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 617) err_reg:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 618) 	if (!net_eq(net, &init_net))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 619) 		kfree(table);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 620) err_alloc:
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 621) 	return -ENOMEM;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 622) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 623) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 624) static void __net_exit ip4_frags_ns_ctl_unregister(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 625) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 626) 	struct ctl_table *table;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 627) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 628) 	table = net->ipv4.frags_hdr->ctl_table_arg;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 629) 	unregister_net_sysctl_table(net->ipv4.frags_hdr);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 630) 	kfree(table);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 631) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 632) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 633) static void __init ip4_frags_ctl_register(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 634) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 635) 	register_net_sysctl(&init_net, "net/ipv4", ip4_frags_ctl_table);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 636) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 637) #else
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 638) static int ip4_frags_ns_ctl_register(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 639) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 640) 	return 0;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 641) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 642) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 643) static void ip4_frags_ns_ctl_unregister(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 644) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 645) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 646) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 647) static void __init ip4_frags_ctl_register(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 648) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 649) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 650) #endif
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 651) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 652) static int __net_init ipv4_frags_init_net(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 653) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 654) 	int res;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 655) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 656) 	res = fqdir_init(&net->ipv4.fqdir, &ip4_frags, net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 657) 	if (res < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 658) 		return res;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 659) 	/* Fragment cache limits.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 660) 	 *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 661) 	 * The fragment memory accounting code, (tries to) account for
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 662) 	 * the real memory usage, by measuring both the size of frag
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 663) 	 * queue struct (inet_frag_queue (ipv4:ipq/ipv6:frag_queue))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 664) 	 * and the SKB's truesize.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 665) 	 *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 666) 	 * A 64K fragment consumes 129736 bytes (44*2944)+200
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 667) 	 * (1500 truesize == 2944, sizeof(struct ipq) == 200)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 668) 	 *
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 669) 	 * We will commit 4MB at one time. Should we cross that limit
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 670) 	 * we will prune down to 3MB, making room for approx 8 big 64K
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 671) 	 * fragments 8x128k.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 672) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 673) 	net->ipv4.fqdir->high_thresh = 4 * 1024 * 1024;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 674) 	net->ipv4.fqdir->low_thresh  = 3 * 1024 * 1024;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 675) 	/*
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 676) 	 * Important NOTE! Fragment queue must be destroyed before MSL expires.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 677) 	 * RFC791 is wrong proposing to prolongate timer each fragment arrival
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 678) 	 * by TTL.
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 679) 	 */
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 680) 	net->ipv4.fqdir->timeout = IP_FRAG_TIME;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 681) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 682) 	net->ipv4.fqdir->max_dist = 64;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 683) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 684) 	res = ip4_frags_ns_ctl_register(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 685) 	if (res < 0)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 686) 		fqdir_exit(net->ipv4.fqdir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 687) 	return res;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 688) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 689) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 690) static void __net_exit ipv4_frags_pre_exit_net(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 691) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 692) 	fqdir_pre_exit(net->ipv4.fqdir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 693) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 694) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 695) static void __net_exit ipv4_frags_exit_net(struct net *net)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 696) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 697) 	ip4_frags_ns_ctl_unregister(net);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 698) 	fqdir_exit(net->ipv4.fqdir);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 699) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 700) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 701) static struct pernet_operations ip4_frags_ops = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 702) 	.init		= ipv4_frags_init_net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 703) 	.pre_exit	= ipv4_frags_pre_exit_net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 704) 	.exit		= ipv4_frags_exit_net,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 705) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 706) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 707) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 708) static u32 ip4_key_hashfn(const void *data, u32 len, u32 seed)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 709) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 710) 	return jhash2(data,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 711) 		      sizeof(struct frag_v4_compare_key) / sizeof(u32), seed);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 712) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 713) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 714) static u32 ip4_obj_hashfn(const void *data, u32 len, u32 seed)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 715) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 716) 	const struct inet_frag_queue *fq = data;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 717) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 718) 	return jhash2((const u32 *)&fq->key.v4,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 719) 		      sizeof(struct frag_v4_compare_key) / sizeof(u32), seed);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 720) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 721) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 722) static int ip4_obj_cmpfn(struct rhashtable_compare_arg *arg, const void *ptr)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 723) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 724) 	const struct frag_v4_compare_key *key = arg->key;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 725) 	const struct inet_frag_queue *fq = ptr;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 726) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 727) 	return !!memcmp(&fq->key, key, sizeof(*key));
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 728) }
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 729) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 730) static const struct rhashtable_params ip4_rhash_params = {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 731) 	.head_offset		= offsetof(struct inet_frag_queue, node),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 732) 	.key_offset		= offsetof(struct inet_frag_queue, key),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 733) 	.key_len		= sizeof(struct frag_v4_compare_key),
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 734) 	.hashfn			= ip4_key_hashfn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 735) 	.obj_hashfn		= ip4_obj_hashfn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 736) 	.obj_cmpfn		= ip4_obj_cmpfn,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 737) 	.automatic_shrinking	= true,
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 738) };
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 739) 
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 740) void __init ipfrag_init(void)
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 741) {
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 742) 	ip4_frags.constructor = ip4_frag_init;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 743) 	ip4_frags.destructor = ip4_frag_free;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 744) 	ip4_frags.qsize = sizeof(struct ipq);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 745) 	ip4_frags.frag_expire = ip_expire;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 746) 	ip4_frags.frags_cache_name = ip_frag_cache_name;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 747) 	ip4_frags.rhash_params = ip4_rhash_params;
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 748) 	if (inet_frags_init(&ip4_frags))
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 749) 		panic("IP: failed to allocate ip4_frags cache\n");
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 750) 	ip4_frags_ctl_register();
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 751) 	register_pernet_subsys(&ip4_frags_ops);
^8f3ce5b39 (kx 2023-10-28 12:00:06 +0300 752) }
cGit-ui 0.1.7
Git 2.40.0
Nginx 1.22.1

Where any material of this site is being reproduced, published or issued to others the reference to the source is obligatory.

© Andrey V. Kosteltsev, 2019 – 2025.