2005-04-17 02:20:36 +04:00
/*
* INETPEER - A storage for permanent information about peers
*
* Authors : Andrey V . Savochkin < saw @ msu . ru >
*/
# ifndef _NET_INETPEER_H
# define _NET_INETPEER_H
# include <linux/types.h>
# include <linux/init.h>
# include <linux/jiffies.h>
# include <linux/spinlock.h>
2011-01-27 07:55:53 +03:00
# include <linux/rtnetlink.h>
2010-11-30 23:20:00 +03:00
# include <net/ipv6.h>
2011-07-27 03:09:06 +04:00
# include <linux/atomic.h>
2005-04-17 02:20:36 +04:00
2015-08-28 02:07:03 +03:00
/* IPv4 address key for cache lookups */
struct ipv4_addr_key {
__be32 addr ;
int vif ;
} ;
2015-08-28 02:07:02 +03:00
# define INETPEER_MAXKEYSZ (sizeof(struct in6_addr) / sizeof(u32))
struct inetpeer_addr {
2010-11-30 22:53:55 +03:00
union {
2015-08-28 02:07:03 +03:00
struct ipv4_addr_key a4 ;
2015-08-28 02:07:02 +03:00
struct in6_addr a6 ;
u32 key [ INETPEER_MAXKEYSZ ] ;
2010-11-30 22:53:55 +03:00
} ;
2011-02-10 01:30:26 +03:00
__u16 family ;
2010-12-02 04:28:18 +03:00
} ;
2010-11-30 22:53:55 +03:00
2009-11-03 06:26:03 +03:00
struct inet_peer {
2017-07-17 12:56:10 +03:00
struct rb_node rb_node ;
2010-12-02 04:28:18 +03:00
struct inetpeer_addr daddr ;
2011-06-09 10:31:27 +04:00
u32 metrics [ RTAX_MAX ] ;
u32 rate_tokens ; /* rate limiting for ICMP */
unsigned long rate_last ;
2010-06-16 08:52:13 +04:00
/*
2017-06-30 13:07:54 +03:00
* Once inet_peer is queued for deletion ( refcnt = = 0 ) , following field
inetpeer: get rid of ip_id_count
Ideally, we would need to generate IP ID using a per destination IP
generator.
linux kernels used inet_peer cache for this purpose, but this had a huge
cost on servers disabling MTU discovery.
1) each inet_peer struct consumes 192 bytes
2) inetpeer cache uses a binary tree of inet_peer structs,
with a nominal size of ~66000 elements under load.
3) lookups in this tree are hitting a lot of cache lines, as tree depth
is about 20.
4) If server deals with many tcp flows, we have a high probability of
not finding the inet_peer, allocating a fresh one, inserting it in
the tree with same initial ip_id_count, (cf secure_ip_id())
5) We garbage collect inet_peer aggressively.
IP ID generation do not have to be 'perfect'
Goal is trying to avoid duplicates in a short period of time,
so that reassembly units have a chance to complete reassembly of
fragments belonging to one message before receiving other fragments
with a recycled ID.
We simply use an array of generators, and a Jenkin hash using the dst IP
as a key.
ipv6_select_ident() is put back into net/ipv6/ip6_output.c where it
belongs (it is only used from this file)
secure_ip_id() and secure_ipv6_id() no longer are needed.
Rename ip_select_ident_more() to ip_select_ident_segs() to avoid
unnecessary decrement/increment of the number of segments.
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2014-06-02 16:26:03 +04:00
* is not available : rid
2011-01-27 07:55:53 +03:00
* We can share memory with rcu_head to help keep inet_peer small .
2010-06-16 08:52:13 +04:00
*/
union {
struct {
2011-02-10 02:36:47 +03:00
atomic_t rid ; /* Frag reception counter */
2010-06-16 08:52:13 +04:00
} ;
struct rcu_head rcu ;
} ;
2011-06-09 10:31:27 +04:00
/* following fields might be frequently dirtied */
__u32 dtime ; /* the time of last use of not referenced entries */
2017-06-30 13:07:54 +03:00
refcount_t refcnt ;
2005-04-17 02:20:36 +04:00
} ;
2012-06-10 03:27:05 +04:00
struct inet_peer_base {
2017-07-17 12:56:10 +03:00
struct rb_root rb_root ;
2012-06-10 03:27:05 +04:00
seqlock_t lock ;
int total ;
} ;
2013-09-21 21:22:41 +04:00
void inet_peer_base_init ( struct inet_peer_base * ) ;
2012-06-10 03:27:05 +04:00
2013-09-21 21:22:41 +04:00
void inet_initpeers ( void ) __init ;
2005-04-17 02:20:36 +04:00
2011-01-28 00:52:16 +03:00
# define INETPEER_METRICS_NEW (~(u32) 0)
2015-08-28 02:07:00 +03:00
static inline void inetpeer_set_addr_v4 ( struct inetpeer_addr * iaddr , __be32 ip )
{
2015-08-28 02:07:03 +03:00
iaddr - > a4 . addr = ip ;
2015-12-16 07:56:44 +03:00
iaddr - > a4 . vif = 0 ;
2015-08-28 02:07:00 +03:00
iaddr - > family = AF_INET ;
}
static inline __be32 inetpeer_get_addr_v4 ( struct inetpeer_addr * iaddr )
{
2015-08-28 02:07:03 +03:00
return iaddr - > a4 . addr ;
2015-08-28 02:07:00 +03:00
}
static inline void inetpeer_set_addr_v6 ( struct inetpeer_addr * iaddr ,
struct in6_addr * in6 )
{
2015-08-28 02:07:02 +03:00
iaddr - > a6 = * in6 ;
2015-08-28 02:07:00 +03:00
iaddr - > family = AF_INET6 ;
}
static inline struct in6_addr * inetpeer_get_addr_v6 ( struct inetpeer_addr * iaddr )
{
2015-08-28 02:07:02 +03:00
return & iaddr - > a6 ;
2015-08-28 02:07:00 +03:00
}
2005-04-17 02:20:36 +04:00
/* can be called with or without local BH being disabled */
2012-06-10 06:12:36 +04:00
struct inet_peer * inet_getpeer ( struct inet_peer_base * base ,
2012-06-08 05:20:41 +04:00
const struct inetpeer_addr * daddr ,
int create ) ;
2010-11-30 22:54:19 +03:00
2012-06-10 06:12:36 +04:00
static inline struct inet_peer * inet_getpeer_v4 ( struct inet_peer_base * base ,
2012-06-08 05:21:40 +04:00
__be32 v4daddr ,
2015-08-28 02:07:03 +03:00
int vif , int create )
2010-11-30 22:54:19 +03:00
{
2010-12-02 04:28:18 +03:00
struct inetpeer_addr daddr ;
2010-11-30 22:54:19 +03:00
2015-08-28 02:07:03 +03:00
daddr . a4 . addr = v4daddr ;
daddr . a4 . vif = vif ;
2010-11-30 22:54:19 +03:00
daddr . family = AF_INET ;
2012-06-10 06:12:36 +04:00
return inet_getpeer ( base , & daddr , create ) ;
2010-11-30 22:54:19 +03:00
}
2005-04-17 02:20:36 +04:00
2012-06-10 06:12:36 +04:00
static inline struct inet_peer * inet_getpeer_v6 ( struct inet_peer_base * base ,
2012-06-08 05:21:40 +04:00
const struct in6_addr * v6daddr ,
int create )
2010-11-30 23:20:00 +03:00
{
2010-12-02 04:28:18 +03:00
struct inetpeer_addr daddr ;
2010-11-30 23:20:00 +03:00
2015-08-28 02:07:02 +03:00
daddr . a6 = * v6daddr ;
2010-11-30 23:20:00 +03:00
daddr . family = AF_INET6 ;
2012-06-10 06:12:36 +04:00
return inet_getpeer ( base , & daddr , create ) ;
2010-11-30 23:20:00 +03:00
}
2015-08-28 02:07:01 +03:00
static inline int inetpeer_addr_cmp ( const struct inetpeer_addr * a ,
const struct inetpeer_addr * b )
{
2015-08-28 02:07:02 +03:00
int i , n ;
if ( a - > family = = AF_INET )
n = sizeof ( a - > a4 ) / sizeof ( u32 ) ;
else
n = sizeof ( a - > a6 ) / sizeof ( u32 ) ;
2015-08-28 02:07:01 +03:00
for ( i = 0 ; i < n ; i + + ) {
2015-08-28 02:07:02 +03:00
if ( a - > key [ i ] = = b - > key [ i ] )
2015-08-28 02:07:01 +03:00
continue ;
2015-08-28 02:07:02 +03:00
if ( a - > key [ i ] < b - > key [ i ] )
2015-08-28 02:07:01 +03:00
return - 1 ;
return 1 ;
}
return 0 ;
}
2005-04-17 02:20:36 +04:00
/* can be called from BH context or outside */
2013-09-21 21:22:41 +04:00
void inet_putpeer ( struct inet_peer * p ) ;
bool inet_peer_xrlim_allow ( struct inet_peer * peer , int timeout ) ;
2005-04-17 02:20:36 +04:00
2013-09-21 21:22:41 +04:00
void inetpeer_invalidate_tree ( struct inet_peer_base * ) ;
2012-03-07 01:20:26 +04:00
2005-04-17 02:20:36 +04:00
# endif /* _NET_INETPEER_H */